Deployment Model for NSX-T Global Manager for the Management Domain

As a best practice, you must deploy a highly available NSX-T Global Manager instance so that the NSX-T management plane can continue propagating configuration to the NSX-T Local Manager nodes in each region. You also select an NSX-T Global Manager appliance size according to the number of anticipated objects required to run the SDDC management components.

Deployment Type

You can deploy NSX-T Global Manager in a one-node configuration or as a cluster for high availability.

Table 1. Design Decisions on the NSX-T Global Manager Deployment Type
Decision ID	Design Decision	Design Justification	Design Implication
SDDC-MGMT-VI-SDN-025	For a dual-region SDDC, deploy three NSX-T Global Manager nodes for the management domain in the first cluster in the domain for configuring and managing the network services for SDDC management components.	Mutli-region deployment requires that some SDDC management components are placed on isolated virtual networks, using load balancing, logical switching, dynamic routing, and logical firewalls services.	You must turn on vSphere HA in the first cluster in the management domain. The first cluster in the management domain requires four physical ESXi hosts for vSphere HA and for high availability of the NSX-T Manager cluster.

Sizing Compute and Storage Resources for NSX-T Global Manager

When you size the resources for NSX-T management components, consider the compute and storage requirements for each component, and the number of nodes per component type.

Table 2. NSX-T Global Manager Resource Specification
Appliance Size	vCPU	Memory (GB)	Storage (GB)	Scale
Small	4	16	300	Proof of concept
Medium	6	24	300	Up to 64 ESXi hosts
Large	12	48	300	More than 64 ESXi hosts

Table 3. Design Decisions on Sizing Resources for NSX-T Global Manager
Decision ID	Design Decision	Design Justification	Design Implication
SDDC-MGMT-VI-SDN-026	For a dual-region SDDC, deploy each node in the NSX-T Global Manager cluster for the management domain as a medium-size appliance or larger.	A medium-size appliance is sufficient for providing network services to the SDDC management components.	If you extend the management domain, increasing the size of the NSX-T Manager appliances might be required.

High Availability of NSX-T Global Manager in a Single Region

The NSX-T Global Manager cluster runs on the first cluster in the management domain. vSphere HA protects the NSX-T Manager appliances by restarting an NSX-T Manager appliance on a different ESXi host if a primary ESXi host failure occurs.

Table 4. Design Decisions on the High Availability Configuration for NSX-T Global Manager
Decision ID	Design Decision	Design Justification	Design Implication
SDDC-MGMT-VI-SDN-027	For a dual-region SDDC, create a virtual IP (VIP) address for the NSX-T Global Manager cluster for the management domain.	Provides high availability of the user interface and API of NSX-T Global Manager.	The VIP address feature provides high availability only. It does not load-balance requests across the cluster. When using the VIP address feature, all NSX-T Global Manager nodes must be deployed on the same Layer 2 network.
SDDC-MGMT-VI-SDN-028	For a dual-region SDDC, apply VM-VM anti-affinity rules in vSphere Distributed Resource Scheduler (vSphere DRS) to the NSX-T Global Manager appliances.	Keeps the NSX-T Global Manager appliances running on different ESXi hosts for high availability.	You must allocate at least four physical hosts so that the three NSX-T Manager appliances continue running if an ESXi host failure occurs. You must perform additional configuration for the anti-affinity rules.
SDDC-MGMT-VI-SDN-029	For a dual-region SDDC, in vSphere HA, set the restart priority policy for each NSX-T Global Manager appliance to medium.	NSX-T Global Manager implements the management plane for global segments and firewalls. NSX-T Global Manager is not required for control plane and data plane connectivity. Setting the restart priority to medium reserves the high priority for services that impact the NSX-T control or data planes.	Management of NSX-T global components will be unavailable until at least one NSX-T Global Manager virtual machine restarts. The NSX-T Global Manager cluster is deployed in the management domain, where the total number of virtual machines is limited and where it competes with other management components for restart priority.

High Availability of NSX-T Global Manager in Multiple Availability Zones

In an environment with multiple availability zones, the NSX-T Global Manager cluster runs in Availability Zone 1. If a failure in Availability Zone 1 occurs, the NSX-T Global Manager cluster is failed over to Availability Zone 2.

Table 5. Design Decisions on the High Availability Configuration for NSX-T Global Manager for Multiple Availability Zones
Decision ID	Design Decision	Design Justification	Design Implication
SDDC-MGMT-VI-SDN-030	For a dual-region SDDC, when using two availability zones, add the NSX-T Global Manager appliances to the virtual machine group for Availability Zone 1.	Ensures that, by default, the NSX-T Global Manager appliances are powered on on a host in the primary availability zone.	None.

High Availability of NSX-T Global Manager in Multiple Regions

In an environment with multiple regions, you can deploy multiple NSX-T Global Manager clusters in an Active/Standby model. In this scenario, the NSX-T Global Manager cluster in one region is active, and a second NSX-T Global Manager cluster in the second region is in a standby mode.

Table 6. Design Decisions on the High Availability Configuration for NSX-T Global Manager for Multiple Regions
Decision ID	Design Decision	Design Justification	Design Implication
SDDC-MGMT-VI-SDN-031	For a dual-region SDDC, when using two regions, deploy an additional NSX-T Global Manager Cluster in Region B.	Enables recoverablity of NSX-T Global Manager in a second region if a failure in Region A occurs.	Requires additional NSX-T Global Manager nodes in Region B.
SDDC-MGMT-VI-SDN-032	For a dual-region SDDC, set the NSX-T Global Manager cluster in Region B as standby for the management domain.	Enables recoverablity of the NSX-T Global Manager in a second region if a failure in Region A occurs.	None.