NSX

NSX Home Lab Series – 7. NSX Install

Objective:

The goal is to deploy an NSX manager in the lab environment. The NSX Manager provides a web-based user interface where you can manage your NSX environment. It also hosts the API server that processes API calls.

Product Interoperability Check:

From the VMware Product Interoperability Matrix, for the versions running in the lab:

  • VCSA Version 8.0U1a
  • ESXi host Version 8.0

NSX versions 4.0.1.1, 4.1.0.0, and 4.1.0.2 are compatible.

NSX Manager Download:

I have chosen to use the latest compatible version, NSX version 4.1.0.2, the NSX Manager with vCenter Plugin version, named:

nsx-embedded-unified-appliance-4.1.0.2.0.21761695.ova.

This OVF and the related files are used to deploy NSX directly from within vCenter Server 7.0 U3c or newer and includes an integrated plugin to enable deployment and configuration of NSX directly from within the vCenter UI. The plugin also provides workflows in vCenter for simplified consumption of Security and Virtual Networking functionality provided by NSX and is supported with one vCenter Server instance. If you are deploying NSX in standalone mode you should use the NSX Manager OVA file instead.

Verify DNS Setup:

During DNS server setup, we created forward and reverse lookup records for NSX Manager, named nsxmgr1.lab.local, at IP address 192.168.1.102. Testign from the DNS server, we can see the record is in place, and ping fails as expected.

root@photon1 [ ~ ]# ping nsxmgr1.lab.local
PING nsxmgr1.lab.local (192.168.1.102) 56(84) bytes of data.

3 packets transmitted, 0 received, 100% packet loss, time 2031ms

Deploy OVF Template:

This series of images runs through deployment steps and the configuration options for a small deployment configuration.

IMPORTANT: This configuration is supported for Global Manager Production deployment. This configuration requires the following: * 4 vCPU * 16GB RAM * 300GB Storage * VM hardware version 10 or greater (vSphere 5.5 or greater)

Remove CPU and Memory Reservations:

Before powering on the appliance, as this is a lab environment, we will remove the CPU and memory reservations by entering 0 in the reservation fields.

Power on The NSX Manager Appliance:

Power on the NSX Manager guest VM, using the vSphere client.

Modify the Default Admin Password:

Change the admin password from the default password, default, using a remote console.

SSH to NSX Manager:

SSH to NSX Manager using the new admin account password.

ssh admin@nsxmgr1.lab.local

The authenticity of host 'nsxmgr1.lab.local (192.168.1.102)' can't be established.
ED25519 key fingerprint is SHA256:A/8krpM66mP9rxtmFb/tpValZRR1/b4Qt/S9bgTTxP8.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'nsxmgr1.lab.local' (ED25519) to the list of known hosts.
admin@nsxmgr1.lab.local's password: 
NSX CLI (Manager, Policy, Controller 4.1.0.2.0.21761695). Press ? for command list or enter: help

nsxmgr1> 

Wait for Services to start:

If you attempt to access the NSX Manager Web UI as it is starting up, you may get a message like this:

Some appliance components are not functioning properly.
Component health: MANAGER:UNKNOWN, SEARCH:UNKNOWN, UI:UP, NODE_MGMT:UP.
Error code: 101

Verify Service Status:

Not all services are expected to be running. Here is a view of the expected state:

nsxmgr1> get services


Service name:                            applianceproxy      
Service state:                           running             

Service name:                            async_replicator    
Service state:                           running             
Logging level:                           info                

Service name:                            auth                
Service state:                           running             
Logging level:                           info                

Service name:                            cluster_manager     
Service state:                           running             

Service name:                            cm-inventory        
Service state:                           running             

Service name:                            controller          
Service state:                           running             
Listen address:                                              

Service name:                            datastore           
Service state:                           running             

Service name:                            datastore_log_replication
Service state:                           stopped             

Service name:                            datastore_nonconfig 
Service state:                           running             

Service name:                            http                
Service state:                           running             
Logging level:                           info                
Session timeout:                         1800                
Connection timeout:                      30                  
Client API rate limit:                   100 requests/sec    
Client API concurrency limit:            40                  
Global API concurrency limit:            199                 
Redirect host:                           (not configured)    
Basic authentication:                    enabled             
Cookie-based authentication:             enabled             

Service name:                            idps-reporting      
Service state:                           running             

Service name:                            install-upgrade     
Service state:                           running             
Enabled on:                              192.168.1.102       

Service name:                            liagent             
Service state:                           stopped             

Service name:                            manager             
Service state:                           running             
Logging level:                           info                

Service name:                            messaging-manager   
Service state:                           running             

Service name:                            migration-coordinator
Service state:                           stopped             

Service name:                            node-mgmt           
Service state:                           running             

Service name:                            node-stats          
Service state:                           running             

Service name:                            nsx-message-bus     
Service state:                           stopped             

Service name:                            nsx-platform-client 
Service state:                           running             

Service name:                            nsx-upgrade-agent   
Service state:                           running             

Service name:                            ntp                 
Service state:                           running             
Start on boot:                           True                

Service name:                            search              
Service state:                           running             

Service name:                            site_manager        
Service state:                           running             

Service name:                            snmp                
Service state:                           stopped             
Start on boot:                           False               

Service name:                            ssh                 
Service state:                           running             
Start on boot:                           True                
Root login:                              enabled             

Service name:                            syslog              
Service state:                           running             

Service name:                            telemetry           
Service state:                           running             

Service name:                            ui-service          
Service state:                           running

The following services are not required by default and do not start automatically.

  • liagent
  • migration-coordinator: This service is used only when running migration coordinator. See the NSX Migration Guide before starting this service.
  • snmp: For information on starting SNMP see Simple Network Management Protocol in the NSX Administration Guide.
  • nsx-message-bus: This service is not used in NSX 3.0.

Access the NSX Manager Web UI:

Access the NSX Web UI using a browser:

https://nsxmgr1.lab.local/

Conclusion:

At this point in the lab build-out we deployed an operational vCenter, VDS, NSX Manager, DNS, and NTP.

Begin typing your search term above and press enter to search. Press ESC to cancel.