This post was co-authored by Patrick Campbell, Sr Strategic Marketing Engineer, Nutanix and Cody Richard, Global Partner Solutions Architect, Red Hat<\/p><\/div><\/div><\/div><\/section>
Nearly a year ago, Red Hat and Nutanix announced<\/a> a strategic partnership to help customers leverage a full stack platform for any hybrid cloud workflow that includes server virtualization and containerization using Kubernetes. As leaders in our respective offerings, Red Hat and Nutanix strive to provide our customers with industry leading open source Kubernetes orchestration and management, a hybrid cloud platform, and a proven Linux distribution.<\/p> Red Hat Enterprise Linux and Red Hat OpenShift are certified to run on the Nutanix Acropolis Hypervisor (AHV), enterprise virtualization deployed on the Nutanix Cloud Platform (NCP). The relationship continues to grow with this recent addition of the Red Hat Ansible Certified Content Collection for Nutanix NCP, building momentum for customers of both Red Hat and Nutanix.<\/p> As new digital services define whether an organization can become or remain competitive, IT leaders must find ways to deliver digital value faster without adding a lot of operational or management overhead. Think about it. Why start from scratch if you already have tools and talent to achieve this digital value now?<\/p> Standardizing automation workflows across an organization makes utilizing existing tools even more compelling. This is now more urgent than ever. According to this survey<\/a>, enterprises find a lack of integration and interoperability with existing tools as a significant challenge. This coupled with an ever changing pool of available resources can create the need for a powerful, easy to use, automation tool. Red Hat Ansible Automation Platform<\/a> provides enterprise-grade integration and automation in a human readable format.<\/p> Leveraging the technical expertise from current DevOps teams using Ansible Automation Platform\u2014in a more organization-wide strategy\u2014addresses what many IT leaders want. They\u2019re looking to speed up processes by eliminating duplicate and independent technical overhead. Here\u2019s where Nutanix comes in. Nutanix Hyperconverged Infrastructure (HCI) provides an integrated solution including data services at scale that enables easy, rapid application configuration and deployment.<\/p> IT Operations teams benefit from the automation from DevOps teams that have been using Ansible Automation Platform\u2014in some cases for several years. The end result is that the downstream end users utilizing NCP will have ready-to-use apps that run on an enterprise-grade HCI platform faster than if the administration is done manually in siloed infrastructure environments that do not scale well.<\/p> Suppose that a group of support engineers for a target customer need to access a \u201cgold standard\u201d of infrastructure resources with specific applications running in an NCP environment. They want to troubleshoot specific workflows introduced by customers or internal development teams and don\u2019t have time to set up this environment manually every time a client opens a support case.<\/p> Before automation, environments for testing like this needed to be manually configured on demand after support engineers submitted tickets for IT admins to set up and configure. In other cases, custom scripts were developed and used sporadically across the organization. But now, with the modules in the Red Hat Ansible Certified Content Collection for Nutanix NCP, the environment can be quickly set up (or torn down) for support engineers to do testing with what is considered a baseline scenario. Alternatively, they can use self-service blueprints defined in Nutanix that access Ansible automation and set up the desired NCP environment. It\u2019s all virtual and easy to deploy with predefined configurations so the support teams can quickly troubleshoot and then reset to the desired baseline state when they are done with a support case.<\/p> This standardization across the organization helps to eliminate those \u201cone off\u201d scenarios that creep up from the different siloed teams that might have a \u201cdo-it-yourself\u201d mentality instead of using central IT. This is just one example of many for utilizing this newly forged collaboration between Nutanix and Red Hat.<\/p> Prior to this Nutanix NCP Ansible Content Collection certification and still ongoing, engineers at Nutanix have been using Ansible for development. Current Self-Service blueprints can execute Ansible Playbooks to configure any hybrid multi-cloud destination. Nutanix X-Play<\/a> actions for simplified IT operations can leverage Ansible workflow and job templates to execute to any target environment.<\/p> The Nutanix Collection is available in Ansible automation hub and Ansible Galaxy. Customers who want supported content should use the Certified Collection in Ansible automation hub. Red Hat customers using certified content can open a Red Hat support ticket if there are issues using the Nutanix Certified Collection.<\/p>Why Ansible, Why Nutanix?<\/h3>
Example Use Case for Support Teams at Customer Sites<\/h3>
Nutanix and Ansible<\/h3>
Get Started<\/h3>
- Nutanix员工
- 35个答复
-
2017年12月8日
https://portal.nutanix.com/#/page/docs/details?targetID=AHV-ADMIN-GUIDE-V55:AHV-AHV-AHV-INTEGRATE-with-network-network-intwork-intwork-functions-intro-c.html
我正在撰写博客文章以介绍此用例。这是显示其工作原理的图像。您可以执行内联端口或TAP端口。
\n
\nI'm working on a blog post to cover this use case. Here is an image to show how it would work. You can do an inline port or a tap port.
\n
- 冒险家
- 8个答复
-
2017年12月11日
当前,我们将捕获的流量发送到我们的Viavi设备,是否可以使用网络函数VM进行操作?NFV的运行Linux是否可以通过控制台(或任何其他方式)访问并使用CLI进行管理?ERSPAN是否得到NFV的支持?再次感谢。
\nCurrently, we're sending the captured traffic to our Viavi appliance, is it possible to do the same with the Network Function VM? Are the NFV's running Linux, are they accessible via the console (or any other means) and managed using CLI? Is ERSPAN supported by the NFV's? Thanks again.","quoteUsername":"rappy39nix","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">
- Nutanix员工
- 35个答复
-
2017年12月11日
我提到的NFV是一个特殊的VM,可在群集中的每个AHV主机上运行。您提供此VM并将其标记为代理VM。然后,将其添加到网络函数链中。该VM可以运行AHV上支持的任何操作系统,您可以决定是否将单个接口作为水龙头或多个接口将单个接口连接起来。
此NFV VM可以在TAP模式下接收,检查和捕获。在内联模式下,它可以执行这些功能并决定拒绝或传输流量。在上面的示例图中,想象一下VM作为Palo Alto Networks VM系列防火墙。我还在自己的实验室中使用了Snort ID。
通过在网络函数链中配置的这种类型的NFV,您只能捕获在AHV上运行的VMS发送或接收的流量。您无法捕获物理主机发送的流量,也无法将ERSPAN类型流量发送到NFV VM。
如果您在AHV上设置了常规VM,则可以使用它从外部来源接收ERSPAN流量,因为所需的只是VM的IP地址。由您决定要在此VM中安装的软件。如果需要的话,您可以使用像TCPDUMP这样简单的东西,也可以使用第三方供应商的软件安装VM来分析流量。
\nThis NFV VM can receive, inspect, and capture in tap mode. In inline mode it can do these function AND decide to reject or transmit the traffic. In the example diagram above, imagine that VM as a Palo Alto Networks VM-Series firewall. I've also used the Snort IDS in my own lab.
\nWith this type of NFV configured in a network function chain, you can only capture traffic sent or received by VMs running on AHV. You cannot capture traffic sent by physical hosts, or send in ERSPAN type traffic to the NFV VM.
\n
\nIf you setup a regular VM on AHV, you can use this to receive ERSPAN traffic from outside sources, since all that's required is the IP address of the VM. It's up to you to decide what software you want to install inside this VM. You could use something as simple as tcpdump if you wanted, or you could install a VM with software from a 3rd party vendor for analyzing traffic.","quoteUsername":"bbbburns","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">
- Nutanix员工
- 568回复
-
2017年12月11日
需要明确的是,这不是我们提供的特殊VM。AHV中的链接功能使您可以在获取本地镜子的地方放置“ TAP模式”设备
或者
在线模式设备,就像IDS/IPS/防火墙类型设置
\nTo be clear, this isn't some special VM we're providing. The chaining feature in AHV allows you to either put \"tap mode\" devices where you get a local mirror
\n
\nor
\n
\nin-line mode devices, which would be like a IDS\/IPS\/Firewall type setup","quoteUsername":"Jon","translations":{"Common":{"like":"Like","unlike":"Unlike"},"Forum":{"Quote":"Quote","Share":"Share"}}}">
回复
输入您的用户名或电子邮件地址。我们将向您发送带有指令的电子邮件以重置您的密码。
Functional","cookiepolicy.modal.level2":"Normal
Functional + analytics","cookiepolicy.modal.level3":"Complete
Functional + analytics + social media + embedded videos"}}}">