VMware

Deploying & Configuring VMware Identity Manager (vIDM) – Part 2

Sadaf

Following the first blog post about deployment of vIDM, this post will cover how to configure vIDM and implement NSX-T Role Based Access Control (RBAC) with help of vIDM. As you might noticed, in NSX-T 2.5 and earlier release RBAC cannot be enabled without use of vIDM.

When you login to administration page with vIDM’s admin user account, dashboard would be the fist page you will land. Dashboard contains login information and applications which are used by users and analytics.

To start vIDM configuration click on Identity & Access Management. Here you can join vIDM to Active directory domain, add directory to sync with vIDM and define user attributes which get synchronized from directory service to vIDM.

Continue reading “Deploying & Configuring VMware Identity Manager (vIDM) – Part 2”

NSX-T Architecture & Components

Shahrouz

As it mentioned in Introduction to VMware NSX , NSX-T Datacenter is built on three integrated layers of components which are Management Plane, Control plane & Data plane. This architecture and separation of key roles enables scalability without impacting workloads.

NSX-T Management cluster which built from three-node NSX-T managers controller nodes. Management plane and control plane are converged on each node. NSX managers provides Web-GUI and REST API for management purposes. This is one of the architectural difference compared to NSX-V which had to integrate into vSphere Client & vCenter server. NSX Manager is also could be consumed by Cloud Management Platform(CMP) like vRealize Automation to integrate SDN into cloud automation platforms. NSX-T Manager can also connect to vSphere infrastructure through integration with vCenter Server(Compute Manager).

Continue reading “NSX-T Architecture & Components”

VMware’s New per-CPU Licensing Model

Shahrouz

VMware has announced new update to per-CPU licensing model. Ok don’t panic VMware is not going to bring back vRAM licensing model but they added new CPU related license type. Effective from April 2nd 2020, building a server with a processor which has more than 32 cores needs additional license. According to VMware’s website, “Under the new model, one CPU license covers up to 32 cores in a single CPU”. This means, additional license requires to be purchased for every 32 physical CPU cores! So if there is a single-CPU server with up to 32 physical cores, as before, 1 license should be purchased. But if there is single-CPU server with 64 cores, 2 licenses needed because as it said before every license covers a single CPU with up to 32 cores. To get a better view of this change, take a look at below image from VMware.

Fortunately for those who are going to buy servers and VMware licenses till April 30th 2020, there is “Free per CPU licensing” program. According to VMware website, “Any existing customers who purchase VMware software licenses, to be deployed on a physical server with more than 32-cores per CPU, prior to April 30, 2020 will be eligible for additional free per-CPU licenses to cover the CPUs on that server”.

You can also get more information from VMware’s website!

Introduction to VMware Cloud Foundation (VCF)

Shahrouz

VMware Cloud Foundation(VCF) is VMware’s integrated SDDC platform for private and hybrid cloud infrastructures. This software package integrates VMware’s Compute, Storage and Network Virtualization solutions with a centralized automated lifecycle management tool call SDDC Manager. The core components of VCF are vSphere (Compute), vSAN (Storage) and NSX (Network & Security). VMware vRealize Suite can also be optionally added to VCF to increase the capability of SDDC infrastructure with performance & capacity Management and cloud management. Since VCF 3.8 beside running normal virtual machine workloads, you can also run containers with use of VMware Enterprise PKS.

To start implementing VCF at least seven ESXi hosts is needed, four for Management Workload Domain(WLD) which hosts infrastructure components of SDDC and another three host for running actual infrastructure WLD. These nodes can be vSAN ready nodes or you can take advantage of DellEMC’s VxRAIL platform and run more integrated Hyper-converged(HCI) platform. The Management WLD brought up with use of special virtual appliance call Cloud Builder. This awesome tool brings up four first nodes in management cluster alongside Platform Service Controllers(PSC), vCenter Servers, NSX manager & controllers and vRealize Log Insight. After the initial bring up process VCF infrastructure management will be done through SDDC Manager.

Continue reading “Introduction to VMware Cloud Foundation (VCF)”

Deploying & Configuring VMware Identity Manager (vIDM) – Part 1

Sadaf

VMware Identity Manager(vIDM), formerly known as VMware Workspace Portal, is VMware Workspace ONE’s identity & authentication component. vIDM aims to mainly achieve two goals increasing security and improve productivity by providing Single Sign-On(SSO). Beyond providing SSO to mobile users in End-User Computing(EUC) and Bring Your Own Device (BYOD) scenarios, vIDM can be used to provide SSO for different VMware products like vRealize suite and NSX. For instance, Configuring Role-Based Access Control (RBAC) in NSX-T Datacenter is only possible through vIDM.

vIDM can be installed on Windows (2008R2, 2012, 2012R2 and 2016) or as an Virtual appliance on Linux (SUSE Linux Enterprise 11). In this post, I am going to describe how to deploy VMware Identity Manager as a virtual appliance and in following post, I’ll describe initial configuration of vIDM.

Continue reading “Deploying & Configuring VMware Identity Manager (vIDM) – Part 1”

VMware VCF 3.9.1 goes GA!

Shahrouz

On January 14th 2020, VMware announced general availability of VMware Cloud Foundation (VCF) 3.9.1. This new release supports new features such as Application Virtual Network (AVN), improvements to Cloud Builder, many resolved issues specially around NSX-T and also BOM updates.

Application Virtual Network (AVN) enables vRealize Suite deployment to use NSX overlay networks in addition to VLAN-backed port groups. New installation of VCF 3.9.1 can use AVNs for vRealize Suite components and if you upgrade VCF from a prior release to 3.9.1 and willing to use AVNs, VMware Support should be contacted. VMware Cloud Builder which is being used for bring-up process of VCF now includes several new workflows and also deployment report of bring-up phase.

Regarding Bill Of Material(BOM), VCF 3.9.1 now supports vSphere and vSAN 6.7 Update 3b which holds many security and bug fixes. If you are using NSX-V in your management or VI workload domains, you can take advantage of NSX-V 6.4.6 and lastly VDI workload domain will also upgraded to Horizon 7.10. Those who are using VCF on VxRAIL, now VxRAIL Manager 4.7.410 is supported with this new release of VCF on VxRail 3.9.1.

You can get more information regarding DellEMC VxRail 4.7.410 in other blogpost.

To get more information you can visit VCF 3.9.9 release notes.

NSX-T Password Expiration

Sadaf

NSX-T has a default password expiration policy of 90 days for NSX-T Manager and NSX-T Edges. As soon as this expiration period passes, at the login page of NSX-T Manager an error appears complaining that “Your password has expired”. As a result, you are not able to login to NSX-T Manager.

To solve this issue, login to NSX Manager’s virtual appliance through SSH. Enter admin as the username and use current password to login. After login in NSX Manager, you will be asked to change your password because it is expired. This is the way you can reset NSX Manager admin’s password.

Continue reading “NSX-T Password Expiration”

Introduction to VMware NSX

Shahrouz

VMware NSX is a network virtualization and security platform and it is part of VMware’s Software Define Datacenter (SDDC) architecture. VMware NSX has emerged as VMware acquisition of a company call Nicira in 2012 which had a solid product on Software Defined Network (SDN). The product comes in four different forms;

  1. NSX Data Center
  2. NSX Cloud
  3. NSX SD-WAN
  4. NSX Hybrid Connect

NSX Data Center itself comes in two different flavors, NSX-V which mainly designed to work in VMware vSphere environments and NSX-T, formerly known as Multi-Hypervisor, which offers network virtualization and cyber-security features for multi-hypervisor, container-based and multi-cloud environments like AWS or Azure cloud services. Software-Defined networking delivers L2 to L7 network functions in software and allowing virtualization and cloud administrators to provision required services on hypervisor level.

Continue reading “Introduction to VMware NSX”