mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
929 lines
44 KiB
XML
929 lines
44 KiB
XML
<?xml version='1.0' encoding='utf-8' ?>
|
||
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
||
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
|
||
%BOOK_ENTITIES;
|
||
]>
|
||
|
||
<!-- Licensed to the Apache Software Foundation (ASF) under one
|
||
or more contributor license agreements. See the NOTICE file
|
||
distributed with this work for additional information
|
||
regarding copyright ownership. The ASF licenses this file
|
||
to you under the Apache License, Version 2.0 (the
|
||
"License"); you may not use this file except in compliance
|
||
with the License. You may obtain a copy of the License at
|
||
|
||
http://www.apache.org/licenses/LICENSE-2.0
|
||
|
||
Unless required by applicable law or agreed to in writing,
|
||
software distributed under the License is distributed on an
|
||
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||
KIND, either express or implied. See the License for the
|
||
specific language governing permissions and limitations
|
||
under the License.
|
||
-->
|
||
<section id="vmware-install">
|
||
<title>VMware vSphere Installation and Configuration</title>
|
||
<para>If you want to use the VMware vSphere hypervisor to run guest virtual machines, install
|
||
vSphere on the host(s) in your cloud.</para>
|
||
<xi:include href="vmware-requirements.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
|
||
<section id="vmware-preparation-checklist">
|
||
<title>Preparation Checklist for VMware</title>
|
||
<para>For a smoother installation, gather the following information before you start:</para>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>Information listed in <xref linkend="vmware-vcenter-checklist"/></para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Information listed in <xref linkend="vmware-network-checklist"/></para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
<section id="vmware-vcenter-checklist">
|
||
<title>vCenter Checklist</title>
|
||
<para>You will need the following information about vCenter.</para>
|
||
<informaltable frame="all">
|
||
<tgroup cols="3" align="left" colsep="1" rowsep="1">
|
||
<colspec colname="c1"/>
|
||
<colspec colname="c2"/>
|
||
<colspec colname="c3"/>
|
||
<thead>
|
||
<row>
|
||
<entry><para>vCenter Requirement</para></entry>
|
||
<entry><para>Value</para></entry>
|
||
<entry><para>Notes</para></entry>
|
||
</row>
|
||
</thead>
|
||
<tbody>
|
||
<row>
|
||
<entry><para>vCenter User</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>This user must have admin privileges.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>vCenter User Password</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>Password for the above user.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>vCenter Datacenter Name</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>Name of the datacenter.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>vCenter Cluster Name</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>Name of the cluster.</para></entry>
|
||
</row>
|
||
</tbody>
|
||
</tgroup>
|
||
</informaltable>
|
||
</section>
|
||
<section id="vmware-network-checklist">
|
||
<title>Networking Checklist for VMware</title>
|
||
<para>You will need the following information about VLAN.</para>
|
||
<informaltable frame="all">
|
||
<tgroup cols="3" align="left" colsep="1" rowsep="1">
|
||
<colspec colname="c1"/>
|
||
<colspec colname="c2"/>
|
||
<colspec colname="c3"/>
|
||
<thead>
|
||
<row>
|
||
<entry><para>VLAN Information</para></entry>
|
||
<entry><para>Value</para></entry>
|
||
<entry><para>Notes</para></entry>
|
||
</row>
|
||
</thead>
|
||
<tbody>
|
||
<row>
|
||
<entry><para>ESXi VLAN</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>VLAN on which all your ESXi hypervisors reside.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>ESXI VLAN IP Address</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>IP Address Range in the ESXi VLAN. One address per Virtual Router is used
|
||
from this range.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>ESXi VLAN IP Gateway</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para/></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>ESXi VLAN Netmask</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para/></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Management Server VLAN</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>VLAN on which the &PRODUCT; Management server is
|
||
installed.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Public VLAN</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>VLAN for the Public Network.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Public VLAN Gateway</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para/></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Public VLAN Netmask</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para/></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Public VLAN IP Address Range</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>Range of Public IP Addresses available for &PRODUCT; use. These addresses
|
||
will be used for virtual router on &PRODUCT; to route private traffic to external
|
||
networks.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>VLAN Range for Customer use</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>A contiguous range of non-routable VLANs. One VLAN will be assigned for
|
||
each customer.</para></entry>
|
||
</row>
|
||
</tbody>
|
||
</tgroup>
|
||
</informaltable>
|
||
</section>
|
||
</section>
|
||
<section id="vmware-vsphere-installation-steps">
|
||
<title>vSphere Installation Steps</title>
|
||
<orderedlist>
|
||
<listitem>
|
||
<para>If you haven't already, you'll need to download and purchase vSphere from the VMware
|
||
Website (<ulink url="https://www.vmware.com/tryvmware/index.php?p=vmware-vsphere&lp=1"
|
||
>https://www.vmware.com/tryvmware/index.php?p=vmware-vsphere&lp=1</ulink>) and
|
||
install it by following the VMware vSphere Installation Guide.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Following installation, perform the following configuration, which are described in
|
||
the next few sections:</para>
|
||
<informaltable frame="all">
|
||
<tgroup cols="2" align="left" colsep="1" rowsep="1">
|
||
<colspec colname="c1"/>
|
||
<colspec colname="c2"/>
|
||
<thead>
|
||
<row>
|
||
<entry><para>Required</para></entry>
|
||
<entry><para>Optional</para></entry>
|
||
</row>
|
||
</thead>
|
||
<tbody>
|
||
<row>
|
||
<entry><para>ESXi host setup</para></entry>
|
||
<entry><para>NIC bonding</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Configure host physical networking, virtual switch, vCenter Management
|
||
Network, and extended port range</para></entry>
|
||
<entry><para>Multipath storage</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Prepare storage for iSCSI</para></entry>
|
||
<entry><para/></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Configure clusters in vCenter and add hosts to them, or add hosts
|
||
without clusters to vCenter</para></entry>
|
||
<entry><para/></entry>
|
||
</row>
|
||
</tbody>
|
||
</tgroup>
|
||
</informaltable>
|
||
</listitem>
|
||
</orderedlist>
|
||
</section>
|
||
<section id="vmware-esxi-host-setup">
|
||
<title>ESXi Host setup</title>
|
||
<para>All ESXi hosts should enable CPU hardware virtualization support in BIOS. Please note
|
||
hardware virtualization support is not enabled by default on most servers.</para>
|
||
</section>
|
||
<section id="vmware-physical-host-networking">
|
||
<title>Physical Host Networking</title>
|
||
<para>You should have a plan for cabling the vSphere hosts. Proper network configuration is
|
||
required before adding a vSphere host to &PRODUCT;. To configure an ESXi host, you can use
|
||
vClient to add it as standalone host to vCenter first. Once you see the host appearing in the
|
||
vCenter inventory tree, click the host node in the inventory tree, and navigate to the
|
||
Configuration tab.</para>
|
||
<mediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/vmware-physical-network.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>vsphereclient.png: vSphere client</phrase>
|
||
</textobject>
|
||
</mediaobject>
|
||
<para>In the host configuration tab, click the "Hardware/Networking" link to bring up
|
||
the networking configuration page as above.</para>
|
||
<section id="vmware-physical-host-networking-config-vswitch">
|
||
<title>Configure Virtual Switch</title>
|
||
<para>A default virtual switch vSwitch0 is created. &PRODUCT; requires all ESXi hosts in the
|
||
cloud to use the same set of virtual switch names. If you change the default virtual switch
|
||
name, you will need to configure one or more &PRODUCT; configuration variables as
|
||
well.</para>
|
||
<section id="vmware-physical-host-networking-config-vswitch-separate-traffic">
|
||
<title>Separating Traffic</title>
|
||
<para>&PRODUCT; allows you to use vCenter to configure three separate networks per ESXi
|
||
host. These networks are identified by the name of the vSwitch they are connected to. The
|
||
allowed networks for configuration are public (for traffic to/from the public internet),
|
||
guest (for guest-guest traffic), and private (for management and usually storage traffic).
|
||
You can use the default virtual switch for all three, or create one or two other vSwitches
|
||
for those traffic types.</para>
|
||
<para>If you want to separate traffic in this way you should first create and configure
|
||
vSwitches in vCenter according to the vCenter instructions. Take note of the vSwitch names
|
||
you have used for each traffic type. You will configure &PRODUCT; to use these
|
||
vSwitches.</para>
|
||
</section>
|
||
<section id="vmware-physical-host-networking-config-vswitch-increasing-port">
|
||
<title>Increasing Ports</title>
|
||
<para>By default a virtual switch on ESXi hosts is created with 56 ports. We recommend
|
||
setting it to 4088, the maximum number of ports allowed. To do that, click the
|
||
"Properties..." link for virtual switch (note this is not the Properties link
|
||
for Networking).</para>
|
||
<mediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/vmware-increase-ports.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>vsphereclient.png: vSphere client</phrase>
|
||
</textobject>
|
||
</mediaobject>
|
||
<para>In vSwitch properties dialog, select the vSwitch and click Edit. You should see the
|
||
following dialog:</para>
|
||
<mediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/vmware-vswitch-properties.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>vsphereclient.png: vSphere client</phrase>
|
||
</textobject>
|
||
</mediaobject>
|
||
<para>In this dialog, you can change the number of switch ports. After you've done
|
||
that, ESXi hosts are required to reboot in order for the setting to take effect.</para>
|
||
</section>
|
||
</section>
|
||
<section id="vmware-physical-host-networking-config-vcenter-mgt">
|
||
<title>Configure vCenter Management Network</title>
|
||
<para>In the vSwitch properties dialog box, you may see a vCenter management network. This
|
||
same network will also be used as the &PRODUCT; management network. &PRODUCT; requires the
|
||
vCenter management network to be configured properly. Select the management network item in
|
||
the dialog, then click Edit.</para>
|
||
<mediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/vmware-mgt-network-properties.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>vsphereclient.png: vSphere client</phrase>
|
||
</textobject>
|
||
</mediaobject>
|
||
<para>Make sure the following values are set:</para>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>VLAN ID set to the desired ID</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>vMotion enabled.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Management traffic enabled.</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
<para>If the ESXi hosts have multiple VMKernel ports, and ESXi is not using the default value
|
||
"Management Network" as the management network name, you must follow these
|
||
guidelines to configure the management network port group so that &PRODUCT; can find
|
||
it:</para>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>Use one label for the management network port across all ESXi hosts.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>In the &PRODUCT; UI, go to Configuration - Global Settings and set
|
||
vmware.management.portgroup to the management network label from the ESXi hosts.</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section id="vmware-physical-networking-extend-port-console-proxy">
|
||
<title>Extend Port Range for &PRODUCT; Console Proxy</title>
|
||
<para>(Applies only to VMware vSphere version 4.x)</para>
|
||
<para>You need to extend the range of firewall ports that the console proxy works with on the
|
||
hosts. This is to enable the console proxy to work with VMware-based VMs. The default
|
||
additional port range is 59000-60000. To extend the port range, log in to the VMware ESX
|
||
service console on each host and run the following commands:</para>
|
||
<programlisting>
|
||
esxcfg-firewall -o 59000-60000,tcp,in,vncextras
|
||
esxcfg-firewall -o 59000-60000,tcp,out,vncextras
|
||
</programlisting>
|
||
</section>
|
||
<section id="vmware-physical-networking-config-vsphere-nic-bond">
|
||
<title>Configure NIC Bonding for vSphere</title>
|
||
<para>NIC bonding on vSphere hosts may be done according to the vSphere installation
|
||
guide.</para>
|
||
</section>
|
||
</section>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch">
|
||
<title>Configuring a vSphere Cluster with Nexus 1000v Virtual Switch</title>
|
||
<para>&PRODUCT; supports Cisco Nexus 1000v dvSwitch (Distributed Virtual Switch) for virtual
|
||
network configuration in a VMware vSphere environment. This section helps you configure a
|
||
vSphere cluster with Nexus 1000v virtual switch in a VMware vCenter environment. For
|
||
information on creating a vSphere cluster, see <xref linkend="vmware-install"/></para>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-about">
|
||
<title>About Cisco Nexus 1000v Distributed Virtual Switch</title>
|
||
<para>The Cisco Nexus 1000V virtual switch is a software-based virtual machine access switch
|
||
for VMware vSphere environments. It can span multiple hosts running VMware ESXi 4.0 and
|
||
later. A Nexus virtual switch consists of two components: the Virtual Supervisor Module
|
||
(VSM) and the Virtual Ethernet Module (VEM). The VSM is a virtual appliance that acts as the
|
||
switch's supervisor. It controls multiple VEMs as a single network device. The VSM is
|
||
installed independent of the VEM and is deployed in redundancy mode as pairs or as a
|
||
standalone appliance. The VEM is installed on each VMware ESXi server to provide
|
||
packet-forwarding capability. It provides each virtual machine with dedicated switch ports.
|
||
This VSM-VEM architecture is analogous to a physical Cisco switch's supervisor
|
||
(standalone or configured in high-availability mode) and multiple linecards
|
||
architecture.</para>
|
||
<para>Nexus 1000v switch uses vEthernet port profiles to simplify network provisioning for
|
||
virtual machines. There are two types of port profiles: Ethernet port profile and vEthernet
|
||
port profile. The Ethernet port profile is applied to the physical uplink ports-the NIC
|
||
ports of the physical NIC adapter on an ESXi server. The vEthernet port profile is
|
||
associated with the virtual NIC (vNIC) that is plumbed on a guest VM on the ESXi server. The
|
||
port profiles help the network administrators define network policies which can be reused
|
||
for new virtual machines. The Ethernet port profiles are created on the VSM and are
|
||
represented as port groups on the vCenter server.</para>
|
||
</section>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-prerequisite-guide">
|
||
<title>Prerequisites and Guidelines</title>
|
||
<para>This section discusses prerequisites and guidelines for using Nexus virtual switch in
|
||
&PRODUCT;. Before configuring Nexus virtual switch, ensure that your system meets the
|
||
following requirements:</para>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>A cluster of servers (ESXi 4.1 or later) is configured in the vCenter.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Each cluster managed by &PRODUCT; is the only cluster in its vCenter
|
||
datacenter.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>A Cisco Nexus 1000v virtual switch is installed to serve the datacenter that
|
||
contains the vCenter cluster. This ensures that &PRODUCT; doesn't have to deal with
|
||
dynamic migration of virtual adapters or networks across other existing virtual
|
||
switches. See <ulink
|
||
url="http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_5_1/install_upgrade/vsm_vem/guide/n1000v_installupgrade.html"
|
||
>Cisco Nexus 1000V Installation and Upgrade Guide</ulink> for guidelines on how to
|
||
install the Nexus 1000v VSM and VEM modules.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>The Nexus 1000v VSM is not deployed on a vSphere host that is managed by
|
||
&PRODUCT;.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>When the maximum number of VEM modules per VSM instance is reached, an additional
|
||
VSM instance is created before introducing any more ESXi hosts. The limit is 64 VEM
|
||
modules for each VSM instance.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>&PRODUCT; expects that the Management Network of the ESXi host is configured on the
|
||
standard vSwitch and searches for it in the standard vSwitch. Therefore, ensure that you
|
||
do not migrate the management network to Nexus 1000v virtual switch during
|
||
configuration.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>All information given in <xref
|
||
linkend="vmware-vsphere-cluster-config-nexus-vswitch-preconfig"/></para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</section>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-preconfig">
|
||
<title>Nexus 1000v Virtual Switch Preconfiguration</title>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-preconfig-checklist">
|
||
<title>Preparation Checklist</title>
|
||
<para>For a smoother configuration of Nexus 1000v switch, gather the following information
|
||
before you start:</para>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>vCenter Credentials</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Nexus 1000v VSM IP address</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Nexus 1000v VSM Credentials</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Ethernet port profile names</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-vcenter-credential-checklist">
|
||
<title>vCenter Credentials Checklist</title>
|
||
<para>You will need the following information about vCenter:</para>
|
||
<informaltable frame="all">
|
||
<tgroup cols="3" align="left" colsep="1" rowsep="1">
|
||
<colspec colname="c1"/>
|
||
<colspec colname="c2"/>
|
||
<colspec colname="c3"/>
|
||
<thead>
|
||
<row>
|
||
<entry><para>Nexus vSwitch Requirements</para></entry>
|
||
<entry><para>Value</para></entry>
|
||
<entry><para>Notes</para></entry>
|
||
</row>
|
||
</thead>
|
||
<tbody>
|
||
<row>
|
||
<entry><para>vCenter IP</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>The IP address of the vCenter.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Secure HTTP Port Number</para></entry>
|
||
<entry><para>443</para></entry>
|
||
<entry><para>Port 443 is configured by default; however, you can change the port
|
||
if needed.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>vCenter User ID</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>The vCenter user with administrator-level privileges. The vCenter
|
||
User ID is required when you configure the virtual switch in
|
||
&PRODUCT;.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>vCenter Password</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>The password for the vCenter user specified above. The password for
|
||
this vCenter user is required when you configure the switch in
|
||
&PRODUCT;.</para></entry>
|
||
</row>
|
||
</tbody>
|
||
</tgroup>
|
||
</informaltable>
|
||
</section>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-net-config-checklist">
|
||
<title>Network Configuration Checklist</title>
|
||
<para>The following information specified in the Nexus Configure Networking screen is
|
||
displayed in the Details tab of the Nexus dvSwitch in the &PRODUCT; UI:</para>
|
||
<informaltable frame="all">
|
||
<tgroup cols="3" align="left" colsep="1" rowsep="1">
|
||
<colspec colname="c1"/>
|
||
<colspec colname="c2"/>
|
||
<colspec colname="c3"/>
|
||
<thead>
|
||
<row>
|
||
<entry><para>Network Requirements</para></entry>
|
||
<entry><para>Value</para></entry>
|
||
<entry><para>Notes</para></entry>
|
||
</row>
|
||
</thead>
|
||
<tbody>
|
||
<row>
|
||
<entry><para>Control Port Group VLAN ID</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>The VLAN ID of the Control Port Group. The control VLAN is used for
|
||
communication between the VSM and the VEMs.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Management Port Group VLAN ID</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>The VLAN ID of the Management Port Group. The management VLAN
|
||
corresponds to the mgmt0 interface that is used to establish and maintain the
|
||
connection between the VSM and VMware vCenter Server.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Packet Port Group VLAN ID</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>The VLAN ID of the Packet Port Group. The packet VLAN forwards
|
||
relevant data packets from the VEMs to the VSM.</para></entry>
|
||
</row>
|
||
</tbody>
|
||
</tgroup>
|
||
</informaltable>
|
||
<note>
|
||
<para>The VLANs used for control, packet, and management port groups can be the
|
||
same.</para>
|
||
</note>
|
||
<para>For more information, see <ulink
|
||
url="http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4_b/getting_started/configuration/guide/n1000v_gsg.pdf"
|
||
>Cisco Nexus 1000V Getting Started Guide</ulink>.</para>
|
||
</section>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-vsm-config-checklist">
|
||
<title>VSM Configuration Checklist</title>
|
||
<para>You will need the following information about network configuration:</para>
|
||
<informaltable frame="all">
|
||
<tgroup cols="3" align="left" colsep="1" rowsep="1">
|
||
<colspec colname="c1"/>
|
||
<colspec colname="c2"/>
|
||
<colspec colname="c3"/>
|
||
<thead>
|
||
<row>
|
||
<entry><para>VSM Configuration Parameters Value Notes</para></entry>
|
||
<entry><para>Value</para></entry>
|
||
<entry><para>Notes</para></entry>
|
||
</row>
|
||
</thead>
|
||
<tbody>
|
||
<row>
|
||
<entry><para>Admin Name and Password</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>The admin name and password to connect to the VSM appliance. You must
|
||
specify these credentials while configuring Nexus virtual
|
||
switch.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Management IP Address</para></entry>
|
||
<entry><para/></entry>
|
||
<entry><para>This is the IP address of the VSM appliance. This is the IP address
|
||
you specify in the virtual switch IP Address field while configuting Nexus
|
||
virtual switch.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>SSL</para></entry>
|
||
<entry><para>Enable</para></entry>
|
||
<entry><para>Always enable SSL. SSH is usually enabled by default during the VSM
|
||
installation. However, check whether the SSH connection to the VSM is working,
|
||
without which &PRODUCT; failes to connect to the VSM.</para></entry>
|
||
</row>
|
||
</tbody>
|
||
</tgroup>
|
||
</informaltable>
|
||
</section>
|
||
</section>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-create-port-profile">
|
||
<title>Creating a Port Profile</title>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>Whether you create a Basic or Advanced zone configuration, ensure that you always
|
||
create an Ethernet port profile on the VSM after you install it and before you create
|
||
the zone.</para>
|
||
<itemizedlist>
|
||
<listitem>
|
||
<para>The Ethernet port profile created to represent the physical network or
|
||
networks used by an Advanced zone configuration trunk all the VLANs including
|
||
guest VLANs, the VLANs that serve the native VLAN, and the
|
||
packet/control/data/management VLANs of the VSM.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>The Ethernet port profile created for a Basic zone configuration does not
|
||
trunk the guest VLANs because the guest VMs do not get their own VLANs provisioned
|
||
on their network interfaces in a Basic zone.</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>An Ethernet port profile configured on the Nexus 1000v virtual switch should not
|
||
use in its set of system VLANs, or any of the VLANs configured or intended to be
|
||
configured for use towards VMs or VM resources in the &PRODUCT; environment.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>You do not have to create any vEthernet port profiles – &PRODUCT; does that during
|
||
VM deployment.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Ensure that you create required port profiles to be used by &PRODUCT; for
|
||
different traffic types of &PRODUCT;, such as Management traffic, Guest traffic,
|
||
Storage traffic, and Public traffic. The physical networks configured during zone
|
||
creation should have a one-to-one relation with the Ethernet port profiles.</para>
|
||
</listitem>
|
||
</itemizedlist>
|
||
<mediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/vmware-nexus-port-profile.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>vsphereclient.png: vSphere client</phrase>
|
||
</textobject>
|
||
</mediaobject>
|
||
<para>For information on creating a port profile, see <ulink
|
||
url="http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4_a/port_profile/configuration/guide/n1000v_port_profile.html"
|
||
>Cisco Nexus 1000V Port Profile Configuration Guide</ulink>.</para>
|
||
</section>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-assign-nic-adapters">
|
||
<title>Assigning Physical NIC Adapters</title>
|
||
<para>Assign ESXi host's physical NIC adapters, which correspond to each physical
|
||
network, to the port profiles. In each ESXi host that is part of the vCenter cluster,
|
||
observe the physical networks assigned to each port profile and note down the names of the
|
||
port profile for future use. This mapping information helps you when configuring physical
|
||
networks during the zone configuration on &PRODUCT;. These Ethernet port profile names are
|
||
later specified as VMware Traffic Labels for different traffic types when configuring
|
||
physical networks during the zone configuration. For more information on configuring
|
||
physical networks, see <xref linkend="vmware-vsphere-cluster-config-nexus-vswitch"
|
||
/>.</para>
|
||
</section>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-add-vlan-range">
|
||
<title>Adding VLAN Ranges</title>
|
||
<para>Determine the public VLAN, System VLAN, and Guest VLANs to be used by the &PRODUCT;.
|
||
Ensure that you add them to the port profile database. Corresponding to each physical
|
||
network, add the VLAN range to port profiles. In the VSM command prompt, run the
|
||
switchport trunk allowed vlan<range> command to add the VLAN ranges to the port
|
||
profile.</para>
|
||
<para>For example:</para>
|
||
<programlisting>switchport trunk allowed vlan 1,140-147,196-203</programlisting>
|
||
<para>In this example, the allowed VLANs added are 1, 140-147, and 196-203</para>
|
||
<para>You must also add all the public and private VLANs or VLAN ranges to the switch. This
|
||
range is the VLAN range you specify in your zone.</para>
|
||
<note>
|
||
<para>Before you run the vlan command, ensure that the configuration mode is enabled in
|
||
Nexus 1000v virtual switch.</para>
|
||
</note>
|
||
<para>For example:</para>
|
||
<para>If you want the VLAN 200 to be used on the switch, run the following command:</para>
|
||
<programlisting>vlan 200</programlisting>
|
||
<para>If you want the VLAN range 1350-1750 to be used on the switch, run the following
|
||
command:</para>
|
||
<programlisting>vlan 1350-1750</programlisting>
|
||
<para>Refer to Cisco Nexus 1000V Command Reference of specific product version.</para>
|
||
</section>
|
||
</section>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-enable">
|
||
<title>Enabling Nexus Virtual Switch in &PRODUCT;</title>
|
||
<para>To make a &PRODUCT; deployment Nexus enabled, you must set the vmware.use.nexus.vswitch
|
||
parameter true by using the Global Settings page in the &PRODUCT; UI. Unless this parameter
|
||
is set to "true" and restart the management server, you cannot see any UI options
|
||
specific to Nexus virtual switch, and &PRODUCT; ignores the Nexus virtual switch specific
|
||
parameters specified in the AddTrafficTypeCmd, UpdateTrafficTypeCmd, and AddClusterCmd API
|
||
calls.</para>
|
||
<para>Unless the &PRODUCT; global parameter "vmware.use.nexus.vswitch" is set to
|
||
"true", &PRODUCT; by default uses VMware standard vSwitch for virtual network
|
||
infrastructure. In this release, &PRODUCT; doesn’t support configuring virtual networks in a
|
||
deployment with a mix of standard vSwitch and Nexus 1000v virtual switch. The deployment can
|
||
have either standard vSwitch or Nexus 1000v virtual switch.</para>
|
||
</section>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-config">
|
||
<title>Configuring Nexus 1000v Virtual Switch in &PRODUCT;</title>
|
||
<para>You can configure Nexus dvSwitch by adding the necessary resources while the zone is
|
||
being created.</para>
|
||
<mediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/vmware-nexus-add-cluster.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>vsphereclient.png: vSphere client</phrase>
|
||
</textobject>
|
||
</mediaobject>
|
||
<para>After the zone is created, if you want to create an additional cluster along with Nexus
|
||
1000v virtual switch in the existing zone, use the Add Cluster option. For information on
|
||
creating a cluster, see <xref linkend="add-clusters-vsphere"/>.</para>
|
||
<para>In both these cases, you must specify the following parameters to configure Nexus
|
||
virtual switch:</para>
|
||
<informaltable frame="all">
|
||
<tgroup cols="2" align="left" colsep="1" rowsep="1">
|
||
<colspec colname="c1"/>
|
||
<colspec colname="c2"/>
|
||
<thead>
|
||
<row>
|
||
<entry><para>Parameters</para></entry>
|
||
<entry><para>Description</para></entry>
|
||
</row>
|
||
</thead>
|
||
<tbody>
|
||
<row>
|
||
<entry><para>Cluster Name</para></entry>
|
||
<entry><para>Enter the name of the cluster you created in vCenter. For example,
|
||
"cloud.cluster".</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>vCenter Host</para></entry>
|
||
<entry><para>Enter the host name or the IP address of the vCenter host where you have
|
||
deployed the Nexus virtual switch.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>vCenter User name</para></entry>
|
||
<entry><para>Enter the username that &PRODUCT; should use to connect to vCenter. This
|
||
user must have all administrative privileges.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>vCenter Password</para></entry>
|
||
<entry><para>Enter the password for the user named above.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>vCenter Datacenter</para></entry>
|
||
<entry><para>Enter the vCenter datacenter that the cluster is in. For example,
|
||
"cloud.dc.VM".</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Nexus dvSwitch IP Address</para></entry>
|
||
<entry><para>The IP address of the VSM component of the Nexus 1000v virtual
|
||
switch.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Nexus dvSwitch Username</para></entry>
|
||
<entry><para>The admin name to connect to the VSM appliance.</para></entry>
|
||
</row>
|
||
<row>
|
||
<entry><para>Nexus dvSwitch Password</para></entry>
|
||
<entry><para>The corresponding password for the admin user specified
|
||
above.</para></entry>
|
||
</row>
|
||
</tbody>
|
||
</tgroup>
|
||
</informaltable>
|
||
</section>
|
||
<section id="vmware-vsphere-cluster-config-nexus-vswitch-remove">
|
||
<title>Removing Nexus Virtual Switch</title>
|
||
<orderedlist>
|
||
<listitem>
|
||
<para>In the vCenter datacenter that is served by the Nexus virtual switch, ensure that
|
||
you delete all the hosts in the corresponding cluster.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Log in with Admin permissions to the &PRODUCT; administrator UI.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>In the left navigation bar, select Infrastructure.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>In the Infrastructure page, click View all under Clusters.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Select the cluster where you want to remove the virtual switch.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>In the dvSwitch tab, click the name of the virtual switch.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para> In the Details page, click Delete Nexus dvSwitch icon. <inlinemediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/delete-button.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>DeleteButton.png: button to delete dvSwitch</phrase>
|
||
</textobject>
|
||
</inlinemediaobject>
|
||
</para>
|
||
<para>Click Yes in the confirmation dialog box.</para>
|
||
</listitem>
|
||
</orderedlist>
|
||
</section>
|
||
</section>
|
||
<xi:include href="vmware-cluster-config-dvswitch.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
|
||
<section id="vmware-vsphere-iscsi-storage-preparation">
|
||
<title>Storage Preparation for vSphere (iSCSI only)</title>
|
||
<para>Use of iSCSI requires preparatory work in vCenter. You must add an iSCSI target and create
|
||
an iSCSI datastore.</para>
|
||
<para>If you are using NFS, skip this section.</para>
|
||
<section id="vmware-vsphere-iscsi-storage-enable-initiator">
|
||
<title>Enable iSCSI initiator for ESXi hosts</title>
|
||
<orderedlist>
|
||
<listitem>
|
||
<para>In vCenter, go to hosts and Clusters/Configuration, and click Storage Adapters link.
|
||
You will see:</para>
|
||
<mediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/vmware-iscsi-initiator.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>vsphereclient.png: vSphere client</phrase>
|
||
</textobject>
|
||
</mediaobject>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Select iSCSI software adapter and click Properties.</para>
|
||
<mediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/vmware-iscsi-initiator-properties.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>vsphereclient.png: vSphere client</phrase>
|
||
</textobject>
|
||
</mediaobject>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Click the Configure... button.</para>
|
||
<mediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/vmware-iscsi-general.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>vsphereclient.png: vSphere client</phrase>
|
||
</textobject>
|
||
</mediaobject>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Check Enabled to enable the initiator.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Click OK to save.</para>
|
||
</listitem>
|
||
</orderedlist>
|
||
</section>
|
||
<section id="vmware-vsphere-iscsi-storage-add-target">
|
||
<title>Add iSCSI target</title>
|
||
<para>Under the properties dialog, add the iSCSI target info:</para>
|
||
<mediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/vmware-iscsi-target-add.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>vsphereclient.png: vSphere client</phrase>
|
||
</textobject>
|
||
</mediaobject>
|
||
<para>Repeat these steps for all ESXi hosts in the cluster.</para>
|
||
</section>
|
||
<section id="vmware-vsphere-iscsi-storage-create-datastore">
|
||
<title>Create an iSCSI datastore</title>
|
||
<para>You should now create a VMFS datastore. Follow these steps to do so:</para>
|
||
<orderedlist>
|
||
<listitem>
|
||
<para>Select Home/Inventory/Datastores.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Right click on the datacenter node.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Choose Add Datastore... command.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Follow the wizard to create a iSCSI datastore.</para>
|
||
</listitem>
|
||
</orderedlist>
|
||
<para>This procedure should be done on one host in the cluster. It is not necessary to do this
|
||
on all hosts.</para>
|
||
<mediaobject>
|
||
<imageobject>
|
||
<imagedata fileref="./images/vmware-iscsi-datastore.png"/>
|
||
</imageobject>
|
||
<textobject>
|
||
<phrase>vsphereclient.png: vSphere client</phrase>
|
||
</textobject>
|
||
</mediaobject>
|
||
</section>
|
||
<section id="vmware-vsphere-iscsi-storage-multipathing">
|
||
<title>Multipathing for vSphere (Optional)</title>
|
||
<para>Storage multipathing on vSphere nodes may be done according to the vSphere installation
|
||
guide.</para>
|
||
</section>
|
||
</section>
|
||
<section id="vmware-add-hosts-config-vsphere-cluster">
|
||
<title>Add Hosts or Configure Clusters (vSphere)</title>
|
||
<para>Use vCenter to create a vCenter cluster and add your desired hosts to the cluster. You
|
||
will later add the entire cluster to &PRODUCT;. (see <xref linkend="add-clusters-vsphere"
|
||
/>).</para>
|
||
</section>
|
||
<section id="esxi-patch-install">
|
||
<title>Applying Hotfixes to a VMware vSphere Host</title>
|
||
<orderedlist>
|
||
<listitem>
|
||
<para>Disconnect the VMware vSphere cluster from &PRODUCT;. It should remain disconnected
|
||
long enough to apply the hotfix on the host.</para>
|
||
<orderedlist numeration="loweralpha">
|
||
<listitem>
|
||
<para>Log in to the &PRODUCT; UI as root. </para>
|
||
<para>See <xref linkend="log-in"/>.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Navigate to the VMware cluster, click Actions, and select Unmanage.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Watch the cluster status until it shows Unmanaged.</para>
|
||
</listitem>
|
||
</orderedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Perform the following on each of the ESXi hosts in the cluster:</para>
|
||
<orderedlist numeration="loweralpha">
|
||
<listitem>
|
||
<para>Move each of the ESXi hosts in the cluster to maintenance mode.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Ensure that all the VMs are migrated to other hosts in that cluster.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>If there is only one host in that cluster, shutdown all the VMs and move the host
|
||
into maintenance mode.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Apply the patch on the ESXi host.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Restart the host if prompted.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Cancel the maintenance mode on the host.</para>
|
||
</listitem>
|
||
</orderedlist>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Reconnect the cluster to &PRODUCT;:</para>
|
||
<orderedlist numeration="loweralpha">
|
||
<listitem>
|
||
<para>Log in to the &PRODUCT; UI as root.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Navigate to the VMware cluster, click Actions, and select Manage.</para>
|
||
</listitem>
|
||
<listitem>
|
||
<para>Watch the status to see that all the hosts come up. It might take several minutes
|
||
for the hosts to come up.</para>
|
||
<para>Alternatively, verify the host state is properly synchronized and updated in the
|
||
&PRODUCT; database.</para>
|
||
</listitem>
|
||
</orderedlist>
|
||
</listitem>
|
||
</orderedlist>
|
||
</section>
|
||
</section>
|