DefinIT

NSX-T 2.0 Lab Build: Edge Installation

| 23/10/2017 | Tags: , , , , ,

Disclaimer! I am learning NSX-T, part of my learning is to deploy in my lab – if I contradict the official docs then go with the docs!

Lab Environment

This NSX-T lab environment is built as a nested lab on my physical hosts. There are four physical ESXi hosts, onto which I will deploy three ESXi VMs, a vCenter Server Appliance, NSX Manager, an NSX Controller cluster, and two NSX Edge Nodes.

Physical, virtual and nested components of the NSX-T lab

Deployment Plan

I will follow the deployment plan from the NSX-T 2.0 documentation:

  • Install NSX Manager.
  • Install NSX Controllers.
    • Join NSX Controllers with the management plane.
    • Initialize the control cluster to create a master controller.
    • Join NSX Controllers into a control cluster.
  • Join hypervisor hosts with the management plane.
  • Install NSX Edges.
    • Join NSX Edges with the management plane.
  • Create transport zones and transport nodes.

When this post series is complete, the network topology should be something like this, with two hostswitches configured. The ESXi Hosts will have a Tunnel Endpoint IP address, as will the Edge. The Edge will also have an interface configured for a VLAN uplink.

The NSX-T Transport Node network configuration

In this post I will walk through configuring the Transport Zone, Transport Nodes, Edge Cluster and other configuration required to support the deployment.

Deploying a VM Edge Node

Deploying a new Edge onto ESXi can be done via an OVA, or through the NSX Manager interface. Since I am deploying the Edge to my physical hosts (managed by my lab vCenter, not the nested hosts managed by the pod vCenter) I can’t deploy from the NSX interface.

Deploying the edge needs some understanding of the role the edge plays and it’s connectivity. I strongly suggest reading and understanding the NSX Edge Networking Setup article in the documentation before even thinking about deploying.

The configuration I am using is shown in the diagram below. The ESXi host has two NICs connected to the Management network (VLAN 200), and two NICs connected to the Underlay network (VLAN 202). The Edge VM has one NIC connected to the Management network (VLAN 200), one NIC connected to the Uplink network (VLAN 201) and two NICs connected to the Underlay network (VLAN 202).

This translates to the VM Edge Nodes I deploy being assigned the following NIC configuration – note that the source network is in reverse order – Network0 is at the bottom!

The remaining settings fall into several groups, all which are pretty self explanatory.

Application settings – configure some users and passwords

NSX Manager configuration – not strictly required as we’ll join the management plane afterwards (I assume that if you fill out these options it will auto-join…but that’s a guess!)

DNS Settings

Network and Services configuration

Once the OVF deployment has completed, power on the VM Edge Node.

Join NSX Edges with the management plane

If you enabled SSH (as I did) you can connect with the newly deployed Edge on it’s management IP address. If not you should be able to use the console to configure it. Once on the console/SSH, authenticate as the admin user with the password you specified during deploy time.

Validate the management IP address using “get interface eth0”

Retrieve the Manager API thumbprint using “get certificate api thumbprint” from the NSX Manager console/SSH, or using the web interface

Join the VM Edge Node to the management plane using the following command:

join management-plane <NSX Manager> username <NSX Manager admin> thumbprint <NSX-Manager’s-thumbprint>

You will be prompted for the password of the NSX admin user and the node will be registered

You can validate the Edge has joined the Management plane using the command “get managers”.

Below you can see that in the NSX Manager console under Fabric > Nodes > Edges I have added two Edge VMs, the deployment is up and connected to the manager, but the Transport Node is not configured yet – that will be the next post!