VCF 9 – NSX Edge Cluster Deployment and VPC Configuration – ｇｉｂｓｏｎｖｉｒｔｕａｌｉｚａｔｉｏｎ

The NSX Edge Cluster deployment procedure has changed significantly in VCF 9. When we performed this in previous versions, it was via the SDDC Manager (either by JSON spec or GUI in newer VCF versions). As I mentioned in previous posts, the SDDC Manager is being deprecated, so the Edge deployment has moved into the vCenter GUI.

This deployment method only supports specific deployment scenarios, so if you have more advanced requirements then you still deploy the edges via NSX Manager (no change from older VCF versions).

Browse to the Inventory/Networks in vCenter, and you will see this Network Connectivity tab.

Click “Configure Network Connectivity” and we will see the wizard. There’s 2 deployment modes, we’ll be using Centralized Connectivity which deploys an edge cluster with BGP connectivity to my core network.

Give the edge cluster a name, set the form factor and set the passwords at the bottom of the screen.
Then we click “Add” so we can configure the 2 edge nodes.

I’m following the holodeck standards for edge config.

Repeat with the details for the second edge node. When complete, we’ll see 2 edge nodes listed.

Now we configure our external connectivity – Uplink VLANs and BGP Peer Details

Click “Set” on the gateway uplinks, we’ll start with the details for edge1-mgmt:

Repeat for edge2-mgmt

I’ll cover the VPC stuff later, it’s new functionality to simplify the management of software defined networks – more “cloud-like”.

Click next, then review. If all is ok we can start the deploy.

We see the Uplink PGs created in vCenter:

And the edge VMs are getting deployed:

And on completion we should see the 2 edge nodes deployed and everything healthy:

Now we want to configure the allowed subnets for external connectivity.
I’m going to configure 2 supernets, 10.50.0.0/16 and 10.60.0.0/16
Then we can configure a VPC for our Workloads and break the supernets into subnets. This is the equivalent of creating a T1 Gateway & Segments.

Now we can create a new VPC for the domain:

Give the VPC a name and click save.
For this example we can leave the Private VPC details blank. This option is used for subnets that are Internal-Only to the SDDC. We’re using external addresses which will be advertised via BGP into the rest of the network.

Now I’m going to create some subnets. For the example I’ll be using the subnets we normally define as AVNs in 5.x Holodeck.

Now we can see the details about the subnets with some stats:

And we can also see that 10.50.0.0/24 and 10.60.0.0/24 have been advertised into the rest of the network:

show ip route on TOR-1:

show ip route on TOR-2

And that’s it! We’ve seen the new process to deploy the edge cluster, and provide software defined connectivity to the rest of the datacenter.

Traceroute in Photon OS

Byjarrad 2022-06-272025-02-25

I recently had to troubleshoot a network connectivity issue, and was seeing some strange behaviour when comparing the Windows Client -> Photon Server trace to the same in the reverse direction. From Photon to Windows I was getting timeouts, and the trace never completed. When Windows was the source, it worked fine. After some research,…

VCF | VMware

VCF 9 – Certificate Replacements

Byjarrad 2025-06-182025-06-18

We have a new and improved workflow for Certificates in VCF 9:ESX Certificates now supported in the Operations Console!Auto-renewal now supported if you are using the CA Integration! First, we configure the integration with a Microsoft CA Now we can generate a CSR, and replace the certs directly from the CA. After a few minutes,…

VCF | VMware | vSAN

VMware Cloud Foundation 5.1 vSAN ESA Deployment

Byjarrad 2023-11-162025-02-25

VMware Cloud Foundation 5.1 now brings support for vSAN ESA! In this blog post, I’ll discuss the pre-requisites and show an example of how to deploy a new workload domain that can support vSAN ESA. For further information and deep-dives on vSAN ESA, check out VMware vSAN Blogs. Pre-Requisites: VCF 5.1: I’m using a VMware…

Aria/vRealize | VMware

Aria Lifecycle – Logs Cluster Scale-Out

Byjarrad 2023-08-012025-02-25

Today we’ll be performing a “scale-out” operation for Aria Operations for Logs (formerly vRealize Log Insight) using Aria Lifecycle. This workflow would be used if you find your Logs cluster is under-resourced and you wanted to add additional worker nodes, or if you wanted to scale out from a single node to enable a high…

Holodeck | PowerCLI

Code Snips – Holodeck DRS Rules

Byjarrad 2025-01-092025-02-25

There’s some tasks that I always like to do after deploying a fresh holodeck environment.This example shows how to automatically configure DRS rules to pin the vCenter to the first ESX host, and NSX to the second ESX host. This helps me easily find the VMs when starting up the environment. Here’s a PowerCLI example…

Holodeck | PowerCLI

Code Snips – Holodeck vApp Start Order

Byjarrad 2025-01-092025-02-25

When deploying Holodeck, I like to add the VMs to a vApp so I can power-up/power-down the environment from one place. Because this is running vSAN, we want all the nodes to power up simultaneously to minimise any potential issues with the vSAN consistency.When we create a vApp, the VMs will just get added to…

Related

Similar Posts