In this post, we'll report about OnApp for VMware with NSX Integration. In our first post, we have shown the different possibilities that admins have when seeking for a solution when they can create private clouds with isolated resources with OnApp by using only VMware vSphere (or with vCloud Director). VMware users that are running vCenter and vCloud Director can automate cloud orchestration, provisioning, templates, packages, user management, and metering through a single portal.
OnApp and NSX bring complete L2 L3 switching and allows you to configure Advanced Edge services within the OnApp UI. Also, you receive access to full end-to-end provisioning instead of a limited one. You can manage firewalls, load balancing, and VPN services, through NSX.
VMware NSX support has been added in 2019 and NSX-T is coming in Q3 (I'll most likely update this post with the official support). Basically, the NSX integration into OnApp allows you to manage NSX without the need to leave the OnApp UI.
NSX is enabled by default in OnApp, there are just two steps to activate and start using it. First, you need to set NSX credentials in order to communicate with NSX. Second, you need to import vCloud edge gateways to OnApp.
The NSX Manager is used to deploy a universal controller cluster that provides the control plane for the NSX environment. As such, the component, after importation to OnApp, you can view and edit imported vCloud edge gateways in OnApp interface.
Firewalls within NSX allows monitoring of North-south traffic and helps you to establish a perimeter security functionality with firewall, Network Address Translation (NAT), and site-to-site IPSec VPN.
Via OnApp, you can manage NSX firewall service separately for each vCloud edge gateway in your cloud. You can enable and disable firewall for the entire edge gateway or enable some of the rules on the list.
NAT Rules for NSX
You can associate a NAT service with an uplink interface on an Edge Gateway so that addresses on organization VDC networks are not exposed on the external network. It is possible to modify or add new NAT rules by using the OnApp control panel.
Control Panel > Cloud > Edge Gateways > Edge gateway's label > Nat Service tab.
NSX Load balancers (LB)
NSX Edge LB is able to distribute network traffic across multiple servers that you configure behind the Load balancer (LB). Incoming service requests are dispatched depending on the load on the backend. NSX edge is able to provide load balancing up to the L7 layer. The load balancer accepts TCP, UDP, HTTP, or HTTPS requests on the external IP address and decides which internal server to use.
NSX IPSec VPN
IPSec VPN protects and secures private communications over IP networks. It is able to authenticate and encrypts packets leaving node A to node B. You can use site-to-site VPN for connection to your remote offices.
NSX L2 VPN
L2 VPN will allow you to stretch multiple logical networks (VLAN and VXLAN) between different physical sites. It's possible to configure multiple sites on an L2 VPN server. L2 VPN helps to extend your datacenter by allowing VMs to retain network connectivity across geographical boundaries. The VMs stay on the same subnet when migrating them. No need to change their IP config.
NSX L2 VPN configuration has 3 steps:
- Configuration of your destination edge – L2 VPN server
- Adding peer sites to the L2 VPN server
- Configuration of your source edge – L2 VPN client
OnApp has a complete portal replacement for vCenter and vCloud Director. It adds billing models, new service types, easy multi-cloud management, and secure self-service. With NSX support you have a possibility to manage L2, L3, firewalls, load balancing, and VPNs. OnApp is an approved VMware portal partner. OnApp solutions are available through a VMware Cloud Provider Program as well.
OnApp is an intuitive, wizard-driven front-end for vCloud Director and vCenter that your customers can use as a self-service portal, or your admin teams can use to provide managed cloud
Admins can create their own catalogs based on their choice of the storage policy. They can upload vApp templates from a local repository or from the Internet.
OnApp billing models are flexible and help you to charge for resource pools with multiple billing models, such as contract-based, pay-as-you-go, contract with-burst, and pay-as-you-grow. You
OnApp has chargeback capabilities that are designed for vCloud Cloud Providers.
Screenshot of Service Provider UI
OnApp Website for further details is here.
More from ESX Virtualization
- vSphere 7.0 Download Now Available
- How To Test Network Connectivity with netcat utility in VMware environments
- vSphere 7.0 Page [All details about vSphere and related products here]
- VMware vSphere 7.0 Announced – vCenter Server Details
- VMware vSphere 7.0 DRS Improvements – What's New
- Upgrade from ESXi 6.7 to 7.0 ESXi Free
- What is VMware Skyline?
- What is vCenter Server 7 Multi-Homing?