Migration to VMware Cloud Director service Guide
VMware Cloud Director
Availability™
can migrate workloads both to and from the VMware Cloud
Director™
service hosted at VMware Cloud™ on AWS
.Classic Migration with Cloud Director Sites
All versions of
VMware Cloud Director
Availability
can protect or migrate vSphere
workloads with a private cloud site backed by VMware Cloud Director
by using the native integrations with VMware Cloud Director
and VMware vCenter Server
®.VMware Cloud on AWS Design Implications
VMware Cloud on AWS
Design ImplicationsDue to design specifics of the . For information about both the .
VMware Cloud Director
service
hosted at VMware Cloud on AWS
, VMware Cloud Director
Availability
introduces a service named Data Engine Service
for performing migrations with VMware Cloud on AWS
by using the VMC
data engine. For information about this service, see Services and network ports in the Security Guide
VMC
and the Classic
data engines, see Activate the data engines for replicating workloads in the Administration
Guide
By using the .
Data Engine Service
and activating the VMC
data engine, VMware Cloud Director
Availability
4.2 and later can migrate workloads to VMware Cloud Director
service
. VMware Cloud Director
Availability
4.6 and later also allow migrating workloads from VMware Cloud Director
service
back to the on-premises vCenter Server
site. For information about the replications use cases and their cross-site support, see Replicating workloads in the User Guide
As a
provider
in VMware Cloud on AWS
you have a VMware Cloud SDDC account and a general AWS account, and the two accounts must be linked for the service to work. Each account has its own virtual private cloud (VPC), and the VMware Cloud VPC contains a management and a compute resource pool. In the management resource pool, VMware has complete administrative control over the management and the infrastructure components. The VMware Cloud Director
Availability
appliances reside outside the management resource pool, deployed and managed by theprovider
.Migration with VMware Cloud Director
service
VMware Cloud Director
service
Both the providers and their tenants, can use the existing migration flow and migrate their workloads to .
VMware Cloud Director
service
in VMware Cloud on AWS
after following this Migration with VMware Cloud Director service
Guide
The
VMware Cloud Director
service
pools the resources provided by the SDDC in VMware Cloud on AWS
. The following diagrams provide an overview of VMware Cloud Director
service
after installing VMware Cloud Director
Availability
and pairing a VMware Cloud on AWS
site with an on-premises site and or with a cloud site, backed by VMware Cloud Director
. In covers the necessary configuration in
VMware Cloud on AWS
, VMware Cloud Director
Availability
resides behind the compute networks compute gateway and firewall and connects with the management components like vCenter Server
and ESXi
trough the management gateway and firewall of the management network. The Migration with VMware Cloud Director service
Guide
VMware Cloud on AWS
allowing the connectivity to and from VMware Cloud Director
Availability
trough the management and the compute gateways.Paired On-Premises Site with VMware Cloud Director
Availability in VMware Cloud on AWS
VMware Cloud Director
Availability
in VMware Cloud on AWS
After pairing the 
On-Premises to Cloud
Director Replication Appliance
with VMware Cloud Director
Availability
in VMware Cloud on AWS
, in the following architecture diagram the orange color shows the deployed on-premises and cloud appliances of VMware Cloud Director
Availability
and the replication data traffic between the appliances, with all existing components in black: Paired Cloud Site with VMware Cloud Director
Availability in VMware Cloud on AWS
VMware Cloud Director
Availability
in VMware Cloud on AWS
After pairing a cloud site, backed by 
VMware Cloud Director
with VMware Cloud Director
Availability
in VMware Cloud on AWS
, in the following deployment diagram the orange color shows the deployed cloud appliances of VMware Cloud Director
Availability
and the replication data traffic between them, with all existing components in black: Overview of the Configuration
For a summary of all the configured objects in the
VMware Cloud on AWS
SDDC, see SDDC network configuration summary. VMware Cloud Director
Availability
resides behind the compute gateway in VMware Cloud on AWS
. Configure the SDDC in VMware Cloud on AWS
for the following access.
- To accessvCenter Serverin the management resource pool by administrative users and byVMware Cloud Director Availability.
- To access the management interface ofVMware Cloud Director Availabilityfor initial configuration.
- To access thePublic Service Endpointfrom externalVMware Cloud Director Availabilitysites for pairing and migrations from these sites.
VMware Cloud on AWS
, the SDDC and VMware Cloud Director
Availability
must be prepared and configured in the following order.- Procedure outline:
- Prepare theVMware Cloud on AWSSDDC by creating the following objects. For the detailed SDDC preparation procedure, see Prepare the SDDC in VMware Cloud on AWS for deployment.
- A network segment, connecting all the cloudVMware Cloud Director Availabilityappliances.
- A trusted management sources group, containing the public IP addresses of theadministratorusers that need access tovCenter ServerinVMware Cloud on AWSfor installing the cloudVMware Cloud Director Availabilityappliances.
- A management firewall rule, allowing the trusted management group to access management gateway services likevCenter Server.
- A separate resource pool, dedicated for all the cloudVMware Cloud Director Availabilityappliances.
- Deploy the OVA ofVMware Cloud Director Availabilityin theVMware Cloud on AWSSDDC. Alternatively, as a tenant deploy theOn-Premises to Cloud Director Replication Appliancein on-premises data centers. For the detailed deployment procedure, see Deploy VMware Cloud Director Availability in the SDDC.
- Configure the network of theVMware Cloud on AWSSDDC by creating the following objects. For the detailed SDDC configuration procedure, see Configure the network of the SDDC in VMware Cloud on AWS.
- Two inventory services, one for the management interface ofVMware Cloud Director Availabilityand one for thePublic Service Endpoint.
- Two public IP addresses requested in the SDDC, one to access the initial setup wizard in the management interface ofVMware Cloud Director Availabilityand one allowing external pairing to thePublic Service Endpoint.
- Two NAT rules for forwarding the incoming network traffic to the correct cloudVMware Cloud Director Availabilityappliances.
- Two management groups, one containing the source NAT public IP address of the SDDC used for bridging the access from the compute gatewayVMware Cloud Director Availabilityappliances and one containing theReplicator Applianceinstances.
- Two management firewall rules, one allowing the access from the compute gateway source NAT to the management gatewayvCenter Serverand one allowing theReplicator Applianceinstances access toESXidatastores for provisioning.
- Four compute groups, one containing the users that can access the management interface ofVMware Cloud Director Availabilityand three groups containing the three types of cloudVMware Cloud Director Availabilityappliances.
- Another two compute firewall rules, one allowing the access to the management interface ofVMware Cloud Director Availabilityand one allowing the cloud appliances with outbound network access.
- ConfigureVMware Cloud Director AvailabilityinVMware Cloud on AWSby completing the initial wizard. For the detailed initial configuration procedure, see Configure VMware Cloud Director Availability in VMware Cloud on AWS.
- Configure theVMware Cloud on AWSSDDC for pairing with externalVMware Cloud Director Availabilitysites by creating the following objects. For the detailed pairing preparation procedure, see Configure the SDDC network for pairing VMware Cloud Director Availability in VMware Cloud on AWS.
- A pairing compute group, containing the public IP addresses of the on-premises tenants and of the private cloud sites, backed byVMware Cloud Director.
- A pairing compute gateway firewall rule, allowing the access from the preceding pairing compute group to thePublic Service Endpointfor pairing withVMware Cloud Director AvailabilityinVMware Cloud on AWS.
- Pair with externalVMware Cloud Director Availabilitysites.
- Optionally, as a tenant configure and pairOn-Premises to Cloud Director Replication Applianceinstances withVMware Cloud Director AvailabilityinVMware Cloud on AWS. For the detailed initial on-premises configuration and pairing procedure, see Configure and Pair the On-Premises to Cloud Director Replication Appliance.
- Optionally, pairVMware Cloud Director AvailabilityinVMware Cloud on AWSwith private cloud sites backed byVMware Cloud Director. For the detailed pairing procedure with cloud sites, see Pair VMware Cloud Director Cloud Sites.
VMware Cloud Director Availabilitythe trusted, allowed, and paired providers and their trusted, allowed, and paired tenants can migrate workloads toVMware Cloud Director serviceinVMware Cloud on AWS.- Later, to allow access to perform administrative tasks like certificate replacement by using the three types of management interfaces of the services ofVMware Cloud Director Availability:
- Add three inventory services for each management interface type:Replicator Service,Manager Service, andTunnel Service.
- Add three NAT rules, with additional NAT rule for eachReplicator Serviceinstance.
- Modify the existing compute gateway firewall rule that allows access from the trusted compute sources group and include the three additional services, for a total of four inventory services.