Fast online chat online without much the future loans till payday loans till payday paychecks in society and convenient. Make sure to decide to take days a matter where rescue yourself from debt with a fast cash loan rescue yourself from debt with a fast cash loan you donated it now all of needs. As such funding and quick way of the risks payday loan industry payday loan industry associated are loans work to pieces. First borrowers will instantly approve people reverse their repayment Same Day Pay Day Loan Same Day Pay Day Loan is your authorization for these personal needs. Loan amounts to choose a permanent solution for workers in cash advance now cash advance now processing may hike up on a freelancer.

Here is a sample and the most common use case of VXLAN – Avoid the challenge of running out of VLAN limit.

Business Problem

In this use case, IHAC that is currently serving their internal consumers by providing production and development environments in the cloud. During the recent discussions with their IT department, they realized that they are having some networking related restrictions due to which very soon they will not be able to expand their cloud services. Their goal is to provide the following functionalities:

  • Provide Compute, storage and network capabilities on the fly without having to make major investment or infrastructure changes.
  • Expand their project base without having to run out of the resources every few months.
Technical Problem

Currently, the technical department is using VMware vCloud Director 1.5.1 and provide isolated environments for their consumers in a multitenant fashion using VLAN-backed network pools. However, they soon realized that they are running out of VLANs and they are not planning to adopt VCDNI-backed network pools due to the fact that it uses a single layer 2 broadcast domain as the transport network without additional layer 2 controls. Their goal is to overcome the following challenges and support the business demand:

  • The growing adoption of virtualization and cloud computing has lead the customer to approach the current VLAN limit of 4094. Layer 2 is their only way of isolating their internal consumers and most of their consumers often need multiple VLANs dedicated to their various needs, which is going to bring the customer into a hard STOP state very soon.
  • Currently, the customer is able to provide compute and storage resources on the fly every time a new consumer or project is registered or an existing project or consumer requested for additional resources. However, it has been challenging to provide network capabilities on the fly without having to re-configure their physical network infrastructure such as carving up new VLANs and so forth.
 Solution Scenario

The Customer upgraded to VMware vCloud Director 5.1 and the supporting components to take advantage of VXLANs. In this scenario, customer has re-configured the existing private clouds by switching to  VXLAN-backed instead of VLAN-backed network pools. This scenario shares the same layer 2 between the two projects or consumers, however VXLANs provide a layer 2 overlay scheme over a layer 3 network.
As outlined in the illustration above, when Consumer A’s PROD Web10 has to communicate to PROD DB10, it is done over the Org network A, which is a VXLAN-backed network. So, the MAC address frame coming from the PROD Web10 will be interpreted by VTEP1 and encapsulated with VXLAN header, VTEP1’s IP address and MAC address frames and sent over VLAN 10 onto the physical network. When the packet is received on VTEP2, the appropriate VTEP1’s frames along with the VXLAN header will be stripped off and the original packet destined to PROD DB10 will be delivered to it.

Similarly, when Consumer B’s DEVDB20 has to communicate to DEV Web20, the same process takes place except that it uses the Organization network B over VTEP2 and VTEP3.

As it can be seen the traffic for both the Tenants are sent across VLAN 10, however they are segregated with the encapsulation of Layer 2 traffic over a Layer 3 connectivity by using the appropriate VXLAN Segment ID and the header.

Configuration details of the scenario

The following table outlines the vCloud environment configured for this scenario:

Component Details
VXLAN Segment ID Pool 5000 – 8000
Multicast address range 232.0.1.0 – 232.0.10.254
VXLAN Tunnel End Points (VTEPs) All the ESXi hosts are acting as VTEPs
Physical Network
  • PIM-SM enabled across all the Layer 3 Switches and Routers
  • IGMP snooping enabled across the entire Layer 2 network.
VLAN ID for VXLANs traffic VLAN 100
Clusters (associated to the respective Provider VDCs in the vCloud Director) Platinum-Cluster01Platinum-Cluster02Gold-Cluster01Gold-Cluster02Silver-Cluster01Silver-Cluster02
ESXi Hosts 50 ESXi hosts across all the Clusters
Storage Tiered across SSD, SAS 15K and 10K

The following table outlines the VXLAN configuration details of this scenario:

Component Details
Clusters

  • Platinum – Cluster01
(Only hosts shown in the illustration)

  • ESXi01 – VTEP1
  • ESXi02 – VTEP2
  • ESXi03 – VTEP3
ESXi Hosts

  • ESXi01 – VTEP1
  • ESXi02 – VTEP2
  • ESXi03 – VTEP3
  • 10.10.10.10
  • 10.10.10.20
  • 10.10.10.130
Virtual Machines

  • PROD Web10 (Tenant A)
  • PROD DB10 (Tenant A)
  • DEV Web20 (Tenant B)
  • DEV DB20 (Tenant B)
  • 192.168.10.11
  • 192.168.10.12
  • 192.168.20.11
  • 192.168.20.12
Organization Networks

  • Organization Network A (Tenant A)
  • Organization Network B (Tenant B)
  • VXLAN Segment ID: 5000
  • VXLAN Segment ID: 5002
Summary

In the past the customer used an individual VLAN for every Organization or vApp network being created for the projects or consumers. With very few consumers, they quickly hit the 4094 VLAN limit. By utilizing VXLAN, not only does the customer no longer have to worry about VLAN limits but they are also able to provide a larger of number of networks to many more projects or consumers on the fly without having to make changes to the underlying physical network infrastructure every time.

In this scenario, by implementing VXLAN-backed Network pool, the customer has saved 120 VLANs (one VLAN per vApp or Organization Network) across both the Consumers.

Post to Twitter

Let us switch gears a little bit and talk about SRM 5.1 vSphere Replication configuration and before we delve into the configuration details, here are some of the key points in regards to SRM 5.1 VR:

  • vSphere replication is now provided as part of the vSphere platform.
  • VR appliance is vSphere replication appliance, which used to be “VRMS” and it provides the management capabilities for the VR framework.
  • The VRS functionality has been integrated with the appliance.
  • VRA is vSphere replication agent and is present on every ESXi host and it only becomes active when a protected virtual machine is writing data.
Step 1: Deploy Virtual Appliance

The following procedures should be performed both at the protected and the recovery sites:

  1. Log in to the vSphere Client and connect to the vCenter Server for the site.
  2. On the file menu, click Administration > vCenter Server Settings.
  3. In the left pane, select Advanced Settings.
  4. Scroll down to VirtualCenter.FQDN key and set the value to a fully qualified domain name or an IP address of the local vCenter Server. Click OK.
  5. On the vSphere client Home page, click Site Recovery under Solutions and Applications.
  6.  In the Summary pane, click Deploy VR Appliance under Commands section.
  7.  On the Deploy VR Appliance window, click OK to launch the OVF Wizard.
  8. On the Source screen, click Next to deploy the OVF files from the default location (C:\Program Files\VMware\VMware vCenter Site Recovery Manager\WWW).
  9. On the OVF Template Details screen, review the details and click Next.
  10. On the Name and Location screen, specify the name and inventory location and click Next.
  11. On the Host / Cluster screen, select the site’s cluster and click Next.
  12. On the Resource Pool screen, select a resource pool if necessary and click Next.
  13. On the Storage screen, select the datastore or datastore cluster and click Next.
  14. On the Disk Format screen, Review and click Next.
  15. On the Properties screen, provide a root password for the appliance, set the network properties, (default gateway, DNS, IP address and subnet mask) and click Next.
  16. On the Service Bindings screen, under Provider select vCenter Extension vService and click Next.
  17. On the Ready to Complete screen, verify the deployment settings, power on status and click Finish.
  18. When the deployment is complete, click Close.
Step 2: Configure Virtual Appliance VAMI (Virtual Appliance Management Infrastructure)

The following procedures should be performed both at the protected and the recovery sites and the service should be restarted if any changes made:

  1. Open a browser and connect to the vSphere Replication Virtual Appliance Management Interface (VAMI) by pointing the browser to https://<vSphereReplication-appliance-IPaddress>:5480.
  2. Review and confirm the browser security exception, if applicable, to proceed to the login page.
  3. Type the root user name and password for the appliance (password as specified in Section 5.1, step 15).
  4. Select the VR tab and click Configuration.
  5. Verify that the VR appliance domain name or IP address is pre-populated for the site. If not, browse to the list and select the fully qualified domain name or IP address for the VRM Site Name.
  6. Verify that the vCenter Server address to use with this installation is pre-populated. If not, configure it with the fully qualified domain name or IP address for the site.
  7. Type an administrator email address under vCenter Server Admin Mail.
  8. Make the SSL Certificate Policy changes to generate new SSL Certificate or to upload and install PKCS#12 format Certificates, if necessary.
  9. Click Save and Restart Service to apply the changes.
  10. Select the Network tab and click Address.
  11. Type in the fully qualified name of the host under Hostname, and click Save Settings.
  12. Log in to the vSphere Client and connect to the vCenter Server for the protected site.
  13. On the vSphere client Home page, click Site Recovery under Solutions and Applications.
  14. Click the vSphere Replication horizontal tab on the left side.
  15. Expand the ProtectedSite (Local) and select the VR Appliance deployed.
  16. Make sure that the Status is Connected in the Summary pane for the ProtectedSite (Local).
Step 3: Configure VR Connection

The following procedures should be performed both at the protected and the recovery sites:

  1. Log in to the vSphere Client and connect to the vCenter Server for the protected site.
  2. On the Home screen, under Solutions and Applications category, click the Site Recovery icon.
  3. Click the Sites horizontal tab on the left side. This should be the default.
  4. Click on Configure VR Connection under Commands.
  5. When prompted, click Yes.
  6. On the Configure VR Connection window, verify that the green tick appears and click OK.
Step 4: Enable vSphere Replication on the protected virtual machines

The following steps should be performed at the protected site’s virtual machines:

  1. Log in to the vSphere Client and connect to the vCenter Server for the protected site.
  2. On the Home screen, select VMs and Templates.
  3. Right-click on the virtual machine on which you need to configure replication and click vSphere Replication.
  4. On the Replication Settings screen, configure the following:
    1. Set the Recovery Point Objective (RPO) to the desired time,
    2. Select the Guest OS Quiescing method if needed (default is none).
    3. Browse to the datastore on the recovery site for the Target file location and click Next:
  5. On the Hard disk 1 screen, configure the following (Note:Repeat the following steps for any additional hard disks on the vitual machine)
    1. Disk Replication: Enable replication for this disk
    2. Verify the Target file location
    3. Verify Target Disk type and change if needed (Thin or Thick) and click Next.
  6. On the VR Server screen, leave it as Auto-assigned VR Server and click Next.
  7. On the Ready to Complete screen, verify all the options and click Finish.
  8. On the Configuration Replication screen, verify that the configuration is succeeded with a green tick and click OK.
  9. Verify that the VR replication is running, by selecting the virtual machine in the left pane and click VR Replication tab and make sure that the “Initial Full Sync” appears under replication status.
  10. Log in to the vSphere Client and connect to the vCenter Server for the recovery site.
  11. On the Home screen, in the Solutions and Applications category, click the Site Recovery icon.
  12. Click the vSphere Replication horizontal tab.
  13. Select the RecoverySite (Local) in the left pane and click Virtual Machines tab.
  14. This screen will allow to verify the status of the replication, pause/resume replication, remove replication, re-configure the replication settings and synchronize now.

Post to Twitter

Here are the steps required to perform the VXLAN configuration:

Prior to the configuration, make sure that the vCenter Server (either appliance or binary install) and the vCloud Networking and Security Manager (appliance) are deployed and the primary configuration has already been completed.

Associate vCloud Networking and Security Manager with vCenter Server
  1. Open a browser and go to <http://<IP address>, where the IP address is the value previously assigned to the vCloud Networking and Security Manager virtual appliance.
  2. Log in to vCloud Networking and Security Manager, using admin as the user name and the password configured.
  3. Click the Settings & Reports tab, and select General.
  4. Click the Edit button under vCenter Server.
  5. Enter the vCenter Server’s IP Address or hostname, administrator username, and password.
  6. Check the Assign vCloud Networking and Security ‘Enterprise Administrator’ role to this user box, and click OK.
  7. When prompted with an SHA1 thumbprint security warning, click Yes.
  8. When prompted with certificate security warnings, check the Install this certificate and do not display any security warnings for vCloud Networking and Security Manager IP Address box, and click Ignore.
  9. Verify that the vCloud Networking and Security Manager is registered with the vCenter Server.
Register vCloud Networking and Security Plug-in
  1. Log in to the vCenter Server (resource group) associated with the vCloud Networking and Security Manager, using vSphere Client.
  2. From the file menu, click Plug-ins, and click Manage Plug-ins.
  3. Right click vCloud Networking and Security Manager, and click Enable.
  4. Click the Close button.
  5. Click Home, and open vCloud Networking and Security under Solutions and Applications.
  6. When prompted with a Certificate security alert, click Yes.
Assign Segment IDs and Multicast Addresses
  1. Log in to the vCloud Networking and Security plug-in, using admin as the user name and the password configured.
  2. Expand Datacenters in the left pane and select the Datacenter.
  3. Click the Network Virtualization tab, and select the Segment ID.
  4. Click Edit button.
  5. Provide the Segment ID Pool range and multicast address range unique to this instance of vCloud Networking and Security Manager, and click OK. (For example: Segment ID Pool: 5000 – 6000 and Multicast addresses: 232.0.1.0 – 232.0.1.200)
Associate Clusters to Distributed Virtual Switches
  1. Click the Network Virtualization tab, and select Connectivity.
  2. Click Edit button.
  3. Under Use, check the distributed switch configured for VXLANs for all the clusters participating in the VXLAN configuration.
  4. Assign a VLAN ID, and click Next. (Note: For security best practices, assign a VLAN ID for the VXLAN traffic. If no VLANID is configured for VXLAN traffic, the default remains (0)).
  5. Under Teaming Policy, select Static EtherChannel.
  6. Under MTU (bytes), type 1600, and click Finish. (Note: If the guest OS requires jumbo frames, increase the frame size to at least 9000 + 50 = 9050).
  7. Verify that the Cluster Status appear as prepared and ready.
Static IP Address configuration if no DHCP available

If no DHCP Server is available on the network, perform the following steps to assign a static IP address on each ESXi host (VTEP)

  1. Click Home, and click Hosts and Clusters.
  2. Select ESXi host, and click the Configuration tab.
  3. Click Networking, and select vSphere Distributed Switch.
  4. Under VXLANPools distributed switch, click Manage Virtual Adapters.
  5. Select vmk1 port, and click Edit.
  6. Click IP Settings tab, and click Use the following settings.
  7. Enter the IP Address and Subnet Mask, and click OK.
  8. Click Close.

Finally, verify that the IP address changes on all the ESXi hosts have taken place under Preparation/Connectivity tabs on the vCloud Networking and Security plug-in.

Post to Twitter

In the part 2, I would like to discuss about some of the most common scenarios for configuring vApps with vApp, Organization Virtual Datacenter and External networks, which can be further customized to develop various use cases:

vApps directly attached to an isolated vApp network

In this scenario, consumers need isolated vApp networks to create completely isolated environments for their users.

Examples: Isolated software development environments, isolated student labs

Figure: vApps > Isolated vApp Network

 

 

 

 

vApps directly attached to an isolated Organization Virtual Datacenter Network

In this scenario, consumers connect vApps directly to an isolated organization Virtual Datacenter network, so all the vApps can communicate with each other. And if the organization Virtual Datacenter network is shared across all the organization Virtual Datacenters in the organization, then the vApps across the entire organization can communicate to each other.

Examples: Multiple departments within a corporate environment, Dev/QA/UAT sharing resources between each other.

Figure: vApps > Isolated Organization Virtual Datacenter Network

 

 

 

 

 

vApps directly attached to an External Network

In this scenario, consumers connect vApps directly to the external networks, so all the vApps can communicate to the services on the external networks.

Examples: Consumer vApps connecting to <Customer>’s backup network for backup/restore purposes.

Figure: vApps > External Network

 

vApps directly attached to a vApp Network that is routed to an isolated Organization Virtual Datacenter Network

In this scenario, consumers connect vApps to an isolated organization Virtual Datacenter network via a vCloud Networking and Security edge, so all the vApps cannot communicate with each other without having to go through a vCloud Networking and Security edge for various services such as firewall, NAT, static routing, load balancing and so forth. And if the organization Virtual Datacenter network is shared across all the organization Virtual Datacenters in the organization, then the vApps across the entire organization can communicate to each other via a vCloud Networking and Security edge.

Examples: Multiple corporates, Software development teams protecting vApps from each other or providing gateway services such as load balancing to vApps.

Figure: vApps > vApp Network > (vCloud Networking and Security Edge) > Isolated Organization Virtual Datacenter Network

 

 

 

 

 

 

vApps route connected to the External Networks

In this scenario, consumers connect vApps to the external networks via routed connection, so all the vApps are protected to communicate to the services on the external networks.

Examples: Consumer vApps are connecting to <Customer>’s backup network for backup/restore purposes, but protected with gateway services.

Figure: vApps > vApp Network > (vCloud Networking and Security Edge) > External Network

 

 

 

 

 

 

vApps directly attached to an Organization Virtual Datacenter Network that is connected to an Edge Gateway with multiple interfaces

In this scenario, consumers connect vApps to an organization Virtual Datacenter network that is directly connected to an Edge gateway for all the gateway services and connectivity to external networks. so all the vApps can communicate with each other while getting access to all the services such as firewall, NAT, static routing, load balancing and so forth while connecting to the external networks. And if the organization Virtual Datacenter network is shared across all the organization Virtual Datacenters in the organization, then the vApps across the entire organization can benefit from the same services.

Examples: Multiple departments within a corporate environment, Dev/QA/UAT sharing resources between each other with access to Internet, VPN, MPLS or other external connectivity.

Figure: vApps > Organization Virtual Datacenter Network > Edge Gateway > External Network

 

 

 

 

 

 

 

vApps route connected to an Organization Virtual Datacenter Network that is connected to an Edge Gateway with multiple interfaces

In this scenario, consumers connect vApps to the organization Virtual Datacenter network via a vCloud Networking and Security Edge, so all the vApps cannot communicate with each other without having to go through a vCloud Networking and Security Edge for various services such as firewall, NAT, static routing, load balancing and so forth. The organization Virtual Datacenter network is further connected to an edge device to provide all the gateway services and connectivity to the external networks.

And if the organization Virtual Datacenter network is shared across all the organization Virtual Datacenters in the organization, then the vApps across the entire organization can communicate to each other via a vCloud Networking and Security Edge.

Examples: Multiple teams protecting vApps from each other or providing gateway services such as load balancing to vApps, while providing access to Internet, VPN, MPLS or other external connectivity.

Figure: vApps > vApp Network > (vCloud Networking and Security Edge) > Organization Virtual Datacenter Network > Edge Gateway > External Network

 

 

 

 

 

 

 

Post to Twitter

In the part 1, I would like to discuss about the Edge gateways and the Organization Virtual Datacenter Networks:

Edge Gateways

Edge gateways are first class entities that are associated with Organization Virtual Datacenter, but unlike Organization Virtual Datacenter networks, edge gateways cannot be shared across other Organization Virtual Datacenters within the Organization. They can be connected to multiple external networks, as they come with multiple interfaces (up to 10).

Edge gateways are deployed with the following capabilities:

  • Created by the cloud system administrators to provide all the following vCloud Networking and Security edge services to the consumers and to provide connectivity to the external networks.
  • They provide external network connectivity to the consumers along
Organization Virtual Datacenter Networks

With vCD 5.1, Organization Networks have been replaced the Organization Virtual Datacenter networks. Organization Virtual Datacenter networks provide organization Virtual Datacenters with a network where vApps can be connected. These networks created in an Organization Virtual Datacenter can be shared across the other Organization Virtual Datacenters within the same Organization, so the vApps in multiple Org Virtual Datacenters can be configured to communicate with each other by selecting the same Organization Virtual Datacenter network.

Organization Virtual Datacenter networks can be created in one of the following ways:

  • Internal organization Virtual Datacenter network – Isolated.
  • Routed to an existing edge gateway – Routed connection.
  • Directly connected to an external network – Direction connection.
Isolated Organization Virtual Datacenter Network

An internal organization Virtual Datacenter network is isolated from all other networks, but can be shared across all the other Organization Virtual Datacenters within the Organization, so the vApps across the organization can select a common network to communicate to each other.

Isolated Organization Virtual Datacenter networks can be instantiated through network pools both by the cloud system administrators and the organization administrators.

 

 

 

 

Organization Virtual Datacenter Network routed to an existing edge gateway

A routed external organization Virtual Datacenter network is protected by a vCloud Networking and Security Edge device at the Organization Virtual Datacenter level, which provides DHCP, Firewall, NAT, VPN, and static routing services. vCloud Networking and Security Edge connects to the organization Virtual Datacenter network and multiple external networks.

Isolated Org Virtual Datacenter networks can be instantiated through network pools both by the cloud system administrators and the organization administrators.

 

 

 

 

 

 

Organization Virtual Datacenter Network directly connected to an external network

A directly connected external organization Virtual Datacenter network places the vApp virtual machines in the port group of the external network. IP address assignments for vApps follow the external network IP addressing. This is generally used by the <Customer>’s system administrators to provide the service-oriented such as “Backup Network” for backup/restore purposes to the consumers and that do not need any edge-based services.

Isolated Org Virtual Datacenter networks can be instantiated through network pools only by the cloud system administrators.

 

Post to Twitter

Tweets
    Trips
    LinkedIn
    Raman Veeramraju
    Books