One of the powerful use cases for virtualization technology today is network virtualization. In the same way that server virtualization abstracted the underlying physical hardware from the server workloads, network virtualization abstracts the network from the underlying physical network hardware. Network virtualization brings tremendous benefits from the standpoint of provisioning, programability, automation, security, compliance, micro-segmentation, and many others. Once network virtualization is introduced into an existing environment with more traditional topologies and network tooling in place, it can be difficult in “day 2” operations to get a handle on the operational, planning, and troubleshooting aspects of the network with network virtualization involved. VMware’s NSX software defined networking is arguably the leading network virtualization platform out there. Bolting NSX onto an existing environment can bring some of the challenges mentioned. However, VMware’s vRealize Network Insight is a tool that helps tremendously in gaining visibility into the SDN environment, understanding traffic flows, and troubleshooting. Let’s take a look at
VMware vRealize Network Insight 4.0 Released New Features Installation Overview to see what’s new and understand how it is installed.
VMware vRealize Network Insight Benefits
So if you have never used vRealize Network Insight or vRNI before, you might wonder about the benefits of using it in conjunction with NSX, especially if you have networking experience and are familiar with the physical constructs already.
With the abstraction layer with software defined networking where traffic is flowing across VXLAN based tunnels between vSphere ESXi hosts, traditional tooling will lack the needed visibility into what is actually going on in the virtualization layer, logical switching, virtual switches, etc. This is where vRNI comes into play. With vRNI, you can fully understand the traffic flows between virtual components, despite the layer of abstraction that is running in the environment.
VMware vRealize Network Insight is also key in the planning phases for microsegmentation objectives since it helps to see where possible security vulnerabilities might exist with current traffic flows and how to plan out your microsegementation strategy. In day 2 operations, troubleshooting of course becomes extremely important. With vRNI, troubleshooting NSX becomes much simpler since you have the visibility, monitoring, and tooling, all within a single pane of glass to be able to properly troubleshoot potential issues.
As we will see, this feature set has now been extended beyond on-premises environments and out to the hybrid cloud and public cloud. Let’s take a look at VMware vRealize Network Insight 4.0 Released New Features Installation Overview.
VMware vRealize Network Insight 4.0 Released New Features Installation Overview
One of the perhaps biggest features of this release of vRealize Network Insight 4.0 is support for VMware Cloud on AWS. This allows you to have insight into the traffic flows for security planning in the context of VMware Cloud on AWS. Additional support has expanded to various other hardware devices and technologies including Cisco ASA, Cisco ACI, and BGP-EVPN.
One of the really cool features is that you can now map and trace traffic flows between VMs running in VMware Cloud on AWS and on-premises environments or between EC2 instances running in AWS. There are a wide variety of expanded support including sFlow support, and F5 router visibility.
With the VMware Cloud on AWS support there is a lot of potential benefits to customers today with this functionality. Hybrid cloud applications that have flows happening between on-premises VMs and other VMs running in the public cloud can present challenges with troubleshooting, or with tracking down performance issues.
When mapping out flows between VMware Cloud on AWS and on-premises, vRNI 4.0 allows you to see a wide range of details including VMs, hosts, security posture, network configs on each side. You can drill down into each element on each side to show further information about specific configuration and any problems that may exist.
With vRNI 4.0 you can view traffic patterns at the application level to understand how traffic is moving at an application layer. Once customers rationalize and plan micro-segmentation and implementation, vRNI can recommend firewall rules moving forward which can be implemented.
Additionally updated among other things for this release is NSX-T datasource support. NSX-T is certainly looking like the way forward with the NSX product and each release of VMware products has been adding additional support for NSX-T in general. The new vRNI 4.0 release adds quite a few heal-related events and sensors such as issues with connectivity between various NSX components. These could include flow counts, dropped packets, API calls, byte counts and others. Metrics and statistics are also provided for NSX-T logical switches, logical ports, router interfaces, and firewall rules.
Pinboards in vRNI 4.0 become searchable so that pinboards are returned in searches. You can also set a pinboard as your homepage in vRNI so that your most used or needed information is the first information presented and easily accessible.
The installation of VMware vRealize Network Insight 4.0 is fairly straightforward, however, contains a few items to know about. What do you need to install it? There are two OVA appliances that you will need to deploy in the environment to get up and running with VMware vRealize Network Insight 4.0. A word to the audience here if you are labbing with these. The requirements for these VMs are not trivial. The platform VM is provisioned with 32 GB memory and 8 vCPUs. The proxy VM is configured with 12 GB of memory and 4 vCPUs. A note here, for me, in the home lab environment, I have cut down the platform appliance to 8 GB of memory and the proxy appliance to 4 GB of memory and so far have not any any performance issues. Keep in mind this is not supported in production.
The two files downloaded from VMware are as follows:
- vRNI Platform OVA – VMware-vRealize-Network-Insight-18.104.22.1685292702-platform.ova (at time of writing) (size 6.2 GB)
- vRNI Proxy OVA – VMware-vRealize-Network-Insight-22.214.171.1245292702-proxy.ova (at time of writing) (size 5.1 GB)
The process to deploy vRNI in general is a bit out of the ordinary from the standpoint that you deploy the platform appliance, get the network and basic configuration set, login to the web UI and start the setup wizard. Part of the wizard is generating a shared secret that you enter in the deployment of the proxy appliance during the actual OVA deploy. This ties the two together. Once the proxy appliance is up and running, the initial setup on the platform appliance will “see” the proxy come online and will allow you to finish out the installation.
Hopefully this VMware vRealize Network Insight 4.0 Released New Features Installation Overview will help with the overview of the process itself. The new features contained within vRNI 4.0 are extremely powerful considered the new VMware Cloud on AWS support as well as enhanced NSX-T support with the product. We have only scratched the surface with the installation so far. Next up I will take a look at installing the VMware vRealize Network Insight 4.0 Platform appliance and the steps involved to deploy this part of the vRNI 4.0 infrastructure.