vSphere with Tanzu LAB Environment Installation Step-by-Step (Included vCenter, vSAN, NSX, Supervisor Cluster and pfSense)-6
NSX EDGE Node installation and configuration on Nested Infrastructure
Before installing EDGE Nodes, we create 2 Port Groups under TRUNK VDS.
We add our EDGE Nodes under the System/Fabric/Nodes/Edge Transport Nodes tab.
Because we will use Supervisor Cluster, we definitely choose LARGE as Form Factor!
Select CPU Reservation Priority LOW as the environment is Nested. So you use less resources.
You can turn off Memory Reservation or enter a value such as 40%.
We create our Admin and Root users for the EDGE Node and activate SSH access for each user.
We choose vCenter resources.
Enter our management network information for the EDGE Node.
We are going to add 2 types of Switches on the EDGE Node.
Let’s add the Overlay Switch first.
We’re not select FINISH yet! We also need to add the vLAN Switch.
After adding the vLAN Switch, we check our configuration and start the EDGE Node 01 installation with FINISH.
We create the same settings for EDGE NODE 02 this time.
EDGE Nodes deployed and running. Again, we do a short access test.
We are going to define a cluster for 2 EDGE Nodes that we have deployed.
Let’s add NODEs now via ADD EDGE CLUSTER.
Here we add the NODEs to the right and select ADD. After that, the EDGE Cluster will be created.
We have completed the EDGE Node configurations.
T0 Router configuration on Nested Infrastructure
We are going to add 2 Interfaces later to communicate with the Underlay network on the T0 Router.
We have previously created ACME-EDGE-UPLINK vLAN/Subnet for EDGE Uplink on pfSense.
Now we are going to create a vLAN-Backed Segment here. Because this Segment is vLAN-Backed, it will be managed by the vCenter Port Group, not by NSX. It will also connection us to the Underlay network via Overlay.
NOTE: Creating a Segment on the NSX is actually like creating a vLAN :)
Now we can create T0 Router.
NOTE: There is also VRF support on NSX!
We enter a name for the T0 Router and add it to the EDGE Cluster.
We continue the configuration by selecting Yes.
With select Set, we add Interfaces for EDGE NODE01 and EDGE NODE02.
These Interfaces will connect us to North-South traffic. (Datacenter Underlay Network)
With ADD Interface, we add EDGE NODE01 first.
If you remember, we made these Interface definitions on pfSense BGP before. So, IP addresses created there should be the same here!
Let’s remember from the picture below!
We create the same configuration for EDGE NODE 02.
We check our configuration and exit this screen.
We have completed our Interface definitions for EDGE NODEs.
BGP Dynamic Routing configuration on Nested Infrastructure
We have not yet saved our T0 Router configuration. I used 65221 as Local AS and in return I created my BGP settings on the pfSense according to this number. Now let’s save all our settings, select SAVE and continue again.
We continue with SET on BGP Neighbors.
For the BGP neighborhood, we write ACME-EDGE-UPLINK Gateway address on pfSense and write the Local AS number I created on pfSense as Remote AS.
Then, as Source Addresses, we select BGP Neighbors IPs that we have created on pfSense.
After making these definitions, we create a Route Filter on the Set under Route Filter.
We save the configuration after the Route Filter definition.
Status must be Success, if not, BGP connection could not be established.
So, Dynamic Routing will not work, so you will not be able to communicate with the Underlay network.
Review your settings!
We continue with Set on Route Re-Distribution.
NOTE: NSX also supports OSPF!
I activate all Route announcements. The Supervisor Cluster will do most of these announcements.
After opening the announcements, we activate the Route Re-distribution settings.
We finish all our settings on T0 by selecting SAVE.
Status should be Success, if the status is red instead of green, review all your settings!
We have completed our T0 Router and BGP configurations.
Underlay Routing test on T1 Router with NSX Overlay Segment
We create T1 Router on the Networking/Connectivity tab.
We add T1 Router under T0 Router and open all Route announcements for T1 Router.
We create a new Overlay Segment and add it under T1 Router.
Now that I’m on the Overlay network, I open the Subnet here.
The Overlay Segment I opened on the NSX Manager was opened as a Port Group on vCenter. But its management is entirely on NSX!
I add this Overlay Segment to the VM I created on Nested Infrastructure.
We create your NSX Segment network definitions on the test VM.
We are starting ping to the JUMP Server on the management network.
We have Underlay traffic over Overlay.
Start pinging the VM on the Overlay Segment via the JUMP Server.
We have Overlay traffic via Underlay.
All configurations we have create on NSX are working. Now we can move on to the Supervisor Cluster setup.
Part 7.
- Supervisor Cluster configuration and installation Nested Infrastructure
