What is the role of the message bus in VMware NSX?
A message bus guarantees the delivery of messages to a host, even if that host is unavailable or you're unable to establish a connection. So, how do you use it in NSX?
In order to describe what the message bus does in VMware NSX, we must first talk about what a message bus is. When it comes to computer-to-computer communications, a host can use a protocol to access the other computer directly.
For example, one application might use an HTTP REST application programming interface call to initiate a process with an application running on another host. The problem with this is that the connection might fail if the host you are trying to access is unavailable or congested. In the event of a failed connection, the application running on the first host often won't restart.
A message bus creates a more robust system that can guarantee delivery of a specific message to a host, even if the host or application is temporarily unavailable. A message bus also allows the sender to specify what should be done with every message.
The message bus that NSX uses to communicate with vSphere is implemented with the Advanced Message Queuing Protocol (AMQP) with a RabbitMQ. AMQP is installed on the NSX ManagerVirtual Appliance. As you can see in Figure A, the appliance allows you to verify whether RabbitMQ is running or not.
The vShield Firewall Daemon (VSFWD) sets up a connection to the message broker via Secure Shell on the ESXi host. The VSFWD processes and sends messages on behalf of other services on the vSphere host.
This process uses Transmission Control Protocol port 5671, so you can use the following esxcli command to verify whether a connection can be established between the RabbitMQ daemon and the one on the ESXi host:
esxcli network ip connection list |grep 5671
The NSX Manager uses the message bus to send information to the ESXi hosts, including policy rules, host certificates and keys needed to authenticate communication between hosts and controllers and more. The message bus is also responsible for handling requests to either create or delete distributed logical router instances. Firewall rules can also be transferred to the ESXi host through the message bus in a secure manner.
