For those coming from an NSX-V background, you’ll remember how we enabled east-west traffic by deploying Distributed Logical Routers (DLR). This has changed ever so slightly in NSX-T, with earlier versions using Tier-1 Logical Routers, and in 2.4, Tier-1 Gateways.
That didn’t disappoint! I’ve wanted to visit the North East England VMUG for sometime, so being asked to present at the user group made it all the more special. As I sit here in Newcastle International Airport waiting for my flight home, I thought I’d summarise the event for those who’ve never been to a VMUG event, are thinking of doing so in the future, or are thinking of speaking at a local VMUG.
The next North East England VMUG will be taking place on Thursday 26th September at the Royal Station Hotel, Newcastle, and I’m excited to be presenting alongside so many fantastic individuals from throughout the vCommunity.
My session will be covering VMware NSX Data Centre for vSphere (NSX-V) and, more specifically, a real world look at micro-segmentation and the implementation of a zero-trust environment. NSX makes this fairly easy thanks to a number of built-in tools, and we’ll explore how we can use the NSX Application Rule Manager to visualise application dependencies in order to start fleshing-out our Distributed Firewall rules.
VMware NSX Data Center for vSphere (NSX-V) has been able to leverage dynamic routing via Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP) for some time and, in this article, I detail the process of configuring OSPF on both an Edge Services Gateway (ESG) and a downstream Distributed Logical Router (DLR).
OSPF, a Link State Protocol and member of the Interior Gateway Protocol (IGP) family (which also includes Routing Information Protocol (RIP), Intermediate System to Intermediate System (IS-IS), and Enhanced Internal Gateway Routing Protocol (EIGRP)), enables all participating routers to dynamically exchange network topology information to calculate the best shortest path (cost) of a route’s destination.
Welcome to the second article in the series detailing a migration of VMware NSX Data Center for vSphere (NSX-V) to NSX-T Data Center. In this article I focus on the preliminary checks to ensure the NSX-V environment is fit for migration.
In part 1 (VMware NSX-T Data Center Migration – Part 1 – Deploy Manager Appliance) I covered the process of deploying the NSX -T Data Center Manager Appliance, as well as a number of prerequisite tasks required to prepare the new NSX-T environment for the eventual migration (coming in part 3).
In this article I detail a number of preliminary checks within the NSX-V environment (including ESXi hosts, vSphere Distributed Switches, VXLAN configuration, VTEP, NSX Controllers, Edge Services Gateways, etc.) to ensure all is well prior to the migration process itself. Where any issues are identified, these must be resolved prior to the migration process.
On 18th April 2019 we saw the release of VMware NSX Data Center for vSphere (NSX-V) 6.4.5. With this release we are afforded increased feature parity between the vSphere Client (HTML5) and the now-legacy vSphere Web Client (Flex), although be advised, there are still a number of unsupported functionality.
Welcome to the first in a new series of articles detailing the migration process of VMware NSX Data Center for vSphere to NSX-T Data Center. The migration to NSX-T will be split into three steps:
- Part 1 (this article) – Deploy NSX -T Data Center Manager Appliance, and prepare this new NSX-T environment for the migration of NSX Data Center for vSphere by adding a Compute Manager, and creating an IP Pool for Edge Tunnel End Points (TEPs).
- Part 2 – Prepare NSX Data Center for vSphere for migration to NSX-T, including ESXi host, vSphere Distributed Switch, and NSX-V pre-flight checks (VXLAN, VTEP, Controllers, Edge Services Gateways).
- Part 3 – Migrate NSX Data Center for vSphere to NSX-T Data Center.
Note – In this article, the process of deploying the VMware NSX-T Data Center Manager Appliance can be considered the same as whether you are a) deploying into a greenfield environment void of any NSX, or b) migrating NSX Data Center for vSphere to NSX-T.
Following a recent upgrade of VMware NSX Data Centre for vSphere from 6.4.1 to 6.4.4, the option to access NSX’s Networking and Security extension from within the vSphere Client (HTML 5) had simply disappeared. This left me scratching my head a little, more so as I’ve completed this upgrade (what seems) a million times.
Scenario-wise, I had completed the initial NSX Manager upgrade, but after logging in to the vSphere Client, I noted the Networking and Security extension failed to display.
That was a blast! On Wednesday 20th March I had the pleasure of speaking at the South West UK VMUG, held at the Bristol and Bath Science Park. My biggest thanks to VMUG Leaders Jeremy Bowman, Simon Eady, Barry Coombs, and Megan Warren for such a great opportunity, and to all who attended my session. This was my first time speaking at a VMUG, and despite the nerves, I really enjoyed it.
Focusing on VMware NSX Data Centre for vSphere and, more specifically, the micro-segmentation of applications with the aid of the NSX Application Rule Manager (based around my previous article). I opted not to perform a live demo during my very first speaking slot, but instead produced a live recording, for which I walked the group through how to utilise the NSX Application Rule Manager to identify application dependencies, endpoints, and service/ports/protocols when implementing a zero-trust environment.
Today saw the release of VMware NSX-T 2.4, the latest and greatest, lauded as a ‘landmark release’ for the product.
Since its initial release in February 2017, NSX-T has focused on addressing organisational requirements to support cloud-native applications, bare metal workloads, multi-hypervisor environments, and public clouds. With the release of NSX-T 2.4, we can now add multi-clouds to the list.
NSX-T delivers security to diverse endpoints such as VMs, containers, and bare metal, as well as a range of cloud platforms and cloud native projects including Kubernetes, VMware PKS, Pivotal Application Service (PAS), and Red Hat OpenShift.
With NSX-T 2.4, VMware are able to deliver further advancements in networking, security, automation, and an ‘operational simplicity for everyone’. This includes IT admins, DevOps teams, and developers. As such, NSX-T is an enabler for customers embracing cloud-native application development, expanding use of public cloud, and those who require automation to drive agility.