With the release of NSX-T 3.1 a few days ago there were several enhancements added to the product and one very big one.
Standby Global Managers! With this addition Federation is now deemed to be production ready, the only thing really that is missing is the ability to maintain Security Tags when failing VM’s over with SRM. That is still in development and no date is yet released for when it will be supported but that doesn’t stop you from using SRM to fail vM’s over just don’t use Security Tags with them.
So let’s build our lab and add the standby Global Manager.
The first step is to deploy a new Global NSX-T Manager in the DR site.
Once it’s deployed and up and running login and configure the Cluster VIP you can also deploy an additional 2 Managers if you need to, for a production deployment you need to do deploy the two additional managers now before you configure as a standby as it will not allow you to add them later.
Then SSH to the Manager and run this command.
get certificate cluster thumbprint
Copy the thumbprint as we will need it in the next step.
Next login to the Global NSX-T Manager in the Primary site, check out the new Dark mode UI 😀
Go to System, Location Manager You will see a prompt ‘We recommend a standby Global Manager for high availability of this service.’
An additional thing to note here which is new in 3.1 is that it is now supported to run a production deployment using just 1 Global and Local NSX-T manager on each site. I’d still recommend running a cluster of three as the control plane will be down if your single Local Manager dies but its good to know that singleton managers protected by vSphere HA are now supported as some customers are resource constrained.
Enter a name for the Global Manager unlike when I deployed the Primary Global Manager this one now cannot include any spaces, enter the FQDN or IP of the VIP, enter the username and password. Now paste in the cluster thumbprint that you got earlier and click CHECK COMPATIBILITY you should get the version to show with a green tick. Now click SAVE
We can now see the Active and Standby GM’s running
On my lab from the Active Global Manager I can see the Sync status as Success but from the UI of the Standby Global Manager it still shows as Not Available. I can force a Sync by selecting ACTIONS, Force Sync
Then click YES
For my lab it took a while and potentially a site failover to get this to show as Sync Successful on both sides but anyway it’s working for me 🙂
To remove a Standby Global Manager simply login to the Active Global Manager go to System, Location Manager. Select ACTIONS then click Remove
At the prompt clikc REMOVE
You will then be back to where you were before you started.