vCloud Director: NSX-V to NSX-T Migration Part-1

In this blog series, vCloud Director: NSX-V to NSX-T Migration Part-1, we will understand what is VCD ( vCloud Director ) and it’s network component. We will go through the architecture of VCD integration with NSX-T and will go through a case study of the steps for NSX-V to NSX-T Migration and what are the available options. This blog will help us to plan the migration from NSX-V to NSX-T for vCloud Director.

In this part, we discussed the feature and network types of vCloud Director, where we understood the different network components. The design which is being followed by many cloud provider and what points we need to consider for V to T Migration

Understanding vCloud Director

VCD is mostly used by the service providers so to manage multiple tenants and it’s workloads.

VMware vCloud Director gives customers the ability to build secure private clouds that dramatically increase data center efficiency and business agility.
Coupled with vSphere and NSX, vCloud Director delivers cloud computing for existing data centers by pooling virtual infrastructure resources and delivering them to users as catalog-based services.

VCD is integrated with vCenter and NSX ( Controller, VM Edge, and DLR ) and it controls the configuration and eases the management as a single glass plane. Personally, I compared it with the UCS Director ( But UCS Director we can say as the combination of VCD and vRealize )

Network Types in VCD

We will focus more on the network components of VCD which is related to NSX. And at this moment we will go through the NSX-V network which is being created at backend through VCD.
The idea is that the VM will be connected to the routing device on the uplink which earlier was vshield, 1000v which is very similar to the Cisco CSR router, now with NSX it could be DLR or Edges. The kind of network is discussed below.

Network Types :

1. ISOLATED: This is the network that is not connected to Edge, and from the basic network, it could be VLAN port-group or VXLAN port-group. This network will be not eligible for routing and will be available for switching withing the L3 subnet network.
2. ROUTED/NAT: This network is eligible for routing and NT purpose as this connected to the Edge.
3. Distributed network: This is the network between DLR and EDGE, which gives a bridging option for the VXLAN network and can be uplink to Org Network.

Network Design Types in Cloud Provider

The above feature of the network with VCD gives more options for Cloud Provider to design the network. It all depends on the scale of the customer application size on that basis the virtual network design is followed.
From basic fundamentals, a single EDGE can represent an organization, where down under all the connected VM will be part of that ORG. ( The same we can refer as T1 in NSX-T )

There are many providers that use other Network Devices for the feature of Firewall and Load Balancer. These devices could be NFV or Physical boxes. Where for a Customer per Application represent an EDGE. So in that case all traffic from one application to another application will be hair pinned through Non-NSX Firewall and Load Balancer. To separate the traffic between Customer A and Customer B extra precautions are taken like for Customer A Edges it will have VLAN A and for Customer B VLAN B.

On the uplink devices, a different method of traffic separation is taken care example: Router—- VRF, Switch/Firewall—VLAN, Fortinet—VDOM, F5 Load Balancer—Route Domain. The same is discussed below:

NSX-V vs NSX-T Architecture

With NSX-T we will witness a drastic change in the Routing architecture where we will come across terms like T0, T1 Routing. The most important for architects is to understand which component is replaced with what. Are we are going to refer DLR as T1 and Edges as T0.
As well as are we going to consider per tenant edge cluster or single edge cluster with VRF will be an option.Though this requires to be discussed more in detail.
Well, we will discuss more on this in the second part of this series.

Migration Consideration

Tool or Lift and Shift Method:
If we refer to the native NSX-T migration guide, this won’t suit VCD architecture and can’t be used for vCloud Director. Well, VMware came up with the first version of the vCloud Migrator Tool for NSX-T with 10.1 version.
Though the Lift and Shift method will be a very tedious task, if you have complex network topology and can’t be achieved via tool then the automation framework can be explored.

Compatibility :
With 10.1 we still don’t get support for NSX-T 3.X version as it does not support vSphere 7.0 still. This is always a sad part of vCD the new features of NSX with newer version takes time to be in support from VCD.

“VMware Cloud Director 10.1 does not support vSphere 7.0 and NSX-T Data Center 3.0. The interoperability certification is in progress and vSphere 7.0 and NSX-T Data Center 3.0 will be supported in a minor patch release of VMware Cloud Director 10.1. External networks that are backed by VRF-lite tier-0 gateways in NSX-T Data Center are not supported”

Source: vCloud Director Release note

Capacity Planning :

As discussed above when we are dealing with a multi-tenant environment we need to put effort on capacity planning, wherefrom network we need a plan :
1. How T0-T1 routing will be designed for per customer basis or per-application basis.
2. Can we go with VRF-Lite Option which is only feasible from the 3.0 version.
3. What capacity NSX-T has the limitations, this point is very important because if you come across with NSX-T config max limit, one cannot use another NSX-Manager because a vCenter can be connected only via a single NSX-T manager domain.

Bigger Picture Part-2 topics

In Part 2 we will take a case where we will consider the following environment and will go through detailed step for migration, will discuss the design consideration per tenant topology:

Summary

In this blog, we discussed the feature and network types of vCloud Director, where we understood the different network components. The design which is being followed by many cloud provider and what points we need to consider for V to T Migration. For my other related blogs on NSX-T, you can VMware section. Thanks for visiting my blog… Happy Learning..!!!