The next thing we need to setup before we can configure the Avi controller is the NSX-T segments for Management and the VIPs.
It is recommended to have a dedicated tier-1 gateway and segment for the Avi SE management.
You’ll also need to have a T0 configured as normal and these segments must be on the Overlay network Not VLAN backed. You must also ensure that there is external connectivity in place to allow the controller to reach to the Management subnet on this new Overlay Segment.
The controller will be connected to a VLAN portgroup on the vCenter VDS while the SE’s will be connected to the NSX-T Overlay management segment so you’ll need two different network subnets for this and another one for the VIPs.
So to summarise we need the following
- T0 Gateway
- T1 Gateway for Management
- Overlay Segment for SE Management connected to the Management T1
- T1 Gateway for VIP’s this can be the same as the rest of your VM estate.
- Overlay Segment for VIPs connected to the general T1 used by your VM estate.
for the VIPs you can use a segment that already exists if for example you want the VIP to be on the same subnet as your web servers, however the more ideal design is to have a dedicated VIP subnet for all your Virtual Services.
Avi Management Segment
Login to your NSX-T manager and navigate to Networking, Segments then click ADD SEGMENT
Just enter a name, select the correct T1 Gateway, select the Overlay TZ and enter the gateway IP in CIDR then click SAVE then No
Avi VIP Segment
Repeat the above steps this time select the non Management T1.
With that done we can now deploy our controller and configure our NSX-T cloud 🙂
AVI/ALB NSX-T Lab Part 5: – AVI Controller Deployment