Learning NSX-T-Part 5: NSX Controllers Manual Deployment & Clustering

In last post of this series, we learnt how to deploy NSX-T controllers automatically via NSX manager and we saw its pretty much same as deploying controllers in a NSX-V environment. 

In this post we will learn how to deploy the NSX controllers manually. 

If you are not following along this series, then I recommend reading earlier posts of this series from below links:

1: Introduction to NSX-T

2: NSX-T Architecture

3: NSX Manager Deployment

4: NSX Controllers Automated Deployment

Manual steps are a bit lengthy and complex so we have to be careful with the sequence of commands which we will be running to form controllers cluster. Before deploying the controller nodes, make sure following prerequisites are met:

  • vCenter Server and ESXi hosts are deployed.
  • Esxi hosts have been added to vCenter and networking and storage configuration on hosts are in place. 
  • NSX Manager is deployed.
  • ESXi host must have enough CPU, memory, and hard disk resources to support controller deployment.

Manual deployment steps are as follows:

1: Deploy controller node.

This is the first controller node that will be deployed. Deployment is a straight forward ovf deployment task as shown in below slideshow.

This slideshow requires JavaScript.

Once the first controller boots up, verify that it has got the correct  IP address which was set during OVF deployment.


Step 2: Obtain NSX Manager API thumbprint.

We need this thumbprint in next step when we will be manually joining the first controller node to NSX Manager. To obtain this thumbprint, follow below steps:

  • Login to NSX manager via SSH
  • Run command : get certificate api thumbprint

Step 3: Join NSX Controller with the NSX Manager.

Run below command on controller node to join it to NSX manager

# join management-plane NSX-Manager-IP-address username admin thumbprint <NSX-Manager-thumbprint>


Step 4: Verify that controller has joined NSX Manager

Step 5: From NSX manager verify that the first controller is now listing.

Run the get management-cluster status command to do so.

Step 6: Initialize the Control Cluster to Create a Control Cluster Master.

Run following commands on the first controller to make it master of the cluster.

b: Run the initialize control-cluster command to make the first controller the control cluster master.

c: Verify that is master and in majority are true, the status is active, and the Zookeeper Server IP is reachable, ok.

Now if you login to NSX Manager, you will see the cluster and manager connectivity status as Up for the first controller node


Step 7: Deploy the 2nd and 3rd controller vm’s.

Step 8: Repeat Step-3 for both the newly deployed controller nodes and verify that they have joined the management plane. 

Step 9: Join 2nd and 3rd controllers to controllers clusters by following below steps:

9a: Open an SSH session for 2nd and 3rd controller appliances.

9b: On the 2nd and 3rd controller nodes, run below command

# set control-cluster security-model shared-secret <Secret-Paassword>

Note: Use the same password used in Step 6. Example shown below:

9c: Get certificate thumbprint of controller 2 and 3 nodes. 

9d: SSH to controller-1 (master node) and run below command to form cluster with controller-2 and 3

Important: Below command should always be run from master node and always use controller 2/3 IP address and not the hostname.

# join control-cluster <NSX-Controller2-IP> thumbprint <nsx-controller2’s-thumbprint>


Make sure that NSX-Controller 2 has joined the cluster by running the get control-cluster status command.

9e: On both NSX Controller 2 and 3 nodes run the command: activate control-cluster

Note: Do not run the activate commands on both controllers node in parallel. Make sure each activation is complete before activating another controller.

The second controller is now added to cluster and both manager and cluster connectivity is up.

And that’s it for this post. In next post of this series we will perform host preparation task. 
I hope you enjoyed reading this post. Feel free to share this on social media if it is worth sharing. Be sociable :)