Part#4 Configuring Edge cluster using vCenter VCF9.0.1

-

Configuring Edge cluster using vCenter (VCF9.0.1)

In this lab we will go through the deployment of NSX Edge cluster using vCenter.VCF 9 centralizes the NSX Edge cluster deployment workflow into the vCenter UI for Centralized External Connectivity, replacing earlier SDDC Manager driven steps and aligning with the new VPC + Transit Gateway model. How ever you can still do this from NSX Manager UI.

A brief overview of Connectivity Models:

Centralized Connectivity: The wizard deploys Edge VMs and a Tier-0 that the Transit Gateway uses for north-south traffic. 

Distributed Connectivity: The Transit gateway can connect to physical infrastructure via an external VLAN network and doesn't require any Edge VMs for forwarding traffic.

Pre-requisites:

1. vCenter should be deployed.

2. NSX Should be deployed.

3. BGP should be configured including BGP Peer ASN and Peer IP

4. DNS, Management IP, VLAN, CIDR, FQDN for Edge nodes.



Configuration details used in the lab:

Edge01

FQDN

edge01.uaks.local

vSphere Cluster

wld01-cluster

Resource Pool

Resources

Management IP

192.168.1.10/24

Default Gateway

192.168.1.102 

Uplink01

VLAN

10

CIDR

192.168.1.3/24

BGP peer IP

192.168.1.4

BGP Peer ASN

65004

Password

VMware123!

Uplink02

VLAN

20

CIDR

192.168.2.3/24

BGP peer IP

192.168.2.4

BGP Peer ASN

65004

Password

VMware123!


Edge02

FQDN

edge02.uaks.local

vSphere Cluster

wld01-cluster

Resource Pool

Resources

Management IP

192.168.1.11/24

Default Gateway

192.168.1.102 

Uplink01

VLAN

10

CIDR

192.168.1.5/24

BGP peer IP

192.168.1.6

BGP Peer ASN

65004

Password

VMware123!

Uplink02

VLAN

20

CIDR

192.168.2.5/24

BGP peer IP

192.168.2.6

BGP Peer ASN

65004

Password

VMware123!


Configure network connectivity:

Step#1. Sign in to vCenter and click on networks and Click Network Connectivity



Note: I choose Centralized networking as it supports all the networking services which is not in Distributed model.


Step#2. Click on Configure Network Connectivity
Select Gateway Type to Centralized Connectivity and click next


Note: Before proceeding ensure to complete the pre-requisites other wise deployment will fail.

Step#3. Select all Pre-requisites and click on Continue


Configure Edge Cluster and form factor

I have selected Medium due to space constraints in lab.

Step#4: Give Edge Cluster Name and Select Edge node form factor. Fill required details i-e FQDN, vSphere cluster where you want to deploy along with datastore, Management IP.
For management IP you can use DHCP and Static. In the lab Static is used for the sake of simplicity.


Configure Edge Node 01 as per details mentioned above in the Table


Here two uplinks are used to ensure redundancy.

Step 5: Select fp-eth0 active: vmnic0 and standby: vmnic1
for fp-eth1 active: vmnic1 and standby: vmnic0

For IP Address pools you can use DHCP, IP Pool and IP Pool list. For the sake of simplicity IP Pool is used with desired subnets.









After providing the required parameters Edge01 Configuration is complete as shown below.


For second Edge node you can either Add or you can clone from the existing one. Here i have cloned the edge node and did the required configuration changes. Clone Edge01 and following dialogue box will appear to create Edge02 and fill in the required details as done for Edge 01. 


Configure Edge Node 02 as per details mentioned above in the Table


You will see both Edges configured.


Configure Workload Domain Connectivity


Configure Uplinks for both Edges.





Configure Edge02 Uplinks:




Configure BGP:

Step#6:  Configure BGP and local AS number, Here it is 65007
VPC External IP Blocks 10.10.10.0/24
Private-Transit Gateway IP Blocks: 172.16.10.0/24


Validation of Settings:

 Review the settings and Click on Deploy. 


After some time EdgeCluster01 will be deployed with 2 Edges.


Lessons Learnt:

1. Always ensure to configure Proper BGP routing.
2. When you do cloning of Edge node ensure to verify that both Edges have different IPs, other wise it will not get deployed and will give the conflict of IPs.
3. For BGP, document ASNs, peer IPs and allowed prefixes, validate Established state on both sides.




























IT Professional with wide range of expertise and having 13+ years of extensive experience in Infrastructure Operations, Planning, Design, deployments, upgradation, migrations and consolidations. A technology enthusiast determined to take self-initiatives for driving transformations

Comments

Post a Comment

Popular posts from this blog

Replacing a vSphere 7.x Machine SSL certificate with a Custom Certificate Authority and Integration with NSX-T

-
Image
After replacing the certificate of vCenter with Custom Certificates (which includes certificate(leaf) + sub CA + root CA) then adding compute manager on NSX-T gives error "  Certificate chain of Compute Manager is invalid. Please check Issuer and Subject in the chain.  (Error Code: 90204)"  and sync status between VC and NSX-T manager is down It is because certificate chain is invalid and Certificate chain is being duplicated in the vCenter.  Resolution: Correct the order  you need to follow the following chain              For Machine SSL Certificate Field: It must include  Certificate + subordinate CA + Root CA like this -----BEGIN CERTIFICATE----- MIIFrDCCBJSgAwIBAgITZgAAADAs1zlIBj9VFgABAAAAMDANBgkqhkiG9w0BAQsFADBjMRMwEQYKCZImiZPyLGQBGRYDY29tMRgwFgYKCZImiZPyLGQBGRYIZnB0Y2xvdWQxFjAUBgoJkiaJk/IsZAEZFgZpbnNpZGUxGjAYBgNVBAMTEUZQVENMT1VELVNVQi1DQTAxMB4XDTIxMDIyNDAyNTQyNVoXDTI0MDIyNDAyNTQyNVowKzEpMCcGA1UEAxMgc2duMDltMDF2...
Read more

Part#5 Deploying vSphere Supervisor cluster for VKS with VDS (Foundation load balancer) VCF9.0.1

-
Image
Deploying vSphere Supervisor cluster for VKS with VDS (Foundation load balancer) VCF9.0.1 In this article I will discuss about deploying vSphere supervisor with the option of VDS with Foundation load balancer. If you use vSphere Distributed Switch (VDS) network, you must configure a load balancer to support the network connectivity to workloads from client networks and to load balance traffic between Kubernetes Clusters. The supported load balancer types are Avi Load Balancer, HAProxy and Foundation Load Balancer.VCF 9 introduces VDS ‑ based Supervisor networking with a built ‑ in Foundation LB for lightweight scenarios, reducing moving parts for a lab/POC. I have selected vSphere Distributed Switch (VDS) with the Foundation Load Balancer to minimize footprint while enabling Supervisor control ‑ plane and service VIPs. Overview of Foundation Load Balancer: Foundation LB is designed for baseline Supervisor use cases; it is not a feature ‑ parity replacement for NSX Advanced Load Bal...
Read more

Part#2: Preparing Hosts For Commissioning in VCF9.0.1 and Fixing FQDN/SAN & Certificate Mismatches during VCF Management domain installation

-
Image
Preparing Hosts For Commissioning in VCF9.0.1  and Fixing FQDN/SAN & Certificate Mismatches during VCF Management domain installation In this article our focus is on preparing ESX hosts for commissioning during the deployment of VCF management domain and fixing host failures during the hosts adding in VCF installer caused by certificate SAN/FQDN mismatches and misconfigured host identity. When deploying a VMware Cloud Foundation (VCF) 9.0 management domain, you must prepare a minimum of three ESX hosts to meet the platform’s baseline requirements. This ensures that core management components have sufficient resources and can operate with the expected level of resilience. A brief specification of hosts used in the lab. No. of ESX 03 Host Memory 128GB Storage 06 Disks 1 100GB, 05 of 250 GB Network adapters 04 Nested Hosts Preparation: I am building these ESX hosts in a nested lab environment and done the following 1.  Download the vendor‑supplied ESX installer and upload the...
Read more