VCF Quick Tip - WLD with single NSX Manager
Manipulate the SDDC Manager and Cloud Builder to enable deployment with only one NSX Manager.
977 Words Words // ReadTime 4 Minutes, 26 Seconds
2025-04-01 00:42 +0200
Introduction
Here is a quick VCF tip for anyone who wants to deploy VCF but doesn’t have endless resources in the lab. With a few minor adjustments, it is possible to deploy a VI Workload WLD or even the Management WLD with just one NSX manager. We can also reduce the MGMT domain to three hosts. The only more economical way is through the convert and NFS. In this case, a management domain with two hosts is possible.
Management Domain
To reduce the management domain to 3 vSAN hosts, we have to log in to the Cloud Builder as admin via SSH and switch to root. In the directory /etc/vmware/vcf/bringup/, application.properties must be adapted and the following line must be changed to the value 3.
bringup.mgmt.cluster.minimum.size=3
After that, the bringup service must be restarted.
systemctl restart vcf-bringup.service
After the adjustments, we can deploy a management domain with only three hosts – nice. For this to work, the deployment must be done via a JSON. There is a good JSON generator from Martin Gustafsson (great tool) or you can upload the VMware Excel Sheet to the Cloudbuilder and use the built-in json generator.
Using the SoS Utility JSON Generator
The JSON generator options within the SoS Utility provide a method to execute the creation of the JSON file from a completed deployment parameter workbook. To run the JSON generator, you must provide, as a minimum, a path to the deployment parameter workbook and the design type using the following syntax:
/opt/vmware/sddc-support/sos --jsongenerator --jsongenerator-input /tmp/vcf-ems-deployment-parameter.xlsx --jsongenerator-design vcf-ems
| Option | Description |
|---|---|
--jsongenerator |
Invokes the JSON generator utility. |
--jsongenerator-input <JSONGENERATORINPUT> |
Specify the path to the input file to be used by the JSON generator utility. For example: /tmp/vcf-ems-deployment-parameter.xlsx. |
--jsongenerator-design vcf-ems |
Use vcf-ems for VMware Cloud Foundation. |
--jsongenerator-design vcf-vxrail |
Use vcf-vxrail for VMware Cloud Foundation on Dell VxRail. |
--jsongenerator-supress |
Supress confirmation to force cleanup directory. (optional) |
--jsongenerator-logs <JSONGENERATORLOGS> |
Specify the logs directory path. |
In order to deploy our management domain with only three ESX Servers and one NSX Manager, all we need to do is adjust the JSON so that it contains only three ESX Servers (the Bringup Excel expects four ESX Servers and three NSX Managers) and only one NSX Manager plus the NSX Manager VIP is available.
My sample JSON for my Workload Domain
{
"deployWithoutLicenseKeys": true,
"skipEsxThumbprintValidation": true,
"managementPoolName": "networkpool-001",
"sddcManagerSpec": {
"secondUserCredentials": {
"username": "vcf",
"password": "xxx"
},
"ipAddress": "10.28.0.4",
"hostname": "vcf02",
"rootUserCredentials": {
"username": "root",
"password": "xxx"
},
"localUserPassword": "xxx"
},
"sddcId": "vcf02-m01",
"esxLicense": null,
"workflowType": "VCF",
"ceipEnabled": false,
"fipsEnabled": false,
"ntpServers": ["192.168.12.1"],
"dnsSpec": {
"secondaryNameserver": "192.168.100.254",
"subdomain": "lab.home",
"domain": "lab.home",
"nameserver": "192.168.11.2"
},
"networkSpecs": [
{
"networkType": "MANAGEMENT",
"subnet": "10.28.1.0/24",
"gateway": "10.28.1.1",
"vlanId": "1001",
"mtu": "1500",
"portGroupKey": "SDDC-DPortGroup-Mgmt"
},
{
"networkType": "VMOTION",
"subnet": "10.28.2.0/24",
"gateway": "10.28.2.1",
"vlanId": "1002",
"mtu": "1700",
"portGroupKey": "SDDC-DPortGroup-vMotion",
"includeIpAddressRanges": [
{ "endIpAddress": "10.28.2.104", "startIpAddress": "10.28.2.101" }
]
},
{
"networkType": "VSAN",
"subnet": "10.28.3.0/24",
"gateway": "10.28.3.1",
"vlanId": "1003",
"mtu": "1700",
"portGroupKey": "SDDC-DPortGroup-VSAN",
"includeIpAddressRanges": [
{ "endIpAddress": "10.28.3.104", "startIpAddress": "10.28.3.101" }
]
},
{
"networkType": "VM_MANAGEMENT",
"subnet": "10.28.0.0/24",
"gateway": "10.28.0.1",
"vlanId": "1000",
"mtu": "1700",
"portGroupKey": "SDDC-DPortGroup-VM-Mgmt"
}
],
"nsxtSpec": {
"nsxtManagerSize": "small",
"nsxtManagers": [
{ "hostname": "vcf02-m01-nsx01a", "ip": "10.28.0.3" }
],
"rootNsxtManagerPassword": "xxx",
"nsxtAdminPassword": "xxx",
"nsxtAuditPassword": "xxx",
"vip": "10.28.0.2",
"vipFqdn": "vcf02-m01-nsx01",
"nsxtLicense": null,
"transportVlanId": 1004
},
"vsanSpec": {
"vsanDedup": "false",
"esaConfig": { "enabled": false },
"datastoreName": "m01-cluster-001-vsan"
},
"dvsSpecs": [
{
"dvsName": "sfo-m01-vds1",
"vmnics": ["vmnic0", "vmnic1"],
"mtu": 1700,
"networks": ["MANAGEMENT", "VMOTION", "VSAN", "VM_MANAGEMENT"],
"niocSpecs": [
{ "trafficType": "VSAN", "value": "HIGH" },
{ "trafficType": "VMOTION", "value": "LOW" },
{ "trafficType": "VDP", "value": "LOW" },
{ "trafficType": "VIRTUALMACHINE", "value": "HIGH" },
{ "trafficType": "MANAGEMENT", "value": "NORMAL" },
{ "trafficType": "NFS", "value": "LOW" },
{ "trafficType": "HBR", "value": "LOW" },
{ "trafficType": "FAULTTOLERANCE", "value": "LOW" },
{ "trafficType": "ISCSI", "value": "LOW" }
],
"nsxtSwitchConfig": {
"transportZones": [
{ "name": "vcf02-m01-tz-overlay01", "transportType": "OVERLAY" },
{ "name": "vcf02-m01-tz-vlan01", "transportType": "VLAN" }
]
}
}
],
"clusterSpec": {
"clusterName": "sfo-m01-cluster-001",
"clusterEvcMode": null,
"clusterImageEnabled": true,
"vmFolders": {
"MANAGEMENT": "vcf02-m01-fd-mgmt",
"NETWORKING": "vcf02-m01-fd-nsx",
"EDGENODES": "vcf02-m01-fd-edge"
},
"resourcePoolSpecs": [
{
"name": "m01-cluster-001-management-001",
"type": "management",
"cpuReservationPercentage": 0,
"cpuLimit": -1,
"cpuReservationExpandable": true,
"cpuSharesLevel": "normal",
"cpuSharesValue": 0,
"memoryReservationMb": 0,
"memoryLimit": -1,
"memoryReservationExpandable": true,
"memorySharesLevel": "normal",
"memorySharesValue": 0
},
{
"name": "m01-cluster-001-compute-002",
"type": "compute",
"cpuReservationPercentage": 0,
"cpuLimit": -1,
"cpuReservationExpandable": true,
"cpuSharesLevel": "normal",
"cpuSharesValue": 0,
"memoryReservationPercentage": 0,
"memoryLimit": -1,
"memoryReservationExpandable": true,
"memorySharesLevel": "normal",
"memorySharesValue": 0
},
{
"name": "m01-cluster-001-compute-003",
"type": "compute",
"cpuReservationPercentage": 0,
"cpuLimit": -1,
"cpuReservationExpandable": true,
"cpuSharesLevel": "normal",
"cpuSharesValue": 0,
"memoryReservationPercentage": 0,
"memoryLimit": -1,
"memoryReservationExpandable": true,
"memorySharesLevel": "normal",
"memorySharesValue": 0
}
]
},
"pscSpecs": [
{
"adminUserSsoPassword": "xxx",
"pscSsoSpec": { "ssoDomain": "vsphere.local" }
}
],
"vcenterSpec": {
"vcenterIp": "10.28.0.5",
"vcenterHostname": "vcf02-vcsa",
"vmSize": "small",
"storageSize": null,
"rootVcenterPassword": "xxx"
},
"hostSpecs": [
{
"association": "sfo-m01-datacenter",
"hostname": "vcf02-m01-esx01",
"credentials": { "username": "root", "password": "xxx" }
},
{
"association": "sfo-m01-datacenter",
"hostname": "vcf02-m01-esx02",
"credentials": { "username": "root", "password": "xxx" }
},
{
"association": "sfo-m01-datacenter",
"hostname": "vcf02-m01-esx03",
"credentials": { "username": "root", "password": "xxx" }
}
]
}
VI Workload Domain
In order to deploy a new workload domain with only one NSX manager, we have to manipulate the SDDC manager. Unfortunately, it is not sufficient to simply generate a JSON with only one NSX manager. However, the process is not particularly complicated.
We need to log in to the SDDC Manager via SSH. To do this, we need to use the VCF user. Then we switch to the root context with su and edit the following file:
/etc/vmware/vcf/domainmanager/application-prod.properties
We have to add 3 lines of configuration.
nsxt.manager.formfactor=medium
nsxt.management.resources.validation.skip=true
nsxt.manager.cluster.size=1
After that, we restart the domainmanager service and we are good to go.
systemctl restart domainmanager.service
After the adjustments, we can deploy the workload domain with just one NSX manager via the API and a JSON file. I will describe in detail how exactly this works in a separate article. Happy VCF deployment!