In at the moment’s quickly evolving IT panorama, Cloud Service Suppliers want to make sure that their clients have entry to the newest and most superior networking and security measures. VMware Cloud Director (VCD) permits clients to construct safe non-public clouds, dramatically rising knowledge middle effectivity and enterprise agility.
Mixed with VMware NSX (beforehand NSX-T Knowledge Middle or NSX-T), VMware’s software-defined networking platform, the result’s a strong answer for service suppliers and enterprises to help the rising variety of distributed functions being run on heterogenous endpoints, VMs, containers, and naked metallic throughout DC, Cloud, and Edge.
Why ought to we migrate VMware Cloud Director to VMware NSX (NSX-T)?
As per the present newest model (10.4.2), VCD nonetheless helps two choices for community virtualization: NSX Knowledge Middle for vSphere (NSX-V) and VMware NSX (formally generally known as NSX-T Knowledge Middle or NSX-T). Nevertheless, NSX-V reached its Finish of Normal Help (EoGS) is January 16, 2022, and technical steerage on January 16, 2023. Due to this fact organizations should take proactive steps to mitigate safety dangers, preserve compliance, and proceed to leverage the advantages of community virtualization.
The migration course of could be advanced and ought to be deliberate and executed fastidiously to attenuate disruption and guarantee a profitable transition. Not too long ago, VMware has launched model 1.4.2 of the VMware NSX Migration for VMware Cloud Director device, enhancing the help of VCD networking options and permitting V2T migrations with minimal downtime.
VCD V2T Options and Migration Matrix
To assist Cloud Service Suppliers plan for a clean transition, this quick weblog supplies info on the present VCD NSX Options Help Matrix and people that may be auto-migrated utilizing the newest NSX Migration for VCD device (1.4.2).
| Characteristic | NSX Knowledge Middle for vSphere (NSX-V) | VMware NSX (NSX-T) | NSX Migration for VCD device |
|---|---|---|---|
| Overlay community backing | VXLAN | GENEVE | Sure |
| Distributed Routing | Sure | Sure | Sure |
| Non-Distributed Routing | Sure | Sure (10.3.2) | Sure |
| Exterior Community | Port teams; Logical Switches (digital wires) | Port teams; NSX Segments; Connection to exterior networks from Edge GW (10.4.1) | Sure |
| Supplier Gateway | Not Relevant (N/A) | T0/VRF for Edge GW egress | Sure |
| Routed Community with NAT | Sure | Sure | Sure |
| Routed Community no NAT | Sure | Commercial of routed community requires devoted Supplier GW or IP Areas. | Sure |
| Remoted Community | Sure | Sure | Sure |
| Direct Community | Sure | Sure | Sure |
| Imported Community | Unsupported | Sure | N/A |
| Shared Community | Sure | With Knowledge Middle Teams for non-directly related Org VDC networks | Sure |
| IPv6 Community | Sure | Sure | Sure |
| Twin Stack (IPv4/IPv6 on identical vNIC) | Sure | Sure | Sure |
| Org VDC Edge GW | ESG | Tier-1 Gateway | Sure |
| IP handle sub-allocation | Supplier managed | Supplier managed or self-service with IP Areas | Sure |
| Edge Firewall | Sure | Sure | Sure |
| NAT (NAT44) | Sure | Sure | Sure |
| NAT64 | Sure | Unsupported | N/A |
| DHCP | Sure | Sure | Sure |
| DHCPv6 | Unsupported | Sure | N/A |
| DNS Forwarding | Sure | Sure | Sure |
| BGP IPv4 | Sure | The Supplier GW have to be non-public to a corporation or devoted to Tenant’s Edge GW. | Sure |
| BGP IPv6 | Unsupported | Sure | N/A |
| OSPF | Sure | Unsupported | N/A |
| VRF Lite | Unsupported | Sure | Sure |
| Static Routes | Sure | Static routes solely on Tier-1 GW, however not on Tier-0/VRF (10.4) | Sure |
| Coverage-Primarily based IPsec VPN | Sure | Sure | Sure |
| Route-Primarily based IPsec VPN | Sure | Unsupported | N/A |
| L2 VPN | Sure | Sure (10.3) | NSX-T L2VPN isn’t backwards suitable with NSX-V L2VPN. The configuration of all L2VPN endpoints have to be migrated manually. |
| SSL VPN | Sure | Unsupported by NSX-T. SSL VPN alternate options could be deployed, and the configuration migrated manually. Please test the VMware Cloud Director Remote Access VPN Integration Guide. | N/A |
| Load Balancing | Sure | Requires NSX Superior Loadbalancer (Avi) | Sure |
| IPv6 Load Balancing | Sure | Requires NSX Superior Loadbalancer (Avi) (10.4) | Sure |
| Edge logging and CLI | Sure | NSX-T Edge node is shared. CLI isn’t obtainable. Centralized logging with doable filtering. No tenant-dedicated logging. | N/A |
| Edge HA | Sure (Non-compulsory Lively/Standby) | Sure | Sure |
| vApp Edge (routing, NAT, firewall) | Sure | Sure (10.3) Routed vApps can’t be related to VLAN-backed Org VDC community |
Sure |
| vApp Edge Fencing | Sure | Unsupported | N/A |
| Distributed Firewall (L3/L4 and L7) | Sure | Requires VCD Knowledge Middle Group | Sure |
| Distributed Firewall (L2) | Sure | Unsupported | N/A |
| Cross VDC Networking (identical VCD) | Sure | Requires VCD Knowledge Middle Group; single egress solely | Unsupported |
| Cross VDC Community (completely different VCDs) | Sure | Unsupported | N/A |
| Edge placement | Sure (through API) | Edge Cluster granularity and through failure domains in NSX-T | Sure |
| Edge gateway price limiting | Sure (exterior community granularity) | On the Edge GW degree (10.3.2). NSX-T Gateway Ingress/Egress QoC Profiles |
Sure |
| Exterior community metering | Sure | Sure with Aria Operations | N/A |
| Phase Profile | Unsupported | Sure | N/A |
Are you curious about studying extra about NSX Migration for VCD device and course of? Do you have to carry out a VCD NSX migration? Beneath are some reference assets that will help you all through the transition.
Docs and Blogs
Webinar Sequence
- Shut the Technical NSX V to NSX T Abilities Hole
- Half 1 Sequence: Modernize Your NSX Surroundings (3 Episodes, Stage 100-300) Watch now on-demand
- Half 2 Sequence: Migrating Advanced NSX-v Architectures (4 Episodes Stage 300-400). Register for July 11-19 Sequence AMER/EMEA or APJ
Demos:
Conclusion
Whereas VMware NSX Knowledge Middle for vSphere (6.4.x) continues to operate previous its EoGS date, bug fixes and safety patches for the particular model are discontinued. This will expose the infrastructure to vulnerabilities, making it essential for organizations to plan and execute an NSX-V to NSX-T transition for VMware Cloud Director environments.
As well as, migrating to NSX-T will preserve a powerful integration to your VMware Cloud Director platform whereas enabling better enterprise agility, cloud scalability, and community efficiency by supporting fashionable distributed apps with an entire networking and safety stack.
Use the vcd-v2t-assist channel within the VMware Cloud Supplier Slack workspace for additional questions or to supply your V2T migration expertise and suggestions. Moreover, the next FAQ solutions frequent questions regarding the VMware NSX Migration for VMware Cloud Director.
