NSX-T

Integrated NSX-T deployment in vSphere 7.0 Update 3 fails with timeout

10.11.2021 by William Lam // 2 Comments

One of the new features highlighted in the latest vSphere 7.0 Update 3 release is the integrated NSX-T deployment and configuration workflow found directly within the vSphere UI as shown in the screenshot below.

After you click on the the "Install NSX" button, it will prompt for the NSX-T OVA and then take users through a guided wizard to on deploying and configuring NSX-T. I noticed that a few users were reporting a timeout issue after running through the workflow:

Cannot complete the operation: See the event log for details. Timeout: The task did not complete within the expected time span

I have not used this plugin before, so I was not sure what the issue was until I came across this Tweet from Validimir Velikov, a vSphere UI Engineer who had worked on the integrated NSX-T plugin and shared the reason for this error. A newer version of NSX-T will be needed to use this feature as the vSphere UI expects a "callback" from NSX-T Manager when the deployment and configuration is complete, which the current released version of NSX-T (3.1.3.1) does not support.

As discussed, current released versions of NSX-T don't support the vSphere integrated flow. A new NSX-T version should come shortly.
Otherwise, the flow expects a callback from the NSX Manager after deployment which never comes for old versions - hence, the timeout error. 😉

— Vladimir Velikov (@vladi_velikov) October 9, 2021

I think we could have provided a better user experience by first checking the NSX-T OVA version and ensuring that it meets the minimum version that supports this capability. Hopefully this is something we can improve upon in the future.

Retrieving network statistics on VMware Cloud on AWS using NSX-T Policy API

07.16.2020 by William Lam // 1 Comment

One question that has come up lately from VMware Cloud on AWS customers is to understand their network traffic usage, especially as it pertains to traffic that exit or egress their SDDC. There are a number of graphical tools that can be used today to get insights into this information, one is the popular vRealize Network Insight Cloud solution which many of our VMware Cloud on AWS customers are taking advantage of to not only understand traffic usage and flow data history but is also instrumental in aiding customers when planning workload migrations from their on-premises datacenter to VMware Cloud on AWS.

While researching this topic, I also came to learn that this information can be retrieved using the NSX-T Policy API which is available to all customers to use. We are going to be leveraging the Tier-0 statistics interface API from NSX-T which will give us both transmit and receive stats on all supported interfaces. From the diagram below, we can see the interfaces that are applicable to VMware Cloud on AWS is the Internet interface which includes VPN traffic, VPC interface which includes traffic going to Linked VPC and Direct Connect interface which includes traffic when using AWS Direct Connect.

As you might expect, these exact same three interface types is then represented as logical interfaces within the NSX-T Policy API which uses the following IDs:

cross-vpc
public
direct-connect

Note: Statistics on the Direct Connect interface will also include traffic if you are using the new VMware Transit Connect with AWS Transit Gateway feature.

These interface can be discovered by performing a GET on /policy/api/v1/infra/tier-0s/vmc/locale-services/default/interfaces and then you would then identify the two NSX-T Edge (Active/Passive) and construct the T0 URL to retrieve the statistics. I will not bore you with the details and have implemented this as a new PowerShell function called Get-NSXTT0Stats and for those interested in the implementation, please see the code here.

Note: For those wanting to see the full NSX-T Policy REST URLs, simply append -Troubleshoot flag and that will output additional information on how I am retrieving the various pieces of information required to call into the T0 Stats API.

[Read more...]

Configure NSX-T Edge to run on AMD Ryzen CPU

05.06.2020 by William Lam // 12 Comments

The vast majority of VMware Homelabs is still Intel-based today but I have been seeing a slow rise of AMD-based kits being adopted, especially with AMD's desktop line of CPUs known as Ryzen. One of the considerations on whether you could use an AMD processor was whether you were planning to deploy NSX-T and in earlier releases, only Intel was supported as the NSX-T Edge required support for Data Plane Development Kit (DPDK) and this was only supported with Intel-based processors.

With the latest NSX-T 3.0 release, AMD-based processors are now supported and per the release notes, the following CPUs can be used:

AMD EPYC 7xx1 Series (Naples)
AMD EPYC 3000 Embedded Family and newer
AMD EPYC 7xx2 Series (Rome)

You will notice that only AMD's server line of CPUs known as EPYC are currently supported, which makes sense for running Production workloads. If you attempt to deploy an NSX-T Edge Node running on a non-EPYC platform, you will get an error message stating the CPU is not supported and I figured this was probably due to the lack of DPDK support in the consumer CPUs.

Yesterday, in our internal "Homelab" Slack channel, I came across an interesting tidbit from Andrea Spagnolo, a Sr. Field Engineer in our Cloud Native Business Unit who shared a pretty neat trick on how to get latest NSX-T 3.0 release to work with a Ryzen-based CPU.

Disclaimer: This is not officially supported by VMware. The behaviors described here can change in the future

First off, I want to thank Andrea for sharing but also credit to Beniamino Guarnaschelli and his blog post here which actually gave Andrea the idea to take a closer look as he was trying to get this setup in his own personal homelab.

[Read more...]