NSX Controller is an advanced distributed state management system that provides control plane functions for NSX-T logical switching and routing functions.

NSX Controllers serve as the central control point for all logical switches within a network and maintains information about all hosts, logical switches, and logical routers. NSX Controllers control the devices that perform packet forwarding. These forwarding devices are known as virtual switches.

Virtual switches, such as NSX-T hostswitch and Open vSwitch (OVS), reside on ESXi and other hypervisors such as KVM.

Table 1. NSX Controller Deployment, Platform, and Installation Requirements

Requirements

Description

Supported deployment methods

  • OVA/OVF

  • QCOW2

Supported platforms

  • vSphere 6.5 Update 1 and 6.5 GA

  • RHEL 7.3

  • Ubuntu 16.04.x

NSX Controller is supported on ESXi as a VM and KVM.

Note:

Installation via PXE boot is not supported.

IP address

An NSX Controller must have a static IP address. You cannot change the IP address after installation.

NSX-T appliance password

  • At least eight characters

  • At least one lower-case letter

  • At least one upper-case letter

  • At least one digit

  • At least one special character

  • At least five different characters

  • No dictionary words

  • No palindromes

Hostname

When installing NSX Controller, specify a hostname that does not contain invalid characters such as an underscore. If the hostname contains any invalid character, after deployment the hostname will be set to localhost. For more information about hostname restrictions, see https://tools.ietf.org/html/rfc952 and https://tools.ietf.org/html/rfc1123.

VMware Tools

The NSX Controller VM running on ESXi has VMTools installed. Do not remove or upgrade VMTools.

NSX Controller Installation Scenarios

Important:

When you install NSX Controller from an OVA or OVF file, either from vSphere Web Client or the command line, OVA/OVF property values such as user names, passwords, or IP addresses are not validated before the VM is powered on.

  • If you specify a user name for the admin or audit user, the name must be unique. If you specify the same name, it is ignored and the default names (admin and audit) are used.

  • If the password for the admin user does not meet the complexity requirements, you must log in to NSX Controller through SSH or at the console as the admin user. You are prompted to change the password.

  • If the password for the audit user does not meet the complexity requirements, the user account is disabled. To enable the account, log in to NSX Controller through SSH or at the console as the admin user and run the command set user audit to set the audit user's password (the current password is an empty string).

  • If the password for the root user does not meet the complexity requirements, you must log in to NSX Controller through SSH or at the console as root with the password vmware. You are prompted to change the password.

Note:

The core services on the appliance do not start until a password with sufficient complexity has been set.

After you deploy an NSX Controller from an OVA file, you cannot change the VM's IP settings by powering off the VM and modifying the OVA settings from vCenter Server.