In the rapidly evolving landscape of data management, organizations require robust solutions to efficiently handle their data services. VMware Data Services Manager (DSM) has emerged as a powerful tool, empowering businesses to centralize control and streamline their data management practices. With the release of VMware Data Services Manager 1.5, exciting new features and enhancements have been introduced, further augmenting its capabilities. In this article, we delve into the innovative additions that make DSM 1.5 a game-changer in the realm of data service management.
Extended Support for Additional Data Services: One of the major highlights of DSM 1.5 is its expanded support for additional data services. Building upon its previous versions, DSM 1.5 now includes comprehensive support for a wider range of databases and data services. These services include popular databases such as Microsoft SQL Server, Oracle, MySQL, as well as NoSQL databases like MongoDB. The enhanced support ensures that organizations can efficiently manage and monitor their diverse data services from a centralized interface.
Advanced Data Service Monitoring and Analytics: VMware Data Services Manager 1.5 offers advanced monitoring and analytics capabilities, providing administrators with deeper insights into the performance and health of their data services. With real-time visibility into critical performance metrics, DSM enables proactive troubleshooting, capacity planning, and optimization. Administrators can monitor resource utilization, query performance, response times, and other vital statistics, empowering them to make data-driven decisions and ensure optimal performance for their applications.
Simplified Backup and Recovery: Data protection is a crucial aspect of any data management strategy, and VMware Data Services Manager 1.5 simplifies backup and recovery processes. The new version introduces simplified and automated backup and recovery workflows, allowing administrators to define customized backup policies and schedules. DSM leverages snapshot-based backups to enable fast and efficient recovery of databases to specific points in time. This streamlined approach enhances data protection, reduces downtime, and mitigates the risk of data loss.
Enhanced Data Governance and Compliance: Data governance and compliance have become increasingly important in today’s regulatory landscape. VMware Data Services Manager 1.5 introduces enhanced data governance and compliance capabilities, enabling administrators to define and enforce data management policies across various data services. DSM allows the creation of rules for data retention, access controls, data masking, and encryption. By centralizing data governance, organizations can ensure compliance with industry regulations and internal policies, while maintaining data integrity and security.
Intelligent Insights and Troubleshooting: To facilitate efficient troubleshooting and problem resolution, DSM 1.5 incorporates intelligent insights and advanced troubleshooting features. Leveraging machine learning algorithms, DSM analyzes performance data, identifies anomalies, and provides actionable recommendations. These insights help administrators quickly diagnose and resolve performance issues, minimizing downtime and optimizing application performance.
Streamlined Deployment and Scalability: VMware Data Services Manager 1.5 offers streamlined deployment options, allowing organizations to quickly set up and configure their data services. The new version also enhances scalability, enabling seamless expansion to accommodate growing data workloads. DSM integrates with VMware Cloud Foundation, enabling organizations to leverage the power of a scalable and elastic infrastructure. This flexibility ensures that data management capabilities can adapt to evolving business requirements effortlessly.
VMware Data Services Manager 1.5 stands as a comprehensive solution for efficient data service management. With expanded support for additional data services, advanced monitoring and analytics capabilities, simplified backup and recovery workflows, enhanced data governance and compliance features, intelligent insights, and streamlined deployment options, DSM 1.5 empowers organizations to centralize and optimize their data management practices. By leveraging the power of DSM 1.5, businesses can unlock the full potential of their data services, ensuring data
Organizations now seek flexible and scalable solutions to optimize their IT infrastructure. Oracle Cloud VMware Solution (OCVS) emerges as a powerful offering, bridging the gap between on-premises VMware environments and the cloud. This blog post explores the capabilities and benefits of Oracle Cloud VMware Solution, empowering businesses to embrace the potential of hybrid cloud architecture. The new Spring ’23 release of OCVS has now been released with lots of new features and enhancements that you can check out the highlights later in this post.
Seamless Integration of VMware Environments: Oracle Cloud VMware Solution allows organizations to seamlessly integrate their existing VMware environments with Oracle Cloud Infrastructure (OCI). With OCVS, businesses can deploy and manage VMware workloads in the cloud without the need for major infrastructure changes. This enables a smooth transition to the cloud while maintaining compatibility with existing VMware tools, processes, and policies.
Enhanced Scalability and Flexibility: OCVS provides businesses with the scalability and flexibility needed to meet dynamic workload demands. Organizations can easily scale their VMware environments in Oracle Cloud to accommodate fluctuating resource requirements. With the elasticity of the cloud, businesses can quickly provision additional compute and storage resources, ensuring optimal performance and agility.
High Performance and Availability: Oracle Cloud VMware Solution offers high-performance infrastructure to support critical workloads. Leveraging Oracle’s robust cloud infrastructure, OCVS provides low-latency connectivity and high-speed networking between VMware environments and OCI. This ensures that businesses can maintain the performance and availability levels necessary for their mission-critical applications.
Seamless Data Management and Migration: Data management and migration are simplified with Oracle Cloud VMware Solution. Businesses can leverage VMware vSphere vMotion to seamlessly migrate virtual machines (VMs) from on-premises environments to OCVS without disruption. Furthermore, OCVS integrates with Oracle Cloud services, enabling organizations to leverage native cloud services such as Oracle Autonomous Database, object storage, and identity and access management (IAM) for enhanced data management capabilities.
Enhanced Security and Compliance: Oracle Cloud VMware Solution prioritizes security and compliance. By combining the security features of VMware with the robust security controls provided by Oracle Cloud Infrastructure, OCVS ensures that sensitive data and workloads are protected in the cloud. Additionally, organizations can leverage Oracle’s comprehensive compliance certifications to meet industry-specific and regulatory requirements, such as GDPR or HIPAA.
Simplified Management and Operations: OCVS simplifies management and operations through integration with familiar VMware tools and interfaces. Administrators can continue using VMware vCenter Server to manage and monitor their VMware environments in Oracle Cloud. This familiar environment minimizes the learning curve for IT teams and allows for consistent management practices across on-premises and cloud environments.
Cost Optimization: Oracle Cloud VMware Solution enables cost optimization by offering flexible pricing models and reducing infrastructure costs. Organizations can leverage Oracle Cloud’s pay-as-you-go model, allowing them to scale resources as needed and avoid upfront capital expenditures. Furthermore, OCVS eliminates the need for over-provisioning on-premises hardware, optimizing resource utilization and reducing operational costs.
Oracle Cloud VMware Solution (OCVS) empowers organizations to unlock the potential of hybrid cloud architecture by seamlessly integrating VMware environments with Oracle Cloud Infrastructure. With enhanced scalability, performance, security, and simplified management, OCVS offers a powerful platform for businesses to optimize their IT infrastructure and embrace the benefits of the cloud. By leveraging OCVS, organizations can achieve the flexibility, agility, and cost savings required to thrive in the digital age while maintaining compatibility with their existing VMware investments.
Spring ’23 release features
The Spring ’23 Release has been introduced with Enhanced Capabilities and Expanded Reach of Oracle Cloud VMware Solution
The Spring ’23 release brings a host of exciting features and advancements to empower organizations in their cloud journey. This release focuses on providing flexible Standard shapes, expanded global regions, GPU compute capabilities, and certifications for VMware Telco Cloud Infrastructure and VMware NSX Advanced Load Balancer.
Below are some of the key new features:
Flexible Standard Shapes: OCVS now supports flexible Standard shapes with independent scaling of compute and storage. Powered by 3rd Gen Intel Xeon and AMD EPYC processors, the new Standard shapes (X7, X9, and E4) offer a wide range of core configurations, from extra-small to extra-large, allowing you to right-size your VMware workloads. Additionally, CPU expansion packs are available in 50%, 75%, and 100% of the available CPU capacity, enabling you to balance cost and performance requirements effectively.
BM.Standard3: X9-based Standard shape with 16-, 32-, 48-, and 64-core configurations, 1-TB RAM, and 100-Gbps network bandwidth.
BM.Standard2.52: X7-based Standard shape with 12-, 26-, 38-, and 52-core configurations, 768-GB RAM, and 50-Gbps network bandwidth.
BM.StandardE4: E4-based Standard compute with 32-, 64-, 96-, and 128-core configurations, 2-TB RAM, and 100-Gbps network bandwidth.
GPU Compute Beta: We are introducing the Oracle Cloud VMware Solution GPU compute beta program. The BM.GPU.GU1.4 compute shape is powered by four NVIDIA A10 Tensor Core GPUs. With this GPU-enabled compute shape, you can leverage graphics acceleration for VMware Horizon, Microsoft RDS, or Citrix Virtual Apps and Desktops. The BM.GPU.GU1.4 shape runs on an Intel 3rd Gen Xeon Platinum 8358 BareMetal host, providing 1 TB of RAM, 100 Gbps of overall network bandwidth, 7.68 TB of raw NVMe internal disk, and support for up to 1 PB of external block storage. Hurry and sign up for the limited-time beta program.
VMware Telco Cloud Infrastructure Certification: Oracle and VMware have collaborated to help cloud service providers (CSPs) modernize their networks. With VMware Telco Cloud Infrastructure certification, CSPs can seamlessly incorporate Oracle Cloud Infrastructure (OCI) and OCI Dedicated Region into their 5G network function architecture. By integrating with Oracle Cloud VMware Solution, the VMware Telco Cloud Platform – Public Cloud offers CSPs greater flexibility in designing and implementing end-to-end networks with a rich ecosystem of VMware-verified network functions.
VMware NSX Advanced Load Balancer (Enterprise Edition) Certification: Oracle Cloud VMware Solution now supports VMware NSX Advanced Load Balancer (Enterprise Edition). This certification enables the deployment of application delivery services, including local load balancing, global server load balancing (GSLB), and web application firewall (WAF), for workloads in OCVS. With this support, organizations can enhance their application performance, availability, and security within their VMware environments.
Expanded Global Regions: We are committed to providing a global footprint for Oracle Cloud VMware Solution, and with the Spring ’23 release, we have expanded our reach even further. OCVS is now available in 42 cloud regions across 22 countries, with dual regions available in 10 countries and 12 Azure Interconnect regions. Our globally available cloud regions cater to commercial businesses, the US and UK government, and the US Department of Defense. These regions ensure proximity, compliance with data sovereignty requirements, and offer true disaster recovery with geographically distributed cloud regions in every country. The most recent additions to our commercial regions include Serbia, Chicago, Mexico (Querétaro), Spain (Madrid), and a second region in France (Paris).
Scale compute and storage independently with standard shapes (X7, X9, and E4)
The new Oracle Cloud VMware Solution standard shape configurations offer highly available OCI Block Storage for vSphere management datastores. Each software-defined data center (SDDC) requires one management datastore with VMFS 8-TB block storage starting at 10 volume performance units (VPUs) and 25K IOPS per volume. These standard shapes utilize OCI Block Volume service, allowing attachment to ESXi hosts as iSCSI Datastores. The volumes can be seamlessly disconnected from one host and attached to another in a different SDDC without data loss. Block volumes can range from 50 GB to 32 TB in size, with a maximum of 32 volumes, enabling scaling to 1 petabyte of storage in a cluster for storage-intensive workloads.
OCI VPUs provide precise control over volume performance, allocating more resources to a volume to increase IOPS, GB, and throughput per GB. This flexibility allows for scaling performance up or down, resulting in significant cost savings for workloads that do not require increased performance. Oracle Cloud VMware Solution supports up to 50 VPUs per block volume, providing vSphere-based customers with enhanced flexibility, industry-leading price-performance, lower costs, native disaster recovery capabilities, and options for external storage.
OCI block volumes are designed to deliver highly available and durable storage for mission-critical workloads. Redundant data copies are stored across multiple storage servers with built-in repair mechanisms, ensuring data integrity. The Block Volume service is designed to provide 99.99% annual durability for block and boot volumes. Regular backups are recommended as a best practice to safeguard against the failure of an availability domain and ensure comprehensive data protection.
With the release of VMware NSX Migration for VMware Cloud Director 1.4.2, several new features have been introduced to further enhance the migration tool’s capabilities. These additions address limitations, improve compatibility, and provide a more comprehensive and seamless migration experience for users. Let’s delve into the enhanced features that come with this update.
The release notes of version 1.4.2 can be found here.
Let’s have a look at some of the key improvements and enhancements in this release.
Support for IP Spaces IP Spaces offer logical partitions of IP address ranges within a network infrastructure. These partitions facilitate efficient IP address management, organization, and allocation. With the latest release, VMware NSX Migration now supports IP Space-enabled Provider Gateways during the migration process. This enhancement enables a more streamlined migration by leveraging the capabilities of IP Space-enabled Provider Gateways. It ensures efficient utilization of IP resources, enhances control, security, and performance, and simplifies network management in complex environments.
Direct network migration mechanism enhancements
The direct network migration mechanism now supports the migration of all types of Direct Org VDC networks (dedicated/service) connected to a VXLAN-backed external network. During migration, these networks are connected to an existing external network with the same name but suffixed with “-v2t.” The migrated networks are backed by an NSX-T segment, providing a seamless transition between NSX-V and NSX-T environments.
Support for exclusion/negated distributed firewall rules
Previously, the migration tool did not support the migration of distributed firewall rules that were negated at the source/destination field. This limitation has been addressed in the latest update, introducing support for the migration of all types of distributed firewall rules, including those that are negated. This enhancement ensures a more comprehensive migration process, encompassing all distributed firewall rule types and providing a seamless transition.
Detailed V2T Assessment Report Enhancement
The detailed assessment report now includes an additional column called “OrgVdcToBeMigratedTogether.” This column provides clear information about which Org VDCs must be migrated together due to shared network constraints. Furthermore, the migration tool has been enhanced to perform checks and verifications to ensure adherence to the limit of 16 Org VDCs when employing the data center creation mechanism for migration. These enhancements improve the accuracy and compliance of the migration process, facilitating smoother and more reliable migration of Org VDCs with shared network dependencies.
Catalog migration enhancements
The YAML flag “TimeoutForVappMigration” now influences both vApp and catalog migration timeouts during the cleanup process. This enhancement provides more flexibility and control over the migration process by allowing a single flag to affect both vApp and catalog migration timeouts.
During catalog migration in the cleanup process, if the storage policy of a vApp template is not found in the target Org VDC, the migration tool automatically updates the storage policy of the vApp template to the default storage policy of the target NSX-T backed Org VDC. This ensures that the vApp template aligns with the storage policies in the target environment, maintaining consistency and compatibility throughout the migration process.
Support has been introduced for the migration of owner information and share permissions information of catalogs. This ensures that during the cleanup process, owner details and share permissions of catalogs are accurately migrated, preserving the ownership and access rights for the migrated catalogs.
Support for multiple ports in distributed firewall rules service To improve the migration process for distributed firewall rules, the latest release introduces support for rules that contain multiple ports specified as a range or separated by a comma. This enhancement ensures that distributed firewall rules with complex port configurations can be accurately migrated. By enabling seamless transition and better management of firewall configurations, this feature enhances the overall migration experience.
Support for migration of VMs without NICs
In previous versions, the migration tool faced challenges when migrating virtual machines (VMs) without network interface cards (NICs). However, with the latest update, this limitation has been addressed. The tool now facilitates the smooth migration of VMs even if they lack NICs, ensuring that these VMs can be seamlessly transferred between different environments.
Support for SSL Passthrough in LB application profile The latest release enhances support for the migration of load balancer (LB) configurations with SSL Passthrough enabled in the application profile. During the migration process, if SSL Passthrough is enabled, the HTTPS protocol is converted to the TCP protocol, and the HTTPS Health Monitor is changed to a TCP Health Monitor on the target side. This ensures a consistent and uninterrupted migration of LB configurations, preserving the integrity of the application profile settings.
As virtualization continues to evolve, VMware remains at the forefront of innovation, constantly improving its flagship vSphere platform. With the release of vSphere 8 Update 1, VMware has introduced several exciting updates to enhance the capabilities of vVols and Core Storage. These updates bring new levels of flexibility, efficiency, and management to virtualized environments. In this blog post, we will delve into the key enhancements and features introduced in vSphere 8 Update 1.
Enhanced vVols Management: vVols (Virtual Volumes) revolutionize storage management in vSphere environments by enabling policy-based management at the virtual machine (VM) level. With vSphere 8 Update 1, VMware has introduced significant improvements to vVols management, empowering administrators with greater control and efficiency.
vVols now receives significant enhancements in vSphere 8 Update 1, empowering administrators with enhanced control and flexibility:
a) Multi-VC Deployment with Improved Certificate Management: The introduction of VASA Spec 5 simplifies certificate management and enables the use of self-signed certificates for multi-vCenter deployments. This improvement streamlines vVols management in complex environments.
b) NVMe-TCP Support: vSphere 8 Update 1 brings validation for NVMe-TCP, enabling seamless integration between NVMe over Fabrics (NVMe-oF) and vVols. This combination unlocks the full potential of NVMe storage, offering exceptional performance and low latency.
c) Enhanced Configuration and Scalability: To improve performance and scalability, vVols Sidecars are now treated as files in the config-vvol, reducing overhead and allowing for normal file operations. Additionally, the config-vvol has been increased to 255GB, providing ample space for content repositories in the vVols Datastore.
Improved Core Storage Capabilities: Core Storage is the foundational layer of vSphere responsible for managing virtual disks and providing advanced storage functionalities.
vSphere 8 Update 1 introduces notable enhancements to Core Storage, offering enhanced performance and flexibility:
a) Extended XCOPY for VMFS: The support for Extended XCOPY enables optimized data copy operations between Datastores across different storage arrays. This enhancement streamlines data transfer and improves overall performance.
b) NFSv3 vmkPortBinding: Addressing a long-awaited feature, vSphere 8 Update 1 introduces vmkPortBinding for NFSv3, enabling the binding of NFS connections to specific vmkernel interfaces. This enhances security and provides dedicated subnets/VLANs for NFS traffic.
The list of 2020 vExperts has been announced. All of the new and returning vExperts have demonstrated significant contributions to the community and a willingness to share their expertise with others. Contributing is not always blogging or Twitter as there are many VMUG leaders, public speakers, book authors, script writers, VCDX, VMTN community moderators and internal champions among this group.
“The annual VMware vExpert title is given to individuals who have significantly contributed to the community of VMware users over the past year.
The title is awarded to individuals (not employers) for their commitment to sharing their knowledge and passion for VMware technology above and beyond their job requirements.”
When VMware Cloud on Amazon AWS was introduced three years ago it required minimum of 4 hosts to be provisioned in production clusters. Then the requirement reduced to three hosts a bit later. They have now dropped one more host and the minimum requirements is two hosts now.
A few days ago VMware and Amazon AWS announced new upgrades in VMCA. Here are the key changes:
The minimum requirements for production cluster deployment reduced to 2 hosts. So the entry deployment cost is basically dropped by 33% that will attract small business.
Storage optimized AWS EC2 (I3en) instances are now available on VMCA for data-intensive with high random I/O workload such as Rational Database
While talking about VMware Cloud on AWS upgrades, I though it might be good to add basic information about VMware Cloud on Amazon AWS here:
VMware Cloud on AWS is basically VMware SDDC solution which is based on VMware Cloud Foundation platform with optimized access to native AWS services. VMCA run on elastic and dedicated hosts on Amazon AWS infrastructure
VMCA is currently available in 16 AWS regions. AWS is planning to expand the availability of VMCA to 21 regions by the end of the year
VMCA is a cloud choice for easily migrating VMs between on-premise VMware platform and cloud managed VMware SDDC platform that also provides integration to AWS services
VMware Cloud on AWS can be purchased either directly from AWS or APN partners
You can use your existing Windows Server licenses in VMCA. Consult your Microsoft product terms for any restrictions.
Each host is equivalent to an Amazon EC2 I3.metal instance (2 sockets with 18 cores per socket, 512 GiB RAM, and 15.2 TB Raw SSD storage).
Productions Clusters can have minimum 2 and maximum 16 ESXi hosts
Single host SDDC starter is a 30-days plan that can to reduce costs for proof of concepts
VMs can be moved (cold migrate) from on-premise DC with minimum version of vSphere 6.0 to VMCA
Hybric Link Mode is supported with vSphere 6.5 or later
Live migration can be done using vMotion or leveraging VMware Hyper Cloud Extension (HCX)
A good news for NSX-T users. VMware announced VMware Skyline Collector 2.5 and Advisor releases with support for NSX-T and new Findings & Recommendations.
Skyline now supports NSX-T 2.5 and above that means you can connect your NSX-T endpoints to your collectors and then Skyline will discover your NSX-T proactive Findings and Recommendations within Advisor. Just bear in mind that it may take 24-48 hours for these new findings to appear within Skyline Advisor.
The other handy feature is the ability to automatically upload NSX-T tech support log bundle to VMware technical support for NSX-T using Log Assist that will save a lot of time for operation support teams for dealing with technical support cases for NSX-T.
There are new Findings and Recommendations:
NSX-T Findings that picks up deployments issues within your NSX-T
VMware Security Advisories has new security advisories added to inform you about potential vulnerabilities to be vigilant about security risks
If you have the Auto Upgrade feature enabled in your Skyline Collector, your Collectors will update automatically. Otherwise you can download the new version from the Collector VAMI. Note, The Skyline Collector must be able to receive update notifications from vapp-updates.vmware.com.
Previously the general support for vSphere 6.5 and 6.7 was full 5 years since the official release of vSphere 6.5 as 15 November 2021.
Earlier this month VMware has announced extension for General Support of vSphere 6.7. That means the general support for vSphere 6.5 remains as 15 November 20201 while it’s now extended to 15 October 2022 for vSphere 6.7.
This will allow the VMware customers to be able to keep their vSphere platforms in support while preparing for upgrading to vSphere 7.
VMware provides bug and security fixes, patches, upgrades and high priority (P1) technical support for customers on active general support.
Below is the End of General Support (EoGS) availability for vSphere
Product
General Availability
End of General Support
End of Technical Guidance
vSphere 6.0
12 Mar 2015
12 Mar 2020
12 Mar 2022
vSphere 6.5
15 Nov 2016
15 Nov 2021
15 Nov 2023
vSphere 6.7
17 Apr 2018
15 Oct 2022
15 Nov 2023
vSphere 7.0
02 Apr 2020
02 Apr 2025
02 Apr 2027
vSphere Lifecycle Matrix
You might still get technical advice from VMware before EoTG if you have an active VMware support even if your vSphere version is out of general support. However you won’t be able to log high priority P1 tickets with VMware after EoGS.
In terms of licensing, there is no requirement for upgrading license keys if you are upgrading from 6.0 to 6.5 or 6.7 as they are all vSphere version 6.x. But if you are planning to upgrade to vSphere 7.0, the vSphere 6.x licenses won’t work on upgraded products and you will need to assign new Licenses.
I you have an active subscription and support with VMware then you can easily upgrade you vSphere licenses via myVMware portal. Otherwise check out the below link and check your license upgrade eligibility with VMware.
<#
MoveVD.ps1
Move a virtual disk between two VMs
Recently I was requested for writing a script to easily detach a virtual disk from a VM and attach it to another VM.
.History.
2020/05/28 - 0.1 - Reza Rafiee - Initial version
#>
###############################
Write-host (" ")
$SourceVM = vRead-Host "Enter Source VM Name "
$srcVM=Get-VM -Name $SourceVM
Write-host ("The attached virtual disks on $srcVM.name ")
get-vm -name $srcVM | Get-HardDisk | Select Name,CapacityGB,Persistence,Filename
Write-host (" ")
$VDiskNumber = Read-Host "Enter the Virtual Hard Disk Number that you want to detach from $srcVM.name "
$VDiskSize = Read-Host "Enter the Disk Size (GB) "
Write-host (" ")
$TargetVM = Read-Host "Enter Target VM Name "
$trgVM= Get-VM -Name $TargetVM
$trgDisk="Hard Disk $VDiskNumber"
$disk=get-vm -name $srcVM | Get-HardDisk | Where-Object {($_.Name -eq $trgDisk) -AND ($_.CapacityGB -eq $VDiskSize)}
If ($disk -eq $null){
write-host ("No Hard Disk found as ($trgDisk - $VDiskSize GB) on $SourceVM")
exit
}
$confirmation = Read-Host -Prompt "Are you sure you want to detach ($trgDisk - $VDiskSize GB) on $SourceVM and attach it to $TargetVM ? [y/n]"
If ($confirmation -eq "y") {
Remove-HardDisk $disk -Confirm:$false
New-HardDisk -VM $trgVM -DiskPath $disk.Filename
#You can also specify the SCSI controller of which the disk should be attached to by adding the following parameter to the above command: -Controller "SCSI Controller 0"
Write-host (" ")
Write-host ("The attached virtual disks on $trgVM.name ")
get-vm -name $trgVM | Get-HardDisk | Select Name,CapacityGB,Persistence,Filename
}
###############################
VMware announced NSX-t 3.0 General Availability a few days ago and it’s now available for download in VMware’s portal.
NSX-T 3.0 is a major upgrade from 2.5.1 and has plenty of new features, improvements as well as bug fixes.
I have summarized some of the important features and improvements of the new NSX-T 3.0 in this post and I hope you will find it informative.
Here are the new features:
NSX Federation
NSX Federation is the ability to manage, control and synchronize multiple NSX-T deployments over different locations in on-prem, AWS, Azure and Public Clouds.
Global Manager is the key component of NSX Federation which provides GUI and REST API endpoint and makes you able to configure consistent security policies across multiple locations and stretched networking objects such as Tier-0 and Tier-1 gateways and segments through a single pane of glass.
In the below Youtube video, Dimitri Desmidt explains NSX-T Federation in details as part of Tech Filed day 21VMware Demo and Preview program.
Security policies attach to the workload which means the policies move with the workload during failover or migration between environments. This takes care of full network and security fail-over along with SRM VM fail-over which simplifies DR as the network entities would be created once and the segments stretched across between locations. So in event of a disaster the workload can be fully failed-over to the recovery location with all the security policies in place.
NSX Distributed Firewall (DFW) now supports Windows 2016 physical servers in addition to Linux physical servers.
New Firewall configuration wizard that simplifies rule creation specially for VLAN backed micro-segmentation
Distributed IDS/IPS, Micro-Segmentation for Windows Physical Servers, Time-based Firewall Rules, and a feature preview of URL Analysis for URL Classification and Reputation.
The intrusion detection and prevention capabilities can now be enabled within the hypervisor to detect vulnerable network traffic on a per VM or even more granular on per vNIC of a VM basis with granular context based rule inspection which NSX Manager easily downloads and keeps the threat signature pack updated.
IDS/IPS can be enabled within Hypervisor to detect vulnerable network traffic on a per VM or even more granlar on per vNIC of a VM
Threat detection in NSX IDS is much more efficient comparing to traditional IDS due to its context based inspection mechanism, so you can assign relevant signatures to a VM based on the running serives i.e. Linux or Wondows
NSX-T networking and security for vSphere with Kubernetes
Supports full stack netwrking and security for vSphere with Kubernetes including key networking functions: Switching, Distributed routing (T0/T1), Distributed Firewalling, load balancing, Distributed LB, NAT and IPAM and network identity lifecycle.
Watch the below Youtube vidoe from Vinay Reddy that explains the networking and security capabilities of NSX-T in vSphere with Kubernetes:
NSX-T for vSphere Kubernetes by Vinay Reddy
Integration with VMware Tanzu Kubernetes Grid Service
L2-7 container networking services to non-VMware Kubernetes platforms
Telco cloud enhancements
Multi tenancy enhancement and support by adding VRF Lite and Overlay EVPN
The below link compares VRF Lite and VXLAN/EVPN but it explains the basics about these technologies as well. check it out if you would like to read more:
VRF Lite support provides multi-tenant data plane isolation through Virtual Routing Forwarding (VRF) in Tier-0 gateway
L3 EVPN support provides northbound connectivity Telco VNFs to the Overlay networks and maintains the isolation on the dataplane by using one VNI per VRF
Multicast routing for scalable networking and accelerated data plane performance. Multicast replication is only supported on T0. According to VMware, T1 will be supported in future releases.
NAT64 which provides stateful NAT from IPv6 to IPv4
East-West service chaining for NFV is the ability to chain multiple services for edge traffic that can now also be extended to redirect edge traffic.
IPv6 support for containers
Some other new features
Converged VDS 7.0
NSX-T now supports VDS and you can deploy NSX-T on the existing VDS 7.0 with no VM network disruption which makes deployments much easier in brown fields.
Support for vRNI 5.2
“In addition to NSX, VMware also rolled out VMware vRealize Network Insight 5.2, the company’s network visibility and analytics software. The new software features machine learning support for Flow Based Application Discovery will automatically group VMs into applications and tiers for a better understanding of what is occurring on the infrastructure,” VMware stated.
“vRealize Network Insight 5.2 has new end-to-end visibility of the network path from VM through to VMware Cloud on AWS including the AWS Direct Connect section. For VMware SD-WAN users, there will be additional visibility into SD-WAN application and business policy support,” VMware stated.
I review vRNI 5.2 new features and improvements in another post later on.
Automation, OpenStack and other CMP
Search API: Exposes NSX-T Search capabilities (already available in UI) through API
Terraform Provider for NSX-T – Declarative API support: Provides infrastructure-as-code by covering a wider range of constructs from networking (T0/T1 Gateway, segments), security (centralized and distributed firewall, groups) and services (load balancer, NAT, DHCP).
Enhanced Ansible Module for NSX-T support for Upgrade (in addition to install) and Logical object support.
OpenStack Integration Improvements: extended IPv6, VPNaaS support and vRF lite support
User interface improvements
Brand new Alarms dashboard and Network Topology Visualizations: Provides an interactive network topology diagram of Tier 0 Gateways, Tier 1 Gateways, Segments, and connected workloads (VMs, Containers), with the ability to export to PDF.
New Getting Started Wizards: A new getting started wizard is introduced for preparing clusters for VLAN Micro-Segmentation in three easy steps.
Quick Access to Actions and Alarms from Search Results: Enhanced search results page to include quick access to relevant actions and alarms. Added more search criteria across Networking, Security, Inventory, and System objects.
User Interface Preferences for NSX Policy versus Manager Modes: You can switch between NSX Policy mode and NSX Manager mode within the user interface, as well as control the default display. By default, new installations display the UI in NSX Policy mode, and the UI Mode switcher is hidden. Environments that contain objects created through NSX Manager mode (such as from NSX upgrades or cloud management platforms) by default display the UI Mode switcher in the top right-hand corner of the UI.
UI Design Improvements for System Appliances Overview: Improved UI design layout for displaying resource activity and operational status of NSX system appliances.
Security Dashboards: NSX-T 3.0 introduces new Security Overview Dashboards for security and firewall admins to see at-a-glance the current operational state of firewall and distributed IDS.
Security wizards for VLAN-based Micro-Segmentation: You can configure your data centers to introduce segmentation using NSX-T in very easy steps.
Container Inventory & Monitoring in User Interface: Container cluster, Namespace, Network Policy, Pod level inventory can be visualized in the NSX-T User Interface. Visibility is also provided into co-relation of Container/K8 objects to NSX-T logical objects.
NCP Component Health Monitoring: The NSX Container Plugin and related component health information like NCP Status, NSX Node Agent Status, NSX Hyperbus Agent Status can be monitored using the NSX Manager UI/API.
Physical Servers Listing: NSX-T adds UI support for listing physical servers.
Wrap-up
As I mentioned before this release is a major upgrade for VMware NSX solution and I believe it’s moving in right direction. Combination of NSX-T and SDWAN would be a tempting solution for Telco service providers as Telco is adopting virtualization more than ever and network virtualization plays a key role in that transformation.
Here is the “What’s new at a glance” slide for a quick review of new features but more details can be found in the release notes of the product:
If you are keen to deep dive into NSX-T 3.0 details I would suggest you to check out NSX-T 3.0 release notes and then enroll in the VMware Hands-On-Lab NSX-T sessions and do some practice in a very well built lab environment and then download the product and build your own sandbox and check the new features practically.
I hope you find this post useful and thank you for reading!
Disclaimer
The material and information contained on this article and my blog are for general information purposes only. You should not rely upon the information on this article as a basis for making any business, legal or any other decisions. Whilst I try to keep the information up to date and correct, I will not be liable for any false, inaccurate, inappropriate or incomplete information presented in this article. I would advise you to check with VMware as a reference in order to make any decision.
Reza Rafiee's blog 