vCloud Availability Cloud-to-Cloud Design and Deploy Guide

a.pngvCloud Architecture Toolkit white paper that I have written now has been  published on the website – this design and deploy guide helps cloud providers to design and deploy vCloud Availability Cloud-to-Cloud DR solution.  This guide is based on real life example and helps cloud providers to successfully plan , design and deploy vCloud Availability Cloud-to-Cloud DR based on version 1.5.

White Paper Download Link

This white paper includes the following chapters to plan your deployment:

  • Introduction
  •  Use Cases
  • vCloud Availability Cloud-to-Cloud DR Components
  • vCloud Availability Cloud-to-Cloud DR Node Types and Sizing
  • vCloud Availability Cloud-to-Cloud DR Deployment Requirements
  • vCloud Availability Cloud-to-Cloud DR Architecture Design
  • Physical Design
  • Certificate
  • Network Communication and Firewalls
  • Deployment
  • Replication Policy
  • Services Management Interface Addresses
  • Log Files
  • Configuration Files
  •  References

I hope this helps in your plan, design  and deployment of vCloud Availability Cloud-to-Cloud DR version 1.5. please feel free to share the feedback to make this white paper more effective and helpful.


What is VMware vCloud Availability Cloud-to-Cloud DR

The VMware vCloud Availability for Cloud-to-Cloud DR solution extends existing hybrid cloud offerings of VMware Cloud Providers™ on top of VMware vCloud Director with disaster recovery and application continuity between vCloud Director Virtual Data Centers or Cloud Environments. vCloud Availability Cloud-to-Cloud brings in a much-needed in providing native Disaster Recovery between vCloud Director instances. VMware vCloud Availability for Cloud-to-Cloud DR can help VMware Cloud Providers enable further monetization of existing VMware vCloud Director multi-tenant cloud environments with DR services, including replication and failover capabilities for workloads at both VM and vApp level.



  • vCloud Availability Cloud-to-Cloud DR has capability of each deployment to serve as both source and recovery sites. There are no dedicated source and destination sites. Same set of appliances works as Sources or Destination.
  • Replication and recovery of vApps (VMs) between organization Virtual Data Centers (orgVDC) as well as two instances of vCloud Director for migration, DR, and planned migration.
  • it offers complete self-serviceability for the provider and tenant administrator via a unified HTML5 portal that can be used alongside vCloud Director. Replication, migration, and failover can be managed completely by the tenant or provided as a managed service by the provider.
  • Symmetrical replication flow that can be started from either the source or the recovery vCD instance.
  • Built-in encryption or encryption and compression of replication traffic.
  • Enhanced control with white-listing of DR-enabled vCloud Director organizations, enforcement of specific min Recovery Point Objective (RPO) at an organization (org) level, maximum snapshots per org and max replications per tenant.
  • Provide Non-disruptive, on-demand disaster recovery testing.
  • Policies that allow service provider administrators to control the following system attributes for one or multiple vCloud Director organizations:
    • Limit the number of replications at the vCloud Director organization level
    • Limit the minimum Recovery Point Objective (RPO)
    • Limit number of retained snapshots per VM replication
    • Limit the total number of VM replications

Use Cases:

Though the most obvious use case for VMware vCloud Availability Cloud-to-Cloud DR is disaster recovery from one cloud availability zone to another cloud availability zone, it can handle a number of different use cases and provide significant capability and flexibility to service providers. For all use cases and situations, VMware vCloud Availability Cloud-to-Cloud DR supports non-disruptive testing of protected cloud workload in network and storage isolated environments. This provides the ability to test disaster recovery, disaster avoidance, or planned migrations as frequently as desired to ensure confidence in the configuration and operation of recovery on cloud. The use cases are as below:


A tenant or provider administrator can utilize C2C to migrate workloads from one organization VDC to another with minimal disruption from a self-service portal. End benefit is re-organizing workloads from an easy to use workflow.

  • Easy to use workflow mechanism
  • Organize workloads in different orgVDCs
  • Ability to migrate between vCD instances or within the same vCD instance

Disaster Recovery:

A service provider has multiple sites with vCD based multi-tenant environment. Customer like to do DR from one cloud provider site to another cloud site. Disaster recovery or a planned/unplanned failover is what VMware vCloud Availability Cloud-to-Cloud DR was specifically designed to accomplish for cloud providers. This helps providers and customers to achieve:

  • Fastest RTO
  • Recover from unexpected failure
  • Full or partial site recovery

Disaster Avoidance:

Preventive failover is another common use case for VMware vCloud Availability Cloud-to-Cloud DR. This can be anything from an oncoming storm to the threat of power issues.

VMware vCloud Availability Cloud-to-Cloud DR allows for the graceful shutdown of virtual machines at the protected site, full replication of data, and startup of virtual machines and applications at the recovery site ensuring app-consistency and zero data loss. Solution helps Providers and Customer in recovering from:

  • Anticipate outages
  • Preventive failover
  • Graceful shutdown ensuring no data loss

Upgrade and Patch Testing:

The VMware vCloud Availability Cloud-to-Cloud DR test environment provides a perfect location for conducting operating system and application upgrade and patch testing. Test environments are complete copies of production environments configured in an isolated network segment which ensures that testing is as realistic as possible while at the same time not impacting production workloads or replication.

This will give you basic idea of what vCloud Availability Clout-to-Cloud DR solves for the providers.


Features of VMware Cloud on AWS

VMware Cloud on AWS enables operational consistency for customers of all sizes whether their workloads operate on-premises or in the public cloud. here i would be covering some of the great feature which i like most and will give you opportunity to understand and explore more..

Automated Cluster Remediation:

Let’s suppose in our on-prem environment we have 8 node cluster , one of the node goes down because of hardware failure , that’s where our struggle start to get required hardware from hardware vendor etc.. but most importantly we loose one host in our HA cluster and if this cluster was highly utilised then your application VM might start facing resource crunch and in my experience this might go for at least 3-4 days by the time you get hardware fix and put back the host in to the cluster.

Now see the power of VMware Cloud on AWS – failed hosts in a VMware SDDC are automatically detected by VMware and replaced with healthy hosts and process runs as below:

  • VMware Team detects Host failure or problem identified
  • New Host will be added in to the cluster and data from problematic host will be either rebuild or migrated.
  • Old host evacuated from the cluster and replaced by new host.

Scale as per your convenience:

One of the major challenges in traditional data centers is finding the right balance between hardware and workload utilization.

VMware Cloud on AWS enables you to quickly scale up to ensure that you always have enough capacity to run your workloads during volume spikes and quickly scale down to ensure that you are not paying for hardware that is not being used. This feature provides higher availability with lower overall costs.


you have option to add and remove cluster as well as Host or you can enable Elastic Distributed Resources Scheduler (EDRS) , which is a policy-based solution that automatically scales a vSphere Cluster in VMware Cloud on AWS based on utilization. EDRS monitors CPU, memory, and storage resources for scaling operations. EDRS monitors the vSphere cluster continuously, and each 5 minutes EDRS runs the algorithm to determine if scale-out or scale-in operations is required.

vCenter Hybrid Linked Mode:

Hybrid Linked Mode allows you to link your VMware Cloud on AWS vCenter Server instance with an on-premises vCenter Single Sign-On domain and If you link your cloud vCenter Server to a domain that contains multiple vCenter Server instances linked using Enhanced Linked Mode, all of those instances are linked to your cloud SDDC.

You have two options for configuring Hybrid Linked Mode. You can use only one of these options at a time.

  • You can install the Cloud Gateway Appliance and use it to link from your on-premises data center to your cloud SDDC. In this case, Active Directory groups are mapped from your on-premises environment to the cloud.

  • you can link from your cloud SDDC to your on-premises data center. In this case, you must add Active Directory as an identity source to the cloud vCenter Server.

Using Hybrid Linked Mode, you can:

  • View and manage the inventories of both your on-premises and VMware Cloud on AWS data centers from a single vSphere Client interface, accessed using your on-premises credentials.

  • Migrate workloads between your on-premises data center and cloud SDDC.

  • Share tags and tag categories across vCenter Server instances.

Well Defined Separation of Duty for VMware and Customer Teams:

Amazon in discussion with VMware performs the following  tasks:

Hardware refresh , failed component replacement , bios upgrade and underline firmware patching will be done by AWS based on VMware compatibility list and this allow customer not to worry about this tedious exercise, compatibility issues and dedicated skill resources.

VMware Experts perform the following maintenance tasks:

  • Backup and restore of VMware appliances and infrastructure  like vCenter, NSX Manager,PSC etc…
  • Patching VMware Cloud on AWS components like vSphere, ESXi drivers, vSAN, NSX, SDDC console etc…this helps customers to just focus of App VM and their business , leave their virtual infrastructure maintenance to experts.
  • Providing VMware Tools patches through vSphere and will be available to your virtual machines , now customer is free to
  • Host and infrastructure VM monitoring

Customer’s Administrator are responsible for the following tasks:

  • Customer administrator manages backup and restoration of your workload VMs and applications.
  • Patching inside VM like guest OS, applications etc..
  • Upgrading VMware Tools installed on workload VMs
  • Monitoring of the your workload VMs and applications
  • Keeping VM templates and content library files updated so that new vms are deployed with latest/updated/patched updated master templates.
  • Manage and monitoring user access and monitoring of resource utilization and charges of integrated AWS if consuming.

Outages, Scheduled Maintenance, and Health Service Information:

VMware has hosted a separate website to display the current status of VMware Cloud services at , you can subscribe to updates.

Apart from VMware Cloud on AWS service, this website reports for below services also:

  • VMware AppDefense
  • VMware Cost Insight
  • VMware Discovery
  • VMware Kubernetes Engine
  • Log Intelligence
  • VMware Network Insight

NSX Hybrid Connect

NSX Hybrid Connect enables cloud on-boarding without retrofitting source infrastructure and supports migration from vSphere 5.1 or later to VMware Cloud on AWS without introducing application risk and complex migration assessments.NSX Hybrid Connect includes:

  • vSphere vMotion
  • bulk migration
  • high throughput network extension
  • WAN optimization
  • traffic engineering
  • load balancing
  • automated VPN with strong encryption
  • secured data center interconnectivity with built-in hybrid abstraction and hybrid interconnects.


VMware Site Recovery

VMware Site Recovery for VMware Cloud on AWS is separately purchased item that communicates with separately licensed VMware Site Recovery Manager and VMware vSphere Replication instances. Recovery can occur from on-premises to AWS or AWS SDDC to AWS SDDC. VMware Site Recovery can protect vCenter Server version 6.7, 6.5, and 6.0 U3.


Consumption of AWS Native Services with VMware Cloud on AWS

The partnership between VMware and Amazon increases the catalog of solutions readily available to all VMware Cloud on AWS users. Some of the popular AWS solutions are listed below:

  • Simple Storage Service (S3): Highly available, highly durable object storage service.
  • Glacier: Highly durable, high latency archive storage used mostly for backup.
  • EC2: AWS flagship compute platform.
  • VPC: Networking solution of AWS solutions both internal and external.
  • CloudWatch: Monitoring for AWS solutions.
  • IAM: Identity and Access Management solution of AWS.
  • AWS Database Services: Wide range of  DB service like: Relational Database Service (RDS), DynamoDB (NoSQL Database Service), RedShift (data warehouse for data from relational databases for analytics)
  • Simple Queue Service (SQS): Fully managed message queues for microservices, distributed systems, and server-less applications.
  • Route 53: (DNS) Domain name provider and services.
  • Elasti-Cache: Managed, in-memory data store services.

Simple and feature-rich Web Interface for Network Services

Customer can easily consume Network services with few clicks , you need not to be network expert and strong command line hands-on experience. just few clicks and your IPsec VPN, L2 VPN , NAT , Edge FW rules , getting public IP from amazon all are ready to consume.


i have covered few features of VMware Cloud on AWS , if you wants to dirty your hands , go ahead and login to  and if your organisation wants to test the feature and ease of consumption , there is one host option is there , By deploying a 1-node SDDC, you will be able to test out the features and functionality of VMware Cloud on AWS at a fraction of the cost. These 1-node SDDC’s are fully self-service, paid for by credit card (or HPP/SPP credits), and deployed in just under two hours.

Hope this helps you in understanding feature of VMware Cloud on AWS  better 🙂