Chris Hall bio photo

Chris Hall

Making technology fit my requirements

Principal Technical Consultant

PolarCloudsUK Chris LinkedIn Github
Chris Hall VMware vExpert 2020 Chris Hall VMware vExpert 2021 Chris Hall VMware vExpert 2022

NSX-T Logo In this post we will federate our previously deployed NSX-T sites, the imaginatively named Site A and Site B.

This post is part 4 of a multipart series. Find the other parts here:

As a reminder, in this series we will be building the following lab:

NSX-T Test Lab(Click image to zoom in)

Overview


Deploy Global Manager

First step is to deploy our Global Manager. This being a lab we will make do with just one global manager. Production deployments should have a minimum of three global managers for quorum and redundancy. This is also the case for site NSX Managers.

As this is a lab, we can get away with the bare minimum of one global manager to match our one site manager per site model already deployed.

Deployment is the same as deploying an NSX manager, ensuring that NSX Global Manager is selected during the NSX Manager OVA deployment:

Select Global Manager

Once deployment completes, power on the global manager VM and allow it time to settle.

Create Site VIPs

As already mentioned, normal NSX-T site deployments consist of a cluster of three NSX-T managers per site. So that our global NSX-T manager can communicate with our cluster, we need to create a shared Virtual IP (VIP) that the global manager can use to communicate with our site NSX-T cluster.

Let’s setup our site VIPs.

Log on to a site NSX-T manager, select System > Appliances > Set Virtual IP:

Set VIP

As per our IP schema discussed way back in part 1, we will assign 192.168.10.17 and 192.168.20.17 to our Site A and Site B NSX-T manager VIPs respectively.

Set VIP IP

Once complete, looks good:

VIP IP Set

Obtain Site Cluster Thumbprints

As you will see below, registering the site NSX-T managers with the global manager involves supplying the global manager with the certificate thumbprints from each of the site NSX-T clusters. The thumbprints can be obtained by opening an SSH session to each of the site NSX-T managers and issuing the command:

get certificate cluster thumbprint

get certificate cluster thumbprint

Global Manager Config

Let’s log into our global manager for the first time. Good news is that we don’t need to licence the global manager, so after accepting the licence agreement, we are free to begin configuration.

Select System > Location Manager, select Make Active and supply a name. I’ll name mine NSX-T Lab:

NSX-T Lab Named

Add Site NSX-T Managers to Global Manager

Select System > Location Manager > Add On-Prem Location.

Complete the required information along with the thumbprint gained above and select Check Version Compatibility:

Check Compatibility

Once saved, confirm that the global manager and site successfully sync:

Site Sync

Repeat above steps for Site B.

Log out and back into the global manager. Confirm that both sites are available on the global manager NSX-T taskbar:

Both Sites on Taskbar

Finally, confirm via Site > System > Fabric > Compute Managers that both vCenters are listed in their respective sites:

vCenter listed in Compute Manager Site A

And:

vCenter listed in Compute Manager Site B

Conclusion and Wrap Up

We made it!

In this post we deployed our Global NSX-T Manager and federated our sites.

We still have to create our Remote Tunnel End Points (RTEPs) and cross site global tier 0 and tier 1 logical routers before we can hook any VMs into our NSX-T build. We will work on those in the following parts of this series.

This was post part 4 of a multipart series. Find the other parts here:

-Chris