What’s new in NSX Migration for VMware Cloud Director 1.2

As most of you are aware by now, VMware announced the sunsetting of NSX for vSphere (NSX-V), and the current end of general support is targeted for January 2022, while the end of technical guidance will be in January 2023. It is important that Cloud Providers migrate from NSX-V to NSX-T as soon as possible. As the process for larger providers will take a good amount of prep work and testing, the earlier they start the better their experience will be. The good news, the migration tools available this time is very helpful to streamline the process.

There are multiple methods to migrate from NSX for vSphere to NSX-T Data Center. They are listed below in the order of their usability in a VMware Cloud Director environment:

  • VMware NSX Migration for VMware Cloud Director can migrate the workload VMs and other organization VDC objects to the same vCenter Server instance managed by VMware Cloud Director. This is the option you really want to use if you have VMware Cloud Director in your environment. Here is the link for download. Here is the link as well for features supported by the migration tool.
  • Coexistence – New workloads are deployed on NSX-T, and the older workloads are allowed to die over time.
Read More

How to Change VMware NSX-T Manager IP Address

VMware NSX-T logoThere is often the situation where you need to change the IP addresses of your NSX-T Managers. For example, you might be changing your IP schema as I am doing currently in my home lab. NSX-T does not have a field to change the IP address of it’s NSX Managers, but you will need to add new NSX Managers with the new desired IP, then gradually delete the old ones. Luckily the process is easy and straight forward as documented below.

Note: While I only have a single NSX-T Manager in my environment as it is a small home lab, usually in a production environment, you always want to maintain 3 NSX Managers active to sustain your NSX-T availability. Try to follow one of the below two approaches to maintain that.

  • Scenario A:
    • Manager A has IP address 172.16.1.11.
    • Manager B has IP address 172.16.1.12.
    • Manager C has IP address 172.16.1.13.
    • Add Manager D with a new IP address, for example, 192.168.55.11.
    • Remove Manager A.
    • Add Manager E with a new IP address, for example, 192.168.55.12.
    • Remove Manager B.
    • Add Manager F with a new IP address, for example, 192.168.55.13.
    • Remove Manager C.
  • Scenario B:
    • Manager A has IP address 172.16.1.11.
Read More

Installation of NSX 6.4 VIB on ESXi 6.7 host failed

I have often got to interact with customers who had an issue getting the NSX VIB installed on their ESXi host. Most of the time, it is a tedious configuration issue or a step that they have forgotten. I have hit a similar issue today in my lab with me missing a simple step and wanted to share the error and the fix with others just in a hope it helps others recover from the same error quicker.

I was getting the following error every time I tried to install the NSX 6.4.5 VIB on my ESX 6.7U2 host, and similar error as well when I try to run the resolve button. The error stated “Unable to access agent VIB module at https://192.168.1.211/bin/vdn/vibs-6.4.5/6.7-13168956/vxlan.zip (_NSX_87_VTRES01_VMware Network Fabric). A screen shot of the errir is below.

Unable to access agent VIB Module at vxlan.zip

There was a more detailed error on my NSX screen, which unfortunately I seem to have lost the screenshot for, but it stated something like below:

vtesxi01.vt.com: Unable to access agent offline bundle at https://192.168.1.211/bin/vdn/vibs-6.4.5/6.7-13168956/vxlan.zip.
Cause : <esxupdate-response>
<version>1.50</version>
<error errorClass=”MetadataDownloadError”>
<errorCode>4</errorCode>
<errorDesc>Failed to download metadata.</errorDesc>
<url>https://vtvc01.vt.com:443/eam/vib?id=ecf4a884-c9f5-406c-b57e-75a6613a3651</url>
<localfile>None</localfile>
<msg>(‘https://vtvc01.vt.com:443/eam/vib?id=ecf4a884-c9f5-406c-b57e-75a6613a3651’, ‘/tmp/tmpjnw369p9’, ‘[Errno 14] curl#6 – “Couldn\’t resolve host \’vtvc01.vt.com\'”‘)</msg>
</error>
</esxupdate-response>

As I have seen this one before, I was immediately able to spot that the fix is more than likely I have forgotten to setup Forward or Reverse DNS record or configuration for one of my setup component being ESXi, vCenter or NSX.… Read More

How to combat WannaCry Ransomware attack with VMware NSX

If you have not heard about the WannaCry Ransomware attacks lately, you need to get your head out of the sand for a bit longer. It sounds like this new Ransomware which take over the victom machine and encrypt their files and ask for a Bitcoin payment to give control back over their machine is taking the world by a storm. It is unbelievable how fast it has spread and how many machines it had took over in no time. It has even took over high profile organizations like Telefónica, Hitachi, Fedex,  National Health Service hospitals in England and Scotland, and many others.

ransomware wannacry compat with VMware NSX

While there has been  patches released by Microsoft to help mitigate the risk of this ransomware that uses a Windows vulnerability for Windows 7 and higher, there is currently no patches for earlier releases of Windows such as Windows XP.

While backup,  patching and keeping both your windows and security/antivirus software up to date is your first line of defense in such a situation, solutions such as VMware NSX can help you defend as well better contain such an attack. I have one of my colleagues “Angel Villar Garea (NSX Specialist SE in Spain)” has created a great video (see below), explaining how NSX can help to contain WannaCry in case a VM gets infected.… Read More

Integrating VMware NSX 6.3 with vRealize Automation 7.2

There is many reasons why you would want to integrated your vRA with NSX including on demand networking and security. If you have found this page, you probably had already figured out your reason, so I am not going to spend much time on that. Let’s get to how to do it!

In order to be able to use NSX on demand capabilities in your vRA, you will need to integrated the two together. Today this happen in vRA using the NSX plugin for vRO. The below instruction will document the steps you need to integrate your vRA 7.2 environment with VMware NSX 6.3. These instructions should work with a very little modification for other versions of vRA 7.x and NSX 6.x.

Install the NSX Plugin for vRealize Orchestrator

1- Download the NSX Plugin for vRO (Latest at the time of this post is 1.0.4) from the following link: NSX Plugin for vRO 1.0.4

2- Go to your vRO Control Center by going to: https://vtvro01.vt.com:8283/vco-controlcenter/ and login using root and the password you supplied during installation.

3- From Under Plugins click on the Manage Plug-Ins icon.

4- Hit Browse and choose the downloaded NSX for vRO Plugin (Mine was called: o11nplugin-nsx-1.0.4.vmoapp)… Read More