Following the vSphere design, the NSX for vSphere design consists of a single consolidated stack providing services for management components and workloads.
In the converted stack, the underlying hosts are prepared for NSX for vSphere. The Consolidated stack has these components.
NSX Manager instance.
NSX Controller cluster.
NSX ESG for north/south routing.
NSX DLR for east/west routing.
NSX ESG load balancers for workloads, where required.
Table 1. NSX for vSphere Cluster Design Decisions
For the Consolidated stack, do not use a dedicated edge cluster.
Simplifies configuration and minimizes the number of hosts required for initial deployment.
The NSX Controller instances, NSX Edge services gateways, and DLR control VMs are deployed in the converted cluster.
The shared nature of the cluster will require the cluster to be scaled out as compute workloads are added so as to not impact network performance.
Apply vSphere Distributed Resource Scheduler (DRS) anti-affinity rules to the NSX components.
Using DRS prevents controllers from running on the same ESXi host and thereby risking their high availability capability.
Additional configuration is required to set up anti-affinity rules.
The logical design of NSX considers the vCenter Server clusters and define the place where each NSX component runs.
High Availability of NSX for vSphere Components
vSphere HA protects the NSX Manager instance by ensuring that the NSX Manager VM is restarted on a different host in the event of primary host failure.
The NSX Controller nodes have defined vSphere Distributed Resource Scheduler (DRS) rules to ensure that NSX for vSphere Controller nodes do not run on the same host.
The data plane remains active during outages in the management and control planes although the provisioning and modification of virtual networks is impaired until those planes become available again.
NSX Edge components that are deployed for north/south traffic are configured in equal-cost multi-path (ECMP) mode that supports route failover in seconds. NSX Edge components deployed for load balancing utilize NSX HA. NSX HA provides faster recovery than vSphere HA alone because NSX HA uses an active/passive pair of NSX Edge devices. By default, the passive Edge device becomes active within 15 seconds. All NSX Edge devices are also protected by vSphere HA.
Scalability of NSX Components
A one-to-one mapping between NSX Manager instances and vCenter Server instances exists. If the inventory exceeds the limits supported by a single vCenter Server, then you can deploy a new vCenter Server instance, and must also deploy a new NSX Manager instance. Because ROBO is defined as up to 100 workloads plus the required management components scalability of the products is not an issue.