Deploying the NSX-T Cloud Service Manager (CSM)

NSX Cloud enables you to manage and secure your public cloud inventory using NSX-T Data Center. The Cloud Service Manager (CSM) provides a single pane of glass management endpoint for your public cloud inventory.

Delivering consistent networking and security for your applications running natively in public clouds with NSX Cloud. No more infrastructure silos to drive up complexity and operational expense — instead, enjoy intrinsic security policies globally and precise control across virtual networks, regions, and clouds. NSX Cloud currently supports Microsoft Azure and Amazon AWS, including Azure Government and AWS GovCloud (US) regions. For full details NSX Cloud

This blog focuses on deploying the NSX-T CSM appliance and connecting it to my on premise NSX-T Manager, following the base setup we will go ahead and connect the CSM to my AWS account.

There is no specific appliance binary for the NSX-T CSM, it uses the same NSX-T Manager software package. So we will just reuse the NSX-T Manager appliance OVA which you have downloaded from VMware download page when you deployed your NSX-T Managers.

You will need an additional IP address which will be the management IP for this new appliance. Since this appliance will need to access the Internet, the IP address either needs direct Internet access or we would need the proxy details for your environment.

You are going to need your admin credentials for your on premise NSX-T Manager when we register the CSM with the on premise NSX-T Manager.

Let’s Get Started

Step 1 – Login to your vCenter and navigate to the cluster where we will deploy the NSX-T Manager OVA – I am using NSX-T 3.0

Step 2 – Provide a Virtual Machine Name for this deployment, I am just using NSX-CSM

Step 3 – Select the vCenter Cluster or host where you are planning to deploy the NSX-CSM appliance – I will deploy mine in my management cluster

Step 4 – Review the details below and click Next

Step 5 – This is now where we decide to deploy this as a traditional NSX-T Manager or CSM. By Selecting ExtraSmall you will see the side note that this configuration is only supported for the NSX-T Cloud-Services-Manager and the resources required for this deployment. If you accidentally go ahead with the default selection of Medium, you would need to restart from Step 1

Step 6 – Next we select the storage where the appliance would be deployed too. In my case I have a vSAN datastore in my management cluster and I will deploy it there.

Step 7 – Select the correct portgroup to which the CSM will be attached too – in my lab I will use Management_DXB – this is the same port group where my on premise NSX-T Manager is connected too.

Step 8 – In the step we will configure the Management Interfaces and password details.

Please follow the password complexity rule as below:
– minimum of 12 characters in length
– >=1 uppercase character
– >=1 lowercase character
– >=1 numeric character
– >=1 special character
– >=5 unique characters

You must configure the System Root User Password and the CLI “admin” User Password. The others are optional and I just left them blank

Take Note NSX-T default password expiry time is 90 days, this can be changed via the CLI.

Now we need to configure the hostname and an important step is to select the role for this appliance – since we are deploying this as a CSM, I select nsx-cloud-service-manager from the drop menu

Make sure to select nsx-cloud-service-manager
Populate the correct IP address details

Finally before deploy the CSM, make sure to use the correct DNS and NTP server for your environment

Step 8 – After populating all the needed details we are now ready to deploy NSX-T CSM appliance. Once the deployment has completed, go ahead and power it up

Final step reviewing all the details before we hit Finish

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: