NSX-T Series: Part 1 -Architecture and Deploy
Since the beginning of NSX-T development, it was clear that it will have extensive support for the Multi-Cloud environment, Container, and even can fit into the Telco environment. In this blog: NSX-T Series: Part 1 -Architecture and Deploy, we will explore some key aspects of NSX-T
Since I had contributed earlier with VMware Engineering, I witnessed since 2017 there was a serious focus on this product.
When VMware on AWS was announced the initial version was running NSX-V, but later it was moved to NSX-T stack and now we can see it’s a common product in any VMware design portfolio. During its initial years of development, there were many ON-Prem customers who were giving their inputs to our development phase. Now really glad to see the next iteration of NSX-T with 3.0 which has mostly all features which were being tested for many years. For new features of NSX-T 3.0, you can refer to our earlier blog.
High-Level Architecture
Like any other SDN product, the Management, Control, and Data are part of the architecture. The NSX manager does the management and control function and for the Data Plane, the ESXi and now Non-ESXi ( KVM, Ubuntu, etc ) are even supported to carry the data traffic. I would say this will give extensive support to the environment which had non-VMware hypervisor ( Though earlier VMware had Multi-Hypervisor product it did not take off with popularity). With NSX-T you can push the rules of any application even to the workloads which are being run on the public cloud.
I would say the major changes which an engineer will feel coming from NSX-V to T, will be from NSX EDGE functionality. The NSX-T Edge brings more options of the architect of design with many options most commonly you will hear Tier-based-routing.
Deployment on ESXi and KVM
NSX-T appliance is available in ova ( for ESXi ) and qcow ( for KVM ), which you can download from the VMware website. Just like any VMware appliance it can be deployed which is straight forward and plan to follow the best practice from the environment. The NSX-T Manager should be placed in the Management Cluster and for better ideas on rack design, you can follow our earlier blog.
You need to even plan on the grounds of appliance size:
After successful deployment, you can log in to NSX-Manager and start to complete the above steps mentioned.
Management Plane
When we were in days of NSX-V we deployed single NSX-Manager for a related domain and it was direct NSX–> Single vCenter Mapping. As well as the control Plane was separate in the form of an appliance, which should be deployed via Manager in management network.
But with NSX-T we will see the Management and Control Plane was on the same appliance box and to achieve redundancy we deploy a total of 3 managers and form them into clusters.
The cluster could be created via the first manager which we deployed in the previous step. Earlier version to do the same task needed to be done via CLI!
Within NSX manager there are three major Roles: Management, Policy, and Controller. The management plane includes the policy and manager roles, whereas Central Control Plane (CCP) includes controller roles.
The desired state is replicated in the distributed persistent database, providing the same configuration view to all nodes in the cluster.
To design the highly available design we have two recommended design either with the help of Virtual IP ( which can be defined from Manager ) or by placing any Load Balancer which has capability of LTM.
Control Plane
NSX Controller maintains the realized state of the system and configures the data plane.
The main functions of NSX Controller include:
•Providing control plane functionality, such as logical switching, routing, and distributed firewall
•Computing all ephemeral runtime states based on the configuration from the management plane
•Disseminating topology information reported by the data plane elements •Pushing stateless configurations to forwarding engines
My ex-colleague Omkar Singh true Guru! created a wonderful mindmap on NSX-T services very highly recommended for NSX-T engineers to follow it. PDF
Summary & Next steps
In this Article, NSX-T Series: Part 1 –Architecture and Deploy we have learned some key aspects of NSX-T. In further blogs will discuss more detailed information on NSX-T services and considerations. Happy learning
Public Cloud Security Part-1
VMware NSX-T and Cisco ACI and Its Complimenting Use Cases
NSX-T Series: Part 16 – NSX-T Segment T1 Gateway with EDGE Cluster(SR)
About Author
abhishek
Expert in Network, Virtualization and Security field in On-Prem and Public Cloud. Passionate about new technology and consult the best solution to business organisation.Previously served Networkershome, EMC2, Cisco, VMware and Arista in different fields of Engineering, TAC, Consulting, Designing and Training. Certification : CCIE#48639, VCIX DCV and NV, Aviatrix Multi Cloud, SD-WAN Specialist, Palo Alto PCNSE, Amazon Cloud, Docker Certified Engineer. LinkedIn : https://www.linkedin.com/in/abhishekkunal51/
Which vmnic should be selected when deploying edge in NSX-T
Hi Mayur,
For installing NSX Manager you need to deploy on Management Network ( where you VC is deployed ) , the management-port-group will take respective of vmnic as you have in your ESXi mapped. I hope I answered your query.
Why you don’t make a video series and sell it as a training guide?
We are unable to view this webpage, it seems this link is broken — NSX-T Series: Part 6 _ https://www.networkbachelor.com/nsx-t-series-part-6-nsx-t-uplink-profile/