Category Archives: NSX

NSX-T – NCP Integration with Openshift 4.6 – The Easy Way

By | 24. March 2021

Introduction If you have been following the blog posts on this site, we implemented NSX-T with Openshift 4.4 with NCP’s support for Openshift operators (see https://www.vrealize.it/2020/09/29/nsx-t-ncp-integration-with-openshift-4-4-the-easy-way). In the meantime, NCP 3.1.1 was released, which supports Openshift 4.6. Since 4.6 involves a new ignition format version, I took that opportunity to refresh this blog, to add… Read More »

Installing Antrea Container Networking and AVI Kubernets Operator (AKO) for Ingress

By | 22. January 2021

Update: January 2021 update with current versions (Antrea v0.12.0 AKO 1.13 / Controller 20.1.3) This post shows how to integrate Antrea Container Networking with NSX Advanced Load Balancer (NSX ALB) using AVI Kubernetes Operator (AKO) This example shows integration of a single K8S cluster with NSX ALB. If you plan to integrate more than one… Read More »

vSphere with Tanzu with NSX-T medium sized edge

By | 8. January 2021

vSphere with Tanzu automatically deploys an NSX-T based load balancer for its supervisor cluster control plane. The load balancer size is defined as MEDIUM and requires an EDGE node of large size which is defined with 8 vCPU and 32GB RAM. While the creation of a supervisor cluster does also work with a medium sized… Read More »

Configuring VMware NSX Cloud for consistent On-Premises and AWS Public Cloud Microsegmentation

By | 16. December 2020

This post is intended to show a very basic setup of VMware NSX Cloud to demonstrate the capability to enforce consistent microsegmentation policy for hybrid cloud environments. I will describe the setup of NSX Cloud and the operation of the Native Cloud Enforced Mode which relies on firewall functions delivered natively by AWS (or Azure).… Read More »

NSX-T – NCP Integration with Openshift 4.4 – The Easy Way

By | 29. September 2020

Introduction In my previous post, we implemented NSX-T with Openshift 4 based without NCP’s support for Openshift operators (see https://www.vrealize.it/2020/07/15/nsx-t-ncp-integration-with-openshift-4-3-the-hard-way/). In the meantime, NCP 3.0.2 was released, which is implemented using an Openshift operator. The operator is also published on the Redhat Openshift Operator Hub (https://catalog.redhat.com/software/operators/detail/5ef0f362701a9cb8c147cf4b). That makes the installation way more simple, as you… Read More »

NSX-T – NCP Integration with Openshift 4.3 – The Hard Way

By | 15. July 2020

Introduction Today, we’ll take a look at how to implement NSX-T’s container integration with Redhat Openshift 4.3.Before we begin, let me quickly explain why this blog post is called “The Hard Way”. Today with NSX-T 3.0 and NCP 3.0.1, support for Redhat Openshift can be provided by configuring the corresponding network config files during Openshift’s… Read More »

Troubleshooting DNS on Kubernetes with NSX-T

By | 17. June 2020

After integrating NSX-T with K8S I sometimes get issues with coredns not working. Common root cause: K8S internal DNS infrastructure needs non-NAT’ed network access from container PODs to K8S Nodes and vice versa. As NSX-T NCP default behaviour is to NAT your K8S Namespaces this can – depending on you overall architecture – cause connection… Read More »

NSX-T 3.0 available – a decade of innovation

By | 8. April 2020

Yesterday the eighth release of NSX-T went GA. Yes, you can hear and marvel, besides the expiring, NSX for vSphere (early 2022) this is already the eighth public release of NSX-T.  In addition to on-premise multi-hypervisor support, it allows a uniform security policy to be implemented in hybrid and multi-cloud environments, no matter whether the… Read More »

L7 Firewall – enforce Application Protocol by NSX-T Context Profile / AppID

By | 27. January 2020

This post introduces NSX-T L7 capabilities. You will create a MySQL Daemon on an VM and configure NSX-T Distributed Firewall to allow traffic on TCP 3306. When replacing this MySQL Daemon with sshd listening on 3306 NSX-T L4 firewall will not prevent access – by design. After enabling NSX-T L7 Firewall (Context Profile / Application… Read More »

Integrating CentOS 7.5 BareMetal Server with NSX-T 2.5

By | 20. December 2019

This post demonstrates how to integrate a bare-metal server on OS-Level into NSX-T overlay networking and security. As there was no bare-metal system in my demo environment available I created a CentOS 7.5 VM on a non-NSX enabled ESXi Server. Topology shown below After successful installation it should look like this Pre-Requisites: Have NSX-T up… Read More »

Creating Objects in NSX-T Policy API with VMware PowerCLI

By | 12. November 2019

About VMware PowerCLI VMware PowerCLI is a command-line and scripting tool built on Windows PowerShell, and provides more than 700 cmdlets for managing and automating vSphere, vCloud, vRealize Operations Manager, vSAN, NSX-T, VMware Cloud on AWS, VMware HCX, VMware Site Recovery Manager, and VMware Horizon environments. If you would like to learn more about VMware… Read More »