The cloud deployment architecture of VMware Cloud Director Availability relies on symmetrical replication operations between the two sites. Deploying multiple VMware Cloud Director Availability instances under one VMware Cloud Director™ site allows for granular access to multiple provider virtual data centers (VDCs), each representing a separate site.
Test and Development Deployment
- The Tunnel Service,
- The Manager Service,
- The Cloud Service,
- And the Replicator Service.
- The colored components inside the two Cloud Director Combined Appliance instances represent the VMware Cloud Director Availability services, deployed during the installation and the initial configuration of the two appliances.
- Each component has the color of the replication direction it manages. For example, the protected Organization VDC B vApps and VM 2 from Cloud Site 1 to Cloud Site 2 use the Replicator Service from Cloud Site 2.
- Each replication resides in its destination site. For example, the protections from Cloud Site 1 to Cloud Site 2 reside in Cloud Site 2.
The components with no color represent existing components in the two VMware Cloud Director sites.
Production Deployment
- One, or optionally for active-active high availability - two Tunnel Appliance instances, each running the Tunnel Service. For information about Tunnel Appliance high availability (HA), see Deploying Two Active-Active Tunnel Appliance Instances. For information about configuring it, see Add a second Tunnel Appliance for HA in the Cloud Director site.
- One Cloud Director Replication Management Appliance, running the Cloud Service and the Manager Service. For information about the initial VMware Cloud Director Availability configuration, see Configure the Cloud Service in the Cloud Director site.
- One, or optionally for performance scalability and capacity - multiple Replicator Appliance instances, each running a Replicator Service instance. For information about configuring multiple Replicator Service instances, see Add an additional Replicator Service instance in the Cloud Director site.
For information about the network connectivity between the services and between the sites, see Network requirements and prerequisites in the Cloud Director site. For information about each service of VMware Cloud Director Availability, see Services.
Deploying Multiple VMware Cloud Director Availability Instances in VMware Cloud Director
- In VMware Cloud Director Availability, each provider VDC represents a cloud site. In each VMware Cloud Director Availability instance, the service provider controls the accessible provider VDCs for that instance.
Note: A single VMware Cloud Director Availability instance must manage each provider VDC.
There must be no overlapping provider VDCs managed by multiple VMware Cloud Director Availability instances.
- One VMware Cloud Director instance manages all VMware Cloud Director Availability instances, for both a replication source or a replication destination. Each VMware Cloud Director Availability instance registers as a plug-in with its local site name in VMware Cloud Director.
- Each VMware Cloud Director Availability instance connects to one vCenter Server Lookup service for one single sign-on (SSO) domain and can access all the organization VDCs of the organizations, part of the provider VDC.
- In SSO domain 1, VMware Cloud Director Availability instance 1 connects to vCenter Server Lookup service 1 and can access the organization VDCs of Organizations X and Y, part of Provider VDC A and B, respectively.
- In SSO domain 2, VMware Cloud Director Availability instance 2 connects to vCenter Server Lookup service 2 and can access the organization VDCs of Organizations X and Y, part of Provider VDC C and the organization VDCs of Organization X, part of Provider VDC D.
- In SSO domain N, VMware Cloud Director Availability instance N connects to vCenter Server Lookup service N and can access the organization VDCs of Organization Z, part of Provider VDC N.
Deploying Two Active-Active Tunnel Appliance Instances
With the round robin algorithm, the load balancer without terminating the SSL traffic and without inspecting it distributes it among both active-active Tunnel Appliance instances, improving the Tunnel Service availability and performance by avoiding the impacts of one failing or its overload. Each Tunnel Service acts as both an ingress and an egress point of the VMware Cloud Director Availability network traffic. When configured behind a load balancer, both Tunnel Service instances run simultaneously and receive incoming requests from the load balancer then forward them to the remaining services of VMware Cloud Director Availability, and send outgoing responses from the remaining services back to the load balancer. For information about the connectivity between the services and TLS termination, see VMware Cloud Director Availability Services Connectivity.
With this configuration, if one Tunnel Appliance fails, the other can continue serving the network requests. By using two Tunnel Appliance instances also increases the network scalability and capacity of the disaster recovery environment by using two independent points for all the network traffic that comes to and leaves VMware Cloud Director Availability.
After configuring VMware Cloud Director Availability in the Cloud Director site, you can configure the second Tunnel Service. For both existing installations and for upgraded ones, you can also follow the same procedure. For information about configuring the active-active mode for the Tunnel Appliance, see Add a second Tunnel Appliance for HA in the Cloud Director site.