Begin the implementation of the Cross Cloud Mobility for VMware Cloud Foundation validated solution by preparing your VMware Cloud Foundation instance for connecting to the VMware HCX service running in VMware Cloud on AWS.

Define Custom Roles in vSphere for Cross Cloud Mobility for VMware Cloud Foundation

To limit the privileges and scope for the VMware HCX integration with vSphere, you create a custom role in vSphere with the required privileges.

Procedure

  1. Log in to the VI workload domain vCenter Server at https://<vi_workload_domain_vcenter_server_fqdn>/ui by using an account with Administrator privileges.
  2. From the vSphere Client Menu, select Administration.

  3. In the left pane, select Access Control > Roles.

  4. From the Roles provider drop-down menu, select vsphere.local.

  5. Create a role for VMware HCX.

    1. Select the Administrator role and click Clone.

    2. In the Clone role dialog box, enter VMware HCX to vSphere Integration, and click OK.

  6. Repeat the procedure for any isolated VI workload domain in your VMware Cloud Foundation instance.

Configure Service Account Permissions for vSphere Integration for Cross Cloud Mobility for VMware Cloud Foundation

To provide the necessary privileges to the service account for the VMware HCX service to vSphere integration, you assign the custom role to the integration service account in vCenter Server. To perform all HCX configurations and operations, the service account must be part of administrators group in vCenter Server.

Procedure

  1. Log in to the VI workload domain vCenter Server at https://<vi_workload_domain_vcenter_server_fqdn>/ui by using an account with Administrator privileges.
  2. From the vSphere Client Menu, select Administration.

  3. In the left pane, select Access control > Global permissions, and click Add.

  4. In the Add permissions dialog box, configure the values for the VMware HCX service account from your VMware Cloud Foundation Planning and Preparation Workbook, select the Propagate to children check box, and click OK.

  5. In the left pane, select Single Sign on > Users and Groups, and click the Groups tab.

  6. Select the Administrators group and click Edit.

  7. In the Edit Group dialog box, in the Add a member section, select a domain and user account according to your VMware Cloud Foundation Planning and Preparation Workbook, and click Save.

  8. Repeat the procedure for any isolated VI workload domain in the VMware Cloud Foundation instance.

Create a Virtual Machine and Template Folder for the HCX Appliance for Cross Cloud Mobility for VMware Cloud Foundation

To group objects of the same type for easier management, you create a folder in the management domain. To manage the HCX Connector appliance, you create a virtual machine folder on the management domain vCenter Server.

Procedure

  1. Log in to the management domain vCenter Server at https://<management_vcenter_server_fqdn>/ui by using an account with Administrator privileges.

  2. In the VMs and templates inventory, expand the management domain vCenter Server tree.

  3. In the VMs and templates inventory, navigate to the default management data center, right-click the data center, and select New folder > New VM and template folder.

  4. In the New folder dialog box, enter the folder name according to your VMware Cloud Foundation Planning and Preparation Workbook, and click OK.

Create a Virtual Machine and Template Folder and a Resource Pool for the HCX Appliances for Cross Cloud Mobility for VMware Cloud Foundation

To group the automatically deployed VMware HCX appliances for the Service Mesh, you create a virtual machine folder and a resource pool on the VI workload domain vCenter Server .

Procedure

  1. Log in to the VI workload domain vCenter Server at https://<vi_workload_domain_vcenter_server_fqdn>/ui by using an account with Administrator privileges.

  2. Create a folder for the VMware HCX appliances.

    1. In the VMs and templates inventory, expand the VI workload domain vCenter Server tree.

    2. Right-click the VI workload domain data center and select New folder > New VM and template folder.

    3. In the New folder dialog box, enter the folder name according to your VMware Cloud Foundation Planning and Preparation Workbook, and click OK.

  3. Create a resource pool for the VMware HCX appliances.

    1. In the Hosts and clusters inventory, expand the VI workload domain vCenter Server and the data center tree.

    2. Right-click the default cluster for the VI workload domain and select New resource pool.

    3. In the New resource pool dialog box, enter a resource pool name according to your VMware Cloud Foundation Planning and Preparation Workbook, and click OK.

  4. Repeat the procedure for each VI workload domain in the VMware Cloud Foundation instance.

Configure Service Account Permissions for NSX Integration for Cross Cloud Mobility for VMware Cloud Foundation

To provide the necessary privileges to the service account for the VMware HCX to NSX Integration, you assign the Enterprise admin role to the integration service account in NSX Manager.

Procedure

  1. Log in to the NSX Manager cluster for the VI workload domain at https://<vi_workload_nsx_manager_fqdn>/login.jsp?local=true as admin.

  2. On the main navigation bar, click System.

  3. In the left pane, select Settings > User management.

  4. On the User role assignment tab, from the Add drop-down menu, select Role assignment for LDAP.

  5. In the Search user/user group text box, enter the service account for the VMware HCX to NSX Integration according to your VMware Cloud Foundation Planning and Preparation Workbook.

  6. From the Select roles drop-down menu, select Enterprise admin and click Save.

  7. Repeat the procedure for each VI workload domain in the VMware Cloud Foundation instance.