Tagnsx

NSX-T Manager: Increasing API requests per second

By default, the NSX-T Manager has a protection mechanism in place to prevent the API from being overloaded. This is a good thing, protecting the NSX-T Manager.

But, the increasing integrations into NSX-T, make it so that more and more products are using the NSX-T API to monitor or configure NSX (vRealize Network Insight, vRealize Operations, vRealize Automation, etc.). I’ve hit this limit several times and needed to push that limit up. 

The API Guide states that the default maximum API request number is 100 per second. In the guide, there’s a reference to the API call to change the … Read more

Automating cleaning up NSX-T with PKS protected objects

Building on the post that Jeffrey Kusters did on removing protected objects from NSX-T that PKS has created, I needed to automate this process for an environment which had 100+ of these objects.

First, a tiny bit of background; VMware PKS makes it pretty easy to deploy applications via Kubernetes and deploy them securely – because NSX-T is integrated and each Kubernetes objects will be firewalled, load balancers and can use other networking services to expose itself to the end users.

The integration between PKS and NSX-T is fully automated, and PKS creates protected objects (logical switches, logical routers, firewall … Read more

VMware NSX-V Control and Management Plane Connections Diagram

This is a quick post about an awesome depiction of the control and management plane connection channels without VMware NSX for vSphere. A colleague of mine, Omkar Singh, put this together and it gives a very good look at what communication is required between the different NSX-v components.

It’s also available as a PDF.

Read more

vRealize Automation and NSX with App Isolation: Internal error

My colleague Erik Scholten (vRealize specialist) was building a demo environment for a customer this week. In this environment, he wanted to demonstrate vRealize Automation (vRA) in all its glory and have NSX coupled to it so vRA could use NSX to micro-segment rolled out blueprints using the App Isolation option.

NSX is pretty easy to get off the ground for first use, which he did himself with ease. All that’s needed for one to be able to use the distributed firewall to micro-segment, is to deploy NSX Manager, connect it to vCenter and prepare the ESXi hosts. NSX was … Read more

Using PowerNSX to get all routes on NSX Edges

This is going to be a short one! I received an interesting question from Sander Martijn about retrieving all IP routes from an NSX Edge. There is no API endpoint available in NSX to get the current routes and the only way this information can get retrieved is using the NSX Central CLI. You can easily see all routes on the Central CLI by using the command: show edge edge-id ip route.

PowerNSX has an Invoke-NsxCli cmdlet which executes the Central CLI with a specific query. Because of this, you can retrieve the routes with a PowerShell script and … Read more

Learning NSX SD-WAN by VeloCloud – Orchestrator Configuration Basics

This post is a part of my NSX SD-WAN by VeloCloud series to dive deeper into the acquisition of VeloCloud by VMware, late last year. In an earlier post, I explained the concepts behind the architecture of NSX SD-WAN and with this post, I will dive into the VeloCloud Orchestrator (VCO) to see what you need to configure to generate an SD-WAN network. Please note that the Orchestrator can be used to monitor and troubleshoot the SD-WAN as well, I will cover those topics in a future post.

NSX SD-WAN Architecture - Orchestrator

VeloCloud Orchestrator (VCO) – What is it?

The VCO is the management … Read more

NSX-v 6.4.1 Released – Extended HTML5, vSphere 6.7 support & more

NSX for vSphere 6.4.1 has been released and it brings a couple of good nuggets. Most of all, it is now compatible with vSphere 6.7 – so if you want to go to vSphere 6.7 and NSX was holding you back, start your upgrade engines!

HTML5 UI Extended

It fills me with joy to see this happening – 6.4.1 brings a bunch of new functionality to the HTML5 UI instead of the old vSphere-Client UI. The additions are:

  • Distributed Firewall Management
  • The Service Composer: Security Groups, Policies and Tags.
  • SpoofGuard Management
  • IPFIX Configuration & Flow Monitoring
  • Groups & Tags: all
Read more

© 2024 Lostdomain

Theme by Anders NorénUp ↑