Implementing software-defined network resources for vSphere with Tanzu includes deployment and configuration of NSX components.
Add a Network Segment for Developer Ready Infrastructure for VMware Cloud Foundation
Create a network segment in NSX for the VI workload domain. You use the network segment to connect network profiles defined in vSphere with Tanzu.
UI Procedure
- Log in to NSX Manager at https://<nsx_manager_fqdn>/login.jsp with a user assigned the Network admin role.
- On the main navigation bar, click Networking.
In the left pane, click Segments.
On the Segments tab, click Add Segment.
Configure the settings for the segment according to your values in the VMware Cloud Foundation Planning and Preparation Workbook, and click Save.
In the Want to continue configuring this Segment? dialog box, click No.
PowerShell Procedure
Start PowerShell.
Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.
$sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io" $sddcManagerUser = "[email protected]" $sddcManagerPass = "VMw@re1!" $sddcDomainName = "sfo-w01" $tanzuSegmentName = "sfo-w01-seg01-tanzu" $tier1GatewayName = "sfo-w01-ec01-t1-gw01" $tanzuSegmentGatewayCIDR = "192.168.20.1/24" $overlayTzName = "overlay-tz-sfo-w01-nsx01.sfo.rainpole.io"
Perform the configuration by running the command in the PowerShell console.
Add-NetworkSegment -Server $sddcManagerFqdn -User $sddcManagerUser -Pass $sddcManagerPass -Domain $sddcDomainName -SegmentName $tanzuSegmentName -ConnectedGateway $tier1GatewayName -Cidr $tanzuSegmentGatewayCIDR -TransportZone $overlayTzName -GatewayType Tier1 -SegmentType Overlay
Add IP Prefix Lists to the Tier-0 Gateway for Developer Ready Infrastructure for VMware Cloud Foundation
Define three IP prefix lists and IP prefixes on the Tier-0 gateway for use by the Supervisor. You configure the IP Prefixes so their corresponding routes are advertised northbound via Border Gateway Protocol (BGP).
UI Procedure
- Log in to NSX Manager at https://<nsx_manager_fqdn>/login.jsp with a user assigned the Network admin role.
- On the main navigation bar, click Networking.
- In the left pane, click Tier-0 gateways.
Click the ellipsis menu for your Tier-0 gateway, and click Edit.
Create a new IP prefix list for management operations.
Expand the Routing section and click the digit link next to IP prefix lists.
In the Set IP prefix list dialog box, click Add IP prefix list.
Enter a name for the prefix and, under Prefixes, click Set.
In the Set prefixes dialog box, click Add Prefix.
Under Network, enter the value for your Management network according to your value in the VMware Cloud Foundation Planning and Preparation Workbook.
Under Action set the drop-down menu to Permit, and click Add.
Repeat step d and f for your Load Balancer (ingress) and NAT (egress) prefixes.
To finish adding the IP prefix list, click Apply and click Save.
In the Set IP prefix list dialog box, click Close.
On the Tier-0 gateway page, click Close editing.
PowerShell Procedure
Start PowerShell.
Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.
$sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io" $sddcManagerUser = "[email protected]" $sddcManagerPass = "VMw@re1!" $sddcDomainName = "sfo-w01" $tier0GatewayName = "sfo-w01-ec01-t0-gw01" $prefixListName = "sfo-w01-ec01-t0-gw01-prefixlist" $tanzuManagementSubnetCidr = "192.168.20.0/24" $tanzuIngressSubnetCidr = "192.168.21.0/24" $tanzuEgressSubnetCidr = "192.168.22.0/24"
Perform the configuration by running the command in the PowerShell console.
Add-PrefixList -Server $sddcManagerFqdn -User $sddcManagerUser -Pass $sddcManagerPass -Domain $sddcDomainName -Tier0Gateway $tier0GatewayName -PrefixListName $prefixListName -SubnetCIDR $tanzuManagementSubnetCidr -ingressSubnetCidr $tanzuIngressSubnetCidr -egressSubnetCidr $tanzuEgressSubnetCidr -GE "28" -LE "32" -Action PERMIT
Create a Route Map on the Tier-0 Gateway for Developer Ready Infrastructure for VMware Cloud Foundation
Define a route map on the Tier-0 gateway for use by the Supervisor. You configure the route map to ensure appropriate Tier-1 gateway-based routes are advertised northbound via BGP.
UI Procedure
- Log in to NSX Manager at https://<nsx_manager_fqdn>/login.jsp with a user assigned the Network admin role.
- On the main navigation bar, click Networking.
- In the left pane, click Tier-0 gateways.
Click the ellipsis menu for your Tier-0 gateway and click Edit.
Create a new route map.
Expand the Routing section and, in the Route maps section, click Set.
In the Set route maps dialog box, click Add route map.
Enter a route map name and, in the Match criteria column, click Set.
In the Set match criteria dialog box, click Add match criteria.
In the Members column, click Set.
In the Select IP Prefix dialog box, select the check box next to the prefix list you created earlier and click Save.
In the Action column, select Permit, click Add, and click Apply.
In the Set route maps dialog box, click Save and click Close.
Configure route re-distribution.
On the Tier-0 gateway, expand the Route re-distribution section and click the digit link next to Route re-distribution.
In the Set route re-distribution dialog, click Edit.
In the Route re-distribution dialog box, click the ellipsis drop-down menu for the default route re-distribution and click Edit.
From the Route map drop-down menu, select the route map you created in the previous step, click Add, and click Apply.
On the Tier-0 gateway page, under Route re-distribution, click Save and click Close editing.
PowerShell Procedure
Start PowerShell.
Replace the values in the sample code with values from your VMware Cloud Foundation Planning and Preparation Workbook and run the commands in the PowerShell console.
$sddcManagerFqdn = "sfo-vcf01.sfo.rainpole.io" $sddcManagerUser = "[email protected]" $sddcManagerPass = "VMw@re1!" $sddcDomainName = "sfo-w01" $tier0GatewayName = "sfo-w01-ec01-t0-gw01" $prefixListName = "sfo-w01-ec01-t0-gw01-prefixlist" $routeMapName = "sfo-w01-ec01-t0-gw01-routemap"
Perform the configuration by running the command in the PowerShell console.
Add-RouteMap -Server $sddcManagerFqdn -User $sddcManagerUser -Pass $sddcManagerPass -Domain $sddcDomainName -Tier0Gateway $tier0GatewayName -RouteMap $routeMapName -PrefixListName $prefixListName -Action PERMIT -ApplyPolicy:$True
