In this blog, we’ll cover Part 3 of our VMC Integrations series, discussing how to leverage an Amazon Application Load Balancer (ALB) with VMware VMs.

What we’ve covered previously:

Now, let’s jump in!

In this scenario, I have four (4) front-end apache servers running in my VMware SDDC. These do not have any public IP addresses associated with them and no NAT’ing configured. What we’re going to do is create an AWS Application Load Balancer (ALB) that will route to the internal IP addresses of the VMware VM’s even though they do not reside within the VPC of the Load Balancer. Kinda cool, right?


As you can see below, I have my four apache servers (BG-Frontend-Apache-0(1-4)) sitting in my VMware Cloud on AWS SDDC.


If we take a look at each of these virtual machines you’ll notice that they all have private IP addresses ( This is important to understand as we move forward. Keeping track of their private IP addresses, we move on to create the target group that will be used by the AWS Application Load Balancer. (*Note: We already set up our firewall and security group rules in the previous blog posts.)


In the AWS Console, under EC2 > Load Balancing > Target Groups, we have a target group we created for these Apache VMs. When registering the targets, instead of pointing them to a VPC, we point them to ‘Other Private IP’. We then enter the IP addresses of the four VMs. As you can see in the image below, we’ve added all four targets and they all appear to be healthy.


Now that we’ve got our target group that our Application Load Balancer will consume, we can go ahead and create the Load Balancer. Creating an Application Load Balancer (ALB) is very straightforward so I won’t cover all the steps to create it. What you do need to ensure though, is that the VPC that is chosen at creation is the VPC that is connected to your VMC SDDC. Also add port 80 and your target group as a ‘Listener’, and you will be good to go.


Once created, our ALB gave us an address of: (feel free to try out the link!) Each of my Apache VMs is running a simple static website with a title, the name of the VM, and an image of the VMware Cloud on AWS overview slide. Once you are on this page, try refreshing multiple times and you will see that it is hitting each of the different VMs from the Target Group.


What’s really neat about this is that I no longer need to deploy my own software load balancer in the VMware stack. There is no additional updating or maintenance I need to perform with my load balancer as I am now using one provided by AWS. Remember, all of these Apache VMs were using their private IP addresses and I did not have to configure additional NAT’ing rules or add Public IPs to my VMware Cloud on AWS SDDC just to resolve these VMs. They are all leveraging the Elastic Network Interface (ENI) connectivity between the VMware stack and their AWS services. Something you won’t find anywhere else. This opens up endless possibilities for customers to design and implement their datacenter application architecture.

Written by


Brian Graf is a Sr. Technical Marketing Manager for VMware Cloud on AWS at VMware. He has also worked on ESXi Lifecycle, PowerCLI Automation and been the Product Manager for vSphere DRS and HA. Brian is co-author of the PowerCLI Deep Dive 2nd edition book and a Microsoft MVP.

You May Also Like to Read