After another redeploy of VCF, I decided that before I create a new WLD based on NSX-T (which failed twice already), I would create some snapshots of the MD hosts, so that I would be able to return to a state that is valid (without a WLD in error-state and/or other messy stuff). I would like to create the snapshots in a powered-down state, so they are not just crash-consistent, so I decided to shut down the Management Domain (MD)…
We saw the history of VCF (Building a VMware Cloud with VCF (a short history)), deployment of the Management Domain (Deploying VMware http://vmwa.re/nestedesxiCloud Foundation – Management Domain) and the Management of VCF (Managing VMware Cloud Foundation – First Look), so now it is time to deploy the first Workload Domain (WLD). Since we are running a nested environment, we need to do some preparation before we can proceed. Preparation First things first. We need additional hosts. Since we are running…
Now that we have a Management Domain (MD) with all components running in them, let’s take a look at the environment. We know that the Cloud Builder VM (CB-VM) was responsible for bringing up the Management Domain, but after this job, it is basically finished. We thank it for its service and can dismiss the VM (unless we want to build more SDDC’s). The new sheriff in town is called the SDDC Manager, and when we log in to its…
After the theory (Building a VMware Cloud with VCF (a short history)), it is time to dive into the technical stuff. Let’s deploy us some VCF! VMware Cloud Foundation is deployed in multiple steps. Since you are deploying an environment that has dependencies on itself, there is one tool that you can use, to help you along. This tool is called the Cloud Builder VM (which is a pretty cool name ;)). It can be downloaded from the My VMware…
After playing around with NSX-T for a while (and that certainly hasn’t stopped), I wanted to take a look into VMware Cloud Foundation (VCF). VCF is in the heart of VMware’s vision for the future. In the olden days, all companies who started working with VMware’s virtualization software had to deploy this completely manual. And although the software was usually well behaved, a lot of choices needed to be made to have a smoothly running virtual environment, tailored to the…
Now that we have learned the theory in Microsegmentation with NSX-T (part 1: methodology), we can look at the application of this methodology in practice. Methodology in action So after all this, let’s see a little bit of this methodology in action. First of all, it is important to know which traffic is flowing in the environment. An excellent tool to help in this respect, would be vRealize Network Insight, but not every organization is able to use this, so…
After a number of blogs on network-virtualization, I thought it was time to start writing some blogs on another of the major three use cases: Security, through micro-segmentation. In my line of work most organizations where I implement NSX (first V and now T) are primarily interested in the security aspects of the product. In my presentations on NSX I usually use two pictures to show what security is like in most traditional environments. It looks something like this: (for…
I learned something today, which in hindsight is obvious. Hopefully this helps someone that runs into the same “strange” (but not so strange) behavior. I created the following topology today, to prepare for some NSX-T demo I am giving tomorrow: What I (among other stuff) wanted to show, was that routing between Test-Segments “D” and “E” and “A”, “B” and “C”, is completely distributed. So when VM’s from the different segments live on the same host, no physical hops are…
Within our demonstration environment (the PQR Experience Center), we are running a multitude of SDDC-products from VMware. Most of them have been signed by a CA-based certificate, but today we found out that our vRNI server is still running with the self-signed certificate. Time to change this! I have looked at the procedure at https://kb.vmware.com/s/article/2148128, and created some screen shots to accompany the procedure. First of all, I logged in with ssh on the platform-vm. I used the username “support”,…
This is your chance to speak at a vCommunity Event: vNS or vMA TechCon is looking for speakers!