In VMware Cloud Foundation, you use NSX to implement virtualization for networks, routing and load balancing. It provides support for an automated approach to the creation of virtual network segments and routing objects used to connect management and customer virtual machines to the physical network.

You also create constructs for solutions that are deployed for a single VMware Cloud Foundation instance or are available across multiple VMware Cloud Foundation instances. These constructs provide routing to the data center and load balancing.

Table 1. NSX Logical Concepts and Components

Component

Description

NSX Manager

  • Provides the user interface and the REST API for creating, configuring, and monitoring NSX components, such as segments, and Tier-0 and Tier-1 gateways.

  • In a deployment with NSX Federation, NSX Manager is called NSX Local Manager.

NSX Edge nodes

  • A special type of transport node that contains service router components.

  • Provides north-south traffic connectivity between the physical data center networks and the NSX SDN networks. Each NSX Edge node has multiple interfaces where traffic flows.

  • Provides east-west traffic flow between virtualized workloads. Provides stateful services such as load balancing and DHCP. In a deployment with multiple VMware Cloud Foundation instances, east-west traffic between the VMware Cloud Foundation instances flows through the NSX Edge nodes.

NSX Federation (optional design extension)

  • Propagates configurations that span multiple NSX instances in a single VMware Cloud Foundation instance or across multiple VMware Cloud Foundation instances. You can stretch overlay segments, activate failover of segment ingress and egress traffic between VMware Cloud Foundation instances, and implement a unified firewall configuration.

  • In a deployment with multiple VMware Cloud Foundation instances, you use NSX to provide cross-instance services to SDDC management components that do not have native support for availability at several locations, such as VMware Aria Automation and VMware Aria Operations.

  • Connect only workload domains of matching types (management domain to management domain or VI workload domain to VI workload domain).

NSX Global Manager (Federation only)

  • Is part of deployments with multiple VMware Cloud Foundation instances where NSX Federation is required. NSX Global Manager can connect multiple NSX Local Manager instances under a single global management plane.

  • Provides the user interface and the REST API for creating, configuring, and monitoring NSX global objects, such as global virtual network segments, and global Tier-0 and Tier-1 gateways.

  • Connected NSX Local Manager instances create the global objects on the underlying software-defined network that you define from NSX Global Manager. An NSX Local Manager instance directly communicates with other NSX Local Manager instances to synchronize configuration and state needed to implement a global policy.

  • NSX Global Manager is a deployment-time role that you assign to an NSX Manager appliance.

NSX Manager instance shared between VI workload domains

  • An NSX Manager instance can be shared between up to 14 VI workload domains that are part of the same vCenter Single Sign-On domain

  • An NSX Manager instance can be shared between up to 24 isolated VI workload domains.

  • VI workload domains sharing an NSX Manager instance must use the same vSphere cluster life cycle method.

  • Using a shared NSX Manager instance reduces resource requirements for the management domain.

  • A single transport zone is shared across all clusters in all VI workload domains that share the NSX Manager instance.

  • The management domain NSX Manager instance cannot be shared.