VMware Cloud Director Availability™ 4.2 and later can migrate workloads to the VMware Cloud Director™ service hosted at VMware Cloud™ on AWS.

Classic Migrations to VMware Cloud Director Cloud Sites

Any VMware Cloud Director Availability version can migrate vSphere workloads to a private cloud site backed by VMware Cloud Director by using the native integrations with VMware Cloud Director and VMware vCenter Server®.

VMware Cloud on AWS Design Implications

Due to design specifics of the VMware Cloud Director service hosted at VMware Cloud on AWS, a new VMware Cloud Director Availability 4.2 service, named VMware Cloud on AWS Data Engine Service performs the migrations to VMware Cloud on AWS by using the new VMC data engine. By using the Data Engine Service and selecting the VMC data engine, VMware Cloud Director Availability can migrate workloads to VMware Cloud Director service. For more information about this service, see Services and Network Ports in the Security Guide.

The service providers in VMware Cloud on AWS have a VMware Cloud SDDC account and a general AWS account, and the two accounts must be linked for the service to work. Each account has its own virtual private cloud (VPC), and the VMware Cloud VPC contains a management and a compute resource pool. In the management resource pool, VMware has complete administrative control over the management and the infrastructure components. The VMware Cloud Director Availability appliances reside outside the management resource pool, deployed and managed by the service provider.

Migrations to VMware Cloud on AWS

Both the service providers and their tenants, can use the existing migration flow and migrate their workloads to VMware Cloud Director service in VMware Cloud on AWS after following this Migration to VMware Cloud Director service Guide.

VMware Cloud Director service pools resources provided by the SDDC in VMware Cloud on AWS. The following diagrams provide an overview of VMware Cloud Director service after installing VMware Cloud Director Availability and pairing VMware Cloud on AWS with an on-premises site and or with a cloud site, backed by VMware Cloud Director.

In VMware Cloud on AWS, VMware Cloud Director Availability resides behind the compute networks compute gateway and firewall and connects with the management components like vCenter Server and ESXi trough the management gateway and firewall of the management network. The Migration to VMware Cloud Director service Guide covers the necessary configuration in VMware Cloud on AWS allowing the connectivity to and from VMware Cloud Director Availability trough the management and the compute gateways.

Paired On-Premises Site with VMware Cloud Director Availability in VMware Cloud on AWS

After pairing the On-Premises to Cloud Director Replication Appliance with VMware Cloud Director Availability in VMware Cloud on AWS, in the following architecture diagram the orange color shows the deployed on-premises and cloud appliances of VMware Cloud Director Availability and the replication data traffic between the appliances, with all existing components in black: On-premises appliance to Cloud Director service network diagram.

Paired Cloud Site with VMware Cloud Director Availability in VMware Cloud on AWS

After pairing a cloud site, backed by VMware Cloud Director with VMware Cloud Director Availability in VMware Cloud on AWS, in the following deployment diagram the orange color shows the deployed cloud appliances of VMware Cloud Director Availability and the replication data traffic between them, with all existing components in black: Cloud appliances deployed in both the private cloud site and the Cloud Director service.

Overview of the Configuration

For a summary of all the configured objects in the VMware Cloud on AWS SDDC, see SDDC Network Configuration Summary. VMware Cloud Director Availability resides behind the compute gateway in VMware Cloud on AWS. Configure the SDDC in VMware Cloud on AWS for the following access.
  • To access vCenter Server in the management resource pool by administrative users and by VMware Cloud Director Availability.
  • To access the management interface of VMware Cloud Director Availability for initial configuration.
  • To access the Service Endpoint from external VMware Cloud Director Availability sites for pairing and migrations from these sites.
In VMware Cloud on AWS, the SDDC and VMware Cloud Director Availability must be prepared and configured in the following order.
  1. Prepare the VMware Cloud on AWS SDDC by creating the following objects. For the detailed SDDC preparation procedure, see Prepare the SDDC in VMware Cloud on AWS for Deployment.
    1. A network segment, connecting all the cloud VMware Cloud Director Availability appliances.
    2. A trusted management sources group, containing the public IP addresses of the administrator users that need access to vCenter Server in VMware Cloud on AWS for installing the cloud VMware Cloud Director Availability appliances.
    3. A management firewall rule, allowing the trusted management group to access management gateway services like vCenter Server.
    4. A separate resource pool, dedicated for all the cloud VMware Cloud Director Availability appliances.
  2. Deploy the OVA of VMware Cloud Director Availability in the VMware Cloud on AWS SDDC. Alternatively, as a tenant deploy the On-Premises to Cloud Director Replication Appliance in on-premises data centers. For the detailed deployment procedure, see Deploy VMware Cloud Director Availability in the SDDC.
  3. Configure the network of the VMware Cloud on AWS SDDC by creating the following objects. For the detailed SDDC configuration procedure, see Configure the Network of the SDDC in VMware Cloud on AWS.
    1. Two inventory services, one for the management interface of VMware Cloud Director Availability and one for the Service Endpoint.
    2. Two public IP addresses requested in the SDDC, one to access the initial setup wizard in the management interface of VMware Cloud Director Availability and one allowing external pairing to the Service Endpoint.
    3. Two NAT rules for forwarding the incoming network traffic to the correct cloud VMware Cloud Director Availability appliances.
    4. Two management groups, one containing the source NAT public IP address of the SDDC used for bridging the access from the compute gateway VMware Cloud Director Availability appliances and one containing the Cloud Replicator Appliance instances.
    5. Two management firewall rules, one allowing the access from the compute gateway source NAT to the management gateway vCenter Server and one allowing the Cloud Replicator Appliance instances access to ESXi datastores for provisioning.
    6. Four compute groups, one containing the users that can access the management interface of VMware Cloud Director Availability and three groups containing the three types of cloud VMware Cloud Director Availability appliances.
    7. Another two compute firewall rules, one allowing the access to the management interface of VMware Cloud Director Availability and one allowing the cloud appliances with outbound network access.
  4. Configure VMware Cloud Director Availability in VMware Cloud on AWS by completing the initial wizard. For the detailed initial configuration procedure, see Configure VMware Cloud Director Availability in VMware Cloud on AWS.
  5. Configure the VMware Cloud on AWS SDDC for pairing with external VMware Cloud Director Availability sites by creating the following objects. For the detailed pairing preparation procedure, see Configure the SDDC Network for Pairing VMware Cloud Director Availability in VMware Cloud on AWS.
    1. A pairing compute group, containing the public IP addresses of the on-premises tenants and of the private cloud sites, backed by VMware Cloud Director.
    2. A pairing compute gateway firewall rule, allowing the access from the preceding pairing compute group to the Service Endpoint for pairing with VMware Cloud Director Availability in VMware Cloud on AWS.
  6. Pair with external VMware Cloud Director Availability sites.
    1. Optionally, as a tenant configure and pair On-Premises to Cloud Director Replication Appliance instances with VMware Cloud Director Availability in VMware Cloud on AWS. For the detailed initial on-premises configuration and pairing procedure, see Configure and Pair the On-Premises to Cloud Director Replication Appliance.
    2. Optionally, pair VMware Cloud Director Availability in VMware Cloud on AWS with private cloud sites backed by VMware Cloud Director. For the detailed pairing procedure with cloud sites, see Pair VMware Cloud Director Cloud Sites.
After completing all these steps, by using the existing migration flow in VMware Cloud Director Availability the trusted, allowed, and paired service providers and their trusted, allowed, and paired tenants can migrate workloads to VMware Cloud Director service in VMware Cloud on AWS.
  • Later, to allow access to perform administrative tasks like certificate replacement by using the three types of management interfaces of the services of VMware Cloud Director Availability:
    • Add three inventory services for each management interface type: Replicator Service, Manager Service, and Tunnel Service.
    • Add three NAT rules, with additional NAT rule for each Replicator Service instance.
    • Modify the existing compute gateway firewall rule that allows access from the trusted compute sources group and include the three additional services, for a total of four inventory services.
    For information about adding these networking objects, see Post-configure the SDDC Networking in VMware Cloud on AWS.