0%

I had a great time visiting Chicago and attending KubeCon NA 2023. This was my first in-person KubeCon .. I very nearly attended the 2nd KubeCon NA in Austin back in 2017 (when it snowed in Texas!), but work kept me in San Antonio for the duration of the trip.

With this trip, I also had the chance to participate in the co-located CiliumCon NA, which was a full day of presentations related to Cilium CNI topics, and really kicked things off and got me into a k8s state of mind for the rest of the conference.

There were quite a few interesting presentations, which will take some review to process. In the end, I started jotting keywords to search for review later :lol: I enjoyed Tim Hockins keynote on how far Kubernetes has come.

A fun event during the week was getting to watch the premier of the eBPF Documentary https://www.youtube.com/watch?v=Wb_vD3XZYOA with several of the key players in attendance! Immediately after, I attended the Cilium Hive Mind Mingle, which was a celebration of all things Cilium, eBPF and Isovalent.

I think this conference may replace my VMworld / Explore yearly attendance of the past decade, both because of my job focus and the very different vibe of the 2 conferences: Explore has refocused on client stories (rather than technical deep dives), but is still a commercial focus; KubeCon has that OSS energy, with constant inovation and an impossible number of things to investigate.

It's been a few weeks since I returned from VMware Explore 2023 in Las Vegas, which has given me some time to review the information I gathered from sessions and hallway track discusions with Product team members. A few of the items and features of interest:

  • NSX 4.1.1 feature - VPC for tenancy, essentially allows for users to provision their topology. In addition to the Projects feature, the new VPC feature allows for granular RBAC access to create objects without being able to see all objects of that type. This should be great for integrations with mult-tenant CI/ CD flows in Tanzu
  • Tanzu - Good tips on resource management for TKG: each vSphere cluster should have independent storage. Use tags on datastore for use by storage polices. Don't allow user self-service of the vSphere namespaces.
  • NSX Monitoring - NSX Ops Playbook - contains recommended API endpoints for Operational checks and training. Tips on how to check resources, for example: using load_average instead of running top on the appliance; checking garbage collection frequency instead of monitoring memory; RSS only works on same NUMA node, and check drivers.
  • vRNI (ArON) - new application topology in 6.11. They've also upgraded the UI, with better drill-down.

I will be testing some of these in the Lab when I get time, particularly the NSX VPC feature. Interested in checking if quotas on VPC work!

I can't express how much I love some of the new features in Network Insight (Operations for Networks .. bleh). The new heatmap feature in ArON (vRNI) 6.8 is the simplest way to get a quick status on your vCenter and NSX solution health. It is much faster than looking at the list of Issues and filtering by solution.
I recommend reviewing the Product Tour (under Help in top-right) for additional features: the Troubleshooting feature that was demonstrated at VMware Explore looks extremely promising.

With the rebranding from vRealize to Aria, vRealize Network Insight (vRNI) has become Aria Operations for Networks. I met some of the Product Team at VMware Explore 2022, and they are trying out the ArON acronym; I always preferred “Network Insight” as the most descriptive.

There is also a new release (though all the docs still use the old naming): https://docs.vmware.com/en/VMware-vRealize-Network-Insight/6.8/rn/vmware-vrealize-network-insight-68-release-notes/index.html
The most obvious change is the new Home page you start on upon login. One neat feature is the heat map view of issues, you can click on the tiles to jump to the objects.

It will take a bit to get used to the navigation changes, but overall I expect Network Insight to remain an important tool in our troubleshooting and microsegmentation toolkit.

Without much fanfare NSX 4.0.0.1 released earlier this month. Among other features, there is IPv6 support. However, a big requirement is you must complete your N-VDS to VDS 7.x migration before upgrading to NSX 4.0 Oh yes, the NSX-T name is now retired (along with NSX-v), so NSX-T is now .. plain NSX.

Here's the release notes: https://docs.vmware.com/en/VMware-NSX/4.0/rn/vmware-nsx-4001-release-notes/index.html

The release notes include a link to this extremely detailed doc on N-VDS migration: https://kb.vmware.com/s/article/79872

There was a quick 3.2.0.1 patch in January for critical bugs (related to log4shell still I believe), but almost 6 months after 3.2, we finally have 3.2.1. With 4.x already being discussed for “Cloud First” environments (such as VMC on AWS), and pushes towards managing your NSX-T via vRealize LifeCycleManager, better get those 3.1 versions upgraded now before automation takes it out of your hands! :lol:

Here's the latest on 3.2.1: https://blogs.vmware.com/networkvirtualization/2022/05/nsx-t-3-2-1-rolling-upgrade-for-nsx-management-plane.html/

Don't forget to follow the Upgrade Checklist: https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/upgrade/GUID-E35506A7-8050-482A-BABA-F356D2AC3B65.html

Red Hat sent out the link for their Virtualized Summit Session Catalog yesterday, check it out: https://summit.redhat.com/conference/sessions

Some interesting sessions:

  • Demystifying systemd
  • RHEL 8 performance and tuning
  • Conquering the edge
  • Defend yourself using built-in RHEL security technologies
  • When to use to a rules engine
  • Using cloud-native technology to modernize applications