Deploying a Software-Defined Data Center is the first step for using the VMware Cloud on AWS service. After you deploy the SDDC, you can view information about it and perform management tasks.
There are several actions to be considered before deploying your SDDC.
Connected AWS Account
When you deploy your SDDC on VMware Cloud on AWS, it is created within an AWS account and a VPC dedicated to your organization and managed by VMware. You must also connect the SDDC to an AWS account belonging to you, called the customer AWS account . This connection allows your SDDC to access AWS services belonging to your customer account.
You can deploy one, two or multiple hosts on VMware Cloud on AWS.
If you are deploying a Single Host SDDC, you can delay linking your customer AWS account for up to two weeks. You cannot scale up a Single Host SDDC to a multiple host SDDC until you link an AWS account. If you are deploying a multiple host SDDC, you must link your customer AWS account when you deploy the SDDC.
AWS VPC Configuration and Availability Requirements
- The subnet must be in an AWS Availability Zone (AZ) where VMware Cloud on AWS is available. Start by creating a subnet in every AZ in the AWS Region where the SDDC will be created. It helps you identify all AZs where an SDDC can be deployed and select the one that best meets your SDDC placement needs, whether you want to keep your VMC workloads close to or isolated from your AWS workloads running in a particular AZ. See Creating a Subnet in Your VPC in the AWS documentation for information about how to use the Amazon VPC console to create a subnet in your VPC.
- The subnet must exist in the connected AWS account. It cannot be one owned by and shared from another account.
- The AWS account being linked must have sufficient capacity to create a minimum of 17 ENIs per SDDC in each region where an SDDC is deployed. Although you cannot provision more than 16 hosts in a cluster, SDDC operations including planned maintenance and Elastic DRS can require us to temporarily add as many as 16 more hosts, so we recommend using an AWS that has sufficient capacity for 32 ENIs per SDDC per region.
- We recommend dedicating a /26 CIDR block to each SDDC and not using that subnet for any other AWS services or EC2 instances. Because some of the IP addresses in this block are reserved for internal use, a /26 CIDR block is the smallest subnet that can accommodate SDDC IP address requirements.
- Any VPC subnets on which AWS services or instances communicate with the SDDC must be associated with the main route table of the connected VPC. Use of a custom route table or replacement of the main route table is not supported. By default, AWS limits the size of the main route table to 50 routes. Because the main route table must accommodate an entry for each routed SDDC network segment as well as the management network CIDR and any additional routes you create directly in your AWS account, the default limit might not be adequate for your SDDC networks, especially if you connect more than one SDDC to the VPC. You can request a route table size increase as described in Amazon VPC quotas.
- If necessary, you can link multiple SDDCs to a VPC if the VPC subnet used for ENI connectivity has a large enough CIDR block to accommodate them. Because all SDDCs in a VPC use the same main route table, make sure that network segments in those SDDCs do not overlap with each other or the VPC's primary CIDR block. Workload VMs on routed SDDC networks can communicate with all subnets in the VPC's primary CIDR block, but are unaware of other CIDR blocks that might exist in the VPC.
AWS Elastic IP Requirements
|Management||Provides VMware support with access to your SDDC.|
|Management Gateway (MGW) SNAT||Provides the SNAT address for traffic egressing the MGW to the Internet.|
|Compute Gateway (CGW) SNAT||Provides the default SNAT address for traffic egressing the CGW to the Internet.|
|vCenter Server Public IP||Provides the IP address used for vCenter Server when the vCenter FQDN is set to Public IP. See Set vCenter Server FQDN Resolution Address. This EIP is always consumed, even if you set the vCenter FQDN to Private IP.|
Single Host SDDC starter Configuration for VMware Cloud on AWS
You can jump start your VMware Cloud on AWS experience with a Single Host SDDC starter configuration. This is a time-limited offering designed for you to prove the value of VMware Cloud on AWS in your environment. The service life of a Single Host environment is limited to 30 days. At any point during the service life of a Single Host SDDC, you can scale it up to a production configuration with two or more hosts with no loss of data. If you do not scale up the Single Host SDDC before the end of the service life, the SDDC is deleted along with all the workloads and data it contains.
Stretched Clusters for VMware Cloud on AWS
You can create an SDDC with a cluster that spans two availability zones. A stretched cluster uses vSAN technology to provide a single datastore for the SDDC and replicate the data across both availability zones. If service in one availability zone is disrupted, workload VMs in the SDDC are brought up in the other availability zone.
The following restrictions apply to stretched clusters:
- The linked VPC must have two subnets, one in each AZ occupied by the cluster.
- A given SDDC can contain either standard (single availability zone) clusters or stretched clusters, but not a mix of both.
- You cannot convert a stretched cluster to a standard cluster or convert a standard cluster to a stretched cluster.
- You need a minimum of four hosts (two in each AZ) to create a stretched cluster. Hosts must be added in pairs.
For additional limitations that can affect stretched clusters, see VMware Configuration Maximums. You can enable VMware Site Recovery on your SDDC.
Connecting to the SDDC and Configuring SDDC Networks
Before you can migrate your workload VMs and manage them in VMware Cloud on AWS, you must connect your on-premises data center to your SDDC. You can use the public Internet, AWS Direct Connect, or both for this connection. You must also set up one or more Virtual Private Networks (VPNs) to secure network traffic to and from your SDDC, and configure SDDC networking and security features like firewall rules, DNS, and DHCP. The VMware Cloud on AWS Networking and Security guide has more information about how to do that.
Custom Core Counts
When you deploy your initial SDDC, all host CPUs in the initial SDDC cluster are enabled. You cannot disable any host CPUs in the initial SDDC cluster. However, if you deploy additional clusters, you can choose to disable some of the host CPUs in the cluster, which can help save on licensing costs for software that is licensed on a per-CPU basis. If you want to take advantage of this feature, plan the size of your initial cluster and subsequent clusters accordingly.
Credit Card Payments
If you choose to use a credit card to pay for your VMware Cloud on AWS SDDC, rather than SPP credits or another method, you will incur a one-time $200 pre-charge the first time you deploy an SDDC. Any SDDC usage in your first 60 days will be charged against this pre-charged amount. If you delete your initial SDDC before using up the $200, any remaining amount is not refunded, but the usage for any other SDDCs you deploy counts towards this amount. Usage beyond this amount will be charged to your credit card. If you reach the end of the 60 days without consuming the full $200 pre-charge, you forfeit any remainder. This pre-charge amount can only be used for VMware Cloud on AWS, and not other VMware Cloud services.