Follow these instructions to deploy PCG in your AWS account.

Procedure

  1. Log in to CSM using an account with the Enterprise Administrator role.
  2. Click Clouds > AWS > <AWS_account_name> and go to the VPCs tab.
  3. In the VPCs tab, select an AWS region name, for example, us-west. The AWS region must be the same where you created the compute VPC.
  4. Select a compute VPC configured for NSX Cloud.
  5. Click Deploy Gateways.
  6. Complete the general gateway details:

    Option

    Description

    PEM File

    Select one of your PEM files from the drop-down menu. This file must be in the same region where NSX Cloud was deployed and where you created your compute VPC.

    This uniquely identifies your AWS account.

    Quarantine Policy on the Associated VPC

    The default selection is Enabled. This is recommended for greenfield deployments. If you already have VMs launched in your VPC, disable the Quarantine policy. See Manage Quarantine Policy in the NSX-T Data Center Administration Guide for details.

    Proxy Server

    Select a proxy server to use for internet-bound traffic from this PCG. The proxy servers are configured in CSM. You can select the same proxy server as CSM if one, or select a different proxy server from CSM, or select No Proxy Server.

    See (Optional) Configure Proxy Servers for details on how to configure proxy servers in CSM.

    Advanced

    The advanced settings provide extra options if required.

    Override AMI ID

    Use this advanced feature to provide a different AMI ID for the PCG from the one that is available in your AWS account.

    Obtain via Public Cloud Provider's DHCP

    Select this option if you want to use AWS settings. This is the default DNS setting if you do not pick either of the options to override it.

    Override Public Cloud Provider's DNS Server

    Select this option if you want to manually provide the IP address of one or more DNS servers to resolve NSX-T Data Center appliances as well as the workload VMs in this VPC.

    Use Public Cloud Provider's DNS server only for NSX-T Data Center Appliances

    Select this option if you want to use the AWS DNS server for resolving the NSX-T Data Center management components. With this setting, you can use two DNS servers: one for PCG that resolves NSX-T Data Center appliances; the other for the VPC that resolves your workload VMs in this VPC.

  7. Click Next.
  8. Complete the Subnet details.

    Option

    Description

    Enable HA for Public Cloud Gateway

    The recommended setting is Enable, that sets up a High Availability Active/Standby pair to avoid an unscheduled downtime.

    Primary gateway settings

    Select an Availability Zone such as us-west-1a, from the drop-down menu as the primary gateway for HA.

    Assign the uplink, downlink, and management subnets from the drop-down menu.

    Secondary gateway settings

    Select another Availability Zone such as us-west-1b, from the drop-down menu as the secondary gateway for HA.

    The secondary gateway is used when the primary gateway fails.

    Assign the uplink, downlink, and management subnets from the drop-down menu.

    Public IP on Mgmt NIC

    Select Allocate New IP address to provide a public IP address to the management NIC. You can manually provide the public IP address if you want to reuse a free public IP address.

    Public IP on Uplink NIC

    Select Allocate New IP address to provide a public IP address to the uplink NIC. You can manually provide the public IP address if you want to reuse a free public IP address.

    Click Deploy.

  9. Monitor the status of the primary (and secondary, if you selected it) PCG deployment. This process can take 10-12 minutes.
  10. Click Finish when PCG is successfully deployed.

What to do next

Onboard your workload VMs. See Onboarding and Managing Workload VMs in the NSX-T Data Center Administration Guide for the Day-N workflow.