Recent updates
-
Lab 02 - Working with your SDDC
Updated onArticleIn this lab, we will look at the basic SDDC operations you can perform to begin consumption of your cloud resources in VMC on AWS. We will perform the following:
- Create and configure network segments for our application(s)
- Configure Firewall rules to allow remote access to vCenter
- Deploy your 1st Virtual Machines in VMC on AWS
VMC on AWS Labs Day 1
-
Lab 03 - SDDC Networking & Native AWS Integration
Updated onArticleOne of the most compelling reasons to adopt VMware Cloud on AWS is to integrate your existing systems which sit in your VMware Cloud environment, with application platforms that reside in your AWS Virtual Private Cloud (VPC) environment. The integration which VMware and AWS have created allows for these services to communicate, for free, across a private network address space for services such as EC2 instances, which connect into subnets within a native AWS VPC, or with platform services that have the ability to connect to a VPC Endpoint, such as S3 Storage.
VMC on AWS Labs Day 1
-
L08 - SDDC Migration with HCX - Configure HCX Connect & Service Mesh
Updated onArticleVMware Cloud on AWS provides a reliable, elastic, and highly scalable solution for customers who want to extend their workloads into the cloud.
However, when it comes to migration or bi-directional workload mobility, software and network incompatibilities between on-premises and cloud environments can complicate your migration process.
VMware Hybrid Cloud Extension (HCX) helps overcome those challenges by building an abstraction layer on top of existing site-specific implementations, allowing you to extend their networks and environments to the cloud seamlessly without the need for extensive reconfiguration and upgrades.
Here are some key benefits of HCX:
- Ability to migrate workloads across different versions of vSphere (6.0 or later).
- WAN optimization, compression, and de-duplication enable high throughput for faster migrations.
- Network extension enables stretching layer 2 networks between on-premises and VMware Cloud on AWS without the need for complex network reconfiguration. Virtual machines (VM) can be moved between on-premises and cloud environments with no need the change or re-assign IP addresses.
HCX is a software-as-a-service (SaaS) offering, available at no extra cost for VMware Cloud on AWS customers.
The HCX solution is built out of several component services, each supporting a specific function within the overall solution.
- HCX Enterprise Manager: System management component on the on-premises side, which is always deployed as “source.”
- HCX Cloud Manager: System management component on the cloud side and is always deployed as “destination.”
- HCX-IX Interconnect Appliance: Provides replication and vMotion-based migration capabilities.
- HCX WAN Optimization Service: Provides improved network performance by using techniques such as de-duplication and compression to help speed up migrations.
- HCX Network Extension Service: Provides layer 2 extension capabilities, enabling VMs to migrate between on-premises and cloud without the need to re-IP.
VMC on AWS Labs Day 3
-
L08 - SDDC Migration with HCX (Part 2)
Updated onArticleVMware Cloud on AWS provides a reliable, elastic, and highly scalable solution for customers who want to extend their workloads into the cloud.
However, when it comes to migration or bi-directional workload mobility, software and network incompatibilities between on-premises and cloud environments can complicate your migration process.
VMware Hybrid Cloud Extension (HCX) helps overcome those challenges by building an abstraction layer on top of existing site-specific implementations, allowing you to extend their networks and environments to the cloud seamlessly without the need for extensive reconfiguration and upgrades.
Here are some key benefits of HCX:
- Ability to migrate workloads across different versions of vSphere (5.0 or later).
- WAN optimization, compression, and de-duplication enable high throughput for faster migrations.
- Network extension enables stretching layer 2 networks between on-premises and VMware Cloud on AWS without the need for complex network reconfiguration. Virtual machines (VM) can be moved between on-premises and cloud environments with no need the change or re-assign IP addresses.
HCX is a software-as-a-service (SaaS) offering, available at no extra cost for VMware Cloud on AWS customers.
The HCX solution is built out of several component services, each supporting a specific function within the overall solution.
- HCX Enterprise Manager: System management component on the on-premises side, which is always deployed as “source.”
- HCX Cloud Manager: System management component on the cloud side and is always deployed as “destination.”
- HCX-IX Interconnect Appliance: Provides replication and vMotion-based migration capabilities.
- HCX WAN Optimization Service: Provides improved network performance by using techniques such as de-duplication and compression to help speed up migrations.
- HCX Network Extension Service: Provides layer 2 extension capabilities, enabling VMs to migrate between on-premises and cloud without the need to re-IP.
VMC on AWS Labs Day 3
-
L08 - SDDC Migration with HCX - Deploy HCX Cloud (Part-1)
Updated onArticleVMware Cloud on AWS provides a reliable, elastic, and highly scalable solution for customers who want to extend their workloads into the cloud.
However, when it comes to migration or bi-directional workload mobility, software and network incompatibilities between on-premises and cloud environments can complicate your migration process.
VMware Hybrid Cloud Extension (HCX) helps overcome those challenges by building an abstraction layer on top of existing site-specific implementations, allowing you to extend their networks and environments to the cloud seamlessly without the need for extensive reconfiguration and upgrades.
Here are some key benefits of HCX:
- Ability to migrate workloads across different versions of vSphere (6.0 or later).
- WAN optimization, compression, and de-duplication enable high throughput for faster migrations.
- Network extension enables stretching layer 2 networks between on-premises and VMware Cloud on AWS without the need for complex network reconfiguration. Virtual machines (VM) can be moved between on-premises and cloud environments with no need the change or re-assign IP addresses.
HCX is a software-as-a-service (SaaS) offering, available at no extra cost for VMware Cloud on AWS customers.
The HCX solution is built out of several component services, each supporting a specific function within the overall solution.
- HCX Enterprise Manager: System management component on the on-premises side, which is always deployed as “source.”
- HCX Cloud Manager: System management component on the cloud side and is always deployed as “destination.”
- HCX-IX Interconnect Appliance: Provides replication and vMotion-based migration capabilities.
- HCX WAN Optimization Service: Provides improved network performance by using techniques such as de-duplication and compression to help speed up migrations.
- HCX Network Extension Service: Provides layer 2 extension capabilities, enabling VMs to migrate between on-premises and cloud without the need to re-IP.
VMC on AWS Labs Day 3
-
Lab 04 - On-Premises integration with VMC on AWS
Updated onArticleVMware Cloud on AWS enables customers to have a hybrid cloud platform by running their VMware workloads in the cloud while having seamless connectivity to on-premises and Amazon Web Services (AWS) native services.
Customers can use their existing AWS Direct Connect (DX) or Virtual Private Network (VPN) solutions to connect to their VMware Software-Defined Data Center (SDDC) clusters.
VMware Cloud on AWS uses NSX to control access to this network as part of the SDDC management model, and limits access to only remote traffic required to support features like cross-cluster vMotion. On the top of the underlay, NSX builds overlay networks for logical VMware connectivity. Each SDDC has two types of overlay networks:
- Appliance Subnet used to provide connectivity to SDDC management components like vCenter. This network is created during cluster provisioning with a carved out network range from the Infrastructure or Management subnet. Customers can optionally specify the network range of the Management subnet during cluster creation for the purpose of avoiding conflicts with other networks that will need to connect to the SDDC. Access to this network is controlled by the NSX Management Gateway (MGW) through firewall rules and IPsec tunnels.
- One or more customer-managed logical networks for VM traffic. Those can be either routed locally within the cluster or stretched from remote on-premises clusters with remote gateway for L3 routing. Access to this network is controlled by the NSX Compute Gateway (CGW) through firewall rules and IPsec capabilities to enable customers to connect securely to their remote workloads and the Internet.
VMC on AWS Labs Day 2
-
Lab 05 - Lab – Hybrid Linked Mode
Updated onArticleHybrid Linked Mode allows you to link your VMware Cloud on AWS vCenter Server instance with an on-premises vCenter Single Sign-On domain.
If you link your cloud vCenter Server to a domain that contains multiple vCenter Server instances linked using Enhanced Linked Mode, all of those instances are linked to your cloud SDDC.
Using Hybrid Linked Mode, you can:
- View and manage the inventories of both your on-premises and VMware Cloud on AWS Datacenters from a single vSphere Client interface, accessed using your on-premises credentials.
- Migrate workloads between your on-premises data center and cloud SDDC.
- Share tags and tag categories from your vCenter Server instance to your cloud SDDC.
Hybrid Linked Mode supports on-premises vCenter Server systems running 6.0 Update 3 patch c and later with either embedded or external Platform Services Controller (both Windows and enter Server Appliance). vCenter Server systems with external platform Services Controller instances linked in Enhanced Linked Mode are also supported.
You have two options for configuring Hybrid Linked Mode. You can use only one of these options at a time.
- You can install the Cloud Gateway Appliance and use it to link from your on-premises data center to your cloud SDDC. In this case, SSO users and groups are mapped from your on-premises environment to the SDDC.
- You can link your VMware Cloud on AWS SDDC to your on-premises vCenter Server. In this case, you must add an identity source to the SDDC LDAP domain.
VMC on AWS Labs Day 2
-
Lab 06 - L7 Security - L7 FW, FQDN Filtering & IDPS
Updated onArticleVMware Cloud on AWS provides VMware’s enterprise class SDDC software on AWS cloud. It includes a robust set of networking and security capabilities that enable customers to run production applications in the cloud. Every SDDC is provisioned with the Gateway Firewall to protect the perimeter of the SDDC, and the Distributed Firewall to secure lateral communication across workloads inside the SDDC. Powered by the proven security capabilities of VMware NSX-T, Gateway and Distributed Firewall provide enterprise class Layer 4 security for applications in VMware Cloud on AWS:
- Gateway Firewall enables customers to selectively allow and deny traffic from and to applications deployed in the SDDC. It also controls access to management infrastructure, such as vCenter and NSX manager
- Distributed Firewall is built into the hypervisor and automatically scales across every host in the SDDC. Enabling micro-segmentation at the workload level, Distributed Firewall policies migrate with the VM when they move from host to host in the SDDC.
NSX Advanced Firewall features take the network security capabilities of VMware Cloud on AWS SDDC to the next level, allowing customers to define security policies at Layer 7 and enabling deep packet inspection across all vNICs within the SDDC.
VMC on AWS Labs Day 2
-
Lab 07 - Inter-SDDC and Native VPC Connectivity
Updated onArticleAn SDDC deployment group uses VMware Transit Connect to provide high-bandwidth, low-latency connections between SDDCs in the group and to other VPCs in the same region. You can also add a Direct Connect Gateway (DXGW) to provide centralized connectivity to your on-premises SDDCs.
An SDDC deployment group (SDDC Group) is a logical entity designed to simplify the management of your organization's VMware Cloud on AWS resources at scale. Collecting SDDCs into an SDDC Group provides several benefits to an organization with multiple SDDCs whose workloads need a high-bandwidth, low-latency connection to each other. All network traffic between group members travels over a VMware Transit Connect network. Routing between compute networks of all SDDCs in a group is managed automatically by VMware Transit Connect as subnets are added and deleted. You control network traffic among group member workloads with compute gateway firewall rules.
VMC on AWS Labs Day 2