In this example I will be putting an nginx reverse proxy in front of the three NSX-T Managers – as i am using multisite so cant use inbuilt VIP. I have built a Rocky Linux 8 machine with a minimal configuration.
NSX Managers will be on:
10.8.1.50
10.8.1.60
10.9.1.50
Install Nginx
dnf install nginxEdit Nginx config and add include file
vi /etc/nginx/nginx.confAdd
include /etc/nginx/passthrough.conf;
Ensure it is outside of the http block or you may get this message:
nginx: [emerg] “stream” directive is not allowed here in /etc/nginx/passthrough.conf:2
nginx: configuration file /etc/nginx/nginx.conf test failed
Edit passthrough conf
vi /etc/nginx/passthrough.conf
stream {
upstream nsx_managers {
server 10.8.1.50:443 max_fails=3 fail_timeout=5s;
server 10.8.1.60:443 max_fails=3 fail_timeout=5s;
server 10.9.1.50:443 max_fails=3 fail_timeout=5s;
}
log_format basic '$remote_addr [$time_local] '
'$protocol $status $bytes_sent $bytes_received '
'$session_time "$upstream_addr" '
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
access_log /var/log/nginx/nsx_managers_access.log basic;
error_log /var/log/nginx/nsx_managers_error.log;
server {
listen 443;
proxy_pass nsx_managers;
proxy_next_upstream on;
}
}
Check nginx config
nginx -t
Start and enable nginx service
systemctl enable ---now nginx