This is an overview of the manual deployment process that you need to follow to plan and configure VMware Cloud Director service with Azure VMware Solution, deploy an SDDC, associate it to a VMware Cloud Director instance, and to configure networking between your Azure VMware Solution resources.

Azure VMware Solution is an infrastructure-as-a-service private cloud offering built on VMware Cloud Foundation stack. To learn more, familiarize yourself with the Azure VMware Solution documentation.

The procedures below provide the information that you need to successfully configure VMware Cloud Director service with Azure VMware Solution, but do not include the full set of steps and instructions for working with Azure VMware Solution. For detailed instructions, follow the links to the relevant documentation.

Prerequisites

Verify that you have an Azure account with an active subscription.

Create Your Azure VMware Solution Private Cloud

Planning your Azure VMware Solution deployment is critical for a successful production-ready environment.

Procedure

  1. Plan for the Azure VMware Solution deployment to use for the underlying resources of VMware Cloud Director. See Plan the Azure VMware Solution Deployment in the Azure VMware Solution documentation.
  2. Create and configure an Azure SDDC that will provide infrastructure resources for your tenants. Deploy and configure Azure VMware Solution in the Azure VMware Solution documentation.
  3. Create an Azure Virtual Network (VNet) for each of your tenants. See Microsoft Virtual Network documentation in the Azure VMware Solution documentation.
  4. Open a request with Microsoft Azure support to request to include the FDQN of your NSX Manager instance as a CNAME in your NSX certificate. See Create an Azure support request in the Azure portal documentation.
  5. Create a jump host in Azure and allow controlled access to vCenter Server, NSX, and other services in remote networks. See Connect to environments privately in the Azure VMware Solution documentation.

Deploy the Reverse Proxy Appliance

To use infrastructure resources that are not publicly accessible and have only outbound access to the internet within your VMware Cloud Director service environment, you must set up your VMware Cloud Director instance to use VMware proxy service.

Prerequisites

Create a VMware Cloud Director instance.

Procedure

  1. Create an API token to use for generating the VMware proxy used for the SDDC association task. See How do I generate an API token.
  2. On the Azure jump host VM, log in to VMware Cloud Partner Navigator, navigate to VMware Cloud Director service to generate the proxy appliance and to download it. See How Do I Configure and Download the VMware Reverse Proxy OVА.
    To generate the reverse proxy OVA, enter the following information.
    • In the Datacenter name text box, enter the vCenter Server name of the SDDC to which you are going to associate the VMware Cloud Director instance.
    • In the Management IP text box, enter the IP address used to connect to and to manage the vCenter Server instance.
      Tip: To management IP address is the web client URL for vCenter Server that you can find in your AVS Private Cloud by clicking Manage > Identity.
    • In the NSX URL text box, enter the URL for the NSX Manager instance.
      Tip: You can find the FQDN for NSX Manager by examining the certificate when you log in to NSX Manager.

Create a Network Segment and Configure DHCP for the Reverse Proxy Appliance

Before deploying the reverse proxy appliance, prepare your environment for it.

Procedure

  1. On the jump host VM, open a browser and log in to NSX Manager as an administrator.
  2. Create a DHCP server profile. See Add a DHCP Server Profile in NSX Administration Guide.
  3. Attach the DHCP profile to a tier-1 gateway. See Attach a DHCP Profile to a Tier-0 or Tier-1 Gateway in NSX Administration Guide.
  4. Create a network segment for the reverse proxy appliance to use. See Add a Segment in NSX Administration Guide.
    • In the Segment Name text box, enter Proxy.
    • From the Connected Gateway drop-down menu, select Tier1 | Tier1.
    • From the Transport Zone drop-down menu, select TZ-Overlay.
    • In the Subnet text box, enter a valid subnet CIDR.
    • Click Edit DHCP Config and select the check box to activate DHCP configuration.
    • Enter one or more DHCP ranges.
    • In the DNS Servers text box, enter the IP addresses of the Azure DNS servers.
  5. In the Azure Portal, activate and configure public IP to the NSX Edge for the VMware Cloud Director instance. See Enable Public IP to the NSX Edge for Azure VMware Solution in Azure VMware Solution documentation.

Deploy the Reverse Proxy OVA and Associate Your VMware Cloud Director Instance to an SDDC

After you deploy the reverse proxy appliance, you can associate your infrastructure resources.

Procedure

  1. On the jump host VM, log in to the vCenter Server and deploy the OVA template. See Deploying the Reverse Proxy Appliance.
    • On the Select storage page, select the vsanDatastore to store the OVA template.
    • On the Select networks page, select Proxy network .
    • On the Customize Template page, make a note of the root password.
  2. Verify the proxy appliance connectivity.
    1. Log in to the proxy appliance as root.
    2. To verify the appliance has obtained an IP address, run ip a.
    3. To ensure that the service is active and running, run systemctl status transporter-client.service.
      Note: If the command results in an error, verify that DNS is working and it can access the internet.
    4. To verify the proxy appliance's connectivity, run transporter-status.sh.
    5. Run the command to diagnose any issues with the proxy appliance. 
      diagnose.sh -o OUTPUT_FILE
      See How Do I Troubleshoot the VMware Cloud Director service Proxy Client Appliance.
  3. In VMware Cloud Director service, navigate to the VMware Cloud Director instance from which you generated the proxy, and associate the data center through VMware Proxy. See How Do I Associate a VMware Cloud Director Instance with an SDDC via VMware Proxy.

Results

When the task completes, the SDDC shows up as a provider VDC in the VMware Cloud Director instance UI.

Configure Networking Connections

To provide secure connectivity between Azure VMware Solution and VMware Cloud Director service, configure your private cloud network and gateway.

Procedure

  1. Configure networking for Azure VMware Solution. See Tutorial: Configure networking for your VMware private cloud in Azure in Azure VMware Solution documentation.
  2. (Optional) If you need layer-7 load balancing for the tenant workloads running on Azure VMware Solution, configure Azure Application Gateway. See Protect web apps on Azure VMware Solution with Azure Application Gateway in Azure VMware Solution documentation.

Results

Your VMware Cloud Director service instance is ready to deploy tenant VMs. For more information, see the documentation for VMware Cloud Director service and VMware Cloud Director.