NSX

vmware_Milestone_IE_NV6

 

Man….let me tell ya….I’m so happy to say that the “Road to VCAP6-NV” is complete! I passed my exam at VMworld 2018! Back in Oct 2017, I began my “Road to VCAP6-NV” series with the intent of giving myself a reference point to take my notes as I studied for the exam and also something that could be useful to the community. Well that work paid off!

Read Full Article

VMwareNSX
In this blog post I will cover section 6 objective 6.2 of the VCAP6-NV Deploy exam.

Objective 6.2 – Configure and Manage Universal Logical Network Objects

 

Skills and Abilities

  • Create/configure Universal Logical Switches
  • Create/configure Universal Distributed Logical Routers
  • Configure local egress

 

Create/configure Universal Logical Switches

Universal logical switches can only be created from the primary NSX manager and when connected to a universal transport zone.

To create a universal logical switch, navigate to Networking & Security > Logical Switches. Click the green “+”. Enter a name for the logical switch. Click Change next to Transport Zone.

uni01 Read Full Article

VMwareNSX
In this blog post I will cover section 6 objective 6.1 of the VCAP6-NV Deploy exam.

Objective 6.1 – Configure Cross vCenter VMware NSX infrastructure components

Skills and Abilities
  • Configure NSX manager roles (Primary, Secondary, Standalone, Transit) according to a deployment
    plan:

    • Assign Primary role to specified NSX Manager
    • Assign Secondary role to specified NSX Managers
  • Deploy/configure Universal Controller Cluster
  • Configure Universal segment ID pools
  • Create/manage Universal transport zones

 

Configure NSX manager roles (Primary, Secondary, Standalone, Transit) according to a deployment
plan: Assign Primary role to specified NSX Manager

In a Cross-vCenter NSX deployment, the NSX Manager can have one of four different roles:

  • Primary
  • Secondary
  • Standalone
  • Transit

The primary role can only be given to one NSX Manager. The primary manager has the controllers installed and all universal objects are created on the primary NSX Manager. The secondary NSX Manager becomes secondary when it added to the primary manager. All universal objects are read only on the secondary NSX Manager. The secondary NSX Manager cannot have it’s own controllers. Each NSX Manager can have its own local objects that are only seen by that NSX environment. The Standalone role is the default role of a newly installed NSX Manager. It is not a part of a cross-vCenter setup. The Transit role comes into play when a once primary or secondary is made standalone again but there are still universal objects that exist. In the transit role, universal objects can only be deleted, not created. Once all universal objects are deleted, the NSX Manager can become a standalone or secondary NSX Manager.

To assign the primary role to a NSX Manager, navigate to Networking & Security > Installation and Upgrade > Management. Select the the NSX Manager and click the Actions wheel and select Assign Primary Role.

cross01 Read Full Article

VMwareNSX
In this blog post I will cover section 5 objective 5.3 of the VCAP6-NV Deploy exam.

Objective 5.3 – Configure and Manage Role Based Access Control

Skills and Abilities

• Implement identity service support for Active Directory, NIS, and LDAP with Single Sign-On (SSO)
• Manage User rights:

  • Assign roles to user accounts
  • Change a user role
  • Delete/disable/enable a user account

 

Implement identity service support for Active Directory, NIS, and LDAP with Single Sign-On (SSO)

You can register a Windows domain with NSX Manager and vCenter. The NSX Manager will get the user and group info from Active Directory and that can be used to create identity based security groups and firewall rules and for activity monitoring. To register a Windows domain with NSX Manager, navigate to Networking & Security > System > Users and Domains. I’ve already configured this but in a new instance, click the green “+”.

ad01 Read Full Article

VMwareNSX
In this blog post I will cover section 5 objective 5.2 of the VCAP6-NV Deploy exam.

Objective 5.2 – Monitor a VMware NSX Implementation

Skills and Abilities

• Configure logging for NSX components according to a deployment plan
• Monitor health of networking services
• Monitor health and status of infrastructure components:

  • vSphere
  • NSX Manager
  • Control Cluster

• Enable data collection for single/multiple virtual machines

 

Configure logging for NSX components according to a deployment plan

To configure logging for our ESXi host, navigate to the host and click Configure > Advanced System Settings. You can click Edit and search for syslog. Edit the settings for Syslog.global.logHost and enter in your syslog server’s FQDN or IP and port number.

log01 Read Full Article

VMwareNSX
In this blog post I will cover section 5 objective 5.1 of the VCAP6-NV Deploy exam.

Objective 5.1 – Backup and Restore Network Configurations

Skills and Abilities

  • Schedule/Backup/Restore NSX Manager data
  • Export/Restore vSphere Distributed Switch configuration
  • Export/Import Service Composer profiles
  • Save/Export/Import/Load Distributed Firewall configurations

 

Schedule/Backup/Restore NSX Manager data

Having backups of your NSX environment is highly recommended in case you ever need to restore your config back to a working state in the event of a failure. A NSX backup will contain all of the NSX configuration, including controllers, logical switches, logical routers, firewall rules and other things that were configured within NSX. It is also good to have the vCenter database and distributed switch configs backed up so that you have a complete recovery point.

To begin setting up the backup, log in to the NSX Manager.

backup01

Read Full Article