VMware HCX for dark sites (air-gapped)

14 May 2024 Leave a comment

HCX has historically always required internet access for activation and updates. Even after activation, it requires constant access as otherwise the software goes into a deactivated state. Whilst an internet proxy can be used for this access, there are customers out there who have been asking for years to be able to deploy it into sites which do not have internet access. Without HCX supporting this, it simply has not been an option.

There have been some amazing improvements to the product over the past year or so, and the release of 4.9 is no exception:

In some environments, security policies require systems to be disconnected from internet access, or air-gapped. With HCX 4.9.0, you can select Air-gapped Site Licensing Mode during deployment of the HCX Manager OVA in the vCenter Server. During activation, HCX checks the air-gap setting to determine whether the site can make inbound and outbound connections. For more information, see Understanding Air-gapped Sites.

https://docs.vmware.com/en/VMware-HCX/4.9/rn/vmware-hcx-49-release-notes/index.html

This is great news for customers who want to use HCX for migrations but either do not want to, or are unable to allow their infrastructure to access the internet.

Looking through the release notes, when deployed in Air-gapped Site Licensing Mode the following restrictions apply:

Considerations and limitations

  • Air gap sites can pair with any other site: air-gap or non-air gap.
  • Air gap sites support all HCX Services except for WAN Optimization, which requires a connection to VMware.
  • Site configured for air-gap operation cannot be changed to remove the air-gap setting. Sites must be redeployed without the air-gap setting to return the site to a non-air gap mode.
  • In the Support interface in the HCX Console, the Link last communicated information is not available for air-gap sites.
  • The Auto Approve option is not available for downloading log bundles at air-gap sites. For more information, see Gather Technical Support Logs

Once the first update is out post the release of 4.9, I will capture the steps on how to do an offline upgrade.

This release is long awaited and significant for a lot of customers who have been asking for ‘dark site’ HCX for some time.

Thanks for reading.

Post Views: 405

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.