BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
VMware is working to close the features gap between NSX and NSX-T with the new capabilities included in NSX-T...
NSX-T is VMware's version of NSX for non-vSphere-based infrastructures, such as those that run on KVM, Red Hat Enterprise Linux or Ubuntu. Unlike NSX for vSphere, which uses vCenter for centralized management, NSX-T is a stand-alone product with its own management interface. At present, NSX-T doesn't offer the same full feature set as NSX for vSphere -- a problem that VMware is gradually working to remedy.
The initial release of NSX-T included features such as logical routing, logical switching, microsegmentation for VMs and a distributed firewall. VMware later added network virtualization and microsegmentation for containers to NSX-T 2.0. VMware was able to do this by integrating with cloud orchestration platforms, such as Kubernetes, to enable customers to deploy containers with security features enabled.
With NSX-T 2.0, the network administrator can also deploy Edge nodes to add north-south routing to an NSX implementation, which enables the use of other Edge appliances, specifically the load balancer functionality.
NSX-T 2.1 adds container support with PKS
Although it still doesn't offer support for Secure Socket Layer terminate mode, proxy mode or the ability to add HAproxy application rules to the load balancer, NSX-T 2.1's feature set is nearly on par with that of NSX for vSphere thanks to new capabilities, such as support for layer 4 and layer 7 load balancing with health monitoring and dynamic server pools.
Perhaps the most significant addition to NSX-T 2.1 is integration with Pivotal Container Service (PKS). NSX-T customers can use this integration to configure container-based applications with network virtualization from layers 2 through 7 all from within Pivotal Cloud Foundry, which provides one integrated platform.
Large enterprises in banking, auto and retail that want to use containers to manage application deployment in a cloud platform are Pivotal Cloud Foundry's target audience. Cloud Foundry doesn't provide the containers itself, but instead supports container platforms, such as Docker, and streamlines container development and production lifecycles with Kubernetes. Cloud Foundry provides a single platform from which the administrator can create the logical switches to which Kubernetes clusters connect and can configure the logical routers that provide access to those networks and firewall rules.
In return, NSX-T gives PKS the ability to access and secure access for separate Kubernetes namespaces on which teams or tenants can run their workloads and the pods -- collections of containers -- within that namespace.
Rather than connect VMs to a logical network the way you would with NSX for vSphere, with NSX-T, you connect pods to a logical network. Also, rather than host a firewall for microsegmentation on the network interface card of a VM, firewalling is now available at the pod level.