NSX on AWS (Or Google Cloud) – Part 2

Now that we have ESX and VCenter installed on AWS and/or Google Cloud, let’s focus on NSX. This time we will deploy our management and “prod” VMs in a nested environment. The NSX installation/configuration is quite standard there are only a few differences that we will outline in this post, hence the lack of details. If you need more information on how to install and configure NSX, this page for example, is great!

First of all, let’s add our ESX machines to our VCenter server, making 1 DC, and 2 clusters,

– 1 MGMT (Management) Cluster for NSX manager and controllers

– 1 PRD (Production) Cluster for compute resources and VXLANs

Your setup should look like this:

Screen Shot 2015-08-09 at 9.53.44 PM

(ignore the VMs for now, we will get to them soon)

Now let’s deploy NSX manager (right click on your MGMT cluster and choose deploy OVF), the rest is pretty obvious, choose an IP in your 192.168.1.X/24 range (I picked 1.200) and follow the prompts. Just don’t tick “Power on VM” on the last screen as we will lower the VM resource consumption.

Once the manager is deployed, right click and edit its settings and change the specs to 2VCPUs (down from 4) and 8192MB of RAM (down from 12GB), and power on the VM.

After a few minutes, you should be able to access the interface, username “admin” password is what you chose during the deployment.

Make sure that all the NSX services are running:


Screen Shot 2015-08-09 at 10.01.00 PM

Then, go to “Manage” and NSX management service and configure your lookup service and your vcenter server association.

Screen Shot 2015-08-09 at 10.02.39 PM

Configure NTP as well (it’s important), and other parameters relevant to your configuration.

Once done, the Networking & Security section should appear in the VCenter Web UI, click on it and select “installation”, then go to Management, and add a controller node.

Screen Shot 2015-08-09 at 10.06.46 PM

Next step is the host preparation, click on the Host Preparation tab and prepare your PRD Cluster.

Then go to Logical Network Preparation, create a unicast zone, configure your segment ID, and finally your VXLAN transport.

Screen Shot 2015-08-09 at 10.10.40 PM

It’s time to create our first VXLAN (aka logical switch):

Screen Shot 2015-08-09 at 10.12.01 PM

You should now be able to deploy a few VMs and connect them to your logical switch, and test the connectivity. We will re-use them for the 3d and final part of this document.