Forming an NSX Manager or Global Manager cluster provides high availability and reliability. If all or atleast one of the three NSX Manager appliances is deployed as an OVA/OVF using vCenter, use the join command to join the NSX Manager nodes and create a cluster.

Prerequisites

  • To create an NSX Manager cluster, deploy three NSX Manager nodes from the OVF tool CLI or VMware vCenter UI.

  • To create a Global Manager cluster, deploy three nodes to create the cluster. However, if your Global Manager has NSX 3.0.0 installed, deploy only one node, and do not form a cluster. See Install the Active and Standby Global Manager.

Procedure

  1. Open an SSH or console session to the first deployed NSX Manager or Global Manager node and log in with the administrator credentials.
  2. On the first deployed node, run the following commands.
    1. Run the get certificate api thumbprint command.
      The command output is a string that is unique to this node.
    2. Run the get cluster config command to get the cluster ID of the first deployed node. 
      mgr-first> get cluster config
Cluster Id: 7b50abb9-0402-4ed5-afec-363587c3c705
Cluster Configuration Version: 0
Number of nodes in the cluster: 1

...
  3. Open an SSH or console session to the new node and log in with the administrator credentials.
  4. On the new node that is joining the cluster, run the join command.

    Provide the following information about the first deployed node in the join command:

    • IP address
    • Cluster ID
    • User name
    • Password
    • Certificate thumbprint 
    mgr-new> join <Manager-IP> cluster-id <cluster-id> username <Manager-username> password <Manager-password> thumbprint <Manager-thumbprint>
    The joining and cluster stabilizing process might take from 10 to 15 minutes. Run get cluster status to view the status. Verify that the status for every cluster service group is UP before making any other cluster changes.
  5. Add the third node to the cluster.
    Repeat step 4 on the third node.
  6. Verify the cluster status on the web interface.
    • On NSX Manager, log in to the NSX Manager web interface and select System > Appliances.
    • On Global Manager, log in to the Global Manager web interface and select System > Global Manager Appliances.

Results

Verify the result by running the get managers command on your hosts. 

host> get managers
- 192.168.110.47   Connected

In the NSX Manager UI in Fabric > Node > Hosts, verify that the host's MPA connectivity is Up.

You can also view the fabric host's state with the GET https://<nsx-mgr>/api/v1/fabric/nodes/<fabric-node-id>/state API call: 

{
  "details": [],
  "state": "success"
}

The management plane sends the host certificates to the control plane, and the control plane pushes control plane information to the hosts.

You should see NSX Controller addresses in /etc/vmware/nsx/controller-info.xml on each ESXi host or access the CLI using get controllers. 
[root@host:~] cat /etc/vmware/nsx/controller-info.xml 
<?xml version="1.0" encoding="utf-8"?>
<config>
  <connectionList>
    <connection id="0">
        <server>10.143.1.47</server>
        <port>1234</port>
        <sslEnabled>true</sslEnabled>
        <pemKey>-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----</pemKey>
    </connection>
    <connection id="1">
        <server>10.143.1.45</server>
        <port>1234</port>
        <sslEnabled>true</sslEnabled>
        <pemKey>-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----</pemKey>
    </connection>
    <connection id="2">
        <server>10.143.1.46</server>
        <port>1234</port>
        <sslEnabled>true</sslEnabled>
        <pemKey>-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----</pemKey>
    </connection>
  </connectionList>
</config>
The host connection to NSXs is initiated and sits in "CLOSE_WAIT" status until the host is promoted to a transport node. You can see this with the esxcli network ip connection list | grep 1234 command. 
# esxcli network ip connection list | grep 1234
tcp  0 0  192.168.210.53:45823  192.168.110.34:1234  CLOSE_WAIT  37256  newreno  netcpa

What to do next

Create a transport zone. See Create Transport Zones.