If you prefer to automate NSX Edge installation, you can use the VMware OVF Tool, which is a command-line utility.
Prerequisites
- Verify that you have adequate privileges to deploy an OVF template on the ESXi host.
- Verify that hostnames do not include underscores. Otherwise, the hostname is set to localhost.
- OVF Tool version 4.3 or later.
- Know parameters that you can use to deploy a NSX Edge VM and join it to the management plane.
Field Name |
OVF Parameter |
Field Type |
System root password |
nsx_passwd_0 |
Required to install. NSX Edge |
CLI admin password |
nsx_cli_passwd_0 |
Required to install NSX Edge. |
CLI audit password |
nsx_cli_audit_passwd_0 |
Optional |
CLI admin username |
nsx_cli_username |
Optional |
CLI audit username |
nsx_cli_audit_username |
Optional |
NSX Manager IP |
mpIp |
Required to join NSX Edge VM to NSX Manager. |
NSX Manager token |
mpToken |
Required to join NSX Edge VM to NSX Manager. To retrieve token, on the NSX Manager, run POST https://<nsx-manager>/api/v1/aaa/registration-token . |
NSX Manager thumbprint |
mpThumbprint |
Required to join NSX Edge VM to NSX Manager. To retrieve thumbprint, on the NSX Manager node, run get certificate api thumbprint . |
Node Id |
mpNodeId |
Only for internal use. |
Hostname |
nsx_hostname |
Optional |
Default IPv4 gateway |
nsx_gateway_0 |
Optional |
Management network IP address |
nsx_ip_0 |
Optional |
Management network netmask |
nsx_netmask_0 |
Optional |
DNS servers |
nsx_dns1_0 |
Optional |
Domain Search suffixes |
nsx_domain_0 |
Optional |
NTP Servers |
nsx_ntp_0 |
Optional |
Is SSH service enabled |
nsx_isSSHEnabled |
Optional |
Is SSH enabled for root login |
nsx_allowSSHRootLogin |
Optional |
Is autonomous Edge |
is_autonomous_edge |
Optional. Valid values: True, False (default) |
Procedure
- For a standalone host, run the ovftool command with the appropriate parameters.
C:\Users\Administrator\Downloads>ovftool
--name=nsx-edge-1
--deploymentOption=medium
--X:injectOvfEnv
--X:logFile=ovftool.log
--allowExtraConfig
--datastore=ds1
--net:"Network 0=Mgmt"
--net:"Network 1=nsx-tunnel"
--net:"Network 2=vlan-uplink"
--net:"Network 3=vlan-uplink"
--acceptAllEulas
--noSSLVerify
--diskMode=thin
--powerOn
--prop:nsx_ip_0=192.168.110.37
--prop:nsx_netmask_0=255.255.255.0
--prop:nsx_gateway_0=192.168.110.1
--prop:nsx_dns1_0=192.168.110.10
--prop:nsx_domain_0=corp.local
--prop:nsx_ntp_0=192.168.110.10
--prop:nsx_isSSHEnabled=True
--prop:nsx_allowSSHRootLogin=True
--prop:nsx_passwd_0=<password>
--prop:nsx_cli_passwd_0=<password>
--prop:nsx_hostname=nsx-edge
--prop:mpIp=<NSXManager-IP>
--prop:mpToken=<NSXManager-Token>
--prop:mpThumbprint=<NSXManager-Thumbprint>
--prop:is_autonomous_edge=False
<path/url to nsx component ova>
vi://root:<password>@192.168.110.51
Opening OVA source: nsx-<component>.ova
The manifest validates
Source is signed and the certificate validates
Opening VI target: vi://[email protected]
Deploying to VI: vi://[email protected]
Transfer Completed
Powering on VM: nsx-edge-1
Task Completed
Completed successfully
- For a host managed by vCenter Server, run the ovftool command with the appropriate parameters.
C:\Users\Administrator\Downloads>ovftool
--name=nsx-edge-1
--deploymentOption=medium
--X:injectOvfEnv
--X:logFile=ovftool.log
--allowExtraConfig
--datastore=ds1
--net:"Network 0=Mgmt"
--net:"Network 1=nsx-tunnel"
--net:"Network 2=vlan-uplink"
--net:"Network 3=vlan-uplink"
--acceptAllEulas
--noSSLVerify
--diskMode=thin
--powerOn
--prop:nsx_ip_0=192.168.110.37
--prop:nsx_netmask_0=255.255.255.0
--prop:nsx_gateway_0=192.168.110.1
--prop:nsx_dns1_0=192.168.110.10
--prop:nsx_domain_0=corp.local
--prop:nsx_ntp_0=192.168.110.10
--prop:nsx_isSSHEnabled=True
--prop:nsx_allowSSHRootLogin=True
--prop:nsx_passwd_0=<password>
--prop:nsx_cli_passwd_0=<password>
--prop:nsx_hostname=nsx-edge
--prop:mpIp=<NSXManager-IP>
--prop:mpToken=<NSXManager-Token>
--prop:mpThumbprint=<NSXManager-Thumbprint>
--prop:is_autonomous_edge=False
<path/url to nsx component ova>
vi://[email protected]:<password>@192.168.110.24/?ip=192.168.210.53
Opening OVA source: nsx-<component>.ova
The manifest validates
Source is signed and the certificate validates
Opening VI target: vi://[email protected]@192.168.110.24:443/
Deploying to VI: vi://[email protected]@192.168.110.24:443/
Transfer Completed
Powering on VM: nsx-edge-1
Task Completed
Completed successfully
- For an optimal performance, reserve memory for the appliance.
- Open the console of the NSX Edge node to track the boot process.
- After the NSX Edge node starts, log in to the CLI with admin credentials.
- Run the get interface eth0 (without VLAN) or get interface eth0.<vlan_ID> (with a VLAN) command to verify that the IP address was applied as expected.
nsx-edge-1> get interface eth0.100
Interface: eth0.100
Address: 192.168.110.37/24
MAC address: 00:50:56:86:62:4d
MTU: 1500
Default gateway: 192.168.110.1
Broadcast address: 192.168.110.255
...
Note: When bringing up
NSX Edge nodes on non-NSX managed host, verify that the MTU setting is set to 1600 (instead of 1500) on the physical host switch for the data NIC.
- Verify that the NSX Edge node has the required connectivity.
If you enabled SSH, make sure that you can SSH to your NSX Edge node and verify the following:
- You can ping your NSX Edge node management interface.
- From the NSX Edge node, you can ping the node's default gateway.
- From the NSX Edge node, you can ping the hypervisor hosts that are either in the same network or a network reachable through routing.
- From the NSX Edge node, you can ping the DNS server and NTP Server IP or FQDN list.
- Troubleshoot connectivity problems.
Note: If connectivity is not established, make sure the VM network adapter is in the proper network or VLAN.
By default, the NSX Edge node datapath claims all virtual machine NICs except the management NIC (the one that has an IP address and a default route). If you incorrectly assigned a NIC as the management interface, follow these steps to use DHCP to assign management IP address to the correct NIC.
- Log in to the NSX Edge CLI and type the stop service dataplane command.
- Type the set interface interface dhcp plane mgmt command.
- Place interface into the DHCP network and wait for an IP address to be assigned to that interface.
- Type the start service dataplane command.
The datapath fp-ethX ports used for the VLAN uplink and the tunnel overlay are shown in the
get interfaces and
get physical-port commands on the
NSX Edge node.
What to do next
If you did not join the
NSX Edge with the management plane, see
Join NSX Edge with the Management Plane.