VMware Cloud Foundation (VCF) 9.0 continues to support one of the most popular and powerful load balancer, VMware Avi Load Balancer. When you deploy a new VMware Avi Load Balancer within a given VCF Domain, by default SDDC Manager will deploy three VMware Avi Controllers for high availability purposes.
For lab purposes, you may not need all three VMware Avi Controllers but there was no way to change the system default in earlier releases of VCF. With VCF 9.0, we now have way to deploy just a single VMware Avi Controller, which is fantastic for lab and testing purposes.
UPDATE (05/27/26) - This workaround is still applicable for VCF 9.1.0, there is variable called $vcf91 which is set to $true which will add an additional property that is required with VCF 9.1 and later deployments.
Disclaimer: This is not officially supported by Broadcom, use only within a lab environment.
Step 1 - Download your desired version of the VMware Avi Load Balancer OVA (e.g. controller-31.1.1-9122.ova) from the Broadcom Support Portal.
Step 2 - Upload the VMware Avi OVA to SDDC Manager to make it aware of the Avi Bundle. Please refer to the Broadcom documentation HERE that provides a nice script that will upload the VMware Avi OVA along with the required Product Version Catalog and Signature file, which you will also need to download.
Step 3 - SSH to SDDC Manager and add the following configuration to /home/vcf/feature.properties
feature.vcf.vgl-41078.alb.single.node.cluster=true
We now need to restart the SDDC Manager services by running the following command:
echo 'y' | /opt/vmware/vcf/operationsmanager/scripts/cli/sddcmanager_restart_services.sh
Step 4 - Use the deploy_one_node_nsx_alb.ps1 PowerShell script to deploy the single VMware Avi Controller as the SDDC Manager UI has hardcoded the three controller requirement, make sure to update the script with your own configuration before running as shown in the screenshot below:
You can monitor the progress of the VMware Avi deployment by using the SDDC Manager UI
As you can see from the screenshot below, our VMware Avi cluster is just a single node versus the three that is deployed by default!
now that is a really cool feature! 👏
I would like to inquire about replacing the NSX Load Balancer with AVI in a VPC within VMware Cloud Foundation. Could you please advise on the recommended approach, or provide any SOPs or reference documentation for this process?
thank you 🙂
Please see https://techdocs.broadcom.com/us/en/vmware-security-load-balancing/avi-load-balancer/avi-load-balancer-vmware-cloud-foundation/9-0/deploying-avi-load-balancer-in-vcf.html
Is there documentation for how to build clusters within a supervisor namespace that is on NSX VPCs + Avi Load balancers? I'm struggling to find how to construct the yaml files for a test cluster, before we rework them for a helm chart, and I'm seeing an error similar to "virtualmachine service lb does not have vip assigned virtual machine service does not have ingresses"
have same issue
When you say build a cluster, are you referring to deploying a vSphere Kubernetes Cluster?
Yes - I think I’m past the error I had before, but now it’s just weird. It’s building the VKS Cluster inside the namespace I made, and I see the services and pools come up in Avi, but then go red after the cluster control plane node comes online. Everything in NSX seems to be provisioned as well with the VPC l.
It feels like it’s almost there but I’m missing something simple that’s not in the documentation. Not sure if it’s NSX VPC, or Avi, or I need to build the namespace with a custom network or what.
Would you mind if I connected you directly with a couple of experts in this area offline?
I think I’m past it now, working with some folks the TAM got aligned with yesterday and today - thanks though!
Not sure exact issue because I did a lot of stuff to try to get it fixed - definitely the Avi management segment in NSX not having DHCP addresses contributed though
The script didn't work as is for 9.1 for us.
An additional parameter in line ~54 the parameter "payload" requires an additional
$payload = [ordered]@{
"vcfopsAdminPassword" = $aviAdminPassword
(this will use the AVI password for the required vcfopsAdmin account.)
Thanks! I've just updated the script to have an additional flag that'll automatically append the required field if the deployment is VCF 9.1 or later
Thanks for all the lab stuff as always
I did want to ask, you can deploy it as a single node cluster in VCF Operations in the WebUI no workarounds needed, however it shows up as degraded in the NSX UI meaning the Supervisor will fail to deploy and timeout waiting on the LB
Does your workaround fix that, or am I missing something else, as with it all being deployable in the GUI it should work
Yeah I was litterally about to post this too, I am just going through 9.1 upgrades in my home lab and noticed the new simple deployment of AVI which just deploys a single node. Hurah, makes things a lot simpler for labs or smaller deployments.