Let’s back into NSX mode again 🙂 In my last blog Network Virtualization with VMware NSX – Part 7 discussed about Network Address Translation (NAT) and Load Balancing with NSX Edge Gateway. Here in Network Virtualization with VMware NSX – Part 8 will discuss about High Availability of the NSX Edge.
High Availability (HA) ensures that NSX Edge appliance is always available by installing an active pair of Edges on your virtualized infrastructure. We can enable HA either when installing NSX Edge appliance or after installing NSX Edge appliance.
The primary NSX Edge appliance is in the Active State and the Secondary Appliance is in Standby State. NSX Edge replicates the configuration of the primary appliance to the standby appliance. VMware recommends create the primary and secondary appliances on separate datastores. If you create the primary and secondary appliances on the same datastore, the datastore must be shared across all hosts in the cluster for the HA appliance pair to be deployed on different ESX hosts.
All NSX Edge services run on the active appliance. The primary appliance maintains a heartbeat with the standby appliance and sends service updates through an internal interface. If a heartbeat is not received from the primary appliance within the specified time (default value is 15 seconds), the primary appliance is declared dead. The standby appliance moves to the active state, takes over the interface configuration of the primary appliance, and starts the NSX Edge services that were running on the primary appliance. After switch over Load Balancer and VPN services need to re-establish TCP connection with NSX Edge, so service is disrupted for a short while. Logical switch connections and firewall sessions are synched between the primary and standby appliances, so there is no service disruption during switch over.
If the NSX Edge appliance fails and a bad state is reported, high availability force-synchronizes the failed appliance to revive it. When the appliance is revived, it takes on the configuration of the now active appliance and stays in a standby state. If the NSX Edge appliance is dead, you must delete the appliance and add an appliance.
NSX Edge ensures that the two HA NSX Edge virtual machines are not on the same ESX host even after you use DRS and vMotion (unless you manually vMotion them to the same host).
Now let’s verify HA settings and Configure High Availability for NSX Edge :-
3. Same can be verify from Management Cluster where we have deployed NSX Edge appliances. you can see in the below screenshot that only one instance of Edge Services Router (Edge Services Router-0) and One instance of Logical Router (Logical-Router-0) is running.
5. Change HA Configuration window will open up, Select HA Status –> Enable, Select vNIC, enter Declare Dead Time (Default is 15 Seconds), And enter the management IP for Heartbeat for both nodes and Click OK.
8. That’s it. Now NSX Edge Services Router is running is HA mode, If Active node will fail standby node will take over after 15 seconds. Same way we can enable HA for Logical Router. I have added screenshot for Logical Router.
9. Once you have enabled HA for NSX Edge. You can putty to NSX edge and verify the Active Node and Standby Node by running Show Service highavailability command. Let me connect to and run this command to verify.
10. Now let’s shut down the vshield-edge-4-0 and run the Show Service highavailability command again.
11. Now let’s Power On the vshield-edge-4-0 and run the command again.
That’s It !! This is how we can enable HA and test failover for NSX Edge.
Thank You and Keep sharing
Other NSX Parts:-