Sample Exchange

 View Only

Tanzu Kubernetes Grid Integrated Workload Isolation using NSX-T Micro Segmentation  

May 19, 2020 11:03 PM

Authored by Riaz Mohamed and Raghu Pemmaraju

In this document, we focus on how to leverage the micro-segmentation feature within NSX-T to provide workload isolation. NSX-T comes with a distributed firewall that can provide complete control of both North-South Traffic but also East-West Traffic and can isolate workloads, even if they are next to each other. For example, traditional firewalls only isolate network traffic between network VLANs or segments but not within a network segment. But with NSX-T distributed firewall, you can create rules to isolate workload on the same segment and with Kubernetes tags, you can isolate even Kubernetes pod-to-pod communication.

In this document, we take a simple application that has several components or services. These services are required to communicate with each other in a very defined manner. For example, service-a needs to communicate with service-c and service-b but not with any other service. Similarly, service-c needs to communicate with service-d but not with service-a or service-b.

In such a scenario, we look at how to isolate the workload using NSX-T, and also show how this is done dynamically as pods are created and destroyed.

Follow the step by step guide @  : https://github.com/riazvm/nsxtk8smicrosegmentation/blob/master/pdf/TKGI-WorkloadIsolation-MicrosegmentationV2.pdf


#workloadisolation
#vSphere
#OtherLanguage
#MIT
#tanzu
#NSX
#pks
#VMwarePivotalContainerService(PKS)
#TKGI
#NSX-TDataCenter
#TanzuKubernetesGridIntegrated(TKGI)
#MicroSegmentation

Statistics
0 Favorited
0 Views
1 Files
0 Shares
0 Downloads
Attachment(s)
zip file
nsxtk8smicrosegmentation-master.zip   8.36 MB   1 version
Uploaded - Apr 09, 2024

Tags and Keywords

Related Entries and Links

No Related Resource entered.