Category : NSX
Written by Christopher Lewis on July 31, 2017 .
This is one of many posts that will form part of the VCAP6-NV Deploy Exam Guide .
What is an Edge Service Gateway (ESG)?
An Edge Services Gateway is a virtual appliance that is responsible for both North/South traffic and various Edge services, including Load Balancing, NAT and DHCP.
In this example, we will create a new ESG with two interfaces, one to connect to the transit network (Internal) and one to connect to a vDS Portgroup (Uplink).
Written by Christopher Lewis on July 31, 2017 .
This is one of many posts that will form part of the VCAP6-NV Deploy Exam Guide .
What is a Distributed Logical Router (DLR) ?
A Distributed Logical Router (or Logical Distributed Router) is typically used to route East/West traffic between Logical Switches.
In this example, we will create a new DLR with two Internal interfaces to connect the App_Tier and Data_Tier Logical Switches. FInally we’ll add an Uplink interface to connect the DLR to a “transit” logical switch.
Written by Christopher Lewis on July 30, 2017 .
Skills and Abilities
Objective 2.2 - Configure and Manage Layer 2 Bridging
- Add Layer 2 Bridging
- Connect Layer 2 Bridging to the appropriate distributed virtual port group
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- A working VMware NSX 6.x environment.
The following prerequisites are for Layer 2 Bridging.
- An NSX logical router must be deployed in your environment.
- You cannot use a universal logical router to configure bridging, and you cannot add a bridge to a universal logical switch.
Objective Breakdown
Add Layer 2 Bridging
Note: These steps assume you are not even logged into vCenter Server. Skip the first few steps if you are!
Written by Christopher Lewis on July 30, 2017 .
Skills and Abilities
Objective 5.2 - Monitor a VMware NSX Implementation
- Configure logging for NSX components according to a deployment plan
- Monitor health of networking services
- Monitor health and status of infrastructure components:
- vSphere
- NSX Manager
- Control Cluster
- Enable data collection for single/multiple virtual machines
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- A working VMware NSX 6.x environment.
Objective Breakdown
Configure logging for NSX components according to a deployment plan
For configuring SYSLOG for the NSX Manager, see HOWTO: Configure VMware NSX and VMware vRealize Log Insight – Part Two
Written by Christopher Lewis on July 30, 2017 .
Skills and Abilities
Objective 3.1 - Configure and Manage Logical Load Balancing
- Configure the appropriate Load Balancer model for a given application topology.
- Configure SSL off-loading.
- Configure a service monitor to define health check parameters for a specific type of network traffic.
- Optimize a server pool to manage and share backend servers.
- Configure an application profile and rules.
- Configure virtual servers.
Objective Prerequisites
The following prerequisites are assumed for this Objective:
Written by Christopher Lewis on July 30, 2017 .
Skills and Abilities
Objective 2.3 - Configure and Manage Routing
- Deploy the appropriate NSX Edge (ESG/DLR) device according to a deployment plan.
- Configure centralized and distributed routing.
- Configure default gateway parameters.
- Configure static routes.
- Select and configure appropriate dynamic routing protocol according to a deployment plan:
- OSPF
- BGP
- IS-IS
- Configure route redistribution to support a multi-protocol environment.
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- A working VMware NSX 6.x environment.
Objective Breakdown
Deploy the appropriate NSX Edge (ESG/DLR) device according to a deployment plan
A VMware NSX Edge Services Gateway (ESG) is deployed for North/South traffic and the additional services, such as NAT and Load Balancing. In most circumstances, a VMware NSX Distributed Logical Router (DLR) is deployed for East/West traffic. Although it is possible to configure a uplink to allow North/South traffic on a DLR.
Written by Christopher Lewis on July 30, 2017 .
Skills and Abilities
Objective 5.3 - Configure and Manage Role Based Access Control
- Implement identity service support for Active Directory, NIS, and LDAP with Single Sign-On (SSO).
- Manage User rights:
- Assign roles to user accounts
- Change a user role
- Delete/disable/enable a user account
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- A working VMware NSX 6.x environment.
Objective Breakdown
Implement identity service support for Active Directory, NIS, and LDAP with Single Sign-On (SSO)
Configuring SSO requires that NTP is configured correctly within the VMware NSX Manager. This is covered in HOWTO: Deploy and Configure the VMware NSX Manager Virtual Appliance - Part 2
Written by Christopher Lewis on July 30, 2017 .
Skills and Abilities
Objective 8.1 - Administer and Execute calls using the VMware NSX vSphere API
- Construct and execute an API call using correct syntax and formatting
- Programmatically configure system parameters including:
- NSX controller syslog
- Modify DLR declared dead time
- Analyze, modify, and successfully retrieve configuration data using an existing API call.
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- A working VMware NSX 6.x implementation.
Objective Breakdown
Construct and execute an API call using correct syntax and formatting
For API calls I tend to use Postman. I’m not sure how you can get the incorrect syntax when using the API guide from VMware. Within Postman, you choose the Request Type (i.e. GET, POST, DELETE, etc) and then enter the full URL of the API call.
Written by Christopher Lewis on July 30, 2017 .
Skills and Abilities
Objective 2.1 - Create and Manage Logical Switches
- Create/Delete Logical Switches
- Assign and configure IP addresses
- Connect a Logical Switch to an NSX Edge
- Deploy services on a Logical Switch
- Connect/Disconnect virtual machines to/from a Logical Switch
- Test Logical Switch connectivity
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- A working VMware NSX-V 6.x environment.
The following are additional prerequisites for creating a NSX Logical Switch:
Written by Christopher Lewis on July 30, 2017 .
Skills and Abilities
Objective 1.3 - Configure and Manage Transport Zones
- Create Transport Zones according to a deployment plan
- Configure the control plane mode for a Transport Zone
- Add clusters to Transport Zones
- Remove clusters from Transport Zones
Objective Prerequisites
The following prerequisites are assumed for this Objective:
- A working VMware vSphere 6.x environment.
- The VMware NSX Manager has been deployed.
- At least one VMware NSX Controller has been deployed (if required).
Objective Breakdown
Create Transport Zones according to a deployment plan
A Transport Zone defines which hosts a Logical Switch can reach. A Transport Zone can span multiple host clusters.
- Operating a Private Cloud - Part 3: Creating a Pricing Card in VMware Aria Automation
- Operating a Private Cloud - Part 2: Creating a Pricing Card in VMware Aria Operations
- Operating a Private Cloud - Part 1: Understanding Pricing Cards in VMware Aria
- Zero2Hero - Using Aria Automation to Deploy Multiple Machines with Multiple Disks - Part 5
- Zero2Hero - Using Aria Automation to Deploy Multiple Machines with Multiple Disks - Part 4