After the reconfiguration of my HomeLab workstation machine in Stage XXXII: Workstation Upgrade Again it was time to modify the Lab once again. I was using NSX-V for several years and now it was time to utilize NSX-T inside my environment:
I did not upgrade my NSX-V setup to NSX-T because I modified the server infrastructure and created new (vSAN) clusters. I did a Greenfield Installation….
I set up the first NSX-T Manager and deployed the other ones via the NSX-T Mgr Admin Page.
Next step was the Virtual IP configuration to fully utilize all the NSX-T Managers via one IP
Now it is time to add my vCenter as a Compute Manager within NSX-T:
After the Compute Manager Configuration step, next one is the Transport Zone Creation:
I created two Transport Zones, one for the Overlay and one for the Edges (will be configured later)
Host Transport Nodes
Next logical step is the Transport Node creation. Each ESXi host act as a transport node within NSX-T. I have configured different uplink policies for my different ESXi host network config. Some hosts have 2 x 10GbE, 4 x 10GbE, 2 x 40GbE…..
Edge Transport Nodes
No it is time to deploy NSX-T Edges for your environment. Pretty straight forward process:
Creating an Edge Cluster is very simple and should be done within seconds
Now we can create our network segments (port groups) within the NSX-T Manager. You can create segments for the Overlay or VLAN based segments
We have successfully configured the NSX-T environment including network segments. Now let’s integrate East-West Routing through Tier 1 Gateways:
No, we have a routed setup for VMs (East-West traffic)
What about North-South traffic? For that we need to configure a Tier-0 Gateway:
Static Routes / USG
How can the physical environment communicate with the newly configured NSX-T setup? Via Dynamic routing (BGP) or static routes. In my case: Static Routes
That is the NSX-T static route configuration, here is my physical static route setup on the Ubiquiti USG-XG-8:
The NSX-T setup is now up and running, time for some add-ons. I wanted a load balancer for my tiny App-DB-Webserver setup. First I created a new Tier-1 Gateway for the Load Balancing
I created one Load Balancer with two configurations: One for the HTTPs and one for the HTTP Redirect.
My last step was the Distributed Firewall configuration. I wanted to implement a Microsegmentation. First step is to create Security Groups and add your VMs to it.
The final step is to configure the firewall rules and publish your setup to the transport nodes.
Want to know more about NSX-T? Attend one of the amazing VMware LiveFire Trainings…
Stay tuned for my next #HomeLab stages… There are many more to come.
Here is the next one: Stage XXXIV: Site Recovery Managerhttps://vcdx181.com/stage-xxxiv-site-recovery-manager/