VMware NSX is certainly a VMware product that garners much excitement from admins much as other software defined VMware technologies such as VMware vSAN do as well. VMware has really knocked it out of the park with NSX 6.4. As many others have put it, this feels like a major dot “O” release instead of a minor revision as the slightly incremented version number makes it appear. There are many extremely exciting features with this release and NSX’s first release with HTML5 functionality! Without further ado, let’s take a look at VMware NSX 6.4 Released New Features and Upgrade.
VMware NSX 6.4 Released New Features and Upgrade
As mentioned, this is a massive release of NSX. Let’s list out a high-level view of the added features and detail some of the new functionality that is contained therein.
- New Security Services additions:
- Now includes layer 7 features! New Identity Firewall (IDFW) is able to apply firewall rules based on App ID. This new functionality is made possible by a new App ID presented in the network traffic flow. This can include DNS, RDP, SSH, AD, and others.
- Another very cool feature of the new Identity Firewall is the ability for it to distinguish between different user traffic on the same host. A common use case for this would be securing an RDP/RDSH server that has multiple users logging in and out. If one user needs a different security policy applied, using the new IDFW, this can be done. This is made possible by NSX 6.4 and its ability to identify and distinguish between network traffic of different users.
- This is made possible by the “Guest Introspection” VMware tools component as it allows mapping various users to their respective network flows.
- New HTML5 vSphere client support. New with NSX 6.4, HTML5 is support (albeit a very minimal set of functions). However, this is the release that officially gets HTML5 out there, and we can only imagine every subsequent release will add to this functionality. Also, the NSX dashboard has now been rewritten in HTML5. The supported functionality includes:
Functional Area NSX Release Release Date Supported Functionality in the vSphere Client Dashboard 6.4.0 Jan 2018 Dashboard > Overview
Dashboard > System Scale
Upgrade 6.4.0 Jan 2018 All functionality Tools: Packet Capture 6.4.0 Jan 2018 All functionality Tools: Support Bundle 6.4.0 Jan 2018 All functionality
- Upgrade Coordinator – New with NSX 6.4 is the “Upgrade Coordinator” that provides a simplified single pane of glass view to both planning and executing an NSX upgrade. This includes one-click and custom upgrade plans as well as pre and post upgrade checks.
- New System Scale dashboard
- A Central CLI for DLR, logical switch and edge distributed firewall.
- New Support Bundle to collect a support bundle thorugh the UI with a single click
- Packet capture tab allows capturing packets through the UI.
- Controller Disconnected Operation or CDO can now be enabled from the Management tab on the secondary site to avoid interrupting data plane connectivity in a multi-site environment.
- API improvements – API now includes JSON support. NSX now offers choosing between JSON or XML for data formats.
Needless to say, this is an exciting release for sure! You can check out the official release notes here: https://docs.vmware.com/en/VMware-NSX-for-vSphere/6.4/rn/releasenotes_nsx_vsphere_640.html
VMware NSX 6.4 Upgrade Process
The upgrade process with the traditional method is the same straightforward process of upgrading your NSX Manager, Controllers, Host VIBs, etc. The screenshots below, I am simply using the traditional process to upgrade, no Upgrade Coordinator, as I had some quirky things going on with my lab environment that required a more manual approach. However, look for a future post on this very soon.
Login to the NSX Manager and choose the Upgrade button.
Choose the upgrade package downloaded from VMware for NSX 6.4.
Upload the upgrade package file.
Note, if the upgrade detects that you are affected by the “APIs could fail due to cleanup of API server reference files” issue, it will be noted as below. Read through the VMware KB for details: https://kb.vmware.com/kb/2151719.
You are directed to perform an NSX Manager backup process before proceeding with the upgrade.
Below is a quick look at output from performing the steps mentioned in the VMware KB for the failed API cleanup. I am using Postman below to perform the noted steps.
After running the NSX Manager upgrade, the UI will log you out. After logging back in, you should see the new version 6.4.0 Build 7564187 and the services will need to start. They will most likely be in the Starting… state.
After a couple of minutes, the service should be in the Running state.
At this point, if we go back out to the Networking and Security menu >> Installation >> Management we will see the Upgrade Available designated.
After clicking on the Upgrade Available link, confirm the upgrade to the controllers.
The upgrade process for the VMware NSX controllers begins.
The controller(s) will reboot.
Now, we see both the NSX Manager and the Controller nodes correctly displaying the new 6.4 version.
Next, if we navigate over to Host Preparation, we will see the Upgrade available link for upgrading the host VIBs.
Next, we confirm the action to upgrade the host VIBs.
If the hosts are not in maintenance mode, you will see the Not ready error appear.
Rolling through vMotioning over VMs, from one host to another, you will see the VIBs get updated on the hosts as they are brought into maintenance mode.
Now, we see the cluster/hosts correctly reflect the new VMware NSX 6.4 version.
An exciting thing to see is the Networking and Security option now in the HTML5 UI web interface!
A quick look at the Networking and Security Dashboard.
The Upgrade Coordinator, new to VMware NSX 6.4, allows some really great automated/scheduled options related to NSX upgrades.
The system scale dashboard is a really great addition to NSX as it allows seeing real time statistics on NSX utilizing and capacity. Are you getting close to limits in the NSX infrastructure? The System Scale dashboard will help administrators easily see if they are nearing any limitations.
You have most likely seen others make the comment that VMware NSX 6.4 is a major release and it surely is! This feels much like a major revision with all the new features and functionality that has been packed into this release. The new HTML5 support is exciting as this signals the process at least officially to get NSX fully supported in the HTML5 client. This will be one more major integration that will have successfully been ported over to the HTML5 client once the other features are moved over in future releases which will hopefully be soon. Hopefully you have enjoyed this look at VMware NSX 6.4 Released New Features and Upgrade process. Look for future posts coming soon exploring more of the new functionality.