VCAP-CIA objective 2.3 – Manage vSphere network resources
The blueprint states the following skills needed to cover this objective.
- Create and manage vSphere port groups
- Configure vSphere network options including MTU and VLAN
- Prepare vSphere cluster for VXLAN
The goal to manage and create vSphere port groups is done at the vSphere level. There are 2 different scenarios here, as vCloud Director could be combined with an Enterprise License instead of an Enterprise Plus license on the ESXi hosts backing the Provider vDCs we will go through the process of creating and managing port groups on both vSwitches and dvSwitches.
Let’s tackle vSwitches first. To add a part group consistently to a cluster you will need to complete the process on all of the hosts. The first step is to go to the host you want to create the new port group on, go the Configuration or Manage tab depending on the client you are using and click the “Add networking” button.
You will then be asked what kind of port group you want to add, select Virtual Machine port group. Select an existing vSwitch or create a new one. Select the appropriate uplink ports and finally assign a VLAN to the port group and name it.
You will now be able to choose this port group to create a port group backed network pool in vCloud Director.
This port group can now be managed through the Web Client. You will be able to edit the MTU on the vSwitch level of that port group. The VLAN can be changed by editing the port group directly.
Security features (promiscuous mode, MAC address changes, forged transmits), traffic shaping options and failover options can be configured on the switch level and propagated to the port group or be overridden on the port group level.
Creating a port group on a dvSwitch is actually very similar. Just click the “New Distributed Port Group” button, enter a name and configure the settings including VLAN.
To edit the port group or dvSwitch settings click on the appropriate buttons, the same principles as for a vSwitch apply (MTU on the dvSwitch and VLAN on the port group).
Information on why you would want to increase the standard MTU of 1500 can be found in the vCloud Architecture Toolkit (if the exam asks you to configure VXLAN or VCD-NI backed pools be sure to check out the MTU size of the dvSwitch you are creating).
Oddly enough the blueprint does not mention that you will need to create dvSwitches or vSwitches, the process also is rather easy. For a dvSwitch simply right click the datacenter in the Web Client and choose “New Distributed Switch”, a wizard will pop up which will ask for a name and some basic settings (Note that you cannot configure the MTU through that wizard, you will need to edit the dvSwitch settings after you created it).
The process to create a vSwitch has been explained in the top part of this post already. This leaves the task to prepare the vSphere cluster for VXLAN. This process is not described in the administrator’s guide or the installation guide. But there is a white paper and a blog post which describe the process.
To configure VXLAN the classic vSphere Client is needed as the required plugin for the configuration is not available in the Web Client.
Click the preparation link to start the configuration process.
Next click on “Edit” and choose all applicable clusters.
Choose the dvSwitch that will handle the traffic and assign the appropriate VLAN ID.
Select the correct Failerover Policy in the next wizard screen (depending on your hardware configuration) and configure the MTU to 1600.
After hitting finish the status should look like this.
If no DHCP is providing IP addresses to the Virtual Tunnel Endpoints they need to be configured manually. This can be done by using the Web Client.
Last up is setting up the segment ID and multicast address. The segment ID pool will define how many isolated networks can be created.
There should be no errors anymore after creating a provider VDC in vCloud Director now as the clusters are fully prepared for VXLAN.