NSX v2T Migration Methodologies & introduction of user-defined topology in NSX-T 3.2

by Farhan Patel, posted in nsx-t, VMware NSX

Above mind map is based on the online Migration Coordinator Guide for NSX-T version 3.2

Brief about the methods:

User defined Topology: This got introduced in version 3.2 and has two modes:

  1. Complete migration: which does not need additional hardware and will migrate NSX-V edges, DLRs, hosts and workloads. This mode allows you to map NSX-V edges and DLRs to appropriate Tier 0 / Tier 1 Gateways of NSX-T. This mapping can be provided by NSX user interface UI or by using JSON. Custom NSX-T topologies are supported. Here, there is no need to create overlay segments in NSX-T matching VNI of NSX-V logical switches. Rollback is available up to and including ‘Migrate edges’ step. It is important to note that automated rollback is not available once ‘host migration’ begins. NSX-T Edges should have only one TEP. Default VLAN transport zone ‘nsx-vlan-transportzone’ should be used on NSX-T edges.
  2. Configuration migration: This mode of user defined topology is to move Distributed Firewall configuration only from NSX-V to NSX-T. This mode will work alongside ‘Lift & Shift’ v2T migration method (check requirements for ‘Lift & Shift’ method. This implies additional hardware to be available and NSX-T will be installed on those servers to start with. This mode again allows custom NSX-T design.

In the case of User Defined Topology migration, there should be no user defined NSX-T DFW rules.

Below methods have been there before NSX 3.2:

Lift and Shift Method: This method needs additional hardware to start with. NSX-T layer 2 bridge needs to be setup and NSX-T edge for bridging should be deployed on NSX-V prepared host. vSphere vmotion is used to migrate VMs from NSX-V prepared host to NSX-T prepared host. Layer 2 bridge helps retain the same IP as workloads move from V side to T side. This method allows custom NSX-T design. This method offers one key advantage allowing VMs to move in batches/waves. Admin can control which VMs move and when.

Migrate DFW, hosts and workloads: Here there is no need of additional hardware. Migration process creates required infrastructure to extend networks between NSX-V hosts and NSX-T hosts. Overlay segments in NSX-T are to be created with the same VNI as NSX-V logical switches. VDS 7.0 supports automated maintenance mode for hosts’ upgrade; a task for host to enter maintenance mode is automatically queued in the case of automated maintenance migration mode.

Migrate DFW Distributed Firewall: This workflow is to migrate NSX-V Distributed Firewall configuration over to NSX-T. Overlay segments in NSX-T are to be created with the same VNI as NSX-V logical switches. This workflow can be used alongside ‘Lift & Shift’ method which means a new/custom NSX-T design is supported. If ‘Applied To’ of DFW is configured in DFW rules of NSX-V, then VM groups are to be created using NSX-T API which then creates VIFs on NSX-T side.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s