Upcoming Book: Automating NSX for vSphere with PowerNSX

Automating NSX for vSphere with PowerNSX

I’d like to announce today an upcoming VMware Press book titled Automating NSX for vSphere with PowerNSX. In collaboration with Nick Bradford and Dale Coghlan, it will be a free book published by VMware and the NSBU. It focuses on PowerNSX and getting started with it. Have a look at the mockup cover below:


This book serves as a primer for those looking to automate NSX for vSphere with PowerNSX. Whilst it is not a complete and exhaustive reference of every PowerNSX cmdlet it does include more than enough to start using PowerNSX.

Clocking in at around 95 pages and 24,000 words this book covers off the following areas:

  • Tools and Cloud Management Platforms
  • About PowerNSX
  • Getting Started with PowerNSX
  • Connecting with PowerNSX
  • Logical Switching
  • Distributed Routing
  • Edge Services Gateway
  • NSX Edge Load Balancing
  • Distributed Firewall and Objects
  • Cross venter and PowerNSX
  • Administrative Operations
  • Tools built with PowerNSX
  • Using PowerNSX to interact directly with the NSX API

As you can see it covers off most of what PowerNSX can do.

Along with numerous examples it also has an overarching Progressive Example. This Progressive Example builds as the book goes a long so readers can follow along and build the same environment.

I look forward to sharing more details when it comes to print. The manuscript is with the type-setter now. It will first be available in print for free at VMworld US and EMEA this year. It will also be available as a free download as a PDF like Micro-segmentating VMware NSX by Wade Holmes.

I hope to be able to send copies to most VMware offices globally so get in touch with your local VMware team or check back for a link to download it.

NSX 6.3.0 Released

On the 2nd of February VMware released the next major release of NSX for vSphere. NSX for vSphere 6.3.0 adds a number of new features. Here is some more detail about some of the more useful additions.

Universal Security Tags

A personal comment – “Hell, It’s about time”.

Building Universal firewall rules have quite simply been a pure headache until now. How did you define a remote group membership for a Virtual Machine? If a workload migrated to another vCenter how did it gain its security policy?

Universal Security Tags allow a local machine to be configured with a tag that is used by all xVC vCenters. This allows membership to be far more deterministic and the Security Group added to rules accordingly.

It is good to see cross vCenter becoming more mature.

Distributed Firewall Timers

Granularity where required.

Timers have always been a weapon of Firewall Admins to help application admins to odd things. Standard sessions timers have been the bane of many DB admin’s around the world. NSX for vSphere now allows customers to configure per VM and even per vNIC. A Distributed Firewall session timer configuration can tweak and modify a selection of TCP, UDP, and ICMP settings and then be applied to a single or group of VMs and their relevant NICs.

Read more on Session timers here VMware Documentation Library

I will be covering this in more details soon.

Reboot-less upgrades

Reboot-less upgrades allow administrators who are performing an NSX for vSphere upgrade to skip the slow part – rebooting a host. Hosts with large memory, VSAN configuration, and other settings can take a while to boot up (~15 minutes). Multiply that by the number of hosts in each cluster for each cluster and quickly you begin to have a long upgrade window.

When a host is being upgraded it is placed into maintenance mode automatically by the upgrade process. This serial process will evacuate a single host into maintenance mode and the upgrade of the NSX VIBs will occur. The validity of the upgrade and ‘readiness’ of NSX is validated before then release it from maintenance mode.

This starts to make the upgrade process a little more mature and less lengthy.

Read the release notes about 6.3.0 here: 6.3.0 Release Notes

Check out more here with VMware’s official Release post : Introducing VMware NSX for vSphere 6.3 & VMware NSX-T 1.1  – The Network Virtualization Blog