VMware Cloud on AWS

Managing Distributed Firewall Rules in VMC using PowerShell & NSX-T Policy API

01.04.2019 by William Lam // Leave a Comment

Back in November 2018, VMware Cloud on AWS (VMC) SDDC 1.5 Patch 1 was released and it was one of the most highly anticipated release by our customers. Although this was a "patch" release, it included a ton of new features and also brought the full power of the NSX-T platform to VMC as a generally available feature!

With NSX-T, customers also now have access to the highly requested Distributed Firewall (DFW) capability which enables granular control over East-West traffic between application workloads. In addition to enabling micro-segmentation in VMC, customers can now easily manage DFW rules using a number of grouping constructs (Tags, Virtual Machines & Conditional Statements) to create dynamic policies which follow their workloads.

Customers can configure DFW (as well as Edge Firewall) rules using the VMC Console UI but many of you have been asking for an automated method, especially if you need to create a large number of policies for more than a couple of workloads. After returning from the holiday, I spent the last couple of days updating my NSX-T Policy PowerShell Module which now includes basic support for managing DFW. For those of you who are new to using the NSX-T Policy API and PowerCLI, be sure to give these two articles a read here and here before proceeding further.

[Read more...]

Learning more about the Nitro platform which will power VMware Cloud on AWS Outposts

12.04.2018 by William Lam // 1 Comment

With the big announcement last week between AWS and VMware, I know a number of folks have been wanting to learn more about the underlying hardware that currently powers the AWS Cloud including VMware Cloud on AWS and eventually the new VMware Cloud on AWS Outposts offering. Historically, AWS has not shared much information about their own hardware platform, but have started to talk more openly about their systems in the last two years.

At reInvent 2018, I had attended an awesome deep dive session Powering Next-Gen EC2 Instances: Deep Dive into the Nitro System by Anthony Liguori, a Sr. Principal Engineer who lead both the Nitro and Outposts development. This was a great talk providing some insights into the development of Nitro and the various components that makeup the system such as the Nitro cards, which provides hardware offload for both Storage and Networking and new in this years session, the Nitro Security Chip, which actually reminds me of the new Apple T2 Security Chip. Below is the recording for those that were not able to attend, definitely recommend a watch!

[Read more...]

VMware Cloud on AWS reInvent sessions posted

11.30.2018 by William Lam // Leave a Comment

In case you missed the big news this week at Amazon's reInvent conference, Pat Gelsinger (CEO of VMware) and Andy Jassy (CEO of AWS) announced together on stage VMware Cloud on AWS Outposts and VMware Cloud Foundation for EC2. For more details regarding the announcements, check out these two blog posts:

VMware had a number of VMware Cloud on AWS (VMC) sessions at reInvent and most of them have already been posted online. Below is the current list and I will update it as new sessions are posted.

Given the amount of excitement and interests from customers on both VMware Cloud on AWS Outposts and VMware Cloud Foundation for EC2, session (ENT215) was repeated at reInvent to give some more information about the two solutions. In addition, you can also check out these two theCube interviews from each of our executives talking about both offerings.

ENT215 - Top Strategic Priorities You Can Tackle with VMware Cloud on AWS