VMware Cloud on AWS will be available for VMware Cloud Provider Program (VCPP) partners via the Managed Service Provider (MSP) program using commitment based contracts. VCPP partner owns the Terms of Service, manages onboarding, provisioning, billing and support for their end customers. Once a VCPP partner signs a commit contract for VMware Cloud on AWS, and the contract becomes active, they can be on-boarded into VMware Cloud Services, from where they can manage, support and generate usage.
In the following sections, we will outline the steps needed to on-board and provision the service on behalf of end customers. The on-boarding process is fairly simple and involves, creating master org, creating tenant orgs for service onboarding and provisioning the service. Master organization is a basic construct and can be mapped to a service provider. There can be multiple tenant organizations under this master org.
There must be only one MSP commit contract for each master org (each service provider can create their own master org – in this example it is Acme)
Creating master org
- VCPP partner email is a registered email with MyVMware account. Service provider email id used while creating commit contract MUST be a registered valid MyVMware account, with a complete profile and password. Make sure to verify by logging into MyVMware before providing this email for commit contract creation.
- The commit contract is created and has becomes active
Below are the steps for creating a master org
- When the commit contract becomes active, an email is automatically sent to the email id provided while signing the contract. Using this email, a master organization needs to be created first. It can take upto 30 minutes sometimes to be received after the commit contract becomes active.
This link can be used only once and will expire in 30 days. Once partner logs in VMware Cloud services using this link , he will able to create a new master Org and the activated commit contract is tied up as default payment method for that org as well as any tenant org created under this master org.
- Click on the onboarding email to login to VMware Cloud services console
- Enter a name for the master Org – ‘Acme’, accept T&Cs
- Confirm the commit contract to be associated with this organization. The commit contract associated with the master organization cannot be changed at a later time. If there was a fund account associated with this user, it will be displayed for informational purposes only.
- Provide the metadata for the master organization
- Country and zip code are required fields
- Tag is an optional field for an ID, which can be primarily used to filter / query while using the apis
- An example would be eng – a department that will be consuming the service
- Once the master org is created, the service provider lands in the home screen of VMware Cloud Services, from where he can onboard services for tenants.
At the end of this step SP has
- Logged into VMware Cloud Services
- Created a Master Orgs – Acme
- Accepted ToS
- Confirmed the commit contract associated with that master org
- Provided master org metadata
Service Onboarding and creating tenant orgs
SP needs to request a separate invitation from each service that he needs to consume and it can be attached against master or tenant organization. SP can request the service invitation via VMware Cloud Services using Request Access link in each service tile.
SP redeems the service invitation email for a specific VMware Cloud service (e.g. VMware Cloud on AWS) and associates the service with a tenant org (e.g. Coca-Cola), accepts ToS, confirms the commit contract and provide metadata for tenant org. Below are the steps for the same.
- When SP requests the service invitation via VMware Cloud Services, he receives the below email with the link for service activation. This link can be used only once and will expire in 14 days
- Clicking the link takes the SP to the VMware Cloud Services login page.
- Since tenant org Coca-Cola does not exist at this time new tenant org needs to be created before attaching the service to the org. If it already existed, the service can be attached to the existing org
- Provide the name of the tenant org, sign ToS, and confirm payment information.
NOTE: There is no option to change the commit contract at a later time.
- Enter metadata for the tenant org. Country and zip code are mandatory. Tag is an optional field for the id, which can be at a later time used for querying using apis
VMware Cloud on AWS: Provisioning SDDC and configuring for tenant
Once the SP has attached VMware Cloud on AWS service to a specific tenant org (leveraging the steps described above), SP needs to first deploy an SDDC (Software-Defined Data Center) and configure it, before sharing the vCenter with the tenant.
SP needs to collect information prior to deploying the SDDC
- End customer’s existing account number with Amazon Web Services
- The VPC and subnet required to connect
- Type of connection required to connect to SDDC externally
- Details of the network configuration to be set up
The steps provided below are basic ones. For detailed explanation of the steps, best to refer to the service guides
VMware on AWS Getting started guide
VMware Cloud on AWS onboarding blog
- Open the VMware Cloud on AWS service via VMware Cloud Services.
- Connect to tenant’s AWS account and click NEXT
- Configure SDDC properties
- Enter a name for the SDDC
- Select the number of hosts in the SDDC – 4
- Select the AWS region in which to deploy the SDDC – US West
- Click NEXT
- Select a VPC and a subnet in the AWS account to connect to
- (Optionally) Provide the IP address for the management network
- Click Deploy SDDC
- It might take upto 2-3 hours to deploy SDDC
- Once deployed, click on Network tab to see the network connections. By default vCenter Server cannot be accessed
In order to access vCenter Server for the deployed SDDC, a firewall rule needs to be created to allow traffic for tenant
- Create a firewall rule as below
Connection Info tab provides the vCenter Server URL and the credentials details that can be shared with the tenant to access vCenter Server of the SDDC deployed
- Select the encrypted password in clipboard and URL for vCenter Server and provide to tenant
- Open vCenter Server to view the details of the deployed SDDC – management cluster and compute cluster.
The deployed management cluster looks as below
Tenant has access only to the compute cluster.
VMware Cloud on AWS: Usage and Billing – Creation of 1 OR 3 year term subscription for tenant (Optional step)
By default, once the SDDC is provisioned, usage is billed on-demand hourly. However, 1-yr or 3-yr term subscriptions can be created for subscription pre-pay. The steps to create subscriptions can be found in the optional step.
You can also set up dedicated connections using VPN and configure hybrid linked mode from on-prem.
- Subscriptions can be created for VMware Cloud on AWS by selecting Subscriptions tab and CREATE SUBSCRIPTION within the VMware Cloud on AWS service. 1 year and 3 year term subscription are available and are applicable at the organization level.
- Select the number of hosts and region – US West and 4
- Select 3 Years Upfront and PLACE ORDER
- Subscriptions will be billed upfront.
This on-boarding process is your first step toward setting up VMware Cloud on AWS for your tenant as an MSP. Gathering as much information upfront regarding the organization structure, service requirements, network configuration required for the tenant will make the on-boarding very simple.
The post On-boarding to VMware Cloud on AWS for VCPP Partners appeared first on VMware Cloud Provider Blog.