NSX – Configure Guest Introspection

Install Guest Introspection

Installing Guest Introspection installs a new vib and a service virtual machine on each host in the cluster. Guest Introspection is required for NSX Data Security, Activity Monitoring, and several third-party security solutions.

If you want to assign an IP address to the NSX Guest Introspection service virtual machine from an IP pool, create the IP pool before installing NSX Guest Introspection.

1. On the Installation tab, click Service Deployments.

2. Click the New Service Deployment icon.

3. In the Deploy Network and Security Services dialog box, select Guest Introspection.

4. In Specify schedule (at the bottom of the dialog box), select Deploy now to deploy Guest Introspection as soon as it is installed or select a deployment date and time.

5. Click Next.

6. Select the datacentre and cluster(s) where you want to install Guest Introspection, and click Next.

7. On the Select storage and Management Network Page, select the datastore on which to add the service virtual machines storage or select Specified on host. It is recommended that you use shared datastores and networks instead of “specified on host” so that deployment workflows are automated.

The selected datastore must be available on all hosts in the selected cluster.

If you selected Specified on host, follow the steps below for each host in the cluster.

  • a. On the vSphere Web Client home page, click vCenter and then click Hosts.
  • b. Click a host in the Name column and then click the Manage tab.
  • c. Click Agent VM Settings and click Edit.
  • d. Select the datastore and click OK.

8. Select the distributed virtual port group to host the management interface. If the datastore is set to Specified on host, the network must also be Specified on host.

The selected port group must be able to reach the NSX Manager’s port group and must be available on all hosts in the selected cluster.

If you selected Specified on host, follow the substeps in Step 7 to select a network on the host. When you add a host (or multiple hosts) to the cluster, the datastore and network must be set before each host is added to the cluster.

9. In IP assignment, select one of the following:

  • DHCP: Assign an IP address to the NSX Guest Introspection service virtual machine through Dynamic Host Configuration Protocol (DHCP). Select this option if your hosts are on different subnets.
  • IP pool: Assign an IP address to the NSX Guest Introspection service virtual machine from the selected IP pool.

10. Click Next and then click Finish on the Ready to complete page.

11. Monitor the deployment until the Installation Status column displays Succeeded.

12. If the Installation Status column displays Failed, click the icon next to Failed. All deployment errors are displayed. Click Resolve to fix the errors. In some cases, resolving the errors displays additional errors. Take the required action and click Resolve again.

What you end up with is a bunch of Service VMs (one for every host):

One comment

Leave a Reply

Your email address will not be published. Required fields are marked *