VMware’s NSX product is at the heart of the networking side of their SDDC suite of products that allows for the virtualization of the network layer of the software defined data center. This allows for the abstraction of the network layer from the underlying physical infrastructure. This is key in today’s enterprise environments as we want data to be able to live and flow to and from anywhere. We don’t want to be limited by physical boundaries on either the server side or the network side. VMware NSX provides key benefits including security, automation, application continuity, and compliance. Let’s take a look at how VMware NSX is deployed including the NSX manager as well as the NSX controllers.
Deploying VMware NSX
Deploying VMware NSX involves a few steps that we need to perform. The first of these is we need to download the VMware NSX manager OVA appliance and deploy this within vCenter. The NSX Manager is the first component we bring online when deploying NSX. It provides the management plane for the NSX infrastructure. It is also provides access to the REST APIs that can be used to create, configure, and monitor NSX. High availability for the NSX Manager is provided by the underlying vSphere cluster it resides on utilizing the HA and DRS services for that high availability. Also, a single NSX Manager serves a single vCenter server. Best practice for many involves housing the NSX Manager into a different vCenter environment than the one that it is integrated within for NSX functionality.
At the time of this writing, the OVA appliance file that was downloaded was VMware-NSX-Manager-6.3.0-5007049.ova. You will need an account with VMware to access the download. In the Deploy OVF Template wizard you will choose the downloaded OVA file. We won’t show all the screenshots from the deployment of the OVA file here as it is the standard deployment process within vCenter.
After the deployment process and boot, the NSX Manager will boot to a linux login prompt. This is all we need the console for now. The rest of the configuration with the NSX Manager will be done via the web interface for the appliance.
To configure the NSX Manager via the web interface simply navigate to https://
Here we configure two areas of configuration for the NSX Manager – Lookup Service URL and vCenter Server. To configure them, click the Edit buttons next to each.
When you click to edit the Lookup Service URL you will need to point to your Platform services controller which in many/most cases will be the same as your vCenter appliance if running the “embedded platform services controller”.
Next you will see a dialog to trust the certificate being presented. Click Yes.
Now, we setup our vCenter Server connection. Enter the server name and credentials.
Again, we will see a message asking us to trust the certificate being presented from vCenter.
After setting up the configuration under both the Lookup Service URL and the vCenter Server configurations, we should see a green “dot” next and a Connected status for both areas.
Now we can login to our vCenter server Web UI and we should have a new option available to us – Networking and Security.
We can see the results of our integration with the NSX Manager. If we navigate to Networking & Security and then the Installation link, we have several tabs available to us which will be where we spend the rest of our time setting up and configuring NSX including deploying our NSX Controller nodes, preparing our hosts, VTEPs, logical networks including VXLAN transport, segment ID, and transport zones. However, to verify our installation of the NSX Manager, we can click the Management tab and see in the NSX Managers section our new NSX Manager that we have deployed.
When you click on the IP address of the NSX Manager, you are brought to a more detailed view of the NSX Manager showing summary, manage, and monitor tabs. The Summary tab shows an overview of the NSX Manager including your license key, edition, VXLAN usage, DFW usage, etc.
The Monitor tab is where we can see the audit, system, and other events along with tasks.
In the Manage tab, we can setup more detailed configuration including SNMP settings, security tags, exclusion lists, domains, grouping objects, users, etc.
These configuration sections allow us to have more granular control in many areas of the NSX Manager as well as NSX as a whole. For instance in the domain that can effectively be used in our distributed firewall to class objects and create powerful firewall rules among other things.
Now that we have our NSX Manager in place we can start configuring the other prerequisites in our environments to provision NSX including host preparation, VXLAN setup, setting segment IDs, transport zones, etc. In the next post, we will take a look at how to finish out our configuration of VMware NSX.Like what you read? Rate us