NSX Controller serves as the central control point for all logical switches within a network and maintains information about all hosts, logical switches, and distributed logical routers.
About this task
The QCOW2 installation procedure uses guestfish, a Linux command-line tool to write virtual machine settings into the QCOW2 file.
KVM set up. See Set Up KVM.
Privileges to deploy a QCOW2 image on the KVM host.
Verify that the system requirements are met. See System Requirements.
Verify that the required ports are open. See Ports and Protocols.
If you don't already have one, create the target VM port group network. Most deployments place NSX appliances on a management VM network.
If you have multiple management networks, you can add static routes to the other networks from the NSX appliance. Prepare management VM port group on which NSX appliances will communicate.
Plan your IPv4 IP address scheme. In this release of NSX-T, IPv6 is not supported.
- Download the NSX Controller QCOW2 image.
- (Ubuntu only) Add the currently logged in user as a libvirtd user:
adduser $USER libvirtd
- In the same directory where you saved the QCOW2 image, create a file called guestinfo (with no file extension) and populate it with the NSX Controller VM's properties.
<?xml version="1.0" encoding="UTF-8"?> <Environment xmlns="http://schemas.dmtf.org/ovf/environment/1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:oe="http://schemas.dmtf.org/ovf/environment/1"> <PropertySection> <Property oe:key="nsx_allowSSHRootLogin" oe:value="True"/> <Property oe:key="nsx_cli_passwd_0" oe:value="<password>"/> <Property oe:key="nsx_dns1_0" oe:value="192.168.110.10"/> <Property oe:key="nsx_domain_0" oe:value="corp.local"/> <Property oe:key="nsx_gateway_0" oe:value="192.168.110.1"/> <Property oe:key="nsx_hostname" oe:value="nsx-Controller1"/> <Property oe:key="nsx_ip_0" oe:value="192.168.110.34"/> <Property oe:key="nsx_isSSHEnabled" oe:value="True"/> <Property oe:key="nsx_netmask_0" oe:value="255.255.255.0"/> <Property oe:key="nsx_ntp_0" oe:value="192.168.110.10"/> <Property oe:key="nsx_passwd_0" oe:value="<password>"/> </PropertySection> </Environment>
In the example, nsx_isSSHEnabled and nsx_allowSSHRootLogin are both enabled. When they are disabled, you cannot SSH or log in to the NSX Controller command line. If you enable nsx_isSSHEnabled but not nsx_allowSSHRootLogin, you can SSH to NSX Controller but you cannot log in as root.
- Use guestfish to write the guestinfo file into the QCOW2 image.
If you are making multiple controllers, make a separate copy of the QCOW2 image for each controller. After the guestinfo information is written into a QCOW2 image, the information cannot be overwritten.
guestfish --rw -i -a nsx-Controller1-build.qcow2 upload guestinfo /config/guestinfo
- Deploy the QCOW2 image with the virt-install command.
user@ubuntu1604:/var/lib/libvirt/images$ sudo virt-install --import --name nsx-controller1 --ram 16348 --vcpus 4 --network=bridge:br0,model=e1000 --disk path=/var/lib/libvirt/images/nsx-manager-18.104.22.168.0.4446302.qcow2,format=qcow2 --nographics Starting install... Creating domain... | 0 B 00:01 Connected to domain nsx-Controller1 Escape character is ^] nsx-Controller1 login:
After the NSX Controller boots up, the NSX Controller console appears.
- For optimal performance, reserve memory for the NSX component.
A memory reservation is a guaranteed lower bound on the amount of physical memory that the host reserves for a virtual machine, even when memory is overcommitted. Set the reservation to a level that ensures the NSX component has sufficient memory to run efficiently. See System Requirements.
Open the console of the NSX component to track the boot process.
After the NSX component is completely booted, log in to the CLI as admin and run the get interface eth0 command to verify that the IP address was applied as expected.
nsx-component> get interface eth0 Interface: eth0 Address: 192.168.110.25/24 MAC address: 00:50:56:86:7b:1b MTU: 1500 Default gateway: 192.168.110.1 Broadcast address: 192.168.110.255 ...
Ensure that your NSX component has the required connectivity.
Make sure that you can ping your NSX component.
Make sure that the NSX component can ping its default gateway.
Make sure that your NSX component can ping the hypervisor hosts that are in the same network as the NSX component.
Make sure that the NSX component can ping its DNS server and its NTP server.
If you enabled SSH, make sure that you can SSH to your NSX component.
If connectivity is not established, make sure the network adapter is in the proper network or VLAN.
What to do next
Join the NSX Controller with the management plane. See Join NSX Controllers with the Management Plane.