Creating a Logical Data Center for Amazon Web Services

You can bring existing Amazon Web Services (AWS) resources, such as Virtual Private Clouds (VPCs) and Availability Zones into BMC Cloud Lifecycle Management by onboarding them as Logical Data Centers. You can also create new AWS resources by creating a network blueprint and then building a Logical Data Center for the blueprint. The Logical Data Center that you create can represent a Virtual Private Cloud (VPC) or an Availability Zone. 

In BMC Cloud Lifecycle Management, a network container is a data object that provides network isolation for tenants in the cloud. For AWS offerings, the network container is referred to as a Logical Data Center, which is based on an Availability Zone or a VPC.

This topic includes the following sections:

Before you begin

• Ensure that the AWS provider has been created.
• Ensure that user credentials for Amazon Web Services workloads have been set.
• Create one or more network blueprints for AWS.

To create a new Logical Data Center

To create a new Logical Data Center (network container) for AWS, you launch a wizard that contains three dialog boxes. In the first dialog box, you specify the unique name of the container, its pod, network blueprint, NAT range (if applicable), and any tags. In the second dialog box, you specify networks, firewalls, and associated load balancers. In the third dialog box, you enter any additional parameters.

1. From the BMC Cloud Lifecycle Management Administration Console, click the vertical Workspaces menu on the left side of the window and select Resources.
2. Under Quick Links on the left, click Network Containers under the Network section.
3. Click the Create Network Container icon .
   The Create Network Container wizard is displayed.
   

4. Complete the following fields. Unless otherwise stated, all fields are required.

   Field	Description
   Name	Enter a unique name.
   Description	(Optional) Provide a description that helps to distinguish this container.
   Provider	Select the AWS provider.
   Account	Select the appropriate AWS account.
   Regions	Select the desired region. Tip You can customize the list of regions by using the CMF:AmazonAWSRegions AR form. You can use the form to add regions to or remove regions from this list. For more information about BMC Remedy AR System forms, see the BMC Remedy AR System online technical documentation.
   Container blueprint	Select a network blueprint from the list of available ones. The selection of the network blueprint determines whether the container is dynamic and whether it supports Network Address Translation (NAT).
   Tags	(Optional) Add metadata that helps to define and classify the network container. Click the Add Tag icon to open the Tag Details dialog box from where you select or add a tag. See Creating tag groups and tags.
   Address block	Review this table to see the block of IP addresses that will be available for the VPC. Under Add Address Block, use the following fields to add a new address block: Address - Enter a single IP address to identify the starting point of the address range. Mask - 24- or 32-bit mask that divides the IP address into subnets and identifies the available hosts in the network. Click Add to add the new address block. The Address in combination with the Mask defines the address range for the block to be allocated for the network container.
   Enable External IPAM	(Optional) Select this check box if you want to use an external IPAM. If this option was selected when you created the selected network blueprint, the check box is selected by default. For more information, see Enabling IP address management.
   Enable DNS Registration	(Optional) Select this check box if you want to add DNS registration at the logical hosting environment level. If this component was added when you created the selected network blueprint, the check box is selected by default. If you select the Enable DNS Registration check box but you do not enter values in the DNS Registration Details tab (described in the next step), the LHE creation may fail with no DNS registration values found.   For more information, see Creating and managing network blueprints using the Network Designer.

5. Click Next to open the Dynamic Components panel. 

   It displays the available networks and corresponding load balancers. The container will be provisioned on the network by BMC Cloud Lifecycle Management using the specified network blueprint.
   • Networks tab - This tab displays the networks that are associated with the network blueprint selected in the previous dialog box. You can enable or disable networks from this tab. When you configure DNS at the network level while creating a network blueprint, the Enable External DNS column on the Networks tab is set to True by default. When you edit a network, the Enable DNS Registration check box is selected, and the fields display DNS details.
   • Load balancers tab - This tab displays the logical load balancers associated with the networks specified on the Networks tab. You can enable or disable load balancers from this tab.
   • Firewalls tab - This tab displays the virtual, or perimeter, firewalls associated with the Logical Data Center. You can enable or disable firewalls from this tab.
   • Distributed firewalls tab - This tab displays the distributed firewalls associated with the Logical Data Center. You can enable or disable distributed firewalls from this tab.
   • DNS Registration Details tab - This tab displays the DNS details that were entered when the network blueprint was created. You can overwrite the details by selecting a row and clicking the Edit  icon, or by clicking the Add icon and adding new DNS registration details. You can register only one DNS.
     This tab is visible if the Enable DNS Registration check box is selected. (See step 4 above.)

6. Click Next to continue to the Additional Parameters dialog box, where you can add runtime parameters from the network container blueprint.
   The parameters are name-value pairs. If you have NAT enabled in your network blueprint for a private subnet, you must provide a parameter at runtime that creates a NAT translator server in Amazon. The translator assigns a NAT address to the instances running in your private network and routes traffic to the internet through the NAT server. 

   Note

   If you do not specify the parameter, you will receive an error when creating the Logical Data Center.
   1. Click the Add Additional Parameters icon to add a row to the table.
   2. In the Name column, enter a parameter name, for example nat-ami-id.
   3. In the Value column, enter the NAT AMI ID that belongs to the region. 
      This parameter creates an instance in your region with the following name: zone NAT.
7. Click Submit.
   After the activity is marked as complete, you can click the Refresh icon  in the upper-right corner of the window to refresh the Resources table so that the newly created network containers appear in the list of network containers.

Where to go from here

To continue with the next step of the wizard when creating or editing a network container, see Managing dynamic components for network containers.

You can now map tenants to a Logical Data Center.