If your design requires establishing a connection on-premises, several configuration changes have to be made to enforce the connection. If you also need to configure HCX for migration, it adds some complexity to the deployment. The following table lists the relevant configuration items to be considered for the hybrid cloud deployment:
| Configuration section | Configuration item | Description |
| Network configuration | VPN | Policy-based or route-based. See the networking section in Chapter2 for more details on VPNs |
| AWS DX (see Figure 12.5) | You can choose to use the AWS DX service to gain predictable latency and possibly higher throughout for your workload. You can leverage the following: AWS DX provisioned as a private VIF to your SDDC.AWS DX VIF connected to an AWS DX Gateway (DXGW). You will use an SDDC group and a vTGW to connect your SDDC(s) to a DXGW.Cloud connector service providers – cloud connector service providers can offer an alternative by sharing cloud connectivity lines. From the SDDC perspective, the connection still would be in the form of a private VIF or a connection to a DXGW. | |
| Dynamic routing support | VMware Cloud on AWS supports only the BGP dynamic routing protocol. You can filter incoming/outcoming routes and/or announce 0.0.0.0./0 to route all SDDC traffic through the selected connection. If you have multiple connections from on-premises to the cloud, it is important to synchronize the routing information (e.g., avoid announcing 0.0.0.0/0 through DX and specific subnets through a route-based VPN) | |
| SDDC management | vCenter Server | Reconfigure to use a private IP |
| (see Figure 12.6) | NSX manager | Reconfigure to use a private IP |
| HCX manager | Reconfigure to use a private IP | |
| Firewall | Management Gateway Firewall | Ensure your on-premises CIDRs required access to vCenter/NSX Manager/HCX Manager is included in the management firewall rules. |
| Compute Gateway Firewall | Ensure you add on-premises CIDRs and map them to the DX/VPN interface. | |
| Migration Service | Activate HCX | HCX Enterprise is included with VMware Cloud on AWS SDDC. |
| Pair HCX managers | Configure a pairing between on-premises and the cloud. You can have multiple site pairs if needed. | |
| Configure a network profile. (See Figure 12.7.) | Configure HCX on VMware Cloud on AWS to use the “directConnectNetwork1” network profile. Add a non-overlapping private CIDR (different from the SDDC management network). HCX will use this network to establish connectivity between the appliances. The SDDC workflow will automatically add the subnet to the BGP route distribution and create the required firewall rules. | |
| Create a service mesh | Override the network uplink configuration to use the directConnectNetwork1 network profile while configuring the service mesh. | |
| Configure network extension | The HCX network extension service can extend vSphere vDS VLAN-based port groups to the cloud. You can enable high availability for your NE appliances (you need to configure an HA group before extending a VLAN). | |
| Migrate workloads | Identify VMs to be migrated | Identify VMs building an application and migrate them as a part of the same migration group. |
| Select migration type | Select between the following: vMotionbulk migrationreplication-assisted vMotion (RAV) See Chapter 3, which covers HCX migrations in great depth for more details. | |
| Configure schedule | Use this option to define the switchover/start of vMotion. If using bulk or RAV, you need to make sure HCX has enough time to replicate virtual machine data. |
Table 12.2 – Hybrid Cloud configuration details
You can review the Direct Connect configuration in Figure 12.5.
Figure 12.5 – AWS DX VIF attached to an SDDC
You can review the FQDN configuration in Figure 12.6:
Figure 12.6 – Configure vCenter Server, HCX, and NSX FQDN resolution
You can review the configuration of HCX to leverage AWS Direct Connect (DX) connection in Figure 12.7:
Figure 12.7 – VMware Cloud on AWS HCX network profile: uplink over AWS DX
Next steps
Now that you have completed the basic SDDC setup and connected the SDDC to on-premises, you can use the following list to get further information about the services and next steps:
- Review the roadmap: https://www.vmware.com/products/vmc-on-aws/features-and-roadmaps.html
- Review the FAQ: https://vmc.techzone.vmware.com/vmware-cloud-aws-frequently-asked-questions
- Review configuration maximums: https://configmax.esp.vmware.com/guest?vmwareproduct=VMware%20Cloud%20on%20AWS&release=VMware%20Cloud%20on%20AWS&categories=68-0,52-0,3-0,53-0,54-0,55-0,5 6-0,57-0,58-0,75-0,76-0
- Review the VMware Cloud on AWS release notes: https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/rn/vmware-cloud-on-aws-release-notes/index.html