HCX - How to create Network and Compute Profiles < ProVirtualzone

In this second HCX – How to create Network and Compute Profiles about HCX Series blog post, I will address the Network Profiles. How to create them, and what the best practices and requirements are.

In the previous HCX blog post, How to install-pairing HCX Manager and Connector I installed the HCX Cloud Manager and HCX Connector Appliance and paired them, which means that both sites can now see each other. But we need to create the networks that will set the communication between Management, vMotion, Replication, Uplink (connection across sites), and Extend Network., etc.

First, let us start with what requirements to implement Network Profiles in HCX.

Virtual Switches in vCenter or NSX-t
- One underlying vSphere Port Group (VSS or VDS) or NSX-based network.

IP address information:

- Gateway IP, the network prefix and MTU, and DNS
- A pool of IP addresses is reserved for HCX to use during Service Mesh deployments.

Network Profile configurations are only used during Service Mesh deployments (IP addresses assigned to the IX, NE, and OSAM appliances). HCX Compute Profile will always use one or more Network Profiles to connect to the Infrastructure.

Network Profiles Types:

Management and Uplink are used for management connections, and vMotion, Replication, and Guest Network Network Profiles are used for migrations tasks.

HCX Management
Used by Service Mesh components to connect to HCX Manager, vCenter Server, NTP, and DNS.

HCX Uplink
Used by Service Mesh components to reach their peer appliances.

Important:
When destination HCX systems need to be reachable over the Internet, use the Uplink Network Profile to assign the Public IP addresses. Destination NAT configurations are not supported.
The source HCX systems don’t need Public IP addresses and can be configured using traditional SNAT.

HCX vMotion
Used by Service Mesh components to connect to the ESXi cluster for vMotion-based services.

HCX Replication
Used by Service Mesh components connect to the ESXi cluster for Replication-based services.

Note:
This Network Profile type is compatible with ESXi vSphere Replication VMkernel traffic but cannot be used for vSphere Replication NFC VMkernel traffic. vSphere Replication NFC VMkernel traffic will always use the Management network.

HCX Guest Network
In OSAM deployments, used by the Service Mesh Sentinel Gateway to connect to the Sentinel agents.

Network Profiles will be used when Mesh Applications Services are deployed and used with Compute Profile.

HCX-IX (Migrations, DR)
HCX-NE (Network Extension)
HCX-WO (WAN Optimization)
HCX-Sentinel Gateway (OSAM)
HCX-Sentinel Data Receiver

HCX Services Appliances Example:

I will explain more about HCX Appliances when we deploy the Mesh.

Note: In my HCX Infrastructure Lab, I only use IX, NE, and WO services. Since HCX-Sentinel Gateway and HCX-Sentinel Data Receive need Enterprise Licenses, and I am using the Advanced Licensed(provided by NSX-T), we only have those three services enabled.

Before we start creating our HCX Network Profiles, there are five deployment types of Network Profiles.

HCX Network Configuration 1 – Shared Management, Replication, and Uplink with Dedicated vMotion
HCX Network Configuration 2 – Dedicated Replication Network
HCX Network Configuration 3 – Dedicated Uplink Network
HCX Network Configuration 4 – OS Assisted Migration Using Guest Network
HCX Network Configuration 5- OS Assisted Migration Using Management Network

In this HCX Lab, I am a mix of deployment types. I use shared networking for Management and Uplink. For vMotion and Replication, I am using an isolated network with 2x vNIC.

My configuration:

vCenter Source:

vCenter Management Portgroup:

HCX Management Portugroup
HCX Uplink Portugroup

vCenter new vDS with 2x dedicated vNIC

HCX vMotion
HCX Replication

vCenter Targer VCF:

vCenter Management Portgroup:

HCX Management Portugroup
CX Uplink Portugroup

vCenter new vDS with 2x dedicated vNIC

HCX vMotion
HCX Replication

With this configuration, I have Management and Uplink shared with the vNICs from the ESXi Management. In the vMotion and Replication, they share two dedicated physical interfaces for the traffic.

An example of my HCX Network Profile Topology.

You can see more information about different types of Network Profiles and designs HERE.

How to create HCX Network Profiles

After we have our Site Pairing finished (talked about in the previous HCX blog post), we now ca start creating our Network Profiles.

Note: We will show an example from the HCX Connector Source; use this example also to create Network Profiles in the HCX Cloud Manager Target.

Login to your HCX Connector and go to Interconnect option, select the tab Network Profiles, and click Create Network Profile.

Start creating your Network Profiles. We will start by creating the Management Network Profile.

First, select the vSwitch, vDS, or NSX network(not mandatory for HCX Connector) that you will use for this Network Profile. In this case, it is a vDS.

Second, select the Portgroup that you create for the HCX Management.

Third, add the IP Pool addresses for Management. We will need one IP address per Appliance. Since we are only deploying one, then one IP Address. But you can add here a full IP Pool range. HCX will use the necessary IP addresses, and I will add two here.

Fill in the rest of the information(mask, Gateway, DNS, and DNS suffix). I will use 1500 MTU for Management and MTU 9000 for vMotion and Replication. Use the MTU size that fits your Network.

These are the MTU size, bandwidth, and latency requirements:

Check HERE all information about Network Underlay Minimum Requirements.

Fourth, for a better network catalog, select the Management Traffic Type(this is not mandatory, it is just to HCX identify each type of Network when creating the Mesh Profile), and finish by clicking Create.

We now see a Management Network Profile Created and after we create the Management Network Profile, let us create the Replication Network Profile. The same options are explained above, but for Replication, I use MTU 9000.

Finally, let us create the Uplink and vMotion.

We have created Management, Uplink, vMotion, and Replication Network Profiles.

And the latest task we finish creating HCX Network Profiles in the HCX Connect source. After this, you can create in the HCX Manager Target side or go to the next step in the HCX Connect: Creating Compute Profile.

How to create HCX Compute Profiles

What is the Compute Profile in HCX?

A Compute Profile is the HCX Connect Infrastructure that contains the compute, storage, and network settings that HCX uses on the source or target site to deploy the Interconnect-dedicated virtual appliances when a Service Mesh is added.

Mesh will connect the Compute Profile from the Source to the Compute Profile in the Target. Not only to connect those two infrastructures for the migrations but also so that Mesh can deploy Interconnect-dedicated virtual appliances services to build the HCX Infrastructure connections.

Login to your HCX Connector and go to Interconnect option, select the tab Compute Profiles, and click Create Compute Profile.

First, give a name to your Compute Profile(I always identify the Compute with the site’s name to track locations)

Next, select the services you will need for your HCX Interconnect Appliances. A simple configuration will only need three services(Hybrid Interconnect, Cross-cloud vMotionMigration, and Bulk Migration). For more advanced HCX implementations, we add extra services like:

WAN Optimization – for WAN Optimization techniques like data deduplication and line-conditioning. For low bandwidth infrastructures or internet Multi-Cloud Migrations
Network Extension – High throughput Network Extension service with integrated Proximity Routing unlocks seamless mobility and simple disaster recovery plans across sites with IP/MAC address retention.
Disaster Recovery – The Disaster Recovery service is a business continuity solution that protects workloads from app-level to site-wide disasters.

With HCX Enterprise License:

Replication Assisted vMotion Migration –VMware HCX Replication-Assisted vMotion (RAV), combines advantages from VMware HCX Bulk Migration (parallel operations, resiliency, and scheduling) with VMware HCX vMotion (zero downtime virtual machine state migration).
SRM Integration – Provides the ability to configure DR from VMware Site Recovery Manager. HCX can be used as an SRM extension for the replication of VMs.
OS-Assisted Migration – The OS-Assisted Migration service can be used to bring OpenStack workloads into a vSphere environment and is also used to migrate VMs from Legacy Systems or other Hypervisors like KVM or Hyper-V.

As shown next, for this HCX Lab, I will enable all the HCX Advanced Services.

Next, Select your Datacenter or Cluster that Compute Profile will use.

In the next section, you select the Cluster, Datastore, and VMs Folder(optional).

Note: Don’t forget these selections are where your HCX Appliances will be deployed. You can also reserve vCPU and vMemory for these Appliances to run. If this is a production environment, I recommend you reserve 100%(if you have it available) so that all services are running correctly without a lack of resources.

Next, we will start to select the Network Profiles created before. Start by choosing the Management Network Profile.

Next, select the Uplink Network Profile.

Note: If you use the Network Profile Type checkbox, HCX will highlight with a green icon(as you can see in the next image) that this was the Network Profile you created for Uplink.

Next is the vMotion Network Profile. Again, use the recommended by HCX.

As you can see, every time you select a Network Profile, HCX will start creating the network in the design.

The last one to select is the Replication network.

Since I have selected the service Network Extension, I will need to use a Network for this Network(not a Network Profile). In this case, I will use the NSX-T overlay Portgroup created for this service.

Important note: If you are using NSX-T in the source or at the Target(mandatory), you need to use an NSX-T overlay network, not a vSwith, or vDS Portgroup.

After tasks are finished, double-check all the settings and click finish.

As we can see in the following image, Compute Profile is created for the Appliances services with the Compute Resources using the HCX Network Profiles.

To finalize, I also created a Compute Profile in the Target(after Network Profiles were created). HCX Infrastructure is now ready to connect with the HCX Interconnect Appliances when Mesh is created.

Configuring the HCX Network Profile and HCX COmpute Profile in the HCX Cloud Manager target, we finish this section. Next, we will create the HCX Mesh that will deploy all the HCX Interconnect services Appliances, and then we can start migrating VMs between the two locations.

Sorry if the blog post was a bit long, but I like to explain each segment in detail so that anyone who never used HCX understands how to deploy and how it works.

I will explain how to create HCX Mesh in the next HCX Series blog post.