Once the NSX Manager appliance has been deployed and is accessible via https://nsxmgr-01a.corp.local, the next step is to register the NSX Manager as a solution against your vCenter deployment. NSX Manager and a vCenter server have a 1:1 relationship, and it's important to ensure that no other NSX Manager has previously been registered.
The following are things you need to consider before pairing the NSX Manager with the vCenter server:
- Solution interoperability has been verified
- vCenter server and vSphere environment are in a healthy state
- Platform Services Controller (PSC) Fully Qualified Domain Name (FQDN) can be resolved
- vCenter server FQDN can be resolved
- vCenter and PSC time settings are verified
- A service account with administrator role in vCenter has been created for the NSX Manager to use for registration; for further information refer to Chapter 9, Managing User Accounts in VMware NSX
- TCP port
443connectivity is required from the NSX Manager to the platform services controller and the vCenter server
Note
vCenter server and platform services controller high availability options have been consulted to ensure the vCenter and PSC environment are set up as per VMware recommendations. For further information on supported vCenter high availability options, refer to the VMware KB article 1024051 (https://kb.vmware.com/kb/1024051).
The following section describes the steps to integrate NSX Manager with the vCenter server and the platform services controller, which are the first steps in enabling your environment for NSX.
The following are the steps to pair the NSX Manager with the vCenter server:
- Log into the NSX Manager web administration page:
https://nsxmgr-01a.corp.local - Navigate to
Manage|NSX Management Services, and on theLookup Service URLclick onEdit
- Type the Lookup Server Host as the PSC FQDN or vCenter Server FQDN if using an embedded PSC
- For SSO Administrator
Use Name, use the service account credentials defined - Click on
OKto complete - When presented with the Trust Certificate dialog box, verify the SSL certificate thumbprint and click on
Yes:
- For SSO Administrator
In this section we will register the NSX Manager with the Platform Services Controller for Single Sign-On services:
- Navigate back to the NSX management service web page on the NSX Manager web administration page:
https://nsxmgr-01a.corp.local - On the vCenter Server menu, click on
Edit:- Type the vCenter Server FQDN
- Type the service account credentials for the vCenter Service account and click on
OK:
- When presented with the Trust Certificate dialog box, verify the SSL certificate thumbprint and click on
Yes
- When presented with the Trust Certificate dialog box, verify the SSL certificate thumbprint and click on
The NSX Manager registers the com.vmware extension. This extension is installed on the vSphere web server as a plugin. When the plugin is installed onto the vSphere web server, any users that were logged in during integration will need to log out of the vSphere Web Client before they can start to consume the Networking & Security interface.
Note
It is important to note that the account used from the NSX Manager to connect to vCenter server will be given enterprise administrator credentials. The NSX Manager uses the vSphere API to perform functions such as deploying service virtual machines, instructing the EAM service to prepare ESXi hosts, creating distributed portgroups, and other vSphere operations that it needs for NSX operations.
If the event registration fails with the platform services controller, check the following commons issues first:
- NTP Synchronization (time) for NSX Manager, platform services controller, and vCenter server is correct and aligned
- DNS resolution for all components
- Firewall ports are open if the NSX Manager and the PSC/vCenter server are separated in different security zones