Please enable Javascript for better experience...
 
VMC on AWS - Understand the Networking Architecture of VMware Cloud on AWS
By Pranay Jha | Sep 29, 2020 | In Articles | Total Views [ 529 ]
(1 Like)
Rate

There are certain prerequisites when we move to deploy VMware Cloud on AWS environment, as listed below.

Types of External Connectivity

Types of Permission

  • Management components are managed by VMware.
  • Customer can access vCenter Server.
  • Compute Components are managed by Customer.
  • Customer do not have access to NSX Manager, Policy Appliance, NSX Edge, or NSX Controller.

Type of Connectivity

T1 Router

MGW and CGW as discussed below, are known as T1 router in NSX-T terminology.

  • T1 component on the Edge which provides access to services such as firewall
  • T1 communicates with T0 router for access to the external environment.

Management Gateway (MGW)

Management components (such as vCenter, NSX Manager, and NSX Controllers) reside on networks connected to Management Gateway (MGW). This is complete managed by VMware and there is no access to end customer.

Compute Gateway (CGW)

Compute components (such as Virtual machines) reside on networks connected to Compute Gateway (CGW). This is managed by customers. Created network segments are also part of this and this is automatically connected to the CGW.

T0 Router

These T1 routers are further connected to another router which is known as T0 Router in NSX-T terminology.

  1. This T0 router establish communication with T1 routers which are connected to Compute Gateway components and Management Gateway components.
  2. There is firewall component on T1 which connects with internal components. This T1 also further connects to T0 to get access to external environment. Firewall at MGW provides security for Management Components such as vCenter server. Firewall at CGW provides security for Compute Components such as Virtual Machines. This is also known as CGW and MGW Edge Firewall which provides security to North/South traffic.There is another firewall known as DFW (Distributed Firewall) which provides security at vNIC level for Virtual Machines.
  3. Customer environment also connects with T0 router using IPSEC VPN.
  4. Internet gateway (IGW) connects with T0 Router.
  5. It connects with VPC.
  6. It connects with Direct Connect (DX).
  7. T0 connects with the external environment.
(Source of Picture: VMware and AWS)

Types of Deployment to Create Network Connection in VMC on AWS

There are multiple options to create connection in your VMware Cloud environment or create a networking environment.

Greenfield

It is basic kind of deployment where you want to deploy basic things like ISO, OVA, Template into your VMware Cloud.

Brownfield

L2 Extensions

If you just completely drag your networking environment into VMware Cloud.

L3 Cutover

It will be a few replicates your networking environment, turn it off your customer size, and then spin a backup to the VMware Cloud site.

Types of Resource Pool

Apart from these two networks, there are always two types of resource pools which get configured in VMware Cloud on AWS.

Mgmt-ResourcePool

All components related to management network resides in this pool.

Compute-ResourcePool

All components related to compute network resides in this pool.


Thanks for visiting here. Share this article if you found it useful.
Like Facebook Page https://www.facebook.com/VMwareInsight/
Connect to twitter https://twitter.com/imPranayK
Subscribe my Channel https://www.youtube.com/vmwareinsight
Connect over Linkedin https://in.linkedin.com/in/impranayk
Share this on Social Media

About the Author

Pranay Jha
Pranay Jha
Founder, Contributer VMwareInsight.com

Public profile: user/profile/99900000


Follow me

facebook linkedin twitter G+ VMTN youtube

Thank you for visiting my profile. I am Pranay Jha, bring along a total of 11+ years of extensive experience with me in Information Technology sector for organizations from small business to large enterprises, wherein my current assignment I am associated with IBM as a Technical Solution Architect for Virtualization platform. I am vExpert x 3 (16/17/18), VCIX-DCV, VCAP5/6-DCD, VCAP5-DCA, VCP7-CMA, VCP5/6-DCV, VCA-DCV, VCA-Cloud, VSP, VCE-CIA, MCITP, MCSE, MCSA(Messaging). I am also an Independent blogger and founder of http://vmwareinsight.com and https://cloudpathshala.com. I can be reached via email at pranay1988jha@gmail.com or Direct Message via Contact Us form.

 
Please SignUp/Login to comment...

Or comment as anonymous...
* Name
* Email ID
Comment
 
Sponsors
 
 
 
 
 
Facebook Likes