There are a few different ways to “design” an NSX-T deployment. Mostly I think about what VLANs, virtual switches, and physical NICs are available and what gets assigned where.
Please note the inspiration for the diagram and design come from this great site. I loved the layout of the diagram, so it is a huge influence for the image above (though I completely recreated and adapted it as a Power Point slide of all things).
That’s quite a mouthful, but it is what it is. This particular design consists of the following:
I believe in NSX-T 2.5 you can get this down to having a single N-vDS, but then would need to put the Edge VM TEP on a separate VLAN and have traffic routable between the two, i.e. the Edge VM’s TEP interface would not be on a VDS port group, as well as some additional advantages. But I’ll try to explore that in another post. For now, I like this design because it is quite simple, and is a pretty good design for a PoC of Tanzu Kubernetes Grid Integrated Edition (TKGI, formerly known as PKS).
Ultimately it’s pretty easy to create a new NSX-T profile for the ESXi hosts, a few clicks, a few seconds, and that is what most people do as the ESXi host’s TEP VLAN is often a trunk port. But in this design I’m just using an access port, so the default profile with VLAN 0 works.
I haven’t created this design for production use. This is what I think is the simplest design for a proof of concept (where NSX-T isn’t the PoC focus). I would imagine a production design would look much different. Also this design works great in a nested lab.
Don’t forget to set your TEP VLAN MTU >=1600. Most people set it to 9k and are done with it. :)