What is VMware Cloud on AWS?
VMware Cloud on AWS brings VMware’s enterprise-class SDDC software to the AWS Cloud with optimized access to native AWS services. Powered by VMware Cloud Foundation, VMware Cloud on AWS integrates VMware's compute, storage and network virtualization products (VMware vSphere, VMware vSAN and VMware NSX) along with VMware vCenter Server management, optimized to run on dedicated, elastic, bare-metal AWS infrastructure.
Why should I use VMware Cloud on AWS?
VMware Cloud on AWS provides you consistent and interoperable infrastructure and services between VMware-based datacenters and the AWS cloud, which minimizes the complexity and associated risks of managing diverse environments. VMware Cloud on AWS offers native access to AWS services and innovation that extends the value of enterprise applications over their lifecycle.
Where is VMware Cloud on AWS available today?
The service is newly available in the AWS Asia Pacific (Sydney) region in addition to being available in the AWS US East (N. Virginia), AWS US West (Oregon), AWS Europe (Frankfurt) and AWS Europe (London) regions.
Can workloads running in a VMware Cloud on AWS instance integrate with AWS services?
Yes. VMware Cloud on AWS SDDC is directly connected to customer’s VPC using Elastic Network Interface(ENI) and therefore has access to AWS services. Virtual machine workloads can access public API endpoints for AWS services such as AWS Lambda, Amazon Simple Queue Service (SQS), Amazon S3 and Elastic Load Balancing, as well as private resources in the customer's Amazon VPC such as Amazon EC2, and data and analytics services such as Amazon RDS, Amazon DynamoDB, Amazon Kinesis and Amazon Redshift. Customers can also now enjoy Amazon Elastic File System (EFS) for fully managed file service to scale the file-based storage automatically to petabyte scale with high availability and durability across multiple Availability Zones (AZs) and the newest generation of VPC Endpoints designed to access AWS services while keeping all the traffic within the AWS network.
How do I get started with VMware Cloud on AWS?
VMware Cloud on AWS is available through VMware and its many partners in the VMware Partner Network. You can get started here.
Can I use my existing VMware licenses when using VMware Cloud on AWS?
You can leverage your existing VMware software investments to secure additional discounts for your VMware Cloud on AWS hybrid environment as part of VMware’s Hybrid Loyalty Program.
Can I use my existing Windows Server licenses in VMware Cloud on AWS?
Yes. Please consult your Microsoft Product Terms for more details and any restrictions.
What is single host SDDC starter configuration?
Single host SDDC starter configuration is a time-bound offering for customers to kickstart their VMware Cloud on AWS on-demand hybrid experience at a low, predictable price. Service life for the single host SDDC is limited to 30-day intervals only. This new consumption option is designed for customers who want to prove the value of VMware Cloud on AWS in their environment before scaling to 3+ host configurations for production environments.
What compliance certifications has VMware Cloud on AWS achieved?
VMware Cloud on AWS has been independently verified to comply with ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3, and HIPAA. VMware Cloud on AWS also complies with the General Data Protection Regulation (GDPR). For more information about VMware Cloud on AWS and GDPR compliance visit here.
How is VMware Cloud on AWS deployed?
VMware Cloud on AWS infrastructure runs on dedicated, single tenant hosts provided by AWS in a single account. Each host is equivalent to an Amazon EC2 I3.metal instance (2 sockets with 18 cores per socket, 512 GiB RAM, and 15.2 TB Raw SSD storage). Each host is capable of running many VMware Virtual Machines (tens to hundreds depending on their compute, memory and storage requirements). Clusters can range from a minimum 3 hosts up to a maximum of 32 hosts per cluster. A single VMware vCenter server is deployed per SDDC environment.
What version of VMware vSphere do I need in my on-premises environment?
With vSphere 6.0 or later running in your on-premises environment, you can move workloads to and from VMware Cloud on AWS by doing cold migration of VMs. No conversion or modification is necessary. In order to take advantage of “Hybrid Linked Mode” for single pane of glass management between your on-premises environment and VMware Cloud on AWS, you must have VMware vSphere 6.5 or later.
How do I manage resources on VMware Cloud on AWS?
You can use the same management tools you use today. A vCenter Server instance is deployed as part of every VMware Cloud on AWS SDDC. You may connect to this vCenter Server instance to manage their VMware Cloud on AWS clusters. A VMware Cloud Web Console is provided which allows for common tasks such as the add/remove hosts, configure firewalls and other basic networking settings. It is important to note that tools that require plug-ins or extensive vSphere permissions may not function properly in VMware Cloud on AWS. VMware Cloud on AWS uses a least privilege security model in which you (and therefore their tools) do not have full administrative access.
Can I manage both my existing data center VMware vSphere VMs and my VMware Cloud on AWS instances in a single view?
You will need vSphere version 6.5 and vCenter Server 6.5 or later running in your data center to use vCenter Hybrid Linked Mode for single pane of glass management of resources on-premises and in the cloud. If you do not have VMware vSphere 6.5 or later running in your on-premises environment, you will need to run multiple vCenter instances to manage your environment: one vCenter instance on-premises and one vCenter instance in VMware Cloud on AWS.
Can I migrate existing vSphere VMs to my VMware Cloud on AWS deployment?
Yes. There are multiple ways to migrate existing vSphere VMs to VMware Cloud on AWS. You can perform of a live migration of vSphere VMs via a vMotion or by leveraging VMware Hybrid Cloud Extension (HCX).
What are the hardware specifications for VMware Cloud on AWS hosts?
The VMware Cloud on AWS minimum standard cluster configuration contains 3 hosts. Each host is an Amazon EC2 I3.metal instance. These hosts have dual 2.3 GHz CPUs (custom-built Intel Xeon Processor E5-2686 v4 CPU package) with 18 cores per socket (36 cores total), 512 GiB RAM, and 15.2 TB Raw NVMe storage.
Will VMware Cloud on AWS be running on a “nested” ESXi architecture?
No. ESXi runs directly on ‘bare metal’ without the use of nested virtualization, while still participating in Amazon VPC networking.
Is the underlying EC2 infrastructure hosting ESXi dedicated to each customer or is it a shared, multi-tenant infrastructure?
VMware Cloud on AWS infrastructure runs on dedicated, single-tenant bare metal infrastructure for each customer.
Can I scale the hosts in my VMware Cloud on AWS cluster?
Yes, additional hosts can be added to a VMware Cloud on AWS cluster using the VMware Cloud Portal user interface or programmatically via the VMware Cloud API.
Can I increase or decrease the size of my cluster after I provision an SDDC on VMware Cloud on AWS?
Yes, you can add and/or remove hosts on-demand as long as the minimum cluster size is 3 hosts.
What is the maximum supported clusters size in VMware Cloud on AWS?
The maximum cluster size is 32 ESXi hosts.
Can I use the vCenter Server in my SDDC to manage my on-premises ESXi hosts?
Yes, with Hybrid Linked Mode, you can connect your vCenter Server running in VMware Cloud on AWS to your on-premises vCenter server to get a single inventory view of both your cloud and on-premises resources.
What storage options are available for VMware Cloud on AWS?
VMware Cloud on AWS includes VMware’s vSAN storage technology that provides a single name space shared datastore (vSAN datastore) for VM storage. Each SDDC cluster will utilize an “all flash” vSAN storage solution built on NVMe backed instance storage that offers high performance, and low latency.
Recently announced in preview, VMware vSAN can also utilize Amazon Elastic Block Store (Amazon EBS) with VMware Cloud on AWS running on new Amazon EC2 R5.metal instances to augment existing SDDC for storage-dense environments. Storage per host ranges from 15 to 35 TB in increments of 5 TB. User chooses amount of storage desired and used on all hosts within the cluster. R5.metal clusters can be added to an existing SDDC with at least one existing provisioned cluster.
Can I use any hybrid storage (Flash + Spinning Disk)?
We currently do not offer a hybrid storage solution. All hosts are equipped with NVME Storage.
Can I expand my storage without adding additional hosts?
You will have to add additional hosts to increase your storage capacity.
Can I use Amazon Elastic Block Store (EBS) volumes as vSphere datastores?
Recently announced in preview, VMware vSAN can also utilize Amazon Elastic Block Store (Amazon EBS) with VMware Cloud on AWS running on new Amazon EC2 R5.metal instances to augment existing SDDC for storage-dense environments. Storage per host ranges from 15 to 35 TB in increments of 5 TB. User chooses amount of storage desired and used on all hosts within the cluster. R5.metal clsutsers can be added to an existing SDDC with at least one existing provisioned cluster.
Can I use AWS Elastic File System (EFS) volumes as vSphere datastores?
Yes, customers can mount Amazon EFS to their VMware VM’s running on VMware Cloud on AWS.
Will I be able to use VMware’s Storage Policy Based Management (SPBM) to provision and manage storage for virtual machine applications?
Yes. You have the flexibility to create specific policies catering to your application needs, including RAID levels, checksum, object space reservation, and IOPS limit. You can apply these policies at the individual vdisk level, or you can choose the default vSAN Datastore policy for simplicity.
What Data Protection/Backup solutions are available for VMware Cloud on AWS?
Data protection solutions based on VMware’s vStorage API for Data Protection (VADP) framework are being certified by partners now.
Is data encrypted on vSAN storage?
Yes, data is encrypted at rest for each NVMe flash device backing the vSAN datastore in each host.
How does data at rest encryption work in VMware Cloud on AWS?
Starting now, customer data at rest will be natively encrypted by vSAN. vSAN will use AWS Key Management Service (KMS) to generate the Customer Master Key (CMK). While CMK is acquired from AWS, two additional keys are generated by vSAN. Those keys are an intermediate key, referred as Key Encryption Key (KEK) and Disk Encryption Key (DEK).
The CMK wraps the KEK and the KEK in turn wraps the DEK. The CMK never leaves AWS control, encryption and decryption of the KEK is offered via an standard AWS API call.
One CMK and one KEK is required per cluster and one DEK for every disk in the cluster.
What provisions are available to rotate the keys?
Customers have the option to change the KEK (Key Encryption Key) either through vSAN API or through the vSphere UI. This process is called rekey. Note, shallow rekey doesn’t change the Disk Encryption Key (DEK) or the CMK (Customer Master Key).
Changing the DEK and CMK is not supported. In rare situations, if there is a need to change the DEK or CMK, users have the option to set up a new cluster with new CMK and can Storage vMotion the data from existing cluster.
Can I turn on or turn off vSAN Encryption selectively?
Similar to D&C (Deduplication & Compression), vSAN encryption at rest cannot be turned on or off for individual clusters; it is a cluster-wide setting that is always on by default when cluster is provisioned in the SDDC.
What is expected of the clusters set up in prior releases with encryption turned off?
All existing clusters in M4 will be migrated to M5. As part of migration, encryption shall be turned on for all existing clusters. All new clusters will be provisioned with encryption turned on by default.
Are there other options for customers to bring their own keys?
The Customer Master Key is sourced from AWS Key Management Service and this is the only option available.
How are VMware Cloud on AWS SDDCs connected to my on-premises environment?
When you deploy an SDDC using VMware Cloud on AWS, it is configured with two networks: a management network and a compute network. The management network handles network traffic for the SDDC hosts, vCenter Server, NSX Manager, and other management functions. The compute network handles network traffic for your workload VMs. Two VMware NSX edge devices serve as gateways for the VMware virtualized networking environment. The management gateway (MGW) connects the SDDC management infrastructure to your on-premises environment. The compute gateway (CGW) provides connectivity for all workload virtual machines. Traffic can be directed to your on-premises environment using a L3 VPN connection or to your AWS VPC via an Elastic Network Interface (ENI).
Will I be able to move an Elastic IP (EIP) from a VM in VMware Cloud on AWS to a standard Amazon EC2 instance and back again?
No. EIPs are reserved and associated from the VMware Cloud on AWS account and routed to the NSX Edge Gateway.
What network bandwidth will be available to the ESXi hosts?
ESXi hosts are connected to an AWS VPC via AWS Elastic Networking Adapter (ENA) that support throughput up to 25 Gbps.
Am I required to run NSX in on-premises installations when interacting with VMware Cloud on AWS?
No. Customers are not required to run NSX on-premises in order to interoperate with VMware Cloud on AWS. VMware Virtual Machines can be cold migrated to VMware Cloud on AWS without any modifications.
How do I connect to the vCenter Server in my SDDC on VMware Cloud on AWS?
By default, there is no external access to the vCenter Server system in your SDDC on VMware Cloud on AWS. Open access to your vCenter Server system by:
- Configuring a firewall rule to allow access to the vCenter Server system.
- Configuring an IPsec VPN between your on-premises data center and your SDDC
What is a VMware Cloud on AWS stretched cluster?
A stretched cluster is a deployment model in which two or more VMware Cloud on AWS clusters are part of the same logical cluster but are located in separate Availability Zones.
Can I update a single AZ SDDC to a "Stretched" SDDC?
No. Stretched cluster is a deployment time decision. You cannot upgrade a non-stretched cluster to a stretched cluster.
Can I downgrade a stretched cluster SDDC to a single AZ SDDC?
No. Stretched cluster is a deployment time decision. You cannot downgrade a stretched cluster to a non-stretched cluster.
What is the maximum size I can make a stretched cluster?
Although we support cluster sizes of up to 32 nodes, there are requirements with stretched clusters that limit the actual cluster size to 28 nodes.
Can an SDDC contain both single AZ clusters and stretched clusters?
No. An SDDC can have either single AZ clusters or stretched clusters.
Can I migrate workloads from a single AZ cluster to a stretched cluster?
Yes. You can use all the normal vSphere and Hybrid Cloud Extension (HCX) tools to move workloads between SDDCs.
Can I choose the AZ in which my VMs run?
Yes. When deploying a VM you can choose an ESXi host in the desired AZ. In case of failure, the VM will stay in its original AZ if possible.
Can a stretched cluster span across AWS regions?
No. A stretched cluster spans across 2 AZ's within the same region. If you wish to protect against a regional failure, please use a DR tool such as VMware Site Recovery service.
Is there a performance impact when running VMs in a stretched cluster?
Yes. Because we are performing synchronous writes across two AZ's there is additional overhead in write transactions. This is the case in any stretched cluster implementation.
How many failures can be tolerated in an AZ?
This depends on your Storage Policy Based Management (SPBM) settings. By default, VM's are configured to survive the failure of ALL the hosts in a single AZ without data loss.
What happens when an AZ fails and when it comes back after a failure?
We will automatically re-synch the vSAN datastore. This resync time will depend on how much data you have stored and how long the systems have been segmented.
What is Multi-Cluster support? (In Preview)
Multi-Cluster support is the ability for SDDC administrators to add additional clusters to an existing SDDC. You are able to create multiple clusters in your SDDC and these will share a common set of management VMs and network.
How do I enable multi-cluster support?
Simply select "Add Cluster" from the VMware Cloud on AWS console to add a second cluster to your existing SDDC.
What is the maximum number of clusters supported?
VMware Cloud on AWS supports a maximum of 10 clusters per SDDC. Your organization may have lower "soft" limits set. If you wish to have your limits raised, please contact your customer success team.
Single Host SDDC Starter Configuration
What is the Single Host SDDC offering?
The VMware Cloud on AWS service minimum cluster size is 3 hosts. With the new time-bound Single Host SDDC starter configuration, you can now purchase a single host VMware Cloud on AWS environment with the ability to seamlessly scale the number of hosts up within that time period, while retaining your data. The service life of the Single Host SDDC starter configuration is limited to 30-day intervals. This single host offering applies to customers who want a lower-cost entry point for proving the value of VMware Cloud on AWS in their environments
Where is the Single Host SDDC available today?
The service is available in AWS US East (N. Virginia), US West (Oregon), Asia Pacific (Sydney), Europe (London), and Europe (Frankfurt) regions.
What are the features included in the Single Host SDDC offering?
Features that do not require more than 1 host are included in the Single Host SDDC offering including hybrid operations between on-premises and VMware Cloud on AWS. However, any operations or capabilities that require more than 1 host would not work. For example, High Availability (HA) and Stretched Clusters across two AWS AZ. Due to the nature of single host, the FTT=0, meaning that if your host fails, your data would be lost. VMware does not currently offer patching or upgrades to a Single Host SDDC.
How many Single Host SDDCs can I provision?
You may provision no more than one Single Host SDDC at a time.
Can I run a Single Host SDDC indefinitely?
A Single Host SDDC will be deleted after 30 days. All data on the SDDC will be lost. You may scale-up a Single Host SDDC into a 3+ host SDDC and retain all your data. A 3+ host SDDC is not time bound.
How can I scale up to the standard 3-host service?
You can simply click on the "Scale Up" button to scale up to the 3-host SDDC service.
Can I convert my standard 3-host SDDC into a Single Host SDDC?
No, a Single Host SDDC must be created as a Single Host. You cannot scale down from 3-host SDDC to Single Host SDDC.
What support would I get for this offering?
Single Host SDDC receives the same unlimited 24/7 VMware Global Support Services as well as live chat support via the VMware Cloud on AWS console and via vSphere Client.
How is single host SDDC priced?
Single host is available on-demand for $7/node/hour. Please visit the VMware pricing page for the latest information on pricing.
What is the single host SDDC promotion?
First time VMware Cloud on AWS customers are eligible for a 20% discount for the first three months (90days) on the $7/node/hour price. The discount promotion is valid on single host purchases on or before June 5th, 2019.
How do I take advantage of the single host promotion?
You will receive $1,022 worth of promo credits every month for first three months. The promo credits can be applied towards your bill. Promo credits expire if not used towards the service within two months of activation.
VMware Site Recovery
What is VMware Site Recovery?
VMware site recovery is an add-on service that is optimized for VMware Cloud on AWS to deliver simple, verifiable protection of critical applications between private data centers and AWS.
Can I use VMware Site Recovery on the Single Host SDDC offering?
Yes, the full set of capabilities of VMware Site Recovery is available for use as an add-on purchase to the Single Host SDDC starter configuration that serves as a low-cost option for you to jump-start your hybrid cloud disaster recovery solution. However, due to the time-bound nature and lower data durability of the Single Host SDDC offering, we recommend that you do not switch to using this as the primary disaster recovery solution for all of your on-premises workloads until you have successfully scaled up the environment to a 3-host SDDC.
Horizon 7 on VMware Cloud on AWS
What is Horizon 7 on VMware Cloud on AWS?
VMware Horizon 7 on VMware Cloud on AWS delivers a seamlessly integrated hybrid cloud for virtual desktops and applications. It combines the enterprise capabilities of VMware’s Software-Defined Data Center, delivered as a service on AWS, with the market leading capabilities of VMware Horizon - for a simple, secure, and scalable solution.
Where can I find more information on Horizon 7 on VMware Cloud on AWS?
Is Horizon 7 part of VMware Cloud on AWS?
No. Horizon 7 is software that can be deployed by customer on the VMware Cloud on AWS. Ultimately the customer will be responsible for their Horizon 7 infrastructure, even though their SDDC infrastructure will be managed by VMware.
In what regions is Horizon 7 on VMware Cloud on AWS available?
Horizon 7 on VMware Cloud on AWS is available in all the same regions that VMware Cloud on AWS is available.
Support, Accounts, and Billing
Who delivers and supports VMware Cloud on AWS?
VMware will sell, deliver, and support VMware Cloud on AWS. Billing for the service will be between you and VMware. You will only receive a bill from AWS for services used in a separate AWS account.
Do I also need to purchase AWS Support?
No, VMware Cloud on AWS is supported by VMware. However, you can choose to purchase AWS support for the additional AWS services you use.
Will I need an AWS account?
Yes, you will need an active AWS customer account that will be linked to the VMware Cloud on AWS service. If you don’t have an existing AWS customer account, you will be asked to create one as part of the onboarding process. One of the key benefits of this offering is seamless integration with other AWS services such as Amazon S3, Redshift and other Amazon EC2 instances. VMware will bill you for what you use in the VMware Cloud on AWS and separately, AWS will bill you for any other AWS services you use.
What accounts are created during the process?
You will have a minimum of two accounts: a VMware account and an AWS account.
Can I have SDDCs from different regions in a single org?
Yes, an org can contain SDDCs from different regions.
Do I need to access region specific endpoints to access my SDDCs?
No, you use the same endpoints to access the VMware Cloud on AWS APIs and VMware Cloud on AWS Console regardless of the region your SDDCs are in.
Where can I find pricing for a specific region?
You can find out pricing at: https://cloud.vmware.com/vmc-aws/pricing
What is the VMware Cloud on AWS sizing and assessment tool?
You can use the sizing and assessment tool to size your workloads for VMware Cloud on AWS. The tool enables you to size for factors including Storage, Compute, Memory and IOPS in the logic to provide you with the most optimized Server and SDDC recommendation for VMware Cloud on AWS. Once you have completed sizing your workloads, you can calculate your total cost of ownership (TCO) for these workloads and compare it with an on-premises virtual environment. The tool will calculate the number of nodes and clusters required to support your workload to run on a VMware Cloud on AWS SDDC. Try the tool here.
How do I access the VMware Cloud on AWS sizing and assessment tool?
Customers can access the tool without any credentials. However, to complete the TCO, you must register with an email address and use those credentials to log into the tool.
Where can I find pricing for VMware Hybrid Cloud Extension for VMware Cloud on AWS?
VMware HCX is included with all VMware Cloud on AWS SDDC targets.