Contents
NSX requirement
- No matter the size of the NSX deployment, VMware requires that each NSX Controller cluster contain three controller nodes. Having a different number of controller nodes is not supported.
- The cluster requires that each controller's disk storage system has a peak write latency of less than 300ms, and a mean write latency of less than 100ms. If the storage system does not meet these requirements, the cluster can become unstable and cause system downtime.
NSX check
- Log in to the NSX Controller CLI.
get control-cluster status
show control-cluster status show control-cluster connections
- Log in to the NSX Manager CLI.
# nsx-manager show logical-switch list all get management-cluster status
Notes
- All NSX Edge services run on the active appliance. The primary appliance maintains a heartbeat with the standby appliance and sends service updates through an internal interface. If a heartbeat is not received from the primary appliance within the specified time (default value is 15 seconds), the primary appliance is declared dead.
- By default when we’re creating a firewall rule in NSX, the “Applied to” field is set to “Distributed Firewall”. The firewall rule will be stored in NSX manager’s database and will be applied to all VMs vNICs, regardless of the VMs location. It’s important to mention that even when dFW rule is applied to all VMs, we still need a match on source/destination to take action on that rules.
Troubleshooting
How to Cleanly Uninstall Legacy NSX and Trend Micro from ESXi
http://virtuallystable.com/2018/11/08/how-to-cleanly-uninstall-legacy-nsx-and-trend-micro-from-esxi/
http://www.vmwarearena.com/how-to-manually-install-nsx-6-3-0-vibs-on-esxi-6-5-hosts/
#esxcli software vib remove -n epsec-mux
Restoring vCenter access after being blocked by a Deny All rule in NSX DFW