NSX-T 3.1 NVDS to NSX on VDS Assisted Migration

After being back from the holidays, I decided to catch up on some internal webinars I missed in the last part of 2020. While listening to one of the recordings, I grasped an exciting piece of information about a tool to migrate from NVDS to VDS 7.0 in NSX-T 3.1. I've been waiting on this … Continue reading NSX-T 3.1 NVDS to NSX on VDS Assisted Migration →

Exporting the NSX-T DFW configuration via the Policy API

Some times it's useful to export the entire distributed firewall configuration. It could be used as an offline backup before applying configuration changes, provided to personnel who does not have direct access to the NSX manager for auditing or information, or leveraged as a starting point for a migration to a new environment. Unfortunately, NSX-T … Continue reading Exporting the NSX-T DFW configuration via the Policy API →

Adding Terraform NSX configurations to a multibranch CI/CD Pipeline

Managing our network with an infrastructure as code (IaC) approach means using the same methodologies and processes we would use for the application code. Even better would be to treat the network configurations required to support the application as an integral part of the app itself. But, what does it exactly mean in practice? An … Continue reading Adding Terraform NSX configurations to a multibranch CI/CD Pipeline →

Network & Security as a service via the NSX Policy API, Git, and Jenkins

When getting started with infrastructure automation, it is common to put together a script that sequentially performs the steps we would have done through the UI or the CLI. There is nothing wrong with that. Still, the more I played with APIs and Automation tools, the more I realized that to really treat my infrastructure … Continue reading Network & Security as a service via the NSX Policy API, Git, and Jenkins →

NSX-T Multitenancy – Object-Based RBAC with Principal Identities and Policy API

In this post, I will explore the possibility of leveraging NSX-T Principal Identities in lieu of a proper object-based RBAC functionality not available in the current 2.4 version. This solution may be appealing in some multi-tenant scenarios. What is multitenancy? Since I started working at VMware, I learned that any time I talk about multitenancy … Continue reading NSX-T Multitenancy – Object-Based RBAC with Principal Identities and Policy API →

NSX-T and Ansible – Some tips

I was planning to write an introductory post about how to get started with Ansible with NSX-T. I then realized that I could not do a better job than what Madhukar Krishnarao did here. I suggest you go through his blog post if you want to get started with Ansible for NSX-T. In this post, … Continue reading NSX-T and Ansible – Some tips →

NSX-T and Ansible – An Overview

I spent the last few blog posts covering the basics of the Policy API introduced in NSX-T 2.4. I will be back to that topic soon with more examples, but for now, I would instead move to a different tool that I have been heavily leveraging when automating NSX-T, Ansible. VMware R&D has provided us … Continue reading NSX-T and Ansible – An Overview →

Interacting with the NSX-T Policy API

For an overview of the NSX-T Policy API available in version 2.4 and how it relates to the older management plane API, you can take a look at my previous posts. In this post, I will try to provide some insight on how to leverage the NSX-T policy API at its full potential. The Data … Continue reading Interacting with the NSX-T Policy API →

NSX-T two APIs. How do they relate?

In this post, I will review how the new NSX-T policy API interacts with the old management plane API. If you want an overview of the benefits and properties of the new Policy API first, you can review my previous post. The Policy API endpoint resides on the same appliance as the Management Plane API, … Continue reading NSX-T two APIs. How do they relate? →

Introduction to the NSX-T Policy API

In NSX-T version 2.4 VMware introduced a new API to configure and manage our virtual network environment. VMware refers to the new API as the Policy API. The Policy API does not replace the more traditional API available in the previous versions of NSX-T. We refer to the old API as the management plane API. … Continue reading Introduction to the NSX-T Policy API →