Before you begin - - Alibaba Cloud Documentation Center

This topic describes the preparations that you must complete before you create a dedicated VMware environment.

Prerequisites

An Alibaba Cloud account is created, and the real-name verification and security settings are complete. For more information, see Create an Alibaba Cloud account .

Preparations

Create a virtual private cloud (VPC) and a vSwitch
Create a Cloud Enterprise Network (CEN) instance
Create a transit router
(Optional) Create an Internet NAT gateway
(Optional) Create elastic IP addresses (EIPs)
(Optional) Associate the EIPs with the Internet NAT gateway

Create a VPC and a vSwitch

Before you create VPCs and vSwitches, you must plan the number of VPCs and vSwitches, and CIDR blocks of VPCs and vSwitches. For more information, see Plan networks.

Procedure

1. Log on to the VPC console.

2. In the top navigation bar, select the region where you want to create a VPC.

Note

The VPC and the dedicated VMware environment that you want to deploy in the VPC must belong to the same region. At present, dedicated VMware environments are available in Shanghai Zone L, Beijing Zone L, and Shenzhen Zone F.

3. On the VPCs page, click Create VPC.

4. On the Create VPC page, set the following parameters and click OK. For more information about how to create a VPC and a vSwitch, see Create and manage a VPC.

Note

In this example, Do Not Assign is selected for IPv6 CIDR Block.

VPC-related parameters

Parameter	Description
Region	The region where you want to create the VPC.
Name	Enter a name for the VPC. The name must be 2 to 128 characters in length and can contain letters, digits, underscores (_), and hyphens (-). The name must start with a letter.
IPv4 CIDR Block	Enter the primary IPv4 CIDR block of the VPC. You can specify one of the following CIDR blocks or their subsets as the primary IPv4 CIDR block of the VPC: 192.168.0.0/16, 172.16.0.0/12, and 10.0.0.0/8. These CIDR blocks are standard private CIDR blocks as defined by Request for Comments (RFC) documents. The subnet mask must be 8 to 24 bits in length. For example, you can enter 192.168.0.0/24. You can also use a custom CIDR block other than 100.64.0.0/10, 224.0.0.0/4, 127.0.0.0/8, 169.254.0.0/16, and their subnets as the primary IPv4 CIDR block of the VPC. In scenarios where multiple VPCs are used or in hybrid cloud scenarios where data centers and VPCs are used, we recommend that you use subsets of standard RFC CIDR blocks as VPC CIDR blocks with subnet masks no more than 16 bits in length. Make sure that the CIDR blocks of the VPCs do not overlap in both scenarios. In addition, the CIDR blocks of the VPCs cannot overlap with those of the data centers in hybrid cloud scenarios. Note After you create a VPC, you cannot change its primary IPv4 CIDR block. However, you can add a secondary IPv4 CIDR block to the VPC. For more information, see Add a secondary CIDR block.
IPv6 CIDR Block	Specify whether to assign an IPv6 CIDR block to the VPC. In this example, Do Not Assign is selected. If you set this parameter to Assign (Default), the system automatically creates an IPv6 gateway of Free Edition for this VPC, and assigns an IPv6 CIDR block with the subnet mask /56, such as 2xx1:db8::/56. By default, IPv6 addresses are used only for communication within private networks. If you want to use an IPv6 address to access the Internet or to be accessed by IPv6 clients over the Internet, you must purchase a public bandwidth plan. For more information, see Enable and manage IPv6 Internet bandwidth. Note IPv6 CIDR blocks are supported only in the following regions: China (Qingdao), China (Beijing), China (Zhangjiakou), China (Hohhot), China (Ulanqab), China (Hangzhou), China (Shanghai), China (Shenzhen), China (Heyuan), China (Guangzhou), China (Chengdu), China (Hong Kong), Singapore, US (Virginia), and Germany (Frankfurt). After you create a VPC, you cannot change its IPv6 CIDR block.
Description	Enter a description for the VPC. The description must be 2 to 256 characters in length and cannot start with `http://` or `https://`.
Resource Group	Select the resource group to which the VPC belongs.

vSwitch-related parameters

Parameter	Description
Name	Enter a name for the vSwitch. The name must be 2 to 128 characters in length and can contain letters, digits, underscores (_), and hyphens (-). The name must start with a letter.
Zone	Select a zone for the vSwitch. In the same VPC, vSwitches in different zones can communicate with each other.
IPv4 CIDR Block	Specify an IPv4 CIDR block for the vSwitch. When you specify a CIDR block for the vSwitch, take note of the following limits: The CIDR block of a vSwitch must be a subset of the CIDR block of the VPC to which the vSwitch belongs. For example, if the CIDR block of a VPC is 192.168.0.0/16, the CIDR block of a vSwitch in the VPC can range from 192.168.0.0/17 to 192.168.0.0/29. The first IP address and the last three IP addresses of a vSwitch CIDR block are reserved. For example, if a vSwitch CIDR block is 192.168.1.0/24, the IP addresses 192.168.1.0, 192.168.1.253, 192.168.1.254, and 192.168.1.255 are reserved. If a vSwitch is required to communicate with vSwitches in other VPCs or with data centers, make sure that the CIDR block of the vSwitch does not overlap with the destination CIDR blocks. Note After you create a vSwitch, you cannot change its CIDR block.

Create a CEN instance

CEN is a highly available network built on the global private network of Alibaba Cloud. CEN uses transit routers to establish inter-region connections between VPCs. This enables VPCs to communicate with data centers and builds flexible, stable, enterprise-class networks in the cloud. For more information, see What is CEN?

Procedure

1. Log on to the CEN console.

2. On the Instances page, click Create CEN Instance.

3. In the Create CEN Instance dialog box, set the following parameters and click OK to create a CEN instance.

Parameter

Description

Name

Enter a name for the CEN instance.

The name must be 2 to 128 characters in length and can contain letters, digits, hyphens (-), and underscores (_). The name must start with a letter.

Description

Enter a description for the CEN instance.

The description must be 2 to 256 characters in length and cannot start with http:// or https://. You can leave this parameter empty.

Create a transit router

Dedicated VMware environments support Enterprise Edition transit routers and Basic Edition transit routers of CEN. By default, the transit routers created in the CEN console are Enterprise Edition transit routers.

Important

If you want to create a Basic Edition transit router, contact the Alibaba Cloud VMware Service (ACVS) team and submit an application. After the application is approved, log on to the ACVS console. On the Create a PrivateCloud page, click New Basic version TR to create a Basic Edition transit router.
If you select an existing Basic Edition transit router, you must attach the VPC created in the preceding step to the Basic Edition transit router in advance.
For more information about how to attach a VPC to a transit router, see Connect VPCs.

1. Log on to the CEN console.

2. On the Instances page, click the ID of the desired CEN instance.

3. On the Basic Settings > Transit Router tab, click Create Transit Router.

4. In the Create Transit Router dialog box, set the following parameters and click OK. For more information about how to create a transit router, see Transit routers.

Parameter	Description
Region	Select the region where you want to create the transit router.
Edition	The edition of the transit router. The system displays the transit router edition that is supported in the selected region.
Enable Multicast	Specify whether to enable the multicast feature. By default, the multicast feature is disabled. Note By default, this parameter is unavailable. If you want to enable the multicast feature, submit an application to your account manager. Only Enterprise Edition transit routers support the multicast feature. For more information, see Multicast overview.
Name	Enter a name for the transit router.
Description	Enter a description for the transit router.
Transit Router CIDR	Enter a CIDR block for the transit router. You can specify a CIDR block for the transit router. The CIDR block works in a similar way as the CIDR block of the loopback interface on a router. IP addresses for IPsec-VPN connections are allocated from the CIDR block. For more information, see Transit router CIDR blocks. Only Enterprise Edition transit routers support custom CIDR blocks.

(Optional) Create an Internet NAT gateway

NAT gateways provide NAT services and are classified into Internet NAT gateways and VPC NAT gateways. For more information, see What is NAT Gateway? Before you create the dedicated VMware environment, you need to create an Internet NAT gateway to configure Internet access for the dedicated VMware environment.

Procedure

Log on to the NAT Gateway console.
On the Internet NAT Gateway page, click Create NAT Gateway. For more information about how to create an Internet NAT gateway, see Create Internet NAT gateways.
If this is the first time you create a NAT gateway, you must create a service-linked role. In the Create Service-Linked Role section of the Internet NAT Gateway page, click Create Service-Linked Role. After the service-linked role is created, you can create NAT gateways.

Parameter	Description
Billing Method	Pay-As-You-Go: You can pay for resources after you use them. For more information, see Pay-as-you-go.
Region	Select the region where you want to create the NAT gateway. Note The NAT gateway and the VPC created for the dedicated VMware environment must belong to the same region.
VPC	Select the VPC for which you want to create the NAT gateway. After the NAT gateway is created, you cannot change the VPC to which the NAT gateway belongs. Note This VPC is the VPC created for the dedicated VMware environment. If you cannot find the VPC that you want to manage in the list, troubleshoot the issue by using the following methods: Check whether a VPC is created in the region that you selected. If your account is a Resource Access Management (RAM) user, check whether the RAM user has read permissions on the VPC. If not, contact the Alibaba Cloud account owner to obtain the permissions.
Associate vSwitch	Select a vSwitch for the NAT gateway. Note This vSwitch is the vSwitch created in the VPC where the dedicated VMware environment is deployed.
Instance Name	Enter a name for the NAT gateway.

(Optional) Create EIPs

An EIP is a public IP address that you can purchase and use as an independent resource. Before you create the dedicated VMware environment, create at least two EIPs to configure SNAT and DNAT features for the dedicated VMware environment. For more information about EIP, see What is EIP?

Procedure

Log on to the EIP console.
On the Elastic IP Addresses page, click Create EIP. For more information about how to create an EIP, see Create an EIP.
On the page that appears, set the following parameters, click Buy Now, and then complete the payment.

Parameter	Description
Billing Method	Select a billing method for the EIP. In this example, Pay-as-you-go is selected.
Region	Select the region where you want to create the EIP. Make sure that the EIP and the Internet NAT gateway to be associated with the EIP belong to the same region.
Line Type	Select a line type for the EIP. In this example, BGP (Multi-ISP) is selected.
Network Type	Select a network type for the EIP. You can select only Internet.
Maximum Bandwidth	Specify a maximum bandwidth value for the EIP based on your business requirements. In this example, 1 Mbit/s is used.
Data Transfer	Select a metering method for the EIP. In this example, Pay-By-Bandwidth is selected.
Name	Enter a name for the EIP. The name must be 2 to 128 characters in length and can contain letters, digits, periods (.), underscores (_), and hyphens (-). The name must start with a letter.
Resource Group	Select the resource group to which the EIP belongs.
Billing Cycle	Select a billing cycle for the EIP. For pay-by-bandwidth EIPs, you can select only Day. For pay-by-data-transfer EIPs, you can select only Hour.
Quantity	Specify the number of EIPs based on your business requirements.

(Optional) Associate the EIPs with the Internet NAT gateway

The Internet NAT gateway can work as expected and you can configure Internet access for the dedicated VMware environment only after you associate the EIPs with the Internet NAT gateway.

Procedure

Log on to the EIP console.
In the top navigation bar, select the region where the EIP is created. On the Elastic IP Addresses page, find the EIP that you want to manage and click Associate with Resource in the Actions column. In the Associate EIP with Resource dialog box, set the following parameters and click OK.

Description
Instance Type	In this example, NAT Gateway is selected.
Resource Group	(Optional) Select the resource group to which the NAT gateway belongs.
Select an instance to associate	Select the NAT gateway with which you want to associate the EIP. Make sure that the following requirements are met: You did not purchase a NAT bandwidth plan before November 3, 2017 by using the Alibaba Cloud account to which the NAT gateway belongs. If you did, associate the NAT bandwidth plan with the NAT gateway. The NAT gateway and the EIP must belong to the same region. Each NAT gateway can be associated with at most 20 EIPs, among which at most 10 pay-by-data-transfer EIPs can be associated. If you want to associate more EIPs, submit a ticket to request a quota increase. For more information, see Manage EIP quotas. Note The NAT gateway that you want to associate is the Internet NAT gateway created for the dedicated VMware environment.

Verify that the preceding operations are complete

Before you create the dedicated VMware environment, make sure that the following operations are complete: Create a VPC and a vSwitch, create a CEN instance, create a transit router, create an Internet NAT gateway (optional), create EIPs (optional), and associate the EIPs with the Internet NAT gateway (optional).