_____ ______ ______ _____ _ _ ______
/ ___|| _ \| _ \/ __ \ | | | | |___ / Developed By
\ `--. | | | || | | || / \/ | | __ _ | |__ __ __ / / --------------------------
`--. \| | | || | | || | | | / _` || '_ \ \ \ / / / / Rutger Blom & Luis Chanu
/\__/ /| |/ / | |/ / | \__/\ _ | |____| (_| || |_) | \ V / ./ / NSX vExpert VCDX #246
\____/ |___/ |___/ \____/ (_) \_____/ \__,_||_.__/ \_/ \_/
- Configure your physical network
- Configure your physical ESXi host
- Install your Ansible Controller
- Prepare your Pod configuration files
- Create your software library
- Generate your Pod configuration
- Start your Pod deployment
- Import SDDC.Lab default credentials
- Access your Pod's components
For detailed information regarding the Pod networking, please see the README file.
As setting up the physical networking is one area where many of our users run into issues, we are providing a sample configuration from a working environment. The configuration is provided "as-is", without any support, warranty, or guarantees. The configuration may require additional modifications for your environment.
| Manufacturer | Switch Model | Configuration File |
|---|---|---|
| Cisco Systems | Nexus 3048 | Cisco Nexus 3048 Configuration |
The scripts support deploying Pods on a standalone ESXi host or on ESXi managed by vCenter. ESXi/vCenter must be on version 6.7 or newer. Regardless of deployment target you need to make sure that the following is availble to the ESXi host(s):
- A datastore where the Pod VMs will be stored
- A portgroup configured with the VLAN ID of the Router Uplink segment (i.e. Lab-Routers)
The Ansible controller is the machine from which you will run the Ansible scripts. We recommend installing a modern version of Ubuntu on a dedicated virtual machine. This VM can be connected to any VLAN as long as it:
- Can access the physical ESXi host or the vCenter Server
- Can reach the Router Uplink segment and the Pod networks behind the VyOS router
- Has Internet access
After you've installed the Ubuntu OS and applied the latest updates, some additional software is required to turn this machine into an Ansible controller for your SDDC.Lab Pods. You can simply copy and paste the commands below. Installation of the additional software will only take some minutes. This project requires Ansible version 2.12.x.
-
Update package information\
sudo apt update -
Python, pip, xorriso, and git:\
sudo apt install python3 python3-pip python-is-python3 xorriso p7zip-full git -
The SDDC.Lab repository cloned to an appropriate location on your Ubuntu machine (e.g. $HOME/git/SDDC.Lab) with:\
git clone https://github.com/rutgerblom/SDDC.Lab.git ~/git/SDDC.Lab -
Ansible and the required Python modules:\
pip3 install --upgrade -r ~/git/SDDC.Lab/pip3_requirements.txt -
Update your PATH environment variable by doing the following:\
source ~/.profile -
The required Ansible modules:\
ansible-galaxy collection install --upgrade -r ~/git/SDDC.Lab/requirements.yml
After cloning the repository you will end up with a directory called "SDDC.Lab" with the following contents:
hosts
images
library
module_utils
playbooks
plugins
templates
utils
ansible.cfg
CHANGELOG.md
FirstPod.md
README.md
config_sample.yml
Deploy.yml
licenses_sample.yml
software_sample.yml
templates_sample.yml
UnDeploy.yml
Four files in the root of the ~/git/SDDC.Lab directory require your attention:
config_sample.ymllicenses_sample.ymlsoftware_sample.ymltemplates_sample.yml
Start by creating your own copies based on the sample configuration files:
cp ~/git/SDDC.Lab/config_sample.yml ~/git/SDDC.Lab/config.yml
cp ~/git/SDDC.Lab/licenses_sample.yml ~/git/SDDC.Lab/licenses.yml
cp ~/git/SDDC.Lab/software_sample.yml ~/git/SDDC.Lab/software.yml
cp ~/git/SDDC.Lab/templates_sample.yml ~/git/SDDC.Lab/templates.yml
This file contains all of the configuration and settings for the Pod you're about to deploy. Its contents are organized in several different sections and data structures.
There are many settings that you can change, but only a few that you must change. Especially when deploying your first Pod we strongly recommend that you keep changes to a minimum.
-
The table below contains the settings that must match your environment:
Setting Description Default Value Common.Password.PhysicalThe password used to log in as root (standalone ESXi) or as [email protected] (vCenter) VMware1!Common.DNS.Server1.IPv4/IPv6The IP address of the DNS server to be used by the nested environment. You only need to change this if you decide not to deploy the SDDC.Lab DNS/NTP server 10.203.0.5/fd00::5Common.NTP.Server1.IPv4/IPv6The IP address of the NTP server to be used by the nested environment. You only need to change this if you decide not to deploy the SDDC.Lab DNS/NTP server 10.203.0.5/fd00::5TargetConfig.DeploymentThe deployment target. Can be either "Host" or "vCenter" HostTargetConfig.Host/vCenter.FQDNThe FQDN of your physical ESXi host or your vCenter Server Host32.NetLab.Home/NetLab-vCenter.NetLab.LocalTargetConfig.vCenter.DataCenterThe DataCenter object where the lab Pods are deployed (only required when deploying to vCenter) SDDCTargetConfig.vCenter.ClusterThe vSphere cluster within DataCenter wher the lab Pods are deployed (only required when deploying to vCenter) Lab-ClusterTargetConfig.Host/vCenter.DatastoreThe datastore that will be used to store Pod VMs Local_VMs/Shared_VMsTargetConfig.Host/vCenter.PortGroup.UplinkThe portgroup that connects your Pod to the transit segment (e.g. the physical network) Lab-RoutersNested_Router.ProtocolThe routing protocol used for routing traffic between your Pod and your physical network. Valid options are "Static", "BGP", "OSPF" or "BOTH" (OSPF and BGP) BOTH
Change either your environment or these settings so that they match.
Licenses.yml contains the licenses that you want to assign to the software within the Pod. Just like config.yml this file is organized in a data structure.
The file contains many example entries which you are free to change or remove. A typical licenses.yml might look something like this:
---
License:
VMware:
vCenter:
Name: vCenter Server
Licenses:
- Quantity: 2
Version: "7.[0-9]"
Measure: Instance
KeyCode: XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
Edition: Standard
Comment:
ESXi:
Name: vSphere ESXi Host
Licenses:
- Quantity: 16
Version: "7.[0-9]"
Measure: CPU
KeyCode: XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
Edition: Enterprise Plus
Comment:
NSXT:
Name: NSX Transformers
Licenses:
- Quantity: 16
Version: "[23].[0-9]"
Measure: CPU
KeyCode: XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
Edition: Enterprise Plus
Comment:
vSAN:
Name: vSAN
Licenses:
- Quantity: 16
Version: "[7].[0-9]"
Measure: CPU
KeyCode: XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
Edition: Enterprise
Comment:
vRLI:
Name: vRealize Log Insight
Licenses:
- Quantity: 25
Version: "[8].[0-9]"
Measure: OSI
KeyCode: XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
Edition: N/A
Comment:
Are license keys required? Only for NSX-T. The other components will deploy fine without license keys and are operational for a limited amount of time.
NSX-T license keys can be obtained via VMUG Advantage or the NSX-T Product Evaluation Center.
Software.yml contains a data structure with the software that can currently be deployed using the scripts. It's used by most of the Ansible scripts as well. The directory structure of the software library is based on the entries in this file.
You would normally not make any changes to this file and even more so when you're deploying your first Pod. Leave it as it is.
Now that your configuration files have been prepared, you can continue with creating the software library. The first thing you need to do is create the software library's directory structure. We've created an Ansible script that does this for you. Simply run:
sudo ansible-playbook ~/git/SDDC.Lab/utils/Util_CreateSoftwareDir.yml
This script creates an empty directory structure at /Software on your Ansible controller that will look something like this:
/Software/
├── Ubuntu
│ └── Server
│ └── v20.04.1
├── VMware
│ ├── ESXi
│ │ ├── v6.7.0U3B
│ │ ├── v7.0.0
│ │ └── v7.0.0B
│ ├── NSX-T
│ │ ├── v3.0.0
│ │ ├── v3.0.1
│ │ └── v3.0.1.1
│ ├── vCenter
│ │ ├── v6.7.0U3B
│ │ ├── v6.7.0U3G
│ │ ├── v7.0.0
│ │ ├── v7.0.0A
│ │ ├── v7.0.0B
│ │ └── v7.0.0C
│ └── vRLI
│ └── v8.1.1
└── VyOS
└── Router
├── Latest
└── v1.1.8
The next step is to populate the structure with the required installation media. Some deployment scripts will download the installation media for you when it's missing in the software library. Currently both Ubuntu Server and VyOS Router are downloaded when absent. VMware products always need to be downloaded by you.
In config.yml under Deploy.Software you can see (and change) which version of a particular software is going to be deployed and thus needs to be present in the software library. The default setting is to deploy the latest supported combination of versions. For your first Pod we recommend that you leave it like that.
A populated software library could look something like this:
/Software/
├── Ubuntu
│ └── Server
│ └── v20.04.1
├── VMware
│ ├── ESXi
│ │ ├── v6.7.0U3B
│ │ ├── v7.0.0
│ │ └── v7.0.0B
│ │ └── VMware-VMvisor-Installer-7.0b-16324942.x86_64.iso
│ ├── NSX-T
│ │ ├── v3.0.0
│ │ ├── v3.0.1
│ │ └── v3.0.1.1
│ │ └── nsx-unified-appliance-3.0.1.1.0.16556500.ova
│ ├── vCenter
│ │ ├── v6.7.0U3B
│ │ ├── v6.7.0U3G
│ │ ├── v7.0.0
│ │ ├── v7.0.0A
│ │ ├── v7.0.0B
│ │ └── v7.0.0C
│ │ └── VMware-VCSA-all-7.0.0-16620007.iso
│ └── vRLI
│ └── v8.1.1
│ └── VMware-vRealize-Log-Insight-8.1.1.0-16281169_OVF10.ova
└── VyOS
└── Router
├── Latest
└── v1.1.8
You can now continue with generating your Pod configuration. This is the process where all of your settings are combined into a static configuration file. To generate this configuration file you run:
ansible-playbook ~/git/SDDC.Lab/playbooks/CreatePodConfig.yml
The script needs to know where your configuration file is located:
In which directory is the Pod-Config file you want to have prepared located? [/home/ubuntu/git/SDDC.Lab/]:
The default path is the current working directory. If this is correct you simply press <Enter>.
The script then wants to know the name of your configuration file:
What is the name of the configuration file that you would like to have prepared? [config.yml]:
If you have been following this guide, the name of your configuration file will be config.yml and you can simply press <Enter> here.
The static configuration file is now generated. On average this process will take between 5-15 minutes, but may vary depending on the size of your lab, and the speed of your Ansible controller.
The static configuration file will have the following name format Pod-<SiteCode>-Config_VCSAv<Version>_ESXIv<Version>_NSXTv<Version>_Fed-N.yml.
Finally, it's time to deploy the newly created static configuration file. In order to do that, you simply run the following two commands:
cd ~/git/SDDC.Lab
ansible-playbook -e "@~/Pod-<SiteCode>-Config_VCSAv<Version>_ESXIv<Version>_NSXTv<Version>_Fed-N.yml" Deploy.yml
To expedite and simplify access to your Pod, it's suggested that you import the SDDC.Lab default credentials into your browser. For instructions on how to accomplish this, please see the SDDC.Lab Default Credentials section in the README.md file.
Once the Pod deployment successfully completes, you can access the Pod components using your web browser by going to the respective component URL of your Pod (Please substitute ### with your 3-digit Pod number):
| Component Name | Component URL |
|---|---|
| vCenter Server | https://Pod-###-vCenter.SDDC.Lab/ui |
| NSX Local Manager | https://Pod-###-NSXT-LM.SDDC.Lab |