The networking space has experienced a massive shift over the last couple of decades. Traditionally, a typical migration would include a 4-hour drive to a dark basement datacentre to migrate an aging hub to a brand new ethernet switch, that (if you were lucky) had VLANs and even did some routing!

I’m sure we can all agree that a lot has changed since then and over the past decade Comms-care has been taking its customers on the next step in the networking evolution; software defined networking. Technologies such as VMware NSX and Cisco ACI have enabled our reseller base to automate and simplify networking operations which means less visits to dark basement datacentres each time we need a new network function, such as a router, switch, or security appliance.

The next evolution is the modernisation of Applications that are no longer suited to a single location such as a dark basement datacentre, private cloud, public cloud or even network edge such as a 5G mast. Infrastructure solutions now need to be agile and allow for modern applications to control the network and other infrastructure resources that they require, in some cases without any human intervention. From a networking and security perspective, this is where VMware NSX-T or as it is now referred to, NSX Data Centre comes into play.

NSX Data Centre and NSX Cloud provide a unified networking and security model across sites, eliminating manual network configuration and achieving high operational efficiency through network automation. Network and security policies remain with the individual workload through its lifetime, simplifying policy and management in hybrid and multi-cloud environments. NSX Federation enables centralised policy management across locations (on-premises and cloud), offering operational simplicity and consistent enforcement across clouds.

 

Migration of NSX-V to NSX-T

Customers have been using NSX-V in their vSphere environments for the last few years in their private datacentres. It’s what the product was purpose built for and it does a great job, but it has some restrictions for both today’s and tomorrow’s application requirements. It is only for vSphere based VMs and has a one-to-one integration with vCenter. What’s more, NSX-V will reach End of General Support (EoGS) on 16th January 2022, meaning that VMware will no longer be providing bug fixes or product updates.

NSX-T has reached a new level of robustness and feature richness. For customers on the older variant, active engagement in migration discussions now will ensure there is enough time provisioned to plan a proper migration.

Customers are now looking to migrate to NSX-T to enable:

  • Multi-hypervisor Networking across VMs, Containers, Bare metal
  • Multi-cloud Networking and Security with VMware Cloud Foundation, VMC on AWS, Azure and Google Cloud
  • Unified Networking and Security across various Kubernetes Platforms
  • Full-stack Automation with Declarative APIs
  • Consistent Networking and Security Policies across Deployments
  • Single Pane of Glass Operations from Global NSX Manager
  • Layer 2-Layer 7 Application-aware Firewall
  • Advanced Threat Protection with IDS/IPS, NTA

Comms care has assisted customers with many migrations as well as greenfield NSX-T deployments.

To help shed some more light on this, I’d like to take you through some of the various methods of migration:

  1. Co-Exist

In this model, NSX-T is deployed alongside NSX-V. The two infrastructures may share some hardware resources such as management and Edge clusters. Migration in this case is limited to deploying new apps in the new infrastructure and letting the old apps die over time. As the NSX-T environment grows and NSX-V environment shrinks, compute resources may be repurposed from NSX-V to NSX-T.

This model is useful when planning to deploy NSX-T with a different architecture/design. In this case, NSX-T design does not depend on the existing NSX-V; however, there is an additional burden of managing two different infrastructures.

 

  1. Lift-and-Shift Migration

With this method, NSX-T infrastructure is deployed in parallel along with the existing NSX-V infrastructure. The key difference from the co-exist model is migration of the configuration and workloads from NSX-V to NSX-T. There are then two migrations that need to take place, the configuration of NSX and the migration of the workloads to the new NSX-T cluster.

The NSX configuration migration can use a mix of available tools or manual configuration, with the NSX-T 3.1 Data Center release, Migration Coordinator includes modular migration, a feature that enables configuration migration, such as firewall rules, and this will be added to in future releases. Workloads can be migrated between environments with various methods including L2 bridging or VMware HCX, providing a staged approach to workload migration.

 

  1. In-Place Migration

The final model, in-place migration, leverages NSX-T’s built-in Migration Coordinator tool. Migration Coordinator helps with replacing NSX-V in place on existing hardware. It imports an existing configuration for application on the new NSX-T infrastructure in a workflow that is similar to an upgrade with very little downtime. Migration Coordinator is also fully automated and has pre-migration checks to ensure successful migration.

The Migration Coordinator tool also supports maintenance mode, automatically placing ESXi hosts into maintenance mode and vMotioning VMs off before replacing the VIBs. This feature was introduced in NSX-T 3.0. The goal of this tool is to completely transform an existing NSX-V infrastructure into NSX-T.

This method requires an extensive list of pre-requisites to be met, so detailed workshops are required to ensure that the infrastructure is ready for migration.

 

Lean on your expert VMware partner

Migrating existing deployments involves careful review and planning. Organisations need to start early to ensure they have sufficient time provisioned to execute a proper migration. As your expert VMware partner, we are here to help your customers transition and deploy NSX-T solutions.

Comms-care is accredited as a Principal Partner with VMware, placing us as one of the most capable partners in the VMware partner community. Comms-care also holds the VMware Master Services Competency for Network & Security, Data Centre Virtualization and Digital Workspace, and was awarded the VMware Partner Expertise Award for Service Excellence 2020.

To learn more about how Comms-care can help you deliver effective networking and security solutions built around VMware technologies to your customers, please contact us at enquiries@comms-care.com