VMware NSX-T Data Center 2.2 and PowerCLI 10.1.1 Released

VMware has released NSX-T Data Center 2.2 and PowerCLI 10.1.1.

NSX-T Data Center 2.2:

What's new:

New features:

Automated NSX Controller Cluster Deployment

  • Automatically deploy NSX Controller cluster from the NSX Manager onto vSphere clusters discovered from a vCenter Server to simplify NSX-T installation in a vSphere environment.

NSX Management of Workloads in Azure

  • NSX Datacenter and NSX Cloud with a single pane of glass for on-premise and Azure workloads.
  • Single security policy across hybrid cloud, offering various set of attributes, including VM names, custom tags.
  • Decouple workload deployment from security enforcement.

NIOC Version 3 Support

  • Network IO control (NIOC) allows configurable limits and shares on the network for both system-generated and user-defined network resource pools, based on the capacity of the physical adapters on an ESXi host.
    • Provides a mechanism to reserve bandwidth for system traffic based on the capacity of the physical adapters on a host.
    • Enables fine-grained resource control at the VM network adapter level to use for allocating CPU and memory resources.
    • Allows to set up bandwidth allocation for virtual machines at the level of the entire distributed switch (N-VDS).
Guest VLAN Tagging
  • vSwitch, N-VDS in this case, port acts like a trunk and inspects incoming VLAN tags to ensure that they match the correct destination virtual port. However, the VLAN tags are left intact by the N-VDS.
  • Feature is applicable for both VLAN backed and overlay backed traffic and supports bridging only for forwarding packets based on guest VLAN tag. Routing based on guest VLAN tag within the hypervisor is not supported.

VPN Support

  • IPsec-based Layer 2 VPN and Layer 3 VPN support for site-to-site connectivity that can be configured using only NSX-T APIs.

Customer Experience Improvement Program

  • VMware Customer Experience Improvement Program (CEIP) support collects product usage information and reports to VMware to improve the quality of NSX-T. Customers can optionally disable this feature.

Terraform Support

  • Terraform provider support to automate NSX-T logical objects such as switches, routers, firewall rules, and grouping.

Cisco VIC 1387 Support on Bare Metal for NSX Edge

  • Support for NICs used in the Cisco UCS systems.

NSX Container Plug-in (NCP) Features

  • TLS support for Kubernetes Ingress
  • Support for HTTPS termination at an NSX-T load balancer with Kubernetes Ingress and Secret integration. All Kubernetes Ingresses with a TLS section will be hosted on an NSX-T load balancer dedicated to HTTPS termination on port 443.
  • OpenShift Router support
  • The NSX-T load balancer can work as the OpenShift Router to expose services to external layer 7 traffic via Route resources. Both HTTP traffic and HTTPS traffic with edge termination are supported.
  • Support for longer names and values when creating tags
  • Tags on NSX-T objects now allow up to 30 characters for tag scopes and 65 characters for tag values.
  • OpenShift installation improvements

NSX-T Enhancements

N-VDS Enhanced Datapath Mode

  • Support for a high-performance mode called enhanced datapath when used with vSphere 6.7. This mode implements some key DPDK features such as, Poll Mode Driver, Flow cache, optimized packet copy, and provides better performance for small and large packet sizes pertinent for Network Functions Virtualization (NFV) style workloads. Telecommunication operators can now have a highly performing virtual switch without sacrificing any benefits of virtualization such as, vMotion or Predictive DRS.

Note: Not all the features of N-VDS are available when operating in the enhanced datapath mode.

Monitoring and Troubleshooting Enhancements

  • Traceflow API enhancements to troubleshoot IP address assignment using NSX-T DHCP service.
  • New port mirroring type called, Logical SPAN to monitor source ports to a destination port on the same logical overlay switch.
  • Enhanced IPFIX profiles to be applied to NSGroups.

VLAN Based Logical Switch Teaming Policy Support for ESXi Hosts

  • Enables association or pinning of logical switch traffic to a specific uplink. Configurable using teaming policy of Route based on the originating virtual port.

NSX Edge Firewall Interface

  • Layer 4 stateful firewall on a per uplink basis on the tier-1 or tier-0 logical routers to selectively filter traffic coming from various uplinks.

Distributed and NSX Edge Firewall Enhancement

  • Centralized place to view the status of a firewall. Use APIs to query the status of a firewall publish operation or retrieve information on whether a rule has been deployed on a particular VM.

Principle Identity Role Support

  • Configure principle identities with one of the default NSX-T roles.

Search Enhancement

  • Support for search auto-complete.

Backup Enhancements

  • Provides option to trust certificate thumbprints presented by the system where remote backup or restore archives are stored.

Support VLAN Backed Downlinks

  • Connecting VLAN-backed downlink to tier-0 or tier-1 logical router leverages centralized router port that is available only on the NSX Edge node.

Load Balancing Enhancements

  • Load Balancer HTTPS Support

     

    • Support for HTTPS traffic with SSL termination on the load balancer.
    • SSL-Offload load balancing support for HTTPS from client to load balancer decrypted and HTTP from load balancer to server.
    • SSL End-To-End support for HTTPS from client to load balancer re-encrypted in new HTTPs from load balancer to server.
  • Load balancer virtual server IP displays real-time graphics for Concurrent Connections, New Connection Rate, Throughput, and HTTP Request rate.
  • Access Log granularity allows log setting for specific virtual server instead of a load balancer.
  • Single API to download the entire load balancer configuration.
  • WebSocket application support with enhanced HTTP protocol.
  • Sorry server with the ability to define per virtual server a second server pool of sorry server to use in case all the members of the first server pool are down.
  • New load balancer rule, Match cookie value and match value case insensitive.
  • Layer 4 multiple port range support. 
  • New load balancer rule algorithm with Weighted Least Connection.
  • Slow start enabled automatically for the load balancer algorithm Least Connection and Weighted Least Connection to prevent a new server added to an existing production server pool to be inundated by new connections.
  • POST API request request_body_size can now be limited in size.

NSX Edge Layer 2 Bridge Enhancements

  • VLAN to overlay service hosted on the NSX Edge node for improved performance than ESXi-based Layer 2 bridge and Layer 3 firewall.

API Rate Limiting

  • Limit the number of transactions per second and concurrent transactions to the NSX-T REST API. This protects the system from being impacted when one or more API clients make API requests at a rate the API cannot process.

See the full release notes here: https://docs.vmware.com/en/VMware-NSX-T/2.2/rn/VMware-NSX-T-22-Release-Notes.html

PowerCLI 10.1.1

This version gives support for VMware Horizon View 7.5.0.

See VMware Blog about this release here: https://blogs.vmware.com/PowerCLI/2018/06/new-release-vmware-powercli-10-1-1.html

 

Share This:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.