VMware NSX Cookbook
Bayu Wibowo Tony Sangha更新时间:2021-08-27 19:36:22
最新章节:Leave a review - let other readers know what you think封面
Title Page
Copyright and Credits
VMware NSX Cookbook
Packt Upsell
Why subscribe?
PacktPub.com
Foreword
Contributors
About the authors
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Sections
Getting ready
How to do it...
How it works...
There's more...
See also
Get in touch
Reviews
Getting Started with VMware NSX for vSphere
Introduction
Choosing the right VMware NSX for vSphere edition
Getting ready
How to do it...
There's more...
VMware NSX editions
Evaluating VMware NSX
Support and Subscription (SnS)
VMware vRealize Log Insight for NSX
VMware NSX Monitoring Tools
See also
Selecting ESXi hosts and network adapters
VXLAN Offload
Receive Side Scaling
Downloading NSX for vSphere
Getting ready
How to do it...
Checking the Product Interoperability Matrix
Downloading media via the VMware downloads website
Downloading media via the VMware Software Manager
See also
Deploying the NSX Manager virtual appliance
Getting ready
How to do it...
Replacing the NSX Manager certificate
Certificate Signing Request
How to do it...
PKCS#12 certificate
How to do it...
Registering vCenter server with NSX Manager
Getting ready
How to do it...
Registering the NSX Manager with the vCenter server
Registering the NSX Manager with the PSC
How it works...
There's more...
Applying the NSX license
Getting ready
How to do it...
Deploying the NSX Controller Cluster
Getting ready
How to do it...
Configuring an NSX IP pool
NSX Controller Cluster deployment
DRS Anti-Affinity Rules
Configuring DRS Anti-Affinity Rules via PowerCLI
There's more...
Separate vCenter environment
Controller password parameters
Preparing a vSphere cluster for NSX
Getting ready
How to do it...
How it works...
Enabling NSX in a brownfield environment
Validating NSX VIB installation
Distributed Firewall communication
Controller communication
Getting ready
How to do it...
Manually checking VIB installation
Checking NSX component communication
Configuring VMware NSX Logical Switch Networks
Introduction
VMware NSX Logical Switch and VXLAN
VMware NSX Transport Zone
VMware NSX Replication Modes
VMware NSX Controller Disconnected Operation Mode
Configuring VXLAN Networking
Getting ready
IP address for VTEP VMkernel
Using DHCP for an IP pool
VDS teaming options for NSX
Single VTEP with LACP
Multi-VTEP with Route Based on Originating Port ID
How to do it...
Configuring VXLAN Networking
Validating VXLAN and VTEP configuration
How it works...
Testing VXLAN VTEP VMkernel
There's more...
See also
Configuring a VXLAN Segment ID
Getting ready
How to do it...
How it works...
There's more...
See also
Creating a NSX Transport Zone
Getting ready
How to do it...
How it works...
There's more...
Creating a NSX Logical Switch
Getting ready
How to do it...
How it works...
See also
Connecting a Virtual Machine to an NSX Logical Switch
Getting ready
How to do it...
How it works...
See also
Testing an NSX Logical Switch
Getting ready
How to do it...
Ping
Broadcast
How it works...
There's more...
See also
Enabling the Controller Disconnected Operation Mode on a Transport Zone
Getting ready
How to do it...
How it works...
Configuring VMware NSX Logical Routing
Introduction
Configuring the Distributed Logical Router
Getting ready
How to do it...
How it works...
There's more...
DLR CVM hardware requirements
HA interface
Configuring the Distributed Logical Router for dynamic routing
Getting ready
How to do it...
How it works...
There's more...
Route redistribution
Forwarding versus protocol address
Graceful restart
Deploying and configuring the NSX ESG in HA mode
Getting ready
How to do it...
How it works...
There's more...
Understanding and configuring the NSX ESG for routing
Getting ready
How to do it...
How it works...
There's more...
Configuring VMware NSX Layer 2 Bridging
Introduction
Software-Based Gateway Layer 2 Bridging
Bridging and Routing
Hardware VTEP Gateway
Configuring Software-Based Gateway Layer 2 Bridging
Getting ready
How to do it...
Configuring bridging
Verifying Bridging Configuration
How it works...
There's more...
Selecting a hardware VTEP gateway
Getting ready
How to do it...
There's more...
See also
Integrating Hardware VTEP Gateway with VMware NSX
Getting ready
How to do it...
Configuring the Replication Cluster
Connecting a Hardware VTEP Gateway to an NSX Controller
Adding a Hardware VTEP Gateway to NSX
How it works...
See also
Extending VMware NSX Logical Switch to Hardware VTEP Gateway
Getting ready
How to do it...
How it works...
There's more...
See also
Configuring VMware NSX Edge Services Gateway
Introduction
Configuring a DNS relay
Getting ready
How to do it...
There's more...
Configuring a DHCP server
Getting ready
How to do it...
There's more...
Configuring an Edge Firewall
Getting ready
How to do it...
There's more...
Configuring Network Address Translation
Getting ready
How to do it...
Configuring an SNAT rule
Configure a DNAT rule
How it works...
There's more...
Configuring Load Balancing
Getting ready
How to do it...
Deploying an NSX Edge Load Balancer
Configuring an NSX Edge Load Balancer
Verifying the NSX edge load balancer configuration
How it works...
There's more...
Configuring IPSEC VPN
Getting ready
How to do it...
How it works...
Configuring SSL VPN
Getting ready
How to do it...
How it works...
There's more...
Configuring High Availability
Getting ready
How to do it...
How it works...
Configuring VMware NSX Distributed Firewall (DFW) and SpoofGuard
Introduction
DFW Topology and Policy
See also
Verifying NSX DFW component status
Getting ready
How to do it...
Verifying Firewall Installation Status
Verifying vShield Stateful Firewall (vsfwd) Status and Connection
How it works...
See also
Configuring IP Discovery for Virtual Machines
Getting ready
How to do it...
How it works...
Verifying the Learnt IP address
Working with SpoofGuard
Getting ready
How to do it...
How it works...
There's more...
Excluding Virtual Machines from DFW Protection
Getting ready
How to do it...
How it works...
There's more...
Configuring DFW Session Timeout
Getting ready
How to do it...
How it works...
Creating Security Policy Rules from the Firewall Table Menu
Getting ready
How to do it...
Creating Firewall Sections
Creating Firewall Rules
How it works...
DFW Rule ID and Logs
DFW Saved Configurations
See also
Creating Security Policy Rules from the Service Composer menu
Getting ready
How to do it...
Creating a Security Group using Static Inclusion
Creating a Security Group using Dynamic Membership
Creating a Security Group using Security Tag as the Dynamic Membership Criteria
Creating a Security Policy
How it works...
Verifying DFW rules
Getting ready
How to do it...
Using NSX Manager central CLI
Using ESXi Host CLI
Leveraging the DFW Applied To field
Getting ready
How to do it...
Changing Firewall Default Applied To settings from the Firewall Table Menu
Changing Service Composer Firewall Default Applied To Settings
There's more...
See also
Deploying Network or Guest Introspection Services
Getting ready
How to do it...
Registering Service Definition
Deploying the Service VM
Installing VMware Tools for Guest Introspection
How it works...
Blocking Non-IP Layer 2 Traffic
There's more...
See also
Configuring the Identity Firewall
Getting ready
How to do it...
Registering a Microsoft Active Directory Domain with NSX Manager
Creating Security Rules using Active Directory Objects
How it works...
There's more...
Configuring Cross-vCenter NSX
Introduction
Configuring Primary and Secondary NSX Manager(s)
Getting ready
How to do it...
How it works...
There's more...
Enhanced Linked Mode
NSX Manager roles
Universal Synchronization Service Management and Troubleshooting
Creating a Universal Transport Zone and adding a vSphere cluster to the Universal Transport Zone
Getting ready
How to do it...
How it works...
Creating a Universal Logical Switch
Getting ready
How to do it...
How it works...
Creating a Universal Logical Router
Getting ready
How to do it...
How it works...
There's more...
See also
Deployment models
Local Egress
Adding a VM to a Universal Logical Switch
Getting ready
How to do it...
How it works...
Understanding and configuring the Universal Distributed Firewall
Getting ready
How to do it...
Creating Universal IPSets
Adding a web-tier-to-web-tier Universal Firewall Rule and Universal Section
Adding a web-tier-to-app-tier Universal Firewall Rule
Adding a app-tier-to-db-tier Universal Firewall Rule
How it works...
There's more...
Backing up and Restoring VMware NSX Components
Introduction
Backing up NSX Manager
Getting ready
How to do it...
How it works...
There's more...
See also
Restoring NSX Manager
Getting ready
How to do it...
Restoring NSX Controller Nodes
Getting ready
How to do it...
There's more...
See also
Restoring a Logical Switch Backing Port Group
Getting ready
How to do it...
How it works...
Restoring NSX Edge
Getting ready
How to do it...
How it works...
There's more...
Exporting NSX DFW Rules configuration from the Firewall Menu
Getting ready
How to do it...
There's more...
Restoring NSX DFW Rules configuration from the Firewall Menu
Getting ready
How to do it...
How it works...
Exporting NSX Security Policy from the Service Composer Menu
Getting ready
How to do it...
Restoring NSX Security Policy from the Service Composer Menu
Getting ready
How to do it...
Managing User Accounts in VMware NSX
Introduction
NSX Manager virtual appliance user account
Creating a service user account for vCenter server registration
Getting ready
How to do it...
Creating a user account
Adding an SSO user account as an SSO administrator
Registering NSX Manager registration with the vCenter server
How it works...
There's more...
Granting access to NSX
Getting ready
How to do it...
Assigning a vCenter role to a user account
Assigning an NSX role to a user account
How it works...
Creating and Managing CLI user accounts in NSX manager
Getting ready
How to do it...
Entering configuration mode in the NSX Manager CLI
Creating a CLI user account in the NSX Manager CLI
Granting REST API access to a CLI user account
Changing the enable password and CLI user account password
Verifying and saving configuration in the NSX Manager CLI
Clearing a VTY session
How it works...
There's more...
See also
Upgrading VMware NSX
Introduction
Preparing for VMware NSX upgrade
Getting ready
How to do it...
Checking the VMware Product Interoperability Matrices
Checking the VMware NSX upgrade path
Checking for Third-Party Integrations Compatibility
Reviewing VMware NSX for vSphere Release Notes and Upgrade Documents
Reviewing deprecated and discontinued features
Downloading VMware NSX upgrade bundles
There's more...
Verifying VMware NSX working state
Getting ready
How to do it...
Verifying NSX Manager virtual appliance working state
Verifying NSX components working state
Verifying vSphere components
There's more...
Upgrading VMware NSX Manager
Getting ready
How to do it...
There's more...
Upgrading NSX controller node
Getting ready
How to do it...
How it works...
Upgrading VMware NSX Host Clusters
Getting ready
How to do it...
How it works...
There's more...
Upgrading VMware NSX Edge
Getting ready
How to do it...
How it works...
Upgrading Network and Security Service Deployments
Getting ready
How to do it...
There's more...
Managing and Monitoring VMware NSX Platform
Introduction
NSX Logs
NSX Manager
vCenter Server
ESXi host
NSX Edge Gateway VM
Monitoring tools
Flow Monitoring
Application Rule Manager
Endpoint Monitoring
vRealize Log Insight for NSX
vRealize Network Insight
Monitoring NSX using NSX Dashboard
Getting ready
How to do it...
How it works...
There's more...
Configuring the NSX Components Syslog
Getting ready
How to do it...
Configuring the NSX Manager syslog
Configuring the NSX Controller Node Syslog
Configuring the NSX Edge Log
How it works...
There's more...
Configuring and viewing the NSX Distributed Firewall Log
Getting ready
How to do it...
Configuring the NSX DFW logs
Viewing the NSX DFW log from the ESXi host console
How it works...
Configuring vRealize Log Insight for NSX
Getting ready
How to do it...
Installing VMware NSX for the vSphere Content Pack
Navigating the NSX Content Pack Dashboards
Filtering DFW rules from the interactive analytics menu
How it works...
Enabling NSX Flow Monitoring
Getting ready
How to do it...
Enabling Flow Monitoring collection
Enabling and exporting Flow Monitoring collection
How it works...
Using Application Rule Manager
Getting ready
How to do it...
How it works...
There's more...
Using NSX Endpoint Monitoring
Getting ready
How to do it...
Verifying the prerequisites for endpoint monitoring
Starting endpoint monitoring data collection
How it works...
Leveraging the VMware NSX REST API for Management and Automation
Introduction
vCenter-Managed Object Reference ID (MoRef ID)
Using the REST API with the Postman REST client
Getting ready
How to do it...
Requesting the HTTP GET REST API via Postman
Requesting the HTTP POST REST API via Postman
How it works...
Using the REST API with cURL
Getting ready
How to do it...
Requesting the HTTP GET REST API via cURL
Requesting the HTTP POST REST API via cURL
How it works...
Generating a cURL script from Postman
There's more...
Using the REST API with PowerShell
Getting ready
How to do it...
Requesting the HTTP GET REST API via PowerShell
Requesting the HTTP POST REST API via PowerShell
How it works...
There's more...
Using the REST API with Python
Getting ready
How to do it...
Requesting the HTTP GET REST API via Python
Requesting the HTTP POST REST API via Python
How it works...
There's more...
Using the vRealize Orchestrator plugin for NSX
Getting ready
How to do it...
Checking the VMware Product Interoperability Matrices
Downloading the vRO plugin for NSX
Installing the vRO plugin for NSX
Running an NSX-vRO workflow
How it works...
There's more...
See also
Other Books You May Enjoy
Leave a review - let other readers know what you think
更新时间:2021-08-27 19:36:22