Top 4 Reasons to Migrate From NSX Load Balancing to NSX Advanced Load Balancer
•Download as PPTX, PDF•
0 likes•40 views
There are many reasons to move from NSX native load balancing to NSX Advanced Load Balancer. First, and foremost, NSX native load balancing is going away in the future. But, there are positive reasons to make the transition to NSX ALB now. It will simplify operations and help manage your multi-cloud and container environments. NSX ALB provides advanced application and context aware services needed to deliver the resiliency, elasticity and security that today's applications require through server load balancing, global server load balancing, web application firewall, and rich analytics. A migration tool has been created to assist with the transition from NSX native load balancing to the next generation NSX ALB solution.
Recommended
Recommended
More Related Content
Similar to Top 4 Reasons to Migrate From NSX Load Balancing to NSX Advanced Load Balancer
Similar to Top 4 Reasons to Migrate From NSX Load Balancing to NSX Advanced Load Balancer (20)
More from Avi Networks
More from Avi Networks (17)
Recently uploaded
Recently uploaded (20)
Top 4 Reasons to Migrate From NSX Load Balancing to NSX Advanced Load Balancer
- 1. Confidential │ ©2022 VMware, Inc. Top 4 Reasons to Migrate From NSX Load Balancing to NSX Advanced Load Balancer Frank Yue, Sr. Product Marketing Manager Pablo Boscariol, Product Manager
- 2. Confidential │ ©2022 VMware, Inc. 2 Agenda VMware’s LB Strategy Value of NSX ALB (Avi) Enterprise Reasons to Migrate Today Seamless Load Balancing with NSX NSX LB to NSX ALB Migration Demo 1: NSX-T LB to NSX ALB Migration Summary
- 3. Confidential │ ©2022 VMware, Inc. 3 VMware’s LB Strategy NSX Advanced Load Balancer is VMware’s flagship Load Balancing product NSX ALB (Avi) will be VMware’s only Load Balancing product Native NSX-T LB EOL is coming Planned EOL announced Dec 2021 NSX ALB provides deep solution integrations with the entire VMware portfolio NSX, Tanzu, VCF, Cloud (VMC/AVS/GCVE), Horizon, vCD, etc.
- 4. Confidential │ ©2022 VMware, Inc. 4 Control Plane Bare Metal Virtualized Containers ON PREMISES PUBLIC CLOUD NSX ALB Distributed Architecture for Multi-Cloud Application Services Centralized policies and full lifecycle management Data Plane Controller (Customer-managed | SaaS) ELASTICITY Application Services Fabric ANALYTICS / OBSERVABILITY AUTOMATION RESILIENCE PULSE CENTRAL ORCHESTRATION
- 5. Confidential │ ©2022 VMware, Inc. 5 Myth Busters • Is NSX ALB now being packaged as part of NSX-T? No. • But will NSX ALB ONLY work with NSX-T? No. • Do I need to install any kind of NSX ALB agent into vCenter or NSX-T? No. • Ok, but do I need to buy NSX-T to run NSX ALB? No. • Is NSX ALB ONLY a replacement for NSX LB and nothing else? No. • Is NSX ALB the future-proof multi-cloud app-delivery platform that I should run? Yes!
- 6. Confidential │ ©2022 VMware, Inc. 6 NSX ALB Consumption Model Controller REST API SDKs – Go/Python/Java vRA SaltStack Custom-built Automation vCloud Director NSX ALB UI/CLI
- 7. Confidential │ ©2022 VMware, Inc. 7 Reasons to Migrate
- 8. Confidential │ © VMware, Inc. 8 #1: Advanced Product Capabilities Powerful analytics-driven platform for multi-cloud application services Software-Defined Platform App Services Elasticity Adaptive capacity management Automation Decision automation / Self-service Orchestration Central management Resilience High availability and self-healing Global Traffic Management Container Ingress Services Local Traffic Management Analytics & Observability App, User, & Security Insights Log Analytics Behavioral & ML Engine Appl Security & WAF GSLB Pulse Cloud Services
- 9. Confidential │ © VMware, Inc. 9 #2: Global Server Load Balancing DNS-based load balancing across datacenters and clouds GSLB Use Cases: 1. Higher availability using active- active deployment 2. Disaster recovery to offer resilience to datacentre outages 3. Geo-based load balancing – For optimal performance, localized content 4. Cloud bursting across datacentre and public cloud. 5. Multi-cluster / multi-site Kubernetes GSLB NSX ALB GSLB Intranet User Internet WWW DNS DNS2 Datacenter 2 Public Cloud DNS3 AppA – A3 LB-3 DNS1 Datacenter 1 AppA – A2 LB-2 AppA – A1 LB-1
- 10. Confidential │ © VMware, Inc. 10 Protect your application attack surface #3: Comprehensive Application Security Solution App Security Visibility API Protection Bot Management Web Application Firewall Attack Types Actors: Human vs Bot File Uploads API / App Web Traffic Cloud Services Threat Intelligence Threat Research Signature Updates 0-day analysis Rule Updates
- 11. Confidential │ © VMware, Inc. 11 #4: Converged Kubernetes Ingress Services Single L4 and L7 platform for holistic app operation Consolidated Application Services Ingress + LB + WAF + GSLB / DNS / IPAM Kubernetes OpenShift Any Cloud Any Location Single Solution
- 12. Confidential │ © VMware, Inc. 12 NSX ALB integration with NSX-T
- 13. Confidential │ ©2022 VMware, Inc. 13 NSX ALB and NSX-T Integration NSX-T Manager Management traffic over secure channel API vCenter Controller UI API REST API ESXI API ESXI Deploy SEs on ESXi ESXI Notifications Full LB and Security Automation for App Deployments • Lifecycle • Automation • Create application specific services
- 14. Confidential │ ©2022 VMware, Inc. 14 NSX Native LB to NSX ALB Migrations How can I move from NSX Load Balancer to NSX ALB? I’m still using NSX-V Load Balancer? • Use NSX-T Migration Coordinator and move NSX-T LB as soon as you can • After that, go to NSX ALB (Avi) at your convenience using NSX-T to NSX ALB Migration Tool • Not useful for your business? Get more information at via.vmw.com/go-to-avi I’m using NSX-T Load Balancer: • Great! NSX-T LB to NSX ALB Migration Tool is here to help you
- 15. Confidential │ ©2022 VMware, Inc. 15 NSX Native LB to NSX ALB Migrations How can I move from NSX Load Balancer to NSX ALB? I’m not using LB, but I’m planning to configure NSX-V/T Load Balancer: • Stop there! Did you see Sayli’s demo? • Go directly to NSX ALB. • Fear not, NSX ALB has two webinars a month! > vmware.com/go/aviworkshops I’m not directly using NSX-T LB, but other apps are using it (like vRSLCM or Tanzu): • Get more information, or ask for help at via.vmw.com/go-to-avi
- 16. Confidential │ ©2022 VMware, Inc. 16 Move Traffic (aka Cutover) User initiates traffic-cutover • Tool disables VIPs on NSX • Tool enables VIPs for traffic Cutover on a VS-by-VS basis to reduce downtime Migration Tool: NSX-T Native LB to NSX ALB User workflow Provide IPs and credentials Select All-VS or specific VS Add additional config to NSX ALB using patch option Migrate Configuration User initiates cleanup • Tool deletes NSX-T LB config (incl. dependent objects) Cleanup
- 17. Confidential │ ©2022 VMware, Inc. 17 NSX-T Native LB to NSX ALB Migration Tool Summary Minimal user input required Minimal application downtime during cutover Flexibility to do per-app or bulk migration Easy cleanup of LB configuration on NSX-T after cutover NSX ALB licensing tier aware (Basic & Enterprise) When/Where is it going to be available? GitHub Repo: vmware/avi-sdk (beta)
- 18. Confidential │ ©2022 VMware, Inc. 18 Demo NSX-T LB to NSX ALB Migration
- 19. Confidential │ ©2022 VMware, Inc. 19 Want to know more about NSX ALB Migrations? https://via.vmw.com/go-to-avi
- 20. Confidential │ ©2022 VMware, Inc. 20 Migrate from Legacy Load Balancers Need to migrate from F5 or Citrix – no problem! Discover avinetworks.com Learn vmware.com/go/aviworkshops vmware.com/go/try-avi-networks vmware/avi-sdk on GitHub Try
- 21. Thank You Confidential │ ©2022 VMware, Inc.
Editor's Notes
- Avi Networks Vantage platform, now known as VMware NSX Advanced Load Balancer is a modern – software defined – elastic – application delivery fabric. It is composed of a central control plane and a distributed data plane. Avi Controllers provide a centralized policy engine which delivers full life-cycle management for applications Avi Service Engines are the load-balancers which can be deployed anywhere, natively in a fully orchestrated fashion by the Avi Controllers, On-premise or in the public-clouds. Avi Controller consumes application intent via REST APIs and strives to realize that intent. As an example Avi Controller would - Creates Avi SEs - Acquires IP for VIP through IPAM - Registers FQDN to DNS - Manages application certificates - and so on ... All the user ever needs to do is to simply convey the intent Eliminates the problems of overprovisioning and overspending by scaling load balancers elastically based on real-time traffic. Provides a self-healing fabric. If an Avi SE fails, applications are dynamically moved to other available Avi SEs ensuring that the required capacity for applications is always available and also creates new Avi SEs to replace the failed Avi SE. Provides a single point of control and multi-cloud support: This enables a universal solution for traditional, modern, and cloud-native use cases across all environments. Applications can reside on any-cloud and Avi Controllers would provide the same level of automation regardless of where the application is provisioned. Provides rich performance monitoring and visibility into client, security, and application insights that simplifies troubleshooting and automates decisions.
- ** Is Avi is now being packaged as part of NSX-T? Both independent products with independent software releases and components Avi INTEGRATES with NSX-T via NSX-T public API endpoints Avi doesn’t have software as part of vSphere or NSX code Avi Controllers are NOT part of NSX-T Managers ** Will Avi ONLY work with NSX-T? No. Avi is an enterprise grade multi-cloud app delivery solution. It provides LB functionality to not just VMware ecosystems (ex: vCenter + NSX-T, VMC, etc.) but to all major on-prem and public cloud ecosystems (AWS, Azure, GCP). ** Do I need to install any kind of AVI agent into vCenter or NSX-T? NO Avi doesn’t have any components or agents running on ESXi/vCenter Appliance/NSX-T Edges Ok, but do I need to buy NSX-T first to run AVI? NO AVI is an independent product, that will work and can be integrated with multiple clouds, public or private clouds. Is Avi ONLY a replacement for NSX LB and nothing else? No. Avi is a FULL feature ADC, that will enable you even to have all the benefits of the traditional load balancers and much more, even if you are operating in public clouds where the native LB are not feature rich. Avi will provide enterprise grade functionality across all major app delivery segments: Local Load Balancing, Global Load Balancing, Application Security (WAF, DDoS, etc.) So AVI is the future-proof multi-cloud app-delivery platform that I should run? Yes!
- Key Message: Developer ready infrastructure is comprised of many components, and brining so many pieces together can be a challenge. However, Cloud Foundation provides everything you need, in a single comprehensive solution. Talk Track: While VMware Cloud Foundation makes it easy to deploy Kubernetes on your datacenter, it is by no means the only way. So why run Kubernetes on Cloud Foundation? Providing developer ready infrastructure requires the integration of many different components. There's the compute infrastructure where you will host the Kubernetes control plane and worker nodes. There's the network infrastructure needed to provide connectivity, load balancing, NAT’ing, as well as supporting ingress and egress traffic flows. There's the underlying storage infrastructure needed to provide persistent storage services to the workloads deployed by Kubernetes. Sourcing these different components in a piecemeal fashion, and across multiple vendors is challenging and introduces complexity. Cloud Foundation on the other hand, provides is a complete solution for running Kubernetes right out of the box. There are no 3rd party add-ons and no requirements to integrate external components. Notes: - We use the term “supervisor cluster” to denote a vSphere cluster where the native K8s functionality provided by vSphere 7 has been enabled. Customers can deploy container workloads directly on the supervisor cluster. However, it’s important to understand that the K8s version used on the supervisor cluster is tied to the version of vSphere. A more common use case for developers is to limit the use of the “supervisor cluster” to bootstraping Tanzu Kubernetes Grid Clusters, or what are referred to as “guest clusters”. With TKG clusters the developers can deploy upstream conformant K8s using different K8s versions. As such, we call out TKG on the slide and are not calling out the native K8s capabilities. - The focus of this slide is to show that we complete solution for VMs and Containers, with the flexibility to meet the developers needs through support for TKG. References:
- Highlights High Performance and Scale Data-plane Autoscaling and HA with sophisticated modes of operation GSLB/Multi-cluster operation Multi-tier / Multi-AZ Load-balancing Integrated L4 and L7 Solution Multiple options for Analytics, Metrics and visibility Operational simplicity with Multi-cloud deployments. Stateless Architecture – Ease of use with CI-CD and dynamic cluster management Worldwide Customer Support and Professional Services
- Confluence: https://confluence.eng.vmware.com/pages/viewpage.action?pageId=1062081985
- Topologies: VLAN, Overlay, Transparent LB (inline) Apps: L4, Http, Https