This topic provides instructions for creating the NSX-T objects for the TKGI Management Plane.
Before completing this section, make sure you have completed the following sections:
Networking for the TKGI Management Plane consists of a Tier-1 Router and Switch with NAT Rules for the Management Plane VMs.
Create Tier-1 Logical Switch and Router for TKGI Management Plane VMs. Complete the configuration by enabling Route Advertisement on the T1 router.
In the NSX Management console, navigate to Networking > Logical Switches.
Click Add.
Create the LS for TKGI Management plane VMs:
Click Add and verify creation of the T1 logical switch.
Go to Networking > Tier-1 Logical Router.
Click Add.
Configure the Tier-1 logical router as follows:
Click Add and verify.
Select the T1 router and go to Configuration > Router port.
Click Add.
Configure the T1 router port as follows:
Click Add and verify.
Select Routing tab.
Click Edit and configure route advertisement as follows:
Click Save and verify.
You need to create the following NAT rules on the Tier-0 router for the TKGI Management Plane VMs.
10.173.62.220
(for example) to access Ops Manager10.173.62.221
(for example) to access HarborSNAT: 10.173.62.222
(for example) for all TKGI management plane VM traffic destined to the outside world
In the NSX Management console, navigate to Networking > NAT.
In the Logical Router field, select the T0-router you defined for TKGI.
Click Add.
Configure the Ops Manager DNAT rule as follows:
1000
DNAT
Any Protocol
10.173.62.220
, for example10.1.1.2
, for exampleClick Add and verify.
Add a second DNAT rule for Harbor by repeating the same operation.
1000
DNAT
Any Protocol
10.173.62.221
, for example10.1.1.6
, for exampleVerify the creation of the DNAT rules.
Create the SNAT rule for the management plane traffic as follows:
9024
SNAT
Any Protocol
10.1.1.0/24
, for example10.173.62.222
, for exampleVerify the creation of the SNAT rule.