Deploy and configure VMware HCX

This article shows you how to deploy and configure the on-premises VMware HCX Connector for your Azure VMware Solution private cloud. With VMware HCX, you can migrate your VMware workloads to Azure VMware Solution and other connected sites through various migration types. Because Azure VMware Solution deploys and configures the HCX Cloud Manager, you must download, activate, and configure the HCX Connector in your on-premises VMware datacenter.

VMware HCX Advanced Connector is pre-deployed in Azure VMware Solution. It supports up to three site connections (on-premises to cloud, or cloud to cloud). If you need more than three site connections, submit a support request to enable the VMware HCX Enterprise add-on. The add-on is currently in preview.

Tip

Although the VMware Configuration Maximum tool describes site pairs maximum to be 25 between the on-premises Connector and Cloud Manager, the licensing limits this to three for Advanced and 10 for Enterprise Edition.

Note

VMware HCX Enterprise is available with Azure VMware Solution as a preview service. It's free and is subject to terms and conditions for a preview service. After the VMware HCX Enterprise service is generally available, you'll get a 30-day notice that billing will switch over. You'll also have the option to turn off or opt-out of the service. There is no simple downgrade path from VMware HCX Enterprise to VMware HCX Advanced. If you decide to downgrade, you'll have to redeploy, incurring downtime.

First, review Before you begin, Software version requirements, and the Prerequisites.

Then, we'll walk through all the necessary procedures to:

  • Download the VMware HCX Connector OVA.
  • Deploy the on-premises VMware HCX OVA (VMware HCX Connector).
  • Activate the VMware HCX Connector.
  • Pair your on-premises VMware HCX Connector with your Azure VMware Solution HCX Cloud Manager.
  • Configure the interconnect (network profile, compute profile, and service mesh).
  • Complete setup by checking the appliance status and validating that migration is possible.

After you're finished, follow the recommended next steps at the end of this article.

Before you begin

As you prepare your deployment, we recommend that you review the following VMware documentation:

Prerequisites

If you plan to use VMware HCX Enterprise, make sure you've requested activation through the Azure VMware Solution support channels.

On-premises vSphere environment

Make sure that your on-premises vSphere environment (source environment) meets the minimum requirements.

Network and ports

IP addresses

Four networks are needed for VMware HCX:

  • Management network: Typically, it's the same management network used on the vSphere cluster. At a minimum, identify two IPs on this network segment for VMware HCX. You might need larger numbers, depending on your deployment.

    Note

    The method we recommend is creating a /26 network. On a /26 network, you can use up to 10 service meshes and 60 network extenders (-1 per service mesh). You can stretch eight networks per network extender by using Azure VMware Solution private clouds.

  • vMotion network: Typically, it's the same network used for vMotion on the vSphere cluster. At a minimum, identify two IPs on this network segment for VMware HCX. You might need larger numbers, depending on your deployment.

    The vMotion network must be exposed on a distributed virtual switch or vSwitch0. If it's not, modify the environment.

    Note

    This network can be private (not routed).

  • Uplink network: You want to create a new network for VMware HCX Uplink and extend it to your vSphere cluster via a port group. At a minimum, identify two IPs on this network segment for VMware HCX. You might need larger numbers, depending on your deployment.

    Note

    The method we recommend is creating a /26 network. On a /26 network, you can use up to 10 service meshes and 60 network extenders (-1 per service mesh). You can stretch eight networks per network extender by using Azure VMware Solution private clouds.

  • Replication network: This is optional. You want to create a new network for VMware HCX Replication and extend that network to your vSphere cluster via a port group. At a minimum, identify two IPs on this network segment for VMware HCX. You might need larger numbers, depending on your deployment.

    Note

    This configuration is only possible when the on-premises cluster hosts use a dedicated Replication VMkernel network. If your on-premises cluster does not have a dedicated Replication VMkernel network defined, there is no need to create this network.

Download the VMware HCX Connector OVA

Before you deploy the virtual appliance to your on-premises vCenter, you must download the VMware HCX Connector OVA.

  1. In the Azure portal, select the Azure VMware Solution private cloud.

  2. Select Manage > Connectivity and select the HCX tab to identify the Azure VMware Solution HCX Manager's IP address.

    Screenshot of the VMware HCX IP address.

  3. Select Manage > Identity.

    The URLs and user credentials for private cloud vCenter and NSX-T Manager display.

    Tip

    The vCenter password was defined when you set up the private cloud. It's the same password you'll use to sign in to Azure VMware Solution HCX Manager. You can select Generate a new password to generate new vCenter and NSX-T passwords.

    Display private cloud vCenter and NSX Manager URLs and credentials.

  4. Open a browser window, sign in to the Azure VMware Solution HCX Manager on https://x.x.x.9 port 443 with the cloudadmin@vsphere.local user credentials

  5. Select Administration > System Updates and then select Request Download Link.

  6. Select the option of your choice to download the VMware HCX Connector OVA file.

Deploy the VMware HCX Connector OVA on-premises

  1. In your on-premises vCenter, select an OVF template to deploy the VMware HCX Connector to your on-premises vCenter.

    Tip

    You'll select the OVA file that you downloaded in the previous section.

    Screenshot of browsing to an OVF template.

  2. Select a name and location, and select a resource or cluster where you're deploying the VMware HCX Connector. Then review the details and required resources and select Next.

  3. Review license terms. If you agree, select the required storage and network, and then select Next.

  4. Select storage and select Next.

  5. Select the VMware HCX management network segment you previously defined in the IP addresses prerequisites section. Then, select Next.

  6. In Customize template, enter all required information and then select Next.

    Screenshot of the boxes for customizing a template.

  7. Verify the configuration, and then select Finish to deploy the VMware HCX Connector OVA.

    Important

    You will need to turn on the virtual appliance manually. After powering on, wait 10-15 minutes before proceeding to the next step.

For an end-to-end overview of this procedure, view the Azure VMware Solution: HCX Appliance Deployment video.

Activate VMware HCX

After you deploy the VMware HCX Connector OVA on-premises and start the appliance, you're ready to activate. First, you need to get a license key from the Azure VMware Solution portal.

  1. In the Azure VMware Solution portal, go to Manage > Connectivity, select the HCX tab, and then select Add.

  2. Use the admin credentials to sign in to the on-premises VMware HCX Manager at https://HCXManagerIP:9443.

    Tip

    You defined the admin user password during the VMware HCX Manager OVA file deployment.

    Important

    Make sure to include the 9443 port number with the VMware HCX Manager IP address.

  3. In Licensing, enter your key for HCX Advanced Key and select Activate.

    Note

    VMware HCX Manager must have open internet access or a proxy configured.

  4. In Datacenter Location, provide the nearest location for installing the VMware HCX Manager on-premises. Then select Continue.

  5. In System Name, modify the name or accept the default and select Continue.

  6. Select Yes, Continue.

  7. In Connect your vCenter, provide the FQDN or IP address of your vCenter server and the appropriate credentials, and then select Continue.

    Tip

    The vCenter server is where you deployed the VMware HCX Connector in your datacenter.

  8. In Configure SSO/PSC, provide the FQDN or IP address of your Platform Services Controller, and then select Continue.

    Note

    Typically, it's the same as your vCenter FQDN or IP address.

  9. Verify that the information entered is correct, and select Restart.

    Note

    You'll experience a delay after restarting before being prompted for the next step.

After the services restart, you'll see vCenter showing as green on the screen that appears. Both vCenter and SSO must have the appropriate configuration parameters, which should be the same as the previous screen.

Screenshot of the dashboard with green vCenter status.

For an end-to-end overview of this procedure, view the Azure VMware Solution: Activate HCX video.

Important

Whether you're using VMware HCX Advanced or VMware HCX Enterprise, you may need to install the patch from VMware's KB article 81558.

Configure the VMware HCX Connector

Now you're ready to add a site pairing, create a network and compute profile, and enable services such as migration, network extension, or disaster recovery.

Add a site pairing

You can connect or pair the VMware HCX Cloud Manager in Azure VMware Solution with the VMware HCX Connector in your datacenter.

  1. Sign in to your on-premises vCenter, and under Home, select HCX.

  2. Under Infrastructure, select Site Pairing, and then select the Connect To Remote Site option (in the middle of the screen).

  3. Enter the Azure VMware Solution HCX Cloud Manager URL or IP address that you noted earlier https://x.x.x.9, the Azure VMware Solution cloudadmin@vsphere.local username, and the password. Then select Connect.

    Note

    To successfully establish a site pair:

    • Your VMware HCX Connector must be able to route to your HCX Cloud Manager IP over port 443.

    • Use the same password that you used to sign in to vCenter. You defined this password on the initial deployment screen.

    You'll see a screen showing that your VMware HCX Cloud Manager in Azure VMware Solution and your on-premises VMware HCX Connector are connected (paired).

    Screenshot that shows the pairing of the HCX Manager in Azure VMware Solution and the VMware HCX Connector.

For an end-to-end overview of this procedure, view the Azure VMware Solution: HCX Site Pairing video.

Create network profiles

VMware HCX Connector deploys a subset of virtual appliances (automated) that require multiple IP segments. When you create your network profiles, you use the IP segments you identified during the VMware HCX Network Segments pre-deployment preparation and planning stage.

You'll create four network profiles:

  • Management
  • vMotion
  • Replication
  • Uplink
  1. Under Infrastructure, select Interconnect > Multi-Site Service Mesh > Network Profiles > Create Network Profile.

    Screenshot of selections for starting to create a network profile.

  2. For each network profile, select the network and port group, provide a name, and create the segment's IP pool. Then select Create.

    Screenshot of details for a new network profile.

For an end-to-end overview of this procedure, view the Azure VMware Solution: HCX Network Profile video.

Create a compute profile

  1. Under Infrastructure, select Interconnect > Compute Profiles > Create Compute Profile.

    Screenshot that shows the selections for starting to create a compute profile.

  2. Enter a name for the profile and select Continue.

    Screenshot that shows the entry of a compute profile name and the Continue button.

  3. Select the services to enable, such as migration, network extension, or disaster recovery, and then select Continue.

    Note

    Generally, nothing changes here.

  4. In Select Service Resources, select one or more service resources (clusters) to enable the selected VMware HCX services.

  5. When you see the clusters in your on-premises datacenter, select Continue.

    Screenshot that shows selected service resources and the Continue button.

  6. From Select Datastore, select the datastore storage resource for deploying the VMware HCX Interconnect appliances. Then select Continue.

    When multiple resources are selected, VMware HCX uses the first resource selected until its capacity is exhausted.

    Screenshot that shows a selected data storage resource and the Continue button.

  7. From Select Management Network Profile, select the management network profile that you created in previous steps. Then select Continue.

    Screenshot that shows the selection of a management network profile and the Continue button.

  8. From Select Uplink Network Profile, select the uplink network profile you created in the previous procedure. Then select Continue.

    Screenshot that shows the selection of an uplink network profile and the Continue button.

  9. From Select vMotion Network Profile, select the vMotion network profile that you created in prior steps. Then select Continue.

    Screenshot that shows the selection of a vMotion network profile and the Continue button.

  10. From Select vSphere Replication Network Profile, select the replication network profile that you created in prior steps. Then select Continue.

    Screenshot that shows the selection of a replication network profile and the Continue button.

  11. From Select Distributed Switches for Network Extensions, select the switches that contain the virtual machines to be migrated to Azure VMware Solution on a layer-2 extended network. Then select Continue.

    Note

    If you are not migrating virtual machines on layer-2 extended networks, you can skip this step.

    Screenshot that shows the selection of distributed virtual switches and the Continue button.

  12. Review the connection rules and select Continue.

    Screenshot that shows the connection rules and the Continue button.

  13. Select Finish to create the compute profile.

    Screenshot that shows compute profile information.

For an end-to-end overview of this procedure, view the Azure VMware Solution: Compute Profile video.

Create a service mesh

Now it's time to configure a service mesh between on-premises and Azure VMware Solution SDDC.

Note

To successfully establish a service mesh with Azure VMware Solution:

  • Ports UDP 500/4500 are open between your on-premises VMware HCX Connector 'uplink' network profile addresses and the Azure VMware Solution HCX Cloud 'uplink' network profile addresses.

  • Be sure to review the VMware HCX required ports.

  1. Under Infrastructure, select Interconnect > Service Mesh > Create Service Mesh.

    Screenshot of selections to start creating a service mesh.

  2. Review the sites that are pre-populated, and then select Continue.

    Note

    If this is your first service mesh configuration, you won't need to modify this screen.

  3. Select the source and remote compute profiles from the drop-down lists, and then select Continue.

    The selections define the resources where VMs can consume VMware HCX services.

    Screenshot that shows selecting the source compute profile.

    Screenshot that shows selecting the remote compute profile.

  4. Review services that will be enabled, and then select Continue.

  5. In Advanced Configuration - Override Uplink Network profiles, select Continue.

    Uplink network profiles connect to the network through which the remote site's interconnect appliances can be reached.

  6. In Advanced Configuration - Network Extension Appliance Scale Out, review and select Continue.

    You can have up to eight VLANs per appliance, but you can deploy another appliance to add another eight VLANs. You must also have IP space to account for the additional appliances, and it's one IP per appliance. For more information, see VMware HCX Configuration Limits.

    Screenshot that shows where to increase the VLAN count.

  7. In Advanced Configuration - Traffic Engineering, review and make any modifications that you feel are necessary, and then select Continue.

  8. Review the topology preview and select Continue.

  9. Enter a user-friendly name for this service mesh and select Finish to complete.

  10. Select View Tasks to monitor the deployment.

    Screenshot that shows the button for viewing tasks.

    When the service mesh deployment finishes successfully, you'll see the services as green.

    Screenshot that shows green indicators on services.

  11. Verify the service mesh's health by checking the appliance status.

  12. Select Interconnect > Appliances.

    Screenshot that shows selections for checking the status of the appliance.

For an end-to-end overview of this procedure, view the Azure VMware Solution: Service Mesh video.

(Optional) Create a network extension

If you want to extend any networks from your on-premises environment to Azure VMware Solution, follow these steps:

  1. Under Services, select Network Extension > Create a Network Extension.

    Screenshot that shows selections for starting to create a network extension.

  2. Select each of the networks you want to extend to Azure VMware Solution, and then select Next.

    Screenshot that shows the selection of a network.

  3. Enter the on-premises gateway IP for each of the networks you're extending, and then select Submit.

    Screenshot that shows the entry of a gateway IP address.

    It takes a few minutes for the network extension to finish. When it does, you see the status change to Extension complete.

    Screenshot that shows the status of Extension complete.

For an end-to-end overview of this procedure, view the Azure VMware Solution: Network Extension video.

Next steps

If the appliance interconnect tunnel status is UP and green, you can migrate and protect Azure VMware Solution VMs by using VMware HCX. Azure VMware Solution supports workload migrations (with or without a network extension). You can still migrate workloads in your vSphere environment, along with on-premises creation of networks and deployment of VMs onto those networks.

For more information on using HCX, go to the VMware technical documentation: