Openshift with NSX-T Installation Part 5: NCP and CNI Integration

In this article, we will integrate NSX-T NCP and CNI to Openshift.

Step 01: Tag the Logical Switches Ports connected to OCP-Master, OCP-Node01 and OCP-Node02 VMs.

NSX-T Manager -> Switching -> LS-VIFs -> Related -> Ports -> Click on the respective logical ports -> Actions -> Manage Tags


Screen Shot 2018-05-18 at 1.51.40 PM

  • You can highlight the port to see which VMs is being Connected.

Screen Shot 2018-05-18 at 2.04.01 PM


  • Scope: ncp/node_name
  • Tag: ocp-master
  • Scope: ncp/cluster
  • Tag: ocp-cl1

Screen Shot 2018-05-18 at 2.09.53 PM

  • Scope: ncp/node_name
  • Tag: ocp-node01
  • Scope: ncp/cluster
  • Tag: ocp-cl1

Screen Shot 2018-05-18 at 2.05.24 PM

  • Scope: ncp/node_name
  • Tag: ocp-node02
  • Scope: ncp/cluster
  • Tag: ocp-cl1



Screen Shot 2018-05-18 at 2.08.44 PM

Step 02: On the master Node, lets fork the NSX-T Integration for Openshift. The below is using Yasen github, but its a fork from the actual nsxt integration from here ->

On every node, run this

cd /root/nsx-container-

docker load -i nsx-ncp-rhel-

Screen Shot 2018-05-16 at 5.57.20 PM

On all the 3 nodes, you have to do the following.

 docker images
 docker tag registry.local/ nsx-ncp
 docker images
Screen Shot 2018-05-16 at 5.59.17 PM
Then on the master,
cd /root
cd /root/nsx-integration-for-openshift/openshift-ansible-nsx/roles/ncp_prep/defaults/
nano main.yml
change the uplink_port to ens224
# update the variable values below before running the ncp_prep role
cni_url: /root/nsx-container-
ovs_url: /root/nsx-container-
ovs_kmod1_url: /root/nsx-container-
ovs_kmod2_url: /root/nsx-container-
uplink_port: ens224
ncp_image_url: /root/nsx-container-
Screen Shot 2018-05-18 at 2.57.10 PM
cd /root

nano /root/ncp-rc.yml

subnet_prefix = 24

tier0_router = T0
overlay_tz = TZ-Overlay
container_ip_blocks = IPBlock-PodNetworking
no_snat_ip_blocks = IPBlock-NONAT
external_ip_pools = Pool-NAT
top_firewall_section_marker = top_firewall_section
bottom_firewall_section_marker = bottom_firewall_section

Screen Shot 2018-05-19 at 10.04.12 PM
oc apply -f ncp-rc.yml
Screen Shot 2018-05-19 at 10.24.03 PM
cd /root/nsx-integration-for-openshift/openshift-ansible-nsx/roles/ncp/defaults
change the apiserver_host_ip, nsx_manager_ip, nsx_api_user and nsx_api_password to your configuration.
ncp_yaml_url: /root/ncp-rc.yml
cluster_name: ocp-cl1
nsx_api_user: admin
nsx_api_password: VMware1!
Screen Shot 2018-05-19 at 10.12.38 PM
ansible-playbook /root/nsx-integration-for-openshift/openshift-ansible-nsx/ncp.yaml
Screen Shot 2018-05-18 at 2.19.33 PM
oc get pod
oc delete nsx-ncp-r46z2
Screen Shot 2018-05-18 at 2.32.27 PM