Merge pull request #277199 from JnHs/jh-arc-vmnet

Arc-enabled VMware vSphere networking reqs

Author: v-regandowner

articles/azure-arc/data/includes/network-requirements.md

@@ -10,8 +10,8 @@ ms.date: 04/18/2022
 |**Service**|**Port**|**URL**|**Direction**|**Notes**|
 |--|--|--|--|--|
 | Helm chart (direct connected mode only) | 443 | `arcdataservicesrow1.azurecr.io` | Outbound |Provisions the Azure Arc data controller bootstrapper and cluster level objects, such as custom resource definitions, cluster roles, and cluster role bindings, is pulled from an Azure Container Registry. | 
-| Azure monitor APIs <sup>*</sup> | 443 |`*.ods.opinsights.azure.com`<br/>`*.oms.opinsights.azure.com`<br/>`*.monitoring.azure.com` | Outbound | Azure Data Studio and Azure CLI connect to the Azure Resource Manager APIs to send and retrieve data to and from Azure for some features. See [Azure Monitor APIs](#azure-monitor-apis). |
-| Azure Arc data processing service <sup>*</sup>| 443 |`*.<region>.arcdataservices.com` <sup>2</sup> | Outbound | |
+| Azure monitor APIs <sup>1</sup> | 443 |`*.ods.opinsights.azure.com`<br/>`*.oms.opinsights.azure.com`<br/>`*.monitoring.azure.com` | Outbound | Azure Data Studio and Azure CLI connect to the Azure Resource Manager APIs to send and retrieve data to and from Azure for some features. See [Azure Monitor APIs](#azure-monitor-apis). |
+| Azure Arc data processing service <sup>1</sup>| 443 |`*.<region>.arcdataservices.com` <sup>2</sup> | Outbound | |
 
 <sup>1</sup> Requirement depends on deployment mode:
 

articles/azure-arc/network-requirements-consolidated.md

@@ -1,7 +1,7 @@
 ---
 title: Azure Arc network requirements
 description: A consolidated list of network requirements for Azure Arc features and Azure Arc-enabled services. Lists endpoints, ports, and protocols.
-ms.date: 05/22/2024
+ms.date: 06/04/2024
 ms.topic: reference
 ---
 
@@ -58,25 +58,23 @@ This section describes additional networking requirements specific to deploying
 
 For more information, see [Azure Arc resource bridge network requirements](resource-bridge/network-requirements.md).
 
-## Azure Arc-enabled System Center Virtual Machine Manager
+## Azure Arc-enabled VMware vSphere
 
-Azure Arc-enabled System Center Virtual Machine Manager (SCVMM) also requires:
+Azure Arc-enabled VMware vSphere also requires:
 
-| **Service** | **Port** | **URL** | **Direction** | **Notes**|
-| --- | --- | --- | --- | --- |
-| SCVMM management Server | 443 | URL of the SCVMM management server | Appliance VM IP and control plane endpoint need outbound connection. | Used by the SCVMM server to communicate with the Appliance VM and the control plane. |
+[!INCLUDE [network-requirements](vmware-vsphere/includes/network-requirements.md)]
 
-For more information, see [Overview of Arc-enabled System Center Virtual Machine Manager](system-center-virtual-machine-manager/overview.md).
+For more information, see [Support matrix for Azure Arc-enabled VMware vSphere](vmware-vsphere/support-matrix-for-arc-enabled-vmware-vsphere.md).
 
-## Azure Arc-enabled VMware vSphere
+## Azure Arc-enabled System Center Virtual Machine Manager
 
-Azure Arc-enabled VMware vSphere also requires:
+Azure Arc-enabled System Center Virtual Machine Manager (SCVMM) also requires:
 
 | **Service** | **Port** | **URL** | **Direction** | **Notes**|
 | --- | --- | --- | --- | --- |
-| vCenter Server | 443 | URL of the vCenter server  | Appliance VM IP and control plane endpoint need outbound connection. | Used to by the vCenter server to communicate with the Appliance VM and the control plane.|
+| SCVMM management Server | 443 | URL of the SCVMM management server | Appliance VM IP and control plane endpoint need outbound connection. | Used by the SCVMM server to communicate with the Appliance VM and the control plane. |
 
-For more information, see [Support matrix for Azure Arc-enabled VMware vSphere](vmware-vsphere/support-matrix-for-arc-enabled-vmware-vsphere.md).
+For more information, see [Overview of Arc-enabled System Center Virtual Machine Manager](system-center-virtual-machine-manager/overview.md).
 
 ## Additional endpoints
 

articles/azure-arc/resource-bridge/network-requirements.md

@@ -2,7 +2,7 @@
 title: Azure Arc resource bridge network requirements
 description: Learn about network requirements for Azure Arc resource bridge including URLs that must be allowlisted.
 ms.topic: conceptual
-ms.date: 05/22/2024
+ms.date: 06/04/2024
 ---
 
 # Azure Arc resource bridge network requirements
@@ -18,7 +18,7 @@ Arc resource bridge communicates outbound securely to Azure Arc over TCP port 44
 [!INCLUDE [network-requirements](includes/network-requirements.md)]
 
 > [!NOTE]
-> The URLs listed here are required for Arc resource bridge only. Other Arc products (such as Arc-enabled VMware vSphere) may have additional required URLs. For details, see [Azure Arc network requirements](../network-requirements-consolidated.md).
+> The URLs listed here are required for Arc resource bridge only. Other Arc products (such as Arc-enabled VMware vSphere) may have additional required URLs. For details, see [Azure Arc network requirements](../network-requirements-consolidated.md#azure-arc-enabled-vmware-vsphere).
 
 ## SSL proxy configuration
 

articles/azure-arc/vmware-vsphere/includes/network-requirements.md

@@ -0,0 +1,13 @@
+---
+ms.topic: include
+ms.date: 06/04/2024
+---
+
+| **Service** | **Port** | **URL** | **Direction** | **Notes**|
+| --- | --- | --- | --- | --- |
+| vCenter Server | 443 | URL of the vCenter server  | Appliance VM IP and control plane endpoint need outbound connection. | Used to by the vCenter server to communicate with the Appliance VM and the control plane.|
+| VMware Cluster Extension | 443 | `azureprivatecloud.azurecr.io` | Appliance VM IPs need outbound connection. | Pull container images for Microsoft.VMWare and Microsoft.AVS Cluster Extension.|
+| Azure CLI and Azure CLI Extensions | 443 | `*.blob.core.windows.net` | Management machine needs outbound connection. | Download Azure CLI Installer and Azure CLI extensions.|
+| Azure Resource Manager | 443 | `management.azure.com` | Management machine needs outbound connection. | Required to create/update resources in Azure using ARM.|
+| Helm Chart for Azure Arc Agents | 443 | `*.dp.kubernetesconfiguration.azure.com` | Management machine needs outbound connection. | Data plane endpoint for downloading the configuration information of Arc agents.|
+| Azure CLI | 443 | - `login.microsoftonline.com` <br> <br> - `aka.ms` | Management machine needs outbound connection. | Required to fetch and update Azure Resource Manager tokens.|

articles/azure-arc/vmware-vsphere/support-matrix-for-arc-enabled-vmware-vsphere.md

@@ -55,16 +55,9 @@ The following firewall URL exceptions are needed for the Azure Arc resource brid
 
 [!INCLUDE [network-requirements](../resource-bridge/includes/network-requirements.md)]
 
-In addition, VMware VSphere requires the following exception:
-
-| **Service** | **Port** | **URL** | **Direction** | **Notes**|
-| --- | --- | --- | --- | --- |
-| vCenter Server | 443 | URL of the vCenter server  | Appliance VM IP and control plane endpoint need outbound connection. | Used to by the vCenter server to communicate with the Appliance VM and the control plane.|
-| VMware Cluster Extension | 443 | `azureprivatecloud.azurecr.io` | Appliance VM IPs need outbound connection. | Pull container images for Microsoft.VMWare and Microsoft.AVS Cluster Extension.|
-| Azure CLI and Azure CLI Extensions | 443 | `*.blob.core.windows.net` | Management machine needs outbound connection. | Download Azure CLI Installer and Azure CLI extensions.|
-| Azure Resource Manager | 443 | `management.azure.com` | Management machine needs outbound connection. | Required to create/update resources in Azure using ARM.|
-| Helm Chart for Azure Arc Agents | 443 | `*.dp.kubernetesconfiguration.azure.com` | Management machine needs outbound connection. | Data plane endpoint for downloading the configuration information of Arc agents.|
-| Azure CLI | 443 | - `login.microsoftonline.com` <br> <br> - `aka.ms` | Management machine needs outbound connection. | Required to fetch and update Azure Resource Manager tokens.|
+In addition, VMware VSphere requires the following:
+
+[!INCLUDE [netork-requirements](includes/network-requirements.md)]
 
 For a complete list of network requirements for Azure Arc features and Azure Arc-enabled services, see [Azure Arc network requirements (Consolidated)](../network-requirements-consolidated.md).