VMware HCX Design for Cross Cloud Mobility for VMware Cloud Foundation

By activating VMware HCX between the VMware Cloud Foundation instance and the VMware Cloud on AWS SDDC, you simplify the process of extending on-premises networks into the cloud in a secure manner.

HCX Connector Integration

When activating and configuring the HCX Connector, you connect the HCX Connector to the vCenter Server and to the NSX Manager of the VI workload domain. This connection ensures the required plug-ins are installed in vCenter Server to enable management.

Table 1. Design Decisions on HCX Integration
Decision ID	Design Decision	Design Justification	Design Implication
CCM-HCX-CFG-001	Register the HCX Connector with the VI workload domain vCenter Server.	Registering the HCX Connector with vCenter Server installs the plug-ins to integrate HCX with vCenter Server.	None.
CCM-HCX-CFG-002	Register the HCX Connector with the VI workload domain NSX Manager.	Registering the HCX Connector with NSX Manager is required to enable the networking configuration.	None.
CCM-HCX-CFG-003	Register the HCX Connector with the Single Sign-On Domain of the VI workload domain vCenter Server.	By registering the HCX Connector with Single Sign-On, you can create dedicated VMware HCX roles within vCenter Server.	None.

Site Pairing

The HCX Connector is deployed at the source vSphere environment within the VMware Cloud Foundation instance. Then, you create a unidirectional site pairing between the HCX Connector and the HCX Cloud service.

Table 2. Design Decisions on Site Paring for VMware HCX
Decision ID	Design Decision	Design Justification	Design Implication
CCM-HCX-CFG-004	Pair the HCX Connector with the HCX Cloud service.	Required to establish unidirectional communication between the VMware Cloud Foundation instance and the HCX Cloud service to create a Service Mesh.	The HCX Connector must be able to connect to the internet through a firewall. You can also establish connectivity through a proxy server which you would need to configure outside of this solution.

HCX Interconnect - Service Mesh

VMware HCX services are deployed and managed using a multi-site Service Mesh. VMware HCX deploys appliances in the source and destination sites and the multi-site Service Mesh activates the configuration, deployment, and serviceability of the interconnect appliance pairs.

When you create the Service Mesh, you create network and compute profiles which define the compute, storage, and networking details for the interconnect-dedicated appliances.

A network profile is an abstraction of a distributed port group, a standard port group, or an NSX logical switch, and the Layer 3 properties of that network. A network profile is a sub-component of a complete compute profile.

The compute profile:

Provisions the infrastructure at the source and the destination site.
Provides the placement details (resource pool, datastore, and so on) where the system places the appliances.
Defines the networks which the appliances connect to.
Defines which network containers are eligible for HCX Network Extension operations.

This design consumes a NSX Logical Overlay construct as the means for extending NSX logical segments. You can use utilize multiple network containers within the compute profile but the impact would be that the network pool IP's would need to extend to accomodate the additional VMware HCX service appliances, that will dynamically get deployed to support the additional network container.

Table 3. Design Decisions on Service Mesh for VMware HCX
Decision ID	Design Decision	Design Justification	Design Implication
CCM-HCX-CFG-005	Create a management network profile using the management network distributed switch port group and assign Management and HCX Uplink traffic types.	Provides management network configuration details used when deploying VMware HCX service appliances.	None.
CCM-HCX-CFG-006	Assign the management network profile a pool of 5 IP address from the VI workload domain management VLAN.	Provides a pool of IP addresses that can dynamically be assigned to the VMware HCX service appliances.	Requires the allocation of a static pool of IP addresses from the VI workload domain management VLAN.
CCM-HCX-CFG-007	Create a vMotion network profile using the vMotion network distributed switch port group and assign vMotion traffic type.	Provides vMotion network configuration details used when deploying VMware HCX service appliances.	None.
CCM-HCX-CFG-008	Assign the vMotion network profile a pool of 5 IP address from the VI workload domain vMotion VLAN.	Provides a pool of IP addresses that can dynamically be assigned to the VMware HCX service appliances.	Requires the allocation of a static pool of IP addresses from the VI workload domain vMotion VLAN.
CCM-HCX-CFG-009	Create a compute profile and activate all available VMware HCX services.	Provides the compute, storage, and network settings that VMware HCX uses to deploy the interconnect-dedicated appliances when a Service Mesh is added.	Services that can be activated are dependent on the VMware HCX license applied during the activation of the HCX Connector.
CCM-HCX-CFG-010	Assign the VI workload domain cluster as a resource to the compute profile.	Provides compute capacity for the interconnect-dedicated appliances when a Service Mesh is added.	None.
CCM-HCX-CFG-011	Assign a vSphere resource pool as a container to the compute profile.	Provides a container to group the interconnect-dedicated appliances and the ability to configure resource priorities.	You must manually create a resource pool before configuring the compute profile.
CCM-HCX-CFG-012	Assign a virtual machine folder as a container to the compute profile.	Provides organization of the appliances in the management domain vSphere inventory.	You must manually create a virtual machine folder before configuring the compute profile.
CCM-HCX-CFG-013	Assign the management and vMotion network profiles to the compute profile.	Provides network settings for the interconnect-dedicated appliances when a Service Mesh is added.	None.
CCM-HCX-CFG-014	Create a Service Mesh between the VMware Cloud Foundation instance and VMware Cloud on AWS SDDC.	Provides an interconnect between on-premises and the VMware Cloud on AWS environments to enable extending VMware Cloud Foundation networks to facilitate workload mobility without the need to re-IP application virtual machines.	None.