This is an attempt to put a study guide together for the VMware Certified Advanced Professional (VCAP)- Network Virtualisation Deployment (3V0-643) certification. This is part 1 of a 20.
At the time of writing there is no VCAP Design exam stream, thus you’re automatically granted the new VMware Certified Implementation Expert – Network Virtualisation (VCIX6-NV) certification by successfully passing the VCAP6-NV exam. Bonus.
As per any VMware exam the blueprint is highly recommend to read and follow. In this case it’s actually an Exam Preparation Guide v1.2 which can be found here.
Firstly, I want to provide an overview of my lab. I have done most of this before nested inside VMware workstation on my laptop, but for extra performance and to remove the lag and latency I approached my employer Computer Concepts Limited and asked for an allocation of compute, storage and networking in our Cloud platform that is provided by VMware vCloud Director. Request approved! Awesome, onto building the base platform.
So my lab platform consists of:
2x vCenter Server Appliances v6.0 U2 (management and compute clusters)
6x vSphere ESXi hosts v6.0 U2 (split between management and compute clusters)
1x Windows 2012 R2 Domain Controller
1x Windows 2012 R2 RDS Host
OpenFiler 2.99 for iSCSI storage (shared storage for hosts)
All the licensing for my lab and NSX is covered by the vExpert Program.
There is some small tweaks that need to be completed behind the scenes for nesting of ESXi on top of vCloud Director ESXi hosts. The port group that backs my lab network requires Promiscuous Mode and Forged Transmits to be enabled. Without these settings enabled you will not be able to communicate with anything that you deploy on top of your ESXi hosts.
On purpose when I built the platform I deployed it all as vCenter 5.5/vSphere 5.5 and then went and upgraded the whole lot to 6.0 U2 (yeah, just for a bit of extra fun!), and then proceeded to split out the embedded Platform Services Controller (PSC) to an external deployment.
The reason I am using external PSCs is further down the track I want a single SSO domain spanning 2 vCenters with Enhanced Link Mode for a single pane of glass and embedded PSCs are not supported.
My lab from within vCloud Director looks like this below, and at this point I am using a single 10Gb NIC, more will be added as I progress the build. All connections to this lab will be via the RDS host from where I launch the vSphere Web and C# client.
From this point on anything that is deployed will be on the nested lab ESXi hosts. I currently have 1 v Center looking after all the hosts, split over 3 clusters.
The lab has 2 vSphere Distributed Switches (vDS); one for management hosts and one for the compute/edge cluster hosts.
Both vDS have the MTU size set to the recommended minimum of 1600 bytes.
- Deploy NSX Manager
- Integrate NSX Manager with vCenter
- Configure SSO
- Specify Syslog Server
- Implement and Configure NSX Controllers
- Exclude virtual machines from firewall protection