LATEST VERSION: v1.4 - RELEASE NOTES
Pivotal Container Service v1.3

Deploying NSX-T v2.4 for Enterprise PKS

Page last updated:

To deploy NSX-T for Pivotal Container Service (PKS), complete the following set of procedures, in the order presented.

Note: The instructions provided in this topic are for NSX-T v2.4. If you are using NSX-T v2.3.1, see Deploying NSX-T v2.3.1 for Enterprise PKS.

Prerequisites

Before you begin this procedure, ensure that you have successfully completed all preceding steps for installing PKS on vSphere with NSX-T, including:

NSX-T v2.4 Management Interfaces

This section describes the NSX-T v2.4 management interface options, differences, use cases, and recommendations.

Note: NSX-T v2.4 implements a new Policy API and a new NSX Manager user interface (UI) based on the Policy API. Enterprise PKS does not support the Policy API or Policy-based UI. Enterprise PKS supports the NSX Management API, which is exposed via the “Advanced Networking” tab of the of the NSX Manager UI. When installing and configuring NSX-T v2.4 for use with Enterprise PKS, use the “Advanced Networking” tab to create any required networking objects.

Interface Options

With NSX-T 2.4 you have two options to interact with NSX Manager:

  1. Simplified UI/API

    • New declarative interface introduced in NSX-T 2.4 that uses the new Declarative API/Data Model (Policy API).
    • The NSX-T Container Plugin (NCP) that is embedded in the Enterprise PKS tile does not support the Policy API at this time.
    • You cannot use the Simplified UI/API to manage NSX-T for use with Enterprise PKS upgrades and new installations.
  2. Advanced UI/API

    • Legacy imperative interface based on the NSX Management API.
    • Provides the NSX-T v2.3 user interface to address Enterprise PKS installation and upgrade use cases. Currently NCP only supports the Management API.
    • The Advanced UI/API will be deprecated over time; all features and use cases will eventually be transfered to the Simplified UI/API.

As shown in the picture below, for all Enterprise PKS workloads, use the Advanced Networking and Security tab to create, read, update, and delete required network objects. For NSX-T host perparation and configuration, such as deploying NSX Managers and Edge Nodes, use the System tab. Do not use the “Simplified UI” for Enterprise PKS objects.

NSX-T v2.4 User Interface

Note: The NSX-T Container Plugin (NCP) that is embedded in the Enterprise PKS tile does not currently support the Policy API. Make sure you use the **Advanced Networking and Security** tab of the of the NSX Manager UI when configuring NSX-T for use with Enterprise PKS.

Upgrading to Enterprise PKS v1.4 and NSX-T v2.4

In the case of upgrade from NSX-T v2.3 to v2.4, the existing NSX-T v2.3 configuration is copied to NSX-T v2.4 under the Advanced Networking and Security tab. The network objects required by PKS can only be managed from this user interface. In other words, this configuration will not be shown in the Simplified UI. When you upgrade to NSX-T v2.4, the Simplified UI will show a information banner that indicates the objects are available in the “Advanced Networking” tab.

For instructions on upgrading NSX-T from v2.3 to v2.4 for Enterprise PKS, see Upgrading Enterprise PKS with NSX-T.

Installing Enterprise PKS v1.4 with NSX-T v2.4

To perform a new installation of NSX-T v2.4 with Enterprise PKS v1.4, complete the steps.

  1. Prepare for Installing NSX-T 2.4.
  2. Install NSX Manager using the System tab.
  3. Deploy Additional NSX Manager Nodes to Form a Management Cluster using the System tab.
  4. Assign a Virtual IP Address and Certificate to the NSX-T Manager Cluster using the System tab.
  5. Install One or More Pairs of NSX Edge Nodes using the System tab.

    Warning: For Enterprise PKS you must install a large size VM form factor or the bare metal Edge Node. See Deploy NSX Edge Nodes for more information.

  6. Create an NSX Edge Cluster using the System tab.
  7. Join NSX Edge Nodes with the Management Plane using the System tab.
  8. Enable Repository Service on NSX Manager. Repeat this step for each NSX Manager.
  9. Create an IP Pool for Tunnel Endpoint IP Addresses using the System tab.
  10. Create Overlay and VLAN Transport Zones using the System tab.
  11. Create an Uplink Profile using the System tab.
  12. Create Edge Transport Nodes using the System tab.
  13. Configure Edge Nodes for HA using the System tab.
  14. Prepare ESXi Hosts as Transport Nodes for NSX-T using the System tab.
  15. Create a Tier-0 Logical Router using the Advanced Networking and Security tab in NSX Manager.
  16. Create the Enterprise PKS Management Plane using the Advanced Networking and Security tab in NSX Manager.
  17. Create the PKS Compute Plane using the Advanced Networking and Security tab in NSX Manager.
  18. Deploy Ops Manager 2.4.3+.
  19. Generate and Register the NSX Manager Cluster Certificate (if you have not already done so).
  20. Configure BOSH Director with NSX-T for Enterprise PKS.
  21. Generate and Register the NSX Manager Superuser Principal Identity Certificate and Key.
  22. Create NSX-T Objects for Enterprise PKS using the System tab in NSX Manager.
  23. Install Enterprise PKS on vSphere with NSX-T v2.4.

Please send any feedback you have to pks-feedback@pivotal.io.

Create a pull request or raise an issue on the source for this page in GitHub