Configuring an A/S Tier-0 with a Tier-1 and 3-tier app topology with NSX-T Terraform Provider

Configuring an A/S Tier-0 with a Tier-1 and 3-tier app topology with NSX-T Terraform Provider

This blog post and demo shows how you can use the Terraform NSX-T Provider to quickly configure an Active-Standby Tier-0 with a Tier-1 and a typical 3-tier app topology.

VMware is working with Terraform on a NSX-T Provider which support Policy UI. This project is currently on Github and is not officially released by Terraform or VMware yet but ready to be used and tested.

This Terraform NSX-T Provider example can be useful to quickly deploy a typical 3-tier application topology on a NSX-T environment to configure and test the following NSX-T objects:

  • Active-Standby Tier-0 Gateway
  • Uplink interfaces on the Tier-0 Gateway
  • BGP Configuration on the Tier-0 Gateway,
  • BGP Neighbor Configuration
  • Tier-1 Gateway
  • Route Advertisement rule on the Tier-1
  • Overlay Segments for the Web, App and DB tiers.
  • VLAN101 Segment for north-south traffic and BGP peering with ToR-A
  • VLAN102 Segment for north-south traffic and BGP peering with ToR-B
  • Security Groups for the Web, App and DB tiers based on Tags
  • Custom Service (TCP 8443) for Web to App communication.
  • Distributed Firewall Rules for accessing the Application and communication between the tiers, including a default deny rule and using Applied To.

Below a logical diagram of the target topology:

NSX-T Topology

Requirements:

  • NSX Manager(s) ready and configured
  • Compute Manager configured
  • Overlay and VLAN Transport Zones configured
  • Two Edge Nodes configured
  • Edge Cluster configured with the two Edge Nodes as members.

Below is the variables.tf file:

Below is the main.tf file:

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

VCDX #284

VCDX-NV

Twitter