In this blog post, we will discuss NSX-T Controller recommendations, important considerations, process, methods and pre-requisites, followed by the step by step instructions.
If you are new to NSX-T, I would also encourage you to refer my NSX-T Architecture blog post to get a bit more understanding and touch bases on its architecture briefly.
To view the previous step click Step 2 – Add Compute Manager
NSX-T Controllers serve as the “Central Control Point” for all logical switches within a network and maintain the information about all hosts, logical switches, and logical routers. They control the devices that perform packet forwarding. These forwarding devices are known as virtual switches. Virtual switches, such as NSX managed virtual distributed switch (N-VDS, previously known as hostswitch) and Open vSwitch (OVS), reside on ESXi and other hypervisors such as KVM.
Before jumping onto the deployments steps lets discuss a couple of the recommendations of NSX-T Controller deployment in production environment:
- Three members – to avoid any outage to the NSX-T control plane
- Each controller should be placed on a unique hypervisor host i.e. three physical hypervisor hosts in total, to avoid a single physical hypervisor host failure impacting the NSX-T control plane.
For a Lab or proof-of-concept deployments where there are no production workloads, it is acceptable to run a single controller to save resources.
Important Considerations before deployment:
- When you deploy NSX-T Controllers from an OVA or OVF file, either from vSphere Web Client or the command line, OVA/OVF property values such as user names, passwords, or IP addresses are not validated before the VM is powered on, which may impact the core services “start-up” on the appliance, if the password specified does not meet complexity requirements.
- VM’s IP settings on the NSX-T Controller appliances cannot be changed after the deployment, by modifying the OVA settings from vCenter Server.
- The Appliance virtual machine includes VMware Tools and removal or upgrade of VMware Tools is not supported.
Process of NSX-T Controllers is as follows:
- Deploy NSX-T Controller Appliance(s).
- Join NSX-T Controller with the NSX Manager.
- Initialize the Control Cluster to create a Control Cluster Master.
- Join Additional NSX Controllers with the Cluster Master.
Different methods to deploy NSX-T Controllers and forming its cluster:
- Automated – NSX Manager UI
- Automated – API
- Install NSX Controller on ESXi using the GUI.
- Install NSX Controller on ESXi using command line OVF Tool
- Install NSX Controller on KVM
The two automated Installation methods i.e. NSX Manager UI and API, does all 4 process steps automatically and thereby reducing interaction effort significantly.
For this blog post, we will use the first method i.e. “Automated via NSX Manager UI”
The Prerequisites of “Automated installation of NSX-T Controllers” via NSX Manager UI are as follows:
- NSX-T Manager deployed
- vCenter Server and vSphere ESXi hosts deployed.
- vSphere ESXi host registered to the vCenter Server.
- vCenter Server added to the NSX-T manager as “Compute Manager”.
- vSphere ESXi host must have enough CPU, memory, and hard disk resources to support the NSX-T Controllers resource requirements:
|Appliance||Memory||vCPU||Disk Space||Deployment Type|
|NSX Controller Small VM||8 Gb||2||120 Gb||Lab and proof-of-concept deployments|
|NSX Controller Medium VM||16 Gb||4||120 Gb||Recommended for medium size deployments|
|NSX Controller Large VM||32 Gb||8||120 Gb||Required for large-scale deployments|
With that, lets get started…
- Logon to the NSX-T Manager https://<nsx-t_manager_FQDN>, hover the mouse pointer over “System” and click “Components”:
- Click “Add Controllers”:
- Select the “Compute Manager” and the appropriate details as shown in the screenshot below:
- Specify the “first” NSX-T controller’s details as appropriate and click “Add Controller” to add more controllers as shown in the screenshot below:
- Specify the “second” NSX-T Controller’s details, follow the same process for the “third” NSX-T Controller. Click “Finish” as shown in the screenshot below:
- The three NSX-T Controllers will now start deploying:
- Alternatively, you can view “Recent tasks” by logging on to the vCenter to check the status:
- The “Cluster Connectivity” and “Manager Connectivity” status will show “Up” as shown below:
NSX-T Controller status can also be verified via “command line” by following the optional steps below:
- To verify the NSX-T Controllers are registered with the NSX-T Manager.
- Log in to the NSX-T Manager console via putty using “admin” credentials
- Enter the following command:
get management-cluster status
As shown in the screenshot above all three controllers IPs and UUIDs will be displayed, and the “Management cluster status” and “Control cluster status” must show “STABLE”
- To check the NSX-T Controller “Master Node” and the status of the individual NSX-T Controller nodes:
- Log in to the NSX-T Controllers individually via putty using “admin” credentials.
- Enter the following command on all individual NSX-T Controllers:
get control-cluster status
From the screenshot above we can see that the “NSXt-Controller-3” is the “Master Node” between the three NSX-T Controllers.
This completes the NSX-T Controller cluster deployment.
To view the next step click Step 4 – Host Preparation