All Work
Private Cloud VMware Banking

VMware Platform at Scale — 300+ Hosts, 4,000+ VMs

Designing and operating a multi-site private cloud for one of Saudi Arabia's largest financial institutions — from initial vSphere buildout to full NSX-T micro-segmentation, VMware Cloud Director multi-tenancy, and SRM-based DR.

Client Alrajhi Bank
Period Nov 2021 – Aug 2024
Role Specialist IT Virtualisation
Scale 300+ ESXi · 4,000+ VMs

Outcomes

300+
ESXi hosts managed across primary and DR sites
4K+
Virtual machines across production workloads
99.9%
Platform availability maintained across tenure

Context

Alrajhi Bank operates one of the largest private cloud environments in the Kingdom. The infrastructure supports core banking systems, internal applications, subsidiaries, all with strict regulatory and availability requirements.

My role covered the full virtualisation stack: day-to-day operations, capacity planning, architecture reviews, new deployments, and incident response. The environment ran across a primary Riyadh DC and a DR site with automated failover via SRM.

Platform Architecture

Multi-site VMware private cloud with NSX-T overlay and SRM-based disaster recovery

PRIMARY DC — RIYADH vCenter vSphere 7 / 8 vRealize Ops Monitoring & Capacity ESXI CLUSTER (300+ HOSTS) VxRail vSAN ESXi Standalone ESXi Standalone ··· NSX-T OVERLAY Logical Routing · Distributed Firewall Micro-segmentation across Production + DMZ zones VMware CLOUD DIRECTOR Provider VDCs Org VDCs (subsidiaries) Self-service portal SITE RECOVERY MGR DR Orchestration Failover Automation Regular DR drills vSphere Replication RPO / RTO validated NSX-T Stretch DR SITE — RIYADH vCenter (DR) Linked Mode SRM (DR) Recovery Plans DR ESXI CLUSTER VxRail vSAN ESXi Standalone ··· NSX-T (DR) Policy mirrored from Primary Activated on failover RECOVERY POSTURE Automated failover via SRM recovery plans Quarterly DR drills with documented RTO/RPO Core banking systems prioritised in recovery order

Approach

The work fell into three broad areas:

  • Platform Operations: Managing vSphere clusters, patching cycles, capacity tracking, and hardware lifecycle across VxRail nodes and standalone hosts. Introduced standardised runbooks to reduce MTTR for common incidents.
  • Network Virtualisation (NSX-T): Designing and maintaining micro-segmentation policies, logical routing, and distributed firewall rules across production and DMZ zones. Worked closely with network security teams to align policies with regulatory requirements.
  • Multi-tenancy (VMware Cloud Director): Configuring and managing VCD for subsidiary environments — provider VDCs, organisation VDCs, and vApp-level isolation — enabling self-service within guardrails.

SRM was used for DR orchestration, with regular DR drills to validate RPO/RTO commitments across primary and secondary sites.

Technology Stack

vSphere 7 / 8 NSX-T VMware Cloud Director Site Recovery Manager vSAN VxRail vCenter vRealize Operations
All Case Studies Next: OCI at Banque Misr