You can add an NSX Edge VM to the NSX-T Data Center fabric and proceed to configure it as a NSX Edge transport node VM.

An NSX Edge Node is a transport node that runs the local control plane daemons and forwarding engines implementing the NSX-T Data Center data plane. It runs an instance of the NSX-T Data Center virtual switch called the NSX Virtual Distributed Switch, or N-VDS. The Edge Nodes are service appliances dedicated to running centralized network services that cannot be distributed to the hypervisors. They can be instantiated as a bare metal appliance or in virtual machine form factor. They are grouped in one or several clusters. Each cluster is representing a pool of capacity.
An NSX Edge can belong to one overlay transport zone and multiple VLAN transport zones. An NSX Edge belongs to at least one VLAN transport zone to provide the uplink access.
Note: If you plan to create transport nodes from a template VM, make sure that there are no certificates on the host in /etc/vmware/nsx/. nsx-proxy does not create a certificate if a certificate already exists.

Prerequisites

  • Transport zones must be configured. See Create Transport Zones.
  • Verify that compute manager is configured. See Add a Compute Manager.
  • An uplink profile must be configured or you can use the default uplink profile for NSX Edge nodes. See Create an Uplink Profile.
  • An IP pool must be configured or must be available in the network deployment. See Create an IP Pool for Tunnel Endpoint IP Addresses.
  • Prepare uplinks. For example, distributed port groups as trunk in vCenter Server or NSX Segments in NSX-T Data Center.
  • If the NSX Edge Bare Metal server is running version 6.7u3 or earlier, do not upgrade the NSX Edge virtualHW.version to 14 or higher in vCenter Server. By default, the virtualHW.version is set to 13.

Procedure

  1. From a browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
  2. Select System > Fabric > Nodes > Edge Transport Nodes > Add Edge Node.
  3. Type a name for the NSX Edge.
  4. Type the Host name or FQDN from vCenter Server.
  5. Select the form factor for the NSX Edge VM appliance.
  6. To customize CPU and memory allocated to an NSX Edge VM appliance, tune the following parameters. However, for maximum performance NSX Edge VM appliance must be assigned 100% of the available resources.
    Caution: If you customize resources allocated to the NSX Edge VM, turn back the reservation later on to 100% to get maximum performance.
    Option Description
    Memory Reservation (%)

    Reservation percentage is relative to the pre-defined value in the form factor.

    100 indicates 100% of memory is reserved for the NSX Edge VM.

    If you enter 50, it indicates that 50% of the allocated memory is reserved for the Edge transport node.
    CPU Reservation Priority Select the number of shares to be allocated to an NSX Edge VM relative to other VMs that are contending for shared resources.
    The following shares are for an NSX Edge VM in Medium form factor:
    • Low - 2000 shares
    • Normal - 4000 shares
    • High - 8000 shares
    • Extra High - 10000 shares
    CPU Reservation (MHz)
    Caution: Unless you need fine grained control over CPU reservations, do not use this field. Instead, change CPU reservations from the CPU Reservation Priority field.

    The maximum CPU reservation value must not exceed the number of vCPUs multiplied by the normal CPU operation rate of the physical CPU core.

    If the MHz value entered exceeds the maximum CPU capacity of the physical CPU cores, the NSX Edge VM might fail to start even though the allocation was accepted.

    For example, consider a system with two Intel Xeon E5-2630 CPUs. Each CPU contains ten cores running at 2.20 GHz. The maximum CPU allocation for a VM configured with two vCPUs is 2 x 2200 MHz = 4400 MHz. If CPU reservation is specified as 8000 MHz, the reconfiguration of the VM completes successfully. However, the VM fails to power on.
  7. In the Credentials window, enter the following details.
    • Specify the CLI and the root passwords for the NSX Edge. Your passwords must comply with the password strength restrictions.
      • At least 12 characters
      • At least one lower-case letter
      • At least one upper-case letter
      • At least one digit
      • At least one special character
      • At least five different characters
      • No dictionary words
      • No palindromes
      • More than four monotonic character sequence is not allowed
    • To enable SSH for an administrator, toggle the Allow SSH Login button.
    • To enable SSH for a root user, toggle the Allow Root SSH Login button.
    • Enter credentials for the Audit role. If you do not enter credentials in the Audit Credentials section, the audit role remains disabled.
      Note: After deploying the NSX Edge node, you cannot change the SSH setting for a root user that you set during deployment. For example, you cannot enable SSH for a root user if you disabled it during deployment.
  8. Enter the NSX Edge details.
    Option Description
    Compute Manager Select the compute manager from the drop-down menu.

    The compute manager is the vCenter Server registered in the Management Plane.

    Cluster Designate the cluster the NSX Edge is going to join from the drop-down menu.
    Resource Pool or Host Assign either a resource pool or a specific host for the NSX Edge from the drop-down menu.
    Datastore Select a datastore for the NSX Edge files from the drop-down menu.
  9. Enter the NSX Edge interface details.
    Option Description
    IP Assignment

    It is the IP address assigned to NSX Edge node which is required to communicate with NSX Manager and NSX Controller.

    Select DHCP or Static IP.
    If you select Static, enter the values for:
    • Management IP: Enter IP address of NSX Edge in the CIDR notation.
    • Default gateway: Enter the gateway IP address of NSX Edge.
    Management Interface From the drop-down menu, select the interface that connects to the NSX Edge management network. This interface must either be reachable from NSX Manager or must be in the same management interface as NSX Manager and NSX Controller.

    The NSX Edge management interface establishes communication with the NSX Manager management interface.

    The NSX Edge management interface is connected to distributed port groups or segments.
    Search Domain Names Enter domain names in the format 'example.com'.
    DNS Servers Enter the IP address of the DNS server.
    NTP Servers Enter the IP address of the NTP server.
  10. Enter the N-VDS information.
    Option Description
    Edge Switch Name Enter a name for the switch.
    Transport Zone Select the transport zones that this transport node belongs to. An NSX Edge transport node belongs to at least two transport zones, an overlay for NSX-T Data Center connectivity and a VLAN for uplink connectivity.
    Note: NSX Edge Nodes support multiple overlay tunnels (multi-TEP) when the following prerequisites are met:
    • TEP configuration must be done on one N-VDS only.
    • All TEPs must use the same transport VLAN for overlay traffic.
    • All TEP IPs must be in the same subnet and use the same default gateway.
    Uplink Profile Select the uplink profile from the drop-down menu.

    The available uplinks depend on the configuration in the selected uplink profile.
    IP Assignment (TEP)

    IP address is assigned to the NSX Edge switch that is configured. It is used as the tunnel endpoint of the NSX Edge.

    Select Use IP Pool or Use Static IP List for the overlay N-VDS.
    • If you select Use Static IP List, specify:
      • Static IP List: Enter a list of comma-separated IP addresses to be used by the NSX Edge.
      • Gateway: Enter the default gateway of the TEP, which is used to route packets another TEP in another network. For eample, ESXi TEP is in 20.20.20.0/24 and NSX Edge TEPs are in 10.10.10.0/24 then we use the default gateway to route packets between these networks.
      • Subnet mask: Enter the subnet mask of the TEP network used on the NSX Edge.
    • If you selected Use IP Pool for IP assignment, specify the IP pool name.

    DPDK Fastpath Interfaces / Virtual NICs Select the data path interface that is either a distributed port group trunk or a segment as the uplink interface.
    Note: If the uplink profile applied to the NSX Edge node is using a Named Teaming policy, ensure the following condition is met:
    • All uplinks in the Default Teaming policy must be mapped to the corresponding physical network interfaces on the Edge VM for traffic to flow through a logical switch that uses the Named Teaming policies.

    Starting with NSX Data Center 3.2.1, you can configure a maximum of four unique data path interfaces as uplinks on an NSX Edge VM.

    When mapping uplinks to DPDK Fastpath Interfaces, if NSX Edge does not display all the available interfaces (four in total), it means that either the additional interface is not yet added to the NSX Edge VM or the uplink profile has fewer number of uplinks.

    For NSX Edge VMs upgraded from an earlier version of NSX-T Data Center to 3.2.1 or later, invoke the redeploy API call to redeploy the NSX Edge VM. Invoking the redeploy API ensures the NSX Edge VM deployed recognizes all the available datapath interfaces in NSX Manager UI. Make sure the Uplink profile is correctly configured to use additional datapath NIC.

    • For autodeployed NSX Edges, call the redeploy API.
      POST api/v1/transport-nodes/<transport-node-id>?action=redeploy
    • For manually deployed edges, deploy a new NSX Edge VM. Ensure all the vmx customizations of the old NSX Edge VM are also done for the new NSX Edge VM.

    Performing vMotion on a NSX Edge VM might result in the NSX Edge VM going into failed state or the additional network adapter cannot be enabled because of memory buffer issues. For troubleshooting memory-related issues when performing a vMotion on a NSX Edge VM, see https://kb.vmware.com/s/article/76387.
    Note:
    • LLDP profile is not supported on an NSX Edge VM appliance.
    • Uplink interfaces are displayed as DPDK Fastpath Interfaces if the NSX Edge is installed using NSX Manager or on a Bare Metal server.
    • Uplink interfaces are displayed as Virtual NICs if the NSX Edge is installed manually using vCenter Server.
  11. View the connection status on the Transport Nodes page.
    After adding the NSX Edge as a transport node, the connection status changes to Up in 10-12 minutes.
  12. (Optional) View the transport node with the GET https://<nsx-manager>/api/v1/transport-nodes/<transport-node-id> API call.
  13. (Optional) For status information, use the GET https://<nsx-mgr>/api/v1/transport-nodes/<transport-node-id>/status API call.
  14. After an NSX Edge node is migrated to a new host using vCenter Server, you might find NSX Manager UI reporting stale configuration details (Compute, Datastore, Network, SSH, NTP, DNS, Search Domains) of the NSX Edge. To get the latest configuration details of NSX Edge on the new host, run the API command.
    POST api/v1/transport-nodes/<transport-node-id>?action=refresh_node_configuration&resource_type=EdgeNode
  15. (Optional) You can change the IP address of the NSX Edge node from the command line interface. At the CLI terminal, run set interface eth0 ip <Gateway_IPaddress> gateway <NSXEdge_IPaddress> plane mgmt. For example, set interface eth0 ip 192.168.110.42/24 gateway 192.168.110.1 plane mgmt.

What to do next

Add the NSX Edge node to an NSX Edge cluster. See Create an NSX Edge Cluster.