September 21, 2021

Deploy NSX-T Edge Clusters using SDDC Manager API

A quicker way to deploy multiple clusters

What? Utilize SDDC Manager’s API to deploy NSX-T Edge Clusters

curl --location --request POST 'https://sddc-manager.region2.shank.com/v1/edge-clusters/validations/'
--header 'Content-Type: application/json'
--header 'Accept: application/json'
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiIzMjk0NmE3My04MDgxLTRjMWYtOWQwMy0zNDI4MjAzM2Y1MjAiLCJpYXQiOjE2MzIyMDMzMDUsInN1YiI6ImFkbWluaXN0cmF0b3JAdnNwaGVyZS5sb2NhbCIsImlzcyI6InZjZi1hdXRoIiwiYXVkIjoic2RkYy1zZXJ2aWNlcyIsIm5iZiI6MTYzMjIwMzMwNSwiZXhwIjoxNjMyMjA2OTA1LCJ1c2VyIjoiYWRtaW5pc3RyYXRvckB2c3BoZXJlLmxvY2FsIiwibmFtZSI6ImFkbWluaXN0cmF0b3JAdnNwaGVyZS5sb2NhbCIsInNjb3BlIjpbIlNERENfRkVERVJBVElPTl9XUklURSIsIkFWTl9XUklURSIsIkNFUlRfV1JJVEUiLCJDT01QT1NBQklMSVRZX1dSSVRFIiwiTElDRU5TRV9LRVlfUkVBRCIsIkNPTVBPU0FCSUxJVFlfUkVBRCIsIkVER0VfQ0xVU1RFUl9XUklURSIsIlVTRVJfUkVBRCIsIkNSRURFTlRJQUxfV1JJVEUiLCJCQUNLVVBfQ09ORklHX1JFQUQiLCJDTFVTVEVSX1dSSVRFIiwiQVZOX1JFQUQiLCJWQVNBX1BST1ZJREVSX1JFQUQiLCJET01BSU5fV1JJVEUiLCJDRUlQX1JFQUQiLCJOVFBfV1JJVEUiLCJERVBPVF9DT05GSUdfV1JJVEUiLCJERVBPVF9DT05GSUdfUkVBRCIsIkhPU1RfV1JJVEUiLCJCQUNLVVBfUkVTVE9SRV9SRUFEIiwiQ0VSVF9SRUFEIiwiVVNFUl9XUklURSIsIlVQR1JBREVfUkVBRCIsIk9USEVSX1JFQUQiLCJDUkVERU5USUFMX1JFQUQiLCJIT1NUX1JFQUQiLCJDRUlQX1dSSVRFIiwiT1RIRVJfV1JJVEUiLCJMSUNFTlNFX0tFWV9XUklURSIsIkNBX1JFQUQiLCJORVRXT1JLX1BPT0xfV1JJVEUiLCJXQ1BfUkVBRCIsIkJBQ0tVUF9SRVNUT1JFX1dSSVRFIiwiTlRQX1JFQUQiLCJFREdFX0NMVVNURVJfUkVBRCIsIkJBQ0tVUF9DT05GSUdfV1JJVEUiLCJXQ1BfV1JJVEUiLCJTRVJWSUNFX0FDQ09VTlRfV1JJVEUiLCJORVRXT1JLX1BPT0xfUkVBRCIsIkNBX1dSSVRFIiwiQ0xVU1RFUl9SRUFEIiwiVkFTQV9QUk9WSURFUl9XUklURSIsIkROU19XUklURSIsIlZSU0xDTV9XUklURSIsIkROU19SRUFEIiwiU0VSVklDRV9BQ0NPVU5UX1JFQUQiLCJTRERDX0ZFREVSQVRJT05fUkVBRCIsIkRPTUFJTl9SRUFEIiwiVlJTTENNX1JFQUQiLCJVUEdSQURFX1dSSVRFIl0sInJvbGUiOlsiQURNSU4iXX0.USzrLuoclWP02fDBU2XBBAI7vHiY0hSdjhLtcCCRE6g'
--data-raw '{
"edgeClusterName" : "wld-edge-cl1",
"edgeClusterType" : "NSX-T",
"edgeRootPassword" : "VMware123!VMware123!",
"edgeAdminPassword" : "VMware123!VMware123!",
"edgeAuditPassword" : "VMware123!VMware123!",
"edgeFormFactor" : "SMALL",
"tier0ServicesHighAvailability" : "ACTIVE_ACTIVE",
"mtu" : 1600,
"asn" : 65051,
"edgeNodeSpecs" : [ {
"edgeNodeName" : "reg2-wld-edge1.region2.shank.com",
"managementIP" : "172.24.0.40/24",
"managementGateway" : "172.24.0.1",
"edgeTepGateway" : "172.30.0.1",
"edgeTep1IP" : "172.30.0.6/24",
"edgeTep2IP" : "172.30.0.7/24",
"edgeTepVlan" : 3019,
"clusterId" : "faa6d3e8-982a-4b00-8c35-949ac5e601c7",
"interRackCluster" : false,
"uplinkNetwork" : [ {
"uplinkVlan" : 3017,
"uplinkInterfaceIP" : "172.28.0.4/24",
"peerIP" : "172.28.0.1/24",
"asnPeer" : 65044,
"bgpPeerPassword" : "VMware123!VMware123!"
},
{
"uplinkVlan" : 3018,
"uplinkInterfaceIP" : "172.29.0.4/24",
"peerIP" : "172.29.0.1/24",
"asnPeer" : 65044,
"bgpPeerPassword" : "VMware123!VMware123!"
} ]
},
{
"edgeNodeName" : "reg2-wld-edge2.region2.shank.com",
"managementIP" : "172.24.0.41/24",
"managementGateway" : "172.24.0.1",
"edgeTepGateway" : "172.30.0.1",
"edgeTep1IP" : "172.30.0.8/24",
"edgeTep2IP" : "172.30.0.9/24",
"edgeTepVlan" : 3019,
"clusterId" : "faa6d3e8-982a-4b00-8c35-949ac5e601c7",
"interRackCluster" : false,
"uplinkNetwork" : [ {
"uplinkVlan" : 3017,
"uplinkInterfaceIP" : "172.28.0.5/24",
"peerIP" : "172.28.0.1/24",
"asnPeer" : 65044,
"bgpPeerPassword" : "VMware123!VMware123!"
},
{
"uplinkVlan" : 3018,
"uplinkInterfaceIP" : "172.29.0.5/24",
"peerIP" : "172.29.0.1/24",
"asnPeer" : 65044,
"bgpPeerPassword" : "VMware123!VMware123!"
} ]
} ],
"tier0RoutingType" : "EBGP",
"tier0Name" : "wld-t0",
"tier1Name" : "wld-t1",
"edgeClusterProfileType" : "DEFAULT"
}'

Step 3: Checking the progress of the validation

In this example I will be using postman to make the API calls, there are other alternatives such as powerVCF, the Developer Center, API calls directly on SDDC Manager as root, and pretty much any other way you would use to make API calls.

Step 1: Bearer Token

The Edge Cluster creation JSON below is an example of one that I used deployed in my lab. Ensure the fields are changed to suit your environment.

Once the validation completes, the Edge cluster can be deployed. If there are any issues with the validation, they must be resolved before proceeding to step 4.

SDDC Manager bearer token
Bearer token

Step 2: Validating Edge Cluster Creation Spec JSON

curl --location --request POST 'https://sddc-manager.region1.shank.com/v1/tokens'
--header 'Content-Type: application/json'
--header 'Accept: application/json'
--data-raw '{
"username" : "[email protected]",
"password" : "password"
}'

To check the progress send a GET request to https://sddcManagerFQDN/v1/edge-clusters/validations/<id>.

The first step is to get a bearer token, the little bit of code below should provide you with this. Make sure you change the details to suit your environment.

  • “edgeFormFactor”: This is the size of the Edge nodes, the options are SMALL, MEDIUM, LARGE and XLARGE
  • “tier0ServicesHighAvailability”: This is the availability mode that the Tier-0 will be deployed with, the choices are ACTIVE_ACTIVE OR ACTIVE_STANDBY
  • “asn”: The ASN configured on the Tier-0 gateway, asnPeer is the ToR or upstream gateways configured ASN.
  • “clusterId”: This is the ID of the vSphere cluster where you want to deploy the Edge nodes. You can either use API to obtain this information or browse to the cluster in SDDC Manager and copy the UUID from the URL.
getting the cluster uuid
Cluster UUID
  • “edgeClusterProfileType”: The choices for this one are DEFAULT or CUSTOM. If you select CUSTOM, then you have the ability to fill out the below additional options.
I decided to write up this article to demonstrate how to deploy NSX-T Edge Clusters using SDDC Manager. This method can be quicker and easier than filling out the form each time, especially if you have multiple nodes and clusters to deploy!

validating the edge cluster creation json
SDDC Manager config validation

"edgeClusterProfileSpec": {
"bfdAllowedHop": 0,
"bfdDeclareDeadMultiple": 0,
"bfdProbeInterval": 0,
"edgeClusterProfileName": "",
"standbyRelocationThreshold": 0

The process is also documented here.

Step 4: Deploying the NSX-T Edge Cluster

This post has walked you through the process of deploying an NSX-T Edge cluster using the SDDC Manager UI. This is useful if you need to deploy several clusters and require the Edge clusters to be registered in the SDDC Manager inventory. Remember it is also possible to deploy Edge clusters directly in NSX-T within a VCF environment, but you must remember that they will not be known to SDDC Manager.

SDDC deploy task completed
Successful completion

Conclusion

Prior to deploying any clusters in SDDC Manager you must validate the JSON spec, doing so ensures the configuration in the JSON is valid and will deploy correctly.

This part is quite simple, copy or re-use the session and URI shown in step 3, and remove the validations/<id> on the end. Now you must send a POST request to https://sddcManagerFQDN/v1/edge-clusters/ using the same JSON that was created in step 2. This will initiate the deploy task in SDDC Manager and once complete it should be fully functional.

{
"edgeClusterName" : "wld-edge-cl1",
"edgeClusterType" : "NSX-T",
"edgeRootPassword" : "VMware123!VMware123!",
"edgeAdminPassword" : "VMware123!VMware123!",
"edgeAuditPassword" : "VMware123!VMware123!",
"edgeFormFactor" : "SMALL",
"tier0ServicesHighAvailability" : "ACTIVE_ACTIVE",
"mtu" : 1600,
"asn" : 65051,
"edgeNodeSpecs" : [ {
"edgeNodeName" : "reg2-wld-edge1.region2.shank.com",
"managementIP" : "172.24.0.40/24",
"managementGateway" : "172.24.0.1",
"edgeTepGateway" : "172.30.0.1",
"edgeTep1IP" : "172.30.0.6/24",
"edgeTep2IP" : "172.30.0.7/24",
"edgeTepVlan" : 3019,
"clusterId" : "faa6d3e8-982a-4b00-8c35-949ac5e601c7",
"interRackCluster" : false,
"uplinkNetwork" : [ {
"uplinkVlan" : 3017,
"uplinkInterfaceIP" : "172.28.0.4/24",
"peerIP" : "172.28.0.1/24",
"asnPeer" : 65044,
"bgpPeerPassword" : "VMware123!VMware123!"
},
{
"uplinkVlan" : 3018,
"uplinkInterfaceIP" : "172.29.0.4/24",
"peerIP" : "172.29.0.1/24",
"asnPeer" : 65044,
"bgpPeerPassword" : "VMware123!VMware123!"
} ]
},
{
"edgeNodeName" : "reg2-wld-edge2.region2.shank.com",
"managementIP" : "172.24.0.41/24",
"managementGateway" : "172.24.0.1",
"edgeTepGateway" : "172.30.0.1",
"edgeTep1IP" : "172.30.0.8/24",
"edgeTep2IP" : "172.30.0.9/24",
"edgeTepVlan" : 3019,
"clusterId" : "faa6d3e8-982a-4b00-8c35-949ac5e601c7",
"interRackCluster" : false,
"uplinkNetwork" : [ {
"uplinkVlan" : 3017,
"uplinkInterfaceIP" : "172.28.0.5/24",
"peerIP" : "172.28.0.1/24",
"asnPeer" : 65044,
"bgpPeerPassword" : "VMware123!VMware123!"
},
{
"uplinkVlan" : 3018,
"uplinkInterfaceIP" : "172.29.0.5/24",
"peerIP" : "172.29.0.1/24",
"asnPeer" : 65044,
"bgpPeerPassword" : "VMware123!VMware123!"
} ]
} ],
"tier0RoutingType" : "EBGP",
"tier0Name" : "wld-t0",
"tier1Name" : "wld-t1",
"edgeClusterProfileType" : "DEFAULT"
}

To view all my other VCF related articles please click here.

Similar Posts