Overview In this two parts blog post I am going to demonstrate how to setup kubernetes clusters using VMware Antrea CNI (Container Network Interface) and using NSX 3.2.x as centralised security policy manager for pods workloads running on a kubernetes cluster. In part one, I am going to introduce to fundamentals of kubernetes and kubernetes […]
Although vSphere with K8s with NSX-T networking have been around for a while, it is after the release of NSX Application Platform (NAPP) in NSX-T 3.2 useful to revisit how we can configure and deploy vSphere K8s as a pre-requisite for NAPP. During this lab I came across many interesting and challenging issues in the […]
In this blog Post I demoed a vSphere K8s deployment on top of NSX-T networking. As a follow up, in this blog post I will be showcasing setting up Namespaces and Pods to eventually set up a containerised Nginx webserver. Once the workload management configuration process is finalised, we can start creating Namespaces by clocking […]
NSX-T 3.2 was released on the 16th of December 2021 with a lot of new features focusing o Gateway security, ease of NSX adoption in brownfields and a lot of new operational and performance enhancement. On this blog post I am covering how NSX-T 3.2 can be utilised to secure workloads which are not connected […]
With the release of NSX-T 3.2.0.1 customers can now upgrade to this version safely. This release came to mitigate some upgrade issues which prevented brownfield NSX-T customers in upgrading to NSX-T 3.2.VMware has offered a upgrade evaluation tool which runs and check the current NSX-T deployment and evaluates the upgrade process to NSX-T 3.2.0.1 and […]
Configuring Multicast has always been one of the challenging tasks for many network admins, since it is not a common application requirement for enterprise networks. On the other hand, service providers are using multicast in services such as video and audio streaming. Multicast is network traffic which is intended to specific “interested” end-points and hence […]
Overview NSX Identity Firewall (IDFW) allows security admins to control access to resources for logged in users on a machine (virtual or physical) over an VDI or RDSH. In a simple example, users who belong to engineering group can access specific application, while users from HR group when logged in to the same machine cannot […]
Starting NSX-T 3.0, NSX users can add and secure physical servers (Windows and Linux) using NSX. NIC teaming (LAG) on Windows servers just works fine, however under NSX-T 3.2 it says that this is not supported, so if you need to use LAG (teaming) on your physical windows machines connected to NSX then it is […]
Lab Inventory For software versions I used the following: VMware ESXi, 7.0.2, 17867351 vCenter server version 7.0U3 NSX-T 3.2.0.1 TrueNAS 12.0-U7 used to provision NFS datastores to ESXi hosts. VyOS 1.4 used as lab backbone router. Ubuntu 20.04 LTS as Linux jumpbox. Ubuntu 20.04.2 LTS as DNS and internet gateway. Windows Server 2012 R2 Datacenter […]
