VMware Modern Apps Community
Pelle5
Contributor
Contributor
‎01-17-2023 11:40 AM

NSX-ALB VS VIP don't match Service Engines IP

Hi,

Trying to setup a Lab of vSphere with Tanzu using NSX ALB as load balancer.

I've installed latest version of vCenter, ESXi and NSX-ALB with Essentials License (version 22.1.2 2p4)

I setup it with 3 Networks :
- Frontend : 192.168.30.0/24
- Workload : 192.168.31.0/24
- Management : 192.168.32.0/24

The Supervisor Cluster is deployed and all nodes received IPs from the Management and Workload Networks as configured.

In NSX ALB (AVI) I can see 2 VS with 2 differents IP relying to the supervisor cluster's nodes. The VS are UP and everything is green :

- VS1 (Api) have ip 192.168.30.3
- VS2 (CSI) have ip 192.168.30.2

The Supervisor Cluster Control Plane IP is matching the VS1 IP (192.168.30.3)

2 Service Engine VMs are deployed with 2 connected network cards :

- SE1 Mangement Network IP : 192.168.32.10, Frontend Network IP : 192.168.30.4
- SE2 Mangagment Network IP : 192.168.32.11, Frontend Network IP: 192.168.30.5

Of course, when trying to access the Supervisor Control Plane on 192.168.30.3, that's don't work.

I delete and recreate the cluster a couple of times and the results are always the same.

Maybe it's something that I don't understand or a kind of bug or any configuration error but I don't know why and how the Service Engines VMs are created with different IP than the VS VIPs.

Any help would be appreciate.

Regards.

Labels (2)
Labels
0 Kudos
4 Replies
vmattroman
Contributor
Contributor
‎03-05-2023 05:38 AM

Hey,

SE VMs should have 1x Network Adapter from MGMT Network, 1x Network Adapter from Frontend Network and rest of the NICs (8x) are in 'Avi Internal' Network - this is a normal. It's normal too, that API, CSI and SEs had a different IPs from Frontend Network. 

Did you setup Static Routing in AVI? Geteway subnet: Workload Network, Next Hop: Frontend GW.
Can you ping/telnet to the API IP from your computer/station/jumphost? 

You can check my blog post: https://vmattroman.com/vsphere-with-tanzu-vds-nsx-advanced-load-balancer-avi/
Maybe you missed something.

Regards,

Mateusz

0 Kudos
Pelle5
Contributor
Contributor
‎03-07-2023 07:27 AM

Hi Mateusz,

Thanks for your reply.

I've switch to a HAProxy deployment because I needed to have the Tanzu solutions working to permit dev to give a try.

I'll look to your blog and steps for a further deployment using NSX ALB.

Regards,

Patrick

0 Kudos
vmattroman
Contributor
Contributor
‎03-08-2023 07:54 AM

Sure, no problem and good luck!
If you have some questions, feel free to ask;) On my blog, you can find tutorial how to deploy vSphere with Tanzu + HAProxy too.

Regards,
Mateusz

0 Kudos
Juan-Herrera
Contributor
Contributor
‎03-21-2023 10:14 AM

Hello Pele5,

If you need to configure vSphere with Tanzu with vSphere 7 as per matrix compatibility you should use 21.1.4 (22.1.2 it's not supported). If you use vSphere 8 you are OK with NSX ALB 22.1.2.

I think that you forget to configure Static Route. The problem here is that frontend network doesn't know how to route to your workload. Please check this link https://core.vmware.com/resource/vsphere-tanzu-and-nsx-advanced-load-balancer-quick-start-guide-v703...

 

Regards Juan. 

0 Kudos