To learn more about IT’s business drivers for VMware Cloud on AWS, read the blog, VMware’s Journey to VMware Cloud on AWS – Part 2.
To migrate our first major application to VMware Cloud on AWS we needed to take care of some housekeeping items, i.e setting up the network and core services, building the security stack, and moving traffic using GSLB (Global Service Load Balancer).
The VMworld web portal is used for hosting VMware’s global conference activities. Running VMworld on VMware Cloud on AWS not only provides us flexibility to dynamically scale the computing resources based on the load, but also allows us to protect workloads with other on-premises and cloud compute resources. This is a true hybrid deployment as this application is integrated with on-premises as well as SaaS applications.
Network Architecture/SDDC Deployment
We allocated one /18 subnet for software-defined data center (SDDC) in VMware Cloud on AWS, divided into two /20 subnets for management and compute functions. The team built SDDC with four ESXi nodes and a site-to-site VPN between the on-premises and the VMware Cloud on AWS management gateway. Two Next-Gen firewalls were deployed for deep packet inspection and threat prevention. In addition, we set up logical networks for workload deployment and configured the gateway on Next-Gen firewalls.
Core Services Deployment
Core services such as VMware Identify Manager, Active Directory, DNS, load balancers, RSA, NTP, and security stack are required for our applications running in VMware Cloud on AWS. Core services deployed in VMware Cloud on AWS are resilient. The services synchronize with their on-premises masters, and will continue to function independently even in case of loss of connectivity or a disaster scenario.
Application Migration and Testing
We selected the VMworld application (a standard 3-tier application – web, app and database) as our first application to migrate to VMC. For the initial test we migrated the stage environment into VMware Cloud on AWS. Once the application migration was completed we performed functional, resiliency and performance testing (1X, 5X, and 10X). For the production deployment a similar process was followed. During the production cutover, we ensured that the data was in sync between the on-premises and VMware Cloud on AWS, and end-user traffic was automatically routed to VMware Cloud on AWS using the GSLB.
VMware DRaaS (Disaster Recovery as a Service)
We implemented the disaster recovery (DR) solution for this application by using the VMware Cloud on AWS DRaaS add-on service. Our primary instance resides in VMware Cloud on AWS and the DR instance resides in our private cloud. To build up the DR site, we enabled DRaaS in VMware Cloud on AWS and then installed its on-premises components into our private cloud. After implementing the DR solution, we successfully tested the failover and failback process under DRaaS using GSLB.
We were able to secure the workload using the built-in firewall, along with Next-Gen firewalls, to enable Layer 7 inspection and threat prevention services. In addition, all data transferred between on-premises and VMware Cloud on AWS was secured using a site-to-site VPN.
With VMware Cloud on AWS managed services, cloud administrators can now focus on building robust workloads and applications, instead of worrying about maintaining the infrastructure. This will minimize errors and reduce compatibility issues when infrastructure components might become inconsistent over time in traditional data centers.
To learn more about IT’s adoption of VMware Cloud on AWS, read the following blogs:
VMware on VMware blogs are written by IT subject matter experts sharing stories about IT’s transformation journey using VMware products and services in a global production environment. Visit our portal to learn more.