EVALUATION GUIDE - OCTOBER 2018 VMWARE CLOUD ON AWS. Evaluation Guide

Similar documents
Launching Xacta 360 Marketplace AMI Guide June 2017

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

App Orchestration 2.6

Frequently Asked Questions

Dynamic Storage (ECS)

BMC Remedyforce Integration with Remote Support

These tasks can now be performed by a special program called FTP clients.

Getting Started with the SDAccel Environment on Nimbix Cloud

BMC Remedyforce Integration with Bomgar Remote Support

Release Notes. Dell SonicWALL Security firmware is supported on the following appliances: Dell SonicWALL Security 200

Secure File Transfer Protocol (SFTP) Interface for Data Intake User Guide

NiceLabel LMS. Installation Guide for Single Server Deployment. Rev-1702 NiceLabel

Dolby Conference Phone Support Frequently Asked Questions

Wave IP 4.5. CRMLink Desktop User Guide

User Guide. Document Version: 1.0. Solution Version:

DELL EMC VxRAIL vcenter SERVER PLANNING GUIDE

Enterprise Installation

istartsmart 3.5 Upgrade - Installation Instructions

September 24, Release Notes

Packet Tracer - Configuring a Zone-Based Policy Firewall (ZPF)

Campuses that access the SFS nvision Windows-based client need to allow outbound traffic to:

Enabling Your Personal Web Page on the SacLink

Integrating QuickBooks with TimePro

Managing Your Access To The Open Banking Directory How To Guide

Using the Swiftpage Connect List Manager

File Share Navigator Online

Troubleshooting Citrix- Published Resources Configuration in VMware Identity Manager

Using the Swiftpage Connect List Manager

Amazon Lab: Deploying applications on AWS

CounterSnipe Software Installation Guide Software Version 10.x.x. Initial Set-up- Note: An internet connection is required for installation.

FollowMe. FollowMe. Q-Server Quick Integration Guide. Revision: 5.4 Date: 11 th June Page 1 of 26

ClassFlow Administrator User Guide

UDS Enterprise Configuring UDS Enterprise in HA

Telkom VPN-Lite router setup User Manual Billion 810VGTX

Telkom VPN-Lite router setup User Manual Billion 800VGT

Course Overview Basic Linux commands like working with files and directories is desired.

Dear Milestone Customer,

CaseWare Working Papers. Data Store user guide

1 Getting and Extracting the Upgrader

Spectrum Enterprise SIP Trunking Service Zultys MX Phone System v9.0.4 IP PBX Configuration Guide

Exercise 1: Deploying Windows Server 2012

DIVAR IP 3000 Field Installation Guide

Release Notes. Dell SonicWALL Security BETA

Welcome to Remote Access Services (RAS) Virtual Desktop vs Extended Network. General

Adverse Action Letters

Repstor custodian. On Premise Pre-Requisites. Document Version 1.1 January 2017

LiveEngage and Microsoft Dynamics Integration Guide Document Version: 1.0 September 2017

Date: October User guide. Integration through ONVIF driver. Partner Self-test. Prepared By: Devices & Integrations Team, Milestone Systems

The screenshots/advice are based on upgrading Controller 10.1 RTM to 10.1 IF6 on Win2003

Quick Start Guide for EAB Campus Advisors

Procurement Contract Portal. User Guide

Please contact technical support if you have questions about the directory that your organization uses for user management.

Troubleshooting Citrix- Published Resources Configuration in VMware Identity Manager

Power365. Quick Start Guide

Gemini Intercom Quick Start Guide

Deploy Your First Cloud Foundry App to Any Cloud Foundry Service Provider

INSTALLING CCRQINVOICE

CCNA Security v2.0 Chapter 9 Exam Answers

VMware EVO:RAIL Customer Release Notes

Installing AX Server with PostgreSQL

Kaltura Video Extension for SharePoint 2013 Deployment Guide for Microsoft Office 365. Version: 1.0

Outlook Web Application (OWA) Basic Training

USER GUIDE. Thanks for purchasing the igate! You ll need to follow these five Configuration Steps to get your igate up and running:

Packet Tracer - Skills Integration Challenge Topology

USER MANUAL. RoomWizard Administrative Console

Municode Website Instructions

AvePoint Discovery Tool 3.5. User Guide

SafeDispatch SDR Gateway for MOTOROLA TETRA

Tips For Customising Configuration Wizards

VISITSCOTLAND - TOURS MANAGEMENT SYSTEM Manual for Tour Operators

DocAve Governance Automation 2

DocAve 6 Deployment Manager

SANsymphony Installation and Getting Started Guide. November 7, 2016

CNS-222-1I: NetScaler for Apps and Desktops

HPE AppPulse Mobile. Software Version: 2.1. IT Operations Management Integration Guide

ROCK-POND REPORTING 2.1

How to Guide. DocAve Extender for MOSS 2007 and SPS Installing DocAve Extender and Configuring a Basic SharePoint to Cloud Extension

Pexip Infinity Secure Mode Deployment Guide

RISKMAN REFERENCE GUIDE TO USER MANAGEMENT (Non-Network Logins)

Implementing Microsoft Azure Infrastructure Solutions Syllabus

IMPORTING INFOSPHERE DATA ARCHITECT MODELS INFORMATION SERVER V8.7

Exosoft Backup Manager

CROWNPEAK DESKTOP CONNECTION (CDC) INSTALLATION GUIDE VERSION 2.0

SMART Room System for Microsoft Lync. Software configuration guide

Pexip Infinity Secure Mode Deployment Guide

Release Type: Firmware Software Hardware New Product

Kaltura MediaSpace TM Enterprise 2.0 Requirements and Installation

STIDistrict AL Rollover Procedures

INTELLISNAP. TECHNOLOGY QUICK START GUIDE Pure Storage FlashArray. Publish Date: July 30, 2015 Distribution: Public Author: Jonathan Howard

AvePoint Meetings Pro 4.3 for SharePoint On-Premises. Installation and Configuration Guide

OASIS SUBMISSIONS FOR FLORIDA: SYSTEM FUNCTIONS

INSERTING MEDIA AND OBJECTS

Advanced and Customized Net Conference Powered by Cisco WebEx Technology

TN How to configure servers to use Optimise2 (ERO) when using Oracle

Element Creator for Enterprise Architect

ClubRunner. Volunteers Module Guide

To start your custom application development, perform the steps below.

HW4 Software version 3. Device Manager and Data Logging LOG-RC Series Data Loggers

TRAUMACAD 2.5 PREREQUISITES

Avigilon Control Center Server User Guide. Version 6.4

Transcription:

EVALUATION GUIDE - OCTOBER 2018 VMWARE CLOUD ON AWS Evaluatin Guide

Table f Cntents Intrductin 4 Intended Audience... 4 Assumptins... 4 User Interface Walkthrugh 4 Clud Cnsle Walkthrugh... 4 VMware Clud n AWS Walkthrugh... 5 SDDC Deplyment 5 SDDC Prperties... 6 Cnnect t AWS... 6 VPC and Subnet... 7 Cnfigure Netwrk... 7 Initial Netwrk Cnfiguratin 8 Firewall Rule Management... 8 Lgin t vcenter Server 9 AWS Accunt Linking 10 Cnnect t AWS... 10 VPC and Subnet... 11 Netwrk Cnfiguratin 11 Netwrk Segment Creatin... 12 Management Gateway VPN Setup... 12 Cmpute Gateway VPN Setup... 13 L2 VPN Setup... 14 NAT Setup... 14 Firewall Rule Management... 15 AWS Services Integratins 17 Enable Inbund ENI Traffic n the Cmpute Netwrk... 17 Enable Outbund ENI Traffic n the Cmpute Netwrk... 17 Enable Crss-ENI Traffic n the AWS Security Grup... 18 Enable S3 Traffic Acrss the ENI... 19 Add Cntent Library t vcenter frm S3... 20 Deply a VM frm the S3 Cntent Library... 21 Enable EC2 Instances t Cmmunicate with VMs... 22 Enable VMs t use RDS Databases... 26 Enable VMs t use Applicatin Lad Balancers... 30 Hybridity and Mbility 34 Hybrid Linked Mde... 34 Cld VM Migratins... 37 Live VM Migratins... 38

Cnclusin 39

Intrductin The purpse f this guide is t supprt a self-guided evaluatin f VMware Clud n AWS. This guide shuld allw custmers t walk thrugh the different features and fferings in the VMware Clud n AWS service, and allw them t cnfigure and test each ne. Intended Audience This guide is intended fr custmers wh wish t evaluate VMware Clud n AWS. Althugh the majrity f the VMware Clud n AWS features are fund in bth the single-nde ffering and the 4-nde ffering, this guide was created using a single-hst envirnment and as such, will have several variances t the larger ffering based n resurces, high-availability, etc. Assumptins This guide assumes that yu have already received access t VMware Clud n AWS, created with a MyVMware accunt, and have added an Organizatin. User Interface Walkthrugh Once yu have created a VMware Clud n AWS accunt and created an Organizatin, it is time t explre the user interface (UI). The main UI fr all VMware Clud Services is knwn as the Clud Cnsle. This is als where ther infrmatin is lcated, such as Organizatin based management, billing and subscriptin access, supprt, and individual user accunt access. Clud Cnsle Walkthrugh Lgin t the Clud Cnsle: https://cnsle.clud.vmware.cm/ Click Services, if it s nt already selected This tab shws the VMware Clud Services yu already have access t, such as VMware Clud n AWS, and ther services yu have the ability t request fr use. Each tile can be interacted with, allwing yu t access the service r t request access t the services. Click Identity & Access Management This tab shws Organizatin infrmatin. Here we can als invite new users, change permissins fr existing users, and remve users. Click Billing & Subscriptins This tab allws us t view billing infrmatin. Nte: a VMware ID will be needed t use this tab. Click Supprt Center

This tab allws us t view and create VMware supprt requests. Nte: a VMware ID will be needed t use this tab. VMware Clud n AWS Walkthrugh Access the VMware Clud n AWS Service thrugh ne f the fllwing methds: Click Services, then click VMware Clud n AWS Click the area with 6 bxes n the tp right crner, then click VMware Clud n AWS Click SDDCs, if it s nt already selected This tab shws us the SDDCs in ur envirnment, alng with any additinal infrmatin such as: Status, hardware metrics, and links t mre infrmatin. Click Subscriptins This tab shws VMware Clud n AWS subscriptin statuses Click Activity Lg This tab shws a list f the recent tasks, including infrmatin such as: type, time, SDDC, username, assciated event. Click Tls This tab gives easy access t tls, such as the Cntent Onbarding Assistant and vcenter Clud Gateway, which help using the VMware Clud n AWS service easier. Click Develper Center This tab gives easy access t develper and autmatin specialist resurces such as: API Explrer, cde samples, SDKs, ther dwnlads. SDDC Deplyment Nw that we have becme familiar with the UI, the next step is t deply a new Sftware-Defined Data Center (SDDC). We will walk thrugh the steps it takes t deply an SDDC. Frm the SDDCs tab, click CREATE SDDC.

SDDC Prperties Select an AWS Regin frm the drpdwn bx. This is where yur SDDC will be deplyed. Select the apprpriate Deplyment ptin Fr a Stretched Cluster deplyment, chse Multi-Hst and check the bx fr Stretched Cluster Enter a name fr the new SDDC Chse the desired Number f Hsts In the case f a Single Hst deplyment, this ptin will be unavailable Click Next Cnnect t AWS SDDC deplyments are required t cnnect t an AWS accunt, regardless f whether the user intends t leverage AWS Services with their VMware stack r nt. With single hst deplyments, a user has the ptin t skip the accunt assciatin prcess fr up t 14 days after an SDDC has been deplyed. When deplying a single hst SDDC and pting nt t assciate an AWS accunt: Chse Skip fr nw Nte: On the SDDCs tab, yu will see reminders f hw many days are remaining befre an AWS accunt has t be cnnected.

Click Next, and skip t Cnfigure Netwrk Fr all ther deplyment ptins and yu have an AWS accunt with a cnfigured VPC in the previusly selected SDDC regin: Chse Cnnect t AWS nw Click OPEN AWS CONSOLE WITH CLOUDFORMATION TEMPLATE Lgin t AWS with yur username and passwrd Check I acknwledge that AWS CludFrmatin might create IAM resurces Click Create Return t the VMware Clud n AWS SDDC Deply tab and wait fr the accunt linking prcess t cmplete After receiving the Cngratulatins! message, click Next VPC and Subnet After yur SDDC t an AWS accunt, yu will be prmpted t select the crrect VPC and the crrespnding subnet that yu prefer the SDDC t cnnect t. Frm the VPC drp dwn, select the desired VPC Frm the Subnet drp dwn, select the desired subnet Nte: Fr stretched cluster deplyments, yu will be prmpted t select tw subnets. Click Next Cnfigure Netwrk In rder t interact between yur VPC and n-premises envirnment/s, yu must ensure that the management and cmpute netwrks in VMware Clud n AWS d nt verlap subnets in either lcatin. Input the desired subnet fr the Management netwrk. Nte: The default subnet f 10.2.0.0/16 will be used if ne is nt entered. Select DEPLOY SDDC The SDDC will begin t deply and shuld be ready fr use in rughly tw hurs.

Nte: T avid crss AZ traffic charges, we recmmend ensuring that the SDDC deplys int the same availability zne as the subnet chsen here. Initial Netwrk Cnfiguratin Once the SDDC finishes deplying, the next step will be t establish cnnectivity t the vcenter Server. The easiest way t d this is by creating a firewall rule. This firewall rule will allw netwrk cnnectivity t the public IP assigned t the vcenter Server. Firewall Rule Management Within the SDDC, click n the Netwrk & Security tab Beneath the Security sectin, select Edge Firewall Ensure Management Gateway is highlighted, click ADD NEW RULE Create a firewall rule with the fllwing settings: Enter a valid name, example: vcenter Inbund Rule Public Click Set Surce, ensure Any is selected, click SAVE Click Set Destinatin, checkmark vcenter, click SAVE Click in the Services sectin, select HTTPS (TCP 443) Click PUBLISH

Lgin t vcenter Server Each deplyed vcenter will have a set f default administratr credentials t be used until an identity surce is added r additinal users have been added. Use the default credentials t lgin t vcenter. Click n the Settings tab Expand vsphere Client (HTML5) Click n the URL link t pen the vsphere Client Returning t the Clud Cnsle page, expand Default vcenter User Accunt Cpy and paste the User name and Passwrd int their crrespnding textbxes n the vsphere Client lgin page. Click Lgin

AWS Accunt Linking If yu chse t delay accunt linking t AWS during the SDDC deplyment, yu may fllw the steps here t establish yur accunt s cnnectin t AWS. If yu linked an accunt t AWS during deplyment, yu may skip this sectin. Cnnect t AWS On the main screen f the SDDC, click CONNECT TO AWS ACCOUNT Click OPEN AWS CONSOLE WITH CLOUDFORMATION TEMPLATE Lgin t AWS with yur username and passwrd Check I acknwledge that AWS CludFrmatin might create IAM resurces Click Create Return t the VMware Clud n AWS SDDC Deply tab, waiting fr the accunt linking prcess t cmplete Once yu see the Cngratulatins! message, click Next

VPC and Subnet Frm the VPC drp dwn, select the desired VPC Frm the Subnet drp dwn, select the desired subnet Click Next Nte: T avid crss AZ traffic charges, we recmmend ensuring that the SDDC deplys int the same availability zne as the subnet chsen here. Netwrk Cnfiguratin VMware Clud n AWS SDDCs ffer the flexibility t easily manage cnnectivity within the public clud as well as the cnnectin t n-premises envirnments. We will walk thrugh sme f the mre cmmn examples.

Netwrk Segment Creatin Netwrk segments are the backend fr prt grups used by VMs in the SDDC. We will create tw example segments, ne nt using DHCP and ne which des. Within the SDDC, click the Netwrk & Security tab Beneath the Netwrk sectin, click Segments Click Add Segments Give the segment a name, such as: VMC-192.168.8-Static Ensure Ruted is selected Fr Gateway/Prefix Length, enter the gateway fllwed by the subnet mask. Example: 192.168.8.1/24 Add 192.168.8.1 as the Default Gateway IP Click SAVE Click Add Segments Assign the netwrk a name, such as: VMC-192.168.10-DHCP Ensure Ruted is selected Fr Gateway/Prefix Length, enter the gateway fllwed by the subnet mask. Example: 192.168.10.1/24 Fr DHCP, select Enabled frm the drp-dwn bx Enter the desired DHCP IP Range, example: 192.168.10.2-192.168.10.254 Click SAVE Management Gateway VPN Setup A Management Gateway VPN enables easy cnnectivity frm n-premises t yur SDDC fr items like hybridity and wrklad mbility. This prcess is ptinal and nt required fr standalne envirnments. Within the SDDC, click the Netwrk & Security tab Beneath the Netwrk sectin, expand VPN, click Plicy Based

Click Add VPN Give the VPN a name, such as: Management VPN Fr Lcal IP Address, select the apprpriate public IP frm the drp-dwn ptins Fr Remte Public IP, enter the public IP fr the n-premises VPN Fr Remte Netwrks, add the n-premises netwrk subnet that will cmmunicate n the VPN Fr Lcal Netwrks, chse the SDDC based netwrk which will cmmunicate ver the VPN. Example: Infrastructure Subnet Select the Encryptin, Perfect Frward Secrecy, Diffie Hellman, IKE Versin, and SHA Versin that match yur n-premises VPN settings Enter the Pre-Shared Key frm yur n-premises VPN cnfiguratin Click SAVE Cmpute Gateway VPN Setup A Cmpute Gateway VPN enables lcal VM cnnectivity t utside resurces, like an n-premises envirnment and/r an AWS VPC. This prcess is ptinal and nt required fr standalne envirnments. Within the SDDC, click the Netwrk & Security tab Beneath the Netwrk sectin, expand VPN, click Plicy Based Click Add VPN Give the VPN a name, such as: Cmpute VPN Fr Lcal IP Address, select the apprpriate public IP frm the drp-dwn ptins Fr Remte Public IP, enter the public IP fr the n-premises VPN Fr Remte Netwrks, add the n-premises netwrk subnet that will cmmunicate n the VPN Fr Lcal Netwrks, add the SDDC based netwrk which will cmmunicate ver the VPN. Example: sddc-cgw-netwrk-1

Select the Encryptin, Perfect Frward Secrecy, Diffie Hellman, IKE Versin, and SHA Versin that match yur n-premises VPN settings Enter the Pre-Shared Key frm yur n-premises VPN cnfiguratin Click SAVE L2 VPN Setup Within the SDDC, click the Netwrk & Security tab Beneath the Netwrk sectin, expand VPN, click Layer 2 Click Add VPN Tunnel Fr Lcal IP Address, select the apprpriate IP frm the drp-dwn ptins Fr Remte Public IP, enter the public IP fr the n-premises VPN Click Save Click Add Extended Segment Fr Name, enter the segment name. Example: VMC-L2-1234 Fr Tunnel ID, enter the tunnel ID. Example: 1234 Click Save NAT Setup Within the SDDC, click the Netwrk & Security tab

Beneath the Netwrk sectin, click NAT Click Add NAT Rule Nte: if this is the first NAT rule yu ve created, there will be a prmpt t Request Public IP fr usage. Give the NET Rule a name, such as: Jumpbx RDP NAT Fr Public IP, select the apprpriate public IP frm the drp-dwn ptins Fr Service, select the apprpriate service/s frm the drp-dwn. Example: RDP Fr Internal IP, chse a valid IP address frm a VM in the envirnment. Example: 192.168.8.25 Click Save Firewall Rule Management We will cntinue the abve example by creating a firewall rule t allw inbund access t ur new NAT rule. Within the SDDC, click n the Netwrk & Security tab Beneath the Security sectin, select Edge Firewall Select Cmpute Gateway, and click Add New Rule Create a firewall rule with the fllwing settings: Enter a valid name, example: Jumpbx Inbund Rule Public Click Set Surce, checkmark Any, click SAVE Click Set Destinatin, click Create New Grup Enter a grup name, such as: Jumpbx Fr Member Type, chse IP Address frm the drp-dwn Fr Members, enter the Public IP address frm the NAT rule creatin prcess

Click Save Click Save Click Set-Service sectin, select RDP, click Save Click PUBLISH Additinal cmmn VPN Rules may want t be created including the fllwing: Accessing a VM s Remte Cnsle Gateway: Management Surce: Inbund IP address, subnet, r Any Destinatin: ESXi Service: Remte Cnsle (TCP 903) vcenter cnnectin t n-premises envirnment via Management Gateway VPN Gateway: Management Surce: vcenter Destinatin: n-premises subnet Service: Any On-premises cnnectin t vcenter fr management via Management Gateway VPN Gateway: Management Surce: Inbund IP address, subnet, r Any Destinatin: vcenter Service: HTTPS (TCP 443) On-premises cnnectin t ESXi fr uplads via Management Gateway VPN Gateway: Management Surce: Inbund IP address, subnet, r Any Destinatin: ESXi

Service: Prvisining (TCP 902) AWS Services Integratins Wrklad integratins with AWS services is ne f the mst appealing benefits fr custmers wh already are running wrklads in AWS. Here yu will walk thrugh steps t enable cmmunicatin between the VMware stack and AWS service. Enable Inbund ENI Traffic n the Cmpute Netwrk Within the SDDC, click n the Netwrk & Security tab Beneath the Security sectin, select Cmpute Gateway Click Add New Rule Create a firewall rule with the fllwing settings: Enter a valid name, example: ENI Inbund Click Set Surce, checkmark Any, click SAVE Click Set Destinatin, checkmark Cnnected VPC Prefixes, click Save Click Set-Service sectin, select Any, click Save Fr Applied T, remve All Uplinks, and add VPC Interface Click PUBLISH Enable Outbund ENI Traffic n the Cmpute Netwrk Within the SDDC, click n the Netwrk & Security tab Beneath the Security sectin, select Cmpute Gateway Click Add New Rule Create a firewall rule with the fllwing settings: Enter a valid name, example: ENI Outbund

Click Set Surce, checkmark Cnnected VPC Prefixes, click Save Click Set Destinatin, checkmark Any, click Save Click Set-Service sectin, select Any, click Save Fr Applied T, remve All Uplinks, and add VPC Interface Click PUBLISH Enable Crss-ENI Traffic n the AWS Security Grup Yu have cnfigured inbund and utbund traffic fr AWS services acrss the ENI frm the SDDC-side f the envirnment. Nw, yu must als allw traffic int and ut f the AWS VPC using the AWS Security Grups. Open a new brwser tab and lgin t yur AWS accunt at: https://cnsle.aws.amazn.cm Click n EC2 In the left-pane, scrll dwn and click n Security Grups Select the Security Grup fr the assciated VPC that is cnnected t the SDDC. Select the Inbund tab Click the Edit buttn Click Add Rule Under Type, select All traffic Under Surce, select Custm frm the drp-dwn bx and enter 192.168.0.0/16 in the crrespnding textbx Under Descriptin, type VM Traffic Click Save

Select the Outbund tab Click Edit Click Add Rule Under Type, select All traffic Under Destinatin, select Custm frm the drp-dwn bx and enter 192.168.0.0/16 in the crrespnding textbx Under Descriptin, type AWS Traffic Click Save Enable S3 Traffic Acrss the ENI Once we ve enabled cmmunicatins acrss the Elastic Netwrk Interface, we can enable an S3 Endpint and allw all S3 traffic t navigate ver the ENI rather than ut the Internet Gateway (IGW). Within the AWS Cnsle, Select VPC Click n EC2 In the left-pane, find and click Endpints Click Create Endpint Under Service categry, click AWS Services Find and select cm.amaznaws.us-[yur regin].s3 In the VPC cmb-bx, select the VPC linked t the SDDC Select the crrespnding rute table fr the endpint Find and click Create Endpint

Add Cntent Library t vcenter frm S3 Adding a Cntent Library allws users t quickly and easily begin deplying templates int their clud SDDC. This task will walk yu thrugh the steps f adding a pre-created Cntent Library, which shuld nly be used with the Evaluatin Guide. Lgin t yur SDDC s vsphere Client Click Menu Select Cntent Libraries Click the Add symbl Name the Cntent Library vexpert-cntent-library Click Next Select Subscribed cntent library Paste the fllwing URL int the Subscriptin URL : https://s3-us-west-2.amaznaws.cm/vexpert-cntentlibrary/lib.jsn Fr the Dwnlad Cntent entry, select Immediately Click NEXT Accept the SSL thumbprint f the certificate by clicking YES Select WrkladDatastre Click NEXT Click FINISH

Nte: At this pint, the Cntent Library will begin t sync. This prcess may take 15-20 minutes depending n the current size f the Cntent Library. Yu can refresh the vsphere Client peridically t see the number f templates and the strage cnsumed values. Deply a VM frm the S3 Cntent Library Once the Cntent Library has been added t the clud SDDC, and the data sync d, we can nw begin deplying virtual machines frm the Cntent Library int ur envirnment. Lgin t the SDDC s vsphere Client Click Menu Select Cntent Libraries Select the vexpert-cntent-library Click Templates Right-Click Server-2012-r2 and select New VM frm This Template Give the VM a name, such as Server-2012-01 Expand SDDC-Datacenter Select the Wrklads flder

Click Next Expand Cluster-1, select Cmpute-ResurcePl Click Next On the Review Details page, click Next Select the WrkladDatastre Select the sddc-cgw-netwrk-1 Destinatin Netwrk Click Next Click Finish t deply the VM Enable EC2 Instances t Cmmunicate with VMs Many custmers are excited abut the ability t allw EC2 instances t cmmunicate with VMware virtual machines. This capability prvides custmers with the ability t chse which applicatins run n each technlgy. In this task we will deply an EC2 instance that we will use t ping a VM wrklad with its private IP, and vice versa. Frm within the AWS Cnsle, select EC2 Click Instances Click Launch Instance

Find and select Micrsft Windws Server 2016 Base Select t2.micr Free tier eligible Click Next: Cnfigure Instance Details Under Netwrk, select the VPC that is cnnected t yur SDDC Under Subnet, select the subnet f the SDDC Under Aut-assign Public IP, select Enable Click Next: Add Strage Click Next: Add Tags Click Add Tag Cnfigure the fllwing values: Key = Name Value = Test EC2 t VM Click Next: Cnfigure Security Grup Chse Select an existing security grup Select the security grup cnfigured in the previus steps. Nte: We will need t add additinal rules after the EC2 instance is deplyed. Select Review and Launch Select Launch Create a new Key Pair Give the new key pair a name Click Dwnlad Key Pair

Click Launch Instances While we wait rughly 5 minutes fr the instance t be in a running state, we can g ahead and edit the security grup cnfiguratin. Click View Instances Scrll dwn in the left-pane and click n Security Grups Select the crrespnding Security Grup and click the Inbund tab Click Edit Click Add Rule Cnfigure the rule as fllws: Click Save Type = RDP Surce = 0.0.0.0/0 (r yur public IP if yu chse) Descriptin = RDP t EC2 Test Instance In the left-pane, find and select Instances Select the instance yu previusly deplyed and click Cnnect Dwnlad the Remte Desktp File t yur lcal machine Click Get Passwrd Click Chse File next t Key Pair Path and select the Key Pair yu created when deplying this instance. Click Decrypt Passwrd

Cpy the passwrd and pen an RDP sessin t yur EC2 instance using the Remte Desktp File Befre we begin wrking in the EC2 instance, lgin t the SDDC s vsphere Client, select the Server-2012-01 VM and take nte f its IP Address frm the VM summary page Nte: If the VM is nt pwered n, pwer it n at this pint and wait fr the IP Address t ppulate. Return t the RDP sessin and pen the cmmand prmpt Ping the IP address f Server-2012-01 Nte: Yu are pinging an internal IP address lcated in the VMware Clud n AWS accunt frm an internal IP address f an EC2 instance running in yur wn AWS accunt

If yu wish t terminate the EC2 instance t avid hurly charges, clse the RDP sessin and return t the AWS Cnsle Select yur EC2 Instance and click Actins Maneuver t Instant State > Terminate The EC2 Instance will pwer ff and be deleted Enable VMs t use RDS Databases Just like custmers are able t use EC2 Instances with VMware virtual machines, ur virtual machines can take advantage f the Relatinal Database Service (RDS) and cnnect t databases in AWS. Lgin t yur Clud SDDC vcenter Click Menu and select Cntent Libraries Select the vexpert-cntent-library and click Templates Right-Click Lychee-Autmated-Dem and click New VM frm This Template Name yur VM Frntend-With-RDS Expand SDDC-Datacenter Select the Wrklads flder Click Next Expand Cluster-1 and select Cmpute-ResurcePl Click Next Click Next n the Review Details page Select the WrkladDatastre

Select the sddc-cgw-netwrk-1 Destinatin Netwrk Click Next Click Finish t deply the VM Once the VM is deplyed, Pwer-n the VM Open the AWS Cnsle Click Services and select RDS Click Get Started Nw Select MySQL Click Next Select Dev/Test MySQL, then click Next Scrll dwn t DB instance class Select db.t2.micr Scrll dwn t Settings Cnfigure the fllwing settings: Click Next DB instance identifier = vmc Master username = vmcadmin Master passwrd = VMware1! In Netwrk & Security, select the VPC that is cnnected t yur SDDC Ensure Public accessibility is set t N Select the Availability Zne where yu deplyed yur SDDC

Chse existing VPC security grups and ensure the Security Grup yu cnfigured earlier is selected. Under Database ptins Name the database MySQL_VMC Scrll dwn t Backup Change the Backup retentin perid t 0 days Scrll t the bttm and click Launch DB instance Click View DB instance details Refresh the page peridically until DB instance status shws available Scrll dwn until yu see the Endpint address Keep this tab available and g back t vcenter Server

Click n the Frntend-With-RDS VM Click Launch Web Cnsle Select the new tab with the web cnsle and lgin t the ubuntu VM Lgin with credentials: User: brian Passwrd: VMw@re123 Open Firefx and g t 127.0.0.1 Here ur web applicatin is asking fr the database credentials fr ur RDS instance. Click Cnnect RDS Endpint Address Username = vmcadmin Passwrd = VMware1! Database name = MySQL_VMC

Enter the fllwing credentials: User = vmc passwrd = vmc Click Create Lgin Yu ve nw successfully cnnected a frnt-end VM t and RDS database. T test ut this app, yu can either request a public IP, add an http firewall rule, and NAT rule t this VM, r yu can mve n t the next sectin n using Applicatin Lad balancers and apply the same steps there, with the private IP f this VM. When yu are finished, select yur vmc RDS instance and click Instance Actins and select Delete t avid additinal hurly charges fr the instance. Enable VMs t use Applicatin Lad Balancers One f the easiest ways t take advantage f AWS services with webserver virtual machines is the Applicatin Lad Balancer (ELBv2). The ELBv2 allws fr frwarding HTTP/S traffic t private IP addresses alng with pinting t a specific EC2 instance. Lgin t yur Clud SDDC vcenter Click Menu and select Cntent Libraries Select the vexpert-cntent-library and click Templates Right-Click Frntend-Apache-01 and click New VM frm This Template Name yur VM Frntend-Apache-01 Expand SDDC-Datacenter Select the Wrklads flder

Click Next Expand Cluster-1 and select Cmpute-ResurcePl Click Next Click Next n the Review Details page Select the WrkladDatastre Select the sddc-cgw-netwrk-1 Destinatin Netwrk Click Next Click Finish t deply the VM Once the VM is deplyed, Pwer-n the VM Repeat the previus steps fr Frntend-Apache-02, 03, and 04 (03 and 04 are ptinal but it makes the lad balancer dem better t have 4 frnt-end web servers being used) Lgin t the AWS Cnsle Click Services and select EC2 In the left-pane, scrll dwn and select Target Grups Click Create target grup Enter the fllwing infrmatin: Target grup name = VM-Frntend-TG Prtcl = HTTP Prt = 80 Click Create Target type = IP VPC = [VPC the SDDC is cnnected t]

With ur new Target Grup selected, click the Targets tab Click Edit, Select the + buttn Under Netwrk, select Other private IP address Set Availability Zne t All Add the IP addresses f the 4 Frntend-Apache-* VMs ne by ne, and click Add t list Click Register In the left-pane scrll dwn and select Lad Balancers Click Create Lad Balancer Find Applicatin Lad Balancer and click Create Name yur lad balancer VMC-LB Scrll dwn t Availability Znes

Select the VPC that is linked t the SDDC Check the checkbx next t Availability Zne t select all AZ s Click Next: Cnfigure Security Settings Click Next: Cnfigure Security Grups Click Select an existing security grup Chse the Security Grup yu have cnfigured Click Next: Cnfigure Ruting Select Existing target grup next t Target Grup Select the VM-Frntend-TG Click Next: Register Targets Click Next: Review Click Create Click the hyperlink n the lad balancer VMC-LB and wait until it is finished prvisining While the lad balancer is prvisining, in the left-pane, select Security Grups Select yur Security Grup and select the Inbund tab Click Edit Click Add Rule Enter the fllwing infrmatin: Type = HTTP Surce = Custm, 0.0.0.0/0, ::/0

Descriptin = Lad Balancer Click Save Click back t the Lad Balancers page Cpy the DNS name address frm the lad balancer basic cnfiguratin and paste it in a new tab Yu will nw see a static webpage with the VM name that is being reslved. Click Refresh and watch as the Lad Balancer distributes the request between yur virtual machines When yu are finished with this dem, yu can delete the lad balancer and target grups frm yur AWS accunt. Hybridity and Mbility Hybrid Linked Mde Hybrid Linked Mde gives users the ability t lgin t their clud SDDC with their n-premises credentials, view and manage bth n-premises and clud resurces frm a single pane f glass, and migrate wrklads frm npremises t the clud. Nte: Yu must have VPN Cnnectivity t an n-premises envirnment t cntinue Lgin t yur VMware Clud n AWS Cnsle Click n yur SDDC Click the Netwrk tab Scrll dwn and expand DNS under Management Gateway Update the DNS servers t pint t yur n-premises DNS servers

Change the vcenter FQDN Reslutin t Private IP Click SAVE Lgin t yur Clud SDDC vcenter Click Menu and select Administratin Click Linked Dmains Under Add Identity Surce, click ADD Enter yur Active Directry Settings Nte: Fr mre infrmatin n finding these settings, see the fllwing vide: https://www.yutube.cm/watch?v=m28mr_u1lmq Enter Dmain administratr credentials fr Username and Passwrd Select Specific dmain cntrllers Enter the LDAP link t the DNS server(s)

Click OK Under Add Clud Administratrs Grup, click ADD Change the Identity Surce t the AD Dmain that was added in the previus steps Add an Active Directry Grup Under Link t On-premises Dmain, click LINK Add the address f yur n-premises Platfrm Services Cntrller Add yur SSO Dmain Name and credentials as shwn in the screensht belw

Click LINK The dmain shuld link successfully. Click OK Lgin t yur Clud SDDC vcenter with yur n-premises credentials Click n Hsts and Clusters Yu shuld nw see yur n-premises vcenter Server(s) alng with yur VMware Clud n AWS vcenter Server Cld VM Migratins Cld VM Migratins are migratins that ccur when a virtual machine is pwered ff. These are wrklads that can incur sme dwntime during a migratin and have the least strict requirements including bandwidth and latency. Nte: There are a cuple requirements befre perfrming a cld VM migratin. First, yu must have VPN Cnnectivity t an n-premises

envirnment. Secnd, Hybrid Linked Mde has t be enabled. Lastly, firewall rules must be cnfigured between the SDDC based hsts and the npremises hsts, bi-directinally, fr prt TCP 8000. Lgin t yur Clud SDDC vcenter with yur n-premises credentials Click n Hsts and Clusters Expand yur n-premises vcenter Select a pwered-ff VM frm yur n-premises envirnment Right-Click the VM and select Migrate Select Change bth cmpute resurce and strage and click NEXT Select the Cmpute-ResurcePl in yur Clud SDDC and click NEXT Select the WrkladDatastre and click NEXT Select the Wrklads flder and click NEXT In the Destinatin Netwrk drpdwn, select VMC-192.168.10- DHCP and click NEXT Click FINISH Yur n-premises virtual machine will begin t mve t VMware Clud n AWS Live VM Migratins Live VM Migratins, better knwn as vmtin, are migratins that ccur when a virtual machine is pwered n. There is n, r limited, dwntime invlved but d have strict requirements n bandwidth and latency. Nte: There are a cuple requirements befre perfrming a live VM migratin. First, yu must have VPN Cnnectivity t an n-premises envirnment. Secnd, Hybrid Linked Mde has t be enabled. Lastly, firewall rules must be cnfigured between the SDDC based hsts and the n-premises hsts, bidirectinally, fr prt TCP 8000. Lgin t yur Clud SDDC vcenter with yur n-premises credentials Click n Hsts and Clusters Expand yur n-premises vcenter Select a pwered-n VM frm yur n-premises envirnment Right-Click the VM and select Migrate

Select Change bth cmpute resurce and strage and click NEXT Select the Cmpute-ResurcePl in yur Clud SDDC and click NEXT Select the WrkladDatastre and click NEXT Select the Wrklads flder and click NEXT In the Destinatin Netwrk drpdwn, select VMC-192.168.10- DHCP and click NEXT Click FINISH Cnclusin Cngratulatins! Yu have nw cmpleted all f the tasks within the VMware Clud n AWS Evaluatin Guide. Please feel free t g back thrugh the guide and try the different tasks again r t just explre VMware Clud n AWS. Fr additinal questins/feedback/cmments, please email us at ask_vmc@vmware.cm.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback