Install vCloud Director 10.4 Step by Step 04

Hi, Today, I want to create a Network Pool in the vCloud Director.

What is Network Pool?

A network pool is a collection of isolated layer-2 network segments that you can use to create vApp networks and certain types of organization VDC networks on demand.

Network pools must be created before organization VDC networks and vApp networks. If they do not exist, the only network option available to an organization is the direct connection to an external network.

Only a system administrator can create a network pool.

Supported by:

  • Port Groups Backed
  • VLAN ID Backed
  • Geneve Backed (NSX-T Overlay Transport Zone)
  • VXLAN Backed (NSX-V)

Note:

  • Each organization VDC can have one Network Pool
  • Multiple organization VDC can share a Network Pool
  • With VCD 10.3, You can create a provider VDC without any Network Pools.

Let’s start.

1-Log into https://vCloud_IP/provider –> Resources –>Network Pools –> NEW

2- Enter a name and description for the new network pool.

3- Select Network Pool Type Geneve Backed

4- Select NSX-T Manager to provide the Geneve transport zone that this network pool will use.

5- Select your Transport Zone that you have created before in NSX-T console.

6- Next

Finish 🙂

Install vCloud Director 10.4 Step by Step 03

Hi, Today, I want to add the NSX-T to vCloud Director.

Let’s start.

1-Log into https://vCloud_IP/provider –> Resources –> Infrastructure Resources –> NSX-T –> NSX-T Managers –> ADD

vCloud-khoshraftar-01

2-Enter NSX-T information

Note: NSX-T URL must be exactly like the name on its certificate.

vCloud-khoshraftar-02

3-It’s done.

vCloud-khoshraftar-03

Finish 🙂

Install vCloud Director 10.4 Step by Step 02

Hi, Today, I want to add the vCenter server to vCloud Director.

Let’s start.

1-Log into https://vCloud_IP/provider –> Resources –> Infrastructure Resources –> vCenter Server Instances –> Click ADD

vCloud-khoshraftar-01

2-Enter the connection information for the new vCenter server –> Next

vCloud-khoshraftar-02

3-I don’t use NSX-V Manager, I use NSX-T, Next

vCloud-khoshraftar-03

4-Access Configuration

  • -If you want to add a tenant-dedicated vCenter Server that will not be used as a provider VDC, turn on the Enable tenant access toggle.
  • After you add the vCenter Server instance to VMware Cloud Director, the tenant-related information appears in the details view of the instance.
  • – If you want VMware Cloud Director to generate default proxies for the vCenter Server instance and SSO services, turn on the Generate proxies toggle.
  • After you add the vCenter Server instance to VMware Cloud Director, the proxies appear in the Proxies tab under vSphere Resources.
vCloud-khoshraftar-04

5-It’s Ready

vCloud-khoshraftar-05
vCloud-khoshraftar-06

Finish 🙂

Install vCloud Director 10.4 Step by Step 01

Hi, Today I decided to install vCloud Director 10.4.  

What is vCloud Director?

VMware vCloud Director (VMware vCD) is a platform with multi-tenant support for managing software-defined data centers (SDDC) and providing infrastructure as a service (IaaS) to customers.

You can download it from here

Prerequisite:

1- Make A record and reverse record for your vCloud Director.

2- NFS folder with full access permissions for the transfer file location

Install steps:

1- Select OVF, Enter a name, and select a compute resource for your virtual machine:

2- accept all License agreements

3-Select your deployment configuration

4- Select your Data Store

5-Select networks

HTTP traffic and console traffic use eth0. The internal database traffic uses eth1.

5-Enter NTP, root password, and Enable SSH root login

6-Enter your gateway for eth1

7-Enter Default gateway, Domain name, and others parameters.

8- Review your settings and click on the Finish button

9-Congratulation 🙂

10-Please open https://vCloud-IP-or-Name:5480

Enter NFS mount for the transfer file location:

“IP NFS Server”:/“Your mount Folder”

Enter a password for vcloud user for DB access

Enter a system name for creating a folder in VMware vCenter Server

If you want to log in to the provider, please use: https://vCloud-IP-or-Name/provider

Finish 🙂

Add a Tier-0 Gateway

Hi, In my previous post, I

In the NSX-T. Now, I want to Add Tier-0 Gateways.

A tier-0 gateway has downlink connections to tier-1 gateways and external connections to physical networks.

You can configure the HA (high availability) mode of a tier-0 gateway to be active-active or active-standby. The following services are only supported in active-standby mode:

  • NAT
  • Load balancing
  • Stateful firewall
  • VPN

Tier-0 and tier-1 gateways support the following addressing configurations for all interfaces (external interfaces, service interfaces, and downlinks) in both single-tier and multi-tiered topologies.

Note:

You can configure the tier-0 gateway to support EVPN (Ethernet VPN).

1- Go to the Networking –> Connectivity –> Tier-0 Gateways –> Add Gateway –> Click Add Tier-0 Gateway.

2- Enter a name for the gateway.

3- Select an HA (high availability) mode.

The default mode is active-active. In the active-active mode, traffic is load balanced across all members. In active-standby mode, all traffic is processed by an elected active member. If the active member fails, a new member is elected to be active.

4- If the HA mode is active-standby, select a failover mode.

OptionDescription
PreemptiveIf the preferred node fails and recovers, it will preempt its peer and become the active node. The peer will change its state to standby.
Non-preemptiveIf the preferred node fails and recovers, it will check if its peer is the active node. If so, the preferred node will not preempt its peer and will be the standby node.

5- (Optional) Select an NSX Edge cluster.

6- (Optional) Click Additional Settings

  1. In the Internal Transit Subnet field, enter a subnet. This is the subnet used for communication between components within this gateway. The default is 169.254.0.0/24.
  2. In the T0-T1 Transit Subnets field, enter one or more subnets. These subnets are used for communication between this gateway and all tier-1 gateways that are linked to it. After you create this gateway and link a tier-1 gateway to it, you will see the actual IP address assigned to the link on the tier-0 gateway side and on the tier-1 gateway side. The address is displayed in Additional Settings > Router Links on the tier-0 gateway page and the tier-1 gateway page. The default is 100.64.0.0/16.
  3. In the Forwarding Up Timer field, enter a time. The forwarding up timer defines the time in seconds that the router must wait before sending the up notification after the first BGP session is established. This timer (previously known as forwarding delay) minimizes downtime in case of fail-overs for active-active or active-standby configurations of logical routers on NSX Edge that use dynamic routing (BGP). It should be set to the number of seconds an external router (TOR) takes to advertise all the routes to this router after the first BGP/BFD session. The timer value should be directly proportional to the number of northbound dynamic routes that the router must learn. This timer should be set to 0 on single-edge node setups.

7- Click Route Distinguisher for VRF Gateways to configure a route distinguisher admin address. This is only needed for EVPN in Inline mode.

8- (Optional) Click EVPN Settings to configure EVPN.

  1. Select an EVPN mode. The options are:
    • Inline – In this mode, EVPN handles both data plane and control plane traffic.
    • Route Server – Available only if this gateway’s HA mode is active-active. In this mode, EVPN handles control plane traffic only.
    • No EVPN
  2. If EVPN mode is Inline, select an EVPN/VXLAN VNI pool or create a new pool by clicking the menu icon (3 dots).
  3. If EVPN mode is Route Server, select an EVPN Tenant or create a new EVPN tenant by clicking the menu icon (3 dots).
  4. In the EVPN Tunnel Endpoint field, click Set to add EVPN local tunnel endpoints. For the tunnel endpoint, select an Edge node and specify an IP address. Optionally, you can specify the MTU.

9- To configure route redistribution, click Route Redistribution and Set.

Select one or more of the sources:

  • Tier-0 subnets: Static RoutesNAT IPIPsec Local IPDNS Forwarder IPEVPN TEP IPConnected Interfaces & Segments. Under Connected Interfaces & Segments, you can select one or more of the following: Service Interface SubnetExternal Interface SubnetLoopback Interface Subnet, or Connected Segment.
  • Advertised tier-1 subnets: DNS Forwarder IPStatic RoutesLB VIPNAT IPLB SNAT IPIPSec Local EndpointConnected Interfaces & Segments. Under Connected Interfaces & Segments, you can select Service Interface Subnet and/or Connected Segment.

Finish 🙂

Add Tier-1 Gateways

Hi, In my previous post, I

In the NSX-T. Now, I want to Add Tier-1 Gateways.

A tier-1 gateway is typically connected to a tier-0 gateway in the northbound direction and to segments in the southbound direction.

1- Go to the Networking–> Connectivity –> Tier-1 Gateways –> Add Tier-1 Gateways

2- Enter a name for the gateway: T1

Note:

(Optional) Select a tier-0 gateway to connect to this tier-1 gateway to create a multi-tier topology.

Note:

(Optional) Select an NSX Edge cluster if you want this tier-1 gateway to host stateful services such as NAT, load balancer, or firewall. If an NSX Edge cluster is selected, a service router will always be created, affecting the north/south traffic pattern.

I choose Edge-Cluster, Because I want to use load balancer and NAT in future post.

Note:

If you selected an NSX Edge cluster, select a failover mode or accept the default.

OptionDescription
PreemptiveIf the preferred NSX Edge node fails and recovers, it will preempt its peer and become the active node. The peer will change its state to standby.
Non-preemptiveIf the preferred NSX Edge node fails and recovers, it will check if its peer is the active node. If so, the preferred node will not preempt its peer and will be the standby node. This is the default option.

Note:

(Optional) Click the Enable Standby Relocation toggle to enable or disable standby relocation. Standby relocation means that if the Edge node where the active or standby logical router is running fails, a new standby logical router is created on another Edge node to maintain high availability. If the Edge node that fails is running the active logical router, the original standby logical router becomes the active logical router and a new standby logical router is created. If the Edge node that fails is running the standby logical router, the new standby logical router replaces it.

Note:

(Optional) Click Route Advertisement.

Select one or more of the following:

  • All Static Routes
  • All NAT IP’s
  • All DNS Forwarder Routes
  • All LB VIP Routes
  • All Connected Segments and Service Ports
  • All LB SNAT IP Routes
  • All IPsec Local Endpoints

Note:

(Optional) Click Route Advertisement.

In the Set Route Advertisement Rules field, click Set to add route advertisement rules.

Note:

(Optional) Click Service Interfaces and Set to configure connections to segments. Required in some topologies, such as VLAN-backed segments or one-arm load balancing.

a. Click Add Interface.

b. Enter a name and IP address in CIDR format.

c. Select a segment.

d. In the MTU field, enter a value between 64 and 9000.

f. Add one or more tags.

g. In the ND Profile field, select or create a profile.

h. Click Save.

Note:

(Optional) Click Static Routes and Set to configure static routes.

a. Click Add Static Route.

b. Enter a name and a network address in the CIDR or IPv6 CIDR format.

c. Click Set Next Hops to add next hop information.

d. Click Save.

Note:

(Optional) Click Multicast and then the toggle to enable multicast. You must select an Edge cluster for this gateway. Also, this gateway must be linked to a tier-0 gateway that has multicast enabled.

Finish 🙂

Add Edge Cluster

Hi, In my previous post, I

In the NSX-T. Now, I want to add an Edge Cluster.

1- Go to the System –> Fabric–> Nodes –> Edge Clusters –> Add Edge Cluster

Save

Finish 🙂

Install NSX Edge2

Hi, In my previous post, I

In the NSX-T. Now, I want to install NSX Edge2.

1- Go to the System –> Fabric–> Nodes –> Edge Transport Nodes –> Add Edge Node

2- We must add two switches. One for Host Overlay and another for Host VLAN.

3- Add Host overlay switch

Enter Edge Name: NSX-Edge-A2

Enter the Edge switch name: nsxHostSwitchOverlay

Transport Zone: nsx-overlay-transportzone

Uplink Profile: khoshraftar-Edge-Transport-overlay-vetp-profile-single

IP Assignment: Use IP Pool

IP Pool: Edge-TEP-IP-POOL

Uplink2: Edge-Transport-overlay-vtep-Trunk

Note: We created this port group on the vCenter nested.

4- Add Host VLAN switch

Enter the Edge switch name: nsxHostSwitchVLAN

Transport Zone: nsx-vlan-transportzone

Uplink Profile: khoshraftar-Edge-VLAN-LoadBalance

Uplink2: Left-Uplink-Edge-Trunk

Uplink3: Right-Uplink-Edge-Trunk

Note: We created these port groups on the vCenter nested.

Click Save

Finish 🙂

Install NSX Edge1

Hi, In my previous post, I

In the NSX-T. Now, I want to install NSX Edge.

1- Go to the System –> Fabric–> Nodes –> Edge Transport Nodes –> Add Edge Node

2- We must add two switches. One for Host Overlay and another for Host VLAN.

3- Add Host overlay switch

Enter Edge Name: NSX-Edge-A1

Enter the Edge switch name: nsxHostSwitchOverlay

Transport Zone: nsx-overlay-transportzone

Uplink Profile: khoshraftar-Edge-Transport-overlay-vetp-profile-single

IP Assignment: Use IP Pool

IP Pool: Edge-TEP-IP-POOL

Uplink2: Edge-Transport-overlay-vtep-Trunk

Note: We created this port group on the vCenter nested.

4- Add Host VLAN switch

Enter the Edge switch name: nsxHostSwitchVLAN

Transport Zone: nsx-vlan-transportzone

Uplink Profile: khoshraftar-Edge-VLAN-LoadBalance

Uplink2: Left-Uplink-Edge-Trunk

Uplink3: Right-Uplink-Edge-Trunk

Note: We created these port groups on the vCenter nested.

Click Save

Finish 🙂

Add Segment

Hi, In my previous post, I

In the NSX-T. Now, I want To add a Segment.

In NSX-T Data Center, segments are virtual layer 2 domains. A segment was earlier called a logical
switch.
There are two types of segments in the NSX-T Data Center:

VLAN-backed segments
Overlay-backed segments

1- Go to the Networking–> Segment –> NSX –> Add Segment

2- Enter a name for your segment, and select a transport zone, I choose overlay.

To create a VLAN-backed segment, add the segment in a VLAN transport zone. Similarly, to create an overlay-backed segment, add the segment in an overlay transport zone.

Connected Gateway: I choose none.

Select this option when you do not want to connect the segment to any upstream gateway (tier-0 or

tier-1). Typically, you want to add a standalone segment in the following scenarios:

  • When you want to create a local testing environment for users that are running workloads on the same subnet.
  • When east-west connectivity with users on the other subnets is not necessary.
  • When north-south connectivity to users outside the data center is not necessary.
  • When you want to configure layer 2 bridging or guest VLAN tagging.

I explain other parameters in future posts.

This segment was created on the vCenter VDS switch as a Port Group with a VNI number.

Now, you can assign this port group to your VMs.

Finish 🙂