Posts in this series
It is with great relief that I can announce I have passed my VCP NV (Network Virtualisation) having been caught out by the difficulty of the exam and failing previously.
I was fortunate to attend a VMware internal bootcamp (roughly equivalent to the ICM course) for NSX and have had experience deploying production NSX environments, so that is by far the best preparation. As always, the exam blueprint is crucial, you *have* to know all areas covered there. I've also been reading the documentation and design and deploy guides published by VMware, and completed the basic and advanced hands on labs that are also freely available. On top of that there is the official practice exam which I strongly suggest you do as it reflects the real exam well, and there are a series of fantastic practice tests by Paul McSharry available while provide a decent test of knowledge.
It's a typical VMware VCP level exam consisting of 120 multiple choice questions with 120 minutes to answer them. That's 1m per question, it may not sound a lot but there are plenty of questions you will answer in seconds. I completed the exam in about 1h25m. Other than that there's not a huge amount to say about the exam itself due to NDAs!
Advice for takers
Study the blueprint, it really does cover everything you need!
It seems obvious, but know the packet walks and understand how encapsulation changes packets
Have a clear and precise understanding of the components and architecture, and what the use cases are
If you have access to the binaries, install, break, fix, remove, repeat! If not, HOL, you don't have to follow the guides, you can do your own thing.
My score wasn't great (a pass is a pass right?) so I'm keen to go back over some weaker areas to start with. I am definitely going to look at recertifying my expired CCNA, as this is really good knowledge to take into any NSX engagement. With the VCIX exam recently released, I'll look towards that also. Finally, lots of lab work with vCAC 6.1 and NSX to really maximise its potential. NSX shines when you see it automated.
Posts in this series
After a bit of a rocky start (missed my flight and the partner day due to tendonitis in my knee) I arrived in Barcelona for my 2nd VMworld Europe. I headed straight from the airport to the PernixData party and caught up with the rest of the Xtravirt guys.
Tuesday morning started as ever with a keynote address. It was a little disappointing, but not unexpected, that there were no real announcements or reveals in the keynote. It was essentially a repeat of the VMworld US keynote with a couple of new betas announced. Nothing really revolutionary, a new vCloud Air datacenter in Germany and some new partners for EVO:RAIL. It's interesting to see that the pace of traction for both cloud and hyperconverged is increasing for VMware's portfolio though.
My first session of the day was #MTG1969, vCloud Automation Center and NSX Integration Technical Deep Dive. This was a great session covering the integration of NSX and vCAC, two areas close to my heart Combining the two allows for repeatable on demand application delivery, from simple one tier to multi tier multiple blueprint applications. NSX really comes alive and shines when paired with automation. I was particularly pleased to see the vCenter Orchestrator plugin for NSX is fully featured in 6.1 and some significant improvements have been made.
After a quick lunch and some time in the hang space and solutions exchange I went to my second session of the day, #NET1743, VMware NSX Technical Deep Dive. I have been fortunate enough to have been on the VMware internal NSX training and actually done some real world deployments, so I have had a lot of exposure to NSX. Unfortunately this meant there was no new content for me, but the session was presented well and was well received.
To cap off a day of NSX focus, I also spent some time working through HOLSDC1425, VMware NSX Advanced. This is a great way to get some hands on experience with advanced NSX services (over and above the standard routing, switching and firewall functionality available in the basic NSX HOL). Subjects included DHCP relay, scale out L3 connectivity including configuring OSPF and ECMP (very cool!) and Layer 2 VPN. There are also some examples of 3rd party integration with Symantec and Riverbed.
In the evening we headed over to the solutions exchange for the drinks reception, then on to the vExpert/VCDX reception, and finally the vJamon event. By far my favourite was the vJamon event, which was hosted in a great venue with live music and good food, and overall a really good event sponsored by Cisco and Intel. These events are a fantastic opportunity to network with peers and meet up with colleagues and are one of the most valuable features of VMworld for me.
All in, a great first day, even on crutches! Looking forward to more tomorrow.
With the release of vCAC 6.1 there have been some great improvements in the setup of the clustered vCAC appliances - none of the previous copying of configuration files between appliances - just a simple wizard to do it all for you. In my opinion this is superb.
You'll need to have deployed a load balancer of some sort - vCAC 6.0 build-out to distributed model – Part 3.1: Configure Load Balancing with vCNS or vCAC 6.0 build-out to distributed model – Part 3.2: Configure load balancing with NSX
Deploy vCAC Appliances
Deploy three vCAC appliances by running through the OVF deployment wizard, two to be configured as vCAC Appliance nodes and one to be the external vPostgres database.
Posts in this series
- vCAC 6.0/6.1 build out to distributed model: Deploy the Identity Appliance
- VCAC 6.0 build-out to distributed model – Part 1: Certificates
- vCAC 6.0 build-out to distributed model – Part 2: vPostgres
- vCAC 6.0 build-out to distributed model – Part 3.1: Configure Load Balancing with vCNS
- vCAC 6.0 build-out to distributed model – Part 3.2: Configure load balancing with NSX
- vCAC 6.0 build-out to distributed model – Part 4: Deploying and clustering a secondary vCAC Appliance
SSO is a fundamental requirement when deploying vCAC, whether for a distributed or simple installation. This walk through goes through the deployment and configuration of the vCAC Identity Appliance, which provides a stand alone SSO instance for vCAC.
Some of the posts in this series are completed with vCAC 6.0.1, others will be with 6.1. Where there are differences I will aim to point them out!
Deploying the OVF
Deploying the OVF is very simple, just run through the wizard:
The appliance will perform a reverse lookup to get it's hostname - if you have pre-staged a DNS A and PTR record, and have a reservation set for the VM. If you statically assign an IP address, make sure you use the FQDN in the hostname field - not doing so will cause issues with the self-signed certificates and also when you join the Active Directory domain.
The NSX Edge Gateway comes pre-armed with the ability to provide an SSL VPN for remote access into your network. This isn't a new feature (SSL VPN was available in vCloud Networking and Security), but it's worth a run through. I'm configuring remote access to my Lab, since it's often useful to access it when on a client site, but traditional VPN connections are often blocked on corporate networks where HTTPS isn't.