NSX InstallationJuly 14, 2020
This post will focus on getting the NSX-T Manager deployed and minimally configured in the lab. NSX-T is a pre-requisite for configuring vSphere 7 with Kubernetes as of the time of this writing.
Deploy the NSX Manager
The first step in our build is to deploy the NSX Manager from an OVA template into our lab. The NSX Manager is the brains of the solution and what you’ll be interacting with as a user. Each time you configure a route, segment, firewall rule, etc., you’ll be communicating with the NSX Manager. Download and deploy the OVA into your vSphere lab.
As you deploy the template you’ll need to specify the size of the deployment. This is important, but for a lab environment less so. I’ve found that the
Small size works well for my lab and doesn’t take up too many resources.
Fill out the rest of the deployment information. The configurations that I used are listed below, customized for my lab environment. I deployed the NSX-T Manager in the management VLAN outlined in the previous post.
- Hostname: nsx
- Rolename: NSX Manager
- NSX Site Name: HollowLab
- Default IPv4 Gateway: 10.10.50.254
- Management Network IPv4 Address: 10.10.50.19
- Management Network Netmask: 255.255.255.0
- DNS Server list: 10.10.50.12, 10.10.50.9
- Domain Search List: hollow.local
- NTP Server List: pool.ntp.org
- Enable SSH: no
- Allow root logins: no
Finish the installation and when complete, power on the NSX vm that was just deployed.
Initialize NSX Manager
Once your NSX Manager appliance has been deployed and powered on, its time to do some basic initialization. The first thing you’ll do is open a web browser and navigate to the FQDN of your NSX Manager appliance you just deployed. Once you authenticate to the appliance using the credentials specified in your OVA deployment from above, you’ll probably see some pop-up screens asking you to accept a EULA, join the CEIP program, etc. Check the boxes and close any getting started windows. We don’t need that stuff. 🙂
You will also need to apply a license to your NSX Manager. Navigate to the
System tab and click
+ADD to add a license and fill out the details. vSphere 7 with Kubernetes requires a
NSX-T Data Center Advanced or higher license to be applied.
The next step in setting up our lab involves connecting a compute manager. This is a fancy name for
vCenter in our case. NSX-T will use this compute manager connection to query objects and create objects as necessary. To setup the computer manager, you’ll need a service account for NSX Manager to talk to vCenter. In my case, I’m using an administrative role (Remember this is a lab), but if you want to be specific about your permissions, and of course you should, you can apply the following privileges to a service account.
|Sessions.View and stop sessions|
|Host.Local Operations.Create virtual machine|
|Host.Local Operations.Delete virtual machine|
|Host.Local Operations.Reconfigure virtual machine|
|Permissions.Reassign role permissions|
|Resource.Assign vApp to resource pool|
|Resource.Assign virtual machine to resource pool|
|Virtual Machine.Guest Operations|
From within the NSX Manager console, go to System –> Fabric –> Compute Managers and click
In the next screen, enter your vCenter information and login credentials. Then click the Add button. When you do this for the first time you’ll be presented with a SHA-256 thumbprint and you’ll need to accept that its valid before continuing. Lastly, click the “Enable Trust” button so that it’s in the
Yes position. This last step is important as it allows NSX to trust vCenter for authentication.
You will be asked to add a thumbprint. Click Add. When you’re done you’ll have a vCenter configured and registered as a compute manager.
In this post we deployed the NSX Manager which is the brains of the NSX-T product and have configured licenses and connected it to our vCenter server. In the next post we’ll start configuring NSX-T so that we can start routing some traffic to some virtual machines.