Table Of ContentMODERN INFRASTRUCTURE
VMWARE CLOUD
WITH
ON AWStm
Transforming Applications and Operations
with a ‘Next-Gen’ Cloud Strategy
Martin Hosken
fm.indd 1 12-02-2021 21:12:54
Copyright © 2021 by Martin Hosken
Technical Reviewers:
Elena Krasteva, Senior Cloud Solutions Architect – VMware Cloud on AWS
All rights reserved. No part of this book may be reproduced or transmitted in any form or by any
means without written permission from the author.
Version 2.0 [January 2021]
ISBN 978-1-5272-8512-5
Warning & Disclaimer
Every effort has been made to make this book as complete and as accurate as possible, but
no warranty or fitness is implied. The information provided is on an “as is” basis. The authors,
VMware Press, VMware, and the publisher shall have neither liability nor responsibility to any
person or entity with respect to any loss or damages arising from the information contained in
this book.
The opinions expressed in this book belong to the author and are not necessarily those of
VMware. VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax
650-427-5001 www.vmware.com. Copyright 2019 VMware, Inc. All rights reserved. This product
is protected by U.S. and international copyright and intellectual property laws. VMware products
are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a
registered trademark or trademark of VMware, Inc. and its subsidiaries in the United States and/
or other jurisdictions. All other marks and names mentioned herein may be trademarks of their
respective companies.
fm.indd 2 12-02-2021 21:12:55
Table of Contents
About the Author ................................................................................................... vii
Foreword ................................................................................................................... ix
Preface ...................................................................................................................... xi
Chapter 1: Introduction to VMware Cloud on AWS .............................1
Chapter 2: Application Modernization in a Multi-cloud World ..........5
Challenges of a Multi-cloud Strategy ...................................................................5
Hybrid Cloud – What Does It Mean to Your Organization? ............................9
Benefits of the Homogeneous Approach ..........................................................11
Hybrid Cloud with Native Public Cloud ...............................................................12
Chapter 3: VMware Cloud on AWS Overview ...................................13
Data Center Modernization with Hybrid Cloud .................................................15
VMware Cloud on AWS Architecture ..................................................................17
Administrative Accounts and Organizations ......................................................18
Organizations .........................................................................................................................18
Master Organization .............................................................................................................19
VMware SDDC AWS Account and VPC ........................................................................20
Chapter 4: VMware Cloud SDDC Platform .........................................23
Compute Architecture ............................................................................................24
Host Compute Options and Configuration ....................................................................24
Management Components and Management Resource Pool .................................26
Large SDDC Configuration ................................................................................................28
Edge Scale-Out .....................................................................................................................28
DRS and vSphere HA Cluster Configuration .................................................................28
Compute Policies..................................................................................................................29
Simple Cluster Configuration and Flexible Resource Management ........................30
Automated Scalable Infrastructure with Elastic DRS ..................................................30
Rapid Scale-out with Elastic DRS ......................................................................................31
Enterprise Class Scale and Resource Management ....................................................32
Custom CPU Core Counts ..................................................................................................33
Default and Stretched Cluster Configuration ...............................................................34
iii
fm.indd 3 12-02-2021 21:12:55
iv Table of Contents
Consuming a One-node SDDC .........................................................................................37
Consuming a Two-node Cluster Configuration ............................................................37
Storage Architecture ...............................................................................................39
vSAN per Host Configuration (i3p.16XL.metal Instance) ...........................................39
vSAN Policy Automated Adjustment ..............................................................................42
vSAN Per Host Configuration (i3en.metal Instance) ...................................................43
NVMe Namespaces .............................................................................................................43
Deduplication and Compression ......................................................................................45
Calculating Usable Capacity ..............................................................................................45
Storage and Stretched Clusters .......................................................................................46
Maintaining Slack Space and Storage Auto Scale-up ................................................46
External Storage with VMware Managed Service Providers (MSP) .......................47
Network Architecture .............................................................................................47
Core VPC Networking .........................................................................................................49
The NSX Overlay ..................................................................................................................50
Firewall Overview ..................................................................................................................51
Distributed Firewall (Microsegmentation) ......................................................................51
Securing Connectivity .........................................................................................................52
Internet Uplink .......................................................................................................................52
AWS VPC Uplink ..................................................................................................................52
IPSec VPN ..............................................................................................................................54
Layer 2 VPN ..........................................................................................................................55
Direct Connect Uplink .........................................................................................................59
Direct Connect – Public VIF...............................................................................................59
Direct Connect – Private VIF ..............................................................................................61
Direct Connect with VPN as Standby ..............................................................................61
Networking Best Practices .................................................................................................61
IP Space Management and Administration ...................................................................63
DHCP and DNS Services ....................................................................................................63
VMware Cloud and AWS Native Service Integration .................................................65
The VPC Cross-Link Interconnect ....................................................................................65
Multi-AWS VPC Architecture ............................................................................................68
Transit VPC ............................................................................................................................68
VMware Transit Connect (VMware Managed Transit Gateway) .............................69
SDDC Groups .........................................................................................................................71
AWS Data Transfer Costs ..................................................................................................73
VMware NSX Advanced Load Balancer ........................................................................73
VMware SD-WAN for Hybrid Cloud ................................................................................77
Chapter 5: The Case for Data Center Modernization .......................79
Addressing Data Center Pain Points ...................................................................79
Ensuring Availability, Disaster Recovery, and Data Protection ......................81
AWS Regional Availability ......................................................................................83
AWS GovCloud .........................................................................................................84
Support Model ..........................................................................................................84
Service-level Agreement (SLA) ............................................................................85
VMware Cloud on AWS Data Protection ...........................................................86
Summary ....................................................................................................................88
fm.indd 4 12-02-2021 21:12:56
Table of Contents v
Chapter 6: Planning for Application Migration with HCX .................89
Migration Planning ..................................................................................................90
Introduction to HCX ..................................................................................................91
HCX Component Overview ....................................................................................92
Migration Methodology ..........................................................................................93
Live Migration (Long-Distance vMotion) ........................................................................94
HCX-Assisted vMotion ........................................................................................................94
Bulk Migration .......................................................................................................................95
Replication-assisted vMotion (RAV) ................................................................................96
Cloud-to-Cloud .....................................................................................................................98
HCX for Hybrid Network Extension .....................................................................98
HCX for Disaster Recovery ....................................................................................99
Chapter 7: B usiness and Technical Drivers for
VMware Cloud on AWS ....................................................101
Aligning Business and Technical Priorities .......................................................101
Business Use Cases: ..............................................................................................102
Technical Use Cases: .............................................................................................106
Data Center Evacuation and Consolidation ....................................................107
Modern Application Support ................................................................................110
Cloud-Native Infrastructure with VMware Tanzu Kubernetes Grid .......................112
Disaster Recovery ...................................................................................................114
VMware Site Recovery ......................................................................................................114
VMware Cloud Disaster Recovery ..................................................................................117
Building a Combined Disaster Recovery Solution ......................................................119
Infrastructure as Code ...........................................................................................119
Terraform .............................................................................................................................122
vRealize Automation Cloud .............................................................................................123
AWS Service Integration ......................................................................................125
Virtual Desktop Infrastructure ............................................................................125
Cloud Director Service for Managed Service Providers ..............................127
Chapter 8: Hybrid Cloud Reality .........................................................131
Defining Hybrid Cloud ............................................................................................132
Understanding Cloud Impact on Business ........................................................133
Foundational Cost Shift .....................................................................................................133
Increased Agility and Elastic Scalability ........................................................................134
Making the Hybrid Cloud Real .............................................................................134
Lift-and-Shift .........................................................................................................................134
Hybrid Application Integration ........................................................................................135
Disaster Recovery to Cloud ..............................................................................................138
Chapter 9: Operational Readiness ....................................................140
Simple and Consistent Operations ....................................................................140
vCenter Linking for SDDC Groups .....................................................................143
fm.indd 5 12-02-2021 21:12:56
vi Table of Contents
Performance, Scalability, and Reliability ...........................................................144
Operational Changes and Governance ............................................................145
Security and Compliance .....................................................................................147
Transforming Operations for VMware Cloud on AWS .................................150
Operational Team Impact ................................................................................................150
Service Management Process .........................................................................................151
Service Management Tasks ............................................................................................153
Security Responsibilities ...................................................................................................153
Operational Monitoring .....................................................................................................155
VMware Cloud Marketplace ................................................................................157
Chapter 10: VMware Hyperscaler Partners .......................................158
Partner Solutions ...............................................................................................................158
Azure VMware Solution ...................................................................................................159
Chapter 11: Final Thoughts .............................................................. 166
Additional Resources ....................................................................... 168
Moving Your Organization into the Hybrid Cloud ........................ 169
fm.indd 6 12-02-2021 21:12:57
About the Author
Martin Hosken
As the Worldwide Chief Technologist for Cloud Services
at VMware, Martin works at the evolution of VMware
Cloud Services, the intersection where IT Architecture,
Solution Architecture, and Software Development
meet. His primary focus is on cutting-edge solutions
in today’s complex cloud market and on helping cus-
tomers and partners prepare to make the most of the
opportunities presented by emerging technology and
software development practices.
Martin is part of the VMware Office of the CTO, Global
Field team, a double VMware Certified Design Expert
(VCDX Number 117) in Data Center Virtualization and Cloud Management and
Automation, an established vExpert, and is the author of four books, doz-
ens of papers, blogs, and articles based on VMware and other technologies.
Follow Martin on Twitter: @hoskenm
vii
fm.indd 7 12-02-2021 21:12:57
fm.indd 8 12-02-2021 21:12:57
Foreword
Lately, I’ve been talking to a lot of VMware customers
about their digital transformation efforts. Those dis-
cussions invariably end up on the topic of application
modernization. Customers want to get the benefits
of both cloud infrastructure and cloud-native archi-
tecture to enable their applications to drive greater
business impact. In fact, it’s this drive toward appli-
cation modernization that causes businesses to end
up with a multi-cloud strategy, as different apps
dictate different cloud platforms. Regardless of the
cloud though, I often see customers falling into the
trap of believing that the fastest way to realize these benefits is to make all
the changes at once – moving to cloud and refactoring the application to a
cloud-native architecture. Yet I frequently hear from customers that this is
more challenging than they initially expected, it takes longer than they antic-
ipated, or they’re just not successful.
VMware offers a fundamentally different app modernization strategy,
one that is natively multi-cloud. Through our unique approach using VMware
Cloud Foundation as consistent infrastructure on-premises and in the cloud,
we help customers to separate out the various changes they’re looking to
make with their applications. Specifically, VMware Cloud on Amazon Web
Services (AWS) (built on VMware Cloud Foundation!) allows them to migrate
to cloud and then modernize to a new architecture. The “migrate then mod-
ernize” strategy is, perhaps counterintuitively, actually the fastest path to
cloud. I say “perhaps counterintuitively” because this “two-step” process
is faster than the “one-step” process described above. Let me explain how.
Traditionally, in a cloud migration, both the application code and applica-
tion’s operations need to be modified to support the new cloud environment.
These two have to happen in lockstep or the app won’t run well in the cloud.
But, as just mentioned, evolving the application’s code is challenging and
time-consuming.
The power of VMware Cloud on AWS is that it enables applications to
be migrated without modification to the application code or its operational
model. Same app, same ops tools, same ops team, just now in the cloud!
This goes back to the common VMware Cloud Foundation platform available
ix
fm.indd 9 12-02-2021 21:12:57
