Introducing Solution Tutorials for IBM Cloud for VMware as a Service

These two initial tutorials will guide you on the basic setup of a VMware as a Service – Single Tenant instance and show you how to create a virtual data center and its network, compute, and storage assets using the VMware Cloud Director Console and Terraform.

Topics covered include the following:

• How to create virtual data center (VDC) networks inside your virtual data center
• How to create virtual machines and attach them to your virtual data center network
• How to configure network address translation (NAT) and firewall (FW) rules on your virtual data center edge gateway

These tutorials assume that you already have a VMware as a Service – Single Tenant instance (site) deployed and that you have deployed at least one virtual data center on your instance. You can manage the lifecycle of director sites and virtual data centers by using either the VMware as a Service console or REST API.

The first tutorial is called “Creating a virtual data center in a VMware as a Service using the VMware Cloud Director Console.” The following diagram presents an overview of solution to be deployed using VMware Cloud Director Console:

This tutorial is divided into the following steps:

1. Log in to the instance’s VMware Cloud Director Console and deploy virtual data center networks.
2. Create virtual machines.
3. Create IP Sets and Static Groups.
4. Create NAT rules.
5. Create firewall rules.
6. Connect to the virtual machine using integrated web console.
7. Connect to the virtual machine through the Internet and validate connectivity.

The second tutorial—“Creating a virtual data center in a VMware as a Service with Terraform”—focuses on deploying a similar topology, but using a provided Terrafom template:

The flow for this tutorial is as follows:

1. Use the IBM Cloud Console to create a virtual data center in your single tenant instance. Your instance may have one or more virtual data centers, so you can have a dedicated virtual data center for testing purposes.
2. When the first virtual data center is created, an edge gateway and external networks are created automatically. External networks provide you with Internet access and an IP address block of `/29` with six usable public IP addresses. Subsequent virtual data centers have the option of using a dedicated (performance) or shared (efficiency) edge gateway.
3. Terraform templates are used to create virtual data center networks, virtual machines and firewall and network address translation rules. The creation is fully controlled though variables. Terraform authenticates to the VMware Cloud Director API with a user name and password. Access tokens will be supported in the near future.
4. Three virtual data center networks are created: two routed (`application-network-1` and `db-network-1`) and one isolated (`isolated-network-1`). Routed virtual data center networks are attached to the edge gateway while an isolated virtual data center network is a standalone network. You can create more networks based on your needs.
5. A jump server (`jump-server-1`) is created with the Windows 2022 operating system. This virtual server is attached to `application-network-1`. You can access the virtual machine though the VM console or by using RDP though the DNAT rule created on the edge gateway.
6. One example virtual machine (`application-server-1`) is created on the `application-network-1`. `Application-server-1` has an additional disk for logging. You can create more VMs or disks based on your needs.
7. One example virtual machine (`db-server-1`) is created on the `db-network-1` and `isolated-network-1` with two separate vNICs. The `db-server-1` has two additional disks for data and logging. You can create more VMs or disks based on your needs.
8. Source NAT (SNAT) and destination NAT (DNAT) rules are created for public network access. SNAT to public internet is configured for all routed networks and DNAT is configured to access the application server.
9. Firewall rules are provisioned to secure network access to the environment. To create firewall rules, Static Groups and IP Sets are created for networks and individual IP addresses.

IBM Cloud for VMware as a Service provides a great combination of flexible deployment models, security and performance of dedicated hardware and combined with highly available management plane and ease of use VMware Cloud Director. The capability to create multiple virtual data centers lets you to virtually isolate your teams’ or business units’ workloads and allows these teams to operate and manage their workloads individually. Through the advancements made by VMware and the community, you can also leverage Terraform to provision your VMware Infrastructure with Code from day one.

IBM Cloud for VMware as a Service (VMwaaS) gives you the benefits of simplified VMware management, dedicated instance, compute flexibility and scale to meet your workload demands.

• Learn more about the IBM Cloud VMware as a Service
• IBM Cloud for VMware as a Service Solution Tutorial using VMware Cloud Director Console
• IBM Cloud for VMware as a Service Solution Tutorial using Terraform
• IBM Cloud for VMware as a Service Reference Architecture