VMware Cloud Community
slinuxuzer2
Contributor
Contributor
‎08-19-2019 02:00 PM
Jump to solution

VCF Network questions

I'm new to VCF and am working on a deployment for a client, so I'm hoping the folks here can answer some questions. Thanks in advance for responses and I'll be sure to mark as correct for anyone that assists.

1. I've noticed in the VMware HOL that VCF management WLD deploys NSX and the first edge, but it seems I can't configure load-balancing on this edge, even though it shows load-balancing is enabled. The typical tab doesn't seem to be available. Does VCF not allow this? I've even tried deploying a second edge and the configuration option isn't there.

2. It seems that all the management workloads in the management WLD are deployed to a VLAN backed port-group, so now logical switches are used and no management workload traffic goes through edges? If this is the case, what does this first edge do then?

3. I've tried deploying a NSX-V WLD in the HOL and can't get it to work properly, it fails at configuring NSX manager backups. My question is, per the VVD two Uplink port-groups are created. I'm assuming this is to peer ESGs with upstream routers. My client wants to use NSX-V and not use dynamic routing, their use case calls for every workload to be NAT.

     a. Is there any reason or restrictions I should be aware of using NSX-V with VCF? I'm assuming when I deploy a NSX-V WLD it deploys the NSX configuration greenfield? Meaning, no logical switches, no DLRs, no ESGs? And then I can build out those constructs to my client's needs?

     b. Even if I can configure NSX-V however I like, will I still be required to have two uplink port-groups and VLANs to deploy the WLD?

4. It appears that NSX Manager backups up to the SDDC Manager? So if this is the case, does the SDDC manager host SFTP server or will I still need to provision this service somewhere else?

Cheers.

0 Kudos
1 Solution

Accepted Solutions
ktebear
VMware Employee
VMware Employee
‎08-19-2019 03:52 PM
Jump to solution

Hello!

I will answer these as you call them out:

1. I believe you are using the H5 Client.  If you use the /vsphere-client vs /ui when navigating to the vCenter you should be able to see the Load Balancer functionality.

2. In HOL the edge that is deployed is for vROps as required by SDDC Manager to Deploy vROps.  Also you can use NSX edges for VLAN or VXLAN(logical switch) backed port groups. 

3. The reason this is failing is due to a password timeout on the backup user.  I have had this called out and it will be fixed in our VMworld release of this lab.  The NSX use case here seems entirely do-able, but would need more details.  For example they could just create a static route for a /16 and point that to an edge therefore it wouldn't be 'dynamic' in nature.

3a. Yes that is correct, if looking to do cross vCenter NSX-V Instance please review VCF documentation for guidelines.  Is there a reason you aren't looking at NSX-T at the current time?

3b. You will be required a single vlan that NSX controllers would be running on for each additional WLD.  The NSX manager runs in the Management Domain.

4. It is configured automatically, please review backup and restore guidance for backing these up from SDDC Manager though.

Feel free to reach out ktebear@vmware.com

View solution in original post

0 Kudos
2 Replies
ktebear
VMware Employee
VMware Employee
‎08-19-2019 03:52 PM
Jump to solution

Hello!

I will answer these as you call them out:

1. I believe you are using the H5 Client.  If you use the /vsphere-client vs /ui when navigating to the vCenter you should be able to see the Load Balancer functionality.

2. In HOL the edge that is deployed is for vROps as required by SDDC Manager to Deploy vROps.  Also you can use NSX edges for VLAN or VXLAN(logical switch) backed port groups. 

3. The reason this is failing is due to a password timeout on the backup user.  I have had this called out and it will be fixed in our VMworld release of this lab.  The NSX use case here seems entirely do-able, but would need more details.  For example they could just create a static route for a /16 and point that to an edge therefore it wouldn't be 'dynamic' in nature.

3a. Yes that is correct, if looking to do cross vCenter NSX-V Instance please review VCF documentation for guidelines.  Is there a reason you aren't looking at NSX-T at the current time?

3b. You will be required a single vlan that NSX controllers would be running on for each additional WLD.  The NSX manager runs in the Management Domain.

4. It is configured automatically, please review backup and restore guidance for backing these up from SDDC Manager though.

Feel free to reach out ktebear@vmware.com

0 Kudos
slinuxuzer2
Contributor
Contributor
‎08-19-2019 05:33 PM
Jump to solution

Thanks for the info. The client has a number of deployment scripts written around NSX-V and their operations team doesn't currently have NSX-T familiarity. Am I understanding correctly that each WLD requires its NSX controllers to be in a new VLAN? Meaning they won't be placed in the same VLAN as the Management WLD controllers?

I think I did try to the flash client, but I'll try again. Also, is there a way to manually tweak the password timeout on the backup user? If so I'd like to bang around a little in the HOL. I'll be at VMworld next week, so maybe we say hello.

0 Kudos