CISCO ACI Virtual Machine Networking Jagorar Mai Amfani

Abubuwan da ke ciki boye

1 CISCO ACI Virtual Machine Networking

2 Bayanin samfur

3 Umarnin Amfani da samfur

4 Tallafin Sadarwar Sadarwa

5 Taswirar Cisco ACI da VMware Gina-gine

6 VMM Domain EPG Association

7 Game da Trunk Port Group

8 Haɗe-haɗe Profile

9 Gaggawar Turawa

10 NetFlow tare da Virtual Machine Networking

11 Takardu / Albarkatu

11.1 Magana

CISCO ACI Virtual Machine Networking

Bayanin samfur

Ƙayyadaddun bayanai:
- Kayayyakin Talla da Masu siyarwa: Cisco ACI tana goyan bayan manajojin injin kama-da-wane (VMMs) daga samfura da dillalai daban-daban. Koma zuwa Cisco ACI Virtualization Compatibility Matrix don mafi yawan halin yanzu na ingantattun samfuran masu mu'amala da juna.

Umarnin Amfani da samfur

Taswirar Cisco ACI da VMware Gina-gine: Cisco Application Centric Infrastructure (ACI) da VMware suna amfani da kalmomi daban-daban don bayyana ginin iri ɗaya. Tebu mai zuwa yana ba da taswirar Cisco ACI da kalmomin VMware masu dacewa da VMware vSphere Distributed Switch (VDS).

Cisco ACI Sharuɗɗan	Sharuɗɗan VMware
Ƙungiya ta Ƙarshen (EPG)	Ƙungiyar tashar jiragen ruwa, rukuni
LACP Active	LACP Passive
MAC Pinning	MAC Pinning-Jiki-NIC-Load
Tashoshi Tsaye - Yanayin ON	Manajan Injin Virtual (VMM) yankin VDS
Mai sarrafa VM	vCenter (Datacenter)

Mai sarrafa Na'ura Mai Haɓaka Manyan Abubuwan Yanki:
- ACI masana'anta manajan inji mai kama-da-wane (VMM) suna ba masu gudanarwa damar saita manufofin haɗin kai don masu sarrafa injin kama-da-wane. Babban abubuwan da ke cikin manufofin yanki na ACI VMM sun haɗa da:
- Mai sarrafa Injin Virtual (VMM).
- Mai sarrafa VM
- vCenter (Datacenter)
- Lura: Yankin VMM guda ɗaya zai iya ƙunsar misalai da yawa na masu sarrafa VM, amma dole ne su kasance daga mai siyarwa ɗaya (misali, VMware ko Microsoft).
Wuraren Manajan Injin Kaya:
- APIC VMM profile manufa ce da ke bayyana yankin VMM. An ƙirƙiri manufar yankin VMM a cikin APIC kuma an tura shi cikin maɓallan ganye. Wuraren VMM suna samar da abubuwa masu zuwa:
VMM Domain VLAN Pool Association
- Wuraren VLAN suna wakiltar tubalan abubuwan gano zirga-zirgar VLAN. Tafkin VLAN shine albarkatun da aka raba kuma ana iya cinye shi ta yankuna da yawa kamar wuraren VMM da sabis na Layer 4 zuwa Layer 7.
- Ana iya haɗa yankin VMM tare da tafkin VLAN mai ƙarfi ɗaya kawai.
- Ta hanyar tsoho, ana sanya masu gano VLAN zuwa EPGs masu alaƙa da yankin VMM ta Cisco APIC.
- Koyaya, masu gudanarwa zasu iya sanya mai gano VLAN a zahiri zuwa ƙungiyar ƙarshen (EPG) maimakon.
- A irin waɗannan lokuta, dole ne a zaɓi masu gano abubuwan da aka yi amfani da su daga ɓangarorin ɓoyewa a cikin tafkin VLAN da ke da alaƙa da yankin VMM, kuma dole ne a canza nau'in rarraba su zuwa tsaye.
- Cisco APIC yana tanadar VMM yankin VLAN akan tashoshin ganye dangane da abubuwan da suka faru na EPG, ko dai a kai a kai a kan tashoshin ganye ko kuma bisa abubuwan da suka faru na VM daga masu sarrafawa kamar VMware vCenter ko Microsoft SCVMM.
- Lura: A cikin tafkunan VLAN masu ƙarfi, idan aka raba VLAN daga EPG, za ta sake haɗuwa ta atomatik tare da EPG bayan mintuna biyar.
- Ƙungiyar VLAN mai ƙarfi ba wani ɓangare na sake dawowa ba ne, ma'ana idan an cire EPG ko ɗan haya da farko sannan kuma a mayar da shi daga maajiyar, sabon VLAN za a keɓe kai tsaye daga wuraren tafkunan VLAN masu ƙarfi.

FAQ:
- Q: Wadanne kayayyaki da dillalai ne Cisco ACI ke tallafawa?
- A: Cisco ACI tana goyan bayan manajojin injin kama-da-wane (VMMs) daga samfura da dillalai daban-daban. Da fatan za a koma zuwa Cisco ACI Virtualization Compatibility Matrix don mafi yawan halin yanzu na ingantattun samfuran haɗin gwiwa.
- Q: Zan iya sanya mai gano VLAN ga EPG maimakon sanya shi a hankali?
- A: Ee, zaku iya sanya mai gano VLAN a tsaye ga ƙungiyar ƙarshen (EPG) mai alaƙa da yankin VMM. Duk da haka, dole ne a zaɓi mai ganowa daga ɓangarori na ɓoyewa a cikin tafkin VLAN da ke da alaƙa da yankin VMM, kuma dole ne a canza nau'in rabon zuwa tsaye.
- Q: Me zai faru idan an raba VLAN daga EPG a cikin tafkin VLAN mai ƙarfi?
- A: Idan VLAN ta rabu da EPG a cikin tafkin VLAN mai ƙarfi, za ta sake haɗuwa ta atomatik tare da EPG bayan minti biyar.
- Q: Shin ƙungiyar VLAN mai ƙarfi tana cikin juzu'in daidaitawa?
- A: A'a, ƙungiyar VLAN mai ƙarfi ba wani ɓangare na sake dawowa ba. Idan an cire EPG ko ɗan haya da farko sannan kuma aka dawo dashi daga maajiyar, sabon VLAN za a keɓe kai tsaye daga wuraren tafkunan VLAN masu ƙarfi.

Wannan babin ya ƙunshi sassa masu zuwa:

• Cisco ACI VM Networking Support for Virtual Machine Managers, a shafi na 1
• Taswirar Cisco ACI da VMware Constructs, a shafi na 2
• Manajan Injin Farko Domain Manyan Abubuwan Yanki, a shafi na 3
• Domains Manager Machine Virtual, a shafi na 4
• Ƙungiyar Pool ta VMM Domain VLAN, a shafi na 4
• Ƙungiyar VMM Domain EPG, a shafi na 5
• Game da Rukunin Tashar Jirgin Ruwa, a shafi na 7
• Haɗe-haɗe Profile, shafi na 8
• Ƙimar Manufofin EPG da Gaggawar Aiwatarwa, a shafi na 9
• Sharuɗɗa don Share Domain VMM, a shafi na 10
• NetFlow tare da Virtual Machine Networking, a shafi na 11
• Shirya matsala Haɗin VMM, a shafi na 13

Tallafin Sadarwar Sadarwa

Cisco ACI VM Networking Support for Virtual Machine Managers

Fa'idodin ACI VM Networking

Cisco Application Centric Infrastructure (ACI) na'ura mai kama-da-wane (VM) sadarwar yanar gizo tana goyan bayan masu haɓakawa daga masu siyarwa da yawa.
Yana ba da damar shirye-shirye na hypervisor da damar kai tsaye zuwa manyan ayyuka masu ƙima da kayan aikin cibiyar bayanai.
Ƙirƙirar shirye-shirye da aiki da kai sune mahimman fasalulluka na abubuwan more rayuwa na cibiyar haɓaka bayanai.
Cisco ACI na buɗe REST API yana ba da damar haɗin injin kama-da-wane tare da tsara ƙirar Cisco ACI na tushen manufa.
Cibiyar sadarwa ta Cisco ACI VM tana ba da damar aiwatar da daidaitattun manufofi a duk nau'ikan ayyuka na kama-da-wane da na zahiri waɗanda masu haɓakawa daga dillalai da yawa ke gudanarwa.
Haɗe-haɗe profiles cikin sauƙi yana ba da damar motsin VM da sanya kayan aiki a ko'ina cikin masana'antar Cisco ACI.
Cisco Application Policy Controller Infrastructure Controller (APIC) yana ba da matsala ta tsaka-tsaki, ƙimar lafiyar aikace-aikacen, da saka idanu na gani.
Cisco ACI Multi-hypervisor VM aiki da kai yana rage ko kawar da saitin hannu da kurakurai na hannu. Wannan yana ba da damar cibiyoyin bayanai masu ƙima don tallafawa ɗimbin VMs masu dogaro da farashi mai inganci.

Kayayyakin tallafi da Dillalai

Cisco ACI yana goyan bayan manajojin inji (VMMs) daga samfura da masu siyarwa masu zuwa:
Cisco Unified Computing System Manager (UCSM)
Haɗin kai Ana goyan bayan Cisco UCSM farawa a cikin Sakin Cisco Cisco APIC 4.1(1). Don bayani, duba babin “Cisco ACI tare da Haɗin gwiwar Sisiko UCSM a cikin Jagorar Haɓakawa ta Cisco ACI, Saki 4.1(1).

Cisco Application Centric Infrastructure (ACI) Virtual Pod (iPod)

Cisco ACI vPod yana gaba ɗaya samuwa yana farawa a cikin Sakin Cisco APIC 4.0(2). Don bayani, duba takaddun Cisco ACI vPod akan Cisco.com.

Cloud Foundry

Cloud Foundry hadewa tare da Cisco ACI ana goyan bayan farawa da Cisco APIC Sakin 3.1(2). Don bayani, duba labarin tushen ilimi, Cisco ACI da Cloud Found Integration akan Cisco.com.

Kubernetes

Don ƙarin bayani, duba labarin tushen ilimi, Cisco ACI da Kubernetes Haɗin kai on Cisco.com.

Manajan Injin Kaya na Cibiyar Microsoft (SCVMM)

Don bayani, duba surori "Cisco ACI tare da Microsoft SCVMM" da "Cisco ACI tare da Microsoft Windows Azure Pack" a cikin Cisco ACI Virtualization Guide on Cisco.com.

OpenShift

Don bayani, duba Dokokin OpenShift. kan Cisco.com.

OpenStack

Don bayani, duba Dokokin OpenStack on Cisco.com.

Hatsarin Hat Hat (RHV)

Don ƙarin bayani, duba labarin tushen ilimi, Cisco ACI da Red Hat Haɗin kai. kan Cisco.com.

VMware Virtual Distributed Switch (VDS)

Don bayani, duba babin "Cisco"ACI tare da Haɗin VMware VDS" a cikin Cisco ACI Virtualization Guide.
Duba cikin Cisco ACI Virtualization Compatibility Matrix. don mafi yawan halin yanzu na ingantattun samfuran haɗin gwiwa.

Taswirar Cisco ACI da VMware Gina-gine

Cisco Application Centric Infrastructure (ACI) da VMware suna amfani da kalmomi daban-daban don bayyana ginin iri ɗaya. Wannan sashe yana ba da tebur don yin taswirar Cisco ACI da kalmomin VMware; bayanin ya dace da VMware vSphere Distributed Switch (VDS).

Cisco ACI Sharuɗɗan	VMware Sharuɗɗan
Ƙungiya ta Ƙarshen (EPG)	Ƙungiyar tashar jiragen ruwa, rukuni

Cisco ACI Sharuɗɗan	VMware Sharuɗɗan
LACP Active	• Hanyar da ta danganci IP hash (ƙungiyar tashar tashar jiragen ruwa ta ƙasa) • An kunna LACP/Aiki (ƙungiyar tashar tashar jiragen ruwa)
LACP Passive	• Hanyar da ta danganci IP hash (ƙungiyar tashar tashar jiragen ruwa ta ƙasa) • An kunna LACP/Aiki (ƙungiyar tashar tashar jiragen ruwa)
MAC Pinning	Hanyar da ta dogara akan asalin tashar tashar jiragen ruwa • An kashe LACP
MAC Pinning-Jiki-NIC-Load	Hanyar da ta dogara da nauyin NIC na zahiri • An kashe LACP
Tashoshi Tsaye - Yanayin ON	• Hanyar da ta danganci IP Hash (ƙungiyar tashar tashar jiragen ruwa ta ƙasa) • An kashe LACP
Mai sarrafa Injin Virtual (VMM).	VDS
Mai sarrafa VM	vCenter (Datacenter)

Manajan Injin Farko Domain Manyan Abubuwan Yanki

Wuraren yanki na ACI masana'anta kama-da-wane inji manajan (VMM) yana bawa mai gudanarwa damar saita manufofin haɗin kai don masu sarrafa injin kama-da-wane. Muhimman abubuwan haɗin kai na manufofin yanki na ACI VMM sun haɗa da masu zuwa:

Manajan Injin Virtual Domain Profile—Ƙungiyoyin masu sarrafa VM masu irin buƙatun manufofin hanyar sadarwar. Don misaliampHar ila yau, masu kula da VM na iya raba wuraren tafkunan VLAN da ƙungiyoyin ƙarshen aikace-aikacen (EPGs). APIC yana sadarwa tare da mai sarrafawa don buga saitunan cibiyar sadarwa kamar ƙungiyoyin tashar jiragen ruwa waɗanda aka yi amfani da su zuwa kayan aikin kama-da-wane. VMM yankin profile ya ƙunshi abubuwa masu mahimmanci masu zuwa:
Shaida -Haɗa ingantaccen shaidar mai amfani mai sarrafa VM tare da yankin APIC VMM.
Mai sarrafawa -Yana ƙayyadaddun yadda ake haɗawa da mai sarrafa VM wanda wani yanki ne na yankin aiwatar da manufofi.

Don misaliample, mai sarrafawa yana ƙayyade haɗin kai zuwa VMware vCenter wanda ke wani yanki na VMM.

Lura

Yankin VMM guda ɗaya zai iya ƙunsar misalai da yawa na masu sarrafa VM, amma dole ne su kasance daga mai siyarwa ɗaya (na tsohonample, daga VMware ko daga Microsoft.

Ƙungiyar EPG-Ƙungiyoyin Ƙarshen Ƙarshen suna daidaita haɗin kai da ganuwa a tsakanin maƙasudin ƙarshen cikin iyakar manufofin yanki na VMM. EPGs na yankin VMM suna aiki kamar haka: APIC tana tura waɗannan EPGs azaman ƙungiyoyin tashar jiragen ruwa zuwa cikin mai sarrafa VM. EPG na iya ɗaukar yankuna na VMM da yawa, kuma yankin VMM na iya ƙunsar EPGs da yawa.
Haɗe-haɗe Profile Ƙungiyar-Haɗa yankin VMM tare da kayan aikin cibiyar sadarwa ta zahiri. Haɗin mahaɗan profile (AEP) samfuri ne na hanyar sadarwa wanda ke ba da damar tura manufofin masu sarrafa VM akan babban saiti na tashoshin sauya ganye. Wani AEP yana ƙayyadad da waɗanne maɓalli da tashoshin jiragen ruwa suke samuwa, da kuma yadda aka daidaita su.
Ƙungiyar VLANPool-A Tafkin VLAN yana ƙayyadaddun ID na VLAN ko jeri da aka yi amfani da su don ɗaukar hoto na VLAN wanda yankin VMM ke cinyewa.

Domains Manajan Injin Kaya

APIC VMM profile manufa ce da ke bayyana yankin VMM. An ƙirƙiri manufar yankin VMM a cikin APIC kuma an tura shi cikin maɓallan ganye.

Wuraren VMM suna samar da abubuwa masu zuwa:

Layer na gama gari a cikin masana'anta na ACI wanda ke ba da damar goyan baya mai iya jurewa kuskure don dandamali mai sarrafa VM da yawa.
Tallafin VMM ga masu haya da yawa a cikin masana'antar ACI. Wuraren VMM sun ƙunshi masu sarrafa VM kamar VMware vCenter ko Microsoft SCVMM Manager da kuma takaddun (s) da ake buƙata don ACI API don yin hulɗa tare da mai sarrafa VM.
Yankin VMM yana ba da damar VMmobility a cikin yankin amma ba a cikin yanki ba.

Yankin VMM guda ɗaya zai iya ƙunsar lokuta da yawa na masu sarrafa VM amma dole ne su kasance iri ɗaya.
Don misaliampHar ila yau, yankin VMM na iya ƙunsar yawancin VMware vCenters masu sarrafa masu sarrafawa da yawa kowanne yana gudanar da VMs da yawa amma yana iya ƙunsar Manajojin SCVMM.
Wani yanki na VMM yana samar da abubuwan sarrafawa (kamar pNICs, vNICs, VM sunayen, da sauransu) kuma yana tura manufofi cikin masu sarrafawa, ƙirƙirar ƙungiyoyin tashar jiragen ruwa, da sauran abubuwan da suka dace.

Yankin ACI VMM yana sauraron abubuwan masu sarrafawa kamar motsin VM kuma yana amsa daidai.

VMM Domain VLAN Pool Association

Wuraren VLAN suna wakiltar tubalan abubuwan gano zirga-zirgar VLAN. Tafkin VLAN shine albarkatun da aka raba kuma ana iya cinye shi ta yankuna da yawa kamar wuraren VMM da sabis na Layer 4 zuwa Layer 7.

Kowane tafkin yana da nau'in rabo (a tsaye ko mai ƙarfi), wanda aka ayyana a lokacin ƙirƙirarsa.
Nau'in rarrabawa yana ƙayyade ko za'a yi amfani da masu gano da ke ƙunshe a cikinta don aiki ta atomatik ta Cisco APIC (tsauri) ko saita a bayyane ta mai gudanarwa (a tsaye).
Ta hanyar tsoho, duk tubalan da ke ƙunshe a cikin tafkin VLAN suna da nau'in rarrabawa iri ɗaya kamar tafkin amma masu amfani za su iya canza nau'in rarrabawa don ɓangarori na ɓoye waɗanda ke ƙunshe a cikin wuraren waha mai ƙarfi zuwa tsaye. Yin haka ya keɓe su daga rabo mai ƙarfi.

Ana iya haɗa yankin VMM tare da tafkin VLAN mai ƙarfi ɗaya kawai.
Ta hanyar tsoho, aikin masu gano VLAN zuwa EPGs waɗanda ke da alaƙa da wuraren VMM ana yin su da ƙarfi ta Cisco APIC.
Yayin da rabo mai ƙarfi shine tsoho kuma ƙa'idar da aka fi so, mai gudanarwa na iya sanya mai gano VLAN a tsaye zuwa ƙungiyar ƙarshen (EPG) maimakon.

A wannan yanayin, dole ne a zaɓi masu gano abubuwan da aka yi amfani da su daga ɓangarori na ɓoye a cikin tafkin VLAN da ke da alaƙa da yankin VMM, kuma dole ne a canza nau'in rarraba su zuwa tsaye.
Cisco APIC yana tanadar VMM yankin VLAN akan tashoshin ganye dangane da abubuwan da suka faru na EPG, ko dai a kai a kai a kan tashoshin ganye ko kuma bisa abubuwan da suka faru na VM daga masu sarrafawa kamar VMware vCenter ko Microsoft SCVMM.

Lura

A cikin tafkunan VLAN masu ƙarfi, idan aka raba VLAN daga EPG, ana haɗa shi ta atomatik tare da EPG cikin mintuna biyar.

Lura

Ƙungiya mai ƙarfi ta VLAN ba wani ɓangare na sake dawowa ba ne, wato, idan an cire EPG ko ɗan haya da farko sannan kuma a mayar da shi daga maajiyar, sabon VLAN yana keɓance ta atomatik daga wuraren tafkunan VLAN masu ƙarfi.

VMM Domain EPG Association

Kayan aikin Cisco Application Centric Infrastructure (ACI) masana'anta na haɗin aikace-aikacen ɗan haya profile Ƙungiyoyin ƙarewa (EPGs) zuwa wuraren sarrafa injin kama-da-wane (VMM), Cisco ACI yana yin haka ta atomatik ta hanyar ƙungiyar ƙungiyar kamar Microsoft Azure, ko ta Cisco Application Policy Infrastructure Controller (APIC) mai gudanarwa yana ƙirƙirar irin wannan jeri. EPG na iya ɗaukar yankuna na VMM da yawa, kuma yankin VMM na iya ƙunsar EPGs da yawa.

A cikin kwatancin da ya gabata, wuraren ƙarewa (EPs) na launi ɗaya ɓangare ne na EPG ɗaya. Don misaliample, duk koren EPs suna cikin EPG ɗaya ko da yake suna cikin yankuna VMM daban-daban guda biyu. Dubi sabuwar Jagorar Haɓaka Ƙarfafawa don Cisco ACI don cibiyar sadarwar kama-da-wane da bayanin iyawar EPG na yankin VMM.

Lura

Wuraren VMM da yawa na iya haɗawa zuwa canjin ganye iri ɗaya idan ba su da tafkunan VLAN masu ruɓanya akan tashar jiragen ruwa guda.

Hakazalika, zaku iya amfani da wuraren tafkunan VLAN iri ɗaya a cikin yankuna daban-daban idan ba su yi amfani da tashar jiragen ruwa ɗaya na canjin ganye ba.

EPGs na iya amfani da wuraren VMM da yawa ta hanyoyi masu zuwa:

Ana gano EPG a cikin yanki na VMM ta amfani da mai ganowa. Cisco APIC na iya sarrafa mai ganowa ta atomatik, ko mai gudanarwa na iya zaɓar ta a tsaye. ExampVLAN ne, Virtual Network ID (VNID).

Ana iya tsara taswirar EPG zuwa nau'ikan jiki da yawa (don sabar ƙarfe mara ƙarfi) ko yanki mai kama-da-wane. Yana iya amfani da rukunonin VLAN ko VNID daban-daban a kowane yanki.

Lura

Ta hanyar tsohuwa, Cisco APIC yana sarrafa rabon VLAN don EPG.

Masu gudanar da VMware DVS suna da zaɓi don saita takamaiman VLAN don EPG.
A wannan yanayin, ana zaɓar VLAN daga madaidaicin yanki na yanki a cikin tafkin da ke da alaƙa da yankin VMM.
Ana iya tura aikace-aikace a cikin yankunan VMM.

Yayin da ake tallafawa ƙaura kai tsaye na VMs a cikin yankin VMM, ƙaura kai tsaye na VMs a cikin wuraren VMM ba a tallafawa.

Lura

Lokacin da kuka canza VRF akan yankin gada wanda ke da alaƙa da EPG tare da yanki na VMM mai alaƙa, ana share rukunin tashar jiragen ruwa sannan a sake ƙarawa akan vCenter.

Wannan yana haifar da rashin aikin EPG daga yankin VMM. Ana tsammanin wannan halayen.

Game da Trunk Port Group

Kuna amfani da rukunin tashar tashar jirgin ruwa don tara zirga-zirgar ƙungiyoyin ƙarshen (EPGs) don yanki na VMware manajan inji (VMM).
Ba kamar ƙungiyoyin tashar jiragen ruwa na yau da kullun ba, waɗanda aka saita a ƙarƙashin shafin Masu haya a cikin Mai Kula da Ka'idodin Kayayyakin Kayan Aiki na Aikace-aikacen Cisco (APIC) GUI, an saita ƙungiyoyin tashar jiragen ruwa a ƙarƙashin shafin sadarwar VM.

Ƙungiyoyin tashar jiragen ruwa na yau da kullun suna bin tsarin T|A|E na sunayen EPG.
Haɗin EPGs a ƙarƙashin yanki ɗaya yana dogara ne akan kewayon VLAN, wanda aka ƙayyade azaman toshewar ɓoyewa da ke ƙunshe a rukunin tashar tashar jirgin ruwa.
A duk lokacin da aka canza encapsulation na EPG ko kuma aka canza toshewar rukunin tashar tashar jirgin ruwa, ana sake kimanta tara don sanin ko ya kamata a tara EGP.

Ƙungiyar tashar tashar jiragen ruwa tana sarrafa kayan aikin ganye na albarkatun cibiyar sadarwa, kamar VLANs, waɗanda aka keɓe ga EPGs ana tara su.
EPGs sun haɗa da EPG na tushe da microsegmented (uSeg) EPGs. Game da EPG mai amfani, ana buƙatar kewayon VLAN na rukunin tashar tashar jirgin ruwa don haɗa duka VLANs na farko da na sakandare.

Don ƙarin bayani, duba hanyoyin masu zuwa:

Haɗe-haɗe Profile

Masana'antar ACI tana ba da abubuwan haɗin kai da yawa waɗanda ke haɗa ta hanyar tashar jiragen ruwa zuwa wasu abubuwan waje daban-daban kamar sabar sabar ƙarfe mara ƙarfi, masu sarrafa injin kama-da-wane, masu sauya Layer 2 (don ex.ample, haɗin haɗin masana'anta na Cisco UCS), ko masu amfani da layin Layer 3 (misaliampda Cisco Nexus 7000 Series switches). Wadannan maki na haɗe-haɗe na iya zama tashar jiragen ruwa ta zahiri, tashar jiragen ruwa na FEX, tashoshin tashar jiragen ruwa, ko tashar tashar jiragen ruwa ta kama-da-wane (vPC) akan masu sauya ganye.

Lura

Lokacin ƙirƙirar yankin VPC tsakanin masu sauya ganye guda biyu, duka masu sauyawa dole ne su kasance a cikin tsarar canji ɗaya, ɗayan waɗannan masu zuwa:

Generation 1 - Cisco Nexus N9K yana canzawa ba tare da "EX" ko "FX" ba a ƙarshen sunan canji; domin misaliampSaukewa: N9K-9312TX
Generation 2 - Cisco Nexus N9K yana canzawa tare da "EX" ko "FX" a ƙarshen sunan samfurin canzawa; domin misaliampSaukewa: N9K-93108TC-EX

Sauyawa irin waɗannan biyun ba su dace da takwarorinsu na VPC ba. Madadin haka, yi amfani da maɓallan tsararraki ɗaya. Ƙungiyar Haɗe-haɗe Profile (AEP) yana wakiltar ƙungiyar ƙungiyoyin waje waɗanda ke da buƙatun manufofin abubuwan more rayuwa iri ɗaya. Manufofin samar da ababen more rayuwa sun ƙunshi manufofin keɓancewa ta zahiri waɗanda ke saita zaɓuɓɓukan ƙa'idodi daban-daban, kamar Cisco Discovery Protocol (CDP), Link Layer Discovery Protocol (LLDP), ko Link Aggregation Control Protocol (LACP) Ana buƙatar AEP don tura wuraren tafki na VLAN akan masu sauya ganye. . Tubalan rufewa (da VLANs masu alaƙa) ana iya sake yin amfani da su a cikin maɓallan ganye. Wani AEP a fakaice yana ba da iyakar tafkin VLAN zuwa kayan aikin jiki. Dole ne a lissafta buƙatun AEP masu zuwa da abin dogaro a cikin yanayin yanayin sanyi daban-daban, gami da haɗin cibiyar sadarwa, wuraren VMM, da daidaitawar kwas ɗin multipods:

AEP yana bayyana kewayon da aka yarda da VLANS amma baya tanadar su. Babu zirga-zirgar ababen hawa sai dai idan an sanya EPG akan tashar jiragen ruwa. Ba tare da ayyana tafkin VLAN a cikin AEP ba, ba a kunna VLAN akan tashar ganye ko da an samar da EPG.
An samar da ko kunna wani VLAN na musamman akan tashar leaf wanda ya dogara da abubuwan EPG ko dai yana ɗaure kan tashar ganye ko kuma bisa abubuwan VM daga masu kula da waje kamar VMware vCenter ko Microsoft Azure Service Virtual Machine Manager (SCVMM).
Haɗe-haɗe profiles za a iya haɗa kai tsaye tare da EPGs na aikace-aikacen, waɗanda ke tura EPGs ɗin aikace-aikacen da ke da alaƙa zuwa duk waɗancan tashoshin jiragen ruwa da ke da alaƙa da abin da aka haɗe pro.file. AEP yana da aikin daidaitawa na gama gari (infraGeneric), wanda ya ƙunshi alaƙa da EPG (infraRsFuncToEpg) wanda aka tura akan duk musaya waɗanda ke ɓangaren masu zaɓin waɗanda ke da alaƙa da mahaɗan pro.file.

Yankin mai sarrafa injin kama-da-wane (VMM) yana samun manufofin mu'amala ta jiki ta atomatik daga ƙungiyoyin manufofin mu'amala na AEP.
Ana iya amfani da manufar sokewa a AEP don ƙididdige wata manufar mu'amala ta zahiri don yankin VMM. Wannan manufar tana da amfani a yanayin yanayi inda aka haɗa mai sarrafa VM zuwa canjin ganye ta hanyar matsakaiciyar kumburin Layer 2, kuma ana son wata manufa ta daban a canjin ganye da tashar jiragen ruwa mai sarrafa VM. Don misaliampHar ila yau, za ku iya saita LACP tsakanin maɓalli na ganye da kullin Layer 2. A lokaci guda, zaku iya kashe LACP tsakanin mai sarrafa VM da mai canza Layer 2 ta hanyar kashe LACP a ƙarƙashin manufar kawar da AEP.

Gaggawar Turawa

Tsarin Manufofin EPG da Gaggawar Aiwatarwa

A duk lokacin da ƙungiyar ƙarshe (EPG) ta haɗe zuwa yankin mai sarrafa injin kama-da-wane (VMM), mai gudanarwa na iya zaɓar ƙuduri da zaɓin turawa don tantance lokacin da ya kamata a tura wata manufa cikin sauya ganye.

Gaggawar ƙuduri

Gabatarwa: Yana ƙayyadaddun manufofin (ga misaliample, VLAN, VXLAN dauri, kwangiloli, ko masu tacewa) ana zazzage su zuwa canjin ganye tun kafin a haɗe mai sarrafa VM zuwa maɓalli mai kama-da-wane (don ex.ample, VMware vSphere Distributed Switch (VDS). Wannan ya riga ya tanadar da daidaitawa akan maɓalli.

Wannan yana taimakawa yanayin da zirga-zirgar zirga-zirga don masu kula da hypervisors/VM ke kuma amfani da canjin kama-da-wane da ke da alaƙa da Mai Kula da Manufofin Kayan Aiki na Aikace-aikacen Cisco (APIC) VMM domain (VMM switch).
Aiwatar da manufar VMM kamar VLAN akan canjin ganye na Cisco Application Centric Infrastructure (ACI) yana buƙatar Cisco APIC don tattara bayanan CDP/LLDP daga duka masu haɓakawa ta hanyar mai sarrafa VM da Canjin ganye na Cisco ACI. Koyaya, idan mai kula da VM yakamata yayi amfani da manufar VMM iri ɗaya (canjin VMM) don sadarwa tare da masu haɓakawa ko ma Cisco APIC, bayanan CDP/LLDP na masu haɓakawa ba za a taɓa tattarawa ba saboda manufar da ake buƙata don mai sarrafa VM / hypervisor. Har yanzu ba a tura zirga-zirgar gudanarwa ba.
Lokacin amfani da gaggawar samarwa, ana zazzage manufar zuwa madaidaicin leaf na Cisco ACI ko da kuwa

CDP/LLDP makwabta. Ko da ba tare da mai watsa shirye-shiryen hypervisor ba wanda ke da alaƙa da sauya VMM.
Nan take: Yana ƙayyadad da cewa ana zazzage manufofin EPG (ciki har da kwangiloli da masu tacewa) zuwa software mai alaƙa da canjin ganye akan haɗe-haɗe na ESXi zuwa DVS. Ana amfani da izini na LLDP ko OpFlex don warware mai sarrafa VM zuwa haɗe-haɗe na kumburi.
Za a zazzage manufofin zuwa Leaf lokacin da kuka ƙara mai watsa shiri zuwa sauya VMM. Ana buƙatar maƙwabtan CDP/LLDP daga mai masaukin baki zuwa ganye.

Akan Bukatar: Yana ƙayyadaddun manufofin (ga misaliample, VLAN, VXLAN ɗaurin, kwangiloli, ko tacewa) ana turawa zuwa kumburin ganye kawai lokacin da aka haɗa rundunar ESXi zuwa DVS kuma an sanya VM a cikin rukunin tashar jiragen ruwa (EPG).
Za a zazzage manufofin zuwa ga ganye lokacin da aka ƙara mai watsa shiri zuwa sauya VMM. Ana buƙatar sanya VM cikin ƙungiyar tashar jiragen ruwa (EPG). Ana buƙatar maƙwabtan CDP/LLDP daga mai masaukin baki zuwa ganye. Tare da duka nan take da kuma kan buƙata, idan mai gida da ganye sun rasa maƙwabcin LLDP/CDP an cire manufofin.

Lura

A cikin wuraren VMM na tushen OpFlex, wakili na OpFlex akan hypervisor yana ba da rahoton abin da aka makala VM/EP katin dubawar hanyar sadarwa (vNIC) zuwa EPG zuwa tsarin OpFlex na ganye.
Lokacin amfani da Gaggawar Ƙimar Ƙimar Buƙatu, EPG VLAN/VXLAN an tsara shi akan duk tashar tashar tashar tashar tashar jiragen ruwa, tashoshin tashar tashar tashar tashar jiragen ruwa, ko duka biyun lokacin da masu zuwa gaskiya ne:
- Ana haɗa hypervisors zuwa ganyaye akan tashar tashar jiragen ruwa ko tashar tashar tashar jiragen ruwa ta kama-da-wane da aka haɗe kai tsaye ko ta hanyar sauya ruwa.
- An haɗa VM ko misali vNIC zuwa EPG.
- Ana haɗe-haɗe-haɗe a matsayin wani yanki na yankin EPG ko VMM.
Wuraren VMM na tushen Opflex sune Microsoft Security Center Virtual Machine Manager (SCVMM) da HyperV, da Cisco Application Virtual Switch (AVS).

Gaggawar Turawa

Da zarar an sauke manufofin zuwa software na ganye, gaggawar turawa na iya ƙididdige lokacin da aka tura manufar zuwa cikin ƙwaƙwalwar ajiyar abun ciki mai magana da hardware (CAM).
Nan take: Yana ƙayyadad da cewa an tsara manufofin a cikin manufofin kayan masarufi CAM da zaran an zazzage manufar a cikin software na ganye.
Akan buƙata: Yana ƙayyadad da cewa an tsara manufofin a cikin manufofin kayan masarufi CAM kawai lokacin da aka karɓi fakitin farko ta hanyar bayanai. Wannan tsari yana taimakawa wajen haɓaka sararin kayan masarufi.

Lura

Lokacin da kuka yi amfani da gaggawar tura kayan aiki tare da MAC-pinned VPCs, ba a tura kwangilolin EPG zuwa ga ƙwaƙwalwar ajiyar abun ciki mai iya magana da leaf (TCAM) har sai an koyi ƙarshen ƙarshen farko a cikin EPG akan kowane ganye.
Wannan na iya haifar da rashin daidaituwa ta amfani da TCAM a tsakanin abokan VPC. (Yawanci, za a tura kwangilar zuwa ga takwarorinsu biyu.)

Sharuɗɗa don Share Domain VMM

Bi jerin abubuwan da ke ƙasa don tabbatar da cewa buƙatar APIC don share yankin VMM ta atomatik yana haifar da mai sarrafa VM mai alaƙa (na misali.ample VMware vCenter ko Microsoft SCVMM) don kammala aikin akai-akai kuma babu wani marayu EPGs da ke makale a cikin masana'antar ACI.

Dole ne mai gudanar da VM ya ware duk VMs daga ƙungiyoyin tashar jiragen ruwa (cikin yanayin VMware vCenter) ko cibiyoyin sadarwar VM (cikin yanayin SCVMM), wanda APIC ya ƙirƙira. A cikin yanayin Cisco AVS, mai kula da VM shima yana buƙatar share mu'amalar VMK mai alaƙa da Cisco AVS.
Mai gudanar da ACI yana share yankin VMM a cikin APIC. APIC yana haifar da gogewar VMware VDS Cisco AVS ko SCVMM ma'ana mai sauyawa da abubuwa masu alaƙa.

Lura

Kada mai gudanar da VM ya share canjin kama-da-wane ko abubuwa masu alaƙa (kamar ƙungiyoyin tashar jiragen ruwa ko hanyoyin sadarwar VM); ƙyale APIC ya fara haifar da sharewar canza kamala bayan kammala mataki na 2 a sama. EPGs na iya zama marayu a cikin APIC idan mai gudanar da VM ya goge canjin kama-da-wane daga mai sarrafa VM kafin a goge yankin VMM a cikin APIC. Idan ba a bi wannan jeri ba, mai sarrafa VM yana goge canjin kama-da-wane mai alaƙa da yankin APIC VMM. A cikin wannan yanayin, dole ne mai gudanar da VM ya cire ƙungiyoyin VM da vtep da hannu daga mai sarrafa VM, sannan kuma ya share maɓalli (es) na kama-da-wane a baya da ke da alaƙa da yankin APIC VMM.

NetFlow tare da Virtual Machine Networking

Game da NetFlow tare da Virtual Machine Networking

Fasahar NetFlow tana ba da tushen ƙididdiga don mahimman saiti na aikace-aikace, gami da lissafin zirga-zirgar hanyar sadarwa, lissafin tushen amfani da hanyar sadarwa, tsara tsarin hanyar sadarwa, gami da ƙin sa ido kan sabis, saka idanu na cibiyar sadarwa, tallan waje, da haƙar ma'adinan bayanai ga duka masu samar da sabis da abokan ciniki na kasuwanci.
Cisco yana ba da saitin aikace-aikacen NetFlow don tattara bayanan fitarwa na NetFlow, aiwatar da raguwar ƙarar bayanai, aiwatarwa bayan aiki, da samar da aikace-aikacen masu amfani da ƙarshen tare da sauƙin samun damar bayanan NetFlow.
Idan kun kunna NetFlow saka idanu akan zirga-zirgar zirga-zirgar da ke gudana ta cibiyoyin bayanan ku, wannan fasalin yana ba ku damar aiwatar da matakin sa ido iri ɗaya na zirga-zirgar da ke gudana ta masana'anta ta Cisco Application Centric Infrastructure (Cisco ACI).
Maimakon kayan aiki kai tsaye fitar da bayanan zuwa mai tarawa, ana sarrafa bayanan a cikin injin mai kulawa kuma ana fitar dasu zuwa daidaitattun masu tara NetFlow a tsarin da ake buƙata. Don ƙarin bayani game da NetFlow, duba Cisco APIC da labarin tushen ilimin NetFlow.

Game da Manufofin Masu fitarwa na NetFlow tare da Sadarwar Injin Kaya

Manufofin fitar da mai sarrafa injin kama-da-wane (netflowVmmExporterPol) yana bayyana bayanai game da bayanan da aka tattara don gudana wanda aka aika zuwa uwar garken rahoto ko mai karɓar NetFlow. Mai tarawa NetFlow wani abu ne na waje wanda ke goyan bayan daidaitaccen ka'idar NetFlow kuma yana karɓar fakiti masu alama tare da ingantattun masu kai na NetFlow.
Manufar mai fitarwa tana da kaddarorin masu zuwa:

VmmExporterPol.dstAddr-Wannan kadarar ta tilas ta ƙayyade adireshin IPv4 ko IPv6 na mai karɓar NetFlow wanda ke karɓar fakitin kwararar NetFlow. Wannan dole ne ya kasance a cikin tsarin masauki (wato, "/32" ko "/128"). Ana tallafawa adireshin IPv6 a cikin vSphere Distributed Switch (vDS) 6.0 da kuma daga baya.
VmmExporterPol.dstPort-Wannan kadarar ta tilas ta ƙayyade tashar tashar da aikace-aikacen mai karɓar NetFlow ke sauraro, wanda ke ba mai karɓar damar karɓar haɗin da ke shigowa.
VmmExporterPol.srcAddr-Wannan kadarar na zaɓi tana ƙayyadaddun adireshin IPv4 da aka yi amfani da shi azaman adireshin tushe a cikin fakitin kwararar NetFlow da aka fitar.

Taimakon NetFlow tare da Sauyawa Rarraba VMware vSphere

VMware vSphere Distributed Switch (VDS) yana goyan bayan NetFlow tare da fa'idodi masu zuwa:

Dole ne a iya samun mai karɓar waje ta hanyar ESX. ESX baya goyan bayan kwatance da turawa (VRFs).
Ƙungiyar tashar jiragen ruwa na iya kunna ko kashe NetFlow.
VDS baya goyan bayan tace matakan kwarara.

Sanya sigogin VDS masu zuwa a cikin VMware vCenter:

Adireshin IP mai tarawa da tashar jiragen ruwa. Ana goyan bayan IPV6 akan sigar VDS 6.0 ko kuma daga baya. Wadannan wajibi ne.
Adireshin IP na tushen. Wannan na zaɓi ne.
Lokacin ƙayyadaddun kwarara mai aiki, ƙayyadadden lokacin kwarara, da sampdarajar ling. Waɗannan na zaɓi ne.

Ƙirƙirar Manufofin Masu Fitar da Fayil na NetFlow don Sadarwar VM Ta Amfani da GUI
Hanya mai zuwa tana daidaita manufofin fitar da NetFlow don sadarwar VM.

Tsari

Mataki 1 A cikin mashaya menu, zaɓi Fabric> Dokokin shiga.
Mataki 2 A cikin maɓallin kewayawa, faɗaɗa Manufofin> Interface> NetFlow.
Mataki 3 Danna-dama Masu fitarwa na NetFlow don Sadarwar VM kuma zaɓi Ƙirƙiri Mai fitarwa na NetFlow don Sadarwar VM.
Mataki 4 A cikin Akwatin Tattaunawar Sadarwar NetFlow don VM Networking, cika filayen kamar yadda ake buƙata.
Mataki 5 Danna Submit.

Amfani da Manufar Mai Fitar da Fayil na NetFlow Karkashin Domain VMM Amfani da GUI

Hanya mai zuwa tana cinye manufofin fitar da NetFlow a ƙarƙashin yankin VMM ta amfani da GUI.

Tsari

Mataki na 1 A cikin mashaya menu, zaɓi Virtual Networking> Inventory.
Mataki na 2 A cikin kewayon kewayawa, faɗaɗa babban fayil ɗin VMMDomains, danna-dama VMware, kuma zaɓi Ƙirƙiri Domain Center.
Mataki na 3 A cikin akwatin maganganu Ƙirƙiri vCenter Domain, cika filayen kamar yadda ake buƙata, sai dai kamar yadda aka ƙayyade:
- a) A cikin jerin zaɓuka na Policy Exporter na NetFlow, zaɓi manufofin fitarwa da ake so ko ƙirƙirar sabo.
- b) A cikin Filin Lokacin Kashe Guda Active, shigar da lokacin tafiyar da ake so, a cikin daƙiƙa. Active Flow Timeout siga yana ƙayyade jinkirin da NetFlow ke jira bayan an fara gudana mai aiki, bayan haka NetFlow yana aika bayanan da aka tattara. Matsakaicin ya kasance daga 60 zuwa 3600. Matsakaicin ƙima shine 60.
- c) A cikin Filin Lokacin Kashe Rago, shigar da lokacin da ake so mara amfani, a cikin daƙiƙa. Ma'auni na Rage Flow Timeout yana ƙayyadaddun jinkirin da NetFlow ke jira bayan an fara gudana mara amfani, bayan haka NetFlow yana aika bayanan da aka tattara. Matsakaicin yana daga 10 zuwa 300. Matsakaicin ƙimar 15.
- d) (VDS kawai) A cikin Sampfilin Rate, shigar da s da ake soampdarajar ling. A Sampling Rate siga yana ƙayyade fakiti nawa NetFlow zai ragu bayan kowace fakiti da aka tattara. Idan ka ƙididdige ƙimar 0, to NetFlow baya sauke kowane fakiti. Matsakaicin ya kasance daga 0 zuwa 1000. Matsakaicin ƙima shine 0.
Mataki na 4 Danna Submit.

Bayar da NetFlow akan Ƙungiya ta Ƙarshe zuwa Ƙungiyar Yanki na VMM Amfani da GUI

Hanya mai zuwa tana ba da damar NetFlow akan rukunin ƙarshen zuwa ƙungiyar yanki na VMM.
Kafin ka fara
Dole ne ku tsara waɗannan abubuwan:

Aikace-aikacen profile
Ƙungiyar ƙarshen aikace-aikacen

Tsari

Mataki 1 A kan mashaya menu, zaɓi Masu haya > Duk Masu haya.
Mataki 2 A cikin babban aikin, danna sunan mai haya sau biyu.
Mataki 3 A cikin sashin kewayawa na hagu, faɗaɗa tenant_name> Aikace-aikacen Profiles > application_profile_name> Aikace-aikacen EPGs> aikace-aikacen_EPG_name
Mataki 4 Danna Dama-Domains (VMs da Bare-Metals) kuma zaɓi Ƙara Ƙungiyar Yanki na VMM.
Mataki 5 A cikin akwatin maganganu na Ƙara VMM Domain Association, cika filayen kamar yadda ake buƙata; duk da haka, a cikin yankin NetFlow, zaɓi Enable.
Mataki 6 Danna Submit.

Shirya matsala Haɗin VMM

Hanya mai zuwa tana warware matsalolin haɗin kai VMM:

Tsari

Mataki na 1 Ƙaddamar da sake daidaita ƙididdiga a kan Mai Kula da Kayayyakin Kayan Aiki (APIC). Don ƙarin bayani game da yadda ake haifar da sake daidaitawa a kan APIC, duba labarin tushe mai zuwa:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_VMM_OnDemand_Inventory_in_APIC.html.
Mataki na 2 Idan mataki na 1 bai gyara batun ba, don EPGs da abin ya shafa, saita ƙuduri nan da nan don amfani da preprovisioning a cikin yankin VMM. "Pre-Provision" yana kawar da buƙatar maƙwabcin maƙwabta ko izini na OpFlex kuma daga baya yanayin yanayin VMM Domain VLAN Programming. Don ƙarin bayani game da nau'ikan Ƙaddamar Ƙimar Gaggawa, duba wannan Matakin Manufofin EPG mai zuwa da Sashen Gaggawar Aiwatarwa:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals_chapter_01011.html#concept_EF87ADDAD4EF47BDA741EC6EFDAECBBD.
Mataki na 3 Idan matakan 1 da 2 ba su gyara batun ba kuma kuna ganin batun akan duk VMs, to share manufofin mai sarrafa VM kuma karanta manufofin.
Lura Share manufofin mai sarrafawa yana tasiri zirga-zirga ga duk VM da ke kan wannan mai sarrafa. Cisco ACI Virtual Machine Networking.

Takardu / Albarkatu

CISCO ACI Virtual Machine Networking [pdf] Jagorar mai amfani
ACI Virtual Machine Networking, ACI, Virtual Machine Networking, Machine Networking, Networking

Magana

Manual mai amfani

CISCO ACI Virtual Machine Networking

Bayanin samfur

Umarnin Amfani da samfur

Tallafin Sadarwar Sadarwa

Taswirar Cisco ACI da VMware Gina-gine

VMM Domain EPG Association

Game da Trunk Port Group

Haɗe-haɗe Profile

Gaggawar Turawa

NetFlow tare da Virtual Machine Networking

Takardu / Albarkatu

Magana

Bar sharhi

Soke amsa