Archive for the
‘Antrea’ Category

Overview Antrea CNI offers a very handy feature called NodePortLocal which runs as part of the Antrea agents. This feature allows exposed Pod to be accessed from external network using specific ports opened only on the node on which that pod is running. This enables better integration with external Load Balancers which can take advantage […]

Overview In my previous blog post HERE I deployed VMware Antrea IDS and demonstrated how VMware IDS can secure pods running Antrea as CNI against malicious attacks, and although the feature is in tech preview it is very promising to see that VMware is committed to the vision of bringing Tanzu/Kubernetes security as an integral […]

27 September 2022


Antrea, Kubernetes, NSX, Tanzu

Overview With the release of NSX and VMware Antrea 1.5.0 came a very interesting announcement that you can now secure Antrea containers integrated with NSX using NSX IDPS i.e. leveraging threat prevention sigantures and capabilities to secure your containerised workloads. This feature is however is tech preview only at the moment, which means it is not […]

In this blog post we will be exploring how vRealize Network Insight can be used for Day0 and Day2 kubernetes operations. Using Network Insight we can gain insights into containers traffic, security requirements, utilisation and capacity planning. Lab Inventory For software versions I used the following: VMware ESXi vCenter server version 7.0U3 NSX-T […]

In part two in this blog post series, we will be integrating our kubernetes cluster which is running Antrea as CNI with NSX and will be using NSX to configure centralised security policies for container workloads running on our kubernetes cluster. Lab Inventory For software versions I used the following: VMware ESXi vCenter server […]

25 April 2022


Antrea, Kubernetes, NSX