There are certain prerequisites when we move to deploy VMware Cloud on AWS environment, as listed below.

Types of External Connectivity

Types of Permission

• Management components are managed by VMware.
• Customer can access vCenter Server.
• Compute Components are managed by Customer.
• Customer do not have access to NSX Manager, Policy Appliance, NSX Edge, or NSX Controller.

Type of Connectivity

T1 Router

MGW and CGW as discussed below, are known as T1 router in NSX-T terminology.

• T1 component on the Edge which provides access to services such as firewall
• T1 communicates with T0 router for access to the external environment.

Management Gateway (MGW)

Management components (such as vCenter, NSX Manager, and NSX Controllers) reside on networks connected to Management Gateway (MGW). This is complete managed by VMware and there is no access to end customer.

Compute Gateway (CGW)

Compute components (such as Virtual machines) reside on networks connected to Compute Gateway (CGW). This is managed by customers. Created network segments are also part of this and this is automatically connected to the CGW.

T0 Router

These T1 routers are further connected to another router which is known as T0 Router in NSX-T terminology.

1. This T0 router establish communication with T1 routers which are connected to Compute Gateway components and Management Gateway components.
2. There is firewall component on T1 which connects with internal components. This T1 also further connects to T0 to get access to external environment. Firewall at MGW provides security for Management Components such as vCenter server. Firewall at CGW provides security for Compute Components such as Virtual Machines. This is also known as CGW and MGW Edge Firewall which provides security to North/South traffic.There is another firewall known as DFW (Distributed Firewall) which provides security at vNIC level for Virtual Machines.
3. Customer environment also connects with T0 router using IPSEC VPN.
4. Internet gateway (IGW) connects with T0 Router.
5. It connects with VPC.
6. It connects with Direct Connect (DX).
7. T0 connects with the external environment.

Types of Deployment to Create Network Connection in VMC on AWS

There are multiple options to create connection in your VMware Cloud environment or create a networking environment.

Greenfield

It is basic kind of deployment where you want to deploy basic things like ISO, OVA, Template into your VMware Cloud.

Brownfield

L2 Extensions

If you just completely drag your networking environment into VMware Cloud.

L3 Cutover

It will be a few replicates your networking environment, turn it off your customer size, and then spin a backup to the VMware Cloud site.

Types of Resource Pool

Apart from these two networks, there are always two types of resource pools which get configured in VMware Cloud on AWS.

Mgmt-ResourcePool

All components related to management network resides in this pool.

Compute-ResourcePool

All components related to compute network resides in this pool.