ReSTNSX v2.4

Release and Configuration Notes

First Published: 10/22/2018

This document contains system requirements, supported features and bugs for ReSTNSX v2.4

Important Notes


The ReSTNSX appliance ships with a 45 day Evaluation License.  In this mode, the following limitations are enforced:

  • A limit of two data sources (NSX Managers) can be configured
  • Tenants count limited to 2
  • No additional users may be provisioned
  • Maximum of 10 workflow items to be published to NSX Manager
  • For Operations -> dFW, a limit of  20 rule changes / 4 section changes total is enforced when importing NSX rules from CSV or published to NSX Manager

In evaluation mode, the default login information is as follows:

Username: admin

Password:  default


System Requirements

Support matrix and system requirements for ReSTNSX.

RoleVersionCPUMemoryStorage
NSX Manager (-T)2.2+
ReSTNSX2.48 vCPU16GB50GB
vCenter6.0+---
NSX Manager (-v)6.3+---

For REST API access, HTTPS (TCP Port 443) must be allowed through any transient firewalls for the ReSTNSX Appliance to access vCenter and NSX Manager

Browser Support

  • Chrome 62+ for the best user experience
  • Firefox  52+ (Limited Interop Testing)

 

New Features

  • Tech Preview: API Scout. Select from a series of common API calls against vCenter and NSX Managers without the complexity of authenticating to the destination and writing the URI.
  • Custom wildcard certs for the ReSTNSX appliance
  • Operations: DLR Add/Edit/Routing
  • Operations: ESG Add/Edit/Routing/NAT
  • Operations: GRE Tunnel wizard
  • Usability Enhancements: Partial loads for faster page loading. Verbose alert messages
  • Reporting now includes the ability to define a custom retention policy, up to 180 days.  Additionally, automated (every 24 hour) collection can be disabled in the Administration section

ReSTNSX - Features


Administration


Enterprise license support.  Beginning with ReSTNSX 2.2, customers will have the option of a Standard or Enterprise license.  Standard licenses enable all the core features of the platform whereas Enterprise provides advanced functionality such as NSX Mover and Multi-Tenant Administration without requiring separate feature licenses for each capability.  To learn more about the different ReSTNSX licensing options, please visit the licensing page.

Note: NSX Mover is available in the current release as a tech preview for non-Enterprise licensed customers.  Future releases will require Enterprise licensing to enable this feature

 


System Features


Query Support for NSX-T Objects

  • IP Pools
  • IP Sets
  • Layer 3 Sections
  • Logical Switches
  • Services
  • Service Groups
  • Tier 0 Routers
  • Tier 1 Routers

Query Support for NSX-v Objects

  • Controllers
  • Edges
  • IP Pools
  • IP Sets
  • Layer 3 Sections
  • Load Balancers
  • Logical Switches
  • Logical Routers
  • Security Groups
  • Security Tags
  • Services
  • Service Groups
  • Transport Zones

Query Support for vCenter Objects

  • Virtual Machines
  • Clusters

Central CLI (NSX-v) Enhancements

ReSTNSX Central CLI provides web-based (HTTPS) API-driven access to the NSX Manager CLI without the need for SSH or leaving the web UI for troubleshooting NSX.  With v2,3, the following enhancements were introduced:

  • Easy buttons allowing users to click an icon to run pre-defined CLI commands such as "show logical-switch list all" without typing one character.
  • Enhanced command output with Intelligent Hyperlinks that allows easy buttons to run additional nested commands that are context aware.
  • For any CLI command, users can save the commands for future use with a single click.


Operations


ReSTNSX Operations provides real-time, instant creation, modification and deletion of NSX objects.  In comparison to work-flows with bulk object creation and roll-back, Operations is designed for performing the typical Day 2 tasks and common management functions.  Operations is divided up into NSX System for managing the NSX Manager settings and Networking/Security Objects; Networking for logical switching, DLR and ESG management;  Security for dFW and eFW; and Load Balancing.

 

NSX System

Real-time operations for NSX Manager settings 

  • Network settings, including IP, DNS, NTP and Syslog
  • Security modes (FIPS) and Cipher selection
  • Service status and status toggle for vPostgres, RabbitMQ, Universal Synch, Management, SSH and Lookup URL
  • Backup settings, including FTP server, scheduling and items to be excluded

Networking and Security Objects (N&S)

Real-time operations for N&S objects

Create, Edit and Delete N&S objects instantly through ReSTNSX.  The following objects are supported in this release:

  • IP Pools
  • IP Sets
  • Security Groups.  Static inclusion / exclusion to be supported in a future release.
  • Security Tags
  • Security Tag associations
  • Services
  • Service Groups

Logical Switching

  • Create, Edit, Delete - Logical Switches
  • Attach / Detach virtual machines
  • Create, Edit, Delete - Transport Zones
  • Edit Segment IDs

Routing

  • Create, Edit, Delete - DLRs
  • Create, Edit, Delete - ESG Templates
  • Edit Logical Switch associations

Load Balancing

Real-time operations for NSX Load Balancers

Within ReSTNSX, users can now create, edit and operate their NSX load balancers easier than ever before.  In a single dashboard, users can monitor critical alerts and manage all edge load balancers of a given NSX domain.

Provisioning

For creating new load balancers, ReSTNSX provides a 5 step create wizard that will build and deploy load balancers quickly and easily. Every step required for a valid configuration is provided.

Operations

ReSTNSX also provides full life-cycle management of NSX load balancers.  Within the dashboard, users can: Create, Edit and Delete:

  • Virtual Servers
  • Application Profiles
  • Server Pools
  • Application Rules
  • Service Monitors

Diagnostics and Troubleshooting

In addition to the dashboard metrics, ReSTNSX provides a load balancer troubleshooting tool that will run a series of diagnostic commands to help isolate problems.  The tool performs a series of CLI-based troubleshooting commands and presents the output while highlighting potential configuration issues.  The tool can be run on a virtual server by virtual server basis and provide insight into problem areas within seconds.

  • Note: In v2.3, Pool side certificates are not supported for Pool-side SSL

 

NSX Mover

Real-time replication of Networking and Security N&S Objects

With NSX Mover, Administrators can easily copy N&S objects between NSX Managers of the same or different type instantly.  Objects are copied in real-time to the destination NSX-v or NSX-T Manager without having to login to the remote system.

To access the Mover tool, navigate to the N&S object types of interest in your origin datasource, select a single or multiple object, and navigate to the drop-down menu and select "Migrate Selected."

 

Supported objects types are listed below. To learn more about NSX Mover, please see the ReSTNSX Overview page.

ObjectNSX -v 6.3NSX -v 6.4NSX -T 2.2
IP SetYYY
IP PoolYYY
ServicesYYY
Service Groups *YYY
Security Groups* , **YYN
Security TagsYYN

 

* NSX Mover's analytics engine determines if dependent objects exist and will prompt the user if they wish to create the dependent objects on the destination system. Examples of objects that could have dependencies include Service Groups and Security Groups where they may be referencing other objects that do not yet exist.

 

** NSX Mover supports Security Groups for migrating dependent objects such as IPSets and Security Tags.  Static Inclusions/Exclusions, Logical Switches and Virtual Machines will be supported in future release.

 


Reporting


Administrators, Auditors and IT Managers now have access to a unified reporting fabric to gain visibility into all of the ReSTNSX managed domains - regardless of NSX version or location.  ReSTNSX now provides three report types:

System Reports -   Environment summary, service status and configuration details of each NSX Manager under ReSTNSX management are provided by a daily report or on-demand.  Difference reports that will highlight the NSX configuration differences between the latest collected inventory and service status  with the previous collections.  Users may also select custom retention intervals. The default storage policy is to retain the previous 14 days of configurations for comparison.  The maximum allowed setting is 180 days.

Activity Reports - Filtered real-time, system log events that can be sorted by username for insight into a user’s action over time.

Tenant Reports - A combination of the System and Activity reports. Data is filtered to provide insight into any given ReSTNSX configured tenant.  Similar to the System reports, the Tenant report provides Administrators and Auditors a configuration summary on a tenant-by-tenant basis.  Tenant reports reflect real-time information for configuration and user activity.

Read more about ReSTNSX reports ...

 


Workflows


ReSTNSX now provides a central repository for CSV Configuration Files.  In addition to uploading the CSVs directly into a given workflow, users can now also reference the files stored on the ReSTNSX appliance.  Users are also able to upload multiple types and versions of files that can be re-used in workflows by multiple users.

Configuration File Repository - Supporting multiple CSV types
Configuration File Repository - Supporting multiple CSV types
Reference the available files in a workflow
Reference the available files in a workflow
Generate the NSX Configuration for Deployment
Generate the NSX Configuration for Deployment

Multi-Tenant Feature - New Features

NONE

Upgrading ReSTNSX

Upgrades to ReST NSX leverage configuration export for easy migrations.  When exported, the following information is retained:

  • Local Users
  • Saved Workflows
  • Custom Wizards
  • Tenant Information
  • Data Sources
  • System Settings
  • CSV Workflow Files
  • Central CLI Favorites

By exporting this information, upgrades are performed in parallel to the production platform.  Once the new version of ReSTNSX is online, simply import the previously exported configuration file and the system is online.  Administrators can manage the same NSX environment(s) with both ReSTNSX versions at the same time and

Note: When both systems are online, configuration settings are not synchronized between the different versions and must be maintained separately until the old version is decommissioned.

For a step-by-step upgrade, please refer to the ReSTNSX Upgrade Guide