As part of the NSX-T 3.2 release, VMware introduced a new consumption option for NSX-T, directly from vCenter 7.0 U3c. The new vCenter plug-in allows small and medium-sized organizations to use NSX-T in a similar way to how NSX-V is deployed and operated.
The new option requirements are simple: ESXi hosts must be compatible with vCenter 7.0.3, and the virtual distributed switches must be version 6.6 or later.
The release comes with a few advantages. For example, in this architecture, if the NSX-T manager is deployed using the option from vCenter the process becomes extremely simple. The wizard takes the responsibility to deploy, register vCenter in NSX and also register the NSX UI in the vSphere client.
Additionally, for this version of NSX-T, only a single NSX Manager cluster is needed. In terms of name resolution, vCenter must point to an FQDN address, and the DNS server must be capable of solving the address.
This security model also has a simplified network scope. Since the model is based on a Virtual Distributed Switch (VDS), implementing L2 networking is possible, although L3 to L7 advanced networking services such as Load Balancing, or NAT need to be deployed and configured using the NSX SDN. The model applies to VLAN-backed networks.
The security rules and policies deployed through the plug-in cover the full network stack, including L3 to L7 through DFW and GFW (Gateway Firewall)
Note: The standard VDS for NSX-T is a VLAN switch.
The VMware vCenter plug-in for NSX is validated with VxRail by VMware. The minimum requirements for using it with VxRail are as follows:
Note: For lifecycle management operations of NSX on VxRail outside of VCF on VxRail, perform the operations through vLCM that are described in this blog.