Skip to main content

2. NSX-T Architecture

The best use case that you can think of NSX-T is that it provides seamless connectivity and security services for all types of endpoints including virtual machines, containers and bare metal. It doesn’t really matter where these endpoints are. It could be in your on-prem datacenter, a remote office or in the cloud.
In this post we will look how NSX-T architecture looks like. 
Like NSX-V, NSX-T too contains a management plane, data plane and a control plane. Lets discuss about each plane individually here.
Data Plane
  • NSX-T uses in-kernel modules for ESXi and KVM hypervisors for constructing data plane. 
  • Since NSX-T is decoupled from vSphere, it don’t rely on vSphere vSwitch for network connectivity. NSX-T data plane introduces a host switch called N-VDS (NSX Managed Virtual Distributed Switch).
  • All create, read, update and delete operations are performed via the NSX-T Manager.
  • Data plane offers features such as Logical routing, Logical switching, DFW, NAT, DHCP etc. 
Control Plane
  • NSX-T control plane is formed by Central Control Cluster (CCP) + Local Control Plane (LCP) that runs on the hypervisors (Esxi/KVM)
  • CCP controller nodes are deployed as VM’s that can run on an Esxi host or KVM. 
  • Like NSX-V, controllers in NSX-T is responsible for slicing logical switching and logical routing.
Management Plane
  • NSX Manager which is deployed via OVA file forms the management plane for NSX-T.
  • The management plane handles authentication, monitoring and inventory collection from the compute managers.
  • NSX-T manager can be integrated with various Cloud Management Platforms (CMP) via Rest API’s.
  • Although vCenter is decoupled from NSX-T management plane, you can add vCenter server as compute manager to leverage vSphere features. 
NSXt-Architecture.png




Comments

Popular posts from this blog

UEFI Secure Boot with ESXi 6.5

UEFI Secure Boot: UEFI, or Unified Extensible Firmware Interface, is a replacement for the traditional BIOS firmware. In UEFI, Secure Boot is a “protocol” of the UEFI firmware. UEFI Secure boot ensures that the boot loaders are not compromised by validating their digital signature against a digital certificate in the firmware. UEFI can store whitelisted digital certificates in a signature database (DB). There is also a blacklist of forbidden certificates (DBX), a Key Exchange Keys (KEK) database and a platform key. These digital certificates are used by the UEFI firmware to validate the boot loader.  Boot loaders are typically cryptographically signed and their digital signature chains to the certificate in the firmware.The default digital certificate in almost every implementation of UEFI firmware is a x509 Microsoft UEFI Public CA cert. Most of the UEFI implementations also allows the installation of additional certificate in the UEFI firmware and UE...

Console Mouse Not Working in Windows 2012 VMs

I recently ran into some problems while deploying a Windows Server 2012 R2 VM in my vSphere 6.5 U2 lab. I’ve come to expect that the console mouse response is going to be terrible until VMware Tools is installed, but for some odd reason I had no mouse control whatsoever. Thinking it may be a quirk of the Web Console, I tried both the Remote Console and the HTML5 client to no avail. The VM appeared to be healthy and would register keyboard input, but the motion of the mouse cursor was erratic or the cursor would not move at all. Thinking that I just needed to battle on and get Tools installed, I attempted to use the keyboard for this purpose – what a chore. You think it would have been easy, but the installer kept losing focus and falling behind other open windows. Many of the windows keyboard shortcuts I’d normally use were not functioning because they register on my laptop – not in the console. I couldn’t RDP to the VM either because the NIC needed to be configured with a vali...

Dell EMC VxRail – VMware Virtual SAN Stretched Cluster

Logical Diagram of VMware vSAN Stretched Cluster Physical Diagram of VMware vSAN Stretched Cluster Last week I deployed a test environment of VMware vSAN Stretched Cluster which is running on Dell EMC VxRail Appliance. In this post we will describe how to setup VMware vSAN Stretched Cluster on Dell EMC VxRail Appliance. Above figure is the high level of physical system diagram. In site A/B there are six VxRail Appliances and two 10GB Network Switch which are interconnected by two 10GB links, and each VxRail Appliance has one 10GB uplink connects to each Network Switch. In site C, there are one vSAN Witness host and one 10GB Network Switch. For the details of configuration of each hardware equipment in this environment, you can reference the followings. Site A (Preferred Site) 3 x VxRail E460 Appliance Each node includes 1 x SSD and 3 x SAS HDD, 2 x 10GB SFP+ ports 1 x 10GB Network switch Site B (Secondary Site) 3 x VxRail E460 Appliance Each node includes 1 x SSD and...