Re: Migration fully to 1000v - Page 2

nashwj · ‎07-18-2009

This may be a dumb question and maybe I'm missing something simple....

Let's say I have a vSphere server with 2 NICs. I set up the server like normal and have a VMKernel port group and Service Console on the first NIC. I add this host to the Nexus 1000v dvswitch and uplink via the second NIC. What's the most seamless way to migrate the first NIC? I know I can do a Migrate Port Group with the dvswitch but it seems every time I do that the migration fails when it does the Service Console as that is the management channel. Do I first set up a second SC via the dvswitch and point vCenter to that first? Then you get in to issues of DNS names pointing to one IP and now I have a second... What am I missing?

Thanks!

Robert Burns · ‎01-13-2010

Tarek

There's no difference between functionality of ESXi vs ESX COS (Consoel Operating System) in regards to 1000v. They funciton and perform identically. The only benefit of ESXi is that it has a 32MB footprint, no Linux Service Console (higher security) and can reside on a USB device for booting (aka ESXi Embedded).

You are correct with "ESXi" being the way of the future. In the next release of vSphere, they will be fully removing the Service Console. This will require you to use vMA or vCenter to manage it.

In regards to UCS & 1000v, with the two adapters currently available - Menlo-E and Menlo-Q you're correct about only have two adapters. In many blade environments blades are limited to two phsyical adapters so there's no new concern here. In regards to design with 1000v the best bet is to use both adapters with the 1000v - to provide you redundancy in the event one fabric fails. This would mean you would have no vSwitch, so the Service Console (if any), VMKernel Ports. VMotion & FT and all VM Networks would reside on the 1000v.

Previously VMware has always insisted that the Vmotion network "have its own dedicated NIC'. This only holds true in the 1G NIC world, not 10G. VMware is rewriting the book on "best practices" in regards to networks with 10G. Clearly a 10G pipe is more than enough bandwidth to support your VMs and VMotion. If you have any concerns about performance you can implement QoS easily with UCS & 1000v.

As for preference to ESXi vs. ESX COS personally I prefer the COS version as I have more control and troubleshooting tools at my disposal. As long as you properly secure it the full version has this advantage IMO.

Cheers,

Robert

tarek.sabra · ‎01-15-2010

Thanks Robert!

My concern is mostly about the few NICs and ESXi.. I find that most 1000v documents and white papers refer to ESX... I just wanted to make the right decision in recommending ESXi.

Thanks you again,

Robert Burns · ‎01-15-2010

There is no "NIC Limitation" difference ESXi vs. ESX. They both support up to 32 physical NICs per host.

http://www.vmware.com/pdf/vsphere4/r40/vsp_40_config_max.pdf

Robert

tarek.sabra · ‎01-18-2010

Robert, I'm familiar with ESX/ESXi limitations in general but my concern was the difficulty in taking control of a management NIC when the 1000v has issues (config./human error/other) leading to management nic being unreachable... I know for ESX, if the two and only NICs are owned by the 1000v and something goes wrong where I need to regain control of the console port. Typically I'd create a temporary vswitch using the console locally (esxcfg-vswitch etc…) and assign one of the two NICs.

My concern is with ESXi and the management port concept and that I won't be able to access the console in case of 1000v issues...

Let me clarify by giving a scenario:

I have 2 NICs
I've installed/created a 1000v dvs
I've asigned both NICs to the 1000v
I've created/migrated all ports to the 1000v (management vmotion, vm port groups, etc...)

Now one of my network administrators misconfigures the 1000V and suddenly I loose access to my ESXi, vCenter looses connection and I can't even contact the ESXi directly using vCLI.

How do I regain access to the ESXi in this case and recover from this issue?

jbain44 · ‎01-27-2010

Doing a 1000v eval on top of UCS w/ the menlo adapters so Vcenter only sees the two NIC's. I'm new to the Vmware side of the house and am having some issues getting the host and VM's added to the 1000v correctly. Seem the 1000v documentation is written towards PNIC's and not virtual NIC's. Do I need to create a ethernet port-profile as a trunk to carry the managment, data and system (control & packet) vlans and then associate bith vnic's to that uplink group? Do I need to make the native vlan the management vlan. Any help would be appreciated.

asirikan@cisco.com · ‎01-29-2010

Regarding the usage with UCS and Menlo adapters, the two vnics of the menlo are shown as vmnic on the ESX. So, when you are adding the Host to N1K, you need to create an uplink port-profile to add these vmnics to N1K.

Yes, you need to have a trunk port-profile to carry management, data and system vlan traffic, and associate the nics to that.

Regarding setting the native vlan, it depends on you network configuration on the UCS. If you have the service profile configured with mgmt vlan as native vlan, then you need to give the same in the uplink-portprofile on the N1K also. If you have left the native vlan on service profile as default - 1, then you need not set anything for native vlan on n1k side.

Let me know if this answers your query.

Robert Burns · ‎01-29-2010

Jason,

I'm not sure you're referencing phsyical vs. virtual NICs correctly. With UCS even though they're called vNICs, as far as 1000v is concerned those are physical NICs. Any VMware "VMNIC" is considered a phsycial adapter. With UCS you're essentially define a Network Interface for the host (vSphere) which will be a trunk. This trunk must be allowed to carry all your required VLANS (Control, Packet, Management, IP Storage, VMotion, FT, and VM Data VLANS). From the UCS side that's all you need to configure. There's no need for uplink groups etc as far as UCS is concerned here.

As for Native VLANs - I would stay away from them unless you're already using them in your environment. They can lead to trunk mis-matches if a differnet Native VLAN is defined on two trunks. I believe it always safer to just take all trunked traffic until it hits an acccess port. As pointed out by someone else, if you define a Native VLAN elsewhere in your network, that Native VLAN must be defined in UCS and your Uplink port profiles to avoid issues.

I'm pretty sure we sorted out your issues yesterday, but if you have any further questions feel free to post them.

Regards,

Robert

jbain44 · ‎01-29-2010

Thanks Robert! That's the piece I was missing. Naming convention can be very confusing with VMware. It all makes sense now :-)

jasonfmic · ‎02-08-2010

Tarek,

I did not see anyone answer your concerns about regaining control of ESXi in the event of a complete 1000v failure. With direct physical access to the ESXi host you have some very basic configuration ability. If you were to follow the procedure here:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1010992

It would have the same result as logging in directly to the service console and reconfiguring the vswitch and/or service console ports.

Jason

tarek.sabra · ‎02-08-2010

Thanks JAS! that did answer my question... Greatly appreciated...