Objective 4.2: Deploy VMware NSX Components

  • Installing NSX Manager
    1. Deploy NSX Manager
      1. See pg 32 of Install Guide
      2. “For high availability, VMware recommends that you deploy NSX Manager in a cluster configured with HA and DRS. Optionally, you can install the NSX Manager in a different vCenter than the one that the NSX Manager will be interoperating with. A single NSX Manager serves a single vCenter Server environment.”
    2. Register with vCenter
    3. Deploy VMware NSX Controller Cluster
    4. Prep Hosts
    5. Deploy VMware NSX Network and Security Services
  • NSX Install Guide has dedicated chapter on deployment


  • Registering NSX Manager with vCenter Cluster Server
    • Connection to web front end
    • be aware of how to confirm registration of appliance


  • Install NSX License
    • Done via web client
    • Done after registration against vcenter


  • Prep Hosts and Deploy NSX Controllers
    • See pg53 Install Guide
    • Name resolution
    • Time sync
    • Disable VUM
    • Ensure cluster is in resolved state/status
    • know status changes within UI
  • Controllers
    • Anti-affinity rules in drs make sense but is manual
    • Know UI
    • See pgxx Install Guide
    • Remember command line verification


    • VXLAN transport very important
    • VTEPs between hosts will be a function of the transport config and having a physical network topology that meets said reqs.
    • See pg59 Install Guide
    • VXLAN replication modes
      • Unicast
        • Ease of Entry
        • more work on hypervisor
        • few network changes
      • Hybrid
        • requires IGMP snooping
        • multicast locally and unicast cross WAN
      • Multicast
        • offload more work to network infra
  • NSX Edge
    • See pg59 Install Guide
    • VM provides services such as VPN, stretch L2, dynamic routing
    • Click on NSX Edges
      • Select Edge Services GW
      • Select checkbox for HA if needed
      • Name, Desc, Tenant
      • Enter CLI credentials
      • Configure Datacenter and appliance size
      • Configure interfaces


  • vShield Endpoint (NSX 6.1 and on, Data Security and Guest Introspection)
    • NSX Data Security
    • Activity Monitoring
    • Third Party Solutions
    • In NSX 6.1 Data Security and Guest Introspection replaced it
    • Deploy Network and Security Services
    • Click on Data Security in WebClient
    • See pg116 Install Guide
    • 1 Endpoint instance per host


  • Permissions Required
    • Chapter 4 Install Guide
    • The NSX management service must be running. You can verify this by using a Web browser to open the NSX Manager appliance GUI at https://<nsx-manager-ip> and looking at the Summary tab.
    • You must have a vCenter Server user account with the Administrator role to synchronize NSX Manager with the vCenter Server. If your vCenter password has non-ASCII characters, you must change it before synchronizing the NSX Manager with the vCenter Server.


Scroll to Top