NSX Controller is an advanced distributed state management system that provides control plane functions for NSX logical switching and routing functions. It serves as the central control point for all logical switches within a network and maintains information about all hosts, logical switches (VXLANs), and distributed logical routers. Controllers are required if you are planning to deploy 1) distributed logical routers or 2) VXLAN in unicast or hybrid mode.
No matter the size of the NSX Data Center for vSphere deployment, create three NSX Controller nodes in each NSX Controller cluster. Having a different number of controller nodes is not supported.
The cluster requires that each controller's disk storage system has a peak write latency of less than 300 ms, and a mean write latency of less than 100 ms. If the storage system does not meet these requirements, the cluster can become unstable and cause a system downtime.
The NSX Controller cluster DNS settings override any DNS settings configured on the controller IP pool.
- Verify that an NSX Manager appliance is deployed and registered with a vCenter Server system.
- Determine the IP pool settings for your controller cluster, including the gateway and IP address range. DNS settings are optional. The NSX Controller IP network must have connectivity to the NSX Manager and to the management interfaces on the ESXi hosts.
- Log in to the vSphere Web Client.
- Navigate to .
- In NSX Data Center for vSphere 6.4.2 and later, select the appropriate NSX Manager from the NSX Manager drop-down menu.
Note: In NSX Data Center for vSphere 6.4.1 and earlier, you can select the NSX Manager after you click Add.
- Click Add.
- Enter the NSX Controller settings appropriate to your environment.
For example, add a controller with the following settings:
Field Example Value NSX Manager 192.168.110.42 Name controller-1 Datacenter Datacenter Site A Cluster/Resource Pool Management & Edge Cluster Datastore ds-site-a-nfs 01 Host esxmgt-01a.corp.local Folder NSX Controllers Connected To vds-mgt_Management IP Pool controller-poolConnect the NSX Controller nodes to a vSphere Standard Switch or vSphere Distributed Switch port group which is not VXLAN-based, and has connectivity over IPv4 to the NSX Manager, other controllers, and to hosts.
- If you have not already configured an IP pool for your controller cluster, configure one now by clicking Create New IP Pool or New IP Pool.
Individual controllers can be in separate IP subnets, if necessary.
For example, add an IP pool with the following settings:
Field Example Value Name controller-pool Gateway 192.168.110.1 Prefix Length 24 Static IP Pool 192.168.110.31-192.168.110.35
- Enter and reenter a password for the controller.
Note: Password must not contain the username as a substring. Any character must not consecutively repeat three or more times.The password must be at least 12 characters and must follow three of the following four rules:
- At least one uppercase letter
- At least one lowercase letter
- At least one number
- At least one special character
- After the deployment of the first controller is finished, deploy two additional controllers.
Having three controllers is mandatory. Configure a DRS anti-affinity rule to prevent the controllers from residing on the same host.
When successfully deployed, the controllers have a Connected status and display a green check mark.
If the deployment is not successful, see "NSX Controller Deployment Issues" in the NSX Troubleshooting Guide.
During NSX Controller node deployment, automatic VM startup/shutdown is enabled on the hosts where the controller nodes are deployed. If the controller node VMs are later migrated to other hosts, the new hosts might not have automatic VM startup/shutdown enabled. For this reason, check all hosts in the cluster to make sure that automatic VM startup/shutdown is enabled. See "Edit Virtual Machine Startup and Shutdown Settings" in the vSphere Virtual Machine Administration documentation.