VMware Cloud Director Availability™ can migrate workloads both to and from the VMware Cloud Director™ service hosted at VMware Cloud™ on AWS.

Classic Migration with Cloud Director Sites

All versions of VMware Cloud Director Availability can protect or migrate vSphere workloads with a private cloud site backed by VMware Cloud Director by using the native integrations with VMware Cloud Director and VMware vCenter Server®.

VMware Cloud on AWS Design Implications

Due to design specifics of the VMware Cloud Director service hosted at VMware Cloud on AWS, VMware Cloud Director Availability introduces a service named Data Engine Service for performing migrations with VMware Cloud on AWS by using the VMC data engine. For information about this service, see Services and network ports in the Security Guide. For information about both the VMC and the Classic data engines, see Activate the data engines for replicating workloads in the Administration Guide.

By using the Data Engine Service and activating the VMC data engine, VMware Cloud Director Availability 4.2 and later can migrate workloads to VMware Cloud Director service. VMware Cloud Director Availability 4.6 and later also allow migrating workloads from VMware Cloud Director service back to the on-premises vCenter Server site. For information about the replications use cases and their cross-site support, see Replicating workloads in the User Guide.

As a provider in VMware Cloud on AWS you have a VMware Cloud SDDC account and a general AWS account, and the two accounts must be linked for the service to work. Each account has its own virtual private cloud (VPC), and the VMware Cloud VPC contains a management and a compute resource pool. In the management resource pool, VMware has complete administrative control over the management and the infrastructure components. The VMware Cloud Director Availability appliances reside outside the management resource pool, deployed and managed by the provider.

Migration with VMware Cloud Director service

Both the providers and their tenants, can use the existing migration flow and migrate their workloads to VMware Cloud Director service in VMware Cloud on AWS after following this Migration with VMware Cloud Director service Guide.

The VMware Cloud Director service pools the resources provided by the SDDC in VMware Cloud on AWS. The following diagrams provide an overview of VMware Cloud Director service after installing VMware Cloud Director Availability and pairing a VMware Cloud on AWS site with an on-premises site and or with a cloud site, backed by VMware Cloud Director.

In VMware Cloud on AWS, VMware Cloud Director Availability resides behind the compute networks compute gateway and firewall and connects with the management components like vCenter Server and ESXi trough the management gateway and firewall of the management network. The Migration with VMware Cloud Director service Guide covers the necessary configuration in VMware Cloud on AWS allowing the connectivity to and from VMware Cloud Director Availability trough the management and the compute gateways.

Paired On-Premises Site with VMware Cloud Director Availability in VMware Cloud on AWS

After pairing the On-Premises to Cloud Director Replication Appliance with VMware Cloud Director Availability in VMware Cloud on AWS, in the following architecture diagram the orange color shows the deployed on-premises and cloud appliances of VMware Cloud Director Availability and the replication data traffic between the appliances, with all existing components in black: On-premises appliance to Cloud Director service network diagram.

Paired Cloud Site with VMware Cloud Director Availability in VMware Cloud on AWS

After pairing a cloud site, backed by VMware Cloud Director with VMware Cloud Director Availability in VMware Cloud on AWS, in the following deployment diagram the orange color shows the deployed cloud appliances of VMware Cloud Director Availability and the replication data traffic between them, with all existing components in black: Cloud appliances deployed in both the private cloud site and the Cloud Director service.

Overview of the Configuration

For a summary of all the configured objects in the VMware Cloud on AWS SDDC, see SDDC network configuration summary. VMware Cloud Director Availability resides behind the compute gateway in VMware Cloud on AWS. Configure the SDDC in VMware Cloud on AWS for the following access.
  • To access vCenter Server in the management resource pool by administrative users and by VMware Cloud Director Availability.
  • To access the management interface of VMware Cloud Director Availability for initial configuration.
  • To access the Public Service Endpoint from external VMware Cloud Director Availability sites for pairing and migrations from these sites.
In VMware Cloud on AWS, the SDDC and VMware Cloud Director Availability must be prepared and configured in the following order.
Procedure outline:
  1. Prepare the VMware Cloud on AWS SDDC by creating the following objects. For the detailed SDDC preparation procedure, see Prepare the SDDC in VMware Cloud on AWS for deployment.
    1. A network segment, connecting all the cloud VMware Cloud Director Availability appliances.
    2. A trusted management sources group, containing the public IP addresses of the administrator users that need access to vCenter Server in VMware Cloud on AWS for installing the cloud VMware Cloud Director Availability appliances.
    3. A management firewall rule, allowing the trusted management group to access management gateway services like vCenter Server.
    4. A separate resource pool, dedicated for all the cloud VMware Cloud Director Availability appliances.
  2. Deploy the OVA of VMware Cloud Director Availability in the VMware Cloud on AWS SDDC. Alternatively, as a tenant deploy the On-Premises to Cloud Director Replication Appliance in on-premises data centers. For the detailed deployment procedure, see Deploy VMware Cloud Director Availability in the SDDC.
  3. Configure the network of the VMware Cloud on AWS SDDC by creating the following objects. For the detailed SDDC configuration procedure, see Configure the network of the SDDC in VMware Cloud on AWS.
    1. Two inventory services, one for the management interface of VMware Cloud Director Availability and one for the Public Service Endpoint.
    2. Two public IP addresses requested in the SDDC, one to access the initial setup wizard in the management interface of VMware Cloud Director Availability and one allowing external pairing to the Public Service Endpoint.
    3. Two NAT rules for forwarding the incoming network traffic to the correct cloud VMware Cloud Director Availability appliances.
    4. Two management groups, one containing the source NAT public IP address of the SDDC used for bridging the access from the compute gateway VMware Cloud Director Availability appliances and one containing the Replicator Appliance instances.
    5. Two management firewall rules, one allowing the access from the compute gateway source NAT to the management gateway vCenter Server and one allowing the Replicator Appliance instances access to ESXi datastores for provisioning.
    6. Four compute groups, one containing the users that can access the management interface of VMware Cloud Director Availability and three groups containing the three types of cloud VMware Cloud Director Availability appliances.
    7. Another two compute firewall rules, one allowing the access to the management interface of VMware Cloud Director Availability and one allowing the cloud appliances with outbound network access.
  4. Configure VMware Cloud Director Availability in VMware Cloud on AWS by completing the initial wizard. For the detailed initial configuration procedure, see Configure VMware Cloud Director Availability in VMware Cloud on AWS.
  5. Configure the VMware Cloud on AWS SDDC for pairing with external VMware Cloud Director Availability sites by creating the following objects. For the detailed pairing preparation procedure, see Configure the SDDC network for pairing VMware Cloud Director Availability in VMware Cloud on AWS.
    1. A pairing compute group, containing the public IP addresses of the on-premises tenants and of the private cloud sites, backed by VMware Cloud Director.
    2. A pairing compute gateway firewall rule, allowing the access from the preceding pairing compute group to the Public Service Endpoint for pairing with VMware Cloud Director Availability in VMware Cloud on AWS.
  6. Pair with external VMware Cloud Director Availability sites.
    1. Optionally, as a tenant configure and pair On-Premises to Cloud Director Replication Appliance instances with VMware Cloud Director Availability in VMware Cloud on AWS. For the detailed initial on-premises configuration and pairing procedure, see Configure and Pair the On-Premises to Cloud Director Replication Appliance.
    2. Optionally, pair VMware Cloud Director Availability in VMware Cloud on AWS with private cloud sites backed by VMware Cloud Director. For the detailed pairing procedure with cloud sites, see Pair VMware Cloud Director Cloud Sites.
After completing all these steps, by using the existing migration flow in VMware Cloud Director Availability the trusted, allowed, and paired providers and their trusted, allowed, and paired tenants can migrate workloads to VMware Cloud Director service in VMware Cloud on AWS.
  • Later, to allow access to perform administrative tasks like certificate replacement by using the three types of management interfaces of the services of VMware Cloud Director Availability:
    • Add three inventory services for each management interface type: Replicator Service, Manager Service, and Tunnel Service.
    • Add three NAT rules, with additional NAT rule for each Replicator Service instance.
    • Modify the existing compute gateway firewall rule that allows access from the trusted compute sources group and include the three additional services, for a total of four inventory services.
    For information about adding these networking objects, see Post-configure the SDDC networking in VMware Cloud on AWS.