My IT Blog

Fixing Tanzu Kubernetes Pod to External Services Connectivity Issues with NSX-T Last month I got a call from a customer who was pulling their hair out over a networking issue. They had just deployed VMware Tanzu Kubernetes Grid on their vSphere with Tanzu environment, everything looked good in the dashboards, all pods were running, but their applications inside the pods could not reach external databases running on traditional VMs in the same datacenter. The frustrating part was that some pods could reach external services perfectly fine, while others would just timeout. There was no clear pattern. Let me tell you how we figured this out and fixed it. The Initial Problem Here is what the customer setup looked like: vSphere 8.0 with Tanzu enabled NSX-T 4.1.2 for networking Three Tanzu Kubernetes clusters running different microservices applications External PostgreSQL database running on traditional VMs (non-Kubernetes) External API services running on another se...

The evolution of VMware under Broadcom represents not disruption, but clarification—a focused vision toward unified private cloud excellence. As organizations navigate this transformation, the opportunity has never been greater to build truly modern, efficient, and powerful infrastructure with VMware Cloud Foundation. After architecting VMware solutions across diverse enterprise environments, I've observed a pattern: organizations that embrace VMware Cloud Foundation (VCF) strategically—rather than viewing the transition as a burden—emerge with significantly more capable, cost-effective, and future-ready infrastructure. This post shares a practical framework for successfully modernizing your VMware environment, maximizing your investment, and positioning your organization for the AI-driven, cloud-native future. Understanding the VMware Cloud Foundation Vision Let's start with clarity about what Broadcom and VMware are building: VMware Cloud Foundati...

How Policy as Code, Agentic AI, and Private LLMs Enable Compliant Innovation at Enterprise Scale For CTOs and enterprise architects facing the dual mandate of accelerating innovation while maintaining security posture, the question is no longer whether to adopt AI, but how to do it without compromising data sovereignty, regulatory compliance, or operational stability. The answer lies in combining three powerful patterns: Infrastructure as Code with GitOps, policy driven guardrails, and private AI deployments on VMware Cloud Foundation. Having architected infrastructure for regulated environments where compliance is non negotiable, I have learned that the key to safe innovation is not restricting what teams can do, but controlling how they do it. GitOps provides the control plane. VCF provides the secure substrate. And private AI capabilities enable intelligence without data exfiltration. The GitOps Foundation for Enterprise Infrastructure GitOps is not just about u...

In the era of digital transformation, businesses are increasingly adopting hybrid cloud strategies to leverage the flexibility, scalability, and cost-efficiency of both private and public cloud environments. VMware and Microsoft Azure are two leading platforms that, when combined, offer a robust solution for hybrid cloud deployments.  This article provides an in-depth guide on migrating workloads from an on-premises VMware environment to Azure, complete with practical examples and strategic insights. Understanding the Hybrid Cloud Advantage Hybrid cloud environments allow organizations to integrate on-premises infrastructure with public cloud services, offering several benefits: Flexibility : Easily scale resources based on demand. Cost Efficiency : Optimize costs by balancing workloads between private and public clouds. Disaster Recovery : Ensure business continuity with robust backup and recovery solutions. For Chief Technology Officers (CTOs), investing in a well-planned migrati...

Customers who uses NSX day-in, day-out would like to have a point-in time restore functionality of DFW firewall rules. Many customer have a large footprints in VMC and make changes to DFW quite often. This feature was missing for long time and we could see its included in recent versions . Let's see how DFW configuration roll back works  NSX DFW configuration has versioning, and it is stored in the NSX Manager.  Every time when someone update DFW configuration, NSX creates one more version but keep storing the previous ones. You can rollback for previous config but reapplying it once again.  You can find the options under Networking & Security tab , > Security > Distributed Firewall . In the right side we see an Actions drop down. Choose View to get to the below screen.  Let’s go through the use case:  1. Original state- default config with no custom rules:  a. There are no saved configurations during last 30 days: In my existing test setup, ...