VCAP-DCA 5 Objective 2.1–Implement & Manage Complex Virtual Networks

Objective 2.1 – Implement & Manage Complex Virtual Networks

For this objective I used the following resources:

  • vCenter Server and Host Management guide
  • vSphere Networking guide
  • VMware White Paper – VMware vNetwork Distributed Switch: Migration and Configuration
  • VMware KB Article 1008065
  • VMware VROOM! Blog
  • Eric Sloof’s blog
  • Jason Boche’s blog

Knowledge

Identify Common Virtual Switch Configurations

Focus around VMware best practices for virtual switches

  • Use multiple physical uplinks per vSwitch
  • Separate network traffic from VMkernel ports and VM traffic (VLANs, dedicated pNICs)
  • Select the appropriate Load Balancing policy for your configuration
  • Dedicated vSwitch for IP based storage (iSCSI, NFS)
  • Secure network for Management Network traffic

Skills and Abilities

Configure SNMP

  • Configuring SNMP on vCenter Server

    1. Select Administration -> vCenter Server Settingsto display the vCenter Server Settings dialog box

    2. In the settings list, select SNMP

    3. In Receiver URL, enter the host name or IP address of the SNMP receiver

    4. In the field next to the Receiver URL field, enter the port number of the receiver

    Note – The port number must be a value between 1 and 65535

    5. In Community, enter the community identifier

    6. Click OK

For further information see page 37 of the vCenter Server and Host Management guide

  • Configuring SNMP on an ESXi host

SNMP can be configured either via vSphere CLI or using the VMware vMA with the vicfg-snmp command. I will be outlining the process via the vicfg-snmp command.

  • Specify the communities and trap targets

# vicfg-snmp –t <target hostname>@<port>/<community>

  • Enable the SNMP service

# vicfg-snmp –E

  • Send a test trap to verify that the agent is configure correctly

# vicfg-snmp –T

Eric Sloof (blog / twitter) has put together a great video going into greater detail of the above steps. Video located HERE.

Determine Use Cases For and Apply VMware DirectPath I/O

Josh Coen (blog / twitter) has already covered this top in Objective 1.1 located HERE.

Migrate a vSS Network to a Hybrid or Full vDS Solution

Migration from a vNetwork standard Switch only environment to one featuring one or more vNetwork Distributed Switches can be accomplished in either of two ways:

  • Using only the vDS User Interface (vDS UI)
  • Using a combination of the vDS UI and Host Profiles

Table of Migration Methods

image

 

Migration Process Work Flow

image

Host Migration with some Disruption to VMs – The process outlined in Step 3 above includes two sub-steps:

  • Migration of vmnics and virtual ports (VMkernel ports and Service Consoles) can be migrated in a single step from vCenter Server
  • Migration of VM Networking where the VMs are migrated from vSS Port Groups to vDS DV Port Groups

If all vmnics are migrated in the first step above then all VMs will lose network connectivity until the following step is completed.

Host Migration without Disruption to VMs– If you need completely non-disruptive migration for VMs while deploying vDS, then a phased vmnic migration is required. The objective of a phased migration of vmnics is to maintain concurrent network connectivity over both vSS and vDS switches so that VM migration from vSS Port Groups to vDS DV Port Groups can proceed without interruption to network sessions.

Step 3 of the non-disruptive process based on the above flow chart is as follows

  • Add host to vDS
  • Migrate one vmnic from the NIC team supporting VM networking from vSS to vDS dvUplink
  • Migrate VM networking from vSS Port Groups to vDS DV Port Groups
  • Migrate remaining vmnics and virtual ports (vmkernel and Service Consoles) to vDS

Source: VMware White Paper – VMware vNetwork Distributed Switch: Migration and Configuration

Configure vSS and vDS Settings Using Command Line Tools

Analyze Command Line Output to Identify vSS and vDS Configuration Details

I am grouping both of these topics together as you will utilize most of the same commands to either configure or gain insight on how a vSS or vDS is configured. Also of note, the esxcfg-* commands are still available however learn and study the new esxcli commands as well.

Several commands can be used to configure vSwitches

  • esxcfg-vswitch – Examine and configure virtual switches
  • esxcfg-vswif – Examine and configure service console ports
  • esxcfg-vmknic – Examine and configure VMkernel ports
  • esxcfg-route – Examine and configure routing
  • esxcli network namespace
    • ip namespace – Commands to create/configure vmk nics
    • vswitch namespace – Command to manipulate virtual switches
    • nic namespace – Configuration of physical interfaces

 Configure Netflow

  1. Log in to the vSphere Client and select the Networkinginventory view
  2. Right-click the vSphere distributed switch in the inventory pane, and select Edit Settings
  3. Navigate to the NetFlowtab
  4. Type the IP address and Portof the NetFlow collector
  5. Type the VDS IP address
  6. (Optional) Use the up and down menu arrow to set the Sampling rate.
  7. (Optional) Select Process internal flows onlyto collect data only on network activity between virtual machines on the same host
  8. Click OK

For further reading see page 70 of the vSphere Networking guide as well as THIS post on the VMware Networking blog

Eric Sloof again has a great video to guide you through the above steps located HERE.

Determine Appropriate Discovery Protocol

Switch discovery protocols allows vSphere administrators to determine which switch port is connected to a given vSphere standard switch (CDP only) or vSphere distributed switch (both CDP and LLDP).

  • Enable Cisco Discovery Protocol on a vDS
  1.  Log in to the vSphere Client and select the Networkinginventory view
  2. Right-click the vSphere distributed switch in the inventory pane, and select Edit Settings
  3. On the Properties tab, select Advanced
  4. Select Enabledfrom the Status drop-down menu
  5. Select Cisco Discovery Protocol from the Typedrop-down menu
  6. Select the CDP mode from the Operation drop-down menu
    Option Description
    Listen ESXi detects and displays information about the associated Cisco switch port, but information about the vSphere distributed switch is not available to the Cisco switch administrator
    Advertise ESXi makes information about the vSphere distributed switch available to the Cisco switch administrator, but does not detect and display information about the Cisco switch
    Both ESXi detects and displays information about the associated Cisco switch and makes information about the vSphere distributed switch available to the Cisco switch administrator
  7. Click OK
  • Enable Link Layer Discovery Protocol on a vDS
  1. Log in to the vSphere Client and select the Networkinginventory view
  2. Right-click the vSphere distributed switch in the inventory pane, and select Edit Settings
  3. On the Properties tab, select Advanced
  4. Select Enabledfrom the Status drop-down menu
  5. Select Link Layer Protocol from the Typedrop-down menu
  6. Select the LLDP mode from the Operation drop-down menu
    Option Description
    Listen ESXi detects and displays information about the associated physical switch port, but information about the vSphere distributed switch is not available to the switch administrator
    Advertise ESXi makes information about the vSphere distributed switch available to the physical switch administrator, but does not detect and display information about the physical switch
    Both ESXi detects and displays information about the associated physical switch and makes information about the vSphere distributed switch available to the switch administrator
  7. Click OK

For further reading see page 70 of the vSphere Networking guide.

Jason Boche (blog / twitter) has also written two blog posts covering the use of CDP and LLDP. They can be found HERE and HERE.

%d bloggers like this: