Road to VCAP6-NV: Objective 1.1 – Deploy VMware NSX Infrastructure components

VMwareNSX

In this blog post, I will cover section 1 objective 1.1 of the VCAP6-NV Deploy exam.

Objective 1.1 – Deploy VMware NSX Infrastructure components

  • Deploy the NSX Manager virtual appliance
  • Integrate the NSX Manager with vCenter Server
    • Configure Single Sign On
    • Specify a Syslog Server
  • Implement and Configure NSX Controllers
  • Exclude virtual machines from firewall protection according to a deployment plan

Deploy the NSX Manager virtual appliance

First things first, after downloading the NSX OVA file, right click on the cluster you want to deploy the appliance in and click Deploy OVF Template. Browse to and select the NSX OVA file and click Next.

man01

Enter a name for the VM and location. Click Next.

man02

Select a host to deploy to. Click Next.

man03

Click Next

man04_1

Accept the EULA. Click Next.

man04

Select a storage location. Click Next.

man05

Select a network to connect the vNic to. Click Next.

man06

On the customize template page, provide DNS, IP address, Hostname. etc. Click Next.

man07

Review your settings. Click Finish.

man08

Open a internet browser and browse to the IP address or FQDN that you configured for the NSX Manager. Enter the admin username and password. Click Login.

man09

 

Integrate the NSX Manager with vCenter Server

Now we want to begin making our registration with the vCenter server. To begin, click Manage Appliance Settings

man10

Configure Single Sign On

Under the Manage tab, click NSX Management Service. Click Edit by Lookup Service URL.

man11

Here we will enter in the IP or FQDN of our vCenter service if you are running a vCenter with a embedded database. If you are running a vCenter with a External PSC then you will need to enter the IP of FQDN of the external PSC. Also, provide the SSO administrator username and password. Click Ok.

man12

Accept the certificate by click Yes

man13

Now let’s register with our vCenter server. Click Edit by vCenter Server.

man14

Enter the IP or FQDN of the vCenter server and the vCenter administrator username and password. Click OK.

man15

Accept the certificate by clicking Yes

man16

Once the Lookup service and vCenter server registration is complete, we will be able to see the Networking & Security icon on the vCenter home page. Log off of the NSX Manager.

man17

Log into the vCenter server and notice the new Networking & Security icon.

man18

Specify a Syslog Server

Since I will be using vRealize Log Insight as my syslog server, I first need to prep it and install the NSX content pack. I log into my log insight appliance and under content packs I find the NSX content pack and install it.

sys02

Now navigate back to the NSX manager and click Manage Appliance Settings > Manage > Settings > General and click Edit next to Syslog Server

sys01

Enter in the information for your Syslog server and click OK.

sys03

 

Implement and Configure NSX Controllers

*This portion comes from another lab setup that I had, just in case you’re wondering about the IP addresses…the concept is the same*

Once you’ve deployed the NSX manager appliance and you’ve setup the registration with your vCenter, its time to deploy our controllers for NSX. From the Networking & Security pane click Installation > Management. At the bottom you will see the NSX Controller nodes pane. Click the green +

controller1

Click Select next to the IP Pool entry

controller2

Click New IP Pool…at the bottom of the window.

controller3

We need to create a pool of IP addresses that will be assigned to the controllers automatically when they are deployed. Fill in the appropriate information and click OK.

controller4

Fill in the appropriate information for adding the controller and select the newly created IP Pool. Click OK.

controller5

Wait on the controller to deploy and show Normal in the Status column. You will need to deploy 3 controllers. Do not try to deploy any subsequent controllers until the first controller is fully deployed and status is showing normal.

controller6

Exclude virtual machines from firewall protection

Navigate to Networking & Security > NSX Managers and select the NSX manager

ex01

Under Manage > Exclusion List is where you want to place VMs that you want to exclude from firewall protection. Click the green +

ex02

Select the VMs that you want to exclude. Click OK.

ex03

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s