My IT Blog

Fixing Tanzu Kubernetes Pod to External Services Connectivity Issues with NSX-T Last month I got a call from a customer who was pulling their hair out over a networking issue. They had just deployed VMware Tanzu Kubernetes Grid on their vSphere with Tanzu environment, everything looked good in the dashboards, all pods were running, but their applications inside the pods could not reach external databases running on traditional VMs in the same datacenter. The frustrating part was that some pods could reach external services perfectly fine, while others would just timeout. There was no clear pattern. Let me tell you how we figured this out and fixed it. The Initial Problem Here is what the customer setup looked like: vSphere 8.0 with Tanzu enabled NSX-T 4.1.2 for networking Three Tanzu Kubernetes clusters running different microservices applications External PostgreSQL database running on traditional VMs (non-Kubernetes) External API services running on another se...

How Policy as Code, Agentic AI, and Private LLMs Enable Compliant Innovation at Enterprise Scale For CTOs and enterprise architects facing the dual mandate of accelerating innovation while maintaining security posture, the question is no longer whether to adopt AI, but how to do it without compromising data sovereignty, regulatory compliance, or operational stability. The answer lies in combining three powerful patterns: Infrastructure as Code with GitOps, policy driven guardrails, and private AI deployments on VMware Cloud Foundation. Having architected infrastructure for regulated environments where compliance is non negotiable, I have learned that the key to safe innovation is not restricting what teams can do, but controlling how they do it. GitOps provides the control plane. VCF provides the secure substrate. And private AI capabilities enable intelligence without data exfiltration. The GitOps Foundation for Enterprise Infrastructure GitOps is not just about u...

In the era of digital transformation, businesses are increasingly adopting hybrid cloud strategies to leverage the flexibility, scalability, and cost-efficiency of both private and public cloud environments. VMware and Microsoft Azure are two leading platforms that, when combined, offer a robust solution for hybrid cloud deployments.  This article provides an in-depth guide on migrating workloads from an on-premises VMware environment to Azure, complete with practical examples and strategic insights. Understanding the Hybrid Cloud Advantage Hybrid cloud environments allow organizations to integrate on-premises infrastructure with public cloud services, offering several benefits: Flexibility : Easily scale resources based on demand. Cost Efficiency : Optimize costs by balancing workloads between private and public clouds. Disaster Recovery : Ensure business continuity with robust backup and recovery solutions. For Chief Technology Officers (CTOs), investing in a well-planned migrati...

Introduction :  Hybrid cloud environments are becoming increasingly popular among enterprises due to their flexibility, cost-efficiency, and disaster recovery capabilities. Broadcom and VMware, two industry leaders, offer robust solutions that can optimize hybrid cloud environments. This article explores how their technologies can be integrated to enhance performance, scalability, and security. Understanding Hybrid Cloud :  Hybrid cloud environments combine private and public cloud resources, allowing businesses to leverage the best of both worlds. Key benefits include: Flexibility:  Easily scale resources up or down based on demand. Cost-Efficiency:  Optimize costs by using public cloud resources for non-sensitive workloads. Disaster Recovery:  Ensure business continuity with robust disaster recovery solutions. Broadcom’s Contributions:  Broadcom provides a range of technologies that support hybrid cloud environments, including: Network Switches:  Bro...

Introduction:   Broadcom’s recent acquisition of VMware for $61 billion marks a significant milestone in the tech industry. This merger is set to reshape the landscape of cloud computing, bringing together Broadcom’s hardware prowess and VMware’s software expertise. In this post, we will delve into the details of the acquisition, its impact on VMware’s product line, and the broader implications for cloud computing. Background of the Acquisition:  The acquisition deal, announced in May 2022, is one of the largest in the tech sector. Broadcom, known for its semiconductor and infrastructure software solutions, has strategically acquired VMware to enhance its software portfolio. This move follows Broadcom’s previous acquisitions of CA Technologies and Symantec’s enterprise security business, highlighting its aggressive expansion strategy. Impact on VMware’s Product Line :  VMware’s core products, including vSphere, vSAN, NSX, and VMware Cloud Foundation, are expected to see s...

Customers who uses NSX day-in, day-out would like to have a point-in time restore functionality of DFW firewall rules. Many customer have a large footprints in VMC and make changes to DFW quite often. This feature was missing for long time and we could see its included in recent versions . Let's see how DFW configuration roll back works  NSX DFW configuration has versioning, and it is stored in the NSX Manager.  Every time when someone update DFW configuration, NSX creates one more version but keep storing the previous ones. You can rollback for previous config but reapplying it once again.  You can find the options under Networking & Security tab , > Security > Distributed Firewall . In the right side we see an Actions drop down. Choose View to get to the below screen.  Let’s go through the use case:  1. Original state- default config with no custom rules:  a. There are no saved configurations during last 30 days: In my existing test setup, ...