I’ve been working over the past 6 months on and off looking at how to best fit NSX into existing vCloud Director Platforms and while vCD in the Enterprise is going to become less a thing…vCloud Air Network Service Providers will continue to use vCD SP…The feature set provided by NSX could greatly enhance any SPs offering around enhanced networking services as well as helping IT Operations with with SDN abstraction efficiencies.

This blog series extends my NSX Bytes Blog Posts to include a more detailed look at how to deploy NSX 6.1.x into an existing vCloud Director Environment. Initially we will be working with vCD 5.5.x which is the non SP Fork of vCD, but as soon as an upgrade path for 5.5.2 -> 5.6.x is released I’ll be including the NSX related improvements in that release.

With that, if anyone is running or still looking to run vCD in-house as a Private Cloud Abstraction of vSphere and you are looking at implementing NSX this series will still be relevant.

To protect some of the work I’ve done with Zettagrid to productise NSX there will be sections where I will be vague…can’t give you guys all the secret sauce tricks and tweaks 🙂

NSX Deployment Pre-Requisites and Build Numbers*

  • Pre Assigned VLAN for VXLAN – MTU bigger or Equal to 1600
  • vCenter 5.5 Update 2 Build 2001466
  • ESXi 5.5 Update 2 Build 2068190
  • vCloud Director 5.5.2 Build 2000523
  • vShield Manager 5.5.3.1 Build 2175698
  • SSO Service Details ([email protected])
  • NSX Service Account Details (service.nsx)
  • NSX Admin Group (NSX.Admins)

* These are based on my internal testing and deployment validations

Disclaimer: At the time of posting NSX 6.1.x is not officially supported with vCloud 5.6.3 or 5.5.2. While I haven’t come across any issues in the retrofit given the current status you may want to think twice about putting this into prod until VMware validate the interoperability…I’m working to get more info on that and will update when I know more. The matrix below is not up to date and there is support for NSX 6.0.6 and NSX 6.0.7.

NSX_VCD_612_1

Part 1 – VSM to NSX Manager Upgrade:

Be wary…this is a one time upgrade…once installed we can’t roll back easily. At the time of writing the lastest version of vCNS VSM is 5.5.3.1, if you are not at the build upgrade the VSM to that before you begin.

NOTE1: vShield Data Security Installs:

If you are upgrading from NSX version 6.1.1, or do not have Data Security in your environment then you are fine to skip this step…

If you are upgrading from a release prior to NSX 6.1.1 and have Data Security in your environment…as much as is seems like an extreme PITA the following needs to be done:

  1. Un-install Data Security from all the clusters that have the service installed.
  2. Upgrade NSX Manager to version 6.1.2 – SEE STEPS BELOW. 
  3. Install or upgrade Guest Introspection and other services on appropriate clusters.
  4. Install Data Security on appropriate clusters.
  5. Upgrade the remaining components.

NOTE2: vShield Edge instances prior to version 5.5 need to be upgraded to the latest version. Pre-5.5 vShield Edge instances cannot be managed or deleted after vShield Manager has been upgraded to NSX Manager.

vCNS to NSX Upgrade Process:

Back Up and Snapshot the VSM

  • Ensure that there is a Backup of the VSM Manager Config
  • Snapshot VSM Manager
  • Reboot the VSM to ensure any existing logs are cleared and there is enough space on the filesystem to install (>4GB)

Login to the VSM -> Settings and Reports -> Updates and Click on Choose File

NSX_VCD_P1_1

Click on Upload File: VMware-vShield-Manager-upgrade-bundle-to-NSX-6.1.2-2318232.tar.gz

NSX_VCD_P1_2

Confirm the Version Number in the New Version and Description Field

NSX_VCD_P1_3

Confirm the Install

NSX_VCD_P1_4

Let the Upgrade go through it’s paces

NSX_VCD_P1_5

NSX_VCD_P1_6

Once the VM has rebooted go to the IP of the VSM. We should now have the NSX Manager login Screen

NSX_VCD_P1_7

Login using admin and and default as the user/password combination…I’ve found in all my upgrades so far that the existing admin password had been reset, however I have had to use the previous password to access vShield API calls… (possible bug)

Verify that the build is as shown below and that vCenter is registered by going to Manage vCenter Registration

NSX_VCD_612_2

NSX_VCD_P1_11

NOTE3: Shutdown VM and upgrade the VM Hardware to vCPU to 4 and vRAM to 12GB and restart the VM. This will allow the upgraded VM to meet the NSX Manager Compute Requirements.

Once completed the NSX Manager will boot and it’s time to verify the install and to ensure that no previous functionality is lost.

Part 2: NSX Manager Configuration and vCloud Director VSE Deployment Validation