VMware NSX Intelligence 3.2.1 | 17 MAY 2022 | Build 19800104

Check for additions and updates to these release notes.

What's New

NSX Intelligence 3.2.1 is a maintenance release that fixes issues documented in the Resolved Issues section below. New known issues identified since the NSX Intelligence 3.2.0 release have been added to the Known Issues section below.

This release also provides the following new enhancements. See VMware NSX Intelligence 3.2.0 Release Notes for the list of features introduced in NSX Intelligence 3.2.0 release.

  • Updated scale optimization limit and flow guardrails

    The scale optimization limit and flow guardrails have been updated and are enforced at the time of starting a new DFW rule recommendation analysis. If the number of flows to be processed is calculated to potentially exceed the total flow limit allowed per analytics node, the recommendation analysis does not start and the system displays an exception message. The current limit per analytics node is 7 million flows.

  • Support for excluding certain traffic flows during recommendation analysis

    You can now exclude certain traffic flows during the DFW rule recommendation analysis. By default, the Broadcast flows and Multicast flows are selected in the new Exclude Flows text box in the Start New Recommendation dialog box. These flow types are not relevant for application category rules. Excluding broadcast flows, multicast flows, or both flow types can help optimize the DFW rule recommendation analysis. If you remove the default values, all traffic flow types are included during the recommendation analysis.

System Requirements

For system requirements information, see Activating and Upgrading VMware NSX Intelligence. For information about ports and protocols required for NSX Intelligence, see VMware Ports and Protocols.

Compatibility Notes

For NSX Intelligence and NSX-T Data Center interoperability information, see VMware Product Interoperability Matrices.

API and CLI Resources

See the NSX Intelligence & NSX Application Platform API Reference page for the available for NSX Intelligence REST API resources.

Available Languages

NSX Intelligence has been localized into multiple languages: English, German, French, Japanese, Simplified Chinese, Korean, Traditional Chinese, and Spanish. Because NSX Intelligence localization utilizes the browser language settings, ensure that your settings match the desired language.

Document Revision History

17 May 2022. First edition.

Resolved Issues

  • Fixed Issue 2879564: Any custom NSX Intelligence configuration values that were set prior to NSX Intelligence 3.2.0 are overridden with the default values post migration.

    If you made customizations to the host configuration in previous NSX Intelligence releases, those customizations are canceled after migrating to NSX Intelligence 3.2.0.

  • Fixed Issue 2879667: Traffic flows are not streamed through the PubSub channel after NSX Intelligence is migrated to version 3.2.0.

    After migrating from NSX Intelligence 1.2.x to NSX Intelligence 3.2.0, the entries in the PubSub subscription table are not updated to point to the correct Kafka broker endpoint. Hence, there are no traffic flows being received from the subscription.

  • Fixed Issue 2885869: Druid tasks are left in pending state after upgrading from NSX Intelligence 1.2.x to NSX Intelligence 3.2.0.

    After you upgrade from NSX Intelligence 1.2.x to NSX Intelligence 3.2.0, some Druid tasks are in pending state. When in the Groups view or Computes view, you will not see any service details in the Flow Details dialog for the Allowed and Blocked flows.

  • Fixed Issue 2889740: A lag in processed traffic flows can occur after migrating to NSX Intelligence 3.2.0 and the UI does not display information about recent traffic flows.

    After migrating an NSX Intelligence 1.2.x set up to NSX Intelligence 3.2.0, traffic flows stop being correlated by the processing pipeline. When this occurs the UI does not reflect the recent traffic flows. Historical flows are still visible in the UI.

  • Issue 2908149: After upgrading NSX Intelligence from version 1.2.x to version 3.2.0 or 3.2.0.1, the Redis /data directory gets filled up, the roll-up does not work, and NSX Intelligence does not function as expected.

    The NSX Intelligence visualization does not display any visualization for the Now time period after upgrading NSX Intelligence 1.2.x to version 3.2.0 or 3.2.0.1. When this issue occurs, the output of the following command indicates that the /data directory for each of the Redis pods is at 100% utilization.

    kubectl exec -it -n nsxi-platform <redis-pod-name> –df -kh /data

    where <redis-pod-name> can be redis-master-0, redis-slave-0, or redis-slave-1.

Known Issues

  • Issue 2389691: Publish recommendation job fails with error "request payload size exceeds the permitted limit, max 2,000 objects are allowed per request."

    If you try to publish a single recommendation job that contains more than 2,000 objects, it will fail with error "request payload size exceeds the permitted limit, max 2,000 objects are allowed per request."

    Workaround: Reduce the number of objects to fewer than 2,000 in the recommendation job and retry the publication.

  • Issue 2599301: Some active sessions are not visible on the NSX Intelligence user interface for the Last 1 Hour view and are not picked up by the Recommendations module for recommending policies.

    There are active traffic flows running on compute hosts, but these traffic flows are not visible in the Last 1 Hour view on the NSX Intelligence user interface. Starting a recommendation analysis for the involved compute hosts does not generate any recommendations for those traffic flows even though those traffic flows are unsegmented.

    Workaround: Synchronize the timestamps across all the compute hosts that are exporting the network traffic flows.

  • Issue 2839668: Old traffic flow data and configuration data from the previous NSX Intelligence deployment are still displayed after NSX Intelligence is reactivated.

    If NSX Intelligence is deactivated, but the NSX Application Platform remains deployed, the old traffic flow data and configuration data from the previous NSX Intelligence deployment continue to be displayed after NSX Intelligence is reactivated. There is no easy way to clean up the old data and keep them from being displayed.

    Workaround: Contact the VMware Support team for assistance with cleaning up the old data.

  • Issue 2885186: After upgrading from NSX-T 3.1 to NSX-T 3.2, unable to see the data when you apply filter or open group flow details.

    Flow details dialog is empty after migration or doesn't report flows when applying filter.

    Workaround: None. System should work normally after 30 minutes.

  • Issue 2882154: Not all the pods are listed in the output of the "kubectl top pods -n nsxi-platform" debugging command.

    By default, the NSX Application Platform uses the metrics-server 0.5.0 instance deployed in the underlying Kubernetes cluster. When you run the kubectl top pods -n nsxi-platform command after the NSX Application Platform is deployed, the output does not show all the pods that are running. Note that there is no functional impact. Only the debugging output is affected.

    Workaround: Make sure the Kubernetes cluster comes up with version 0.4.x of the metrics-server pod before deploying the NSX Application Platform. If necessary, delete the metrics-server 0.5.0 instance deployed by the NSX Application Platform charts and deploy the upstream Kubernetes metrics-server 0.4.x. See https://github.com/kubernetes-sigs/metrics-server#installation for more information.

  • Issue 2936504: The loading spinner appears on top of the NSX Application Platform's monitoring page.

    When you view the NSX Application Platform page after the NSX Application Platform is successfully installed, the loading spinner is initially displayed on top of the page. This spinner might give the impression that there is some connectivity issue occuring when there is none.

    Workaround: As soon as the NSX Application Platform page is loaded, refresh the Web browser page to clear the spinner.

  • Issue 2949575: Powering off one Kubernetes worker node in the cluster puts the NSX Application Platform in a degraded state indefinitely.

    After one Kubernetes worker node is removed from the cluster without first draining the pods on it, the NSX Application Platform is placed in a degraded state. When you check the status of the pods using the kubectl get pod -n nsxi-platform command, some pods display the Terminating status, and have been in that status for a long time.

    Workaround: Manually delete each of the pods that display a Terminating status using the following information.

    1. From the NSX Manager or the runner IP host (Linux jump host from which you can access the Kubernetes cluster), run the following command to list all the pods with the Terminating status.
      kubectl get pod -A | grep Terminating
    2. Delete each pod listed using the following command.
      kubectl delete pod <pod-name> -n <pod-namespace> --force --grace-period=0
check-circle-line exclamation-circle-line close-line
Scroll to top icon