NSX Distributed Firewall – How To Get Started?
One of the great benefits of the NSX Distributed Firewall (DFW) is the flexibility it offers when it comes to developing security policy models. Implementation of the application intrinsic NSX DFW always begins with looking at the business needs and then continues with development of a security policy model aligned with those needs. On the…
SDDC.Lab v5 Released
Finishing touches and testing is completed. We’re proud to announce that we’ve just released SDDC.Lab Version 5! For those of you that are not familiar with the SDDC.Lab project, it’s a collection of Ansible Playbooks that perform fully automated deployments of nested VMware Software Defined Data Center Pods including solutions like vSphere, vSAN, and NSX.…
SDDC.Lab v3
Last week we released version 3 of the SDDC.Lab project. For those of you who aren’t familiar with the project, it’s a set of Ansible scripts (Playbooks) that perform automated deployments of nested VMware SDDCs. An hour after you issue the deploy command, a fully-fledged vSphere-NSX-T environment is at your disposal. Pretty cool. The diagram…
Quick Tip – Ansible Module “nsxt_rest”
There are Ansible modules for configuring most of the NSX-T platform components, but for certain configuration tasks it might be quicker (or even necessary) to GET/POST/PUT/PATCH/DELETE to the NSX-T REST API directly. Now, in those situations you could use curl or Postman or any of the other REST API clients out there, but if you…
Log Insight – Integration With Jenkins
During some research I did for a customer on how to trigger an action based on an error event in the SDDC, I built myself a lab and ended up with a concept that seems interesting enough to write some lines about on the blog. High-Level The diagram below illustrates the “solution” at a high-level:…
Around the NSX-T Table(s)
The NSX-T Central Control Plane (CCP) is building and maintaining a central repository for some tables that make NSX-T the unique network virtualization solution it is. More specifically I’m talking about: The Global MAC address tableThe Global ARP table In today’s article I’ll have a closer look at these two tables. MAC Address Table As…
HCX Your Way To NSX-T Overlay
Happy New Year! 🙂 In the last two posts we had a look at two different methods for extending VLANs to NSX-T overlay. In the first post we configured a bridge which works well in scenarios where we the source VLAN and destination NSX-T Edge can achieve layer 2 adjacency. In the second post we…
VPN Your Way To NSX-T Overlay
In the previous article we had a look at how VLAN-connected workloads were migrated to NSX-T overlay by setting up a bridge between VLANs and NSX-T overlay segments. This works well in scenarios where layer 2 adjacency between source and destination environment can be achieved. In other words, we can stretch the source VLAN(s) to…
Bridge Your Way To NSX-T Overlay
Organizations implementing NSX-T overlay have several options when it comes to migrating existing VLAN-connected workloads to NSX-T overlay segments. Common methods include re-IP’ing or re-deploying workloads to a new IP space allocated to NSX-T logical networking. It gives the workload somewhat of a fresh start. Besides, a re-IP process can be a very useful exercise…
SDDC.Lab v2
Back in April I published a post about my GitHub repository containing Ansible scripts that perform automated deployment of nested vSphere/NSX-T lab environments. A lot has happened during the last 5 months and now that we’re close to making version 2 the default branch, I thought it would be a good time to give you…