Objective:
The goal is to deploy an NSX manager in the lab environment. The NSX Manager provides a web-based user interface where you can manage your NSX environment. It also hosts the API server that processes API calls.
Product Interoperability Check:
From the VMware Product Interoperability Matrix, for the versions running in the lab:
- VCSA Version 8.0U1a
- ESXi host Version 8.0
NSX versions 4.0.1.1, 4.1.0.0, and 4.1.0.2 are compatible.
NSX Manager Download:
I have chosen to use the latest compatible version, NSX version 4.1.0.2, the NSX Manager with vCenter Plugin version, named:
nsx-embedded-unified-appliance-4.1.0.2.0.21761695.ova.
This OVF and the related files are used to deploy NSX directly from within vCenter Server 7.0 U3c or newer and includes an integrated plugin to enable deployment and configuration of NSX directly from within the vCenter UI. The plugin also provides workflows in vCenter for simplified consumption of Security and Virtual Networking functionality provided by NSX and is supported with one vCenter Server instance. If you are deploying NSX in standalone mode you should use the NSX Manager OVA file instead.
Verify DNS Setup:
During DNS server setup, we created forward and reverse lookup records for NSX Manager, named nsxmgr1.lab.local, at IP address 192.168.1.102. Testign from the DNS server, we can see the record is in place, and ping fails as expected.
root@photon1 [ ~ ]# ping nsxmgr1.lab.local
PING nsxmgr1.lab.local (192.168.1.102) 56(84) bytes of data.
3 packets transmitted, 0 received, 100% packet loss, time 2031ms
Deploy OVF Template:
This series of images runs through deployment steps and the configuration options for a small deployment configuration.
IMPORTANT: This configuration is supported for Global Manager Production deployment. This configuration requires the following: * 4 vCPU * 16GB RAM * 300GB Storage * VM hardware version 10 or greater (vSphere 5.5 or greater)
Remove CPU and Memory Reservations:
Before powering on the appliance, as this is a lab environment, we will remove the CPU and memory reservations by entering 0 in the reservation fields.
Power on The NSX Manager Appliance:
Power on the NSX Manager guest VM, using the vSphere client.
Modify the Default Admin Password:
Change the admin password from the default password, default, using a remote console.
SSH to NSX Manager:
SSH to NSX Manager using the new admin account password.
ssh admin@nsxmgr1.lab.local
The authenticity of host 'nsxmgr1.lab.local (192.168.1.102)' can't be established.
ED25519 key fingerprint is SHA256:A/8krpM66mP9rxtmFb/tpValZRR1/b4Qt/S9bgTTxP8.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'nsxmgr1.lab.local' (ED25519) to the list of known hosts.
admin@nsxmgr1.lab.local's password:
NSX CLI (Manager, Policy, Controller 4.1.0.2.0.21761695). Press ? for command list or enter: help
nsxmgr1>
Wait for Services to start:
If you attempt to access the NSX Manager Web UI as it is starting up, you may get a message like this:
Some appliance components are not functioning properly.
Component health: MANAGER:UNKNOWN, SEARCH:UNKNOWN, UI:UP, NODE_MGMT:UP.
Error code: 101
Verify Service Status:
Not all services are expected to be running. Here is a view of the expected state:
nsxmgr1> get services
Service name: applianceproxy
Service state: running
Service name: async_replicator
Service state: running
Logging level: info
Service name: auth
Service state: running
Logging level: info
Service name: cluster_manager
Service state: running
Service name: cm-inventory
Service state: running
Service name: controller
Service state: running
Listen address:
Service name: datastore
Service state: running
Service name: datastore_log_replication
Service state: stopped
Service name: datastore_nonconfig
Service state: running
Service name: http
Service state: running
Logging level: info
Session timeout: 1800
Connection timeout: 30
Client API rate limit: 100 requests/sec
Client API concurrency limit: 40
Global API concurrency limit: 199
Redirect host: (not configured)
Basic authentication: enabled
Cookie-based authentication: enabled
Service name: idps-reporting
Service state: running
Service name: install-upgrade
Service state: running
Enabled on: 192.168.1.102
Service name: liagent
Service state: stopped
Service name: manager
Service state: running
Logging level: info
Service name: messaging-manager
Service state: running
Service name: migration-coordinator
Service state: stopped
Service name: node-mgmt
Service state: running
Service name: node-stats
Service state: running
Service name: nsx-message-bus
Service state: stopped
Service name: nsx-platform-client
Service state: running
Service name: nsx-upgrade-agent
Service state: running
Service name: ntp
Service state: running
Start on boot: True
Service name: search
Service state: running
Service name: site_manager
Service state: running
Service name: snmp
Service state: stopped
Start on boot: False
Service name: ssh
Service state: running
Start on boot: True
Root login: enabled
Service name: syslog
Service state: running
Service name: telemetry
Service state: running
Service name: ui-service
Service state: running
The following services are not required by default and do not start automatically.
liagent
migration-coordinator
: This service is used only when running migration coordinator. See the NSX Migration Guide before starting this service.snmp
: For information on starting SNMP see Simple Network Management Protocol in the NSX Administration Guide.nsx-message-bus
: This service is not used in NSX 3.0.
Access the NSX Manager Web UI:
Access the NSX Web UI using a browser:
https://nsxmgr1.lab.local/
Conclusion:
At this point in the lab build-out we deployed an operational vCenter, VDS, NSX Manager, DNS, and NTP.