Preparation for Installation
To install and run the NSX Migration for VMware Cloud Director, your existing environment requires a specific configuration.
Environmental Prerequisites
Ensure that the preceding requirements are satisfied before you migrate the organization VDC backed by NSX Data Center for vSphere to organization VDC backed by NSX-T Data Center.
- VMware Cloud Director with at least one provider VDC backed by NSX Data Center for vSphere and at least one provider VDC backed by NSX-T Data Center.
- The source NSX Data Center for vSphere and target NSX-T Data Center vSphere clusters backed organization VDC can be managed by the same or by different vCenter Server instance(s). Shared storage across NSX Data Center for vSphere and NSX-T Data Center backed vSphere clusters is preferred but not necessary.
- The target external network backed by a Tier-0 gateway or VRF gateway must use the same subnet(s) as the Org VDC gateway connected external network(s) in the source Organization VDC(s). The source and target external networks should not have any overlapping IP pools as the pools are automatically adjusted during the migration.
Note If a source NSX-V edge gateway is connected to multiple external networks, the target Tier-0/VRF must be able to route to these networks to accommodate this configuration.
- External network that is going to be used by directly connected Org VDC networks shared across Organizations must be scoped to the target environment – it must be backed by port groups accessible to the target vSphere clusters (needed only for
Legacy
mechanism). For more details, see the table in Direct Network Migration Mechanism Summary.
- Identically named external network with -v2t suffix and same subnet backed by NSX-T segment if it is going to be used by directly connected Org VDC networks. For more details, see the table in Direct Network Migration Mechanism Summary.
- If Organization VDC networks directly connected to external networks are present in the source NSX Data Center for vSphere Organization VDCs and the external network is used only by one Organization VDC, then the external network must be VLAN backed. In this scenario, NSX-T Data Center backed VLAN transport zone must be specified in the YAML configuration (parameter name
ImportedNetworkTransportZone
) as the target Organization VDC network will be of the imported type backed by a specified VLAN transport zone. This VLAN transport zone must be scoped to target vSphere clusters.
- The source provider VDC hardware version must be either lower or the same as that of the target provider VDC hardware version. It is recommended that the vSphere clusters backed both the provider VDCs use compatible CPUs to allow live vMotion.
- If you want to run the edge gateway services (Tier-1 gateway) on a different NSX-T Data Center edge cluster from the one associated with the external network (Tier-0 gateway), you can configure the edge gateway to use a different NSX-T edge cluster with the
EdgeGatewayDeploymentEdgeCluster
field from the input YAML file. This requires the specified NSX-T edge cluster to exist and be ready to be consumed.
- Migrated DHCP service on isolated networks requires the
EdgeGatewayDeploymentEdgeCluster
- DHCP binding will require a free IP in the static IP pool of the Non-Distributed routed networks which will be set as the
Listener IP address
of the DHCP service. This is because DHCP can only be configured in Network Mode
for Non-Distributed routed networks.
- One or more dedicated NSX-T edge clusters are required for the deployment of bridges in the NSX Data Center for vSphere prepared vSphere cluster of the source vCenter Server. This vSphere cluster must use the network pool (VLAN or VXLAN transport zone) of the NSX Data Center for vSphere organization VDC. The NSX-T edge nodes in the bridging edge clusters must be deployed from (the target) NSX-T Manager UI and should not be deployed using OVA/OVF.
- Bridging will not be performed for Organization VDC networks that are directly connected to external networks.
- The number of networks to be bridged in a single migration is provided in the assessment reports.
- Admin password of participating bridge cluster edge nodes must be the same as the NSX-T Data Center manager's password.
- If the distributed firewall is enabled in the source NSX Data Center for vSphere Organization VDC, the network provider scope must be set in advance in VMware Cloud Director under Infrastructure Resources in NSX-T managers to enable the creation of Data Center Groups.
- The NSX Migration for VMware Cloud Director tool uses a dummy port group to disconnect the source NSX Data Center for vSphere edge gateway(s) interfaces. This dummy port group must be created in vSphere and assigned as an external network in VMware Cloud Director. No specific connectivity or routing is required.
Note The source edge gateway(s) need to have an empty NIC interface and use only a maximum 9 of the available 10 NICs before the migration.
- Target provider VDC must have the same storage policies (identical names) as the source (NSX Data Center for vSphere provider VDC.
- Target provider VDC must have the same VM placement policies as the source NSX Data Center for vSphere provider VDC.
- If the source organization VDC(s) includes load balancing configuration, VMware NSX Advanced Load Balancer (Avi) must be deployed and configured. This includes deployment and integration of NSX-ALB (Avi) Controllers, NSX-T Cloud, as well as setting up and importing Service Engine Groups.
- A client (VM or physical) with a supported OS to run the NSX Migration for VMware Cloud Director tool. This client must have access to VMware Cloud Director, NSX-T, the source vCenter Server and, NSX Data Center for vSphere management plane API endpoints.
- Migrated media images are not attached to any VM during the organization VDC cleanup step.
- If source vApps/VMs are protected by VMware Cloud Director Availability (VCDA), or any third party backup or replication solution, remove such protection before the migration and re-enable it after the vApps/VMs are migrated to their target.
- You must change the default MAC address of the NSX-T virtual distributed router so that it does not use the same MAC address that is used by the Distributed Logical Router (DLR) in NSX-V. For details, see Change MAC address of NSX-T virtual distributed router.