Skip to main content

NSXT Manager MP,CP, DP

Image
By

NSXT Manager cluster consists of 3 NSXT Manager nodes 

These three nodes will form as NSX-T Manager cluster for high availability, workload sharing. 

Each node will have three roles deployed

  • Policy role
  • Manager role
  • Controller role 

NSXT managers forms the management, control plane 

Data plane is separated from the control plane.

Management plane:

  • NSX-T Managers forms the management plane 
  • Provides the entry point for the NSX admins to configure Networking and security 
  • It provides both API or UI based access 

Control plane:

  • Control plan is responsible for runtime virtual networking and security state environment in NSXT data center.
  • There are two types of control plane: CCP, LCP
  • CCP is central control plane, it is on NSX-T Manager nodes.
  • LCP is local control plane it is on each NSX-T transport node (ESXi, KVM , Baremetal server) 

Management and control plane functionalities are converged and managed together by NSX-T Managers.

These converged responsibilities are handled by NSX-T Manager policy role, manager role, controller role, These roles automatically deployed as services on each NSX-T Manager node when it is deployed.

Data plane:

  • Data plane includes NSXT Host Transport nodes (ESXi , KVM, or Baremetal hosts), Edge nodes.
  • These Host transport nodes are responsible for distributed forwarding of East-West traffic 
  • And Edge transport nodes are responsible for North south traffic
  • NSXT Data plane includes a VDS Managed by NSXT (vsphere 7.0 onwards the VDS deployed by vcenter the same VDS will be used for NSXT as well)


Let's see how these different planes communicate with each other:


  • When user login to NSX-T Manager, he will be redirected to reverse proxy service (it runs inside nsxt manager) , reverse proxy completes the authentication and authorization.

  • Then user will be provided with NSX-T GUI access policy role or manager role.

  • Policy role receives the intended configuration from the users and enforce them to Manager role

  • Both policy role and manager role persists the data into 'corfudb'

  • Corfudb is in-memory database and persistently store the configuration data in it.

  • Manager role passes on to controller 

  • NSX Controller is an advanced distributed state management system that provides control plane functions for NSX-T Data Center logical switching and routing functions.

  • NSXT Control plane consists of CCP and LCP
CCP is central control plane, it is on NSX-T Manager nodes.
LCP is local control plane it is on each NSX-T transport node (ESXi, KVM , Baremetal server)

  • CCP and LCP agents, NSXT Manager and LCP communicates by using NSX-RPC protocol.

  • RPC protocol is a messaging solution for all communications between the management plane, CCP, and data plane.

  • CCP receives the configuration from NSX Manager and propagates the information to LCP agents on transport nodes

  • Whenever a change in configuration occurred , the LCP on the transport node notifies its master CCP, then CCP further spreads the information to the transport nodes.
Hope this helps to get some understanding on NSXT management, control, data planes.



Popular posts from this blog

SDDC Manager Command line overview-part 1

By
In this blog, we will discuss about sddc manager and what are the command line options we have what we can do in command line. Sddc manager is the core component in VCF environment. It is responsible for doing many different tasks related to your VCF inventory configuration, life cycle management, security etc. Commission/decommission the hosts Deploying new workload domains  Expanding the clusters or adding new clusters to workload domain Configure network pools for host networks (Management, Storage(VSAN/NFS etc) Deploying vRealize suite of products Certificate and password management  Life cycle Management NSX-T Edge/AVNs deployment Usually all these tasks can be carried out from GUI, VCF admins rarely login sddc manager mostly when the VMware GSS is involved. SDDC Manager command line provides different use cases for example: monitoring the logs  looking up for passwords collecting logs do command line health checks etc How to access sddc manager CLI? There are two us...
Read more

SDDC Manager Command line overview-part 2

By
Welcome back. Hope you all doing great. In the previous blog   we discussed about how to access sddc manager, what are the different logs in sddc manager. In this blog we will discuss about SOS tool. There is a tool called SOS (Supportability and serviceability utility) tool in sddc manager  It is available in this location /opt/vmware/sddc-support To run sos tool you need to change as root or run with sudo  When you run sos tool with -h (--help) option it will show tool usage ./sos --help Sos tool is useful to do multiple tasks, we will look into following examples to understand SOS and its usage. Health checks  Log collection Enable disable ssh for esxi nodes or vcenter servers Get host IP address details  -- Running health check for a specific workload domain, if you didn’t specify the domain-name option then health check will run on all the available workload domains. ./sos --health-check --domain-name nameofthedomain Once the health check completes, it...
Read more