The Managed Service Provider (MSP) model under VMware Cloud Provider Program (VCPP) enables partners to leverage VMware Cloud services to broaden their technology portfolio and provide value added functionality with their unique managed services. VMware Cloud services consists of several services that allow for the creation, management and monitoring of public and private cloud resources.
VMware Cloud on AWS will be available for VMware Cloud Provider Program (VCPP) partners via the Managed Service Provider (MSP) program using commitment based constructs, with support for other services coming soon. Once a VCPP partner signs up to a commitment for services they will be on-boarded to the MSP platform. The MSP platform is an integrated system which allows the service provider to manage their VMware Cloud Services for their tenants. VCPP partner owns the Terms of Service, manages onboarding, provisioning, billing and support for their end customers. Once a VCPP partner signs a commit contract for VMware Cloud on AWS, and the contract becomes active, they can be on-boarded into VMware Cloud Services, from where they can manage, support and generate usage.
Here, we will outline the steps needed to on-board and provision the service on behalf of end customers. The on-boarding process is fairly simple and involves, creating Provider org, creating tenant orgs for service on-boarding and provisioning the service. Provider organization is a basic construct and can be mapped to a service provider. There can be multiple tenant organizations under this Provider org.
There must be only one MSP commit contract for each Provider org (each service provider can create their own Provider org – in this example it is Acme)
Creating Provider org
- VCPP partner email is a registered email with MyVMware account. Service provider email id used while creating commit contract MUST be a registered valid MyVMware account, with a complete profile and password. Make sure to verify by logging into MyVMware before providing this email for commit contract creation.
- The commit contract is created and has becomes active
Below are the steps for creating a Provider org
- When the commit contract becomes active, an email is automatically sent to the email id provided while creating the contract. Using this email, a Provider organization needs to be created first. It can take upto 30 minutes sometimes to be received after the commit contract becomes active.
This link can be used only once and will expire in 30 days. Once partner logs in VMware Cloud services using this link , he will able to create a new Provider Org and the activated commit contract is tied up as default payment method for that org as well as any tenant org created under this Provider org.
- Click on the onboarding email to login to VMware Cloud services console
- Enter a name for the Provider Org – ‘Acme’, accept T&Cs
- Confirm the commit contract to be associated with this organization. The commit contract associated with the Provider organization cannot be changed at a later time. If there was a fund account associated with this user, it will be displayed for informational purposes only.
- Provide the metadata for the Provider organization
- Country and zip code are required fields
- Tag is an optional field for an ID, which can be primarily used to filter / query while using the apis
- An example would be eng – a department that will be consuming the service
- Once the Provider org is created, the service provider lands in the home screen of VMware Cloud Services, from where he can onboard services for tenants.
At the end of this step SP has
- Logged into VMware Cloud Services
- Created a Provider Orgs – Acme
- Accepted ToS
- Confirmed the commit contract associated with that Provider org
- Provided Provider org metadata
Service Onboarding and creating tenant orgs
SP needs to request a separate invitation from each service that he needs to consume and it will need to be attached to a tenant organization. SP can request the service invitation by completing the webform using the password MSPTenantOnboarding. This needs to be repeated for the number of tenant organizations that need to be created under the Provider organization.
SP redeems the service invitation email for a specific VMware Cloud service (e.g. VMware Cloud on AWS) and associates the service with a tenant org (e.g. Coca-Cola), accepts ToS, confirms the commit contract and provide metadata for tenant org. Below are the steps for the same.
- When SP requests the service invitation via VMware Cloud Services, he receives the below email with the link for service activation. This link can be used only once and will expire in 14 days
- Clicking the link takes the SP to the VMware Cloud Services login page.
- Since tenant org Coca-Cola does not exist at this time new tenant org needs to be created before attaching the service to the org. If it already existed, the service can be attached to the existing org
- Provide the name of the tenant org, sign ToS, and confirm payment information.
NOTE: There is no option to change the commit contract at a later time.
- Enter metadata for the tenant org. Country and zip code are mandatory. Tag is an optional field for the id, which can be at a later time used for querying using apis
VMware Cloud on AWS: Provisioning SDDC and configuring for tenant
Once the SP has attached VMware Cloud on AWS service to a specific tenant org (leveraging the steps described above), SP needs to first deploy an SDDC (Software-Defined Data Center) and configure it.
SP needs to collect information prior to deploying the SDDC
- End customer’s existing account number with Amazon Web Services
- The VPC and subnet required to connect
- Type of connection required to connect to SDDC externally
- Details of the network configuration to be set up
The steps provided below are basic ones. For detailed explanation of the steps, best to refer to the service guides
VMware on AWS Getting started guide
VMware Cloud on AWS onboarding blog
- Open the VMware Cloud on AWS service via VMware Cloud Services.
- Click on Create SDDC
- Configure SDDC properties
- Select the AWS region in which to deploy the SDDC from the multi-region support – US West
- Select the type of deployment option – Single Host / Multi Host / Stretched Cluster – Multi-Host
- Provide the name of the SDDC
- Select the number of hosts in the SDDC – minimum of 3 for multi-host option
- Click NEXT
- Connect to tenant’s AWS account and click NEXT
- Click NEXT
- Select a VPC and a subnet in the AWS account to connect to
- (Optionally) Provide the IP address for the management network
- Click Deploy SDDC
- It might take upto 2-3 hours to deploy SDDC
- Once deployed, click on Network tab to see the network connections. By default vCenter Server cannot be accessed
In order to access vCenter Server for the deployed SDDC, a firewall rule needs to be created to allow traffic
- Create a firewall rule as below
Settings tab provides the vCenter Server URL and the credentials details that can be used to access vCenter Server of the SDDC deployed
- Select the encrypted password in clipboard and URL for vCenter Server and connect to vCenter Server
- The management cluster and compute cluster would look as below
- Create VMs as required by the tenant in the compute cluster and share the VMs for their access .
- For setting up a compute VPN to allow VMs to communicate securely with VMs in an on-premise data center or within an Amazon VPC, refer to VMware on AWS Getting started guide
- You can also set up dedicated connections using VPN and configure hybrid linked mode from on-prem.
VMware Cloud on AWS: Usage and Billing – Creation of 1 OR 3 year term subscription for tenant (Optional step)
By default, once the SDDC is provisioned, usage is billed on-demand hourly. However, 1-yr or 3-yr term subscriptions can be created for subscription pre-pay. The steps to create subscriptions can be found in the optional step.
- Subscriptions can be created for VMware Cloud on AWS by selecting Subscriptions tab and CREATE SUBSCRIPTION within the VMware Cloud on AWS service. 1 year and 3 year term subscription are available and are applicable at the organization level.
- Select the number of hosts and region – US West and 4
- Select 3 Years Upfront and PLACE ORDER
- Subscriptions will be billed upfront.
This on-boarding process is your first step towards setting up VMware Cloud on AWS for your tenant as an MSP. Gathering as much information upfront regarding the organization structure, service requirements, network configuration required for the tenant will make the on-boarding very simple.
You may also look at the video which covers the onboarding process.
One comment has been added so far
Thank you for the great information.
You described every single information very nicely with images.