cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
187
Views
10
Helpful
3
Replies

Can Intersight create user vlans for all layer of a hyperflex cluster?

Navigator
Beginner
Beginner

Hello,

I have recently deployed a hyperflex cluster using Cisco Intersight, this cluster is connected to Fabric Interconnects and has ESXis connected to vCenter now, I couldn't find a way to deploy new user VLANs but manually or using the hyperflex connect post_install script.

I'm wondering if Cisco intersight can help here! I coudn't find the option but can't understand why a huge product like intersight which should actually "manage" and make hyperflex administration easy does not have the option to create VLANs across all layers!

The post_install script is OK, but the part I don't like its inability to let user choose the vNIC and the vswitch/vDS to deploy the vlan to, this is causing us to create DMZ VLANs manually in UCSM and vCenter including port-groups etc...

also the script does not show a warning of UCS FI uplink that does not have the new VLAN configured, it just bring the whole connectivity down without a warning in the script.

 

1 Accepted Solution

Accepted Solutions

RedNectar
Advisor
Advisor

Hi @Navigator ,

By FAR the easiest way to add VLANs to HyperFlex Clusters is via the vCentre plugin.  If you haven't installed the plugin, it is worth doing if only for this feature (although it is a bit of a pain to install)

But back to your comments


I'm wondering if Cisco intersight can help here! I coudn't find the option but can't understand why a huge product like intersight which should actually "manage" and make hyperflex administration easy does not have the option to create VLANs across all layers!

I've heard through the traps that there is a plan to add this feature to Intersight. It certainly makes sense

The post_install script is OK, but the part I don't like its inability to let user choose the vNIC and the vswitch/vDS to deploy the vlan to, this is causing us to create DMZ VLANs manually in UCSM and vCenter including port-groups etc...

The standard install gives you 4 vSwitches - one being dedicated for user traffic, including DMZ traffic should you want to a VLAN called say DMZ. If you want to deploy a DMZ any other way, I guess you are on your own.

also the script does not show a warning of UCS FI uplink that does not have the new VLAN configured, it just bring the whole connectivity down without a warning in the script.

Although not shown in the video, the plug-in adds the VLAN to the uplinks as well - but so should the script


 

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

View solution in original post

3 Replies 3

RedNectar
Advisor
Advisor

Hi @Navigator ,

By FAR the easiest way to add VLANs to HyperFlex Clusters is via the vCentre plugin.  If you haven't installed the plugin, it is worth doing if only for this feature (although it is a bit of a pain to install)

But back to your comments


I'm wondering if Cisco intersight can help here! I coudn't find the option but can't understand why a huge product like intersight which should actually "manage" and make hyperflex administration easy does not have the option to create VLANs across all layers!

I've heard through the traps that there is a plan to add this feature to Intersight. It certainly makes sense

The post_install script is OK, but the part I don't like its inability to let user choose the vNIC and the vswitch/vDS to deploy the vlan to, this is causing us to create DMZ VLANs manually in UCSM and vCenter including port-groups etc...

The standard install gives you 4 vSwitches - one being dedicated for user traffic, including DMZ traffic should you want to a VLAN called say DMZ. If you want to deploy a DMZ any other way, I guess you are on your own.

also the script does not show a warning of UCS FI uplink that does not have the new VLAN configured, it just bring the whole connectivity down without a warning in the script.

Although not shown in the video, the plug-in adds the VLAN to the uplinks as well - but so should the script


 

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.

Navigator
Beginner
Beginner

Thanks a lot @RedNectar 

We actually implemented DMZ connectivity directly to the hyperflex FIs and added VLANs Groups, new vNICs templates and new separate vDS for that, do you have any idea if Cisco support such additions to Hyperflex or DMZ shouldn't be done this way as we used to do with traditional UCS clusters?

for example I could find in the documentations that Cisco support adding new vNICs to Hyperflex clusters in case of  adding iSCSI connections, does it also apply to other connections such as DMZ? and is it fine to configure hyperflex for disjoint networks using VLAN groups etc.?

Hi @Navigator ,

The easiest way for Cisco to support HyperFlex is to have the customer leave the config in the default state.

On the other hand, one of the big selling points of HX is that the platform is built on UCS, and gives you all the benefits of anything you can do with UCS, including the Fabric Interconnects.

But "out-of-the-box" configurations are not going to support ALL UCS cluster features. Like disjoint VLANs.

That doesn't mean you can't use them, nor does it mean you can't configure them.  It just means that if you do, you can't expect all the "out-of-the-box" features - like adding VLANs using the vCentre plugin - to reconfigure themselves magically to work with your customised setup.

You can configure disjoint VLANs if you wish, in that sense it is "supported" - but "supported" does not mean that Cisco has written extra utilities or added extra features beyond normal UCSM/Intersight to make your custom configuration easier for you to manage.  You'll just get the regular support as if it were a normal UCS deployment.

So, yes "it fine to configure hyperflex for disjoint networks using VLAN groups etc"

RedNectar aka Chris Welsh.
Forum Tips: 1. Paste images inline - don't attach. 2. Always mark helpful and correct answers, it helps others find what they need.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: