Create an NSX-T cloud account in VMware Aria Automation
NSX-T
cloud account in VMware Aria Automation
For network and security purposes, you can create an
NSX-T
cloud account and associate it with one or more vCenter
cloud accounts.- Verify that you have the required administrator credentials and have enabled HTTPS access on port 443. See Credentials required for working with cloud accounts in VMware Aria Automation.Also Verify that you have properly configured your ports and protocols to support the cloud account. See theSystem Requirementstopic inInstallingand theVMware Aria Automationwith Easy InstallerPort Requirementstopic inReference Architecture Guide. Both publications are available on theVMware Aria Automationproduct documentation page.
- Verify that you have the cloud administrator user role. See What are the VMware Aria Automation user roles.
- Verify that you have avCentercloud account to use with thisNSXcloud account. See Create a basic vCenter cloud account in VMware Aria Automation.
For related information, see VMware NSX Documentation.
An
NSX-T
cloud account can be associated to one or more vCenter
cloud accounts. However, an NSX-V
cloud account can only be associated to one vCenter
cloud account.The association between
NSX-T
and one or more vCenter
cloud accounts must be configured outside of VMware Aria Automation
, specifically in your NSX
application. VMware Aria Automation
doesn't create the association between NSX
and vCenter
. In VMware Aria Automation
, you specify one or more configuration associations that already exists in NSX
.When you create an
NSX
cloud account in VMware Aria Automation
, you specify a manager type and an NSX
mode. These selections cannot be changed after you create the cloud account.You can connect to an
NSX
Global Manager and configure an association between an NSX
Global Manager and local managers in the context of the NSX
federation.For related information about
NSX
options and capabilities in general, see VMware NSX Documentation.To facilitate fault tolerance and high availability in deployments, each
NSX
endpoint represents a cluster of three NSX Manager
s.
- VMware Aria Automationcan point to one of theNSXManagers. Using this option, oneNSXManager receives the API calls fromVMware Aria Automation.
- VMware Aria Automationcan point to the Virtual IP of the cluster. Using this option, oneNSXManager assumes control of the VIP. That NSX Manager receives the API calls fromVMware Aria Automation. In case of failure, another node in the cluster assumes control of the VIP and receives the API calls fromVMware Aria Automation.For more information about VIP configuration forNSX, seeConfigure a Virtual IP (VIP) Address for a Clusterin theNSX Installation Guideat VMware NSX Documentation.
- VMware Aria Automationcan point to a load balancer VIP to load-balance the calls to the threeNSXManagers. Using this option, all threeNSXManagers receive API calls fromVMware Aria Automation.You can configure the VIP on a third-party load balancer or on anNSX-Tload balancer.For large scale environments, consider using this option to split theVMware Aria AutomationAPI calls among the threeNSXManagers.
- Select and clickAdd Cloud Account.
- Select theNSX-Taccount type and specify a cloud account name and description.
- Enter the host IP address for theNSX-TManager instance or VIP (see above for information about the expected behavior that pertains to theNSXManager and VIP options).
- Enter yourNSXuser name and password administrator credentials.
- ForManager type, select eitherGlobalorLocal(default).
- Global ManagerThe Global Manager setting is only available for use with the PolicyNSX modesetting. It is not available when using the ManagerNSX modesetting.The Global setting refers to theNSX-Tfederation capabilities, including global network segments. OnlyNSX-Tcloud accounts with the Global setting supportNSX-Tfederation.When using the Global Manager setting, you are prompted to identify a Local ManagerNSX-Tcloud account and an associatedvCentercloud account.You cannot associate a Global MangerNSX-Tcloud account withvCentercloud account, as you can with an Local ManagerNSX-Tcloud account. Similar to how a Local ManagerNSX-Tcloud account can be associated to multiplevCentercloud accounts, a Global ManagerNSX-Tcloud account can be associated to multiple Local ManagerNSX-Tcloud accounts.
- Local ManagerUse the Local setting to define a traditionalNSX-Tcloud account, which can be associated to one or morevSpherecloud accounts. You can associate a Global managerNSX-Tcloud account with a LocalNSX-Tcloud accounts. Note that this is also the setting to use if you are creating a new and empty targetNSX-Tcloud account for the purposes ofNSX-VtoNSX-Tmigration.
You cannot change theManager typesetting after you create the cloud account. - ForNSX mode, select eitherPolicyorManager.
- Policy mode (default)The Policy mode is available forNSX-T3.0 andNSX-T3.1 forward. This option enablesVMware Aria Automationto use the additional capabilities available in theNSX-TPolicy API.If you are usingNSX-Twith aVMware Cloud on AWScloud account in a cloud template, theNSX-Tcloud account must use the PolicyNSX mode.The Policy setting refers to theNSX-TPolicy API form ofNSX-T.
- Manager modeExistingNSX-Tendpoints or cloud accounts that are upgraded from an earlier version ofVMware Aria Automationthat did not provide a Policy option are treated as Manager modeNSX-Tcloud accounts.The Manager mode is supported forNSX-T2.4,NSX-T3.0, andNSX-T3.1 forward.If you specify Manager mode, use the Manager mode option for otherNSX-Tcloud accounts untilVMware Aria Automationintroduces a Manager mode to Policy mode migration path.SomeVMware Aria Automationoptions forNSX-TrequireNSX-T3.0 or greater, including adding tags to virtual machine NIC components in the cloud template.The Manager setting refers to theNSX-TManager API form ofNSX-T.
If you have existingNSX-Tcloud accounts that were created prior to the introduction of the Policy mode inVMware Aria Automation8.2, they use the Manager API method. It is recommended that you replace your existingNSX-Tcloud accounts with newNSX-Tcloud accounts that specify the Policy API method.You cannot change theNSX modevalue after you create the cloud account. - ClickValidateto confirm the credentials in relation to the selected NSX Manager type and NSX mode.The assets associated with the account are collected.If theNSXhost IP address is not available, validation fails.
- InAssociations, add one or morevCentercloud accounts to associate with thisNSX-Tcloud account. You can also remove existingvCentercloud account associations.OnlyvCentercloud accounts that are not currently associated inVMware Aria Automationto anNSX-TorNSX-Vcloud account are available for selection.For information about making association changes after you have deployed a cloud template, or about deleting the cloud account after you have deployed a cloud template, see What happens if I remove an NSX cloud account association in VMware Aria Automation.
- If you want to add tags to support a tagging strategy, enter capability tags.You can add or remove capability tags later. See maphead-how-to-use-tags.html.
For more information about how capability tags and constraint tags help control deployment placements, see the Constraint Tags and Placement video tutorial. - ClickSave.
You can create or edit a
vCenter
cloud account to associate with this NSX
cloud account. See Create a basic vCenter cloud account in VMware Aria Automation.Create and configure one or more cloud zones for use with the data centers that are used by this cloud account. See Learn more about Automation Assembler cloud zones.
Configure infrastructure resources for this cloud account. See Building your Automation Assembler resource infrastructure.
For samples of using
NSX-T
options in VMware Aria Automation
cloud templates, see Network, security group, and load balancer resource examples in Automation Assembler.