My #HomeLab: Q4 '19 Update

Opening Most of you might have noticed the hiatus I’ve taken from the WS1 + Azure AD series; not to worry, this is only in anticipation of several interesting product changes that are relevant for the series. We will resume once those are in place later this year. In the interim, I’m taking advantage of the down time to do some infrastructure and architecture housekeeping. You might recall from my #homelab post that I mentioned a few tasks I’d like to see to completion before the end of the year. Namely, Add a fourth host to the vSAN cluster in order to support automatic rebuild in the event of a host-level failure Migrate the NSX-T 2.4 install base to the new Corfu structure – in effect, migrating the configuration to the Simplified UI Upgrade vSphere from 6.7U1 to 6.7U3 An item that I hadn’t originally planned, but ultimately implemented, was removing many of the overlay uplinks in each host to a consolidated N-VDS hosting vSAN, vMotion, the host TEPs, and edge VLAN uplinks. So let’s jump into some of these […]

NSX-T LBaaS with Workspace ONE Access

Opening A few homelab versions back, I exclusively ran NSX-v LBaaS for all things “edge”. I’ve since had the opportunity to shift over to F5 BIG-IP, and now Avi Networks (welcome to the VMware family!), but still asked on numerous occasions to provide guidance on how to load balance Workspace ONE Access with NSX. Let me just say, the world is moving to NSX-T; it’s time you do the same. So without further ado, let’s dig into the recipe for how to load balance Workspace ONE Access with NSX-T. Pre-Requisites Only a handful of things to account for here: Functional NSX-T 2.4 Environment – For the below, I am using a highly available NSX-T 2.4.0 Manager cluster, with dual ‘large’ sized virtual Edge Nodes Functional Workspace ONE Access Node – I’m using an on-premises 1903 cluster below. Keep in mind, to implement a functional cluster, you will need to change the FQDN which won’t be possible without the below implemented. For now, start with one node, then follow the instructions for establishing a 3 node cluster. Here’s a great document […]

#HomeLab Networking

Preamble I mentioned in my inaugural post that attempting to cover the network design for the #homelab in one post wasn’t going to cut it. Alas, here we are; I’ve successfully migrated to NSX-T 2.4 Policy Manager (the Corfu structure) and made a few tweaks to the underlay, so it’s time to dive deep. Be prepared, this is a lengthy post and stands to evidence my previous statement about “being sensitive to security architecture”. I don’t claim to be a networking expert, and much of what I’ve picked up outside of NSX has been self taught using the wonderful #homelab. Overview Truer words have never been spoken than the image above. What started in the beginning as one layer 2 boundary has now become various layer 3 zones all peered over a mix of eBGP and iBGP. Before I go into the gory details of rails, uplinks and overlays, a quick view at what we’re building up to: The top half of this view shows physical uplinks and VLAN rails within the physical boundaries, while the lower half shows the […]

My #HomeLab

Preamble The time has finally come for an inaugural VP blog post, and what better way to kick this off than covering the #homelab? This quintessential tool has been the topic of many conversations (go checkout thevpad.com if that isn’t already obvious) and is, in my opinion, table stakes to a successful career in this industry. I started out with a humble 2 node ROBO vSAN cluster on whitebox chassis. Growing pains led me to what I have today, but rest assured that everyone has a starting point and there’s no shame in that fact. Consider yourself “ahead of the crowd” just by taking the first step; initiative and persistence are key to mastering this industry. Some believe that this tool should be subsidized; I fundamentally disagree. Your career requires constant maintenance and investment in order to provide fruits of your labor. If you have arrived at this post, I assume you concur. Enough of the opinion column, let’s jump into the real reason why you are. Overview Covering the #homelab build in one post isn’t going to cut it. […]