Google Git
Sign in
apache / cloudstack / refs/heads/ui-vpc-redesign / . / docs / en-US / vmware-install.xml
blob: fd88fc7c0cb88fe94f1c8cbb540f7080fd88d612 [file] [log] [blame]
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<section id="vmware-install">
<title>VMware vSphere Installation and Configuration</title>
<para>If you want to use the VMware vSphere hypervisor to run guest virtual machines, install
vSphere on the host(s) in your cloud.</para>
<xi:include href="vmware-requirements.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<section id="vmware-preparation-checklist">
<title>Preparation Checklist for VMware</title>
<para>For a smoother installation, gather the following information before you start:</para>
<itemizedlist>
<listitem>
<para>Information listed in <xref linkend="vmware-vcenter-checklist"/></para>
</listitem>
<listitem>
<para>Information listed in <xref linkend="vmware-network-checklist"/></para>
</listitem>
</itemizedlist>
<section id="vmware-vcenter-checklist">
<title>vCenter Checklist</title>
<para>You will need the following information about vCenter.</para>
<informaltable frame="all">
<tgroup cols="3" align="left" colsep="1" rowsep="1">
<colspec colname="c1"/>
<colspec colname="c2"/>
<colspec colname="c3"/>
<thead>
<row>
<entry><para>vCenter Requirement</para></entry>
<entry><para>Value</para></entry>
<entry><para>Notes</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>vCenter User</para></entry>
<entry><para/></entry>
<entry><para>This user must have admin privileges.</para></entry>
</row>
<row>
<entry><para>vCenter User Password</para></entry>
<entry><para/></entry>
<entry><para>Password for the above user.</para></entry>
</row>
<row>
<entry><para>vCenter Datacenter Name</para></entry>
<entry><para/></entry>
<entry><para>Name of the datacenter.</para></entry>
</row>
<row>
<entry><para>vCenter Cluster Name</para></entry>
<entry><para/></entry>
<entry><para>Name of the cluster.</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</section>
<section id="vmware-network-checklist">
<title>Networking Checklist for VMware</title>
<para>You will need the following information about VLAN.</para>
<informaltable frame="all">
<tgroup cols="3" align="left" colsep="1" rowsep="1">
<colspec colname="c1"/>
<colspec colname="c2"/>
<colspec colname="c3"/>
<thead>
<row>
<entry><para>VLAN Information</para></entry>
<entry><para>Value</para></entry>
<entry><para>Notes</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>ESXi VLAN</para></entry>
<entry><para/></entry>
<entry><para>VLAN on which all your ESXi hypervisors reside.</para></entry>
</row>
<row>
<entry><para>ESXI VLAN IP Address</para></entry>
<entry><para/></entry>
<entry><para>IP Address Range in the ESXi VLAN. One address per Virtual Router is used
from this range.</para></entry>
</row>
<row>
<entry><para>ESXi VLAN IP Gateway</para></entry>
<entry><para/></entry>
<entry><para/></entry>
</row>
<row>
<entry><para>ESXi VLAN Netmask</para></entry>
<entry><para/></entry>
<entry><para/></entry>
</row>
<row>
<entry><para>Management Server VLAN</para></entry>
<entry><para/></entry>
<entry><para>VLAN on which the &PRODUCT; Management server is
installed.</para></entry>
</row>
<row>
<entry><para>Public VLAN</para></entry>
<entry><para/></entry>
<entry><para>VLAN for the Public Network.</para></entry>
</row>
<row>
<entry><para>Public VLAN Gateway</para></entry>
<entry><para/></entry>
<entry><para/></entry>
</row>
<row>
<entry><para>Public VLAN Netmask</para></entry>
<entry><para/></entry>
<entry><para/></entry>
</row>
<row>
<entry><para>Public VLAN IP Address Range</para></entry>
<entry><para/></entry>
<entry><para>Range of Public IP Addresses available for &PRODUCT; use. These addresses
will be used for virtual router on &PRODUCT; to route private traffic to external
networks.</para></entry>
</row>
<row>
<entry><para>VLAN Range for Customer use</para></entry>
<entry><para/></entry>
<entry><para>A contiguous range of non-routable VLANs. One VLAN will be assigned for
each customer.</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</section>
</section>
<section id="vmware-vsphere-installation-steps">
<title>vSphere Installation Steps</title>
<orderedlist>
<listitem>
<para>If you haven't already, you'll need to download and purchase vSphere from the VMware
Website (<ulink url="https://www.vmware.com/tryvmware/index.php?p=vmware-vsphere&amp;lp=1"
>https://www.vmware.com/tryvmware/index.php?p=vmware-vsphere&amp;lp=1</ulink>) and
install it by following the VMware vSphere Installation Guide.</para>
</listitem>
<listitem>
<para>Following installation, perform the following configuration, which are described in
the next few sections:</para>
<informaltable frame="all">
<tgroup cols="2" align="left" colsep="1" rowsep="1">
<colspec colname="c1"/>
<colspec colname="c2"/>
<thead>
<row>
<entry><para>Required</para></entry>
<entry><para>Optional</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>ESXi host setup</para></entry>
<entry><para>NIC bonding</para></entry>
</row>
<row>
<entry><para>Configure host physical networking, virtual switch, vCenter Management
Network, and extended port range</para></entry>
<entry><para>Multipath storage</para></entry>
</row>
<row>
<entry><para>Prepare storage for iSCSI</para></entry>
<entry><para/></entry>
</row>
<row>
<entry><para>Configure clusters in vCenter and add hosts to them, or add hosts
without clusters to vCenter</para></entry>
<entry><para/></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</listitem>
</orderedlist>
</section>
<section id="vmware-esxi-host-setup">
<title>ESXi Host setup</title>
<para>All ESXi hosts should enable CPU hardware virtualization support in BIOS. Please note
hardware virtualization support is not enabled by default on most servers.</para>
</section>
<section id="vmware-physical-host-networking">
<title>Physical Host Networking</title>
<para>You should have a plan for cabling the vSphere hosts. Proper network configuration is
required before adding a vSphere host to &PRODUCT;. To configure an ESXi host, you can use
vClient to add it as standalone host to vCenter first. Once you see the host appearing in the
vCenter inventory tree, click the host node in the inventory tree, and navigate to the
Configuration tab.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vmware-physical-network.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
<para>In the host configuration tab, click the &quot;Hardware/Networking&quot; link to bring up
the networking configuration page as above.</para>
<section id="vmware-physical-host-networking-config-vswitch">
<title>Configure Virtual Switch</title>
<para>A default virtual switch vSwitch0 is created. &PRODUCT; requires all ESXi hosts in the
cloud to use the same set of virtual switch names. If you change the default virtual switch
name, you will need to configure one or more &PRODUCT; configuration variables as
well.</para>
<section id="vmware-physical-host-networking-config-vswitch-separate-traffic">
<title>Separating Traffic</title>
<para>&PRODUCT; allows you to use vCenter to configure three separate networks per ESXi
host. These networks are identified by the name of the vSwitch they are connected to. The
allowed networks for configuration are public (for traffic to/from the public internet),
guest (for guest-guest traffic), and private (for management and usually storage traffic).
You can use the default virtual switch for all three, or create one or two other vSwitches
for those traffic types.</para>
<para>If you want to separate traffic in this way you should first create and configure
vSwitches in vCenter according to the vCenter instructions. Take note of the vSwitch names
you have used for each traffic type. You will configure &PRODUCT; to use these
vSwitches.</para>
</section>
<section id="vmware-physical-host-networking-config-vswitch-increasing-port">
<title>Increasing Ports</title>
<para>By default a virtual switch on ESXi hosts is created with 56 ports. We recommend
setting it to 4088, the maximum number of ports allowed. To do that, click the
&quot;Properties...&quot; link for virtual switch (note this is not the Properties link
for Networking).</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vmware-increase-ports.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
<para>In vSwitch properties dialog, select the vSwitch and click Edit. You should see the
following dialog:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vmware-vswitch-properties.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
<para>In this dialog, you can change the number of switch ports. After you&apos;ve done
that, ESXi hosts are required to reboot in order for the setting to take effect.</para>
</section>
</section>
<section id="vmware-physical-host-networking-config-vcenter-mgt">
<title>Configure vCenter Management Network</title>
<para>In the vSwitch properties dialog box, you may see a vCenter management network. This
same network will also be used as the &PRODUCT; management network. &PRODUCT; requires the
vCenter management network to be configured properly. Select the management network item in
the dialog, then click Edit.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vmware-mgt-network-properties.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
<para>Make sure the following values are set:</para>
<itemizedlist>
<listitem>
<para>VLAN ID set to the desired ID</para>
</listitem>
<listitem>
<para>vMotion enabled.</para>
</listitem>
<listitem>
<para>Management traffic enabled.</para>
</listitem>
</itemizedlist>
<para>If the ESXi hosts have multiple VMKernel ports, and ESXi is not using the default value
&quot;Management Network&quot; as the management network name, you must follow these
guidelines to configure the management network port group so that &PRODUCT; can find
it:</para>
<itemizedlist>
<listitem>
<para>Use one label for the management network port across all ESXi hosts.</para>
</listitem>
<listitem>
<para>In the &PRODUCT; UI, go to Configuration - Global Settings and set
vmware.management.portgroup to the management network label from the ESXi hosts.</para>
</listitem>
</itemizedlist>
</section>
<section id="vmware-physical-networking-extend-port-console-proxy">
<title>Extend Port Range for &PRODUCT; Console Proxy</title>
<para>(Applies only to VMware vSphere version 4.x)</para>
<para>You need to extend the range of firewall ports that the console proxy works with on the
hosts. This is to enable the console proxy to work with VMware-based VMs. The default
additional port range is 59000-60000. To extend the port range, log in to the VMware ESX
service console on each host and run the following commands:</para>
<programlisting>
esxcfg-firewall -o 59000-60000,tcp,in,vncextras
esxcfg-firewall -o 59000-60000,tcp,out,vncextras
</programlisting>
</section>
<section id="vmware-physical-networking-config-vsphere-nic-bond">
<title>Configure NIC Bonding for vSphere</title>
<para>NIC bonding on vSphere hosts may be done according to the vSphere installation
guide.</para>
</section>
</section>
<section id="vmware-vsphere-cluster-config-nexus-vswitch">
<title>Configuring a vSphere Cluster with Nexus 1000v Virtual Switch</title>
<para>&PRODUCT; supports Cisco Nexus 1000v dvSwitch (Distributed Virtual Switch) for virtual
network configuration in a VMware vSphere environment. This section helps you configure a
vSphere cluster with Nexus 1000v virtual switch in a VMware vCenter environment. For
information on creating a vSphere cluster, see <xref linkend="vmware-install"/></para>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-about">
<title>About Cisco Nexus 1000v Distributed Virtual Switch</title>
<para>The Cisco Nexus 1000V virtual switch is a software-based virtual machine access switch
for VMware vSphere environments. It can span multiple hosts running VMware ESXi 4.0 and
later. A Nexus virtual switch consists of two components: the Virtual Supervisor Module
(VSM) and the Virtual Ethernet Module (VEM). The VSM is a virtual appliance that acts as the
switch&apos;s supervisor. It controls multiple VEMs as a single network device. The VSM is
installed independent of the VEM and is deployed in redundancy mode as pairs or as a
standalone appliance. The VEM is installed on each VMware ESXi server to provide
packet-forwarding capability. It provides each virtual machine with dedicated switch ports.
This VSM-VEM architecture is analogous to a physical Cisco switch&apos;s supervisor
(standalone or configured in high-availability mode) and multiple linecards
architecture.</para>
<para>Nexus 1000v switch uses vEthernet port profiles to simplify network provisioning for
virtual machines. There are two types of port profiles: Ethernet port profile and vEthernet
port profile. The Ethernet port profile is applied to the physical uplink ports-the NIC
ports of the physical NIC adapter on an ESXi server. The vEthernet port profile is
associated with the virtual NIC (vNIC) that is plumbed on a guest VM on the ESXi server. The
port profiles help the network administrators define network policies which can be reused
for new virtual machines. The Ethernet port profiles are created on the VSM and are
represented as port groups on the vCenter server.</para>
</section>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-prerequisite-guide">
<title>Prerequisites and Guidelines</title>
<para>This section discusses prerequisites and guidelines for using Nexus virtual switch in
&PRODUCT;. Before configuring Nexus virtual switch, ensure that your system meets the
following requirements:</para>
<itemizedlist>
<listitem>
<para>A cluster of servers (ESXi 4.1 or later) is configured in the vCenter.</para>
</listitem>
<listitem>
<para>Each cluster managed by &PRODUCT; is the only cluster in its vCenter
datacenter.</para>
</listitem>
<listitem>
<para>A Cisco Nexus 1000v virtual switch is installed to serve the datacenter that
contains the vCenter cluster. This ensures that &PRODUCT; doesn&apos;t have to deal with
dynamic migration of virtual adapters or networks across other existing virtual
switches. See <ulink
url="http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_5_1/install_upgrade/vsm_vem/guide/n1000v_installupgrade.html"
>Cisco Nexus 1000V Installation and Upgrade Guide</ulink> for guidelines on how to
install the Nexus 1000v VSM and VEM modules.</para>
</listitem>
<listitem>
<para>The Nexus 1000v VSM is not deployed on a vSphere host that is managed by
&PRODUCT;.</para>
</listitem>
<listitem>
<para>When the maximum number of VEM modules per VSM instance is reached, an additional
VSM instance is created before introducing any more ESXi hosts. The limit is 64 VEM
modules for each VSM instance.</para>
</listitem>
<listitem>
<para>&PRODUCT; expects that the Management Network of the ESXi host is configured on the
standard vSwitch and searches for it in the standard vSwitch. Therefore, ensure that you
do not migrate the management network to Nexus 1000v virtual switch during
configuration.</para>
</listitem>
<listitem>
<para>All information given in <xref
linkend="vmware-vsphere-cluster-config-nexus-vswitch-preconfig"/></para>
</listitem>
</itemizedlist>
</section>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-preconfig">
<title>Nexus 1000v Virtual Switch Preconfiguration</title>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-preconfig-checklist">
<title>Preparation Checklist</title>
<para>For a smoother configuration of Nexus 1000v switch, gather the following information
before you start:</para>
<itemizedlist>
<listitem>
<para>vCenter Credentials</para>
</listitem>
<listitem>
<para>Nexus 1000v VSM IP address</para>
</listitem>
<listitem>
<para>Nexus 1000v VSM Credentials</para>
</listitem>
<listitem>
<para>Ethernet port profile names</para>
</listitem>
</itemizedlist>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-vcenter-credential-checklist">
<title>vCenter Credentials Checklist</title>
<para>You will need the following information about vCenter:</para>
<informaltable frame="all">
<tgroup cols="3" align="left" colsep="1" rowsep="1">
<colspec colname="c1"/>
<colspec colname="c2"/>
<colspec colname="c3"/>
<thead>
<row>
<entry><para>Nexus vSwitch Requirements</para></entry>
<entry><para>Value</para></entry>
<entry><para>Notes</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>vCenter IP</para></entry>
<entry><para/></entry>
<entry><para>The IP address of the vCenter.</para></entry>
</row>
<row>
<entry><para>Secure HTTP Port Number</para></entry>
<entry><para>443</para></entry>
<entry><para>Port 443 is configured by default; however, you can change the port
if needed.</para></entry>
</row>
<row>
<entry><para>vCenter User ID</para></entry>
<entry><para/></entry>
<entry><para>The vCenter user with administrator-level privileges. The vCenter
User ID is required when you configure the virtual switch in
&PRODUCT;.</para></entry>
</row>
<row>
<entry><para>vCenter Password</para></entry>
<entry><para/></entry>
<entry><para>The password for the vCenter user specified above. The password for
this vCenter user is required when you configure the switch in
&PRODUCT;.</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</section>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-net-config-checklist">
<title>Network Configuration Checklist</title>
<para>The following information specified in the Nexus Configure Networking screen is
displayed in the Details tab of the Nexus dvSwitch in the &PRODUCT; UI:</para>
<informaltable frame="all">
<tgroup cols="3" align="left" colsep="1" rowsep="1">
<colspec colname="c1"/>
<colspec colname="c2"/>
<colspec colname="c3"/>
<thead>
<row>
<entry><para>Network Requirements</para></entry>
<entry><para>Value</para></entry>
<entry><para>Notes</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>Control Port Group VLAN ID</para></entry>
<entry><para/></entry>
<entry><para>The VLAN ID of the Control Port Group. The control VLAN is used for
communication between the VSM and the VEMs.</para></entry>
</row>
<row>
<entry><para>Management Port Group VLAN ID</para></entry>
<entry><para/></entry>
<entry><para>The VLAN ID of the Management Port Group. The management VLAN
corresponds to the mgmt0 interface that is used to establish and maintain the
connection between the VSM and VMware vCenter Server.</para></entry>
</row>
<row>
<entry><para>Packet Port Group VLAN ID</para></entry>
<entry><para/></entry>
<entry><para>The VLAN ID of the Packet Port Group. The packet VLAN forwards
relevant data packets from the VEMs to the VSM.</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
<note>
<para>The VLANs used for control, packet, and management port groups can be the
same.</para>
</note>
<para>For more information, see <ulink
url="http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4_b/getting_started/configuration/guide/n1000v_gsg.pdf"
>Cisco Nexus 1000V Getting Started Guide</ulink>.</para>
</section>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-vsm-config-checklist">
<title>VSM Configuration Checklist</title>
<para>You will need the following information about network configuration:</para>
<informaltable frame="all">
<tgroup cols="3" align="left" colsep="1" rowsep="1">
<colspec colname="c1"/>
<colspec colname="c2"/>
<colspec colname="c3"/>
<thead>
<row>
<entry><para>VSM Configuration Parameters Value Notes</para></entry>
<entry><para>Value</para></entry>
<entry><para>Notes</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>Admin Name and Password</para></entry>
<entry><para/></entry>
<entry><para>The admin name and password to connect to the VSM appliance. You must
specify these credentials while configuring Nexus virtual
switch.</para></entry>
</row>
<row>
<entry><para>Management IP Address</para></entry>
<entry><para/></entry>
<entry><para>This is the IP address of the VSM appliance. This is the IP address
you specify in the virtual switch IP Address field while configuting Nexus
virtual switch.</para></entry>
</row>
<row>
<entry><para>SSL</para></entry>
<entry><para>Enable</para></entry>
<entry><para>Always enable SSL. SSH is usually enabled by default during the VSM
installation. However, check whether the SSH connection to the VSM is working,
without which &PRODUCT; failes to connect to the VSM.</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</section>
</section>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-create-port-profile">
<title>Creating a Port Profile</title>
<itemizedlist>
<listitem>
<para>Whether you create a Basic or Advanced zone configuration, ensure that you always
create an Ethernet port profile on the VSM after you install it and before you create
the zone.</para>
<itemizedlist>
<listitem>
<para>The Ethernet port profile created to represent the physical network or
networks used by an Advanced zone configuration trunk all the VLANs including
guest VLANs, the VLANs that serve the native VLAN, and the
packet/control/data/management VLANs of the VSM.</para>
</listitem>
<listitem>
<para>The Ethernet port profile created for a Basic zone configuration does not
trunk the guest VLANs because the guest VMs do not get their own VLANs provisioned
on their network interfaces in a Basic zone.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>An Ethernet port profile configured on the Nexus 1000v virtual switch should not
use in its set of system VLANs, or any of the VLANs configured or intended to be
configured for use towards VMs or VM resources in the &PRODUCT; environment.</para>
</listitem>
<listitem>
<para>You do not have to create any vEthernet port profiles – &PRODUCT; does that during
VM deployment.</para>
</listitem>
<listitem>
<para>Ensure that you create required port profiles to be used by &PRODUCT; for
different traffic types of &PRODUCT;, such as Management traffic, Guest traffic,
Storage traffic, and Public traffic. The physical networks configured during zone
creation should have a one-to-one relation with the Ethernet port profiles.</para>
</listitem>
</itemizedlist>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vmware-nexus-port-profile.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
<para>For information on creating a port profile, see <ulink
url="http://www.cisco.com/en/US/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_4_a/port_profile/configuration/guide/n1000v_port_profile.html"
>Cisco Nexus 1000V Port Profile Configuration Guide</ulink>.</para>
</section>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-assign-nic-adapters">
<title>Assigning Physical NIC Adapters</title>
<para>Assign ESXi host&apos;s physical NIC adapters, which correspond to each physical
network, to the port profiles. In each ESXi host that is part of the vCenter cluster,
observe the physical networks assigned to each port profile and note down the names of the
port profile for future use. This mapping information helps you when configuring physical
networks during the zone configuration on &PRODUCT;. These Ethernet port profile names are
later specified as VMware Traffic Labels for different traffic types when configuring
physical networks during the zone configuration. For more information on configuring
physical networks, see <xref linkend="vmware-vsphere-cluster-config-nexus-vswitch"
/>.</para>
</section>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-add-vlan-range">
<title>Adding VLAN Ranges</title>
<para>Determine the public VLAN, System VLAN, and Guest VLANs to be used by the &PRODUCT;.
Ensure that you add them to the port profile database. Corresponding to each physical
network, add the VLAN range to port profiles. In the VSM command prompt, run the
switchport trunk allowed vlan&lt;range&gt; command to add the VLAN ranges to the port
profile.</para>
<para>For example:</para>
<programlisting>switchport trunk allowed vlan 1,140-147,196-203</programlisting>
<para>In this example, the allowed VLANs added are 1, 140-147, and 196-203</para>
<para>You must also add all the public and private VLANs or VLAN ranges to the switch. This
range is the VLAN range you specify in your zone.</para>
<note>
<para>Before you run the vlan command, ensure that the configuration mode is enabled in
Nexus 1000v virtual switch.</para>
</note>
<para>For example:</para>
<para>If you want the VLAN 200 to be used on the switch, run the following command:</para>
<programlisting>vlan 200</programlisting>
<para>If you want the VLAN range 1350-1750 to be used on the switch, run the following
command:</para>
<programlisting>vlan 1350-1750</programlisting>
<para>Refer to Cisco Nexus 1000V Command Reference of specific product version.</para>
</section>
</section>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-enable">
<title>Enabling Nexus Virtual Switch in &PRODUCT;</title>
<para>To make a &PRODUCT; deployment Nexus enabled, you must set the vmware.use.nexus.vswitch
parameter true by using the Global Settings page in the &PRODUCT; UI. Unless this parameter
is set to &quot;true&quot; and restart the management server, you cannot see any UI options
specific to Nexus virtual switch, and &PRODUCT; ignores the Nexus virtual switch specific
parameters specified in the AddTrafficTypeCmd, UpdateTrafficTypeCmd, and AddClusterCmd API
calls.</para>
<para>Unless the &PRODUCT; global parameter &quot;vmware.use.nexus.vswitch&quot; is set to
&quot;true&quot;, &PRODUCT; by default uses VMware standard vSwitch for virtual network
infrastructure. In this release, &PRODUCT; doesn’t support configuring virtual networks in a
deployment with a mix of standard vSwitch and Nexus 1000v virtual switch. The deployment can
have either standard vSwitch or Nexus 1000v virtual switch.</para>
</section>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-config">
<title>Configuring Nexus 1000v Virtual Switch in &PRODUCT;</title>
<para>You can configure Nexus dvSwitch by adding the necessary resources while the zone is
being created.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vmware-nexus-add-cluster.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
<para>After the zone is created, if you want to create an additional cluster along with Nexus
1000v virtual switch in the existing zone, use the Add Cluster option. For information on
creating a cluster, see <xref linkend="add-clusters-vsphere"/>.</para>
<para>In both these cases, you must specify the following parameters to configure Nexus
virtual switch:</para>
<informaltable frame="all">
<tgroup cols="2" align="left" colsep="1" rowsep="1">
<colspec colname="c1"/>
<colspec colname="c2"/>
<thead>
<row>
<entry><para>Parameters</para></entry>
<entry><para>Description</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>Cluster Name</para></entry>
<entry><para>Enter the name of the cluster you created in vCenter. For example,
&quot;cloud.cluster&quot;.</para></entry>
</row>
<row>
<entry><para>vCenter Host</para></entry>
<entry><para>Enter the host name or the IP address of the vCenter host where you have
deployed the Nexus virtual switch.</para></entry>
</row>
<row>
<entry><para>vCenter User name</para></entry>
<entry><para>Enter the username that &PRODUCT; should use to connect to vCenter. This
user must have all administrative privileges.</para></entry>
</row>
<row>
<entry><para>vCenter Password</para></entry>
<entry><para>Enter the password for the user named above.</para></entry>
</row>
<row>
<entry><para>vCenter Datacenter</para></entry>
<entry><para>Enter the vCenter datacenter that the cluster is in. For example,
&quot;cloud.dc.VM&quot;.</para></entry>
</row>
<row>
<entry><para>Nexus dvSwitch IP Address</para></entry>
<entry><para>The IP address of the VSM component of the Nexus 1000v virtual
switch.</para></entry>
</row>
<row>
<entry><para>Nexus dvSwitch Username</para></entry>
<entry><para>The admin name to connect to the VSM appliance.</para></entry>
</row>
<row>
<entry><para>Nexus dvSwitch Password</para></entry>
<entry><para>The corresponding password for the admin user specified
above.</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
</section>
<section id="vmware-vsphere-cluster-config-nexus-vswitch-remove">
<title>Removing Nexus Virtual Switch</title>
<orderedlist>
<listitem>
<para>In the vCenter datacenter that is served by the Nexus virtual switch, ensure that
you delete all the hosts in the corresponding cluster.</para>
</listitem>
<listitem>
<para>Log in with Admin permissions to the &PRODUCT; administrator UI.</para>
</listitem>
<listitem>
<para>In the left navigation bar, select Infrastructure.</para>
</listitem>
<listitem>
<para>In the Infrastructure page, click View all under Clusters.</para>
</listitem>
<listitem>
<para>Select the cluster where you want to remove the virtual switch.</para>
</listitem>
<listitem>
<para>In the dvSwitch tab, click the name of the virtual switch.</para>
</listitem>
<listitem>
<para> In the Details page, click Delete Nexus dvSwitch icon. <inlinemediaobject>
<imageobject>
<imagedata fileref="./images/delete-button.png"/>
</imageobject>
<textobject>
<phrase>DeleteButton.png: button to delete dvSwitch</phrase>
</textobject>
</inlinemediaobject>
</para>
<para>Click Yes in the confirmation dialog box.</para>
</listitem>
</orderedlist>
</section>
</section>
<xi:include href="vmware-cluster-config-dvswitch.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<section id="vmware-vsphere-iscsi-storage-preparation">
<title>Storage Preparation for vSphere (iSCSI only)</title>
<para>Use of iSCSI requires preparatory work in vCenter. You must add an iSCSI target and create
an iSCSI datastore.</para>
<para>If you are using NFS, skip this section.</para>
<section id="vmware-vsphere-iscsi-storage-enable-initiator">
<title>Enable iSCSI initiator for ESXi hosts</title>
<orderedlist>
<listitem>
<para>In vCenter, go to hosts and Clusters/Configuration, and click Storage Adapters link.
You will see:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vmware-iscsi-initiator.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Select iSCSI software adapter and click Properties.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vmware-iscsi-initiator-properties.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Click the Configure... button.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vmware-iscsi-general.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Check Enabled to enable the initiator.</para>
</listitem>
<listitem>
<para>Click OK to save.</para>
</listitem>
</orderedlist>
</section>
<section id="vmware-vsphere-iscsi-storage-add-target">
<title>Add iSCSI target</title>
<para>Under the properties dialog, add the iSCSI target info:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vmware-iscsi-target-add.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
<para>Repeat these steps for all ESXi hosts in the cluster.</para>
</section>
<section id="vmware-vsphere-iscsi-storage-create-datastore">
<title>Create an iSCSI datastore</title>
<para>You should now create a VMFS datastore. Follow these steps to do so:</para>
<orderedlist>
<listitem>
<para>Select Home/Inventory/Datastores.</para>
</listitem>
<listitem>
<para>Right click on the datacenter node.</para>
</listitem>
<listitem>
<para>Choose Add Datastore... command.</para>
</listitem>
<listitem>
<para>Follow the wizard to create a iSCSI datastore.</para>
</listitem>
</orderedlist>
<para>This procedure should be done on one host in the cluster. It is not necessary to do this
on all hosts.</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/vmware-iscsi-datastore.png"/>
</imageobject>
<textobject>
<phrase>vsphereclient.png: vSphere client</phrase>
</textobject>
</mediaobject>
</section>
<section id="vmware-vsphere-iscsi-storage-multipathing">
<title>Multipathing for vSphere (Optional)</title>
<para>Storage multipathing on vSphere nodes may be done according to the vSphere installation
guide.</para>
</section>
</section>
<section id="vmware-add-hosts-config-vsphere-cluster">
<title>Add Hosts or Configure Clusters (vSphere)</title>
<para>Use vCenter to create a vCenter cluster and add your desired hosts to the cluster. You
will later add the entire cluster to &PRODUCT;. (see <xref linkend="add-clusters-vsphere"
/>).</para>
</section>
<section id="esxi-patch-install">
<title>Applying Hotfixes to a VMware vSphere Host</title>
<orderedlist>
<listitem>
<para>Disconnect the VMware vSphere cluster from &PRODUCT;. It should remain disconnected
long enough to apply the hotfix on the host.</para>
<orderedlist numeration="loweralpha">
<listitem>
<para>Log in to the &PRODUCT; UI as root. </para>
<para>See <xref linkend="log-in"/>.</para>
</listitem>
<listitem>
<para>Navigate to the VMware cluster, click Actions, and select Unmanage.</para>
</listitem>
<listitem>
<para>Watch the cluster status until it shows Unmanaged.</para>
</listitem>
</orderedlist>
</listitem>
<listitem>
<para>Perform the following on each of the ESXi hosts in the cluster:</para>
<orderedlist numeration="loweralpha">
<listitem>
<para>Move each of the ESXi hosts in the cluster to maintenance mode.</para>
</listitem>
<listitem>
<para>Ensure that all the VMs are migrated to other hosts in that cluster.</para>
</listitem>
<listitem>
<para>If there is only one host in that cluster, shutdown all the VMs and move the host
into maintenance mode.</para>
</listitem>
<listitem>
<para>Apply the patch on the ESXi host.</para>
</listitem>
<listitem>
<para>Restart the host if prompted.</para>
</listitem>
<listitem>
<para>Cancel the maintenance mode on the host.</para>
</listitem>
</orderedlist>
</listitem>
<listitem>
<para>Reconnect the cluster to &PRODUCT;:</para>
<orderedlist numeration="loweralpha">
<listitem>
<para>Log in to the &PRODUCT; UI as root.</para>
</listitem>
<listitem>
<para>Navigate to the VMware cluster, click Actions, and select Manage.</para>
</listitem>
<listitem>
<para>Watch the status to see that all the hosts come up. It might take several minutes
for the hosts to come up.</para>
<para>Alternatively, verify the host state is properly synchronized and updated in the
&PRODUCT; database.</para>
</listitem>
</orderedlist>
</listitem>
</orderedlist>
</section>
</section>