Home > Blogs > VMware TAM Blog > Tag Archives: NSX

Tag Archives: NSX

VMware Infrastructure Navigator

Antonin_PerronBy Antonin Perron

Have you ever questioned yourself about the environment you are responsible for and wondered how your servers and applications interact?

VMware Infrastructure Navigator (VIN) is a very powerful tool within VMware’s Cloud Management Platform that can answer such questions and provide application dependency mappings across your environment. Unfortunately, VIN is often forgotten in discussions. Why? Great question! VMware needs to do a better job of showing its value and ensuring our customers utilize this forgotten gem in our toolset. Application dependencies mapping is lacking from competitive Cloud Management offerings, so VIN is a differentiator that could provide tremendous value when trying to deploy and secure applications.

Background

I have had various conversations with customers who are trying to find a quick and easy way to understand their applications workflow and how their environments are actually communicating at various levels, from a virtual and physical standpoint. Leveraging VIN will help in IT consolidation projects, workload migrations, defining firewall flows, and understanding communication from and to the virtual and physical environments.

Used in conjunction with other VMware products, VIN will help with architecture and design. As an example, when defining a disaster recovery (DR) fail-over plan within Site Recovery manager, knowing the applications workflow will help build that plan and prioritize application recovery by grouping the virtual machines. Finally, leveraging the network information (i.e. IPs, ports, services, etc.) captured by VIN will help define NSX distributed firewall (DFW) rules and implement micro-segmentation.

Benefits

Virtual Infrastructure Administrators can leverage visibility of day-to-day operational management for quicker problem triage, proactive virtual environment resource planning, managing changes, accurate business continuity, recovery planning, and more.

VIN is provided in OVA format (single virtual machine appliance) and has a pre-built application database with easy and accurate labeling of application names and version numbers.

Application relationships extend to virtual machines, hosts, clusters, datastore folders, and virtual networks. VIN can map one hop away to gather information and offers the dependencies via maps and tabular presentations. It is also possible to extract the database information via PowerShell to an Excel format, helping you with internal and external communications. The following diagram shows incoming and outgoing dependencies for each object in the tree. Dependencies from the tabular and maps are exportable to a CSV format.

APerron_VDP CSV

VIN Architecture and System Requirements

VIN registers with a vCenter server and installs a plug-in in the vSphere Web Client. It probes guest virtual machines with supported operating systems that are running compatible versions of VMware tools. Virtual machines must be powered on and accessible for VIN to gather the information. Data is inserted into the vCenter Inventory service with a default retention period of 72 hours, which can be extended if necessary.

APerron_Infrastructure Navigator Virtual Appliance

User-Defined Services and Application Definitions 

Services that are not part of the vCenter Infrastructure Navigator database are categorized as unknown services. VIN allows you to custom define unknown services within the database. Once defined, these services will be utilized for all discovered instances of the application.

From a VIN perspective, the manual application feature allows you to mark a collection of virtual machines with an application name. From a vCenter Operations Manager standpoint, it can then show the health of that application group, rather than individual virtual machines.

APerron_Infrastructure Navigator Virtual Manage Appliance

APerron_vCenter Operations Manager

VMware NSX and VIN

As mentioned, application definitions, customized services, and all the other information contained in VIN can help with NSX deployments. Using VIN will help to define security groups, tags, and IP sets necessary to develop micro-segmentation rules.

Similar to application definitions, security groups are a collection of assets or grouping objects in the vSphere inventory. They can be used to allow or deny security policies for applications and or solutions. A subset of virtual machines will belong to the same security group and can then be used in Source and/or Destination fields or be applied to other fields of DFW policy rules.

APerron_NSX Manager

Having the network information of all objects helps when defining a collection of IP addresses necessary to create the IP sets.

APerron_vSphere Web Client

For example, security tags can be assigned to virtual machines using the services, user-defined services, or the application definitions from VIN, for use in NSX DFW rules.

APerron_vSphere Web Client Manage

Important Links

Community
http://communities.vmware.com/community/vmtn/server/vcenter/infrastructurenavigator

Product documentation:
https://www.vmware.com/support/pubs/vcenter-infrastructure-navigator-pubs.html


Antonin Perron is a Technical Account Manager for VMware based in Ontario, Canada. He has over 17 years of IT experience filling various roles and after 12 years, 5 overseas deployments as a Communications Specialist in the Canadian Armed Forces, he joined VMware in 2015. He works with Shared Services Canada, Government of Canada, as the only one VMware resource on site and he his using experience to provide technical guidance, optimization recommendations to facilitate their workload migration across their 43 departments.

Are You a Type 1 or Type 2 NSX Customer?


Curtis-Badge-PhotoBy Curtis Miller

As a VMware NSX TAM—one who compliments standard TAMs and specializes in VMware NSX technology—I see two general types of NSX customers:

  • Type 1: A company that brings in a consultant to implement NSX
  • Type 2: A company that wants to implement NSX on its own

In either case, an NSX TAM provides support and guidance to help ensure the success of the installation. But that’s just the beginning of the value we provide.

During a consultant-led (Type 1) deployment, companies often find it challenging to get the information needed to move effectively into the operations stage. Operational success requires that employees in every functional area in the organization (i.e., developers, users, and their own customers, if they’re a service provider) learn how to consume NSX – not just the IT department. NSX TAMs make sure that happens, paving the way to a seamless transition to operations.

During an internally-led (Type 2) deployment, NSX TAMs provide a host of important information and coordination support. For example, we help interface between the company and their implementation-related vendors (e.g., firewall, switch, or router vendors); of course, we also help coordinate interactions with VMware and its third-party partners.

Helping both types of companies run NSX after implementation is perhaps an NSX TAM’s most important role. This kind of ‘day 2’ support includes expert help with troubleshooting, patching and upgrading (of NSX and third-party functionality such as security, firewalling and automation), getting customer-needed features added to future versions of NSX, and much more.

Bottom line: NSX TAMs exist to help you reduce risk, maximize the value of your NSX investment, and meet and exceed the goals you set when you chose NSX.

Click here to learn more about VMware TAM services.


Curtis Miller is a Technical Account Manager for VMware

 

Better Together: VMware Hands-On Labs and Technical Account Managers

By Adam Eckerle

VMware HOLI’ve been traveling the Midwest lately speaking at VMUGs, USERCons, and vForum events. It’s been a whirlwind few months talking to many people and answering questions on various topics, such as, “What’s new with VMware vSphere 6?” “What are some new possibilities with technologies like VMware NSX and VMware vRealize Automation?” And—most of all—trying to answer the question, “How does a person keep up with all this new technology?” It certainly isn’t easy, but there are tools available that can help. One such tool I’ve been amazingly lucky to be a part of has been VMware Hands-On Labs (HOLs). In my travels I’ve been completely amazed at how many people are not yet aware of this really awesome tool.

So what are HOLs? Think of an HOL as a large cloud environment where hundreds, or even thousands, of lab environments are spun up, used and torn down simultaneously. A lab environment could consist of a few virtual machines or complex environments with virtual ESX hosts, VMware vCenter, NSX, vRealize Automation, etc. Some of the largest labs have upwards of 25 virtual machines and half a terabyte of storage. A user can login, browse the catalog of available labs—which, by the way, includes nearly 60 pre-built, fully functional lab environments already available—and deploy any lab of their choosing. Once deployed the user has full access to that environment for up to four hours. There are no guardrails or training wheels. If you want to go in and shut down your ESXi hosts – you can do that. But your lab will be very short!

The best part about all of this is that it is completely FREE and available 24x7x365 across the world. You are guided through each lab environment by the accompanying lab manual, which guides you from setting up the lab through some learning exercises. However, if you are brave, you can ignore the lab manual and just dig right in on your own. No guardrails, remember? Some primary reasons people love the HOLs is that they can try out VMware products—as well as partner products—and have a guided learning experience. You can take a look at something like vRealize Automation without spending hours downloading the software and then installing and configuring it. There are also partner labs where you can see integrations into VMware software. For example, HOL-PRT-1468 is an InfoBlox lab that shows the IPAM (IP Address Management) integration into vRealize Automation and VMware vCenter Orchestrator. So it’s not just about VMware! HOLs are a really great resource if you ask me – but then again I may be a bit biased.

Can you guess what can make Hands-On Labs even better? If you guessed, “Combine a Hands-On Lab with your VMware Technical Account Manager,” then you are right! As a Technical Account Manager (TAM) customer, you have a really unique opportunity. Something I’ve found to be very successful, and even fun, has been sitting down with my customers and going through some HOLs together. This facilitates a great learning experience, but it is also enhanced by the questions and discussions that result from participating in an HOL as a group. TAM customers should absolutely ask their TAMs to go through HOLs with them; I know your TAM will be happy to do so.

Something else that is interesting about HOLs is that they aren’t built by a group of people who are hidden away and inaccessible. All of the HOLs are built by volunteers – Sales Engineers, Technical Marketing Engineers, and even TAMs. So if you’re going through a lab and have questions, we can put you in contact with the small teams who actually built and produced the lab. Sometimes this even leads to improvements in the labs and occasional corrections in the lab manuals. I mentioned we’re all volunteers, right?

Finally, I think it is important to point out that we do have a lab development cycle. The cycle begins every year in March by assembling the teams of volunteers for each HOL. There is a 2–3 month development cycle to prepare the labs for VMworld U.S., which typically runs in August. Once VMworld U.S. is done, there is a small window for changes to the labs leading up to VMworld EU. There may be some exceptions, such as if new products—or major version releases of existing products—get launched, and a HOL may get released outside of VMworld as a result of this; but in general all the new labs that we’re currently developing will be released in August at VMworld U.S.

In summary, the VMware Hands-On Labs are an amazing learning and product evaluation tool that’s completely free and accessible from anywhere (with an Internet connection) and from any device. I’ve personally used the HOL instead of spending thousands of dollars on a home lab, but there are so many other reasons to leverage this resource. All that’s needed to sign up is an email address. Take a look at http://labs.hol.vmware.com – there are even some introductory videos to help get you started. I encourage you to speak with your TAM about the labs you’re interested in, or, if you’ve already taken HOLs, to provide feedback. We want to make sure this resource brings the most possible value to you and your organization so ANY feedback is always welcome! Thanks for reading and have fun in the labs!


Adam_Eckerle

 

Adam is currently a TAM for VMware who works with a small number of large Enterprise & Government customers as a consultant within the VMware Professional Services Organization (PSO). Adam provides technical guidance and advocacy to his customers and provides customers access to exclusive content, access to road maps & product managers, as well as being the single point of contact for everything VMware-related. He currently holds VCAP-DCA, VCAP-DCD, VCAP-DTD, EMCISA, and several Cisco Data Center Specialist certifications. Connect with Adam on LinkedIn.