VCAP6-NV (3V0-643) Study Guide – Part 14. Monitor VMware NSX Implementation.

This is part 14 of 20+ blogs I am writing covering the exam prep guide for the VMware Certified Advanced Professional 6 – Network Virtualisation Deployment (3V0-643)  VCAP6-NV certification.

At the time of writing there is no VCAP Design exam stream, thus you’re automatically granted the new VMware Certified Implementation Expert 6 – Network Virtualisation (VCIX6-NV) certification by successfully passing the VCAP6-NV Deploy exam.

Previous blogs in this series:

Part 1 – Intro
Part 2 – Objective 1.1
Part 3 – Objective 1.2
Part 4 – Objective 1.3
Part 5 – Objective 2.1
Part 6 – Objective 2.2
Part 7 – Objective 2.3
Part 8 – Objective 3.1
Part 9A – Objective 3.2 IPSec VPNs
Part 9B – Objective 3.2 SSL VPNs
Part 9C – Objective 3.2 L2 VPNs
Part 10 – Objective 3.3
Part 11 – Objective 4.1
Part 12 – Objective 4.2
Part 13 – Objective 5.1

This blogs covers:

Section 5 – Perform Operational Management of a VMware NSX Implementation
Objective 5.2 – Monitor a VMware NSX Implementation

  • Configure logging for NSX components according to a deployment plan
  • Monitor health of networking services
  • Monitor health and status of infrastructure components:
    • vSphere
    • NSX Manager
    • Control Cluster
  • Enable data collection for single/multiple virtual machines

 

For this exam objective in the exam I think most of it will come down to experience with VMware vSphere, NSX and components. Knowing how to put the puzzle together to determine the cause of an issue and also how to determine overall health and things to check. So this blog won’t be long and I will show some of the basic stuff that can be done etc.

I recommend you know how and where to configure Syslog for ESXi hosts, NSX Manager and the Edge Services Gateway.

Know how to check the health of host clusters and members. Know how to check that the NSX Manager, Controllers and all the other pieces are healthy.

Configure Syslog on ESXi Hosts

From vCenter, select your host. Go to the Advanced System Settings of the host.

Locate Syslog.global.logHost. Enter the details for the Syslog Server.

syslog1

Repeat for all your hosts.

Configure Syslog on NSX Manager

Login into the NSX Manager appliance, in my case this is https://labnsx01.lab.local

app.JPG

From the Manage option, under Syslog Server – enter the relevant details.

sys2

Configure Syslog on NSX Edge Services Gateway

From the Web Client – Networking and Security, select NSX Edges, then select the Edge to configure for Syslog.

Under Settings, Configuration enter the Syslog Server details.

sys3.JPG

Checking vSphere Health

A lot of possibilities here so this is where experience comes in. If you cannot health check a vSphere environment then you might want to think again before sitting a VCAP exam.

Token picture below 🙂

venter.JPG

Checking NSX Manager Health

Login into the NSX Manager appliance, in my case this is https://labnsx01.lab.local

Click on View Summary.

bob

From the Web Client – Networking and Security, select the NSX Manager and click the Monitor tab. You can see Audit Logs, System Events and Tasks etc.

bob1

Also check Utilisation.

nsx01

Check Host Communication Channel Health

From the Web-ClientNetworking and Security, click Installation, then Host Preparation.

Select a host, click the blue cog (Action) and choose Communication Channel Health.

health.JPG

heal2.JPG

You can also do this at the Cluster level, select a Cluster followed by Communication Channel Health.

hel3.JPG

Check NSX Controllers.

cont

Check Controller-Cluster Status

Console onto the Edge Service Gateway.

Run the command Show Control-Cluster Status

contr

Check Components Installed on Hosts

com

Check VXLANs

vxlan

Enable Data Collection for Single/Multiple Virtual Machines

Pretty much covered all of this in the last blog (part 12) when going through Service Composer.

But as a refresher;  to use Activity Monitoring or to be able to collect data from a single or multiple VMs then the following must be configured.

  • Guest Introspection driver must be functional with VMware Tools (when installed)
  • Guest Introspection VMs must be deployed

You then either collect data from a single VM or from multiple VMs.

To collect from a single VM, from the Web-Client, select a VM and on the Summary tab, enable Virtual Machine Data Collection.

dmz

To collect from multiple VMs, from the Web-Client, Networking and SecurityService Composer, use the default Security Group called Activity Monitoring Data Collection.

Add the VMs/groups etc to be static or dynamically assigned to the Security Group for monitoring.

save.JPG

 

That’s all for this blog.

Next up in part 15 is Section 5, Objective 5.3 which covers Role Based Access Control (RBAC). Now available!

I am going to cover off identity service support for AD and LDAP with SSO, managing user rights, roles and accounts.

Follow me on Twitter or LinkedIn.

Be Social; Please Share.

 

  1. […] Stay tuned for blog 14 (now available) which is going to cover Objective 5.2: […]

    Like

    Reply

  2. […] Part 1 – Intro Part 2 – Objective 1.1 Part 3 – Objective 1.2 Part 4 – Objective 1.3 Part 5 – Objective 2.1 Part 6 – Objective 2.2 Part 7 – Objective 2.3 Part 8 – Objective 3.1 Part 9A – Objective 3.2 IPSec VPNs Part 9B – Objective 3.2 SSL VPNs Part 9C – Objective 3.2 L2 VPNs Part 10 – Objective 3.3 Part 11 – Objective 4.1 Part 12 – Objective 4.2 Part 13 – Objective 5.1 Part 14 – Objective 5.2 […]

    Like

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: