Step by Step install NSX – Part 4
Basic Configuration for the NSX manager for the basic functionality
In this Post we will configure
- NSX Controller
- Host Preparation
- VXLAN
- Transport Zone
NSX Controller
Normally in production we must to deploy 3 controller cluster and this for high availability (HA). But in our case as I am working in lab environment.
I will do only one and will show you how to enable Controller Disconnected Operation (CDO) mode in the controller in case of failure of all the three controller.
CDO mode is to maintain the functionality of the routing and switching until the controller fixed or become functional.
In case you are installing NSX for micro segmentation only and without need for routing or switching functionality, you don’t want to deploy the controller.
From the vSphere client select the Networking and Security from the menu and select the installation and Upgrade tab in the left panel.
Select NSX Controller Nodes in the right tab, click EDIT in common controller Attributes.
Configure the DNS Server and the NTP server and add the syslog if you have one. Click Save.
Under the Controller Nodes click ADD.
Write the password and the confirmation one and click Next.
Write the required setting to configure the controller appliance and select the Select IP Pool to configure the IP Pool that the controller appliances will use.
If you don’t have pool, select CREATE NEW IP POOL.
After configuring the new pool click save and ok after that click Finish.
After finish we can check the status from the main panal from the NSX Controller Nodes tab (Green with Connected).
Also from the Hosts and Clusters user the management cluster we will find the controller appliance.
To enable the CDO mode, Select the controller and select Actions menu and select Enable CDO mode, click Yes to confirm.
“Controller Disconnected Operation (CDO) mode ensures that the data plane connectivity is unaffected when hosts lose connectivity with the controller. Enable CDO mode to avoid temporary connectivity issues with the controller”.
Configure the VXLAN Settings
In the Installation and Upgrade main tab select Logical Networking Settings in the VXLAN Setting sub tab Configure the VXLAN Port by click Edit and configure the VXLAN port (4789).
Configure the Segment IDs by click Edit and configure the Segment ID Pool and from the range 5000 to 16777215. And this to segment the logical switches or to give the logical switch unique ID from this range.
Prepare the ESXI Hosts for the NSX
In the Installation and Upgrade main tab select Host Preparation select the cluster for the production or that includes the hosts need to be prepared for the NSX workloads and click INSTALL NSX. This Step is to install the NSX VIB (vSphere Installation Bundle) in the ESXI.
Click YES to confirm the installation.
After setup the firewall will be enabled directly and we will need to configure the VXALN by select CONFIGURE.
In the VXLAN networking box configure the VLAN based your configuration and select the IP Pool to assign the IP (you can create new ip pool if you don’t have) for the VTEP directly and click SAVE.
Once we will finish the configuration, we should find the Firewall, VXLAN and the communication channel health is up and green.
Once we will add any server to the cluster that enabled for NSX, Automatically the VIB will be pushed to the new ESXI host and will configure it automatically.
We can go and check the new VMKernel vmk1 is created with vxlan and with network label vmx-vmknic*******. This vmk1 named by the VTEP (virtual tunnel end-point) that is responsible for encapsulating VM traffic inside of a VXLAN header and routing the packet to a destination VTEP for further processing.
Configure the Transport Zones
In the Installation and Upgrade main tab select Logical Networking Settings in the Transport Zones sub tab, click ADD to create new transport zone.
Create the transport zone and select Unicast and select the cluster need to be covered in the transport zone and click ADD.
Here we are ready to start using the NSX by creating all the network (routers, logical switches, edges with all the services can be provided) and the micro segmentation.