Configuring Layer 2 Bridging in NSX

Manish Jha

What is Layer 2 (L2) Bridging?

A Layer 2 (L2) Bridge allows connectivity between a logical switch (VXLAN based) and a VLAN based portgroup on vDS that shares the same IP address space i.e VMs connected to VXLAN and distributed portgroup are on same subnet. 

A possible use cases for this scenario can be, an application server on a logical switch need to reach a database server connected to the physical network or a customer wants to extend their application to the cloud but wants to keep certain components on-site and because its legacy application it cannot be re-IP’d or any other constraint.

Prior to NSX version 6.2, it was not possible to bridge a Logical Switch that was connected to a Distributed Logical Router: for that scenario it was required to connect the Logical Switch directly to an Edge Gateway.

With NSX 6.2 VMware introduced in-kernel software L2 Bridging capabilities that allow you to connect VLAN backed VMs to VMs connected VXLAN based network (virtual wires).Read More

Objective 2.1 – Create and Manage Logical Switches

Manish Jha

What is a Logical Switch?

Functionality of a Logical switch is very similar to that of a physical switch i.e they allow isolation of applications and tenants for security purpose. A logical switch when deployed, creates a broadcast domain to allow isolation of the VM’s running in infrastructure. Logical switches uses VXLAN to provide separation of duties.

The logical switch operates in the overlay and is totally independent of the physical network (the underlay). Logical switches are connected to Transport Zones which spans across one or more cluster or all cluster across a virtual datacenter.

To know more about logical switches, you can refer to this article which I wrote sometime back or can refer VMware documentation

Prerequisites for creating a Logical Switch

Before you go and start creating logical switches in your environment, you have to make sure you meet following requirements:

  • vSphere distributed switches must be configured. You cannot deploy logical switches on standard switches.
Read More

Objective 1.3 – Configure and Manage Transport Zones

Manish Jha

A transport zone is a user defined scope for VXLAN networking traffic. Transport zones defines which hosts/clusters will be able to participate in VXLAN based virtual networking. Transport zones acts as a container to host logical switches and Esxi host uses these logical switches to communicate among themselves or with the underlying physical infrastructure.

Transport zone is a boundary where Esxi hosts create tunnels among themselves for allowing VXLAN traffic to blow. A transport zone can be associated with one or more vSphere clusters and you can have more than one transport zone in your environment.

Prerequisite: Before creating transport zone, make sure your Esxi hosts are prepared and VXLAN has been configured already. 

Create Transport Zones

To create a new transport zone, log into the vSphere Web Client and navigate to Networking & Security > Installation > Logical Network Preparation and click on green + button.

TZ-1.PNG

Provide a name for the transport zone and select the appropriate replication mode (we will discuss this shortly).Read More

Deleting NSX Controller Using API

Manish Jha

Today while cleaning up my lab, I came across situation where I needed to delete one of the deployed controllers. Although this task is fairly simple from vCenter UI, but recently I came across a situation (in VMware HOL) where I was unable to delete a controller via UI.

As an alternative, I came across set of API calls which did the job for me. In this post I will demonstrate how to use API calls to delete stuck/bad NSX controllers.

Step 1: Fetch controller details

Example: curl -sik -u “vcadmin@corp.local” -H ‘Content-Type: application/xml’ -X GET https://nsxmgr-01a.corp.local/api/2.0/vdn/controller | tidy -xml -indent -quiet

Output

Read More

Exploring vSphere 6.7-Part-3: VUM What’s New And Feature Walkthrough Using HTML5 Client

Manish Jha

With the release of vSphere 6.5, vSphere Update Manager (VUM) was inegrated with VCSA which made customers very happy as we no longer needed an additional windows server for installing VUM.  

With vSphere 6.7, VMware integraded few of the VUM funtionality in the new HTML5 client. Not all the features are available in HTML5 client and few features like VUM configuration changes, VMware tools upgrade etc can only be performed via vSphere Web Client (flash).

VMware is working hard on incorporating all the VUM features in the new HTML5 client as soon as possible and we might see them in upcoming updates of vSphere 6.7. Isn’t it exciting to get rid of flash based Web Client (yeah screw that VMware !!!)

I have written few posts on vSphere 6.7 earlier. You can read those posts from below links:

Installing and Configuring Esxi 6.7

Installing and Configuring VCSA 6.7

So whats enhancements vSphere 6.7 brought for VUM?Read More

Exploring vSphere 6.7-Part-2-Installing and Configuring VCSA

Manish Jha

In last post of this series we installed Esxi host and navigated around the HTML client to explor various options. In this post we will deploy VCSA host and will explore the new vSphere Client (HTML based).

Like Esxi host, installation of VCSA 6.7 has not much changed from previous version. Only the UI has become a slight better. I have outlined the steps in below slideshow.

Deploying VCSA

Once the Stage 1 of VCSA deployment completes, hit Continue to trigger the second stage of deployment to configure NTP settings and SSO domain configuration.

vc67-14.PNG

 

Once second stage of deployment is finished,  launch the HTML5 client (https://VCSA-FQDN/ui/) and login with administrator@SSO-domain and the password set during deployment.

vc67-23

vc67-24

Assign License

As soon as you login to VCSA UI, you will observe a warning about VCSA running in evaluation mode. Click on “Manage Your Licenses” to assign a new challange. 

vc67-25

Click on + button to add vcenter license key.Read More

Exploring vSphere 6.7-Part-1-Installing and Configuring Esxi

Manish Jha

vSphere 6.7 was announced by VMware just a day before their 20th foundaton day i.e yesterday. Although this release isn’t as feature-packed as the previous release, but still a lot of enhancements are introduced such as:

  • Instant clone API
  • Quick Boot of Esxi 
  • Per-VM EVC
  • VM Hardware version 14 introduced

I have not tested these features yet so I am not writing in detail about these. The best way to learn and test the new features introduced is to deploy stuffs in lab and start playing around and hence the first post of this series is dedicated to installing Esxi host.

This post will be covered in 2 parts where in first part I will demonstrate installation of Esxi host and in second part we will explore the vSphere Client (HTML based) to configure basic stuffs. 

All download links related to vSphere 6.7 can be found here

Although the installation has been pretty much straight forward over the years and nothing is changed as such, but if you are newbie to VMware it wouldn’t hurt to check out the installation steps from below slideshow.Read More

Getting Started With Zerto-Part 10: Configuring Advance Site Settings

Manish Jha

In last post of this series we had a look at various dashboards from where we can monitor zerto. Also we learned how to create custom dashboards as per requirement to view very specific details.

In this post we will learn about some advance configuration settings that we can do with zerto. These advance settings are skipped while performing an express install.

If you have landed directly on this page by mistake, then I encourage you to read earlier posts of this series from below links:

1: Zerto Architecture and Components

2: Installing Zerto Virtual Manager

3: Installing Zerto Virtual Replication Appliance

4: Creating Virtual Protection Group

5: Performing Test Failover

6: Move VPG from Protection Site to Recovery Site

7: Performing Live Failover

8: Checkpoint Tagging

9: Monitoring VPG

Lets get started.

1: To configure advance settings, login to ZVM interface and from top right corner select “Site Settings”

Advs-1.PNG

2: Cloud Settings: If you have a vCloud Director based cloud in your on-prem or if you have a vcloud based cloud subscription, then you can configure the settings here so that you can use zerto to replicate your workloads on a vCD based cloud.Read More

Getting Started With Zerto-Part 9: Monitoring VPG

Manish Jha

In last post of this series, we learnt how to use tags for manually created checkpoint. In this post we will explore zerto dashboards to see ow a VPG can be monitored.

If you have landed directly on this page by mistake, then I encourage you to read earlier posts of this series from below links:

1: Zerto Architecture and Components

2: Installing Zerto Virtual Manager

3: Installing Zerto Virtual Replication Appliance

4: Creating Virtual Protection Group

5: Performing Test Failover

6: Move VPG from Protection Site to Recovery Site

7: Performing Live Failover

8: Checkpoint Tagging

Being a zerto administrator, we should be familiar with various screens/dashboards that are available in zerto for monitoring stuffs perioidically or when something went wrong. Lets explore the various screens of zerto and checkout what info is available where.

1: Home dashboard: This is the very first screen which comes up when you login to ZVM interface.Read More

Enabling Zerto Plugin in vSphere 6 WebClient

Manish Jha

While working with Zerto in my lab, I noticed one weird thing that Zrto plugin was not automatically integrated with vSphere Web Client. Same plugin was visible in vSphere thick client though. That’s why I said its a bit weird as VMware wants to get rid of C# client and not much development is being done for it.

All new features of VMware is not only available in Web Client and now I am used of it. So I was looking for if there is any way to enable the plugin in Web Client and then I came across this article by virtubytes. Although the article is written for vSphere 6.5, but the solution worked in vSphere 6.0 as well.

Here are the steps for enabling zerto plugin in Web Client.

1: SSH to vCenter in question and enable bash shell.

Read More