VMware Networking Community
hs77
Enthusiast
Enthusiast
‎02-16-2015 06:15 PM
Jump to solution

NSX Manager & NSX Controller

vNiC's of NSX Manager and NSX Controller are attached to which Port Groups.

Are they VMkernel Management Port Groups or Virtual Machine Port Groups.

0 Kudos
1 Solution

Accepted Solutions
rbudavari
Community Manager
Community Manager
‎02-17-2015 10:53 PM
Jump to solution

We might be confusing the terminology - it is the VMkernel adapters that are created locally on each host (not the portgroup). Anyway let's move on as you suggest.

Yes, it is possible to use the same portgroup for the NSX Controller or other management VM vNICs as per the HOL.

View solution in original post

0 Kudos
17 Replies
SRoland
VMware Employee
VMware Employee
‎02-17-2015 12:22 AM
Jump to solution

It must be Virtual Machine port-group, but from the question it seems that you are about to use standard vSwitch, where the option to chose it is valid.

I would rather recommend to use distributed switch to get all available NSX functions and features if you have the possibility ( i.e. licensed )

For additional help please the NSX Virtualization and Design Guide

HTH

0 Kudos
hs77
Enthusiast
Enthusiast
‎02-17-2015 01:33 AM
Jump to solution

I will be using Distributed switch only.

0 Kudos
admin
Immortal
Immortal
‎02-17-2015 01:56 PM
Jump to solution

NSX Manager and Controllers are regular VMs, connected to regular dvPg.

0 Kudos
hs77
Enthusiast
Enthusiast
‎02-17-2015 05:01 PM
Jump to solution

Dmitrik when i use NSX HOL 1403 i see controller VMs connected Distributed Management VMkernel Port Group.

0 Kudos
admin
Immortal
Immortal
‎02-17-2015 05:07 PM
Jump to solution

There is no requirement for them to be so; in fact this is the first time I'm hearing about such configuration.

All deployments I've seen had Manager and Controllers on regular dvPortgroups; typically Management, since Controllers and NSX Manager need to be able to reach each other and all hosts' vmk0 interfaces via IP.

0 Kudos
alsmaster
Enthusiast
Enthusiast
‎02-17-2015 05:45 PM
Jump to solution

Totally agree with DimitriK.  NSX Manager and NSX Controllers are VMs and can only connect to a dvPort Group and not a VMkernel Port Group.

0 Kudos
hs77
Enthusiast
Enthusiast
‎02-17-2015 06:49 PM
Jump to solution

My point is that they are connecting to dvport group only. But this dvport group is VMkernel Port Group and Not VM Port group. Thats what I am saying.

0 Kudos
writeerasereloa
Contributor
Contributor
‎02-17-2015 06:52 PM
Jump to solution

NSX manager is a virtual machine and should be attached to a Virtual Machine port group. According to the documentation it does not specify a requirement or preference for either a standard or distributed switch. NSX Manager just needs connectivity to the vCenter Server, ESXi host, and NSX Edge instances, vShield Endpoint module, and NSX Data Security virtual machine.

VMware recommends that you install NSX Manager on a dedicated management cluster separate from the cluster(s) that NSX Manager manages. Each NSX Manager manages a single vCenter Server environment. The NSX Manager requires connectivity to the vCenter Server, ESXi host, and NSX Edge instances, vShield Endpoint module, and NSX Data Security virtual machine. NSX components can communicate over routed connections as well as different LANs. 

The NSX Manager should be run on an ESX host that is not affected by downtime, such as frequent reboots or maintenance mode operations. You can use HA or DRS to increase the resilience of the NSX Manager. If the ESX host on which the NSX Manager resides is expected to require downtime, vMotion the NSX Manager virtual appliance to another ESX host. Thus, more than one ESX host is recommended.

Ensure that the following ports are open:

Port 443/TCP from, to, and among the ESX host, the vCenter Server, and NSX Data Security

443/TCP from the REST client to NSX Manager for using REST API calls

80/TCP and 443/TCP for using the NSX Manager user interface and initiating connection to the vSphere SDK

NSX 6 Documentation Center

0 Kudos
admin
Immortal
Immortal
‎02-17-2015 06:56 PM
Jump to solution

I understand, and I'm saying that the configuration you're seeing is incorrect.

NSX Manager and Controllers should be connected to a regular dvPg (NSX Manager isn't visible here, but it would be on the same dvPg in a normal environment):

Screen Shot 2015-02-18 at 1.55.15 pm.png

0 Kudos
hs77
Enthusiast
Enthusiast
‎02-17-2015 07:11 PM
Jump to solution

I see Controller VMs are connected to "Mgmt_Edge_VDS-Mgmt" Port Group. This is a Management VMkernel Port Group. I have checked this number of times.

Inventories>Host & Clusters. Expands Host section. select "esx-01a.corp.local" and double click it.

Manage Tab>Networking>VMKernel adpators. You will see "Mgmt_Edge_VDS-Mgmt" Port Group as VMk0.

0 Kudos
admin
Immortal
Immortal
‎02-17-2015 07:23 PM
Jump to solution

In my screenshot vdPg name is "Mgmt_Edge_VDS - VM Mgmt", not "Mgmt_Edge_VDS - Mgmt" (note the missing "VM" in dvPg name).

vmk0 is connected to the different dvPg.

Screen Shot 2015-02-18 at 2.17.34 pm.png

In old labs Mgmt_Edge_VDS - Mgmt was used to connect both vmk0 and Controllers; but that doesn't make dvPg "Mgmt_Edge_VDS - Mgmt" any "special". You can mix vmkX and regular VMs on the same dvPg, but for NSX it's not a requirement for NSX Manager or Controllers to be connected to the same dvPg where there are any connected vmkX adapters.

0 Kudos
hs77
Enthusiast
Enthusiast
‎02-17-2015 07:31 PM
Jump to solution

You go to VM and Templates and select any one of the controller VM.

Click Manage Tab>Settings>VM Hardware.

Network Adaptor 1 is connected to Mgmt_Edge_VDS - Mgmt

See the image below. Click it and you will see clear and bigger image.

( I am talking of HOL-SDC-1403)

VM.png

0 Kudos
rbudavari
Community Manager
Community Manager
‎02-17-2015 10:37 PM
Jump to solution

There is no concept of a virtual machine portgroup vs VMkernel portgroup on the VDS - both VM vnics and VMkernel vmknics can connect to dvPorts on the same portgroups. While it is common to dedicate networks for VMkernel management (vmk0) compared to VM management this is not a requirement.

0 Kudos
hs77
Enthusiast
Enthusiast
‎02-17-2015 10:44 PM
Jump to solution

I don't agree with your statement 'There is no concept of a virtual machine portgroup vs VMkernel portgroup on the VDS"

in vDS we create Virtual machine Port Group Centrally once and VMkernel Port Group are created individually on each host.

Anyhow leave this point.


You mean to say we can connect vNIC of NSX Controller to the VMK0 Port group as it is in HOL 1403.

0 Kudos
rbudavari
Community Manager
Community Manager
‎02-17-2015 10:53 PM
Jump to solution

We might be confusing the terminology - it is the VMkernel adapters that are created locally on each host (not the portgroup). Anyway let's move on as you suggest.

Yes, it is possible to use the same portgroup for the NSX Controller or other management VM vNICs as per the HOL.

0 Kudos
hs77
Enthusiast
Enthusiast
‎02-17-2015 11:17 PM
Jump to solution

Thanks for the clarification.

But when we create VMkernel Adaptors on a host a corresponding Port group is created in vDS.

0 Kudos
rbudavari
Community Manager
Community Manager
‎02-17-2015 11:24 PM
Jump to solution

That is true for the Standard vSwitch (even there technically it is a port not a portgroup) - on the VDS you are asked for an existing distributed portgroup. The details aren't that important though Smiley Happy