The logical design provides a high-level overview of the Cloud-Based Workload Protection for VMware Cloud Foundation validated solution.

The Cloud-Based Workload Protection for VMware Cloud Foundation validated solution utilizes the VMware Live Cyber Recovery service from VMware to recover business workloads to a VMware Cloud on AWS instance. The VMware HCX service is utilized to extend on-premises networks to the VMware Cloud on AWS instance.

To provide failover capabilities, this validated solution defines the following logical configuration of the SDDC management components.

Management Component

Logical Configuration for Disaster Recovery

VMware Cloud Foundation (Protected Site)

  • vCenter Server

  • Cluster and ESXi hosts

VMware Cloud on AWS (Recovery Site)

  • vCenter Server

  • Cluster and ESXi hosts

VMware HCX

VMware Cloud Foundation instance:

  • HCX Connector

VMware Cloud on AWS instance:

  • HCX Manager

VMware Live Cyber Recovery

VMware Cloud Foundation instance:

  • VMware Live Cyber Recovery Connector(s)

VMware Cloud on AWS instance:

  • Orchestrator

  • Cloud File System
Figure 1. Logical Design of Cloud-Based Workload Protection for VMware Cloud Foundation
A VMware Cloud Foundation instance connected to the VMware Live Cyber Recovery service through a VMware Live Cyber Recovery Connector. The VMware Live Cyber Recovery Connector supports data communication between the cloud provider and the managed environment. You access VMware Live Cyber Recovery by using a user interface and API. You recover business workloads to a VMware Cloud on AWS instance through the VMware Live Cyber Recovery service. You use the VMware HCX service for on-premises networks extension.
Table 1. Cloud-Based Workload Protection Logical Components

Single VMware Cloud Foundation Instance with a Single Availability Zone

Single VMware Cloud Foundation Instance with Multiple Availability Zones

Multiple VMware Cloud Foundation Instances

  • Two Live Cyber Recovery Connector appliances are deployed on the management VLAN in the management domain.

  • An HCX Connector appliance is deployed on the management VLAN in the management domain.

  • Two Live Cyber Recovery Connector appliances are deployed on the management VLAN in the management domain.

  • An HCX Connector appliance is deployed on the management VLAN in the management domain.

  • A vSphere Distributed Resource Scheduler VM/Host rule ensures that the HCX and Live Cyber Recovery Connector appliances are running on an ESXi host group in the first availability zone of the management domain.

  • Two Live Cyber Recovery Connector appliances are deployed on the management VLAN in the management domain in each instance.

  • An HCX Connector appliance is deployed on the management VLAN in the management domain in each instance.