upgrade

Upgrading VMware NSX to 6.3.3

VMwareNSX

Recently, VMware released its latest version of NSX, 6.3.3. With it came a number of bug fixes and some new features. One of the main new features to come along has to do with the NSX controllers. Starting with 6.3.3, the OS for the NSX controllers will be powered by Photon OS. Because a new OS is used, that means that your current NSX controllers will not be upgraded, but rather they will be deleted and recreated as part of the install process. There are also some other new features, that I will not dive too deep into, but just list:

Guest Introspection supports Windows Server 2016

New NSX API to retrieve a list of all unresolved alarms on NSX Manager

Crypto Module Changes Affecting FIPS Compliance

  • NSS and OpenSwan: The NSX Edge IPsec VPN uses the Mozilla NSS crypto module. Due to critical security issues, NSX 6.3.3 moved to a newer version of NSS that has not been FIPS certified. VMware affirms that the module works correctly, but it is no longer formally validated.
  • NSS and Password Entry: The NSX Edge password hashing use the Mozilla NSS crypto module. Due to critical security issues, NSX 6.3.3 moved to a newer version of NSS that has not been FIPS certified. VMware affirms that the module works correctly, but it is no longer formally validated.
  • Controller and Clustering VPN: The NSX Controller uses IPsec VPN to connect Controller clusters. The IPsec VPN uses the VMware Linux kernel crypto module (Photon 1 environment), which is in the process of being CMVP validated.

 

Upgrade Process

In this blog post, I will take your through the steps to upgrade your current NSX environment to 6.3.3

First check compatibility with your current NSX environment. That can easily be done here.

The NSX components have to be upgraded in a certain order:

  1. NSX Manager
  2. NSX Controller Cluster
  3. VIBs on the host clusters
  4. NSX edges
  5. Guest Introspection (If enabled)

To begin our upgrade process, navigate to your NSX Manager and log in as the admin.

nsx01

Read Full Article

Upgrade vRealize Operations Manager to 6.6

vrops icon

Over the past month or so, I’ve been dabbling with vROPs 6. In the midst of my dabbling…VMware released a upgrade to the product that came packed with a bunch of new features. Just to mention some:

Simplified usability and faster time to value capabilities:

  • New HTML5 user interface provides an easier and consistent experience.
  • The Getting Started dashboard allows for quick navigation.
  • Persona based dashboards provides for answers in one place. Dashboards are separated into categories such as Operations, Capacity and Utilization, Performance Troubleshooting, Workload Balance, and Configuration and Compliance.
  • Out of the box integration with vSAN and vRealize Automation provides quick time to value.

Fully Automated Workload Balancing:

  • Ensures performance across the datacenter’s with fully automated workload balancing, across clusters and across data stores.
  • Ensures DRS Configurations and provides the option to set DRS automation level for individual objects.
  • Predictive DRS takes action to preempt resource contention.
  • Utilizes operations analytics to optimize initial placement of workloads through vRealize Automation.

Naturally, after reading about these features…I wanted to try them first hand. So off to my lab I went to upgrade and give it a test drive. The upgrade process is simple, as I will outline in this post.

First, you will want to head over to VMware.com and download the upgrade appliance.

vrop01 Read Full Article