With the release of VMware Cloud Director 10.3, there are several new additions and enhancements to this self-service platform. I’d like to talk about some of the continued security and certificate changes that one must be aware of before upgrading to 10.3.
This is an ongoing effort to simplify certificate handling, but also conform to industry security standards.
Continue reading “Infrastructure Certificate Handling Changes in VMware Cloud Director 10.3”Recently, I’ve been spending time on reviewing new functionality inside of VMware vCloud Director (vCD) 9.7, specifically Edge Clusters. Edge Clusters provides distinct capabilities to control tenant Edge placement while achieving a higher level of availability. While Edges are a distinct function of NSX to control traffic that ingresses/egresses out of NSX, vCD can provide a significant level of additional functionality.
Abhinav Mishra and I have spent some time writing about the rationale, implementation, migration, and design decisions in regards to Edge Clusters in version 9.7. Below are the links to each of these respective blog posts:
Introduction to Edge Clusters in VMware vCloud Director 9.7 (Part 1 of 3)
Setting up Edge Clusters in VMware vCloud Director 9.7 (Part 2 of 3)
Edge Cluster Design and Migration Considerations for VMware vCloud Director 9.7 (Part 3 of 3)
Continue reading “NSX Edge Cluster Capability in VMware vCloud Director 9.7 – Summary”Currently, I am working on some overall design content for Edge Clusters inside of VMware vCloud Director 9.7. However, I wanted to share a post on providing a step by step guide on establishing an Edge Cluster inside of vCD. I will much more to share on our corporate blog shortly, but this should start some thoughtful discussions.
So what’s the deal with Edge Clusters? Edge Clusters now allow a provider to discrete control of tenant Edge placement. Previously, this was rather limited and only controlled at the Provider Virtual Data Center (pVDC) layer. With Edge Clusters, we now can establish this on a per-oVDC basis. In essence, the three main value points of Edge Clusters:
Below is a overall high level design of Edge Clusters from a physical and logical layer –
Continue reading “Setting up Edge Clusters in VMware vCloud Director 9.7”Over the past few weeks, Wissam Mahmassani, Abhinav Mishra, and I have created a few walkthrough videos on setting up Cross-VDC networking inside of vCloud Director 9.5.
Unfamiliar with Cross-VDC networking in vCD? Check out this series of blog posts that review the capabilities and design considerations:
Getting Started with Cross-VDC
Design Considerations and Conclusion
The intent of these videos is to discuss setting up Cross-VDC networking in vCloud Director but also have a live chat on items we’ve learned along the way with working with it. Quite frankly, it was an open discussion between the team on the inner workings on vCD/NSX and what our development team has done in the backend.
In the first video, we discuss the pre-requisites before we can start configuring vCloud Director for Cross-VDC networking. In essence, the assumption is cross-vCenter NSX has already been established and we have the primary and secondary NSX managers registered.
Next, we review the concept of creating a Datacenter group and what are the different egress options. This is very important as it explicitly controls how traffic exits the overlay environment.
Here, we discuss how BGP weights control our active/passive egress points and what vCD automates in the backend. The key is this is all done without provider/tenant configuration – vCD automates this process.
As a final wrap-up of the BGP weights, we review creation of the stretched networks inside of vCloud Director along with operational management inside of the vCD H5 UI.
Last of all, we demonstrate testing of Cross-VDC and failover of my “Daniel-App” between the two sites. What’s interesting is the ability to migrate egress points without any loss of connectivity. Unintended failover is managed by BGP weights, which the default timer is 60 seconds and could be revised if required.
As stated before, this shows the requirement of having a mirror Edge configuration, especially for NAT configuration and failover testing between sites.
This was a fun experience with the team while reviewing and having open discussions on Cross-VDC networking. We are hoping these are valuable for those of you that are interested in bringing this as a new service inside of vCloud Director.
Thanks!
-Daniel
