With NSX-T Datacenter 2.4, the manager and controller functionality have been combined into a single VM. With this, more memory and cpu are needed to run the VM. The different sizes are listed in VMware’s installation documentation, but I have included a picture for quick reference.
Once you deploy your first manager/controller using the OVA, you will need to join the additional controllers via GUI or CLI. I chose CLI in this example to show the process. You will need a few things from first manager/controller that you just deployed:
- Cluster ID
- API thumbprint
- Username/Password of admin account
- IP address of first manager/controller
SSH into the first manager/controller and run the following command:
get cluster config
The output will look like this:
Cluster Id: 4087aadc-a7b7-4306-b9e2-885cd0f2eb11
Cluster Configuration Version: 1
Number of nodes in the cluster: 1
Node UUID: f48c4d56-0555-8294-d68e-cc0bbb6d40d0
Node Status: JOINED
ENTITY UUID IP ADDRESS PORT FQDN
HTTPS 44f1f5e9-5dea-4ee1-873b-a67bd1942c41 10.10.1.160 443 nsx24-manager
CONTROLLER 2efd0ccc-d71d-4736-b9f6-99bde7f7dad9 10.10.1.160 - nsx24-manager
CLUSTER_BOOT_MANAGER bff2cc50-21b1-445f-9be3-ddc002442c5f 10.10.1.160 - nsx24-manager
DATASTORE daa19f10-b48c-4040-8fec-df3c5449c0d8 10.10.1.160 9000 nsx24-manager
MANAGER 5ccd96dd-2560-4e81-a5bf-89d82c4e4a5f 10.10.1.160 - nsx24-manager
POLICY b37beac4-79e7-4a4c-8fb1-692cffc92a9a 10.10.1.160 - nsx24-manager
The important part is in bold. This is the cluster ID that must be used to join the other manager/controllers to the first deployed manager/controller. Now let’s gather the api thumbprint using the same command we have used with previous NSX-T versions:
get certificate api thumbprint
I will omit the output, but you should see a long string of letters and numbers shown below the command. Keep this handy along with the Cluster ID we found above. Once you deploy the two additional manager/controllers in your ESXi Cluster, SSH into the “second” manager/controller. Run the following:
join <ip-address> cluster-id <cluster-id> username admin thumbprint <api-thumbprint>
Once you type enter, you should be prompted to enter the password for the admin account. Input the password, press enter, and wait for the result. If all was successful, you should see the following message:
Join operation successful. Services are being restarted. Cluster may take some time to stabilize.
If you are in the web GUI of the primary, you will eventually see the manager/controller you just joined appear after a short while. The management cluster will eventually stabilize and you should see the management, controller, and other indicators go green
After you see things start to go into a ‘stable’ state, you can join the third manager/controller using the same process above. Once all three are joined and stable, go ahead and create a virtual IP (VIP) that can be used to access the management cluster. That VIP will be assigned to a manager for processing web/api requests.
NOTES:
- With only one manager/controller, you can do configuration, join hosts and edges to the fabric, and other function
- Once manager/controller was not enough to bring up the control plane. This will obviously cause issues when trying to have VMs communicate in the NSX Fabric
- The “very small” option is only supported for the ‘nsx-cloud-service-management’ role. I tried this size option the lab for the nsx manager/controller, but it was REALLY slow. I would not really recommend it if you have the extra RAM and CPU in your lab.
Andrew Hrycaj