Resolution and Deployment Immediacy
EPG associated with the VMM domain; when should policy be pushed to leaf switches?
Resolution Immediacy: When does the policy download to the leaf switch(es)?
Pre-Provision Resolution Immediacy: Policy downloaded before the VM controller is attached to the virtual switch.
Perfect when hypervisors will use that VMM switch for management traffic.
Policy can still function with CDP/LLDP neighborships between the host and the leaf
Immediate Resolution Immediacy: Policy downloaded when the ESXi host attaches to the DVS
CDP/LLDP neighborship required.
On-Demand Resolution Immediacy: Policy downloaded when an ESXi host attaches to the DVS and a virtual machine is placed in the port group.
Once again, the CDP/LLDP neighborship is required.
Deployment Immediacy: when does the policy get pushed into the CAM of the leaf switch(es)?
Immediate Deployment Immediacy: Pushed into the CAM upon policy arrival at leaf switch. Often useful in pinning scenarios.
On-Demand Deployment Immediacy: Pushed into the CAM upon first packet arrival in the data path.
Watch out for MAC-pinned VPC environments.
VMware DVS Integration
APIC integrates with 3rd party VMMs
Three options with Virtual VMM:
VMware DVS
Cisco ACI Virtual Edge
Cisco Application Virtual Switch (It's now End of Life)
Ensure VMware and ACI version support.
Vmware Settings You should not change
VMM Domain Integration with ACI
Step 1: Create pool for VMM domain
Fabric > Access Policies > Pools. Right-click VLAN and choose Create VLAN Pool.
In the Range field, enter values 100 and 199. Click OK.
Step 2: Create vCenter Domain
Go to Virtual Networking > VMware. Right-click VMware and choose Create vCenter Domain
In the Virtual Switch Name field, enter vCenter_VMM. In the Virtual Switch field, choose the VMware vSphere Distributed Switch option. From the VLAN Pool drop-down menu, choose vCenter_VLANs.
Note: We have not yet attached AAEP profile.
Now scroll down and configure Port Channel - Mode On & select CDP.
Step 3: Expand the VMM domain, right-click Controllers, and choose Create vCenter Credential.
Step 4: Set the Credential
Step 5: LAUNCH VSPHERE CLIENT (HTML5). Log in to the vSphere web client as administrator@dc.local
In the vSphere Web Client, go to Networking, expand the data center DC, and verify that no VDS exists.
You should not see a VDS because you still need to complete the VMM domain configuration on the APIC. Therefore, the VDS still needs to be pushed to the vCenter.
Step 6: In the APIC GUI, in the Controllers menu, choose Create vCenter Controller.
Note: The name of Datacenter must be exactly the same as been configured in vSphere.
Step 7: Verify the VDS that the APIC has pushed.
You should see a VDS with the name of the configured vCenter domain (vCenter_VMM) within a folder of the same name. The VDS includes two networks that have been automatically created.
Step 8: Verify that CDP has been enabled on this VDS in both directions
Step 9: In the APIC UI, create a new AAEP.
Fabric > Access Policies > Policies > Global, right-click Attachable Access Entity Profiles, and choose Create Attachable Access Entity Profile.
Step 10: Associate HOST_AAEP AAEP to your VPC policy group Leaf101..102:1:03_VPCIPG and save the configuration.
Step 11: Associate VMM Domain to App_EPG
Application Profiles > eCommerce_AP > Application EPGs. Right-click the App_EPG and choose Add VMM Domain Association.
VMM Domain Profile drop-down menu, select vCenter_VMM and click Submit
Step 12: In DB_EPG and Web_EPG, use the same method to associate the EPGs with your VMM domain.
Step 13: In the vSphere client, within the VDS vCenter_VMM examine the port groups.
Examine the port groups by expanding the VDS or in the Networks tab. Refresh the browser if needed.
Step 14: Add ESXi Host to the VDS (Optional)
In the vSphere Web Client, go to Networking. Right-click the created VDS and choose Add and Manage Hosts.
Step 15: Select your host to be added to the distributed switch.
Step 16: Don’t add any physical adapters. In this scenario, there is no hardware fabric.
Step 17 : Confirm that the host has no physical network adapters attached to the fabric.
Step 18 : Do NOT assign any VMkernel network adapters to the distributed switch
Step 19 : Do not migrate any virtual machines or network adapters to the distributed switch.
Step 20: On the (6) Ready to complete page, click Finish.
Step 21: In the vSphere Web Client, manage a host added to your new VDS.
Step 22: On the (1) Select task page, select Manage host networking and click Next.
Step 23: On the (2) Select hosts page, select your ESXi (10.10.1.1). Click Next.
Step 24: Do not add any physical adapters.
Step 25: Do not assign any VMkernel network adapters to the distributed switch.
Step 26 : Perform these assignments:
APP_VM to Sales|eCommerce_APP|App_EPG
DB_VM to Sales|eCommerce_APP|DB_EPG
WEB_VM to Sales|eCommerce_APP|Web_EPG
On the (5) Migrate VM networking page, check the Migrate virtual machine networking check box. Then, navigate to the Configure per Virtual Machine tab. Click the double arrow in front of the Network Adapter 1 for APP_VM to open a Select Network field. Click Assign to assign the adapter to their respective EPG-backed port groups, in this case, Sales|eCommerce_APP|App_EPG. Click the double arrow again to close the Select Network field.
Repeat the procedure for DB_VM and WEB_VM. You must go to the second page of the Virtual machine list to find WEB_VM.
Step 27: On the (6) Ready to complete page, click Finish to migrate the virtual machines.
Comentários