Controller cluster operations

There are certain operations that can be performed on a controller cluster. You should always change the default password for controller clusters to ensure data security.

To change the passwords on a controller cluster:

  1. Log in to the vSphere web client and navigate to  Home | Networking & Security | Installation.
  2. The Management tab shows the list of controllers. Pick one whose password needs to be changed. It is recommended that all three controllers have different passwords.
  3. Click Actions | Change Controller Cluster Password:
  4. Enter a new password and click OK when done.

The control plane remains unaffected in the event a single NSX controller fails. However, VMware recommends redeploying the entire cluster and using the Update Controller State mechanism to synchronize the state of the controller cluster.

The Update Controller State option causes logical routers to be redeployed and VXlan to be resynchronized.

The following steps are used to deploy a fresh controller cluster:

  1. Log in to the vSphere web client and navigate to Home | Networking & Security | Installation | Management.
  2. Delete the NSX controllers by clicking on each one and then the  Delete icon.
  3. Deploy a new set of NSX controllers using the standard NSX controller deployment steps.

 

  1. Once deployed, go to the NSX Manager pane under the Management tab and click on Actions | Update Controller State:
  2. You can also download Tech support logs from a specific controller. To do that select a controller and click on  to begin the log collection. You will see the following as soon as you click on the icon:
  1. Once the support log generation is done, download it to your desired location on your system.
  2. Configuring a syslog server for NSX controllers is done via an API call. Once configured, NSX Manager sends all audit logs and system events to this syslog server. Configuring the syslog server via the API is the only supported way as of this version.

 

  1. To enable syslog on NSX controller, use the following API, which adds a controller syslog exporter and configures it on a controller node:
Request
POST https://NSXManager-IP/api/2.0/vdn/controller/{controller-id}/syslog
Request Body:
<controllerSyslogServer>
<syslogServer>SYSLOG SERVER IP</syslogServer>
<port>514</port>
<protocol>UDP</protocol>
<level>INFO</level>
</controllerSyslogServer>

VMware recommends the protocol remain UDP.

  1. To query the syslog server, use the following API:
Request
GET https://NSXManager-IP/api/2.0/vdn/controller/{controller-id}/syslog

If you wish to delete the syslog configuration, use the following API:

Request
DELETE https://NSXManager-IP/api/2.0/vdn/controller/{controller-id}/syslog

NSX constantly checks on communication health between NSX Manager and all of its associated and deployed components. To check on the status of the communication channel health:

  1. Log in to the vSphere web client and navigate to Home | Networking & Security | Installation | Host Preparation.

 

  1. Select a cluster and expand it. Select any host and click Actions and then Communication Channel Health:

The Communication Channel Health information is displayed:

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.134.118.95