VMware NSX 6.2.2 Installation for vCloud Director 8.10
You will need to initially download the VMware NSX Manager 6.2.2 .OVF from the VMware website. This can be downloaded via this website – https://my.vmware.com/en/web/vmware/info/slug/networking_security/vmware_nsx/6_x
Useful Links before we start the installation –
You will need to login to vCenter and select File –> Deploy OVF Template. This will open the Deploy OVF Template wizard, you will need to browse to the .OVF file as per the below screenshot –
This page will provide a description of the .OVF file you will be deploying using the wizard. Press Next to continue.
You will need to accept the terms and conditions of the VMware NSX Manager OVF and press next to continue.
You will now need to fill out the relevant information to configure the appliance.
Specify the relevant IP address, netmask and default gateway.
Note – I have experienced issues when specifying more than one DNS and NTP server via this wizard. I recommend only using one DNS and one NTP server, then configuring this later on in the NSX Appliance website.
You will now be presented a summary of the configuration that will be applied to the NSX Manager.
I reduced the VM Memory at this point so I could run this in my lab environment, however there are CPU reservations on the VM so you will not be able to reduce the CPU resources required. If you open the VM console you will be able to see the NSX Manager configuring as it starts up. When this is completed it will present a login prompt.
You will now need to navigate to the NSX Manager via the FQDN or the IP address. For example –
When you login you will be presented with this screen, before proceeding you will need to make sure the NSX Management Service is showing as ‘Started’ this takes a very long time usually so you may need to wait a while.
You will now need to navigate to the Manage section so we can configure single sign on and the connection to vCenter.
Navigate to the NSX Management Service selection that is under the components section. Select Configure on the Lookup service selection. You will now need to use the following configuration –
Lookup Service IP – This will either be your vCenter FQDN or If you are using an External PSC it will be the FQDN of the External PSC. In my example I am using an External PSC, in vSphere 6 the Lookup service uses port 443 so place this in the Lookup Service Port. You will need to now use a User that has relevant Administrator permissions to your vCenter. In my example I have used the default [email protected] account.
The wizard will ask you to verify the certificate that is presented from your vCenter/PSC Server.
When complete you will see that the Lookup Service has connected. I had multiple issues with trying to connect to the Lookup Service due to replacing my vSphere certificates for Trusted Certificates. You can find that article here
You will now need to proceed to adding your vCenter server. Specify your vCenter FQDN and the relevant Administrator credentials.
The wizard will again ask you to verify the certificate presented from your vCenter.
When completed you will see that both of the services are now connected.
You will now need to restart the vSphere Web Client Service on your vCenter service so that the NSX Plugin is registered correctly. When the service has restarted you will need to wait for the vSphere web client to start. When this has started you can login to the vCenter Web Client.
When logging in you will see the Networking and Security plugin in the Home view.
Click this and you will be presented with the below screen –
You will now need to select the Installation tab.
We now need to configure a NSX Controller VM for our VMware NSX installation. In a production environment you will need to deploy more NSX Controllers, but for this lab environment setup I will only be using one NSX Controller. You will now need to fill in the relevant information for your environment. When selecting the IP Pool you will need to create one for your environment. For example I have created a pool for 172.16.0.45-172.16.0.50. If you do not have sufficient resources in your cluster the NSX Controller deployment will fail and the VM will automatically be removed by NSX. You can reduce the resources on the controller VM’s but you will need to make changes that are not supported by VMware.
NSX will now proceed to deploy the NSX Controller via vCenter.
If you open the NSX Controller Console you will be able to see the VM configuring.
When completed you will see the following in the NSX Console in the vCenter Web Client.
You will now need to proceed to preparing your hosts. I experienced another issue due to certificates at this stage, this can be found here. This was due to the ESX Solution Manager certificate wasn’t updated properly so it could not register correctly with vCenter.
I had to manually install the VIB’s for this to work correctly, I actually completed this and still had issues, that is when I found that I had the above issue as well. Once I fixed that issue everything worked correctly. In previous versions of NSX there would be a static web address where you would download the vxlan.zip. In NSX 6.2.2 you will need to navigate to https://NSX-MGR-IP/bin/vdn/nwfabric.properties as you can see the URL for 6.0 was https://NSX-MGR-IP/bin/vdn/vibs-6.2.2/5.5-3521346/vxlan.zip It’s advised to use this page to find out the correct URL.
Extract the VIB and upload the .zip to shared datastore.
For example /vmfs/volumes/JACOB-ISOs/vxlan
You will now need to install the VIBs using the below commands. Change SHARED-DATASTORE to your relevant datastore name.
esxcli software vib install –no-sig-check -v /vmfs/volumes/SHARED-DATASTORE/vxlan/vib20/esx-vxlan/VMware_bootbank_esx-vxlan_6.0.0-0.0-3521449.vib
esxcli software vib install –no-sig-check -v /vmfs/volumes/SHARED-DATASTORE/vxlan/vib20/esx-vsip/Vmware_bootbank_esx-vsip_6.0.0-0.0.3521449.vib
Alternatively you can upload these to VMware Update Manager and attach a baseline to your hosts for it to be installed.
You can complete this by navigating to the ‘Admin View’ section of VMware Update Manager. Select the Patch Repository Tab and Select Import Patches. Select the VXLAN file that was downloaded earlier, It will import and you will see the below. Previously there used to be three host extensions but in this version there is now only the VXLAN module and the vsip module. Select Finish.
Navigate to your cluster view, select VMware Update Manager then select ‘Attach..’ and then select ‘Create New Baseline’
Make sure you select Host Extension as the Host Baseline then select Next.
Type vsip to find the vsip Module Bulletin, Select the down arrow to add this to the baseline.
Type vxlan to find the VXLAN Bulletin, then again select the down arrow to add this to the baseline.
When you have added them both select next to continue.
When completed you need to select the baseline in the list you have created and select ‘Attach’ to attach this to your cluster.
You can now select ‘Scan..’ to scan your hosts to confirm if they have the patch installed. In my case these were already installed as I installed them manually. If you prefer this method to the manual method select ‘Stage..’ or ‘Remediate..’ to scheldule or run the extension update now.
Note – This will place your hosts in maintenance mode and reboot the hosts to complete the update. I preferred the CLI method as I have only local storage so I can’t place my hosts in maintenance mode without having to reboot the host.
As you can see I have now configured this successfully and the cluster is now ready for VXLAN to be enabled.
Click the ‘Not Configured’ section you can see in the above screenshot. It will bring up the below configuration page for the VXLAN configuration. The MTU can be left as the 1600 default.
Note – You will need the MTU to be changed on your physical switches and also on the vDS. I have set my Maximum MTU to 9000. If you have DHCP you can leave this as the default settings, If not you will need to configure an IP Pool for the VXLAN network adapters.
When this is configured, you will need to select the Logical Network Properties. I have added 5000-5999 as the segment pool ID.
You now need to create a Transport Zone for the NSX Installation. I have selected Unicast as the Replication Mode that is controlled by the NSX Controller Cluster.
You will need to license your VMware NSX as the evaluation mode runs out after 60 days. You can complete this by navigating to Home –> Administration –> Licenses –> Assets –> Solutions –> NSX for vSphere. Select Assign License and type in your license key.
This completes the configuration, this is the stage that we can configure vCloud Director to Integrate with NSX. Stay tuned for my next article on setting up and configuring vCloud Director.