NSX controller is an advanced distributed state management system that provides control plane functions for NSX logical switching and routing functions. It serves as the central control point for all logical switches within a network and maintains information about all hosts, logical switches (VXLANs), and distributed logical routers. Controllers are required if you are planning to deploy 1) distributed logical routers or 2) VXLAN in unicast or hybrid mode. In cross-vCenter NSX, once the NSX Manager is assigned the primary role, its controller cluster becomes the universal controller cluster for the whole cross-vCenter NSX environment.
About this task
No matter the size of the NSX deployment, VMware requires that each NSX Controller cluster contain three controller nodes. Having a different number of controller nodes is not supported.
The cluster requires that each controller's disk storage system has a peak write latency of less than 300ms, and a mean write latency of less than 100ms. If the storage system does not meet these requirements, the cluster can become unstable and cause system downtime.
Before deploying NSX Controllers, you must deploy an NSX Manager appliance and register vCenter with NSX Manager.
Determine the IP pool settings for your controller cluster, including the gateway and IP address range. DNS settings are optional. The NSX Controller IP network must have connectivity to the NSX Manager and to the management interfaces on the ESXi hosts.
- Using the vSphere Web Client, log in to the vCenter Server system registered with the NSX Manager that will become the primary NSX Manager.
If the vCenter Server systems in your cross-vCenter NSX environment are in Enhanced Linked Mode, you can access any associated NSX Manager from any linked vCenter Server system by selecting it from the NSX Manager drop-down menu.
- Navigate to Home > Networking & Security > Installation and select the Management tab.
If your vCenter Server systems are in Enhanced Linked Mode, you will see all associated NSX Managers listed here.
- In the NSX Managers section, select the NSX Manager that will become the primary NSX Manager.
- In the NSX Controller nodes section, click the Add Node () icon.
- Enter the NSX Controller settings appropriate to your environment.
NSX Controllers should be deployed to a vSphere Standard Switch or vSphere Distributed Switch port group which is not VXLAN based and has connectivity to the NSX Manager, other controllers, and to hosts via IPv4.
- If you have not already configured an IP pool for your controller cluster, configure one now by clicking New IP Pool.
Individual controllers can be in separate IP subnets, if necessary.
- Type and re-type a password for the controller.
Password must not contain the username as a substring. Any character must not consecutively repeat 3 or more times.
The password must be at least 12 characters and must follow 3 of the following 4 rules:
At least one upper case letter
At least one lower case letter
At least one number
At least one special character
- After the first controller is completely deployed, deploy two additional controllers.
Having three controllers is mandatory. We recommend configuring a DRS anti-affinity rule to prevent the controllers from residing on the same host.
When successfully deployed, the controllers have a Connected status and display a green check mark.
If the deployment was not successful, see Deploying NSX Controllers in the NSX Troubleshooting Guide.