Site-to-Site VPN between NSX-T and Azure VMware Solution – Part 2

In the previous blogpost we went through Azure VMware Solution(AVS) IPSec VPN setup and to complete hybrid networking between on-prem and AVS we need to configure NSX-T gateway too. As we discussed the target architecture would look like the following diagram.

Continue reading “Site-to-Site VPN between NSX-T and Azure VMware Solution – Part 2”

Site-to-Site VPN between NSX-T and Azure VMware Solution – Part 1

When it comes to connecting an on-premises VMware environment to Azure VMware Solution(AVS), ExpressRoute is the preferred connectivity method. But in some cases using a VPN tunnel is the preferred connectivity method to AVS environment.

NSX-T Tier-0 or Tier-1 gateways could be used to connect on-premises VMware environment to AVS. On the Azure side, Virtual WAN(vWAN HUB) will be provide the transit connectivity through a ExpressRoute Gateway into AVS infrastructure. I am going to walk you through the configuration of both NSX-T Tier-1 GW and Azure Virtual WAN to have a complete setup.

Continue reading “Site-to-Site VPN between NSX-T and Azure VMware Solution – Part 1”

AVS Hybrid Networking with NSX-T

When it come to setting up a hybrid cloud environments, one of the most important topics is networking. It is usually comes down to stretch on-prem network segments to the public cloud environment. This blog post is going to simply describe NSX-T architecture on AVS as the default networking and security stack. If you are new to AVS you can read Introduction to AVS blog post first, and then continue with this article.

Continue reading “AVS Hybrid Networking with NSX-T”

Azure VMware Solution goes into GA

On September 22nd 2020, during Ignite 2020 , Microsoft announced the general availability of next generation of VMware Azure Solution(AVS). If you want to learn about basics of AVS, you can read my previous blog post on Introduction of Azure VMware Solutions. Now AVS is now generally available in four Region at US East, US West, West Europe (Netherlands) and Australia(NSW). AVS also going to be available in Japan East, UK South and South Central US in the near future. You can check the availability of Azure VMware Solution by checking Azure Products by Region page for details.

Continue reading “Azure VMware Solution goes into GA”

Introduction to Azure VMware Solution (AVS)

Azure VMware Solution (AVS) enables you to run VMware SDDC stack natively on Azure to build-up a hybrid cloud infrastructure. AVS is a VMware validated solution that being delivered by Microsoft on Azure environment. According to Microsoft’s release statement in May 2020, “You can provision a full VMware Cloud Foundation environment on Azure and gain compute and storage elasticity as your business needs change”. Popular scenarios for this solution are datacenter footprint reduction, On-demand datacenter expansion, disaster recovery & business continuity and finally application modernization.

Continue reading “Introduction to Azure VMware Solution (AVS)”

NSX-T 3.0 SSL Certificate Replacement – Part 1

NSX-T installation comes with a out of the box self-signed SSL certificate. Because of security and compliance reasons, most of customers want to replace default self-signed certificate with a CA signed certificates. We have been looking for guide that explains how to do this step-by-step but unfortunately we couldn’t find one! There are some very useful guides like this one from VMware but as you read through, you realize the documentation is not complete. So to make story short, we looked around and ran SSL certification replacement.

https://miro.medium.com/max/1200/1*3Ntz8MAEObg_dW10I9-RfQ.png
Continue reading “NSX-T 3.0 SSL Certificate Replacement – Part 1”

Configure Virtual IP for NSX-T Management Cluster

Now that we have finalize deploying three managers in NSX-T management cluster we can go ahead and configure a Virtual IP(VIP) on it. We can use NSX-T internal mechanism to set an IP address on the cluster or setup an external load balancer in front of NSX-T managers. Configuring VIP which is recommended by VMware is more simple but using a LB would load balance traffic among NSX-T managers. This is a design question and should be chosen based on requirements and customer needs.

Please keep in mind that if you want to choose this approach, you need to have all NSX-T managers are on the same subnet. In this case, managers are attached to SDDC Management network. To configure Virtual IP, login to NSX-T Manager UI, choose System and on the left panel select Appliances then click on SET VIRTUAL IP option.

Continue reading “Configure Virtual IP for NSX-T Management Cluster”

Deploying NSX-T Management Cluster

In a previous blog post, NSX-T architecture explained and now we can start implementation of NSX-T. Deployment process of NSX-T Data Center beings with deployment of NSX-T Management cluster. In NSX-T 3.0 management cluster is consist of three NSX-T managers which include both management and control plane. The management plane provides Web UI, REST API and also interface to other management platforms like vCenter Server, vCloud Director or vRealize Automation. The Control plane is responsible for computing and distributing network run time state.

NSX-T managers can be deployed on ESXi or KVM hypervisor. If you are planning to use ESXi platform to host NSX-T managers, an OVA file should be used. On the other hand for KVM platform, a QCOW2 image will be used for NSX-T manager deployment. It is important to note that mixed deployments of managers on both ESXi and KVM are not supported. Based on type of deployment and size of environment, NSX-T manager node size configuration should be selected. Following is the four different configuration options and their requirements.

Continue reading “Deploying NSX-T Management Cluster”

What’s New in NSX-T 3.0

On April 7th 2020, VMware introduced next major release of its Network Virtualization & Security solution. NSX-T 3.0 introduces variety of new features which enhance the adoption of software-defined networking in private, pubic and hybrid-cloud environment.

Following are some of the new features and enhancements that are available in NSX-T 3.0 Datacenter;

Continue reading “What’s New in NSX-T 3.0”