Homelab

In this series, I’ll go over the lab environment, which I share with https://www.simplygeek.co.uk/ History: My home lab started at home with two servers and https://www.simplygeek.co.uk/ having the same setup. In 2020, the UK saw a huge increase in electricity and fuel costs, so these systems couldn’t be run 24/7 due to sheer cost. Having … Read more

Configuring NSX Distributed IDS/IPS

NSX IDS Configuration workflow: Enabling NSX IDSP To enable distributed IDSP for standalone hosts or clusters where traffic passes through NSX virtual network segments – VLAN-backed and overlay.  Note: The configuration flow to enable NSX-distributed IDS/IPS is as follows: Security > [Policy Management] IDS/IPS & Malware Prevention > Settings > Shared Within the Define Scope for Malware Prevention & IDS/IPS Deployment,   select the cluster … Read more

Create an NSX-T manager health check within AVI

Create an NSX-T manager health check within AVI: As previously mentioned in this post AVI and heath check we want the ability to run an API health check against each node of the pool (NSX manager nodes). Before we create the virtual service we need to create a health monitor for the NSX-T managers. To … Read more

Load Balance NSX-T Managers using NSX-ALB (AVI)

The NSX-T Management Cluster comprises of three NSX-T Manager nodes to provide high availability and scalability. To support a single access point for the NSX-T Manager user interface and API, you can assign a VIP address for the NSX-T Management Cluster. Once the VIP is set, any UI and API requests to NSX-T are redirected … Read more

Deploy the AVI/NSX ALB Controller/s using Ansible

In this post, we will go through the process of deploying an AVI Controller cluster. The reason for deploying this as a cluster is to emulate a production deployment. AVI is supported on a single controller, but you lose control plane high availability. If your resource-constrained in your lab (AVI controllers are rather big), If … Read more

How To Use Ansible To Automate AVI deployments in a VMware Cloud

Introduction Server & infrastructure automation now plays an essential role in systems administration due to the disposable nature of modern environments. Tools such as Ansible are typically used to streamline the process of automating server setup by establishing standard procedures for new servers while also reducing human error associated with manual setups. It also offers the ability to … Read more

NSX-T IDFW how-to guide: How to consume NSX-T IDFW efficiently

I’ve had the privilege of working with VMware’s BU and the Livefire teams on an IDFW design that can be consumed at scale. Hopefully, people can make use of my findings. Note: That this design can be consumed by VDI. but in this example i’m am using RDSH. Requirements: Just some critical information in the … Read more

NSX-T IDFW how-to guide: Get NSX-T IDFW to consume a specific OU

NSX-T IDFW (identity firewall) is a great feature that enables customers to create Active Directory group-based Distributed Firewall (DFW) rules within an NSX-T deployment. One of the biggest challenges specifically in larger Active Directory deployments is the total number of users and a total number of groups that NSX-T 3.1.x can consume. At the current … Read more