Join us for the next global Nutanix User Group webinar where we'll discuss the <\/span>Top 3 Ways to Build Cyber Resilience Against Ransomware<\/strong><\/span> with Nutanix with Mike Barmonde, Nutanix Sr. Product Marketing Manager, and Neil Ashworth, Nutanix Portfolio Architect.<\/span><\/p>

Here\u2019s what will be covered:\u00a0<\/p>

  • Insights into ransomware evolution<\/span><\/li>\t
  • What is cyber resilience and how it fights ransomware\u00a0<\/span><\/li>\t
  • Demos on 3 key Nutanix concepts that will help you build cyber resilience<\/span><\/li><\/ul>

    Register today!\u00a0<\/span><\/p>","author":{"id":113632,"url":"\/members\/karlie-beil-113632","name":"Karlie Beil","avatar":"https:\/\/uploads-us-west-2.insided.com\/nutanix-us\/icon\/200x200\/1581aab3-bcf6-49f4-b2fb-3d11e8c010dc.png","userTitle":"Community Manager","rank":{"isBold":false,"isItalic":false,"isUnderline":false,"name":"Community Manager","color":"#0873ba"},"userLevel":5},"type":"Meetup","url":"https:\/\/next.nutanix.com\/events\/global-nug-top-3-ways-to-build-cyber-resilience-176","image":"https:\/\/uploads-us-west-2.insided.com\/nutanix-us\/attachment\/050d4c6e-b652-40ce-9988-03189c05e3b9_thumb.png","location":"","startsAt":1686841200,"endsAt":1686844800,"contentType":"event","attendees":[],"attendeeCount":0,"isLoggedInUserAttendee":false,"createdAt":"1684788278"},"phrases":{"Forum":{"{n} year|{n} years":"{n} year|{n} years","{n} month|{n} months":"{n} month|{n} months","{n} day|{n} days":"{n} day|{n} days","{n} hour|{n} hours":"{n} hour|{n} hours","{n} minute|{n} minutes":"{n} minute|{n} minutes","just":"just now","{plural} ago":"{plural} ago"}}}">

流动网关VM在Azure中 - 您需要知道的一切。

  • 2022年10月26日
  • 0答复
  • 444次观看
dlink7
Userlevel 4
徽章 +19

Azure(NC2)中Nutanix云簇的流网路VM(FGW)是拥有您自己的超级云的Lynch引脚。FGW负责所有VM流量从Azure的Nutanix群集向北和南部。该虚拟机允许从云和本地服务的外部通信到在Azure NC2群集上运行的工作负载。


Flow Gateway VM将Azure和本地服务连接到Azure部署的Nutanix群集。

一旦Prism Central从集群创建过程自动部署,FGW就会部署到Prism Central使用的同一VNET中。FGW是本地Azure VM。VM上有两个网络接口卡(NIC),一张用于内部流量,另一个用于外部流量。外部NIC配置了浮动IP的工作负载,这些工作负载可能需要外部客户端,以连接到集群上运行工作负载。默认安装将在外部NIC上配置50个浮动IP。这些浮动IP可以在VM菜单或VPC菜单中的Prism Central中分配。

Microsoft Azure门户中的外部NIC配置。


在fgw的子网尺寸时,我会使用以下最小值。

内部子网 - /28
外部子网 - /25

对于生产而言,我将使以上子网的大小增加一倍,以供未来增长。

直接进入管理程序,存储控制器和棱镜中央的流量不在FGW的路径中。这很重要,因为复制流量可以代表大多数从本地的带宽。

FGW的当前尺寸是:

小(standard_d4_v4,4 VCPU,16GIB RAM)-预期网络带宽(MBP)10000 Mbps

大(standard_d32_v4,32 vcpus,128gib ram)-预期网络带宽(MBP)16000 Mbps

从NC2 Portal更改流量GATWAY VM的大小


在两种类型之间的价格较大的情况下,最好开始缩小,然后您始终可以更改VM类型。如果您确实需要更改VM类型,则网络安全组设置将保留在VM上。

内部和外部NIC都附有网络安全组(NSG)。在大多数情况下,您将必须调整外部NSG以允许流量进入集群。

外部NIC上部署的FGW的网络安全组

截至今天,FGW是单个VM。如果FGW被停止或删除,NC2门户将将其视为HA事件,在该事件中,FGW无法实现,然后门户将创建一个新的FGW,以代替现有的,如果存在或删除fgw,则可以关闭。当我测试FGW的升级时,需要四分钟才能从NC 2门户进行升级。它遵循类似的过程,即删除和替换VM的过程。

事件日志从升级NC2 Azure上的Flow Gatey VM升级。

希望这涵盖了您需要了解的有关Azure流程VM的所有信息。如果您确实有问题,请问!

Azure网络培训上的NC2→

The Flow Gateway VM (FGW) for Nutanix Cloud Clusters In Azure(NC2) is the Lynch pin to having a your own Supercloud. The FGW is responsible for all VM traffic going north and south from the Nutanix cluster in Azure. This virtual machine allows outside communication from both cloud and on-premises services to the workloads running on the Azure NC2 Cluster. \u00a0<\/span><\/span><\/p>


\u00a0<\/p>

\"//www.jhbzcj.com/next/nutanix-cloud-clusters-nc2-149/\"
The Flow Gateway VM connecting Azure and on-prem services to the Nutanix Cluster deployed in Azure.<\/figcaption><\/figure>

Once Prism Central is automatically deployed from the cluster creation process, the FGW deploys into the same VNET that Prism Central is using. \u00a0The FGW is a native Azure VM. The VM has two network interface cards(NICs) attached to it, one for internal traffic and one for external traffic. The external NIC \u00a0where the floating IP's are configured for workloads that may need away outside clients connecting into running workloads on the cluster. The default installation will configure 50 floating IP's on the external NIC. These floating IP's can be assigned in Prism Central in the VM menu or in the VPC menu.<\/span><\/span><\/p>

\"//www.jhbzcj.com/next/nutanix-cloud-clusters-nc2-149/\"
The External NIC configuration in the Microsoft Azure Portal.\u00a0<\/figcaption><\/figure>


When sizing the subnets for the FGW I would use the following miniums.<\/p>

The internal subnet - \/28\u00a0
The external subnet - \/25\u00a0\u00a0
\u00a0<\/p>

For production deplpyments I would double the size of the above subnets for future growth.<\/p>

\u00a0<\/p>

Traffic that goes directly to the hypervisor, the storage controllers and Prism Central are not in the path of the FGW. This is important because replication traffic can represent most of the bandwidth coming from on-prem when you go to migrate\/failover workloads to Azure.\u00a0<\/span><\/span><\/p>

The current sizes for the FGW are:<\/span><\/span><\/p>

Small (Standard_D4_v4, 4 vCPUs, 16GiB RAM)<\/strong> - <\/span>Expected network bandwidth (Mbps)<\/span><\/span> 10000 Mbps<\/p>

Large (Standard_D32_v4, 32 vCPUs, 128GiB RAM)<\/strong> - <\/span>Expected network bandwidth (Mbps)<\/span><\/span> 16000 Mbps<\/span><\/span><\/p>

\u00a0<\/p>

\"//www.jhbzcj.com/next/nutanix-cloud-clusters-nc2-149/\"
Change the size of the Flow Gatway VM from the NC2 Portal<\/figcaption><\/figure>


\u00a0<\/p>

With the large price difference between the two types it's best to start small and then you can always change the VM type later. If you do need to change the VM type, your network security group settings will be preserved on the VM.<\/span><\/span><\/p>

\u00a0<\/p>

Both the internal and external \u00a0NICS have a network security group (NSG) Attached to them. In most cases you will have to adjust the external NSG to allow traffic into the cluster.<\/span><\/span><\/p>

\"//www.jhbzcj.com/next/nutanix-cloud-clusters-nc2-149/\"
The Network Security Group of the deployed FGW on the External NIC<\/figcaption><\/figure>

As of today the FGW is a single VM. If the FGW is stopped or deleted , The NC2 portal will see it as HA event where FGW is unreachable and then portal will create a new FGW in place of existing if it exists or delete FGW which is powered off. When I was testing upgrades of the FGW it took four minutes to perform an upgrade from the NC 2 portal. It follows a similar process of removing and replacing the VM with a new one.<\/span><\/span>

\u00a0<\/p>

\"//www.jhbzcj.com/next/nutanix-cloud-clusters-nc2-149/\"
Event log from upgrading the Flow Gateay VM on NC2 Azure.<\/figcaption><\/figure>

\u00a0<\/p>

Hopefully that covers everything you need to know about the Flow Gateway VM in Azure. If you do have a question, ask away!

NC2 on Azure Networking Training \u2192\u00a0<\/p><\/oembed>

\u00a0<\/p>","quoteUsername":"dlink7","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">

0答复

做第一个回复的人!

回复


Learn more about our cookies.<\/a>","cookiepolicy.button":"Accept cookies","cookiepolicy.button.deny":"Deny all","cookiepolicy.link":"Cookie settings","cookiepolicy.modal.title":"Cookie settings","cookiepolicy.modal.content":"We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.<\/a>","cookiepolicy.modal.level1":"Basic
Functional","cookiepolicy.modal.level2":"Normal
Functional + analytics","cookiepolicy.modal.level3":"Complete
Functional + analytics + social media + embedded videos"}}}">
Baidu