I am new to
NSX-T (3.0) and trying to learn it by comparing it with
VPC based networking which is what I am familiar with and which is kind of a standard among most of the public clouds. As a developer/(solution) architect, I understand how/when to provision (virtual) networking, compute and storage resources in a public cloud required for deploying an application.
While I have fairly good understanding of
vCenter/vRA and basic understanding of
vSphere, I am unable to understand what part of
NSX-T can be handled by a developer/architect without help from a system/network engineer. Most of the documentation around
NSX-T seems to be for system engineers which seems to be okay considering (enterprise) private cloud are setup and managed by these people. But then what does an offering like
VMWare on AWS offer to a developer in terms of self service when developers are able to handle all layers (compute, network, storage) of IaaS in AWS all by themselves without any help from DevOps/ITOps (most of the time) for the environments (e.g. DEV/PoC etc) which are or can be managed by developers?
When it comes to AWS, a developer can provision one
VPC for all the environments of an application or one
VPC per environment per application. You use
internet gateway for outbound internet connectivity and
elastic IP for inbound internet connectivity. You use
VPN gateway to connect two VPCs in same or different accounts. So
VPC is your starting point and at no point you will see or interact with anything on physical layer.
When it comes to
NSX-T (3.0), you have to understand
vlan/overlay transport zones,
Tier-0/1 gateways etc etc which forces a developer to understand complex concepts similar to linux networking. This is quite opposite to what
AWS has done by simplifying
IaaS services to an extent wherever developers are able to manage their infrastructure all by themselves without knowing even a single thing about complex world of physical layers. With new versions of
VCF, I was hoping that developers will be able to manage at least some parts of
VMware SDDC themselves instead of relying on DevOps/ITOps but it seems that it still requires a number of system engineers to operate it leaving no room for small teams (without or very few DevOps/ITOps folks around them) to manage at least some parts of
VMware SDDC themselves in offering like
VMWare on AWS.
To summarize –
- Given that someone has setup NSX-T (3.0), what parts of (virtual) networking infrastructure can be provisioned by developers in self service way?
- What is the starting point for a developer in NSX-T (3.0) and how to proceed further from this starting point?
- What is the equivalent of VPC in NSX-T (3.0)?
- Do you create one transport zone for all the environments of an application or one tz for each of the environments of an application?
- Is there any developer centric step by step guide explaining what NSX-T constructs a developer should create/provision in self service manner in order to deploy his application on VMware SDDC?