NSX-T Edge VM Design - Single N-VDS Edge VM on N-VDS with 2 pNICs
In a small Data Center, it's common to find clusters with management
components such as vCenter, NSX Manager, vRealize Automation, vRealize
Network Insight, vRealize Log Insight, and so on. This is what we called
a "Shared" Management and Compute cluster. Edge VMs can be deployed in a
shared cluster.
In the following diagram, the hosts are ESXi based and they have only 2 pNICs available on each.
I use the following VLAN information in my setup for the Edge VM configuration.
This design is available since NSX-T 2.5 release. The single N-VDS provides multi-TEP capabilities.
Take a look on Transport VLAN ID in th red rectangle. VLAN ID 596 is for the Compute TEP, and VLAN ID 595 is for the Edge VM TEP.
Note: I created a "Shared-Edge-Not-Used" segment with VLAN ID 1. This segment will be attached to Edge VM's interface fp-eth2. Even if we are not using this interface, a segment is required during the Edge VM deployment.
To add the Edge VM in NSX Manager, follow the process described in this link: https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.5/migration/GUID-8CC9049F-F2D3-4558-8636-1211A251DB4E.html
You can ping these Edge VMs from the Transport Node with the "vmkping ++netstack=vxlan" command.
Note: Because of the Multi-TEP support, each Edge VM has two (2) IP addresses for overlay traffic.
Enjoy your new NSX setup !
In the following diagram, the hosts are ESXi based and they have only 2 pNICs available on each.
I use the following VLAN information in my setup for the Edge VM configuration.
- Management VLAN: 599
- vMotion VLAN: 598
- TEP VLAN for Compute: 596
- TEP VLAN for Edge VM: 595
- Uplink1 Trunk for Edge VM: 0-4094
- Uplink2 Trunk for Edge VM: 0-4094
N-VDS Edge VM Diagram
We are going to configure the "Single N-VDS Edge VM Design on N-VDS with two (2) pNICs".This design is available since NSX-T 2.5 release. The single N-VDS provides multi-TEP capabilities.
Compute Configuration
- The host has only two (2) pNICs available
- A N-VDS for the host is already deployed "HOST-NVDS"
- Both pNICs are used for redundancy and load balancing depending the type of traffic
- A TEP dedicated IP pool and VLAN are defined for Compute
- The compute's Uplink Profile has the teaming policies (This is an example, you can adjust them)
- Load Balance for Overlay traffic
- Failover for Management traffic (Primary U1, Standby U2)
- Failover for Edge Uplink1 Trunk traffic (Primary U1, Standby U2)
- Failover for Edge Uplink2 Trunk traffic (Primary U2, Standby U1)
- The Transport VLAN ID equals to 596
- Management, Uplink1 Trunk and Uplink2 Trunk Segments are defined for Edge VM connectivity
Edge VM Configuration
- An Edge VM has four (4) interfaces available
- eth0 is dedicated to management traffic
- fp-eth0 used for overlay and uplink1 traffic
- fp-eth1 used for overlay and uplink2 traffic
- fp-eth2 not used
- A single N-VDS will be defined for the Edge VM
- The same "HOST-NVDS" is used for the Overlay traffic and uplink traffic - because Edge VM and compute are sharing the same Transport Zone for the overlay traffic, they have to share the same N-VDS
- A TEP dedicated IP pool and VLAN are defined for Edge VM
- The Edge VM's Uplink Profile
- Load Balance for Overlay traffic using multi-TEP support
- Failover for Uplink1 traffic (Primary U1, Standby None)
- Failover for Uplink2 traffic (Primary U2, Standby None)
- Because we are using trunk segments, the Transport VLAN ID equals to 595.
Configuration
Step 1 - Transport Zones and N-VDS
One (1) N-VDS is created "HOST-NVDS" for this design. Two (2) Transport Zones "Shared-Overlay-TZ" and "Shared-VLAN-TZ" are part of "HOST-NVDS".Step 2 - Uplink Profiles
Two (2) uplink profiles are created:- Shared-Compute-2pNICs for the Compute (or Transport Node)
- Shared-Edge-2pNICs for Edge VM's Overlay and Uplink traffic
Take a look on Transport VLAN ID in th red rectangle. VLAN ID 596 is for the Compute TEP, and VLAN ID 595 is for the Edge VM TEP.
Step 3 - Segment Creation
Here is the list of required segments for this setup.Note: I created a "Shared-Edge-Not-Used" segment with VLAN ID 1. This segment will be attached to Edge VM's interface fp-eth2. Even if we are not using this interface, a segment is required during the Edge VM deployment.
Step 4 - Override the default teaming policy with named teaming policy in the Advanced UI
For this step, you have to go to the Advanced UI on NSX manager and under the Switching section.Step 5 - Edge VM deployment
You have to deploy the Edge VM via vCenter because the Management segment will not show up during the Edge VM installation wizard through NSX Manager (this feature wil be added in the next NSX-T releases). Select NSX-T segments created in step 3.To add the Edge VM in NSX Manager, follow the process described in this link: https://docs.vmware.com/en/VMware-NSX-T-Data-Center/2.5/migration/GUID-8CC9049F-F2D3-4558-8636-1211A251DB4E.html
Steps 6 and 7 - Compute and Edge VM N-VDS Deployment
When the Edge VM is available in the NSX Manager simplify UI, you can now configure N-VDS to finalize the Edge VM configuration. The Compute N-VDS has to be configured before.Results
The following picture shows two (2) Edge VMs deployed with success. Each Edge VM has one (1) N-VDS as mentioned above.You can ping these Edge VMs from the Transport Node with the "vmkping ++netstack=vxlan" command.
Note: Because of the Multi-TEP support, each Edge VM has two (2) IP addresses for overlay traffic.
Enjoy your new NSX setup !
Comments
Post a Comment