In the past, the ability to connect SDDCs with varying workloads has proven difficult. The latest release of VMware Cloud on AWS solves this challenge. Discover the new features that simplify your network architecture, streamline management and enable greater scalability between on-premises and SDDC environments.
Software-Defined Data Center (SDDC) networking is now easier to manage, more scalable and performs well with VMware Transit Connect, thanks to exciting features in the SDDC Version 1.12 release of VMware Cloud on AWS. Previously in preview mode, these features are now generally available – opening the door to new opportunities for our customers to innovate on VMware Cloud on AWS and setting the stage for the next generation of hybrid cloud networks.
VMware Transit Connect delivers VMware-managed, easy-to-use, scalable and performant connectivity solutions between VMware Cloud on AWS SDDCs. A new feature called SDDC Groups leverages the AWS Transit Gateway (TGW) to provide high-bandwidth, low-latency connectivity between SDDCs in the group and other VPCs in the same region. You can also add a Direct Connect Gateway (DXGW) to provide centralized connectivity to your on-premises SDDCs, as shown in the diagram below.
How SDDC Groups works with VMware Transit Connect
First, consider the diagram below. Before VMware Transit Connect came along, when establishing VPN connectivity, the use cases for integrating production workloads between SDDCs were limited to VPN throughput and latency.
With VMware Transit Connect, you can build a multi-SDDC architecture with highly scalable, resilient and high-speed connectivity.
A VMware Cloud on AWS SDDC Group enables automatic connectivity between the members. It also allows any-to-any high-bandwidth, low-latency connectivity between SDDC Group members in a single AWS region. Each SDDC attachment can handle up to 50 Gbits/second of burst traffic.
Since the initial launch of VMware Cloud on AWS, every SDDC is cross-linked via Elastic Network Interface (ENI) to a Virtual Private Cloud (VPC) within the customer-owned AWS account. This feature makes it possible to innovate when it comes to workload integrations and modernizing applications with a breadth of AWS services.
As shown in the diagram below, before VMware Transit Connect, you needed to establish VPN connectivity to other VPCs for deploying hybrid applications across your SDDCs and AWS VPCs.
VMware Transit Connect brings it to the next level to enable high-bandwidth, low-latency connectivity between SDDCs and VPCs to build high-speed hybrid applications.
Our customers are embracing AWS Direct Connect (DX) to achieve a dedicated connection between their on-premises network and SDDC workloads, with predictable bandwidth and latency performance. The setup attaches a Direct Connect Private virtual network interface (VIF) to individual SDDCs. In the recommended setup for production environments, it is not uncommon to find redundant AWS Direct Connect connections, increasing the number of Private VIFs. You can attach up to four Private VIF connections per SDDC.
VMware Transit Connect gives you another connectivity option between your SDDC and on-premises data center. It enables you to centralize connectivity to an SDDC Group using Direct Connect Gateway, providing DX connectivity to all SDDC Group members. You no longer need to configure a Direct Connect Private VIF per individual SDDC and establish multiple BGP sessions; this reduces your network management overhead and simplifies the network architecture.
Given that Direct Connect gateways are globally available, you can now access the SDDC Group from any Direct Connect location.
Using SDDC Groups with VMware Transit Connect, you can logically organize a set of SDDCs to simplify networking models and management at scale. You can also quickly build multiple SDDCs whose workloads need a high-bandwidth, low-latency connection to each other.
When it comes to Transit Connect routing:
- Traffic originating from SDDCs can be routed as SDDCs-to-SDDCs, SDDCs-to-VPCs and SDDCs-to-DXGW using VTGW.
- Traffic originating from VPCs or DXGW can be routed as VPCs-to-SDDCs, DXGW-to-SDDCs using VTGW.
- Traffic between VPCs-to-VPCs and VPCs-to-DXGW is blocked using VTGW. This routing policy is enforced because, for a VMware managed service, our SRE teams need the observability of SDDC at one end of the flow. It is not uncommon to find customers using AWS Transit Gateway to simplify VPC network architecture (as per the diagram below).
Learn more about VMware Transit Connect for SDDC Groups