VMware Cloud Well-Architected Framework – Infrastructure Services for VMware Cloud on AWS

Overview

Introduction

The plan pillar discussed how important it is to understand the various infrastructure services that are in use in an on-premises deployment. When a VMware SDDC is deployed in the cloud, default configurations related to infrastructure services are implemented at a rudimentary level to support the VMware components that make up the SDDC. There is no requirement to establish infrastructure services in the cloud before deploying a VMware SDDC because the Service Provider has accounted for these services as part of the initial deployment. 

DNS

Upon SDDC creation, public DNS servers are configured for both Management and Compute Gateway zones.  The default DNS servers and gateway zones can be modified to suit an organizations DNS strategy. More VMware Cloud on AWS DNS Strategies are outlined here: https://docs.vmware.com/en/VMware-Cloud-on-AWS/solutions/GUID-25B7F9346825C50F67BF60403CCCAE21.html 

DHCP

Network segments within the compute network may be configured to provide basic DHCP services. If your design requires a more advanced DHCP feature set, then the SDDC may be configured to provide DHCP relay services.  

Authentication Services

VMware Cloud on AWS supports either a standalone service with separate authentication methods or an integrated authentication and access method with both the VMware Cloud Portal and the VMware Cloud on AWS SDDC environment. 

Organizations can configure the VMware Cloud Portal authentication to leverage an organization's primary identity authentication method and grant access to VMware Cloud services. Additional information can be accessed at https://docs.vmware.com/en/VMware-Cloud-services/services/setting-up-enterprise-federation-cloud-services/GUID-76FAECB3-CFAA-461E-B9C9-2A49C39CD17F.html 

In addition, an SDDC can be configured to use an organization's existing identity management solution similar to how vSphere on premise is connected to an authentication source. This is accomplished through the SDDC's CloudAdmin default administration account. Detailed description and guide here: https://docs.vmware.com/en/VMware-Cloud-on-AWS/services/com.vmware.vsphere.vmc-aws-manage-data-center-vms.doc/GUID-91C57891-4D61-4F4C-B580-74F3000B831D.html 


Filter Tags

Document