In at this time’s quickly evolving IT panorama, Cloud Service Suppliers want to make sure that their clients have entry to the most recent and most superior networking and security measures. VMware Cloud Director (VCD) permits clients to construct safe personal clouds, dramatically growing knowledge middle effectivity and enterprise agility.
Mixed with VMware NSX (beforehand NSX-T Knowledge Heart or NSX-T), VMware’s software-defined networking platform, the result’s a robust answer for service suppliers and enterprises to assist the rising variety of distributed functions being run on heterogenous endpoints, VMs, containers, and naked metallic throughout DC, Cloud, and Edge.
Why ought to we migrate VMware Cloud Director to VMware NSX (NSX-T)?
As per the present newest model (10.4.2), VCD nonetheless helps two choices for community virtualization: NSX Knowledge Heart for vSphere (NSX-V) and VMware NSX (formally often called NSX-T Knowledge Heart or NSX-T). Nevertheless, NSX-V reached its Finish of Normal Assist (EoGS) is January 16, 2022, and technical steering on January 16, 2023. Subsequently organizations should take proactive steps to mitigate safety dangers, keep compliance, and proceed to leverage the advantages of community virtualization.
The migration course of will be advanced and needs to be deliberate and executed rigorously to reduce disruption and guarantee a profitable transition. Lately, VMware has launched model 1.4.2 of the VMware NSX Migration for VMware Cloud Director instrument, enhancing the assist of VCD networking options and permitting V2T migrations with minimal downtime.
VCD V2T Options and Migration Matrix
To assist Cloud Service Suppliers plan for a clean transition, this brief weblog supplies data on the present VCD NSX Options Assist Matrix and people that may be auto-migrated utilizing the most recent NSX Migration for VCD instrument (1.4.2).
| Function | NSX Knowledge Heart for vSphere (NSX-V) | VMware NSX (NSX-T) | NSX Migration for VCD instrument |
|---|---|---|---|
| Overlay community backing | VXLAN | GENEVE | Sure |
| Distributed Routing | Sure | Sure | Sure |
| Non-Distributed Routing | Sure | Sure (10.3.2) | Sure |
| Exterior Community | Port teams; Logical Switches (digital wires) | Port teams; NSX Segments; Connection to exterior networks from Edge GW (10.4.1) | Sure |
| Supplier Gateway | Not Relevant (N/A) | T0/VRF for Edge GW egress | Sure |
| Routed Community with NAT | Sure | Sure | Sure |
| Routed Community no NAT | Sure | Commercial of routed community requires devoted Supplier GW or IP Areas. | Sure |
| Remoted Community | Sure | Sure | Sure |
| Direct Community | Sure | Sure | Sure |
| Imported Community | Unsupported | Sure | N/A |
| Shared Community | Sure | With Knowledge Heart Teams for non-directly linked Org VDC networks | Sure |
| IPv6 Community | Sure | Sure | Sure |
| Twin Stack (IPv4/IPv6 on similar vNIC) | Sure | Sure | Sure |
| Org VDC Edge GW | ESG | Tier-1 Gateway | Sure |
| IP handle sub-allocation | Supplier managed | Supplier managed or self-service with IP Areas | Sure |
| Edge Firewall | Sure | Sure | Sure |
| NAT (NAT44) | Sure | Sure | Sure |
| NAT64 | Sure | Unsupported | N/A |
| DHCP | Sure | Sure | Sure |
| DHCPv6 | Unsupported | Sure | N/A |
| DNS Forwarding | Sure | Sure | Sure |
| BGP IPv4 | Sure | The Supplier GW have to be personal to a company or devoted to Tenant’s Edge GW. | Sure |
| BGP IPv6 | Unsupported | Sure | N/A |
| OSPF | Sure | Unsupported | N/A |
| VRF Lite | Unsupported | Sure | Sure |
| Static Routes | Sure | Static routes solely on Tier-1 GW, however not on Tier-0/VRF (10.4) | Sure |
| Coverage-Primarily based IPsec VPN | Sure | Sure | Sure |
| Route-Primarily based IPsec VPN | Sure | Unsupported | N/A |
| L2 VPN | Sure | Sure (10.3) | NSX-T L2VPN isn’t backwards suitable with NSX-V L2VPN. The configuration of all L2VPN endpoints have to be migrated manually. |
| SSL VPN | Sure | Unsupported by NSX-T. SSL VPN alternate options will be deployed, and the configuration migrated manually. Please verify the VMware Cloud Director Distant Entry VPN Integration Information. | N/A |
| Load Balancing | Sure | Requires NSX Superior Loadbalancer (Avi) | Sure |
| IPv6 Load Balancing | Sure | Requires NSX Superior Loadbalancer (Avi) (10.4) | Sure |
| Edge logging and CLI | Sure | NSX-T Edge node is shared. CLI isn’t accessible. Centralized logging with doable filtering. No tenant-dedicated logging. | N/A |
| Edge HA | Sure (Elective Lively/Standby) | Sure | Sure |
| vApp Edge (routing, NAT, firewall) | Sure | Sure (10.3) Routed vApps can’t be linked to VLAN-backed Org VDC community |
Sure |
| vApp Edge Fencing | Sure | Unsupported | N/A |
| Distributed Firewall (L3/L4 and L7) | Sure | Requires VCD Knowledge Heart Group | Sure |
| Distributed Firewall (L2) | Sure | Unsupported | N/A |
| Cross VDC Networking (similar VCD) | Sure | Requires VCD Knowledge Heart Group; single egress solely | Unsupported |
| Cross VDC Community (completely different VCDs) | Sure | Unsupported | N/A |
| Edge placement | Sure (through API) | Edge Cluster granularity and through failure domains in NSX-T | Sure |
| Edge gateway price limiting | Sure (exterior community granularity) | On the Edge GW degree (10.3.2). NSX-T Gateway Ingress/Egress QoC Profiles |
Sure |
| Exterior community metering | Sure | Sure with Aria Operations | N/A |
| Phase Profile | Unsupported | Sure | N/A |
Are you curious about studying extra about NSX Migration for VCD instrument and course of? Do you must carry out a VCD NSX migration? Beneath are some reference assets that can assist you all through the transition.
Docs and Blogs
Webinar Collection
- Shut the Technical NSX V to NSX T Abilities Hole
- Half 1 Collection: Modernize Your NSX Surroundings (3 Episodes, Degree 100-300) Watch now on-demand
- Half 2 Collection: Migrating Advanced NSX-v Architectures (4 Episodes Degree 300-400). Register for July 11-19 Collection AMER/EMEA or APJ
Demos:
Conclusion
Whereas VMware NSX Knowledge Heart for vSphere (6.4.x) continues to operate previous its EoGS date, bug fixes and safety patches for the particular model are discontinued. This will expose the infrastructure to vulnerabilities, making it essential for organizations to plan and execute an NSX-V to NSX-T transition for VMware Cloud Director environments.
As well as, migrating to NSX-T will keep a powerful integration to your VMware Cloud Director platform whereas enabling higher enterprise agility, cloud scalability, and community efficiency by supporting trendy distributed apps with an entire networking and safety stack.
Use the vcd-v2t-assist channel within the VMware Cloud Supplier Slack workspace for additional questions or to offer your V2T migration expertise and suggestions. Moreover, the next FAQ solutions frequent questions in regards to the VMware NSX Migration for VMware Cloud Director.
