Knowledge
- Describe integration with vCAC
- It allows users to create complete application templates which combine compute, storage, networking and security services in a blueprint for on-demand deployment
- It allows for security automation workflows to be integrated with compute automation
- With Layer 2 VPN on NSX Edge, enterprises can migrate workloads, consolidate datacenters, or create stretched application tiers across multiple datacenters. Service providers can offer tenant on-boarding and cloud bursting services where tenant application networks are preserved across datacenters without the need for NSX on customer premises.
- Helps you optimize resource utilization and scale by dynamically connecting self-service applications to NSX logical networks while ensuring that infrastructure security policies are automatically applied to isolate and protect the applications
- Explain NSX deployment capabilities built into vCAC
- Application-specific networks may be defined in a multimachine blueprint for vCloud Networking and Security and NSX.
- List NSX components that can be pre-created using vCAC
- Logical Router
- Logical Network
- Virtual Network Adapter
- Virtual Load Balancer
- Describe Network Profiles available in vCAC
- They perform 2 main functions:
- NIC configuration (IP, Subnet Mask, Default Gateway, DNS)
- NSX Edge Services Router configuration (Route, NAT, Drop)
- 5 main types
- External Profile – Used to pass config information to catalog items that are not associated with a blueprint, or to provide information which is used to configure the NSX Edge Services Router
- 1-to-1 NAT Profile – Used to conserve externally routable IP addresses.
- 1-to-Many NAT Profile – As above, but no Source NAT.
- Private Profile – No external connectivity
- Routed Profile – IP range must be unique, IP addressing uses a valid external range.
- They perform 2 main functions:
- Explain NSX preparation tasks that must be completed prior to attaching a network profile to a blueprint
- Create Logical Distributed routers
- Create Transport Zones
- ?? Not sure if anything else is required.
- Explain vCAC preparation tasks that must be completed prior to deploying a machine with on-demand network services
- Add NSX Manager to vSphere endpoint
- Configure reservations
- External Network Profiles
- Transport Zone
- Routed Gateway
- Configure Blueprints – Multi-machine
- Configure transport zone
- Configure network profile
- Add VM blueprints
- Identify any Security Groups required
- Edit network -> associate network profile, configure additional services like load balancer
Tools
- IaaS Configuration for Virtual Platforms
- IaaS Configuration for Multi-Machine Services
- Also see http://blogs.vmware.com/management/2014/05/vcac-nsx-dynamically-configuring-application-specific-network-services.html
YAVB - Rich Dowling 
There are a couple of items on this in italics that I couldn’t find the relevant information – if anyone reading has suggestions, please let me know. Thanks!
Pingback: VCP-NV Study Guide – Section 1 complete | YAVB - Rich Dowling
Pingback: VMware VCP-NV NSX Study Resources | darrylcauldwell.com
I finally cleared up the missing entry around NSX components that can be pre-created using vCAC.