WilliamLam.com

OVFTool and VMware Cloud on AWS

by // 1 Comment

Recently, I had noticed a number of questions that have come up regarding the use of OVFTool with the VMware Cloud on AWS (VMC) service. I had a chance to take a look at this last Friday and I can confirm that customers can indeed use this tool to import/export VMs into VMC whether they are from a vSphere/vCloud Director-based environment or simply OVF/OVAs you have on your desktop. Outlined below are the requirements and steps that you must have setup before you can use OVFTool with VMC. In addition, I have also include an OVFTool command snippet which you can use and adapt in your own environment.

Requirements:

  1. You must setup VPN connection between your onPrem environment and the Management Gateway on VMC (direct internet access to ESXi is not supported)
  2. Configure the VMC Firewall to allow access between your onPrem and VMC's ESXi host on port 443 (data transfer occurs at ESXi host level)
  3. Specify the Workload VM Folder as a target
  4. Specify the Compute-ResourcePool Resource Pool as a target
  5. Specify the WorkloadDatastore Datastore as a target

Instructions:

Step 1 - Create a Management VPN connection, please see the official documentation here for more details.

Step 2 - Create a two new Firewall Rules that allow traffic from your onPrem environment to both vCenter Server and ESXi host on port 443. vCenter Server will obviously be used for UI/API access and for ESXi, this is where the data traffic transfer will take place.


Step 3 - Construct your OVFTool command-line arguments and ensure you are using the VM Folder "Workloads", Resource Pool "Compute-ResourcePool" and Datastore "WorkloadDatastore" as your target destination since the CloudAdmin user will have restrictive privileges within VMC.

Here is an example command to upload an OVA from my desktop to the VMC vCenter Server:

ovftool.exe `
--acceptAllEulas `
--name=William-To-The-Cloud `
--datastore=WorkloadDatastore `
--net:None=sddc-cgw-network-1 `
--vmFolder=Workloads `
C:\Users\primp\desktop\William.ova `
'vi://*protected email*:*protected email*/SDDC-Datacenter/host/Cluster-1/Resources/Compute-ResourcePool/'

Note: OVFTool also supports the ability to specify a VM that is residing in your vSphere environment as a source, so you do not have to export it locally to your desktop and you can directly transfer it (your client desktop acting as a proxy) to VMC.

Here is the output from running the above command:


Once the upload has completed, you should see your new VM appear in your vSphere Inventory

 

New Adventure

by // 5 Comments

It is hard to believe this Fall will be my 7th year at VMware! Looking back, it has absolutely been an amazing ride.

For the past six years, I have been very fortunate to have been part of an amazing team of solutions architects working within R&D as part of the Integrated Systems Business Unit (ISBU) at VMware. In the early days, we were known as the Integration Engineering team, most well known for designing, operating and running the original VMware Hands on Lab at VMworld which used to also include on-premises hardware! This team also served as Customer[0] internally for a number of VMware products. In addition, this team also ran the customer on-site Alphas and Betas for vSphere. I still remember building the very first vPod for what eventually became vSphere 6.0 🙂

Over the years, the team had built up a wealth of knowledge in how to build, run and operate the VMware SDDC at scale. A large part of the team had came from either the field or from a customer with past alumnis including Duncan Epping, Cormac Hogan & Paudie O'Riordan to name a few. We wanted to bring these learnings and best practices to our customers and the VMware Validated Design (VVD) was born. What customers most appreciate about the VVDs is not just the Day 0 guidance, but also the prescriptive Day 2 operational guidance (patching/upgrading, maintenance window scheduling, monitoring, disaster recovery, etc) which is not something VMware had historically provided. Customers can then consume the VVD in several ways: build it yourself (DIY), PSO engagement including Automation or through VMware Cloud Foundation (VCF) which codifies the VVD into an integrated hardware/software offering. I am very proud of what the team has built over the years, it was not an easy road and not compromising on our design principles has paid dividends as we continue see the VVD adoption accelerating in our customers environments as the fastest way to deliver a VMware SDDC.

For the last couple of years, I had also been driving an internal project within ISBU called the Enterprise Readiness Initiative (ERi). This effort is focused on ensuring that we have a consistent set of capabilities across Lifecycle, Certificate & Configuration Management for the VMware SDDC. These capabilities must also be exposed programmatically for our customers and partners to consume. One example is the recent Install/Upgrade vCenter REST APIs that was made available as part of the vSphere 6.7 release. There is still plenty more work to be done including other ERi workstreams, but the team has made some great progress and hopefully you will be seeing more of the results in the near future.

As you can see, there is no shortage of oppournitites at VMware and being able to work with so many talented and passionate colleague to help solve our customer challenges is what I wake up every day for. I wanted to take a moment and thank one of the best managers I have had the pleasure of reporting to, Phil Weiss. Not only has he been very supportive of my career development, but has also been a mentor to me over the years and I have learned a tremendous amount from him and about myself. Phil is also occasionally involved when I get called into the lawyers office 😉 I also wanted to extend my thanks to both John Gilmartin (ISBU GM) and Jayanta Dey (ISBU VP of Engineering) who were both extremely supportive of my decision to move on.

[Read more...]

Getting started with Hybrid Cloud Extension (HCX) on VMware Cloud on AWS

by // 18 Comments

I had been hearing a lot of cool things about VMware's Hybrid Cloud Extension (HCX) but never tried the solution myself nor had a good understanding of what it actually provided. With the recently announced Hybrid Cloud Extension (HCX) on VMware Cloud on AWS (VMWonAWS) offering being available, I thought this was a great way to get hands on with HCX and take advantage of my VMWonAWS infrastructure. Having only spent a couple of days with the solution, I can see why customers are excited for HCX and the new offering on VMWonAWS makes it super easy to consume. I also recently learned that HCX is now free for all VMWonAWS customers and you can easily live migrated your VMs to/from your onPrem environment!

There are a number of impressive capabilities that HCX offers, but two that really stood out to me which I thought was quite unique and interesting compared to other VM-based "migration" options. The first is that HCX can perform live VM migrations (vMotion) or replicated migrations (vSphere Replication) which includes scheduled switch over across different versions of vSphere (vSphere 5.x to/from vSphere 6.x). This is great for customers who may not be able to upgrade their underlying vSphere environment to 6.0 or later and take advantage of things like Cross vCenter vMotion feature which only supports VM migration between vSphere 6.0u3 to/from 6.x.

The second capability is that HCX can abstract and protect the underlying ESXi hosts by not requiring direct connectivity between the source and destination ESXi hosts. Traditionally, for vMotion and vSphere Replication traffic, you either had to stretch the VLAN or ensure the VMkernel interface was routable so that it can communicate with the destination ESXi hosts for data transfers. This was not always possible and adds additional networking requirements which can be challenging to implement depending on how your network infrastructure is configured. The way HCX solves this problem is by using a special HCX Cloud Gateway which securely proxy vMotion and vSphere Replication traffic from the on-premises environment out to the respective HCX Cloud Gateway Peer which then gets transfered to destination vSphere environment. Below is a diagram to help illustrate this:


Note: HCX also supports WAN optimization (compression and de-duplication) out of the box, which the diagram includes as that is what I had deployed in my env. This is an optional virtual appliance that can be deployed at each location ensuring efficient data transfer between the source and destination vSphere environments.

While going through and getting HCX configured on both my VMWonAWS and onPrem environment, I had ran into a few minor gotchas and to help others avoid some of the issues I had ran into, I figure I would outline the process and include some additional tips that can be help.

[Read more...]