| title | description | ms.topic | ms.date |
|---|---|---|---|
Planning the Azure VMware Solution deployment |
This article outlines an Azure VMware Solution deployment workflow. The final result is an environment ready for virtual machine (VM) creation and migration. |
tutorial |
10/02/2020 |
In this article, we provide you the planning process to identify and collect data used during the deployment. Use the pre-deployment checklist to document the information and for easy reference during the deployment.
The processes of this quick start results in a production-ready environment for creating virtual machines (VMs) and migration.
Important
Before you create your Azure VMware Solution resource, you'll need to submit a support ticket to have your nodes allocated. Once the support team receives your request, it takes up to five business days to confirm your request and allocate your nodes. If you have an existing Azure VMware Solution private cloud and want more nodes allocated, you'll go through the same process. For more information, see How to enable Azure VMware Solution resource.
Identify the subscription you plan to use to deploy Azure VMware Solution. You can either create a new subscription or reuse an existing one.
Note
The subscription must be associated with a Microsoft Enterprise Agreement.
Identify the resource group you want to use for your Azure VMware Solution. Generally, a resource group is created specifically for Azure VMware Solution, but you can use an existing resource group.
Identify the region you want Azure VMware Solution deployed. For more information, see the Azure Products Available By Region Guide.
Define the resource name you'll use during deployment. The resource name is a friendly and descriptive name in which you title your Azure VMware Solution private cloud.
Identify the size nodes that you want to use when deploying Azure VMware Solution. For a complete list, see the Azure VMware Solution private clouds and clusters documentation.
Define the number of hosts that you want to deploy into the Azure VMware Solution private cloud. The minimum node count is three, and the maximum is 16 per cluster. For more information, see the Azure VMware Solution private cloud and clusters documentation.
You can always extend the cluster later if you need to go beyond the initial deployment number.
Define the vCenter admin password. During the deployment, you'll create a vCenter admin password. The password is to the cloudadmin@vsphere.local admin account during the vCenter build. You'll use it to sign in to vCenter.
Define the NSX-T admin password. During the deployment, you'll create an NSX-T admin password. The password is assigned to the admin user in the NSX account during the NSX build. You'll use it to log into NSX-T Manager.
The first step in planning the deployment is to plan out the IP segmentation. Azure VMware Solution ingests a /22 network that you provide. Then carves it up into smaller segments and then uses those IP segments for vCenter, VMware HCX, NSX-T, and vMotion.
Azure VMware Solution connects to your Microsoft Azure Virtual Network via an internal ExpressRoute circuit. In most cases, it connects to your data center via ExpressRoute Global Reach.
Azure VMware Solution, your existing Azure environment, and your on-premises environment all exchange routes (typically). That being the case, the /22 CIDR network address block you define in this step shouldn't overlap anything you already have on-premises or Azure.
Example: 10.0.0.0/22
For more information, see the Network planning checklist.
:::image type="content" source="media/pre-deployment/management-vmotion-vsan-network-ip-diagram.png" alt-text="Identify - IP address segment" border="false":::
Identify an IP segment to create your first network (NSX segment) in your private cloud. In other words, you want to create a network segment on Azure VMware Solution so you can deploy VMs onto Azure VMware Solution.
Even if you only plan on extending L2 networks, create a network segment that will be useful for validating the environment.
Remember, any IP segments created must be unique across your Azure and on-premises footprint.
Example: 10.0.4.0/24
:::image type="content" source="media/pre-deployment/nsx-segment-diagram.png" alt-text="Identify - IP address segment for virtual machine workloads" border="false":::
You can extend network segments from on-premises to Azure VMware Solution, and if you do, identify those networks now.
Keep in mind that:
- If you plan to extend networks from on-premises, those networks must connect to a vSphere Distributed Switch (vDS) in your on-premises VMware environment.
- If the network(s) you wish to extend live on a vSphere Standard Switch, then they can't be extended.
Identify a /29 CIDR network address block, which is required for the ExpressRoute Global Reach peering. Remember, any IP segments created must be unique across your Azure VMware Solution and on-premises footprint. The IPs in this segment are used at each end of the ExpressRoute Global Reach connection to connect the Azure VMware Solution ExpressRoute circuit with the on-premises ExpressRoute circuit.
Example: 10.1.0.0/29
:::image type="content" source="media/pre-deployment/expressroute-global-reach-ip-diagram.png" alt-text="Identify - ExpressRoute Global Reach peering network" border="false":::
To access your Azure VMware Solution private cloud, the ExpressRoute circuit, which comes with Azure VMware Solution, must attach to an Azure Virtual Network. During deployment, you can define a new virtual network or choose an existing one.
The ExpressRoute circuit from Azure VMware Solution connects to an ExpressRoute gateway in the Azure Virtual Network that you define in this step.
Important
If you choose an existing virtual network, you must select one that does not have a pre-existing gateway subnet.
If you want to connect the ExpressRoute circuit from Azure VMware Solution to an existing ExpressRoute gateway, you can do it after deployment.
So, in summary, do you want to connect Azure VMware Solution to an existing Express Route Gateway?
- Yes = Identify the virtual network that doesn't get used during deployment.
- No = Identify an existing virtual network or create a new one during deployment.
Either way, document what you want to do in this step.
Note
This virtual network is seen by your on-premises environment and Azure VMware Solution, so make sure whatever IP segment you use in this virtual network and subnets do not overlap.
:::image type="content" source="media/pre-deployment/azure-vmware-solution-expressroute-diagram.png" alt-text="Identity - Azure Virtual Network to attach Azure VMware Solution" border="false":::
VMware HCX is a technology bundled in with Azure VMware Solution. The primary use cases for VMware HCX are workload migrations and disaster recovery. If you plan to do either, it's best to plan out the networking now. Otherwise, you can skip and continue to the next step.
[!INCLUDE hcx-network-segments]
Now that you've gathered and documented the needed information, continue to the next section to create your Azure VMware Solution private cloud.
[!div class="nextstepaction"] Deploy Azure VMware Solution