NSX

VMwareNSX
In this blog post I will cover section 3 objective 3.1 of the VCAP6-NV Deploy exam.

Objective 3.1 – Configure and Manage Logical Load Balancing

  • Configure the appropriate Load Balancer model for a given application topology
  • Configure SSL off-loading
  • Configure a service monitor to define health check parameters for a specific type of network traffic
  • Optimize a server pool to manage and share backend servers
  • Configure an application profile and rules
  • Configure virtual servers

Read Full Article

VMwareNSX
In this blog post I will cover section 2 objective 2.3 of the VCAP6-NV Deploy exam.

Objective 2.3 – Configure and Manage Routing

  • Deploy the appropriate NSX Edge (ESG/LDR) device according to a deployment plan
  • Configure centralized and distributed routing
  • Configure default gateway parameters
  • Configure static routes
  • Select and configure appropriate dynamic routing protocol according to a deployment plan:
    • OSPF
    • BGP
    • IS-IS
  • Configure route redistribution to support a multi-protocol environment

Read Full Article

VMwareNSX

In this blog post, I will cover section 1 objective 1.2 of the VCAP6-NV Deploy exam.

Objective 1.2 – Prepare Host Clusters for Network Virtualization

  • Prepare vSphere Distributed Switching for NSX
  • Prepare a cluster for NSX
    • Add/Remove Hosts from cluster
  • Configure the appropriate teaming policy for a given implementation
  • Configure VXLAN Transport parameters according to a deployment plan

Read Full Article

VMwareNSX

In this blog post, I will cover section 1 objective 1.1 of the VCAP6-NV Deploy exam.

Objective 1.1 – Deploy VMware NSX Infrastructure components

  • Deploy the NSX Manager virtual appliance
  • Integrate the NSX Manager with vCenter Server
    • Configure Single Sign On
    • Specify a Syslog Server
  • Implement and Configure NSX Controllers
  • Exclude virtual machines from firewall protection according to a deployment plan

Read Full Article

Well….here goes nothing! I’ve decided that the next certification that I will pursue will be the VCAP6-NV Deploy. (I sure hope I don’t regret this! 😳) With all the hype surrounding NSX and SDDC, what better time than now to really focus on the software defined network. More and more companies are starting to adopt NSX to harden their security, help them get into network automation with products like vRealize Automation, or even to help protect and migrate workloads to public cloud. So to stay relevant….I better jump on the bandwagon sooner than later.

Read Full Article

VMwareNSX

Recently, VMware released its latest version of NSX, 6.3.3. With it came a number of bug fixes and some new features. One of the main new features to come along has to do with the NSX controllers. Starting with 6.3.3, the OS for the NSX controllers will be powered by Photon OS. Because a new OS is used, that means that your current NSX controllers will not be upgraded, but rather they will be deleted and recreated as part of the install process. There are also some other new features, that I will not dive too deep into, but just list:

Guest Introspection supports Windows Server 2016

New NSX API to retrieve a list of all unresolved alarms on NSX Manager

Crypto Module Changes Affecting FIPS Compliance

  • NSS and OpenSwan: The NSX Edge IPsec VPN uses the Mozilla NSS crypto module. Due to critical security issues, NSX 6.3.3 moved to a newer version of NSS that has not been FIPS certified. VMware affirms that the module works correctly, but it is no longer formally validated.
  • NSS and Password Entry: The NSX Edge password hashing use the Mozilla NSS crypto module. Due to critical security issues, NSX 6.3.3 moved to a newer version of NSS that has not been FIPS certified. VMware affirms that the module works correctly, but it is no longer formally validated.
  • Controller and Clustering VPN: The NSX Controller uses IPsec VPN to connect Controller clusters. The IPsec VPN uses the VMware Linux kernel crypto module (Photon 1 environment), which is in the process of being CMVP validated.

 

Upgrade Process

In this blog post, I will take your through the steps to upgrade your current NSX environment to 6.3.3

First check compatibility with your current NSX environment. That can easily be done here.

The NSX components have to be upgraded in a certain order:

  1. NSX Manager
  2. NSX Controller Cluster
  3. VIBs on the host clusters
  4. NSX edges
  5. Guest Introspection (If enabled)

To begin our upgrade process, navigate to your NSX Manager and log in as the admin.

nsx01

Read Full Article

591812795EM002_The_2015_Mis

About a year and a half ago, I really became interested in VMware NSX. What made NSX so interesting to me was that it touched two aspects of technology that I really have a passion for…virtualization and networking. I remember when I was first introduced to NSX. I thought to myself….”its a neat concept….but I can’t see having my network in software”. But the more I began to explore use cases for NSX, and realizing that 95% of the data center that I worked in was virtualized, it really made more sense. This lead me to dive even deeper into learning NSX. At the time, I didn’t have a homelab so I made good use of the VMware HOLs to play with NSX to further my learning. Using the VMware HOLs, I was able to get some good time at the “steering wheel” working with NSX and it helped me in my studies for my VCP6-NV. I was able to achieve that goal last year at VMworld US. Working more with NSX has made me want to share my thoughts, “how-tos”, and opinions about it and ultimately give back to the vCommunity. That “giving back” has in turn helped me to deepen my knowledge on NSX and other VMware products. That is why I am pleasantly surprised and honored to be awarded with vExpert NSX status for 2017.  Read Full Article