Loving the list of new features in vSPjere 6.5? Thinking about digging in and upgrading your lab or other environment? Well if that environment is running NSX you will want to wait just a little longer. vSphere 6.5 is currently not compatible with NSX including 6.1.x and 6.2.x. See KB 2147548 for more details.
Now I have nothing official to say on this, but as you might expect I’m sure this will be resolved once a new version of NSX drops. We have all been there before where we just got the GA announcement of vSphere and rushed to upgrade our virtual labs and oh wait crap, NSX is not supported. This is nothing new this has been the case for last few releases if you recall. You may remember reading this article about vSPhere 6.
I’m sure you have all heard the news about the VMware and Amazon partnership. I’ve been getting loads of questions from people and it seems that their are misconceptions on what exactly this means short term. Here is some of what I have heard and some clarification as to what it really is.
The offering will be VMware’s hypervisor running nested on top of AWS. – False
The offering is actually the vSphere hypervisor running on bear metal running inside Amazon’s data center.
I want AWS features, not just vSphere in another datacenter. I don’t see any AWS value or features with this offering – False
The machines running on vSphere in the AWS datacenter can take advantage of lots of AWS offerings such as storage, database offerings, security, analytics, and from what I understand 70 other services. While it’s not the ability to use the AWS API to provision workloads this is still huge. This of projects you may have that utilize AWS services interacting with workloads running in your own physical data center and the what you have to do you secure those interactions. Now you have the ability to run the workloads inside the same data center as those services greatly reducing the complexities of securing those communications.
It’s great but what about NSX?
In the offering vSphere, NSX, and vSAN are all available. I can’t speak to how the cost and licensing works with regards to these, but they are all available.
When will this be generally available?
It is expected to be available sometime late H2 2017.
As more and more info becomes available it will become even more apparent how much value this will add to the enterprise datacenter. Most organizations today have a disconnect when it comes to their on-prem and off-prem workloads. Having a standardizes infrastructure, standardized process, and standardized integrations can only lead to less complex and more manageable infrastructure. As more information becomes available that can be shared I will certainly be focusing more on this area and once possible I will certainly be providing some insight and sneak peaks into this great new partnership.
I have been a fan of Ubiquiti for years, however recently I have become an even bigger fan boy for their networking and video security products. Although Ubiquiti is a manufacturer of “Enterprise” grade products I believe they are perfect for todays home as well. Their products are priced cheap making them a perfect fit. In this article I’m going to focus on (4) of their Unifi products I am using in my home network that are absolutely awesome!
If you are looking to try out vRA7 integration with NSX make sure you upgrade your NSX deployment. This update include support for the NSX 1.0.3 vRO plugin needed for vRA integration.
New in 6.2.1
The 6.2.1 release delivers a number of bug fixes that have been documented in the Resolved Issues section.
6.1.5 fixes: Release includes the same critical fixes as NSX-vSphere 6.1.5 content.
Introduced new ‘show control-cluster network ipsec status’ command that allows uses to inspect the Internet Protocol Security (IPsec) state.
Connectivity status: NSX Manager user interface now shows the connectivity status of the NSX Controller cluster.
Support for vRealize Orchestrator Plug-in for NSX 1.0.3: With NSX 6.2.1 release, NSX-vRO plugin version 1.0.3 is introduced for use with vRealize Automation 7.0.0. This plugin includes fixes that improve performance when vRealize Automation 7.0 uses NSX for vSphere 6.2.1 as a networking and security end point.
Starting in 6.2.1, NSX Manager queries each Controller node in the cluster to get the connection information between that controller and the other controllers in the cluster. This is provided in the output of the NSX REST API (“GET https://[NSX-MANAGER-IP-ADDRESS]/api/2.0/vdn/controller” command), which now shows the peer connection status among the controller nodes. If NSX Manager finds the connection between any two controller nodes is broken, a system event is generated to alert the user.
Service Composer now exposes an API that enables users to configure auto creation of Firewall drafts for Service Composer workflows. This setting can be turned on/off using REST API and the changes can be saved across reboot. When disabled, no draft is created in the Distributed Firewall (DFW) for policy workflows. This limits the number of drafts that are auto-created in the system and provides better performance.
Many of you have already heard the news about vRA7. Now that it has been officially announced I can start to share some useful information regarding this transformative release of vRealize Automation. I want to start by stating I cannot discuss anything related to GA release date so don’t expect to find anything related to when this will be released. This article is aimed to give you an overview of some of the great new features coming in version 7 and as the starting point for a series of vRA7 walk-through articles.
vRealize Automation 7 Installation
I think you are all going to be very pleased with the new installation wizard. It takes 98% of the pain out of deploying vRA, and let’s face it, it wasn’t that difficult in the 6.x release. To start much like the vRA 6.x installation process you will need a Windows Server available, but you no longer have to make sure you have all the pre-requisites completed. The only pre-requisite you will need is to install a simple installation agent on server and that’s it. The installation will not only check for the pre-requisites, but it will allow you to resolve them if they are not met.
The installation also now let’s you choose between a simple installation and a fully distributed installation. This is huge. If you have ever done a distributed installation this is where most of the pain was felt. VMware has truly raised the bar and done a fantastic job with the installer.
Identity Management
Not a fan of the SSO solution in previous releases of vRA? Then you are in luck. vRA7 no longer uses the Identity Appliance and VMware SSO. It leverage VMware Identity Manager. There are so many great aspects to this welcomed change starting with one less virtual appliance to deploy. That’s correct Identity Management is built in to the vRA virtual appliance. Besides simplifying the installation it will also simplify integrations giving you the ability to authenticate a user via an external source and pass that token to vRA preventing the need for the user to login yet again. Look for some more in-depth articles coming on this soon.
Unified Blueprints
Blueprint creation just got a whole lot easier and a whole lot more feature rich. For those of you who have been using vRA 6.x you are going to really appreciate the new Blueprint designer. Drag and drop templates, networks, applications, XaaS workflows on the canvas and build your blueprint visually. This is just the start. Remember the 6.x NSX integration? Remember how it only worked with multi-machine blueprints? Guess what? That is no longer the case. Add one machine add ten is doesn’t matter. Use existing networks, create new ones, assign securty tags, security groups, load balancers, and more. It’s like those old Prego commercials…..”It’s in there”. Are you an application services user? Remember having to pull in the single machine vRA blueprints to use with App Services and then publish them to the vRA catalog? Guess what? You guessed it. If you want to deploy an application to a template on your cancase, you just drop the application on to the template. Look for a lot of great articles to come on this.
Blueprints as Code
Ever wish you could export and import blueprints? Wish no more! vRA7 features the ability to export you blueprints as code. Once exported you can manipulate the file is needed and import into another vRA7 or the same vRA7 instance. Imagine exporting your bleuprints checking it into GIT for version control and running those bleuprints builds through Jenkins to facilitate new “builds” and then importing it back into vRA7. Well no need to image because it’s all possible. Another feature to help with the transformation to DevOps.
Enhanced Extensibility
Just when you thought it couldn’t get any better, it does. The new event broker system in vRA completely transforms how you will integrate to 3rd party systems in vRA7. Some of the features here include dynamically assigning workflows to builds based on filters. Remember how complicated it could be get the right workflows to run based on custom properties? Well this if the possibilities, trigger a workflow based on the requestor, the machine name, the blueprint, and more…..and this is just one of the cool features of event broker. Use event topics such as Post Approval, Pre Approval, Blueprint configuration, resource reclamation, Business Group Configuration, XaaS, Machine LIfecycle, and Machine Provisioning. Look for a whole ton of articles on this as well as new releases of workflows based on this new event broker.
These are just some of the great new features in vRA7, I can’t wait to start posting new articles on how to works with the awesome new features.
Don’t forget to stop by the Hands On Labs and check out some of this years awesome labs that are available. Last night we had the lab burn in and they are open to day. There are labs for just about everything you can imagine. Not sure what lab is right for you, that’s fine stop by and chat with some subject matter experts that will help you determine which lab is the right fit for you. There are roughly 350 terminals in the HOL this year along with a customer connect area where you can BYOD to connect. If that was not enough there are 4 expert led breakout rooms where you can reserve a spot and attend expert led sessions on the various technologies.
There is not really much I can add to the debate on NSX vs ACI except to share my opinion on a few things.
Let’s look at the world as it is today. It is a virtual world. At least 80% of workloads in most datacenters today are virtualized. So that leaves roughly 20% of workloads as physical. How often do physical workloads move to different servers, racks, datacenters etc? Not very often right? You rack them, you cable them, you plug them in, you configure the port(s) and that is basically where it lives for the rest of it days. Any rules or policies you need for those machines get created and that’s it.
Why is there a perception that you can use Cisco or NSX? If you perform a simple google search you will find many articles that aim to answer the question of Cisco vs. NSX? This is like saying HP or vSPhere? It doesn’t make any sense. Cisco and NSX can co-exist in a datacenter it’s not a one or the other proposition. Let’s face it Cisco owns the network layer in most datacenters and they should, they make damn good networking hardware. But that’s just it. They make hardware much like HP, Dell, and IBM make hardware. It has limitations.
Don’t get me wrong hardware is a necessary evil for obvious reasons for all types of virtualization whether it be computer, networking, or storage. I just don’t understand the big debate regarding Cisco vs. NSX. It’s really very simple. Keep your existing Cisco hardware and get more out of it with NSX. I hear many making an argument that network virtualization is not needed because you cannot consolidate multiple switches or routers into one. This baffles me as well. If you support this argument or feel it is valid you don’t understand the value of Network virtualization
If you have been looking into Openstack as a standardized api for your cloud infrastructure you have undoubtedly realized how complex it is to get an Openstack environment up and running. VMware Integrated Openstack or VIO takes the deployment of Openstack and literally makes it brain dead simple. I mean let’s face it, if I can deploy it then you know it’s simple 😉 About a year ago started down the path of deploying open stack into the MoaC lab. The project was very short lived because I just didn’t have weeks to dedicate to getting it done. Fortunately VIO has been released and I can now implement Openstack in the Moac is about an hour. No that wasn’t one of my many typos you may find in my articles I did mean to say “an hour”.
Before you say why should I buy Openstack from VMware when it’s an open source project, let just say because it’s free! Well sort of. It’s free for all customers with vSphere Enterprise Plus, vSphere with Operations Management Enterprise Plus or vCloud Suite. Chances are if you are interested in Openstack you fit into one of these buckets and you can get it for free.
For all of you that have been patiently waiting for NSX 6.1.3 so you can upgrade to vSphere 6, your wait is over! VMware has relaeased NSX 6.1.3 today and it is now live for download. On top of support for vSPhere 6 it also includes a number od security and bug fixes details can be found in the release notes.
NSX vSphere 6.1.3 introduces the following features:
Dynamic routing protocols are supported on sub-interfaces.
ECMP and Logical Firewall are supported at the same time with logical routing.
