5 Essential Tips for Maximizing Your Experience at Nutanix .NEXT for Bloggers
Are you someone with the following condition? Your Nutanix Cluster has grown so much that it needs to be moved to a different (bigger) network segment (VLAN). You are daunted by the amount of changes that moving a cluster to a different network space could result in. Have no fear!The procedures are documented as per the CLUSTER IP ADDRESS CONFIGURATION section of the ACROPOLIS ADVANCED ADMINISTRATION GUIDE. From a high level, the procedures involve some preliminary verifications along with securing some downtime for the cluster (as the changes need to be made while the cluster is in a “stopped” state). From there, it is simply a matter of changing the IPMI and hypervisor IP addresses followed by the execution of a script called “external_ip_reconfig” which handles the procedures for changing the IP addresses of the CVMs. Follow that up with some post verifications and your existing cluster should be successfully running on a new network segment!
Did you know that AHV hosts can be accelerated by discrete graphics hardware (similar to how home gaming systems are accelerated)? This is especially useful for environments such as Virtual Desktop Infrastructure (VDI) deployments where it is desirable to accelerate individual desktops being shared out to large user communities.The host driver for the discrete graphics hardware can be easily installed on AHV hosts via a single command as executed from just a single CVM of a Nutanix cluster (executing the command from a single CVM will install it across all of the CVMs of the cluster – no need to touch each CVM/host individually). Information regarding this single-command procedure can be found from the INSTALLING NVIDIA GRID VIRTUAL GPU MANAGER (HOST DRIVER) section of the AHV ADMINISTRATION GUIDE.Also, just to note, the host driver can be installed on hosts running an ESX hypervisor using a different procedure. That procedure can be found via the knowledge base article Install NVIDIA
Have you ever wanted to view or change the network configuration of an AHV host but thought that working directly with Open vSwitch seemed daunting or overwhelming? Don’t worry! Nutanix developers have produced an AHV-specific tool that allows for the management of Open vSwitch via a simple interface called “manage_ovs”. This interface has the following features (among others) and even maintains a built-in help system:Viewing current network interfaces statuses Viewing/changing the uplink interfaces configuration Viewing/changing the uplinks bonding configurationThe “manage_ovs” interface is available (as a command) while connected to any of the CVMs of an AHV cluster via CLI. You can find more information about the “manage_ovs” interface as per the AHV NETWORK MANAGEMENT section of the AHV Networking Guide.
Nutanix Flow is a security feature which allows for firewall-type protection at the VM layer. However, flow goes another step further in allowing the configuration of “Security Policies” which can govern individual VMs or “Categories” of VMs or (grouped into convenient application-specific domains).Flow is a function of Prism Central and is disabled by default. To enable it, simply access the “Microsegmentation” option from within the “Prism Central Settings” options, tick the “Enable Microsegmentation” check box and click “OK”. To note, you may first want to review the capability checks that Prism Central automatically performs on all registered clusters prior to enablement, which is also possible right from within the “Enable Microsegmentation” dialog box.You can find more information regarding Nutanix Flow as per the FLOW MICROSEGMENTATION GUIDE found on the Nutanix Support Portal.
Do you have a VM that you suspect may have been compromised or infected by malicious software (i.e. ransomware) and want to have a means to quickly remove it from your network (so as to not infect other entities)? Do you also want to be able to inspect and work on this VM from a “safe distance” using available forensic tools? Using Flow Microsegmenation, you can accomplish both of these objectives through the use of Quarantine Policies. When configuring Quarantine Policies, you can specify the “Quarantine Method” as either “Strict” or “Forensic”. The “Strict” option isolates the VM from all inbound/outbound traffic entirely. The “Forensic” option allows the limitation of inbound/outbound traffic to that which is specified from the “Add Forensic Tools” tab. For example, this could allow the infected VM to communicate only with another entity that maintains tools for further analysis of the VM. You can find more information regarding Quarantine Policies within the “QUARANTINE POLICY CO
Already have an account? Login
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
