The Tanzu Kubernetes Grid (TKG) managed service is included as part of the basic offering of VMware Cloud on AWS. Users can run, deploy, manage, and operate Kubernetes clusters on top of VMware Cloud on AWS, like they can with on-premises vSphere. The SDDC console provides a mechanism to enable…
DHCP can be turned on for each segment during the provisioning process. On a new tier-1 gateway, DHCP can’t be configured until the DHCP profile is set on it. To enable DHCP on a newly created Tier-1 gateway, edit the Tier-1 gateway configurations under Networking and Tier-1 Gateways. Then click…
In this chapter, you will gain a comprehensive understanding of the intricacies involved in configuring integrated services. These services encompass the NSX Advanced security service, which offers a Layer 7 firewall and Intrusion Prevention System/Intrusion Detection System (IPS/IDS) security features. Additionally, you will explore VMware HCX, VMware Aria Operations for…
After the service mesh has been successfully deployed, users can continue configuring the network extension service.The Layer 2 extension service is a unique capability of VMware HCX, powering live migration of workloads with uninterrupted network connectivity. A Layer 2 network extension enables you to retain an original IP address by…
The Management Gateway firewall protects access to management components such vCenter and NSX. There are two types of management groups: predefined management groups and user-defined management groups. When choosing a source or destination for a management firewall rule, there are three choices: Any, System-Defined, and User-Defined. System-defined groups simplify the…
Route-based VPNs support dynamic routing and simplify routing configuration in complex network environments. Route-based VPNs utilize BGP over a VPN tunnel. Customers can establish the tunnel using a private connection such as a Direct Connect private virtual interface (VIF) or public internet. To configure the VPN connection, navigate to the…
With a policy-based VPN, there is no routing protocol such as BGP, so the initial setup of the VPN connection is easier. However, administrators must manually update the routing tables on both ends of the network when new routes are added. From the VMware Cloud Console, navigate to Inventory >…
VMware Cloud on AWS is a service provided by VMware, which means that VMware offers direct support and manages the VMware infrastructure. In cases where a Managed Service Provider (MSP) delivers the service, the MSP takes ownership of the customer relationship and provides Tier-1 support. However, VMware remains responsible for…
VMware Cloud on AWS comes with DRS automatically enabled. The DRS parameters at the cluster level are controlled by VMware and cannot be adjusted by the cloudadmin role. However, customers have the ability to create compute policies that incorporate affinity or anti-affinity rules using vSphere categories and tags within the…
With the exception of the single-host storage policy, all storage policies for management appliances in VMware Cloud on AWS utilize thick provisioning (upfront reservation) and RAID-1. It’s important to note that the storage reservation values may vary over time with the release of new versions of the SDDC. In a…
