Azure VMware Solution Logical Design - vmc.techzone.vmware.com
1
Azure VMware Solution Production-2 Resource Group VNet Peering VNet Peering Azure Services Hub VNet Spoke VNet Virtual Network (VNet) Production-1 Resource Group Production-3 Resource Group Production-4 Resource Group GatewaySubnet Virtual Machine Azure Firewall Azure Route Server API Management Services Web App Firewall Azure Backup Azure File Sync Azure Blob Storage Load Balancers Azure Active Directory DNS Zones Spoke VNet Azure IoT Hub Azure Kubernetes Service Private Cloud Deployment Options: • Azure Portal • Azure Resource Manager Template • Azure PowerShell • Azure CLI Global Reach Azure Express Route to on-premises data center SQL Databases Azure Sentinel Microsoft Enterprise Edge (MSEE) Dedicated Microsoft Enterprise Edge (D-MSEE) Azure ExpressRoute to Azure VMware Solution Azure ExpressRoute Console Internet Roles and Responsibilities Firewall Rules Planning and Deployment Legend Deployment and Connectivity Azure VMware Solution Logical Design C o p y r i g h t © 2 0 2 1 VM w a r e I n c . A l l r i g h t s r e se r v e d . https://via.vmw.com/avstechzone | https://www.vmware.com/cloud-solutions/azure.html vSAN, VMFS Fiber Channel NFS, iSCSI Storage NSX-V, NSX-T vSphere Distributed Switch vSphere Standard Switch Network Internet Windows Server/Service ExpressRoute ExpressRoute Global Reach Linux Server/Service VMware Appliance Microsoft Managed Customer Managed AVS Edge Router NSX-T (T0) ESXi Host 1 ESXi Host 2 ESXi Host 3 Up to 16 hosts (max per cluster) RG 2 VMware HCX vCenter Server NSX-T HCX IX Site Recovery Manager HCX WO HCX NE vSphere Replication Active Directory Management VMs Workload VMs vSAN Storage vSphere Cluster NSX-T (T1) VM VM VM VM VM VM NVMe Cache Per Host SSD Capacity Resource Manager Azure AD EA Subscription Production Management Group On-premises Data Center Customer Edge Device DESTINATION TYPE PORT DESCRIPTION SOURCE Cloud DNS On-premises DNS On-premises Network Cloud Management Network On-premises vCenter Network 1. 2. 3. 4. 5. Identify the Azure subscription, resource group, region, and resource name Determine the number of hosts and clusters required Request a host quota for an eligible Azure subscription Register the Microsoft.AVS resource provider Identify network ranges for SDDC management, connected Azure VNets, and VM segments Click each step for more detailed information and a demonstration. Deploy the Azure VMware Solution private cloud Configure Azure VNet and ExpressRoute Peer on-premises networks 6. 7. 8. VM VM VM VM VM VM VM VM Compute Cluster @vMegie @StevePantol Management Cluster DHCP Active Directory NTP DNS Backup Server Certificate Authority Remote Desktop Services vSphere Replication vCenter Server VMware HCX Site Recovery Manager vRealize Network Insight VMware Horizon vRealize Operations Manager vRealize Log Insight Microsoft Endpoint Configuration Manager Applications Guest OS Virtual Machine vSAN NSX-T vCenter Server Host Patching ESXi Hosts Identity Management Azure Portal Hardware Failure Physical Security Physical Infrastructure Configuration Deployment & Lifecycle Operations Microsoft is responsible for the deployment, configuration, and lifecycle operations of the physical and virtual infrastructure components. Microsoft is responsible for ongoing management of all physical components. The customer is responsible for any post-deployment configuration changes to vCenter Server and NSX-T. Deployment, configuration, and management of virtual machines - including operating systems and applications - are customer responsibilities. This includes ensuring VMware Tools and Virtual Machine compatibility. Microsoft Azure Tanzu Kubernetes Grid Azure ExpressRoute On-premises DNS Cloud DNS Cloud vCenter On-premises Active Directory Cloud Management Network UDP UDP TCP TCP TCP 53 53 80, 443 389 8000 DNS DNS vCenter HTTP, HTTPS Active Directory authentication vMotion VMs from on-premises vCenter to Cloud vCenter
Transcript of Azure VMware Solution Logical Design - vmc.techzone.vmware.com
Azure VMware Solution
Production-2 Resource Group
VNet Peering VNet Peering
Azure Services
Hub VNet
Spoke VNet
Virtual Network (VNet)
Production-1 Resource Group
Production-3 Resource Group Production-4 Resource Group
GatewaySubnet Virtual Machine Azure Firewall Azure Route Server
API ManagementServices
Web AppFirewall
AzureBackup
Azure File Sync
Azure BlobStorage
Load Balancers Azure ActiveDirectory
DNS Zones
Spoke VNet
Azure IoTHub
Azure KubernetesService
Private Cloud Deployment Options:• Azure Portal• Azure Resource Manager Template• Azure PowerShell• Azure CLI
Global Reach
Azure Express Route to on-premises data center
SQL Databases
Azure Sentinel
Microsoft Enterprise Edge (MSEE)
Dedicated Microsoft Enterprise Edge (D-MSEE)
Azure ExpressRoute to Azure VMware Solution
AzureExpressRoute
Console
Internet
Roles and Responsibilities Firewall Rules
Planning and Deployment
Legend
Deployment and Connectivity
Azure VMware Solution Logical Design
Copyright © 2021 VMware Inc. All rights reserved. https://via.vmw.com/avstechzone | https://www.vmware.com/cloud-solutions/azure.html
vSAN, VMFS
Fiber ChannelNFS, iSCSI
Storage
NSX-V, NSX-T
vSphere Distributed Switch
vSphere Standard Switch
Network
Internet
Windows Server/Service
ExpressRoute ExpressRoute Global Reach
Linux Server/Service VMware Appliance Microsoft Managed
Customer Managed
AVSEdge Router NSX-T (T0)
ESXi Host 1 ESXi Host 2 ESXi Host 3 Up to 16 hosts(max per cluster)
RG 2
VMwareHCX
vCenterServer NSX-T
HCX IX
SiteRecoveryManager
HCX WO HCX NE
vSphereReplication
ActiveDirectory
Management VMs Workload VMs
vSAN Storage
vSphere Cluster
NSX-T (T1)
VM
VM
VMVM
VM VM
NVMe Cache
Per Host
SSD Capacity
Resource Manager Azure ADEA SubscriptionProduction Management Group
On-premisesData Center
Customer Edge Device
DESTINATION TYPE PORT DESCRIPTIONSOURCE
Cloud DNS
On-premises DNS
On-premises Network
Cloud Management Network
On-premises vCenter Network
1.
2.
3.
4.
5.
Identify the Azure subscription, resource group, region, and resource name
Determine the number of hosts and clusters required
Request a host quota for an eligible Azure subscription
Register the Microsoft.AVS resource provider
Identify network ranges for SDDC management, connected Azure VNets,and VM segments
Click each step for more detailed information and a demonstration.
Deploy the Azure VMware Solution private cloud
Configure Azure VNet and ExpressRoute
Peer on-premises networks
6.
7.
8.
VM VM VM
VMVM
VMVMVM
Compute Cluster
@vMegie @StevePantol
Management Cluster
DHCPActiveDirectory NTP DNS
BackupServer
CertificateAuthority
RemoteDesktopServices
vSphereReplication
vCenterServer
VMwareHCX
SiteRecoveryManager
vRealizeNetworkInsight
VMwareHorizon
vRealizeOperationsManager
vRealizeLog Insight
MicrosoftEndpoint
ConfigurationManager
Applications
Guest OS
Virtual Machine
vSAN
NSX-T
vCenter Server
Host Patching
ESXi Hosts
Identity Management
Azure Portal
Hardware Failure
Physical Security
Physical Infrastructure
Configuration
Deployment &Lifecycle Operations
Microsoft is responsible for the
deployment, configuration, and
lifecycle operations of the
physical and virtual infrastructure
components. Microsoft is
responsible for ongoing
management of all physical
components.
The customer is responsible for
any post-deployment
configuration changes to vCenter
Server and NSX-T.
Deployment, configuration, and
management of virtual machines
- including operating systems and
applications - are customer
responsibilities. This includes
ensuring VMware Tools and Virtual
Machine compatibility.
Microsoft Azure
Tanzu Kubernetes Grid
AzureExpressRoute
On-premises DNS
Cloud DNS
Cloud vCenter
On-premises Active Directory
Cloud Management Network
UDP
UDP
TCP
TCP
TCP
53
53
80, 443
389
8000
DNS
DNS
vCenter HTTP, HTTPS
Active Directory authentication
vMotion VMs from on-premisesvCenter to Cloud vCenter
