Forming an NSX Manager or Global Manager cluster provides high availability and reliability. You can use the join command to create a cluster.

Prerequisites

  • To create an NSX Manager cluster, deploy three nodes to create the cluster.

  • To create a Global Manager cluster, deploy three nodes to create the cluster. However, if your Global Manager has NSX-T Data Center 3.0.0 installed, deploy only one node, and do not form a cluster. See Install the Active and Standby Global Manager.

Procedure

  1. Open an SSH or console session to the first deployed NSX Manager or Global Manager node and log in with the administrator credentials.
  2. On the first deployed node, run the following commands.
    1. Run the get certificate api thumbprint command.
      The command output is a string that is unique to this node.
    2. Run the get cluster config command to get the cluster ID of the first deployed node.
      mgr-first> get cluster config
      Cluster Id: 7b50abb9-0402-4ed5-afec-363587c3c705
      Cluster Configuration Version: 0
      Number of nodes in the cluster: 1
      
      ...
  3. Open an SSH or console session to the new node and log in with the administrator credentials.
  4. On the new node that is joining the cluster, run the join command.

    Provide the following information about the first deployed node in the join command:

    • IP address
    • Cluster ID
    • User name
    • Password
    • Certificate thumbprint
    mgr-new> join <Manager-IP> cluster-id <cluster-id> username <Manager-username> password <Manager-password> thumbprint <Manager-thumbprint>
    The joining and cluster stabilizing process might take from 10 to 15 minutes. Run get cluster status to view the status. Verify that the status for every cluster service group is UP before making any other cluster changes.
  5. Add the third node to the cluster.
    Repeat step 4 on the third node.
  6. Verify the cluster status on the web interface.
    • On NSX Manager, log in to the NSX Manager web interface and select System > Appliances.
    • On Global Manager, log in to the Global Manager web interface and select System > Global Manager Appliances.

Results

Verify the result by running the get managers command on your hosts.

host> get managers
- 192.168.110.47   Connected

In the NSX Manager UI in Fabric > Node > Hosts, verify that the host's MPA connectivity is Up.

You can also view the fabric host's state with the GET https://<nsx-mgr>/api/v1/fabric/nodes/<fabric-node-id>/state API call:

{
  "details": [],
  "state": "success"
}

The management plane sends the host certificates to the control plane, and the control plane pushes control plane information to the hosts.

You should see NSX Controller addresses in /etc/vmware/nsx/controller-info.xml on each ESXi host or access the CLI using get controllers.
[root@host:~] cat /etc/vmware/nsx/controller-info.xml 
<?xml version="1.0" encoding="utf-8"?>
<config>
  <connectionList>
    <connection id="0">
        <server>10.143.1.47</server>
        <port>1234</port>
        <sslEnabled>true</sslEnabled>
        <pemKey>-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----</pemKey>
    </connection>
    <connection id="1">
        <server>10.143.1.45</server>
        <port>1234</port>
        <sslEnabled>true</sslEnabled>
        <pemKey>-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----</pemKey>
    </connection>
    <connection id="2">
        <server>10.143.1.46</server>
        <port>1234</port>
        <sslEnabled>true</sslEnabled>
        <pemKey>-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----</pemKey>
    </connection>
  </connectionList>
</config>
The host connection to NSX-T Data Centers is initiated and sits in "CLOSE_WAIT" status until the host is promoted to a transport node. You can see this with the esxcli network ip connection list | grep 1234 command.
# esxcli network ip connection list | grep 1234
tcp  0 0  192.168.210.53:45823  192.168.110.34:1234  CLOSE_WAIT  37256  newreno  netcpa 
For KVM, the command is netstat -anp --tcp | grep 1234.
user@host:~$ netstat -anp --tcp | grep 1234
tcp  0  0  192.168.210.54:57794  192.168.110.34:1234   CLOSE_WAIT -

What to do next

Create a transport zone. See Prepare Standalone Hosts as Transport Nodes.