Install NSX Edge Nodes for Enterprise PKS

Page last updated:

This topic provides instructions for installing NSX Edge Node VMs on vSphere for use with Enterprise PKS.

Prerequisites

Make sure you have completed all preceding NSX-T installation tasks.

About Deploying NSX-T Edge Nodes for Enterprise PKS

NSX Edge Nodes provide the bridge between the virtual network environment implemented using NSX-T and the physical network. Edge Nodes for Enterprise PKS run load balancers for PKS API traffic, Kubernetes pod load balancer services, and pod ingress controllers. See Load Balancers in Enterprise PKS for more information.

Enterprise PKS supports the NSX Edge Node large VM form factor (8 vCPU, 32 GB of RAM, 200 GB of disk space) and the bare metal Edge Node. The Edge Node VM can only be deployed on Intel-based ESXi hosts. See NSX Edge VM System Requirements in the NSX-T Data Center documentation.

For high-availability Edge Nodes are deployed as pairs within an Edge Cluster. The minimum number of Edge Nodes per Edge Cluster is 2; the maximum is 10. In NAT mode, Enterprise PKS supports active/standby Edge Node failover. In standby mode, the standby load balancer is not available for use while the active load balancer is engaged. If No NAT mode is used, active/active can be used.

The default size of the load balancer deployed by NSX-T for a Kubernetes cluster is small. The size of the load balancer can be customized using Network Profiles.

In NSX-T a load balancer is deployed on the Edge Nodes as a virtual server. The following virtual servers are required for Enterprise PKS:

  • 1 TCP layer 4 virtual server for each Kubernetes service of type:LoadBalancer
  • 2 layer 7 global virtual servers for Kubernetes pod ingress resources (HTTP and HTTPS)
  • 1 global virtual server for the PKS API

To determine the maximum number of load balancers per Edge Cluster, multiply the maximum number of load balancers for the Edge Node type by the number of Edge Nodes and divide by 2. For example, with 10 Large VM Edge Nodes in an Edge Cluster, you can have up to 200 small load balancer instances (40 x 10/2), or up to 20 medium LB instances (4 x 10/2). See Scaling Load Balancer Resources in the NSX-T Data Center documentation for more information.

Note: Because of the load balancer requirements for Enterprise PKS, you cannot use the small or medium Edge Node VM sine since these form factors do not support a sufficient number of virtual servers. You must install a large size Edge Node VM or the bare metal Edge Node for Enterprise PKS.

Install a NSX Edge Node Large VM Using the vSphere Client

The NSX Edge Node VM is provided as an OVA file named the NSX Edge VM that you import into your vSphere environment and configure.

Complete the following steps to install an NSX Edge Node Large VM using the vSphere Client. To install an NSX Edge Node VM using the ovftool CLI, see the NSX-T Data Center documentation

Note: Repeat the deployment and verification process for each NSX Edge Node you intend to use for Enterprise PKS.

  1. Locate the NSX-T Data Center OVA file and download it to your local machine, for example nsx-edge-VERSION.ova.

  2. Log in to vCenter using the vSphere Client.

  3. In the vSphere Client, select the Resource Pool where you want to install NSX-T Data Center.

  4. Right-click and select Deploy OVF Template to start the installation wizard.

  5. At the Select an OVF template screen:

    • Select the Local file option
    • Click Choose Files
    • Navigate to where you downloaded the OVA file and select it
    • Click Next
  6. At the Select a name and folder screen:

    • Enter a name for the NSX Edge VM, such as nsx-edge-1
    • Select the Datacenter for the VM deployment
    • Click Next
  7. At the Select a compute resource screen:

    • Select the infra resource pool where the NSX Edge VM will be deployed
    • Click Next
  8. At the Review details screen, verify the OVF template details and click Next.

  9. At the Configuration screen, select the Large size VM and click Next.

    Warning: You must select the large size Edge Node VM. See About Deploying NSX-T Edge Nodes for Enterprise PKS.

  10. At the Select storage screen:

    • Select the vsanDatastore if you are using vSAN, or a dedicated datastore if you are not using vSAN
    • Click Next
  11. At the Select networks screen, select the Destination Network for each of the Source Networks. Be sure to connect the vNICs of the NSX Edge VM to an appropriate PortGroup for your environment.

    • Network 0: For management purposes. Connect the first Edge interface to your environment’s PortGroup/VLAN where your Edge Management IP can route and communicate with the NSX Manager.
    • Network 1: For TEP (Tunnel End Point). Connect the second Edge interface to your environment’s PortGroup/VLAN where your GENEVE VTEPs can route and communicate with each other. Your VTEP CIDR should be routable to this PortGroup.
    • Network 2: For uplink connectivity to external physical router. Connect the third Edge interface to your environment’s PortGroup/VLAN where your T0 uplink interface is located.
    • Network 3: Unused (select any port group)
    • Click Next
  12. At the Customize Template screen, configure the following settings:

    • System Root User Password (must comply with password strength restrictions)
    • CLI “admin” User Password (must comply with password strength restrictions)
    • CLI “audit” User Password (must comply with password strength restrictions)
    • Hostname: for the NSX Edge VM, such as nsx-edge-1
    • Default IPv4 Gateway: The default gateway for the NSX Manager VM
    • Management Network IPv4 Address: The IPv4 address for the first network interface
    • Management Network Netmask: The netmask for the first interface
    • DNS Server List: One or more DNS servers (space-separated if multiple)
    • NTP Server List: One or more NTP servers (space-separated if multiple)
    • Enable SSH: Select Enable SSH (by default this option is disabled for security reasons)
    • Allow root SSH logins: Enable this option to (by default this option is disabled for security reasons)
    • Click Next
  13. At the Ready to complete screen:

    • Verify that the OVF template specification is accurate
    • Click Finish to begin the installation. The installation will approximately 10 minutes to complete
  14. Use the Recent Tasks panel at the bottom of the vCenter screen to view the progress of the OVA deployment.

  15. Repeat this process for nsx-edge-2, and for each additional NSX Edge Node you intend to use for Enterprise PKS.

Verify NSX Edge Node VM Installation

See Verify NSX VM Deployment for Enterprise PKS.

Next Step

See Join Each NSX Edge Node with the Management Plane.

NSX-T Installation Instructions Home

Installing and Configuring NSX-T for Enterprise PKS.


Please send any feedback you have to pks-feedback@pivotal.io.