posted

0 Comments

VMware vRealize Network Insight 4.1 just dropped and it’s a doozy! As I hope you have come to expect from the Network Insight team, this minor version has some jaw-dropping new features and feels like a major version. I will highlight the most important features below, let’s dive in!

Application Discovery

The application is what it’s all about. It’s what drives the business and generates revenue and lets us, the people in IT, keep our jobs. The infrastructure that drives it should Just Work ™. This is why Network Insight is focusing more and more on the application and correlating the infrastructure components directly to the application for a holistic overview of the entire landscape.

Before 4.1, application constructs had to be created manually or via the API. With the new application discovery capabilities in 4.1, we can automate that process and discover application constructs using vCenter custom attributes, AWS tags, the VM or EC2 instance naming convention, or retrieving the applications from a CMDB (starting with ServiceNow).

Using Custom Attributes or Tags

When your workloads have been tagged with the application and tier names, Network Insight can pick up the values of those tags and use them to discover the application constructs.

There are a couple of things to take note of; you can limit the scope of the discovery to a specific data center, VPC, cluster or any other logical object within vCenter or AWS and there will be 2 tags required; 1 for the application name and 1 for the tier name.

Using a Naming Convention

When your workloads have a consistent naming convention, Network Insight can also pick out the application and tier name from the name of the VM or EC2 instance itself, using a regular expression.

For example, let’s say there are VMs named as following: CustomerCare-App-VM01, CustomerCare-DB-VM01, CustomerCare-Web-VM01

We can run the application discovery and create an application construct named CustomerCare and have 3 tiers named App, DB, and Web, with the right VMs in those tiers.

Stay tuned for another post with a deep dive into all the details of the new application discovery capability!

Retrieving Applications from ServiceNow

When there is no naming convention or use of tags that can be used to discover the applications, Network Insight can also retrieve them from the ServiceNow CMDB. While traversing the related items view for applications, the application construct is formed using existing CMDB data. Here’s an example of how this discovery works:

Application Dashboard

Keeping the focus on the application, there’s a new application dashboard available. This dashboard has an amazing widget that displays the make-up of an application perfectly, while also showing the real-time network flows, related physical network hardware and any issues that the individual components might have.

The dashboard is accompanied by other widgets that show the recent events, the micro-segmentation planner, metrics such as network rate, CPU usage, and more to aid in the process of troubleshooting this application.

VMware Enterprise PKS and Kubernetes Support

Many organizations are pushing new applications into smaller form factors (containers) than VMs and are turning to Kubernetes to manage those containers. VMware Enterprise PKS is the best way to get a production ready Kubernetes environment. VMware vRealize Network Insight 4.1 is the only product that can tie Kubernetes services directly to the infrastructure components and provide a full view of the environment.

This release brings network visibility all the way down to the level of a pod and up to the level of a cluster. It also brings the inventory of your Kubernetes clusters, nodes, namespaces, services, and pods, into the same view as the infrastructure they are hosted on.

Using the actual flow-driven service graph, the security model for your Kubernetes services can be exported directly into a format (YAML) that Kubernetes understands. This is using real-time network data that is sent over the network and captured with VMware NSX-T. We don’t leave anything up to chance!

The Kubernetes Dashboard provides a wealth of data around the environment, such as; top talkers grouped by clusters and namespaces, the current status (number of pods, namespaces, nodes, etc.) of Kubernetes, which container images are used in the environment, and much more.

This topic is also worth a much deeper dive, stay tuned for another post!

F5 Load Balancer Visibility

In Network Insight 4.0, we introduced the ability to add an F5 Load Balancer as a data source. Network Insight gathered routing information from it, so if it was in the VM-to-VM path, it would show up as a hop. With the release of 4.1, we also grab the details around the load balancer configuration.

You can now get insight into the virtual servers, pools, members, and metrics around network usage, including direct context around the workloads and the infrastructure that’s underneath.

Leveraging the existing VM-to-VM Path topologies, we’ve extended the path to include the load balancer. You can jump from the topology to the load balancer dashboard to check its configuration and troubleshoot any issue you’re seeing.

VMware Network Insight Cloud Service Updates

By using the Network Insight Cloud Service, the maintenance of the platform is outsourced to VMware. This includes upgrades and I’m excited to announce that the Network Insight Cloud customers can start using the new features in version 4.1, right now!

There are also been some Network Insight Cloud only changes. Starting a trial has never been easier (automatically activated) and you can now get a very clear view on your license usage, using the new Service Usage page.

If you haven’t already tried it, VMware Network Insight Cloud service is available free for 30 days. All VMware Cloud on AWS customers will be happy to learn that the VMware Network Insight trial is automatically activated in their account!

Other Gems

There’s too much goodness in VMware vRealize Network Insight 4.1 to go through them all (and some will even get a deeper dive), but there are a couple of other gems that are new:

  • Added support for Huawei Data Center switches
  • Support for VMware Identity Manager to be used as an identity source
  • Add a single AWS Master account and retrieve all linked accounts automatically
  • Full support for NSX-T 2.4
  • Firewall change audit logs for NSX-v

And much, much more! To get the full lowdown on all changes, check out the release notes here: https://docs.vmware.com/en/VMware-vRealize-Network-Insight/4.1/rn/vrealize-network-insight-41-release-notes.html

 

Post Series

  1. What’s New for vRealize Network Insight 4.1 and Network Insight Cloud Service
  2. Application Discovery with Network Insight – Using Tags & Naming Conventions