v2cgeeks

NSXT Manager cluster consists of 3 NSXT Manager nodes  These three nodes will form as NSX-T Manager cluster for high availability, workload sharing.  Each node will have three roles deployed Policy role Manager role Controller role  NSXT managers forms the management, control plane  Data plane is separated from the control plane. Management plane: NSX-T Managers forms the management plane  Provides the entry point for the NSX admins to configure Networking and security  It provides both API or UI based access  Control plane: Control plan is responsible for runtime virtual networking and security state environment in NSXT data center. There are two types of control plane: CCP, LCP CCP is central control plane, it is on NSX-T Manager nodes. LCP is local control plane it is on each NSX-T transport node (ESXi, KVM , Baremetal server)  Management and control plane functionalities are converged and managed together by NSX-T Managers. These converged res...

Hi How are you? I hope you are doing great. Thanks for coming to my blog, In this blog we discuss about HCX Tunnels. HCX deploys few appliances as per the services enabled in compute profile, among them HCX-IX and HCX-NE these two appliances establish IPSec tunnels with the peer appliances on the target site. In this blog, I would like to explore the tunnel configuration. Before exploring the HCX IPSec tunnels, let's try to understand what are IPSec tunnels. What is IPSec? IPSec is short form of Internet protocol security. It is a group of protocols that are used together to setup encrypted connections between the two sites.  IPSec tunnel encrypts and authenticates the data flowing through the tunnel. IPSec tunnel creates robust security layers to fully protect the data that is transmitting over the Internet or through an enterprise's network. This is how tunnel works: To protect the data packets, IPSec peers(source and destination) need to establish a tunnel. To establish tunn...

Welcome back to my blog. Hope everyone doing great.  In this blog, I would like to explain about how to change the NSXT deployment size during the VCF workload domain deployment. By default in VCF workload domain deployment phase, it deploys 3 NSXT Managers with large formfactor. credits: https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/installation/GUID-AECA2EE0-90FC-48C4-8EDB-66517ACFE415.html  In the above diagram we can see the NSX-T Large formfactor requires 48GB of memory and 12 vCPU for each NSXT Manager.  In VCF, NSXT-Managers for VI workload domains will be placed on Management domain cluster. When I am practicing lab, none of the hosts in my management cluster have the required memory and cpu available for NSX-T Manager large formfactor. so my VI domain deployment workflow is keep on failing and keeps deleting the downloaded NSX-T OVA files and eventually failed. I have followed below steps to workaround this problem 1. I have taken the copy of /etc/...

Hello everyone, thank you for visiting my blog again. Hope you all doing great. Here in this blog, we will try to understand about VMware cloud foundation by looking at simple Q&A. I recently got a chance to attend VCF bootcamp based on VCF 4.3 version, although it is not the latest VCF version, but that bootcamp helped me to understand VCF more better. I tried to put my takeaway points from this bootcamp in the form of Q&A. 1. What are two architecture types in VCF? We have two types: consolidated and standard Consolidated architecture: Run management VMs  and customer workloads on one domain which is management domain. The resources on this cluster will be shared across these different workloads by using resource pools. Standard architecture: Management domain is dedicated to run management appliances And customer workloads will be running on VI workload domains. 2. What are the deployment options available in VCF? By default single site deployment: with in this site, if ...

In this blog we will look at logical and physical view diagrams covering different NSX-T routing scenarios. Scenario-1 Single Tier topology  Scenario-2 Multi tier with no statefull services  Scenario-3 Multi tier with statefull services Deployment modes: Active-Active(A/A) or Active-Standby(A/S) Active-Active: Active-Active mode is the default high availability mode for T0 In this mode, stateful services cannot be used  But this supports stateless services such as reflexive NAT. Active-Standby: It is the only supported high availability mode supported by T1, and please be noted that T0 can also be configured in Active-Standby In this mode, stateful services can be used  so this mode is used when stateful services are required All stateful services are available on both T0 and T1 (when they are setup in Active-Standby mode) except the load balancer, LB is only available on T1  Stateful services: SNAT/DNAT Load balancer VPN Firewall DHCP 

Welcome back. Hope you all doing great. In the previous blog   we discussed about how to access sddc manager, what are the different logs in sddc manager. In this blog we will discuss about SOS tool. There is a tool called SOS (Supportability and serviceability utility) tool in sddc manager  It is available in this location /opt/vmware/sddc-support To run sos tool you need to change as root or run with sudo  When you run sos tool with -h (--help) option it will show tool usage ./sos --help Sos tool is useful to do multiple tasks, we will look into following examples to understand SOS and its usage. Health checks  Log collection Enable disable ssh for esxi nodes or vcenter servers Get host IP address details  -- Running health check for a specific workload domain, if you didn’t specify the domain-name option then health check will run on all the available workload domains. ./sos --health-check --domain-name nameofthedomain Once the health check completes, it...

In this blog, we will discuss about sddc manager and what are the command line options we have what we can do in command line. Sddc manager is the core component in VCF environment. It is responsible for doing many different tasks related to your VCF inventory configuration, life cycle management, security etc. Commission/decommission the hosts Deploying new workload domains  Expanding the clusters or adding new clusters to workload domain Configure network pools for host networks (Management, Storage(VSAN/NFS etc) Deploying vRealize suite of products Certificate and password management  Life cycle Management NSX-T Edge/AVNs deployment Usually all these tasks can be carried out from GUI, VCF admins rarely login sddc manager mostly when the VMware GSS is involved. SDDC Manager command line provides different use cases for example: monitoring the logs  looking up for passwords collecting logs do command line health checks etc How to access sddc manager CLI? There are two us...

 In the HCX Components (Part1)  we discussed about HCX Connector, Cloud Manager, Site Pair, Network profile, compute profiles, Service mesh.  In this blog, we will discuss about HCX Appliances.

  In this blog post, we will discuss about major components of HCX. HCX Connector:   Always deployed at the source datacenter from which the applications will be migrated Connector OVA should be downloaded from HCX Cloud Manager GUI, so it means HCX Cloud manager should be deployed and configured on the destination first A connector cannot be paired with another connecter A connector is always a source and cannot be target for site pairing Source side usually runs old vSphere environments (End of support versions) Source side does not require NSX to be available Service mesh appliances created on source side are tunnel initiators (HCX-IX-I, HCX-WO-I, HCX-NE-I) HCX Cloud Manager: Generally, it is deployed at destination site Only exception is Cloud to cloud migration scenario, in this we deploy HCX Cloud manager on both sites. Don’t get confused with the term cloud here, the destination environme...

 In this blog post, I am sharing a video which explains the basics of VMware HCX. This is not a deep dive, technical video, It just gives high level understanding what is HCX and how it works.