Overview NSX Advanced Load Balancer (a.k.a Avi) offers variety of advanced load balancing and application security features, one of which is WAF (Web Application Firewall) which allows security administrators to control traffic to and from web servers behind NSX ALB. This capability extends also to protect web servers hosted in containers, this is achieved by […]

Overview With the release of VMware NSX 4.0 VMware announced the deprecation of NSX standard load balancer and the intention to replace it with NSX Advanced Load Balancer (formerly Avi Networks). This is not quite a new message since the advise to adopt NSX ALB for greenfield deployments has been out and followed for quite […]

Overview Backup and restore is the main building block in any organisation’s disaster recovery policy and since containerised workloads are no longer a short-lived workloads that are only running in a development environments, but actually became almost the standard for running production applications, it is now crucial¬† to design and implement a solid backup and […]

Overview In this blog post I am going to walk you through the configuration of HTTPS Layer 7 Ingress for Tanzu workloads using VMware NSX ALB (Avi) Kubernetes Operator (AKO). Ingress is a kubernetes resource which allows users to define Layer 7 routing rules and/or load balancing options for their HTTP/HTTPS backed services. Obviously HTTPS […]

Overview NodePortLocal is a feature that is part of the Antrea Agent, through which a backend Pod can be reached from the external network using a port of the Node on which the Pod is running. By default, Kubernetes offers NodePort service to expose Pods traffic to external networks, however using NodePort service, Kubernetes will […]

Overview In part two of this blog post, we will be using NSX DFW to micro-segment containerised application running inside an openshift cluster based on OKD 4.12 which we previously integrated with NSX using VMware Antrea in part one of this blog post. This is going to be fairly a short post since most of […]

Overview VMware Antrea and NSX extend advanced data centre networking and security capabilities to containerised workloads and offer a single pane of glass for organisations so that security admins can configure micro-segmentation policies rules to both containers and standard workloads (VMs and bare metals) from the same NSX UI. VMware Antrea and NSX integration is […]

Overview vSphere Availability zones were introduced in vSphere 8 to provide high availability for Tanzu Workloads across clusters. Clusters are mapped to zones and they do not have to be co-located in the same physical datacenter however they must be under the same logical datacenter construct with latency between sites not exceeding 100ms. This provides […]

Overview Multi-tenancy is the ability to offer NSX networking and security services to multiple tenants completely isolated from each other. Every tenant will also have its own RBAC configuration and can be assigned quotas to limit the number of objects that can be created inside a tenant. Multi-Tenancy has been a long awaited feature in […]

Overview This is part two of blog series I started to cover the most recent security features introduced in VMware Antrea 1.6.0 (based on project Antrea 1.9.0) and NSX 4.1. I find this release of VMware Antrea and NSX has elevated containers security in the Enterprise to a higher level by introducing the ability to […]