By Pranay Jha
| Sep 29, 2020 | In Articles
| Total Views [ 2490 ]
There are certain prerequisites when we move to deploy VMware Cloud on AWS environment, as listed below.
Types of External Connectivity
Types of Permission
- Management components are managed by VMware.
- Customer can access vCenter Server.
- Compute Components are managed by Customer.
- Customer do not have access to NSX Manager, Policy Appliance, NSX Edge, or NSX Controller.
Type of Connectivity
MGW and CGW as discussed below, are known as T1 router in NSX-T terminology.
- T1 component on the Edge which provides access to services such as firewall
- T1 communicates with T0 router for access to the external environment.
Management Gateway (MGW)
Management components (such as vCenter, NSX Manager, and NSX Controllers) reside on networks connected to Management Gateway (MGW). This is complete managed by VMware and there is no access to end customer.
Compute Gateway (CGW)
Compute components (such as Virtual machines) reside on networks connected to Compute Gateway (CGW). This is managed by customers. Created network segments are also part of this and this is automatically connected to the CGW.
These T1 routers are further connected to another router which is known as T0 Router in NSX-T terminology.
- This T0 router establish communication with T1 routers which are connected to Compute Gateway components and Management Gateway components.
- There is firewall component on T1 which connects with internal components. This T1 also further connects to T0 to get access to external environment. Firewall at MGW provides security for Management Components such as vCenter server. Firewall at CGW provides security for Compute Components such as Virtual Machines. This is also known as CGW and MGW Edge Firewall which provides security to North/South traffic.There is another firewall known as DFW (Distributed Firewall) which provides security at vNIC level for Virtual Machines.
- Customer environment also connects with T0 router using IPSEC VPN.
- Internet gateway (IGW) connects with T0 Router.
- It connects with VPC.
- It connects with Direct Connect (DX).
- T0 connects with the external environment.
(Source of Picture: VMware and AWS)
Types of Deployment to Create Network Connection in VMC on AWS
There are multiple options to create connection in your VMware Cloud environment or create a networking environment.
It is basic kind of deployment where you want to deploy basic things like ISO, OVA, Template into your VMware Cloud.
If you just completely drag your networking environment into VMware Cloud.
It will be a few replicates your networking environment, turn it off your customer size, and then spin a backup to the VMware Cloud site.
Types of Resource Pool
Apart from these two networks, there are always two types of resource pools which get configured in VMware Cloud on AWS.
All components related to management network resides in this pool.
All components related to compute network resides in this pool.
Thank you for visiting my profile. I am Pranay Jha, bring along a total of 11+ years of extensive experience with me in Information Technology sector for organizations from small business to large enterprises, wherein my current assignment I am associated with IBM as a Technical Solution Architect for Virtualization platform. I am vExpert x 3 (16/17/18), VCIX-DCV, VCAP5/6-DCD, VCAP5-DCA, VCP7-CMA, VCP5/6-DCV, VCA-DCV, VCA-Cloud, VSP, VCE-CIA, MCITP, MCSE, MCSA(Messaging). I am also an Independent blogger and founder of http://vmwareinsight.com and https://cloudpathshala.com. I can be reached via email at firstname.lastname@example.org or Direct Message via Contact Us form.