The Information Technology (IT) enterprises are witnessing innovative transformation in terms of infrastructure and operations. Softwarization is the vital constituent to revolutionize the way enterprises outlook compute, storage, and networking solutions. The concept of ‘virtualization’ and its introduction in Data Center (DC) was a paradigm shift in the IT industry. Modernizing DC technology and applications have a substantial role in realizing innovative business model to ensure quick service delivery. Today, to support modern applications, advanced scalable, agile, and flexible network infrastructure is needed to ensure reliable connectivity and high quality services to end users.
Virtualization opens up better efficiencies in business operations by abstracting workloads from physical hardware. This network virtualization also brings several networking advantages. VMWare has been a leader in virtualization technology. VMware NSX is popular in network virtualization and is a powerful solution to facilitate network virtualization, both in the DC, public cloud, and multi-cloud environments.
Read the blog to get a detailed view into the following key items:
- What is VMWare NSX V and NSX T?
- Why to migrate from NSX V to NSX T?
- The Migration process to NSX T
Before understanding in detail about NSX, lets briefly look into the challenges existed in traditional DC networking solutions.
Challenges in Traditional DC Networking Solutions
Software Defined Data Center (SDDC) which involves next-generation software defined networking and virtualization technologies enables enterprises to underpin agility and automation in service delivery. This in turn brings down the operational and deployment complexity and cost. The introduction of these pioneering Software Defined Networking (SDN) and virtualization technologies helps to virtualize DC infrastructure as well as to utilize the benefits of software-defined storage solutions.
Traditional DC networks were slow in meeting the growing demands of enterprises. Traditional networking technologies have constraints in terms of the following factors:
- Providing new routers, switches, and other technologies is slow
- Proprietary networking technologies confine traditional networking from specific networking vendors
- Automated network configuration is generally non-existent
- Changes generally require manual interaction
- Network changes are error-prone even with skilled network engineers
- Many traditional network constructs such as VLANs, firewalls, load balancers, ACLs, and others present barriers to fast-paced development and DevOps-style infrastructure
- Traditional networking influenced by workload placement
- Workload mobility is limited
How would separating the network from the core physical infrastructure and placing it into the software layer help enterprises? VMware NSX address the above-mentioned challenges related to the traditional physical networks.
How NSX works?
NSX is a virtual networking and security software product family generated from VMware’s vCloud Networking and Security (vCNS) and Nicira’s Network Virtualization Platform (NVP) intellectual property.
This SDN solution is part of SDDC, virtualises various networking elements such as firewalls, routing, load balancing, and more. The network operations are decoupled from hardware, eliminating the need for physical hardware as well as the maintenance costs for routers, and other physical equipment. NSX is a unique network virtualization platform which supports the migration of networking operations to the cloud. This solution helps to realize a cloud smart network facilitating reliable networking and security operations and automation across multiple cloud environments. NSX utilize underlay and an overlay network as shown in Figure 1.
- Underlay Network – This comprises the physical network infrastructure required for the transmission of frames and packets. The network topology includes physical switches, routers, and necessary cabling. As the network topology is hardware-oriented, challenges exist in mobility, flexibility, and scalability. The protocols enabling the underlay networks include ethernet switching, routing, etc.
- Overlay Network – This network is on top of the physical network or the underlay network, realizing the concept of virtual networks. This enables the creation of multiple logical or virtual networks on top of the same physical network infrastructure.
There are two different versions of NSX product – NSX-V (NSX for vSphere) and NSX-T (NSX Transformers). Let’s delve into an extensive comparison between VMware NSX-V and VMware NSX-T to explore how the solutions are diverse, why NSX-T is an enhancement over NSX-V, and the migration process from NSX-V to NSX-T.
NSX-V vs NSX-T
NSX-V is a software-defined networking platform that runs in a vSphere environment only. NSX-V solution is known as NSX Data Center for vSphere, which needs a vCenter server in the environment. The vCenter server is the compute manager for the NSX-V solution.
Currently, enterprises are migrating their workloads to the cloud from on-premises DCs. This demanded a modernised version of NSX, which can scale beyond vSphere, enabling enterprises to utilize network virtualization with advanced cloud-native platforms. The new version is known as VMware NSX-T – modern release of NSX DC. NSX-T solution covers all platforms together with vSphere. NSX-T is a very flexible multi-cloud solution for enterprises to support modern applications with different infrastructure elements such as Virtual Machines (VMs), containers, and bare metal workloads. Enterprises opt API-driven flexible and streamlined solutions to address the challenges associated with different infrastructure and cloud platforms to support modern applications. NSX-T becomes a suitable solution to address those challenges. The below Table I highlights the key differences between NSX V and NSX T.
Table I: Difference between NSX-V vs NSX-T
Key Differentiating Features | NSX-V | NSX-T |
Hypervisor Support | Supports only for vSphere | Supports for vSphere, Open Stack, Kubernetes, KVM, Docker, and AWS native workloads |
Deployment | Can be deployed only as ESXi VM | Can be deployed as an ESXi VM or Kernel Virtual Machine (KVM) |
vCenter Dependency | Strong dependency on vCenter server | No dependency on vCenter server |
Working with NSX-Manager | Single NSX Manager works with only one vCenter server | Can work with multiple vCenter server simultaneously |
NSX Manager OS | Runs on Photon OS | Runs on Ubuntu OS |
NSX Manager Redundancy | Only single NSX Manager with NSX-V | NSX management cluster can have up to 3 member cluster |
Overlay Protocols | Uses Virtual Extensible LAN (VXLAN) | Uses Generic Network Virtualization Encapsulation (GENEVE) |
Management | Easily accessed using vSphere Client | Needs to be accessed using separate URL |
Environment Support | Suitable for on-premises workloads | Supports multiple clouds, multi-hypervisor environments, bare metal workloads, cloud-native applications |
Virtual Switch Used | Logical networks created on top of vSphere Distributed Switch (vDS) | Use new virtual switch technology – NSX-Virtual Distributed Switch (N-VDS) and Open vSwitches (OVS) for KVM hosts |
NSX Edge Deployment | Only supported as ESXi VM | Supported as ESXi VM and also on physical server |
Kubernetes Support | No support | Integration with Kubernetes is through NSX-T container plug-in (NCP) |
IP addressing scheme | Manual | Network segments between Tier0 and Tier1 obtain IP addresses automatically |
Controller Architecture | Centralized | Distributed |
Gateway Support | Centralized NSX Edge | Distributed gateways |
Security | Requires additional products | Native advanced security |
vIDM (VMWare Identity Manager)Integration | Not supported | Integrated with vIDM and configure Role Based Access Control |
Migration Path | Migration from NSX-T to NSX-V is not supported | Support NSX-V to NSX-T migration |
NSX –T Architecture and Key Components
NSX-T employs a multi-tiered networking stack and a new architecture as shown in Figure 2, optimized for cloud-native applications and multi-cloud environments. The architecture is capable of providing higher flexibility, resiliency, scalability, agility and optimized performance. The key architectural components are:
- NSX Manager – Centralized network management, monitoring, and configuration plane.
- NSX Controller – Enables programmability and support distributed state management for logical switches and routers.
- NSX Edge – Gateway services for north-south routing, VPN, DHCP, and load balancing.
- Distributed Logical Routers and Switches – East-west routing and switching between workloads and endpoints.
- Security Components – Distributed firewall, IDS/IPS, malware prevention, and analytics.
In NSX-T, functional groups are deployed as host clusters. The NSX management cluster comprises converged management (policy) & control plane cluster services. The Management Cluster contains NSX manager, vCenter, automation tools, and dependent shared services (LDAP, DNS, NTP, etc.). The Compute cluster high performance data plane kernel hosts the workloads. The NSX-T distributed data plane connects and hosts workloads through an enterprise employing heterogeneous hypervisor support and multiple public cloud connectivity. The data plane enables various application frameworks including VMs, microservcies, containers, and more. Communication is East/West for the workloads and connecting to the Edge. The Edge Cluster provides north/south routing for the external to the NSX Overlay. The Edge cluster hosts the centralized (stateful) services such as Firewall, Load Balancer, VPN, etc.
Why Enterprises migrate to NSX-T?
NSX-T DC provide flexible and agile software-defined infrastructure to enable cloud-native applications, bare-metal workloads, multi-hypervisor, public clouds and multiple cloud environments. This solution supports IT and development teams to choose appropriate technologies for their applications.
There are certain reasons for enterprises to migrate from NSX-V to NSX-T from feature point of view:
- Advanced network using NSX Federation –NSX-T allows to federate and manage several installations of NSX across multiple locations.
- Full-stack networking for new distributed applications – advanced container networking, micro-segmentation for micro services.
- Best-in-class security – NSX Intelligence (modern AI and ML-driven solution) realizes proactive security intelligence in environment to detect and prevent cybersecurity attacks.
- Simplified Networking and security automation – NSX-T utilizes a strong API-driven interface to simplify network automation.
- Better instinctual dashboard and monitoring competences
Migration Process from NSX-V to NSX-T
Before migrating from NSX-V to NSX-T (NSX V2T) the network must be fully analysed to ensure that suitable hardware and configuration are chosen to support the newly deployed NSX-T workloads.
The migration process starts with NSX V2T Migration Assessment Service. This evaluates the existing VMware NSX-V deployment and decide the future VMware NSX-T intended state. The aim of this assessment service is to evaluate the customer environment, prepare for migration path, and provide a top overview of requirements and plan the migration process path.
The Professional Services will analyse the current VMware NSX-V infrastructure by considering key parameters and features such as:
- Number of data center/sites and hosts
- Networking services for containers, modern apps, cloud-native apps,
- Security services, distributed firewalling, and micro-segmentation
- VMware products/software in place (For instance, VMware Cloud Foundation, VMware Cloud Director, VMware Integrated OpenStack)
- Third-party products and services
- Features in use, such as Network Address Translation (NAT), Border Gateway Protocol (BGP), Open Shortest Path First (OSPF), static routing, load balancing, north-south/east-west firewall rules, and current network topologies
The Professional Services team will look into the relevant use cases for the network deployment such as supporting Kubernetes and container networking, networking and security automation, disaster recovery, micro-segmentation, moving workloads to/from the public cloud.
After the assessment, VMware Professional Services can help with NSX V2T Migration Execution. Based on the assessment results, VMware Professional Services will plan and review different NSX-V to NSX-T migration approaches: Coexist, In-place, or Lift-and-Shift as shown in Figure 3.
In short, the key migration steps are:
- Inspect existing NSX-V deployment – manuscript all logical switches, routers, security policies, and integrations.
- Build NSX-T sandbox – create NSX Manager, controllers, edges, logical switches, and routers. Test systematically.
- Develop a detailed migration plan and validate all steps/timing to minimize application downtime.
- Install NSX-T in parallel to NSX-V – add NSX-T components to infrastructure.
- Migrate app tier-by-tier – apply NSX-T policies to each app tier, define IPs, and cut over traffic.
- Withdraw NSX-V – once all apps are on NSX-T, remove NSX-V components.
- Optimize, tune, and monitor NSX-T – fine-tune performance, availability, and security posture.
Calsoft was proudly the primary contributor, along with VMware, in the ideation, design, and development of the NSX Migration tool. Having worked with VMware & its ecosystem for over two decades, Calsoft is uniquely positioned to take over and support the customers trying to use the tool for their important NSX migrations.
Partnering with Calsoft for NSX migration journey brings forth the following advantages:
- VMware Preferred NSX migration partner with a team of NSX certified engineers
- Faster and secure migration with reduced risk and complexity
- Successful migration of existing policies and firewall rules
- In-house NSX migration lab with 24/7 support during migrations
- Thorough evaluation of the current NSX-V environment
- Advantage of customized migration plans
To know more listen to our podcast Simplifying NSX-V to NSX-T Migration
In a Nutshell
VMware NSX provides a powerful solution for enterprises looking to migrate from a traditional networking model to a more agile, flexible, and efficient virtualized network environment. With virtualization technologies, the network is abstracted from the underlying physical infrastructure and placed it into the software layer. NSX solution facilitates greater flexibility, scalability, and efficiency in network management process. Enterprises can benefit from reduced operational costs, faster deployment of network services, and a more dynamic and responsive network infrastructure.
Calsoft being a Technology-First company has been a leader in the virtualization technology since the inception. With latest VMWare (by Broadcom) announcement mentioning Calsoft as the maintainer of NSX V to T migration for their vCD workload we are right partner of choice for the NSX workload migration.
منبع: https://www.calsoftinc.com/blogs/an-ultimate-guide-for-nsx-v-to-nsx-t-migration.html