VMware KB: Registering NSX Manager to vCenter Server or configuring the SSO Lookup Service fails with the error: nested exception is java.net.UnknownHostException.
I have seen this error with customer installations. Even if you don’t run across the error, this KB contains very succinct instructions for troubleshooting basic infrastructure requirements for NSX Manager.
VMware KB: Creating an NSX logical switch fails with the error: Unable to allocate an available resource.
A couple of students mentioned this error during a lab in the VMware NSX: Install, Configure and Manage class this week.
The issue is simple to create and remedy. Logical switches are assigned VNI (VXLAN Number Identifier) from a Segment ID Pool. If the Segment ID Pool is not configured before you try to provision a logical switch then you will get the “Unable to allocate an available resource” error. The resolution is to configure the Segment ID Pool before attempting to create Logical Switches.
Recently I was one of the presenters at the Sacramento VMUG. The topic of the night was Networking and VMware NSX. At the end of my time, I promised a list of web links to VMware NSX resources. Here we go:
VMware Walkthrough for NSX: http://featurewalkthrough.vmware.com/NSX/ – If you are not familiar with the VMware Walkthroughs; this is essentially a guided tour of the products and features.
VMware Hands-on Labs for NSX: http://blogs.vmware.com/networkvirtualization/2014/09/new-vmworld-2014-hands-labs-vmware-nsx-goodness.html – This is an introductory Blog Post that describes each of the new labs from VMworld 2014.
Here are links to the individual labs:
HOL-SDC-1403 – VMware NSX Introduction: http://labs.hol.vmware.com/HOL/catalogs/lab/1483
HOL-SDC-1425 – VMware NSX Advanced: http://labs.hol.vmware.com/HOL/catalogs/lab/1485
HOL-SDC-1424 – VMware NSX in the SDDC: http://labs.hol.vmware.com/HOL/catalogs/lab/1484
HOL-PRT-1462 – Virtualized Data Center Security: VMware NSX and Palo Alto Networks Next Generation Virtual Firewall: http://labs.hol.vmware.com/HOL/catalogs/lab/1514
HOL-SDC-1420 – Openstack with VMware vSphere and NSX: http://labs.hol.vmware.com/HOL/catalogs/lab/1478
VMware NSX product page: http://www.vmware.com/products/nsx/
VMware NSX 6 Documentation Center: http://pubs.vmware.com/NSX-6/index.jsp
VMware Education: VMware NSX Training and Certification
Pluralsight Video Training: VMware NSX for vSphere Introduction and Installation by Jason Nash
VMware NSX Network Virtualization Platform Whitepaper: http://www.vmware.com/files/pdf/products/nsx/VMware-NSX-Network-Virtualization-Platform-WP.pdf
VMware® NSX for vSphere (NSX-V) Network Virtualization Design Guide: https://communities.vmware.com/docs/DOC-27683 – This design guide has recently been updated. Check this link and download the latest version.
VMware NSX YouTube Channel: https://www.youtube.com/user/vmwarensx
VMware NSX on Twitter: https://twitter.com/vmwarensx
VMware NSX Community: https://communities.vmware.com/community/vmtn/nsx
VMware’s Network Virtualization Blog: http://blogs.vmware.com/networkvirtualization
Network Heresy: http://networkheresy.com/ – This is the Who’s Who for network virtualization – Check out contributors!
Brad Hedlund: http://bradhedlund.com/category/network-virtualization/
Chris Wahl’s Wahlnetwork blog: http://wahlnetwork.com/tag/nsx/
Hany Michael’s Hypervizor blog: http://www.hypervizor.com/nsx/
DailyHypervisor: http://dailyhypervisor.com/ – Complete SDDC and integration!
NSX Tech: http://nsxtech.net/
Virtualization Warrior: http://www.m80arm.co.uk/
Data Center Notes: http://www.dcnotes.net/
I am certain there are many more blogs/links for NSX. If you have a favorite that I haven’t included, leave a comment and I will add them.
VMware KB: Unable to open a virtual machine console using the vSphere Web client in VMware vCenter Server 5.5 update 2.
This KB article restates an item from the vCenter 5.5 Update 2 release notes:
Virtual machines with HTML 5 console in vSphere 5.5 open connections with http:// instead of https://
When the HTML 5 console is launched on a virtual machine, it uses connections like http:// and web sockets like ws:// instead of secure connections like https:// and wss://.
This release resolves the issue by launching the virtual machine console with secure connection over port 7343 instead of the connection over port 7331.
This was a welcome change, but it introduces a potential connectivity issue for those who don’t read the release notes!
Here is a link to the release notes: https://www.vmware.com/support/vsphere5/doc/vsphere-vcenter-server-55u2-release-notes.html#networkingissues
Here is the top level KB article for required TCP and UDP ports for vSphere products. Notice the left hand column where the version numbers are listed!
TCP and UDP Ports required to access VMware vCenter Server, VMware ESXi and ESX hosts, and other network components
VMware KB: Configuring syslog server for VMware NSX for vSphere 6.x controllers.
This is an interesting KB article. Please notice that the method for configuration is an API call! This is built for automation!
FYI, You configure the NSX Manager appliance to use a syslog server with a web browser.
Select “Manage Appliance Settings”
On the Settings > General page, click the edit button in the Syslog Server portion of the page.
Enter the DNS name or IP address of your Syslog server, then click OK.
I finally spent a little time and have updated the vSphere page to vSphere 5.1. I intend to build on the Knowledgebase article section as items come up with customers or from the classroom.
Recently I have been getting ready for upgrades and deployments of vSphere 5.1/vCloud Suite 5.1 in my lab abd at client sites. I have used the ESX Deployment Appliance for several years and have had good luck with it. This time I ran into an issue that caused me to remove and reinstall the virtual nic on the EDA appliance. I noticed that the ifconfig output looked odd and remembered that I should make sure that /etc/udev/rules.d/70-persistent-net.rules doesn’t have any entries with “old” MAC addresses, particularly for “eth0.”
As I was troubleshooting the “network is unreachable” error, I did a search and found a reference to documentation I used to regularly provide to customers that were deploying Linux VM’s from templates…
Remove network configuration
The MAC address of the VM’s virtual nic is written into the udev persistent rules and needs to be cleaned out as the cloned vm will have a different MAC address.
Remove entries containing “eth0”
It had been a while since I wrote that and I am glad I still had it.
As soon as I cleaned out the old entries and restarted the VM, the networking came to life and I am now back to work!
Network Segmentation in Virtualized Environments
As virtualization becomes the standard infrastructure for server deployments, a growing number of organizations want to consolidate servers that belong to different trust zones. The demand is increasing for information to help network security professionals understand and mitigate the risks associated with this practice. This paper provides detailed descriptions of three different virtualized trust zone configurations and identifies best practice approaches that enable secure deployment.
DMZ Virtualization Using VMware vSphere 4 and the Cisco Nexus 1000V Virtual Switch
This paper tackles the subject of DMZ security and virtualization. It covers a number of DMZ security requirements and scenarios, presenting how vSphere users can implement the Cisco Nexus 1000V virtual switch in a DMZ.