NSX Controllers are deployed by NSX Manager in OVA format. Having a Controller cluster provides high availability.
Deploying Controllers requires that NSX Manager, vCenter Server, and ESXi hosts have DNS and NTP configured.
A static IP pool must be used to assign IP addresses to each Controller.
It is recommended that you implement DRS anti-affinity rules to keep NSX Controllers on separate hosts.
You must deploy three NSX Controllers.
Common Issues with Controllers
During the deployment of NSX Controllers, the typical issues that can be encountered are as follows:
NSX Controller running slowly. This might be caused by insufficient resources. To detect issues with NSX Controller system requirements, run the request system compatibility-report command.
nsx-controller # request system compatibility-report Testing: Number of CPUs. Done. Testing: Aggregate CPU speed. Done. Testing: Memory. Done. Testing: Management NIC speed. Done. Testing: NTP configured. Done. Testing: /var disk partition size. Done. Testing: /var disk speed. Done. Testing: pserver-log disk size. Done. Testing: pserver-log disk speed. Done. Testing: pserver-data disk size. Done. Testing: pserver-data disk speed. Done. Testing: logging disk size. Done. Testing: logging disk speed. Done. Detected Supported Required Number of CPUs 2 NO >=8 Aggregate CPU speed 5.6 GHz NO >=13 Memory 1.835 GB NO >=63 Management NIC speed 10000 Mb/s YES >=1000 NTP configured No NO Yes /var disk partition size - GB NO >=128 /var disk speed - MB/s NO >=40 pserver-log disk size - GB NO >=128 pserver-log disk speed - MB/s NO >=40 pserver-data disk size - GB NO >=128 pserver-data disk speed - MB/s NO >=40 logging disk size - GB NO >=128 logging disk speed - MB/s NO >=40
IP connectivity issues between the NSX Manager and the NSX controllers. This is generally caused by physical network connectivity issues or a firewall blocking communication.
Insufficient resources such as storage available on vSphere to host the Controllers. Viewing the vCenter events and tasks log during Controller deployment can identify such issues.
A misbehaving "rogue" Controller or an upgraded Controllers in the Disconnected state.
DNS on ESXi hosts and NSX manager have not been configured properly.
NTP on ESXi hosts and NSX Manager are not in sync.
When newly connected VMs have no network access, this is likely caused by a control-plane issue. Check the Controller status.
Also try running the esxcli network vswitch dvs vmware vxlan network list --vds-name <name> command on ESXi hosts to check the control-plane status. Note that the Controller connection is down.
Running the show log manager follow NSX Manager CLI command can identify any other reasons for a failure to deploy controllers.