Configure the VMware Cloud on AWS web portal console
Domain Name System (DNS) resolution is critical for Avamar deployment and configuration of the Avamar server, Avamar proxy, and the Data Domain appliance. All infrastructure components should be resolvable through a Fully Qualified Domain Name (FQDN). Resolvable means that components are accessible through both forward (A) and reverse (PTR) lookups.
In the VMware Cloud on AWS web portal console, ensure that the following requirements are met:
By default, there is no external access to the vCenter Server system in the Software Defined Data Center (SDDC). You can open access to the vCenter Server system by configuring a firewall rule. To enable communication to the vCenter public IP address from the SDDC logical network, set the firewall rule in the compute gateway of VMware Cloud on AWS. If the firewall rule is not configured in the SDDC, the Avamar server does not allow you to add the vCenter Server.
The default compute gateway firewall rules prevent all virtual machine traffic from reaching the internet. To allow the Avamar Server virtual machine to connect to the internet, create a compute gateway firewall rule. This action allows outbound traffic on the logical network that the Avamar Server virtual machine is connected to.
Configure DNS to allow machines in the SDDC to resolve Fully Qualified Domain Names (FQDNs) to IP addresses belonging to the internet. If the DNS server is not configured in the SDDC, the Avamar server does not allow you to add the vCenter Server by using the server's public FQDN or IP address.
It is recommended that you deploy the Data Domain system as a virtual appliance in the Amazon Virtual Private Cloud (VPC). During the SDDC creation, connect the SDDC to an AWS account, and then select a VPC and subnet within that account.
The Data Domain system running in the Amazon VPC must be connected to the VMware SDDC through the VMware Cloud Elastic Network Interfaces (ENIs). This action allows the SDDC, the services in the AWS VPC, and subnet in the AWS account to communicate without having to route traffic through the internet gateway.
If DDVE is running in the Amazon VPC, configure the inbound and outbound firewall rules of the compute gateway for Data Domain connectivity.
If using NSX-T, configure the DNS to resolve to the internal IP address of the vCenter server. Navigate to
SDDC Management > Settings > vCenter FQDN and select the
Private vCenter IP address so that you can directly access the management network over the built-in firewall. Additionally, ensure that you open TCP port 443 of the vCenter server in both the management gateway and the compute gateway.
Also, using NSX-T for file-level restore operations requires you to update the
axionfs.cmd file on the proxy appliances with the IPv4 address of the Avamar server. After you register and activate the Avamar proxy appliances in the Avamar server, log into each of the Avamar proxy appliances as
root, and then open the
/usr/local/avamar/var/axionfs.cmd file in a UNIX text editor. Within the file, locate the
--server entry key and update the corresponding value to the IPv4 address of the Avamar server. For example,
--server=192.168.2.150.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\