Feature Wednesday (Friday) Episode 78 - NSX Migration for VMware Cloud Director 1.3.1

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi and welcome to feature fridays my name is guy bartram director of product marketing at vmware and i'm joined today by romain so welcome romain again do you want to just introduce yourself to everyone who hasn't seen you before yeah sure thanks for the invitation my name is romain decker i'm a staff technical project manager in the cibg so in the cloud infrastructure business group at vmware and i cover their everything networking for our cloud providers and we're here to talk about networking today so thank you romaine for taking the time out today to join us um so the the big kind of uh subject that we're going to discuss today is the um nsx v to t migration tool um 1.3.1 which came out on the first december is that right uh i don't remember if it was first of december it was last tuesday so yeah it was one of no it was actually the last day of november okay all right good um so tell me what is um this new iteration of 131 all about let's let's perhaps start actually let's rewind a little bit and just do a bit of a recap tell us about the assessment tool and why is the assessment tool necessary yeah um so this is actually the sixth already version of the nsx migration for vmware cloud director and i will just share quickly a slide about that explains again what the tool is and why it's important for our cloud providers so in a nutshell the vmware nsx migration for vmware plot by echo that's i know a long product name but it's for trademarks um it's a cli based automation tool it initiates and migrates an nsx for b sphere organization virtual data center in vcd into an nsxt or bdc so it's a replication of topology followed by a live migration of the workloads and it it's the only solution that exists to migrate an ssd environment if you're running vcd with a limited downtime and with the release with the spring release that we had one to one we introduced um something called uh the assessment mode and it's it's not like a self-assessment like you can see with other tools it's actually reading the topology of nsx and bcd from a bcd point of view and it provides summary reports about the features that could block potentially you for an automated migration and it really helped us to define the future of the migration tool because we actually understood after receiving the first assessment reports how cloud providers are really consuming vcd and not what we just expected from uh just conversation that we had with them so the the um the tool that we're talking about is actually is it works it's a product right it's a cli product like you say um and this assessment mode is critical for us to be able to help cloud providers automate more on their migration journey it it's not saying you can't migrate from you know if there is a blocker it's not necessarily saying you can't migrate it's just that you might have to do some steps manually until this until the tool catches up yeah exactly okay and indeed the the nsx migration tool is it's a cli based because we decided to to to dedicate the complete development effort to actual features being migrated and not to have a ui a fancy ui i know some some would prefer a ui to do that but it's actually quite easy to use it you just have a binary and a yaml file that is used to describe how the migration how the migration is supposed to look like and it's indeed an official vmware product and because of that you have gss support so you can open a ticket because you are you have an error in your migration or if you need help that makes sense and to complete on the mic on the assessment it's it's automatic it just needs bcd 10.x so we support like 10.01 2 and 3 and all minor versions unfortunately we wanted to support it for nine and the eight branch branches but it's the api is too much different to actually for us to actually being able to read correctly the topology but still with 10.x and above we should put like three years of vcd versions right now so and it provides it just doing read only you just need to log to the api endpoint of vcd and it's just parsing and looping for all nsxv organization ddc and it's providing two reports in csv format and the first one is a summary port it's gdpr compliant it's completely anonymized and it's really in one page a glance of what could potentially block you so we have items that are listed as can be mitigated things that can be as easy as mtv apps we don't support live migrations of mtv apps so just delete those and tv apps and so on and for all those items the mitigation steps are described in the documentation and then we still have a few other items that are currently blocking potentially in automatic migration today at least for the old vdcs that are concerned so for example the next version will support how td app networks uh so in q1 next year and after that you will be able to migrate all vdcs that have halted the app networks and we took those assessments and we we asked um since may to send the assessment reports to that um email is and so we read them carefully and we actually compiled all the assessment reports that we received to deviate and to really shape the roadmap of both the nsx migration tool and on which features which we should uh focus on for the next versions but also to influence the roadmap of the nsxt integration in vmware cloud director and we have data is about on hundreds of thousands of workloads so it's really helping us to define the future of the old man yeah that's really good point actually so obviously vcd used to be purely um nsxv and vcd now it's obviously an sxp and an sxt or nsxv transitions but not everything i mean we've been battling with you know what nsxt needed to support to make up for nsxv functionality we've also been battling with getting new nsxt functionality integrated into vcd whilst managing this transition so it's like three things going on at once yeah yeah and it's it's a lot of moving parts and the nature itself of bcd is ambiguous because you provide that self-service capabilities to final customers so even providers uh most of the time they don't know exactly if if it's not a managed service what tenants have configured in in their virtual data centers they don't know if they configure nut or load balancing and so on they could go and look uh by connecting to the tenant portal but it's not very friendly to do it especially if you have a large infrastructure and hundreds of tournaments potentially thousands of four vdcs here it's completely automated and it's it's really fast it's taking less than a minute per organization bdc um and it's really august yeah okay so that's the um assessment tool so the the the summary here is to keep on doing the assessment tool and if you haven't done it um these results are helping us prioritize and will make your migration easier and 131 is the new version of the migration tool is building in more functionality to cover those gaps that we've we've seen yeah exactly so before switching to the what's new to conclude on the assessment in the previous release of the nsx migration tool the 1.3 that we released in august we added the support of shared networks having when we looked at the first assessment reports that we received in may and april we actually discovered that share networks were really more widely used as we expected and as we knew and the 1.3 version unblocked a total of 24 percent of the total workloads that were blocked for the migration because we didn't support migration of share network before and so really that's how we use the data that we receive that is again um anonymized yeah so we continue to use that data to build on the future of the nsx migration tool so the 131 release that we now that is now a week old we added a support for several different things i will start by the right and hence network pull support is actually before one three one the one rebound version we only supported a vlan or vxlan network pools but we also had providers or customers that were using a dvpg dvpg-backed network pool support group back network pool also um that had uh organization vdc with no network pool or that had a network pool backed by multiple virtual distributed switches this distributed switches and so on so from the assessment reports we know that these new features on the right unblock nine percent of the total workloads that we know about so that's a huge improvement here um migration to a different b center so until 1.3 the nsx migration tool is expecting to migrate to an msxt vsphere cluster but that is managed by the same designer server with 131 if you have uh for hardware refresh or if you are changing solution i don't know maybe vcf or vcf and vxrail you need to have that new vcenter that is managed by the sdt manager and a different sso domain so that's now fully supported we still need to migrate within the same vmware cloud directory instance because it's a migration done from a vcd point of view but now you can have a destination and sxt clusters that are managed by a different vcenter server okay and i guess any idea on how um how many service providers have that configuration because that's i would imagine that's quite a common use case for service writers to build out a new nxt solution and then uv center environment yeah it's uh we don't have exact numbers on that because it's a new v center implies that it's something that may not even be there yet um but by experience it's it's between political and almost religious belief depending on the administrators so you have when i was a final customer someone when i worked for system integrators you have two schools you have you build from scratch or you update an update and update again and at some point some people just want to build from scratch to have like a fresh new environment yeah and just migrate the workload so you have two schools and when i say religious beliefs it's almost true because some people are really attached to one of the methods and others to the other methods um but i have talking i've talked to a lot of providers that that want to have a different view center for the migration yeah yeah i i get your uh so the analogy of that is um upgrading your os on your laptop or your your desktop you know do you start with a fresh os or and restore the data or do you yeah yeah absolutely sometimes a clean install is a good thing and then we also added support for dhcp relay in dhcp static binding so those were added the support for an sxt back to bdc was added in vcd-1031 so we also added the support for the migration and finally about advertisement enhancements so this is for fully routing network topologies um so when you have a dedicated t0 or dedicated drf and where the tenant can advertise and choose to advertise specific cider blocks the we only had the first half of the migration are done in previous versions so it was replicating bgp neighbors and bias numbers and and other things but we were just missing the advertisement piece in the migration tool before 1.3 so that's done now so it's fully supported now to migrate um how to topologies okay and we also did uh you you notice the end more if you want to see everything there is a blog post that i wrote and published last tuesday or last wednesday the 1st of december or 2nd of december and you also have the release notes that details everything including the bird fixes and so on for example we added support for certificate based ipsec vpn or new digest algorithm supported and for example this those small enhancements um unblock three persons of the total workloads that we know are using those features or those specific configurations and three persons may not seem a big number but if you stuck this upon like uh hundreds of thousands of workloads or potentially millions of workloads i mean it's still a big number yeah totally um so rain well there's one more thing obviously talk about was the updated assessment mode but just before we get into that um what now in your view uh is the kind of priority on this migration how long are service providers got left and how many more instances do you think there will be of this tool before time runs out and will it be more um so the official date for the nfxv and that support oh and general support is january 16th and i remember that because it's at the wedding anniversary of my parents so i usually remember the day um so no there will not be further extensions so but it doesn't mean also that nsxb will stop working after that bait um so our customers and providers have different options uh by default if you don't do anything you will get one additional year of technical guidance like with almost all our vmware products um where we you can still open um support tickets to some extent uh but we won't be able to provide any hot fixes or hot patches um if there is any bug or security issue you can also purchase a support extension for a year that will replace technical guidance and and yeah after january 2023 it will be finished but again it doesn't mean that an ssb will stop working so if you haven't started to plan the migration or to even migrate i think now is a good time i know it's december and it's usually like production freeze and change freeze and so on but at least planning testing an sxt testing the nsx migration tool assess your environment if you haven't done it it's really helpful even if you don't share the reports with us uh really assess you have a detailed view as well uh that explains you which all vdcs have which challenges uh it's really helping you to prepare and finally remember that the the migration itself is granular so you do the migration by all bdcs or by pack or or four vertices so it's not done in one time so you may have like um i don't know uh 50 of all vdcs of the total workers that could be already migrating now and until you migrate those the next version will be there and we will add support for more uh features like halt the app network is coming in q1 um we also will have other improvements that can really talk or or discuss right now but the relatively up networks is is one that is blocking below 10 of the total number of workloads so that will also be added in a few months but in a few weeks now yeah and yeah if you haven't really started please start it's not too late never too late and it's granular so you can start with with all vdc's that are not blocked right now yeah and i'll make sure that all of the the links to the blogs and um the microsites and everything else are in this this um feature friday um but you know if a admin is not quite sure how to start then the assessment actually is the place to start right so let's work out what is your potential for more moving like i said groups of org vdc's or per org vdc um there's rollback for each one if i remember rightly uh so if there is a challenge it is automatically rolled back um you know it's a pretty safe migration mechanism by looks for yes exactly we have we built uh the migration tool uh around five design principles it's completely automated so it does everything for you including the creation of layer 2 bridging automatically for you from vlan or vxlan into geneve and it's completely automated from a dcd point of view so it does topology application it copies policies metadata the networks the edges all the services associated with the edges and so on and so on and it's granular so that's the unit of the migration is the older dc you can migrate up to 16 or vdc in a single migration phase so but it's still granular and it's non-destructive which means that at the end if you're not happy with the result you can automatically hold back yeah the fifth design principle is that we made the tool robust and safe so it does have a pre-check that will prevent any migration if it detects an unsupported topology an unsupported feature or something that is not healthy if if for any reason you have a uh i don't know a power outage or something um you can just resume the migration you just relaunch the cli it's just resuming happily from where it stopped automated hold back you have an error you just relaunch the cli and the dash dash hold back and it's just rewinding all the steps so that you're backing your initial state and we also introduced breakpoints for those who want a better control of the actual steps in the migration so now you can either skip specific workflows or execute only or run only specific ones which is also helpful yeah definitely so these are great principles to um to have and this is going to be a lot easier than doing it yourself um without without this tool um what's the feedback you know i'm curious what's the feedback been from providers who have used the tool for migration um it's hard to say we received a lot of great feedback because some providers actually discovered quite late that there is a tool that will help us to migrate we also have some mitigated feedback because well it's migration and obviously your migration is never like like something that you can that you are happy with and i've done migration in the past and i mean it's just for me it's regular maintenance work um so at some point it has to be done but it's um it's it's something that well you have to take care about um also the i have seen several providers that they because they don't know they they just don't start to think about the migration um so yes as you mentioned the assessment is really the place to start if you're running vcd it doesn't require any kind of knowledge it's just a binary download you have to provide the fqdn of vcd and provide username password and and that's it's button it doesn't touch vcd configuration it runs really fast and you have a good idea really a glance of where you stand for the migration and is there any um once the migration has happened is there any post checking that the tool does or you know is there any advice on how a provider should check the the orgs are running with the new networking configuration on t no we don't have like a post migration check um we just expect uh more like the operation teams from the providers or even the tenants to validate that all their workloads are happily running but no we don't have any final checks you have like a quick summary of what the tool has done and there is always that intermediate step where the tool exit so after the migration after the workload migration you are in a like in a temporary state and the tool exits and it gives you the opportunity to validate that everything is is working as is expected and so that's you are actually um in in that in that step and if you are and if before you do the cleanup if you don't do the cleanup you will have both suits and destination environments still running at the same time if you do the cleanup it will destroy the success environment but until you specifically ask to finalize the comp the migration or the transition it will it will not touch the source environment so that's also like something to help um to do additional checks for the migration yeah that's a great point so before you hit the clean up the cleanup should be the absolute end of the maintenance window um perhaps after the maintenance window because it's non-disruptive to the new configuration um but yeah definitely have work with your tenants to understand you know what their application uh what their applications are doing um and define a criteria checklist of the networking that's required to support those applications and that's up and running and and reachable indeed okay um so is there anything else uh about the the new tool that we we should know for this session remain uh no again the those are the the new features uh updated assessment mode we haven't talked about it but because we support additional features with all with every new versions well we have to update the assessment mode to reflect what's supported in that specific version um so if you run the assessment mode before you can just run it with the new version and you will see that things disappear from blocking items or from the can be mitigated items and then the the other features that we talked about so with with vcd versions bringing in more and sxt functionality as we go if someone's looking at this now um obviously they've got an nsxv environment hopefully they've stood up an nsxt environment they're ready to do migration perhaps a new on a separate b center perhaps on the same um if they're on vcd 10.1 for example or not the latest will they then would the advice be to upgrade vcd to take advantage of those new features as well so the migration tool then really knows that actually i'm migrating to the latest and greatest in nsxv sorry nsxt and vcd yes so there are two ways of seeing that um the first one is that the nsx migration for vcd tool has as a product it has a life cycle and we need we do q a and so we also have an interrupt matrix so if you go to interrupt vmware.com you you just search for vmware analytics migration for vcd and you will have the versions that the tool can interrupt with and versions that are like fully supported those are the versions that we officially tested and so that's one if you want to stay in the uh we said english in the swim lines about what's supported or not and some features that we migrate we actually have hard-coded checks in the migration tool to validate that you are in a certain vcd version because we rely on new apis from vcd that are introduced with each vcd releases and we rely on those new apis to actually be able to provide those new features if you take the example of the migration to a different vcenter server that requires dcd-1031 because the api to do that um successfully between two different view centers on all type of storage is only available since country one and almost most of the features that we add support for um have like a dependency on the vcd version the hcp relay the xcp static binding those were things that didn't existed before vcd-1031 okay so and and i guess that's the assessment tool is going to tell you that not really because the assessment tool you can run the assessment mode from any 10.x version it's just expect uh to be able to read the 10.x branch api and more i don't remember which it's 30 i think it's 29 or 30 and above api version yeah and and that's it but it doesn't you cannot extrapolate on which vcd version you need to correct each looking item for some it will be quite simple because for example if you just have had an issue with ddpg backed network pools that's now supported since 0 and the country one and so on and so on so some some of the features that you want to migrate are related to older versions of vcd and some of the new features that we have required the latest and greatest as you said okay okay so that's a another kind of level of checking that perhaps this the adventure do first is make sure that the the features you need um for nsx for for the migration are supported in 10.3 also in you know whatever version of vcd it might be okay and that should probably be your your pre-step right to to upgrade vcd first to that environment and then look at the nsx vt migration sorry you're immune sorry yeah indeed um well upgrade just before the migration you don't have to upgrade vcd for the assessment but before the migration yes yeah absolutely okay great um well that suddenly solves a lot of questions in my head and romaine thank you very much for running through uh 131 like i said i'll make sure all the links are in the description of the video so um you know people can read more about it um anything final to add remain before we close uh hello uh nothing except like re-emphasizing that you should start migrating if you haven't yeah exactly and um there are other routes as well to reach out for support and questions like the slack channel for example um i think you've got have you got an email address as well apart from the assessment address uh no the assessment i'm reading the assessment uh alias so i can answer to that also and the indeed the slack channel the slack workspace it's you will have the link but it's cloud providers i'll post in i'll post it in the description yeah okay the slack channel is brilliant you know if if people need um not necessarily support but just have a question um you know if you want support obviously raise a gss ticket but if you've got a question about something you've pretty much got follow the southern coverage with our slack channel because our engineers are global which is is quite cool and obviously you can then talk to other you know colleagues in the same situations perhaps and relay information and obviously we're on monitoring it so we can obviously take feedback as well through that channel romaine thank you very much for your time today really appreciate it true happy to join anytime [Music] you
Info
Channel: VMware Cloud Provider
Views: 98
Rating: undefined out of 5
Keywords: vmware, NSX migration, VMware Cloud Director, Cloud Providers, VMware Cloud Providers, VMware Cloud Provider Program, NSX Migration for Cloud Director 1.3.1, NSX migration tool, NSX Migration for VMware Cloud Director 1.3.1, VMware NSX migration for VMware Cloud Director
Id: PIesSyYI6us
Channel Id: undefined
Length: 31min 47sec (1907 seconds)
Published: Wed Dec 15 2021
Related Videos
Feature Friday Episode 69 - Tanzu mini Series, Episode 1 - The Basics
VMware Cloud Provider
402
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.2M
The four-letter code to selling anything | Derek Thompson | TEDxBinghamtonUniversity
TEDx Talks
2.3M
I Built This From A 1972 Popular Mechanics Magazine Plan. Does It Work?
Fireball Tool
2.2M
Log4j & Log4Shell - Apple AirTag Abuse, Amazon Outage and Cloud Dependence, New WordPress Threats
Security Now
3.2K
To Late to Start GPU Mining?
brandon coin
10K
HomeLab Services Tour Late 2021 - What am I Self-Hosting in my HomeLab?
Techno Tim
64K
Watch Elon Musk at 2021 Tesla Shareholder Meeting (full presentation)
CNET Highlights
600K
Hop on Pop | LINUX Unplugged 436
Jupiter Broadcasting
601
VMware vCloud Director and how it works by David Hill, Backup Academy:
BackupAcademy
13K
$250 Slab To $7700 Table
Blacktail Studio
3.6M
FortiGate 60F HA Cluster Build
Fortinet Guru
1.8K
Torch Cutting Basics Everyone Should Know | Oxygen & Acetylene Fuel
WeldTube
699K
HOW TO MAKE A SUPER EXTENSION CORD! (Perfect for Christmas!)
Stud Pack
1.1M
Journey Through the Cloud - Security Best Practices
AWS Online Tech Talks
64K
Large Format Camera Still life, using 1 hour Stand development in 510 Pyro developer
Martin Henson
3.7K
VMware on a Raspberry Pi!?!?! (ESXi Install)
NetworkChuck
520K
Feature Friday Episode 73 - Tanzu mini series, Episode 4 - TMC
VMware Cloud Provider
84
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.