In the previous blog, we discussed about the NSX-T Architecture for older versions. From NSX-T 2.4 and later version new architecture was introduced where control and management plane are integrated into a set of clustered virtual appliances. Data plane of NSX is also divided into On-Prem components and also public cloud components. These architectural change simplified the overall management, installation and upgrades; brought high availability, scalability along with flexible deployment options.

1. Management Plane

The Management plane provides the entry point to NSX-T Datacenter, to perform operational tasks such as configuration and monitoring of all management, control, and data plane components. The changes are made using either by NSX-T Data Center UI or RESTful API. The Management plane is further segregated into two roles: Policy and Management Role.

NSX-T Management cluster which built from three-node NSX-T managers controller nodes. NSX managers provides Web-GUI and REST API for management purposes. This is one of the architectural difference compared to NSX-V which had to integrate into vSphere Client & vCenter server. NSX Manager is also could be consumed by Cloud Management Platform(CMP) like vRealize Automation to integrate SDN into cloud automation platforms.

The NSX management nodes each contain a Management plane, a central control plane, a policy role and a replicated desired state datastore. The NSX Management Cluster provides availability of all management services and increased performance. The converged appliance allows for easier operations with less systems to monitor and maintain.

2. Control Plane

The control plane is an advanced distributed state management system that provides control plane functions for logical switching, routing functions along with propagating the distributed firewall rules. The Control plane is also further segregated into two parts the Central Control Plane (CCP) and Local Control Plane (LCP).

CCP operates on NSX Managers and LCP exists on transport nodes like ESXi, KVM and Edge nodes. CCP computes the runtime state of the environment based on configuration from the management plane. Then the configuration communicated to Data plane by injecting the runtime state into LCP. The split of Control plane into CCP and LCP enables NSX-T Datacenter to scale to various types of endpoints, for example hypervisors, containers and public cloud platforms.

Cloud Service Manager (CSM) provides a complete view of single pane of glass management endpoint for all your public clouds. CSM is a virtual appliance that provides the UI and REST APIs for onboarding, configuring, and monitoring your public cloud inventory.

NSX Container plugin (NCP) is a container pod deployed when using container-based applications. It provides integration between NSX-T and container orchestrators such as Kubernetes, as well as integration between NSX-T and container-based PaaS (platform as a service) products such as OpenShift and Pivotal Cloud Foundry.

NCP monitors changes to containers and other resources. It also manages networking resources such as logical ports, switches, routers, and security groups for the containers through the NSX API.

3. Data Plane

The Data Plane on each node is a high performance engine for logical switching, routing, and distributed firewall. This plane carries and forwards packets based on tables that are populated by control plane. Data plane includes set of hypervisors and Edge gateways that are being prepared with NSX’s kernel modules(VIBs) and virtual switches.

The data plane of each host contains the following elements:

• Local Control Plane (LCP) agent

• Management Plane Agent (MPA)

• NSXVirtual Distributed Switch

The N-VDS is based on either

• ESXi vSwitch for ESXi

• Open vSwitch(OVS) for KVM.

I hope that was informative.

Thank you for reading!

*** Explore | Share | Grow ***