This section explains the steps to perform initial configuration of the Controller using its deployment wizard. You can change or customize settings following initial deployment using the Controller’s web interface.

While the system is booting up, a blank web page or 503 status code may appear. In this case, wait for 5 to 10 minutes; then follow the instructions for the setup wizard.


  1. Configure basic system settings, such as administrator account details, DNS and NTP server information along with email and SMTP information.
  2. Set the Insfrastructure Type to OpenStack and specify the OpenStack settings.
    Figure 1. Infrastructure
    • Specify the tenant user credentials. If you are using Keystone V3 and want to provide a user in the non-default domain, then use the notation user@domain-name in the Username field.

    • If you create a username test as a Keystone v3 user in a domain named default, then you should explicitly specify test@testdomain while logging into the Controller. If the domain name is not specified, Keystone looks for a domain with UUID testdomain and not the name testdomain. Since no domain with a UUID of testdomain exists, Keystone fails, thereby returning the error as invalid user/password.

    • Use the full value in the Keystone Auth URL field. NSX Advanced Load Balancer determines the Keystone API version automatically. When the auth URL is a secure URL (HTTPS), the system will display an option to either allow or disallow self-signed certificates. You can disable the checkbox in a production environment, since OpenStack services should use proper, trusted certificates.

    • Enable the Keystone Auth option and click Next button.

      Figure 2. OpenStack Login
  3. In Management Network window, select a tenant. In this deployment, it should be the same tenant into which the Controller is deployed. Choose the management network created previously. Also specify the Hypervisor Type and Service Engine Image Format. Click Next button.
    Figure 3. Controller Setup Management
  4. In Keystone Role Mapping window, select an NSX Advanced Load Balancer user role as the default user role. If a NSX Advanced Load Balancer user logs in with valid Keystone credentials, but with a role that does not have the same name as any of the user roles defined on the Controller, the default role is assigned to the user. You can skip this option to disallow access for any user who does not have a role that is defined on the Controller. Click Next button.
    Figure 4. Keystone Mapping
  5. You can configure tenant settings by navigating to Administration > Settings > Tenant Settings. Click edit icon. The Tenant Settings Config window is displayed.
    Figure 5. Tenant Settinfs Config

    Specify the following details:

    IP Route Domain — This options allows you to select tenant’s IP route domain.

    • Per tenant IP route domain — If you select this option each tenant gets its own routing domain that is not shared with any other tenant.

    • Share IP route domain across tenants — If you select this option all tenants share the same routing domain.

    Service Engines Context — This option controls the ownership of Service Engines. Service Engines can either be exclusively owned by each tenant or owned by the administrator and shared by all tenants. When Service Engines are owned by the administrator, each tenant can have either read access or no access to their Service Engines. You can select one of the options.

    After specifying the necessary details, click on Save option.