VMware Cloud on AWS

Learning more about the Nitro platform which will power VMware Cloud on AWS Outposts

12/04/2018 by William Lam Leave a Comment

With the big announcement last week between AWS and VMware, I know a number of folks have been wanting to learn more about the underlying hardware that currently powers the AWS Cloud including VMware Cloud on AWS and eventually the new VMware Cloud on AWS Outposts offering. Historically, AWS has not shared much information about their own hardware platform, but have started to talk more openly about their systems in the last two years.

At reInvent 2018, I had attended an awesome deep dive session Powering Next-Gen EC2 Instances: Deep Dive into the Nitro System by Anthony Liguori, a Sr. Principal Engineer who lead both the Nitro and Outposts development. This was a great talk providing some insights into the development of Nitro and the various components that makeup the system such as the Nitro cards, which provides hardware offload for both Storage and Networking and new in this years session, the Nitro Security Chip, which actually reminds me of the new Apple T2 Security Chip. Below is the recording for those that were not able to attend, definitely recommend a watch!

VMware Cloud on AWS reInvent sessions posted

11/30/2018 by William Lam Leave a Comment

In case you missed the big news this week at Amazon's reInvent conference, Pat Gelsinger (CEO of VMware) and Andy Jassy (CEO of AWS) announced together on stage VMware Cloud on AWS Outposts and VMware Cloud Foundation for EC2. For more details regarding the announcements, check out these two blog posts:

VMware had a number of VMware Cloud on AWS (VMC) sessions at reInvent and most of them have already been posted online. Below is the current list and I will update it as new sessions are posted.

Given the amount of excitement and interests from customers on both VMware Cloud on AWS Outposts and VMware Cloud Foundation for EC2, session (ENT215) was repeated at reInvent to give some more information about the two solutions. In addition, you can also check out these two theCube interviews from each of our executives talking about both offerings.

ENT215 - Top Strategic Priorities You Can Tackle with VMware Cloud on AWS

Video
Slide

CMP305 - VMware Cloud on AWS: Deep Dive

Video
Slide

CMP360 - Supercharge VMware Cloud on AWS Environments with Native AWS Services

Video
Slide

DAT375 - Deep Dive on Amazon RDS on VMware

Video not posted yet
Slide

ENT313 - Running Production Workloads in VMware Cloud on AWS

Video
Slide

GPSTEC307 - Networking, Storage, and Data Protection Deep Dive with VMware Cloud on AWS

Video
Slide

NET321 - Connectivity Options for VMware Cloud on AWS Software Defined Data Centers (SDDC)

Video
Slide

Can a VM in the VMC Compute Network access the SDDC Management Network?

11/19/2018 by William Lam Leave a Comment

Similiar to an on-premises vSphere deployment, VMware Cloud on AWS follows good security practices by isolating and preventing access to the SDDC Management Network including Virtual Machines running in the Compute Network. With that said, the SDDC can be configured to enable access to the SDDC Management Network for either all or subset of workloads running in the Compute Network.

I have seen this request come up a few times, usually around proof of concepts, lack of on-premises infrastructure or wanting to run completely isolated within VMC for Dev/Test purposes. Below are the step by step instruction on setting this up for both an NSX-V and NSX-T based SDDC. Once enabled, customers can access the vCenter vSphere UI from within the specified Virtual Machine(s) including using tools like OVFTool or PowerCLI for importing new or existing workloads.

Note: Please refer to this blog post here to determine if you are running an NSX-V or NSX-T based SDDC.

Automating Hybrid Cloud Extension (HCX) Manager initial configuration for VMC

10/29/2018 by William Lam 1 Comment

Following up from my previous Hybrid Cloud Extension (HCX) Automation article which looked at deploying the HCX Manager OVA, this article will now focus on automating the initial configuration of HCX Manager including the registration to HCX Cloud which will enable the on-prem HCX Manager to be used with VMware Cloud on AWS (VMC). Once HCX Manager is up and running, customers can configure the system using the HCX VAMI interface which is available on port 9443 via the UI or in our case with the HCX VAMI APIs.

I have updated my HCX PowerShell Module to include 8 additional functions that can be used for initial configuration of HCX Manager:

Set-HcxVCConfig
Set-HcxLicense
Get-HcxNSXConfig
Set-HcxNSXConfig
Get-HcxLocation
Set-HcxLocation
Get-HcxRoleMapping
Set-HcxRoleMapping
Get-HcxProxy
Set-HcxProxy
Remove-HcxProxy

Quick Tip – How to clear all Hybrid Cloud Extension (HCX) Migrations in the vSphere UI

10/11/2018 by William Lam Leave a Comment

During the development of my Cloud Motion with vSphere Replication automation script for Hybrid Cloud Extension (HCX), I extensively used the HCX vSphere UI for testing and debugging purposes.

Under the Migration view, you can see all active and completed migrations, including any failed migration attempts. In my particular environment, there had been a few hundred migrations and with my additional testing, that added quite a few more. Although you can filter by name or sort by the type of operation, it was still not very convenient for me while developing the script. I wanted a quick way to view the details after calling the HCX APIs and by the time I jumped to the UI, I would have missed a few of those updates.

In speaking with one of the HCX Engineers, I found out that you could simply drop all migration history from the internal database (this would remove all the history for past migrations including failures). In general, I do not see this being something customers would have a need for in Production, as you would want to keep all the history for auditing or debugging purposes. This is probably more for demo or testing purposes and below are the instructions on how to clear all migrations from your HCX Manager.

Enhancements to Hybrid Linked Mode (HLM) in VMC using the new vCenter Cloud Gateway

10/04/2018 by William Lam Leave a Comment

It has been almost a year since VMware introduced the Hybrid Linked Mode (HLM) capability, which provides customers with a consistent operating experience for managing and consuming resources from both their on-premises and VMware Cloud on AWS (VMC) environments. Feedback from customers on HLM has been fantastic, especially when new or prospective VMC customers learn about HLM for the very first time. Customers were pleasantly surprised at how seamless the experience was when consuming VMC resources, using a familiar interface, the vSphere UI.

Here is a quick recap of what HLM provides today:

HLM allows customers to link a single VMC instance to a single on-prem SSO Domain which can contain one or more vCenter Servers (Enhanced Linked Mode) while maintaining separate administrative domains (e.g. on-prem user is Administrator while VMC user is CloudAdmin only)
SSO Domains will be different between on-prem and VMC, however it is a 1:1 relationship
A trust is established where the on-prem vCenter Server trusts the incoming connections from VMC as they share the same Active Directory identity source. Data is sync'ed uni-directionally from on-prem to VMC
Can be configured at any point in the on-prem vCenter Server lifecycle, no restrictions to initial install and can easily be un-linked unlike ELM
Both Embedded & External vCenter Server deployments are supported
HLM supports different versions of vCenter Server between on-prem (6.5d+) and VMC, especially as VMC will almost always run a newer version of vSphere
Users MUST login to VMC vCenter Server for single-pane of glass management (H5 Client supported only), logging into on-prem vCenter Server will NOT show VMC vCenter Server
Roles are NOT replicated due to the restrictive access model in VMC