Friday, November 11, 2016

VMware NSX Installation Procedure and Requirements

Before doing the actual installation I preferr to lay down the procedure and requirements. This helps seamless deployment experience

Procedure

 
  • Deploy NSX Manager
  • Register with vCenter
  • Deploy NSX Controllers
  1. IP Pools needs to be configured in vCenter
  2. Wait for the 1st Controller to be deployed successfully before starting the remaining 2
  3. Please ensure to configure DRS anti-affinity rule to prevent the controllers from residing on the same host
  4. Please be aware of Password policies 
Password must not contain the username as a substring. Any character must not consecutively repeat 3 or more times.
The password must be at least 12 characters and must follow 3 of the following 4 rules:
At least one upper case letter
At least one lower case letter
At least one number
At least one special character


  • Prepare ESXi Hosts for NSX
  • Configure VXLAN Networking
  • Make sure the DVSwitch and Transport VLAN details are in handy beforehand
  • If using Static IPs then IP Pools needs to be configure in vCenter
  • Decide on the NIC Teaming Policy. This will decide how many IPs are required for VTEPs
  • Assign Segment ID
  • Add a Transport Zone
  • Add Logical Switch(s) as per your design
  • Add Distributed Logical Router as per your design
  • Add an Edge Services Gateway as per your design

System Requirements

 

vSphere Requirements

In order to install and configure VMware NSX we need to ensure vSphere Infrastructure is already build and available. Refer the Product Interoperability Matrixes.

Resource Requirements



VM
CPU
RAM (GB)
Storage (GB)
Minimum Count
Remarks
VC
2
8
125
1
To Support 100 Hosts, 1000 VMs
NSX Manager
4
16
60
1
To support 256 hypervisors
NSX Controller(s)
4
4
20
3
Standard Config with no customization possible
NSX Edge ( ESG+ DLR)
Compact - 1
Compact - 512 MB
Compact - 500 MB
1 x DLR with HA Enabled
2 x ESG with ECMP ON
 
Large - 2
Large - 1
Large - 1 disk 500 MB + 1 disk 512  MB
 
Quad-Large - 4
Quad-Large - 1
Quad-Large - 1 disk 500 MB + 1 disk 512  MB
 
X-Large - 6
xLarge - 8
X-Large - 1 disk 500 MB + 1 disk 2  GB
 
 

References

 
   

Data store Requirements



Component
Data store Name
Remarks
VC


NSX Manager


NSX Controller 01


NSX Controller 02


NSX Controller 03


NSX ESG 01

My Plan is to only have 2 ESGs
NSX ESG 02

NSX DLR 01 - Active

My Plan is to have 1 DLR with HA enabled

Network Requirements

 
Following Ports & Protocols needs to be opened in the physical network if there are restrictions


Source
Target
Port
Protocol
Purpose
Client PC
NSX Manager
80
TCP
NSX Manager VIB Access
Client PC
NSX Manager
443
TCP
NSX Manager Administrative Interface
ESXi Host
vCenter Server
80
TCP
ESXi Host Preparation
vCenter Server
ESXi Host
80
TCP
ESXi Host Preparation
ESXi Host
NSX Manager
5671
TCP
RabbitMQ
ESXi Host
NSX Controller
1234
TCP
User World Agent Connection
NSX Controller
NSX Controller
2878, 2888, 3888
TCP
Controller Cluster - State Sync
NSX Controller
NSX Controller
7777
TCP
Inter-Controller RPC Port
NSX Controller
NSX Controller
30865
TCP
Controller Cluster - State Sync
NSX Controller
NTP Time Server
123
TCP
NTP client connection
NSX Manager
NSX Controller
443
TCP
Controller to Manager Communication
NSX Manager
vCenter Server
443
TCP
TCP vSphere Web Access
NSX Manager
vCenter Server
902
TCP
vSphere Web Access
NSX Manager
ESXi Host
443
TCP
Management and provisioning connection
NSX Manager
ESXi Host
902
TCP
Management and provisioning connection
NSX Manager
DNS Server
53
TCP
DNS client connection
NSX Manager
Syslog Server
514
TCP
Syslog connection
NSX Manager
NTP Time Server
123
TCP
NTP client connection
vCenter Server
NSX Manager
80
TCP
TCP Host Preparation
REST Client
NSX Manager
443
TCP
NSX Manager REST API
VXLAN Tunnel End Point (VTEP)
VXLAN Tunnel End Point (VTEP)
8472 or 4789*
UDP
Transport network encapsulation between VTEPs
ESXi Host
ESXi Host
6999
UDP
ARP on VLAN LIFs
ESXi Host
NSX Manager
8301, 8302
UDP
DVS Sync
NSX Manager
ESXi Host
8301, 8302
UDP
DVS Sync


Infrastructure Requirements


We will need following infrastructure details before we start the deployment


Component
VLAN ID
Port Groups
IP Address
Subnet
Gateway
Remarks
VC






NSX Manager





 If we plan to use NTP & DNS please make note of the details as well
NSX Controller 01





 If using Static IPs it is recommended to use consecutive IPs for NSX Controllers ins a single vCenter IP Pools


NSX Controller 02





NSX Controller 03





NSX ESG 01





Current Plan is to only have 2 ESGs
DLR will be part of VXLAN based network
NSX ESG 02





VXLAN Networking
(VTEP)





MTU of 1600 or greater on the DVSwitch & VXLAN transport network(s)
No. of IPs will Depend upon the NICs and Teaming/Failover policies

Logical Switch Requirements

 
Even though it is not mandatory it is good to have the details handy before we actually start implementation


Switch Name
Purpose
IP Address
Subnet
Gateway
Remarks
App01 LS
Applications VMs




App02 LS
Applications VMs




App03 LS
Applications VMs




App04 LS
Applications VMs




Transit LS
Transit Network between DLR and ESG



OSPF will be enabled on this switch



No comments:

Post a Comment