Before installing the VMware Cloud Director Availability On-Premises Appliance, verify that the on-premises site meets the deployment requirements. Also, allow the network communication within the on-premises site and to the cloud site.

Network Requirements

To get a list of the required firewall ports to be opened, see VMware Cloud Director Availability Network Ports.

The following diagram shows the direction of the data flow and the type of data traffic. The diagram also shows the required network ports for the communication between the VMware Cloud Director Availability On-Premises Appliance and the disaster recovery infrastructure.

Connectivity Requirements

The VMware Cloud Director Availability appliances must be able to communicate with each other and with the disaster recovery infrastructure. The VMware Cloud Director Availability On-Premises Appliance must have a TCP access to the resource vCenter Server, where the resource vCenter Server Lookup service is hosted and to all the Cloud Replicator Appliance(s) in the cloud site.
Note: VMware Cloud Director Availability uses end-to-end encryption for the communication across sites. For example, when the VMware Cloud Director Availability On-Premises Appliance is communicating to the Replicator Service in the cloud site, VMware Cloud Director Availability expects that the TLS session is terminated at both the VMware Cloud Director Availability On-Premises Appliance and the cloud site Replicator Service.

VMware Cloud Director Availability does not support any TLS terminating products or solutions placed between the appliances, for example, HAProxy, Nginx, Fortinet, and others. If such tools are in place, they must be configured in pass-thru mode, also known as TCP mode, to prevent from interfering with the TLS traffic of VMware Cloud Director Availability.

Hardware Requirements

From a hosting perspective, the VMware Cloud Director Availability On-Premises Appliance is a virtual machine with the following hardware requirements.
  • 4 vCPUs
  • 4 GB RAM
  • 10 GB Storage

Deployment Requirements

  • In the ESXi hosts, a VMkernel interface can be dedicated for the replication traffic. By default, ESXi handles the replication traffic through its management VMkernel interface. As a good practice, you can separate the management traffic from the replication traffic by creating a dedicated replication VMkernel interface. Use the following tags when creating a VMkernel interface for the replication traffic:
    • Use the vSphere Replication tag to configure the ESXi host for the outgoing replication traffic.
    • Use the vSphere Replication NFC tag to configure the ESXi host for the incoming replication traffic.

    Configure the replication VMkernel interface in its own IP subnet and connect the VMware Cloud Director Availability On-Premises Appliance to the same virtual port group. Using this configuration, the replication traffic between the ESXi hosts and the VMware Cloud Director Availability On-Premises Appliance stays in the same broadcast domain. As a result, uncompressed replication traffic avoids crossing a router and saves the network bandwidth. For information about configuring a dedicated replication VMkernel interface, see Set Up a VMkernel Adapter for vSphere Replication Traffic on a Source Host in the vSphere Replication documentation.

  • If more than one vCenter Server instances exist in the on-premises site:
    • vCenter Server instances dedicated for management operations
    • vCenter Server instances dedicated for resources
    VMware Cloud Director Availability uses the resource vCenter Server instances to locate and authenticate to resources and create or edit inventory objects. Register the VMware Cloud Director Availability On-Premises Appliance with the vCenter Server Lookup service, provided by the Platform Services Controller used by the resource vCenter Server instances.