VMware Cloud on AWS Logical Design
1
AWS Management Console Internet • The Compute Cluster contains the virtual machines to be migrated • The Management Cluster will host the VMware HCX Service Mesh appliances • VMware HCX requires connectivity between the on-premises datacenter and VMware Cloud on AWS for workload mobility Network • NSX-T • NSX-V • Virtual Distributed Switch • Virtual Standard Switch (Migration only) Storage • vSAN • VMFS • Fiber Channel • NFS • iSCSI AWS Transit Gateway (AWS Region B) On-premises Datacenter Location: Dallas, Texas VMware HCX Service Mesh Appliances VMware HCX Service Mesh Appliances are auto deployed to the destination when configured from the source site. Direct Connect for Workload Mobility VMware Cloud on AWS Logical Design Copyright © 2021 VMware Inc. All rights reserved. VMware Transit Connect (AWS Region A) Direct Connect Amazon Web Services AWS VPC 01 VPC Router Elastic Network Interface (ENI) Direct Connect Gateway 6 2 3 7 5 1 AWS VPC 02 VPC Router Elastic Network Interface (ENI) 8 Elastic Network Interface (ENI) Internet Gateway Customer Connected VPC Native Amazon Web Services Identity and Access Management AWS Systems Manager SageMaker (Machine Learning) Elastic Compute Cloud (EC2) Virtual Gateway VPC Router e a Management Cluster (vSphere 6.x, 7.x Supported by VMware HCX) Plugin Registration Connector Backup Server DHCP vCenter Server Appliance Active Directory DNS VMware HCX Initiators WO IX NE Compute Cluster (vSphere 6.x, 7.x Supported by VMware HCX) WEB APP APP APP APP APP DB DB WEB b Interconnect Appliances (Suite B Encryption) WAN Optimization Appliances Network Extension Appliances (Suite B Encryption) d VMware HCX Managers (Logical) Site Pairing c Internet Gateway Virtual Gateway Edge Router (NSX-T T0 Router) VMware Cloud on AWS -- SDDC - 01 Compute Resource Pool Workloads Segments Created by Customer and Attached to Compute Gateway DB WEB DB WEB APP APP Management Resource Pool Supported CIDR Prefixes /23 - /16 vCenter Server Appliance NSX Receivers NE Plugin Registration Cloud WO IX VMware HCX Management Gateway (NSX-T T1 Router) Compute Gateway (NSX-T T1 Router) vSAN Per Host (i3) 10.37 TB NVMe – Data 3.4 TB NVMe – Cache Cluster-1 Auto-Deployed Initial 3 Node Deployment Max 16 Nodes per Cluster Cluster-N Optional Max 20 Clusters Per SDDC [25 Gbps Throughput per ESXi Node] Internet Gateway Virtual Gateway Edge Router (NSX-T T0 Router) VMware Cloud on AWS -- SDDC - 02 Compute Resource Pool Workloads Segments Created by Customer and Attached to Compute Gateway DB WEB DB WEB APP APP Management Resource Pool Supported CIDR Prefixes /23 - /16 vCenter Server Appliance NSX Receivers Plugin Registration Cloud VMware HCX NE WO IX Management Gateway (NSX-T T1 Router) Compute Gateway (NSX-T T1 Router) vSAN Per Host (i3en) 45.8 TB NVMe – Data 14.2 TB NVMe – Cache Cluster-1 Auto-Deployed Initial 3 Node Deployment Max 16 Nodes per Cluster Cluster-N Optional Max 20 Clusters Per SDDC [25 Gbps Throughput per ESXi Node] VMware Cloud on AWS SDDC Group VMware HCX Service Activation & Entitlement: connect.hcx.vmware.com VMware HCX Updates: hybridity-depot.vmware.com Network Connectivity Options Use the public Internet Use Direct Connect that connects directly to the virtual gateway in the VMware Cloud on AWS SDDC Use VMware Transit Connect through a Direct Connect Gateway On-Prem < -- > VMware Cloud on AWS SDDC Use VMware Transit Connect VMware Cloud on AWS SDDC < -- > VMware Cloud on AWS SDDC Use direct connection through ENI VMware Cloud on AWS SDDC < -- > Connected VPC Use AWS Transit Gateway through the VMware Transit Connect (Note: only for inter-region connectivity) VMware Cloud on AWS SDDC < -- > Native AWS VPC Use AWS Transit Gateway Native AWS VPC < -- > Native AWS VPC 1 2 3 Use VPN (Note: For HCX services, the VPN must not terminate on the NSX Edge in the VMware Cloud on AWS SDDC) 4 5 6 7 8 Workload Migration Steps Using VMware HCX a Enable the VMware HCX service in VMware Cloud on AWS. • Decide on using public or private IP for VMware HCX in VMware Cloud on AWS. • Configure appropriate firewall rules according to the VMware HCX Networking and Port requirements. b Deploy and configure an HCX Connector in the on-premises vSphere environment. c From the on-premises HCX Connector, create an HCX site-pair with HCX Cloud deployed in the VMware Cloud on AWS SDDC. • Configure HCX Network and Compute profiles to provide details for the HCX appliances. • Create an HCX Service Mesh. This will automatically deploy the corresponding appliances in both on-premises and VMware Cloud on AWS SDDC. d Extend virtual machine networks with VMware HCX and use Bulk, vMotion, Cold Migration to migrate workloads from on-premises to VMware Cloud on AWS. e With VMware workloads migrated to the cloud, customer has direct access to other native AWS services. Legend Customer Managed Content Library VMware Managed VMware Managed VMware HCX Service AWS Direct Connect Internet Connection Workload Traffic vSAN Network Management & vMotion Network Try VMware Cloud on AWS with VMware Hands-On-Labs Customer Edge Device VPN 4 https://www.vmware.com/products/vmc-on-aws.html @phoebesykim
Transcript of VMware Cloud on AWS Logical Design
AWS Management ConsoleInternet
• The Compute Cluster contains the virtual machines to be migrated• The Management Cluster will host the VMware HCX Service Mesh appliances• VMware HCX requires connectivity between the on-premises datacenter and VMware Cloud on AWS for workload mobility
Network
• NSX-T
• NSX-V
• Virtual Distributed Switch
• Virtual Standard Switch (Migration only)
Storage
• vSAN
• VMFS
• Fiber Channel
• NFS
• iSCSI
AWS Transit Gateway(AWS Region B)
On-premises DatacenterLocation: Dallas, Texas
VMware HCX Service Mesh AppliancesVMware HCX Service Mesh Appliances are auto deployedto the destination when configured from the source site.
Direct Connect
for Workload MobilityVMware Cloud on AWS Logical Design
Copyright © 2021 VMware Inc. All rights reserved.
VMware Transit Connect(AWS Region A)
Direct Connect
Amazon Web Services
AWS VPC 01
VPC Router Elastic NetworkInterface (ENI)
Direct ConnectGateway 6
2
37
5
1
AWS VPC 02
VPC RouterElastic NetworkInterface (ENI)
8
Elastic Network Interface (ENI)Internet Gateway
Customer ConnectedVPC
Native Amazon Web Services
Identity and Access Management
AWS SystemsManager
SageMaker(Machine Learning)
Elastic ComputeCloud (EC2)
Virtual Gateway
VPC Router
e
a
Management Cluster(vSphere 6.x, 7.x Supported byVMware HCX)
Plugin Registration
Connector
BackupServer DHCP
vCenterServer
Appliance
ActiveDirectoryDNS VMware
HCX
Initiators
WO IX NE
Compute Cluster(vSphere 6.x, 7.x Supported byVMware HCX)
WEB APP
APP
APP
APP
APP
DB
DB WEB
b
Interconnect Appliances(Suite B Encryption)
WAN Optimization Appliances
Network Extension Appliances(Suite B Encryption)
d
VMware HCX Managers(Logical) Site Pairingc
Internet Gateway Virtual Gateway
Edge Router(NSX-T T0 Router)
VMware Cloud on AWS -- SDDC - 01
ComputeResource Pool
Workloads Segments Created by Customerand Attached to Compute Gateway
DB WEB
DB WEB APP
APP
ManagementResource PoolSupported CIDR Prefixes /23 - /16
vCenterServer
ApplianceNSX
Receivers
NE
Plugin Registration
Cloud
WOIX
VMwareHCX
Management Gateway(NSX-T T1 Router)
Compute Gateway(NSX-T T1 Router)
vSANPer Host (i3)
10.37 TB NVMe – Data3.4 TB NVMe – Cache
Cluster-1Auto-Deployed
Initial 3 Node DeploymentMax 16 Nodes per Cluster
Cluster-NOptional
Max 20 Clusters Per SDDC[25 Gbps Throughput perESXi Node]
Internet Gateway Virtual Gateway
Edge Router(NSX-T T0 Router)
VMware Cloud on AWS -- SDDC - 02
ComputeResource Pool
Workloads Segments Created by Customerand Attached to Compute Gateway
DB WEB
DB WEB APP
APP
ManagementResource PoolSupported CIDR Prefixes /23 - /16
vCenterServer
ApplianceNSX
ReceiversPlugin Registration
Cloud
VMwareHCX
NE WOIX
Management Gateway(NSX-T T1 Router)
Compute Gateway(NSX-T T1 Router)
vSANPer Host (i3en)
45.8 TB NVMe – Data14.2 TB NVMe – Cache
Cluster-1Auto-Deployed
Initial 3 Node DeploymentMax 16 Nodes per Cluster
Cluster-NOptional
Max 20 Clusters Per SDDC[25 Gbps Throughput perESXi Node]
VMware Cloud on AWS SDDC Group
VMware HCX ServiceActivation & Entitlement: connect.hcx.vmware.com
VMware HCX Updates:hybridity-depot.vmware.com
Network Connectivity Options
Use the public Internet
Use Direct Connect that connectsdirectly to the virtual gateway in theVMware Cloud on AWS SDDC
Use VMware Transit Connect througha Direct Connect Gateway
On-Prem < -- > VMware Cloud on AWS SDDC
Use VMware Transit Connect
VMware Cloud on AWS SDDC < -- >VMware Cloud on AWS SDDC
Use direct connection through ENI
VMware Cloud on AWS SDDC < -- >Connected VPC
Use AWS Transit Gateway throughthe VMware Transit Connect (Note: only for inter-region connectivity)
VMware Cloud on AWS SDDC < -- >Native AWS VPC
Use AWS Transit Gateway
Native AWS VPC < -- > Native AWS VPC
1
2
3
Use VPN (Note: For HCX services, theVPN must not terminate on the NSX Edgein the VMware Cloud on AWS SDDC)
4
5
6
7
8
Workload Migration Steps Using VMware HCX
a Enable the VMware HCX service in VMware Cloud on AWS.• Decide on using public or private IP for VMware HCX in VMware Cloud on AWS.
• Configure appropriate firewall rules according to the VMware HCX Networking and Port requirements.
b Deploy and configure an HCX Connectorin the on-premises vSphere environment.
c From the on-premises HCX Connector, create an HCX site-pair with HCX Cloud deployed in the VMware Cloud on AWS SDDC.• Configure HCX Network and Compute profiles to provide details for the HCX appliances.• Create an HCX Service Mesh. This will automatically deploy the corresponding appliances in both on-premises and VMware Cloud on AWS SDDC.
d Extend virtual machine networks withVMware HCX and use Bulk, vMotion, ColdMigration to migrate workloads fromon-premises to VMware Cloud on AWS.
e With VMware workloads migratedto the cloud, customer has directaccess to other native AWS services.
Legend
Customer Managed
Content Library
VMware Managed
VMware ManagedVMware HCX Service
AWS Direct Connect
Internet Connection
Workload Traffic
vSAN Network
Management &vMotion Network
Try VMware Cloud on AWS with VMware Hands-On-Labs
Customer Edge Device
VPN
4
https://www.vmware.com/products/vmc-on-aws.html @phoebesykim
