In my Last Post I deployed a new NSX Manager appliance configured as the Global Manager to allow me to setup NSX-T Federation, in this post I’ll do the initial configuration and add in my two locations of DC1 and DC2.
First up make sure the Global Manager is powered on 🙂
Then go ahead and login to the web console.
The first thing is to accept the license agreement at which point you’ll be prompted to add an NSX License. NSX-T Federation requires an Enterprise Plus license.
Either click on the MANAGER LICENSES link in the info box at the top or navigate to System, Licenses Then click + ADD
Enter a valid license key and click ADD you’ll then see the license appear in the list.
Next we need to make our Global Manager active and add our locations.
If you go to the System, System Overview page you will see the below message.
Click on the LOCATION MANAGER link or you can get to the same place from the System, Location Manager menu.
Click MAKE ACTIVE
Give the Global Manager a name and click SAVE
Wait for the status to read Active and the cluster to read STABLE.
This next part is only applicable if you have not yet set a VIP on your NSX Managers, to add the NSX Managers at each location we need to connect to the VIP FQDN or IP and not directly to an NSX Manager.
I covered the details on how to deploy a cluster and add a VIP in my 2.5 lab build post HERE But I’ll cover adding a VIP here as well.
Login to your local NSX Manager and navigate to System, Appliances then click SET VIRTUAL IP
Enter the VIP and click SAVE. It will take a few minutes to update the configuration.
Make sure to also add the VIP to DNS.
After a while the screen will refresh and the new VIP will be shown.
You can test it by connecting to the VIP or FQDN and logging in, repeat the process for your other local manager clusters in the other locations.
OK back to the Global NSX Manager.
Click on ADD ON-PREM LOCATION
Enter the Location Name, the FQDN or IP of the local NSX Manager VIP, the Username and Password. Next you will need the Thumbprint.
To get the thumbprint login to the NSX manager and run the command ‘get certificate cluster thumbprint’
NSXTMan01> get certificate cluster thumbprint 48ea447e9d88313b666e41a18275f264065cab8f3236301cca92fc9e26fc9b29
Copy the output and paste it into the SHA-256 Thumbprint box, then click CHECK COMPATIBILITY. You should see the correct NSX version of your local NSX Manager and a nice green tick. Click SAVE
If instead you see the error below then you have probably entered the FQDN/IP of the NSX Manager instead of the VIP so go ahead and correct that now.
Wait for the location Sync Status to say ‘Success’
Then repeat the process to add the other locations.
If we jump back to our local NSX Manager and refresh the page we will see a new menu option. Go to System, Location Manager and we can see the Synch status and details on our remote sites.
We can also reach the local NSX Managers UI from the Global Manager by using the drop-down menu at the top.
The next step is to add the Local vCenter Servers as Compute Managers on the Global Manager.
On the Global Manager navigate to Sytem, Fabric, Compute Managers then click +ADD
Give it a Name, enter the FQDN or IP, change the Port if you need to, enter the Username and Password, you can leave the Thumbprint empty for now.
You can also Enable Trust, which trusts the compute manager for authentication, vCenter 7.0 is required for this.
Finally click ADD
Click ADD on the Thumbprint message
Repeat for the other locations local vCenters.
With that we are done. we can view of our Regions by going to Inventory, Regions we can see that we now have three Regions the DC1 Region containing the DC1 Location, the DC2 Region containing the DC2 location and also the Global region that consists of the DC1 and DC2 Locations.