Create IP sets for all management applications in the consolidated cluster. You use the IP sets later to create security groups for use with the distributed firewall rules.

About this task

You perform this procedure multiple times to configure all of the necessary IP sets. You allocate one IP set per group of applications.

Table 1. IP Sets for the Management Components in the Consolidated Cluster

Name

IP Addresses

Platform Services Controller Instances

Platform-Service-Controller_IP's

vCenter Server Instances

vCenter-Server_IP's

vRealize Automation Appliances

vRealize-Automation-Appliances_IP's

vRealize Automation Windows

vRealize-Automation-Windows _IP's

vRealize Business Server

vRealize-Business_IP

vRealize Business Data Collector

vRealize-Business-Data-Collector_IP's

vSphere Data Protection

vSphere-Data-Protection_IP's

vRealize Operations Manager

vRealize-Operations-Manager_IP's

vRealize Operations Manager Remote Collectors

vRealize-Operations-Manager-Remote-Collectors_IP's

vRealize Log Insight

vRealize-Log-Insight_IP's

Update Manager Download Service

UMDS_IP's

SDDC

Management-VLAN_Subnets, Management-VXLAN_Subnets

Administrators

Administrator-Desktops_Subnet

Procedure

  1. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://sfo01w01vc01.sfo01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.

      Setting

      Value

      User name

      administrator@vsphere.local

      Password

      vsphere_admin_password

  2. In the Navigator, click Networking & Security.
  3. Click NSX Managers and click the 172.16.11.66 instance.
  4. Select Manage tab, click Grouping Objects, and click IP Sets.
  5. Click the Add icon.
  6. In the New IP Set dialog box, configure the values for the IP set that you are adding, and click OK.

    Setting

    Value

    Name

    Platform Services Controller Instances

    IP Addresses

    172.16.11.63

    Mark this object for Universal Synchronization

    Selected

  7. Repeat this procedure to create IP sets for all of the remaining components.