[Reproduced] "virtualization series" VMware vSphere 5.1 network management

Source: Internet
Author: User
Tags switches

Reprinted from: http://mabofeng.blog.51cto.com/2661587/1020375

The network is the foundation of VMware VSphere 5.1, and all virtual machines require a network for communication. If all virtual machines are considered to be physical machines, then on the network topology, different network connection devices and methods such as NIC and switch are required. In virtualization, these devices can be implemented in a virtualized way.

        VMware vsphere's infrastructure is the support of a physical network, a network that is built between physical machines to enable data to be sent and received between physical machines, VMware ESXi runs on top of the physical machine. Each ESXi host cannot leave the physical network, and once it leaves the physical network, the virtual network inside is meaningless.         in this blog, mainly on the VMware vSphere 5.1 network content: First, the standard switch network two, the distributed switch Network three, Migrating a standard switch to a distributed switch network Iv. Deploying and installing the Cisco Nexus 1000V switch         in fact VMware VSphere 5.1 of the network is easy to understand and easy to say, but it's hard to be difficult, but be sure to get started and understand the concept before you understand the VMware VSphere 5.1 network:        A physical network is a network that is established between physical machines to enable the physical machines to send and receive data between them. VMware ESXi runs on top of a physical machine.         Virtual Network is a network of logical connections between virtual machines running on a single physical machine to send and receive data to each other. A virtual machine can connect to a virtual network that is created when the network is added. The         Physical Ethernet switch manages network traffic between computers on the physical network. A switch can have multiple ports, and each port can be connected to a computer or other switch on the network. The behavior of each port can be configured in some way, depending on the needs of the computer to which it is connected. The switch will learn about the host that connects its ports and use that information to forward traffic to the correct physical machine. A switch is the core of a physical network. Multiple switches can be connected together to form a larger network. The         vSphere Standard switch operates in much the same way as a physical Ethernet switch. It detects a virtual machine that is logically connected to its virtual port and uses that information to forward traffic to the correct virtual machine. The virtual network can be connected using a physical Ethernet adapter (also known as an uplink adapter)To the physical network to connect the VSphere standard switch to the physical switch. This type of connection is similar to connecting a physical switch together to create a larger network. Even though the VSphere standard switch works much like a physical switch, it does not have some of the advanced features that physical switches have.         vSphere Distributed switch acts as a single switch between all the associated hosts on the datacenter. This enables virtual machines to ensure that their network configuration is consistent while migrating across multiple hosts. A distributed port is a port on a vSphere distributed Switch that is connected to the host's VMkernel or virtual machine's network adapter. Port groups specify port configuration options, such as broadband restrictions and VLAN tagging policies, for each port. Network services connect to a standard switch through a port group. The port group defines how the network is connected through the switch. Typically, a single standard switch is associated with one or more port groups. A distributed port group is a port group associated with VSphere distributed Switch that specifies port configuration options for each member port. Distributed port groups define how you connect to the network through VSphere distributed Switch.   one, standard switch          The simplest VMware vsphere architecture is an ESXI host and a NIC (also known as a network adapter) that runs several virtual machines, This is also the best understanding of the vsphere virtual network connection to the physical network. All connections are made through this network card, whether it is a storage network, a virtual machine network, or a management network, which communicates through this physical network card. The disadvantage of this way is that all the communication lines are walking a physical network card, causing the network card overload, affecting the normal communication, single-chip network card can not do data transmission redundancy, can cause a single point of failure.         set up a standard switch network below: 1. When you log in to the VMware vSphere Client, select the ESXi host, then select Configure in the tab and click Network. At this point, you can see the default installation of ESXi when the standard switch. 2. Select the vSphere standard switch view, and the standard switch will be displayed in an overview with a detailed layout. On the right side of the page, click Add Network. 3. Accept the default connection type (virtual machine or Vmkernel network), then click Next. The virtual machine network is the network of virtual machine communication, and the Vmkernel network is the functional network responsible for VMware vsphere. Select the network connection type as required and click Next. 4. Choose to create a vSphere standard switch or an existing standard switch listed and its associated physical adapter for use with this port group. You can create a standard switch with or without an Ethernet adapter. If you create a standard switch that does not have a physical network adapter, all traffic on that switch is limited to its internal. Virtual machines on other hosts on the physical network or on other standard switches cannot send or receive traffic through this standard switch. If you want a set of virtual machines to communicate with each other but not with other hosts or virtual machines other than the virtual group, you can create a standard switch without a physical network adapter. 5, if the established standard switch is Vmkernel network, then select the type of Vmkernel network to connect in the following page. You can use the VMotion traffic check box so that the port group notifies another host, which itself is the network connection that should send vMotion traffic. You can use the Fault tolerance logging check box to enable fault tolerance logging. You can use the Manage traffic check box to enable management traffic. Select Use IPv4 or IPV6 in the network type. 6. On the IPV4 Settings page, select the method for obtaining an IP address. 7. Review the settings on the upcoming page, then click Finish。 8, at this time can see the establishment of the 2nd standard switch, the switch is the middle of the image of the black fast, the left is a virtual network, the right is a physical network. If you need to modify a standard switch, you can click Properties to modify it. At this point, a standard switch is established.   second, distributed switch network          vSphere distributed switch is like a switch between all associated hosts. This enables you to set up network configurations across all member hosts, and enables virtual machines to maintain consistent network configuration when migrating across multiple hosts. As with vsphere standard switches, each vsphere distributed switch is also a network hub that virtual machines can use. A distributed switch can either forward internal traffic between virtual machines or link to an external network by connecting to a physical Ethernet adapter (also known as an uplink adapter). You can also assign one or more distributed port groups to each distributed switch. A distributed port group groups multiple ports into a common configuration and provides a stable anchor point for a virtual machine connected to a tagged network. Each distributed port group is identified by a network label that is unique to the current data center. The VLAN ID is optional and is used to limit the port group traffic to a logical Ethernet network segment within the physical network.         to create a vsphere distributed switch, the same number of network adapters added to the ESXi host must be on the same physical switch, And the VLAN used by the physical switch is allowed. Physical network cards that have joined the standard virtual Switch cannot be joined directly into the distributed virtual Switch and must be joined using migration. Multiple physical network cards can create multiple distributed switches. The distributed switch is the function of vcenter and ESXi must be managed by vcenter. 1. Add vsphere distributed Switch, in the vsphere Client, select the Network inventory view and select Data Center. Select the data Center command from the Manifest menu, right-click Data Center, select new vsphere distributed switch from the popup shortcut menu, and select vsphere Distributed switch version in the version Selection page. 2. 3. In the Name text box, type the name of the new VSphere distributed Switch. Use the arrow buttons to select the number of uplink ports, and then click Next. The uplink port connects the distributed switch to the physical network card on the associated host. The number of uplink ports is the maximum number of physical connections that are allowed per host to be established with the distributed switch. 4. In the Add host and Physical Configurator page, select whether to add the host and its physical adapter to VSphere distributed now or later Switch. If you choose to add now, select the host and physical adapter that you want to use by clicking the check box next to each host or adapter. During vsphere distributed switch creation, only available physical adapters can be added to the distributed switch. 5. On the upcoming completion page, select whether to automatically create a default port group. This option creates a distributed port group with the default settings. 6, the distributed switch is created successfully, each ESXi VMNIC5 network card is now on the distributed switch. Here will be a dvswitch-dvuplinks-67 and a dvPortGroup7, when the establishment is completed, we have to set the dvswitch-dvuplinks-67, first select dvswitch-dvuplinks-67, Right click on Settings. Here you can set up a variety of functions and policies. 8, of course, we also want to set the Dvportgroup, first select Dvportgroup, right click on the settings. Here you can set up a variety of functions and policies.    iii. migrating a standard switch to a distributed switch networkHowever, when we built the VMware vsphere Datacenter, we had set up standard switches on each ESXI host, but this process did not directly configure the distributed switch, so it would be unnecessarily cumbersome to reset the distributed switch. VMware has taken this issue into consideration for vsphere data centers, so we can migrate standard switches to vsphere distributed switch without disrupting network connectivity. However, in the process of migration, it is important to note that once you migrate a vmkernel network on ESXi, you must migrate the Vmkernel network of other hosts. It is best not to migrate the service console on an ESXi server that is joined to the center, so that ESXi hosts cannot be found at boot time. Let's look at how to migrate a network on a standard switch to a distributed virtual switch. 1. In the network Options group under the Configuration tab, select Vsphere distributed Switch, and then select Manage virtual adapters. 2. In the pop-up management virtual machine adapter, select Add. 3. In the open window, select Migrate existing virtual adapter option 4, for each virtual adapter, select the destination port group from the drop-down menu to migrate the virtual adapter to the distributed switch, or choose not to migrate. Click Next. 5. Check the settings for the distributed switch and click Finish. Iv. Deploying and installing the Cisco Nexus 1000V switchThe          Cisco nexustm 1000V Virtual Access switch is an intelligent software switch for use in VMware ESX environments. Cisco Nexus 1000V runs in the VMware ESX hypervisor, supports Cisco Vn-link Server virtualization Technology, provides policy-based virtual machine (VM) connectivity, mobile VM security and network policies, and operates without interference with server virtualization and networking teams. The         Cisco Nexus 1000V Virtual Ethernet module is part of the VMware ESX or ESXi kernel and can replace the capabilities of VMware virtual switches. Vem leverages the VMware Distributed Virtual Switch (DVS) API, developed jointly by Cisco and VMware, to provide advanced networking capabilities for virtual machines. This integration ensures that the Cisco Nexus 1000V fully understands all server virtualization activities, such as VMware VMotion and distributed Resourcescheduler (DRS). VEM get configuration information from the virtual Control engine module.         Cisco Nexus 1000V by including policy-based VM connectivity, VM security and Network attribute mobility, and operational mode without interference to run Cisco Vn-link Technology, provides you with a common physical and virtual infrastructure Management model.         Policy-based VM connectivity: to make VM creation and provisioning easier, the Cisco Nexus 1000V includes Port profile features, The dynamic characteristics of server virtualization can be supported from a network perspective. Port profiles allow you to define VM network policies for different types or levels of VMS, and then apply them through the VMware Virtual Center GUI to transparently provision network resources. Port profile is an extensible mechanism for configuring a large number of VMS for your network.         VM Security and Network Properties mobility: The network and security policies defined in Port profile always follow the VM's lifecycle, whether it migrates from one server to another, hangs, This is true of sleep or restart. In addition to the migration strategy, the Cisco Nexus The 1000V virtual Control engine module can also move the VM's network state, such as port counters. VMs that perform traffic monitoring activities such as Cisco NetFlow or Erspan can continue these activities without being affected by vmotion operations. When updating port profiles, the Cisco Nexus 1000V automatically provides real-time updates to all ports that use this port profile. The ability to migrate networks and security policies through vmotion makes it easier to achieve compliance because their security policies are defined in the same way as physical servers, and are continuously implemented by the Cisco Nexus 1000V.         Non-disruptive mode of operation: Thanks to tight integration with VMware Virtual Center, Cisco Nexus 1000V Allows virtualization administrators to continue to provision VMS using VMware tools. At the same time, network administrators can use the Cisco CLI, SNMP, XML APIs, and tools such as Erspan and NetFlow to provision and manipulate VM networks just like provisioning and manipulating physical networks. Although two teams work independently using common tools, Cisco NEXUS1000V can implement consistent configurations and policies in a server virtualization environment. This integration lowers the cost of ownership and supports various institutional boundaries between the server, network, security, and storage teams.         inside VMware Virtual Center, the VM is configured the same as before. Now you don't need to define the network configuration in virtual Center, the port profile defined on the Cisco Nexus 1000V control engine can be displayed as a port group in virtual Center. Virtualization administrators can take advantage of pre-configured port groups to focus on VM management, while network administrators can use port profiles to configure a large number of ports. These two teams work together to deploy server virtualization more efficiently and reduce operational expenses.         Cisco Nexus 1000V can be downloaded on Cisco Internet. The download requires a Cisco account to be registered. Once the download is complete, you can start the installation. 1, before installing the Cisco Nexus 1000V, first marked on ESXi 3 VLANs, a control VLAN for the VSM (used to detect and control Vems), a management VLAN for the VSM (remote management VSM), A PA for the VSMCket VLAN (with CDP and IGMP traffic), owning VLAN IDs of 3, 101, 102 (These VLANs are also created on the physical switch) 2, use the OVA template to install the VSM virtual machine. First unzip the nexus1000v.4.2.1.sv1.4a installation file to the appropriate directory. 3. Select the OVA file (it is recommended to use OVA file deployment instead of OVF) 4, view the OVF template details and click Next. 5. Review the End User License Agreement, click Agree, and then next. 6. Set the name and location of the virtual machine. 7, configuration Select Nexus 1000V Installer. 8. Set the Nexus 1000V disk format. 9, the next key set up three network card corresponding three VLANs. 10, set the initial network parameters of the VSM (to explain the VSM domain ID, it is mainly used to indicate the VSM control of the different network environment, in other words, the same network environment should use the same domain ID, this value of 1-4095) 11, in the near completion of the page, Review the summary of the deployment and click Finish to begin deploying the OVF. 12, enter the Admin user name and password, you can log in. 13. Install the Cisco Nexus 1000V plug-in on the vcenter server. 14. The Cisco nexus1000v will appear here, but it cannot be registered and the XML file needs to be installed.   15, open the virtual machine management address with the browser, download the cisco_nexus1000v_extension.xml, select the plugin manager in the vsphere client, right click on the blank to select the new plugin, Select the downloaded XML file and click Register. 16, in the plug-in manager, right click on the blank space to create a new plugin. 17, choose Cisco_nexus_1000v_extension.xml. 18. The security warning will pop up, click Ignore registration plugin. 19. Then connect the vcenter Server from the VSM virtual machine, if the connection fails, the plug-in is not normally registered successfully. n1000v# config tn1000v (config) # SVS connection vcn1000v ((config-svs-conn) # vmware DVS Datacenter-name dc-1n1000v (( Config-svs-conn) # Protocol vmware-vimn1000v ((config-svs-conn) # Remote IP address 192.168.0.20n1000v (CONFIG-SVS-conn) # connectn1000v# Show SVS connections defines the port profile used by the VSM and Vem communication. n1000v (config) # port-profile system-uplinkn1000v (config-port-prof) # switchport mode trunkn1000v (config-port-prof) # Switchport trunk allowed VLAN 1n1000v (config-port-prof) # no shutn1000v (config-port-prof) # system VLAN 1n1000v ( CONFIG-PORT-PROF) # vmware port-groupn1000v (config-port-prof) # capability uplinkn1000v (CONFIG-PORT-PROF) # state Enabled defines the port profile for other virtual machine data and uplink communications. n1000v$ config tn1000v (config) # port-profile vm-uplinkn1000v (config-port-prof) # switchport mode accessn1000v ( CONFIG-PORT-PROF) # capability uplinkn1000v (CONFIG-PORT-PROF) # switchport access VLAN 262n1000v (config-port-prof) # VMware port-groupn1000v (config-port-prof) # no shutn1000v (config-port-prof) # state enabledn1000v (config) # Port-profile data262n1000v (config-port-prof) # switchport mode accessn1000v (config-port-prof) # switchport Access VLAN 262n1000v (config-port-prof) # vmware Port-group data262n1000v (config-port-prof) # no shutn1000v (config-port-prof) #State enabledn1000v (config-port-prof) # copy Run start[########################################]19, After completing these steps, you can see the Nexus 1000v,cisco Nexus 1000V Right-click on the inventory > Networking in the vsphere client, select Add Host, Add the ESXi host to the Distributed Virtual Switch (DVS). 20. Select the network adapter to migrate to the virtual switch 21. You can see that the ESX console service port has been migrated. Migration of the past service port has been able to communicate properly. Repeat the above actions to add a second esx. In this way, the Cisco Nexus 1000V is generally installed, and then some settings are needed to be used, and Cisco Nexus 1000V is required to purchase authorization for normal use.

[Reproduced] "virtualization series" VMware vSphere 5.1 network management

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.