CISCO ACI Virtual Machine Networking User Guide

Zamkatimu kubisa

1 CISCO ACI Virtual Machine Networking

2 Zambiri Zamalonda

3 Malangizo Ogwiritsira Ntchito Zogulitsa

4 Thandizo la Networking

5 Mapu a Cisco ACI ndi VMware Constructs

6 VMM Domain EPG Association

7 Zambiri za Trunk Port Group

8 Attachable Entity Profile

9 Kutumiza Mwachangu

10 NetFlow yokhala ndi Virtual Machine Networking

11 Zolemba / Zothandizira

11.1 Maumboni

CISCO ACI Virtual Machine Networking

Zambiri Zamalonda

Zofotokozera:
- Zogulitsa Zothandizira ndi Ogulitsa: Cisco ACI imathandizira oyang'anira makina (VMMs) kuchokera kuzinthu zosiyanasiyana ndi ogulitsa. Onani Cisco ACI Virtualization Compatibility Matrix pamndandanda waposachedwa kwambiri wazogulitsa zotsimikizika.

Malangizo Ogwiritsira Ntchito Zogulitsa

Kupanga Mapu a Cisco ACI ndi VMware: Cisco Application Centric Infrastructure (ACI) ndi VMware amagwiritsa ntchito mawu osiyanasiyana pofotokoza zomanga zomwezo. Gome lotsatirali limapereka mapu a Cisco ACI ndi VMware terminology yogwirizana ndi VMware vSphere Distributed Switch (VDS).

Cisco ACI Terms	Migwirizano ya VMware
Endpoint Group (EPG)	Portgroup, portgroup
LACP Active	LACP Passive
Kusindikiza kwa MAC	MAC Pinning-Physical-NIC-Load
Static Channel - Mode ON	Virtual Machine Manager (VMM) domain VDS
Woyang'anira VM	vCenter (Datacenter)

Virtual Machine Manager Domain Main Components:
- Madomeni a ACI fabric virtual machine manager (VMM) amalola oyang'anira kuti azikonza mfundo zolumikizirana zowongolera makina. Zigawo zazikulu za ndondomeko ya ACI VMM ikuphatikiza:
- Virtual Machine Manager (VMM) domain
- Woyang'anira VM
- vCenter (Datacenter)
- Zindikirani: Dongosolo limodzi la VMM litha kukhala ndi zowongolera zingapo za VM, koma ziyenera kukhala zochokera kwa ogulitsa omwewo (mwachitsanzo, VMware kapena Microsoft).
Ma Domeni Oyang'anira Makina Owona:
- APIC VMM domain profile ndi ndondomeko yomwe imatanthawuza dera la VMM. Dongosolo la domain la VMM limapangidwa mu APIC ndikukankhira muzosintha zamasamba. Madera a VMM amapereka zotsatirazi:
VMM Domain VLAN Pool Association
- Maiwe a VLAN akuyimira midadada ya zozindikiritsa za magalimoto a VLAN. Dziwe la VLAN ndi chida chogawana ndipo chitha kugwiritsidwa ntchito ndi madambwe angapo monga madera a VMM ndi Layer 4 to Layer 7 services.
- Dera la VMM litha kulumikizidwa ndi dziwe limodzi lokha la VLAN.
- Mwachikhazikitso, zozindikiritsa za VLAN zimaperekedwa ku EPGs zolumikizidwa ndi madera a VMM ndi Cisco APIC.
- Komabe, olamulira atha kugawira chizindikiritso cha VLAN ku gulu lakumapeto (EPG) m'malo mwake.
- Zikatero, zozindikiritsa zomwe zimagwiritsidwa ntchito ziyenera kusankhidwa kuchokera ku midadada ya encapsulation mu dziwe la VLAN lomwe limagwirizanitsidwa ndi dera la VMM, ndipo mtundu wawo wagawidwe uyenera kusinthidwa kukhala static.
- Cisco APIC imapereka VMM domain VLAN pamadoko atsamba kutengera zochitika za EPG, mwina zomangirira pamadoko amasamba kapena kutengera zochitika za VM kuchokera kwa olamulira ngati VMware vCenter kapena Microsoft SCVMM.
- Zindikirani: M'mayiwe amphamvu a VLAN, ngati VLAN itasiyanitsidwa ndi EPG, imalumikizananso ndi EPG pakatha mphindi zisanu.
- Dynamic VLAN association si gawo la kasinthidwe kachitidwe, kutanthauza kuti ngati EPG kapena wobwereka adachotsedwa poyamba ndikubwezeretsedwa kuchokera ku zosunga zobwezeretsera, VLAN yatsopano idzaperekedwa yokha kuchokera kumadziwe amphamvu a VLAN.

FAQ:
- Q: Ndi malonda ndi ogulitsa ati omwe amathandizidwa ndi Cisco ACI?
- A: Cisco ACI imathandizira oyang'anira makina (VMMs) kuchokera kuzinthu zosiyanasiyana ndi ogulitsa. Chonde onani Cisco ACI Virtualization Compatibility Matrix pamndandanda waposachedwa kwambiri wazogulitsa zotsimikizika.
- Q: Kodi ndingagawire chizindikiritso cha VLAN ku EPG m'malo mochigawa mwachisawawa?
- A: Inde, mutha kugawa chizindikiritso cha VLAN ku gulu lomaliza (EPG) lolumikizidwa ndi dera la VMM. Komabe, chozindikiritsacho chiyenera kusankhidwa kuchokera ku midadada ya encapsulation mu dziwe la VLAN lomwe limagwirizanitsidwa ndi dera la VMM, ndipo mtundu wagawidwe uyenera kusinthidwa kukhala static.
- Q: Kodi chimachitika ndi chiyani ngati VLAN itasiyanitsidwa ndi EPG mu dziwe lamphamvu la VLAN?
- A: Ngati VLAN itasiyanitsidwa ndi EPG mu dziwe lamphamvu la VLAN, imangolumikizana ndi EPG pakatha mphindi zisanu.
- Q: Kodi dynamic VLAN association ndi gawo la kasinthidwe kachitidwe?
- A: Ayi, mayanjano amphamvu a VLAN si gawo lakusintha kosinthika. Ngati EPG kapena wobwereketsa adachotsedwa koyambirira ndikubwezeretsedwa kuchokera ku zosunga zobwezeretsera, VLAN yatsopano idzaperekedwa yokha kuchokera kumadzi amphamvu a VLAN.

Mutuwu uli ndi zigawo zotsatirazi:

• Cisco ACI VM Networking Support for Virtual Machine Managers, patsamba 1
• Kupanga Mapu a Cisco ACI ndi VMware Constructs, patsamba 2
• Virtual Machine Manager Domain Main Components, patsamba 3
• Virtual Machine Manager Domains, patsamba 4
• VMM Domain VLAN Pool Association, patsamba 4
• VMM Domain EPG Association, patsamba 5
• About Trunk Port Group, patsamba 7
• Attachable Entity Profile, patsamba 8
• EPG Policy Resolution and Deployment Immediacy, patsamba 9
• Malangizo Ochotsa Ma Domain a VMM, patsamba 10
• NetFlow with Virtual Machine Networking, patsamba 11
• Kuthetsa Kulumikizana kwa VMM, patsamba 13

Thandizo la Networking

Cisco ACI VM Networking Support kwa Virtual Machine Managers

Ubwino wa ACI VM Networking

Cisco Application Centric Infrastructure (ACI) virtual machine (VM) networking imathandizira ma hypervisors kuchokera kwa ogulitsa angapo.
Amapereka mwayi wokhazikika wa hypervisor komanso wodziwikiratu wopezeka pazida zapamwamba zowoneka bwino za data center.
Programmability ndi automation ndi zinthu zofunika kwambiri pa scalable data center virtualization infrastructure.
Cisco ACI yotsegula REST API imathandizira makina ophatikizika ndi kuwongolera kwa nsalu ya Cisco ACI yotengera mfundo.
Ma network a Cisco ACI VM amathandizira kutsatiridwa kwa mfundo mosalekeza pazantchito zonse zomwe zimayendetsedwa ndi ma hypervisors kuchokera kwa ogulitsa angapo.
Attachable entity profiles imathandizira mosavuta kuyenda kwa VM ndikuyika zolemetsa kulikonse pansalu ya Cisco ACI.
Cisco Application Policy Infrastructure Controller (APIC) imapereka kuthetseratu mavuto apakati, chiwerengero cha thanzi la mapulogalamu, ndi kuyang'anitsitsa.
Cisco ACI Mipikisano hypervisor VM automation amachepetsa kapena kuthetsa kasinthidwe pamanja ndi zolakwa pamanja. Izi zimathandiza kuti malo opangira deta azitha kuthandizira ma VM ambiri modalirika komanso mopanda mtengo.

Zothandizira ndi Ogulitsa

Cisco ACI imathandizira oyang'anira makina (VMMs) kuchokera pazotsatira ndi mavenda:
Cisco Unified Computing System Manager (UCSM)
Kuphatikiza kwa Cisco UCSM imathandizidwa kuyambira ku Cisco Cisco APIC Release 4.1(1). Kuti mudziwe zambiri, onani mutu wakuti “Cisco ACI with Cisco UCSM Integration in the Cisco ACI Virtualization Guide, Release 4.1(1).

Cisco Application Centric Infrastructure (ACI) Virtual Pod (iPod)

Cisco ACI vPod ikupezeka paliponse kuyambira ku Cisco APIC Release 4.0(2). Kuti mudziwe zambiri, onani zolemba za Cisco ACI vPod pa Cisco.com.

Cloud Foundry

Kuphatikiza kwa Cloud Foundry ndi Cisco ACI kumathandizidwa kuyambira ndi Cisco APIC Release 3.1(2). Kuti mudziwe zambiri, onani nkhani yoyambira, Cisco ACI ndi Cloud Found Integration on Cisco.com.

Kubernetes

Kuti mudziwe zambiri, onani nkhani yoyambira, Cisco ACI ndi Kubernetes Integration on Cisco.com.

Microsoft System Center Virtual Machine Manager (SCVMM)

Kuti mudziwe zambiri, onani mitu yakuti “Cisco ACI with Microsoft SCVMM” ndi “Cisco ACI with Microsoft Windows Azure Pack” mu Cisco ACI Virtualization Guide on Cisco.com.

OpenShift

Kuti mudziwe zambiri, onani Zolemba za OpenShift. pa Cisco.com.

OpenStack

Kuti mudziwe zambiri, onani Zolemba za OpenStack on Cisco.com.

Red Hat Virtualization (RHV)

Kuti mudziwe zambiri, onani nkhani yoyambira, Cisco ACI ndi Red Hat Integration. pa Cisco.com.

VMware Virtual Distributed Switch (VDS)

Kuti mudziwe zambiri, onani mutu wakuti "Cisco "ACI with VMware VDS Integration" mu Cisco ACI Virtualization Guide.
Onani Cisco ACI Virtualization Compatibility Matrix. pamndandanda waposachedwa kwambiri wazinthu zotsimikizika zogwirizanirana.

Mapu a Cisco ACI ndi VMware Constructs

Cisco Application Centric Infrastructure (ACI) ndi VMware amagwiritsa ntchito mawu osiyanasiyana pofotokoza zomanga zomwezo. Gawoli limapereka tebulo la mapu a Cisco ACI ndi mawu a VMware; zambiri ndizogwirizana ndi VMware vSphere Distributed Switch (VDS).

Cisco ACI Terms	VMware Terms
Endpoint Group (EPG)	Portgroup, portgroup

Cisco ACI Terms	VMware Terms
LACP Active	• Njira yotengera IP hash (downlink port group) • LACP Yayatsidwa/Yogwira (gulu la uplink port)
LACP Passive	• Njira yotengera IP hash (downlink port group) • LACP Yayatsidwa/Yogwira (gulu la uplink port)
Kusindikiza kwa MAC	• Njira yotengera poyambira • LACP Yoyimitsidwa
MAC Pinning-Physical-NIC-Load	• Njira yotengera kuchuluka kwa NIC • LACP Yoyimitsidwa
Static Channel - Mode ON	• Njira yotengera IP Hash (gulu lolumikizira doko) • LACP Yoyimitsidwa
Virtual Machine Manager (VMM) domain	VDS
Woyang'anira VM	vCenter (Datacenter)

Virtual Machine Manager Domain Main Components

Madomeni a ACI fabric virtual machine manager (VMM) amathandizira woyang'anira kukonza mfundo zolumikizirana zowongolera makina. Zomwe zili zofunika pa ndondomeko ya ACI VMM ikuphatikiza izi:

Virtual Machine Manager Domain Profile—Magulu olamulira a VM omwe ali ndi mfundo zofananira zamaukonde. Za example, olamulira a VM amatha kugawana madamu a VLAN ndi magulu omaliza a mapulogalamu (EPGs). APIC imalumikizana ndi woyang'anira kuti asindikize masinthidwe a maukonde monga magulu a doko omwe amagwiritsidwa ntchito pazantchito zenizeni. VMM domain profile zili ndi zigawo zofunika izi:
Chidziwitso-Amayanjanitsa zovomerezeka za wolamulira wa VM ndi domeni ya APIC VMM.
Mtsogoleri-Imatchulanso momwe mungalumikizire ndi wowongolera wa VM yemwe ali gawo lachitetezo cha mfundo.

Za example, wowongolera amatchula kulumikizana kwa VMware vCenter yomwe ili gawo la VMM domain.

Zindikirani

Dongosolo limodzi la VMM litha kukhala ndi zowongolera zingapo za VM, koma ziyenera kukhala zochokera kwa ogulitsa omwewo (mwachitsanzoample, kuchokera ku VMware kapena kuchokera ku Microsoft.

EPG Association-Magulu a Endpoint amawongolera kulumikizana ndi kuwonekera pakati pa malekezero mkati mwa dongosolo la VMM domain. Ma EPG a VMM domain amachita motere: APIC imakankhira ma EPG awa ngati magulu a doko kukhala wowongolera wa VM. EPG imatha kupitilira madera angapo a VMM, ndipo dera la VMM litha kukhala ndi ma EPG angapo.
Attachable Entity Profile Association-Amayanjanitsa dera la VMM ndi ma network network. Wothandizira wothandizirafile (AEP) ndi template yolumikizira netiweki yomwe imathandizira kuyika malamulo owongolera a VM pagulu lalikulu la madoko osinthira masamba. AEP imatchula masiwichi ndi madoko omwe alipo, komanso momwe amasankhidwira.
VLANPool Association—A Phulu la VLAN limatchula ma ID a VLAN kapena milingo yomwe imagwiritsidwa ntchito polemba za VLAN zomwe dera la VMM limagwiritsa ntchito.

Virtual Machine Manager Domains

APIC VMM domain profile ndi ndondomeko yomwe imatanthawuza dera la VMM. Dongosolo la domain la VMM limapangidwa mu APIC ndikukankhira muzosintha zamasamba.

Madera a VMM amapereka zotsatirazi:

Wosanjikiza wamba munsalu ya ACI yomwe imathandizira kuthandizira kosalekeza kosalekeza pamapulatifomu angapo owongolera a VM.
Thandizo la VMM kwa obwereka angapo mkati mwa nsalu ya ACI. Madomeni a VMM ali ndi olamulira a VM monga VMware vCenter kapena Microsoft SCVMM Manager ndi zidziwitso zomwe zimafunikira kuti ACI API ilumikizane ndi wowongolera wa VM.
Dongosolo la VMM limathandizira VMmobility mkati mwa madambwe koma osati madomeni.

Domain imodzi ya VMM imatha kukhala ndi zowongolera zingapo za VM koma ziyenera kukhala zamtundu womwewo.
Za example, dera la VMM litha kukhala ndi ma VMware vCenters ambiri omwe amawongolera olamulira angapo omwe ali ndi ma VM angapo koma mwina asakhalenso ndi SCVMM Managers.
Zowongolera zowongolera zida za VMM (monga ma pNIC, ma vNIC, mayina a VM, ndi zina zotero) ndikukankhira mfundo mwa owongolera, kupanga magulu adoko, ndi zinthu zina zofunika.

Dera la ACI VMM limamvera zochitika zowongolera monga kuyenda kwa VM ndikuyankha moyenerera.

VMM Domain VLAN Pool Association

Maiwe a VLAN akuyimira midadada ya zozindikiritsa za magalimoto a VLAN. Dziwe la VLAN ndi chida chogawana ndipo chitha kugwiritsidwa ntchito ndi madambwe angapo monga madera a VMM ndi Layer 4 to Layer 7 services.

Dziwe lirilonse liri ndi mtundu wagawidwe (static kapena dynamic), omwe amatanthauzidwa panthawi yomwe adalengedwa.
Mtundu wogawika umatsimikizira ngati zizindikiritso zomwe zili mmenemo zidzagwiritsidwa ntchito pongoperekedwa ndi Cisco APIC (dynamic) kapena kukhazikitsidwa momveka bwino ndi woyang'anira (static).
Mwachikhazikitso, midadada yonse yomwe ili mkati mwa dziwe la VLAN ili ndi mtundu wofanana ndi dziwe koma ogwiritsa ntchito amatha kusintha mtundu wa magawano a ma encapsulation blocks omwe ali mu maiwe osunthika kukhala osasunthika. Kuchita izi kumawapatula kugawo lamphamvu.

Dera la VMM litha kulumikizidwa ndi dziwe limodzi lokha la VLAN.
Mwachikhazikitso, kugawa kwa zozindikiritsa za VLAN ku ma EPG omwe amalumikizidwa ndi madera a VMM kumachitika mwamphamvu ndi Cisco APIC.
Ngakhale kugawika kwamphamvu ndikokhazikika komanso kokondedwa, woyang'anira atha kupatsa chozindikiritsa cha VLAN ku gulu lomaliza (EPG) m'malo mwake.

Zikatero, zozindikiritsa zomwe zimagwiritsidwa ntchito ziyenera kusankhidwa kuchokera ku midadada ya encapsulation mu dziwe la VLAN lomwe limagwirizanitsidwa ndi dera la VMM, ndipo mtundu wawo wagawidwe uyenera kusinthidwa kukhala static.
Cisco APIC imapereka VMM domain VLAN pamadoko amasamba kutengera zochitika za EPG, mwina zomangirira pamadoko amasamba kapena kutengera zochitika za VM kuchokera kwa olamulira monga VMware vCenter kapena Microsoft SCVMM.

Zindikirani

M'mayiwe amphamvu a VLAN, ngati VLAN itasiyanitsidwa ndi EPG, imalumikizidwanso ndi EPG mumphindi zisanu.

Zindikirani

Dynamic VLAN association si gawo la kasinthidwe kachitidwe, ndiye kuti, ngati EPG kapena wobwereka atachotsedwa poyamba ndikubwezeretsedwa kuchokera ku zosunga zobwezeretsera, VLAN yatsopano imaperekedwa yokha kuchokera kumadzi amphamvu a VLAN.

VMM Domain EPG Association

Nsalu ya Cisco Application Centric Infrastructure (ACI) imagwirizanitsa ntchito zalendifile endpoint groups (EPGs) to virtual machine manager (VMM) madambwe, The Cisco ACI imachita izi mwina ndi gawo la orchestration monga Microsoft Azure, kapena ndi woyang'anira Cisco Application Policy Infrastructure Controller (APIC) kupanga masinthidwe otero. EPG imatha kupitilira madera angapo a VMM, ndipo dera la VMM litha kukhala ndi ma EPG angapo.

M'fanizo lapitalo, ma endpoints (EPs) amtundu womwewo ndi gawo la EPG yomweyo. Za example, ma EP onse obiriwira ali mu EPG yomweyo ngakhale ali m'magawo awiri osiyana a VMM. Onani Verified Scalability Guide yaposachedwa kwambiri ya Cisco ACI ya netiweki yeniyeni ndi chidziwitso cha kuchuluka kwa VMM domain EPG.

Zindikirani

Madera angapo a VMM amatha kulumikizana ndikusintha masamba komweko ngati alibe maiwe a VLAN odutsa padoko lomwelo.

Momwemonso, mutha kugwiritsa ntchito maiwe a VLAN omwewo kudutsa madambwe osiyanasiyana ngati sagwiritsa ntchito doko lomwelo lakusintha kwamasamba.

Ma EPG amatha kugwiritsa ntchito madambwe angapo a VMM motere:

EPG mkati mwa dera la VMM imadziwika pogwiritsa ntchito chizindikiritso cha encapsulation. Cisco APIC imatha kuyang'anira chizindikiritso chodziwikiratu, kapena woyang'anira akhoza kuchisankha mokhazikika. Exampndi VLAN, Virtual Network ID (VNID).

EPG ikhoza kujambulidwa kuzinthu zingapo (za ma seva opanda zitsulo) kapena madera enieni. Itha kugwiritsa ntchito ma encapsulations osiyanasiyana a VLAN kapena VNID mumtundu uliwonse.

Zindikirani

Mwachikhazikitso, Cisco APIC imayendetsa bwino kugawa kwa VLAN kwa EPG.

Olamulira a VMware DVS ali ndi mwayi wosankha VLAN yeniyeni ya EPG.
Zikatero, VLAN imasankhidwa kuchokera pagawo lokhazikika lomwe lili mkati mwa dziwe lomwe limalumikizidwa ndi dera la VMM.
Mapulogalamu atha kutumizidwa kumadera onse a VMM.

Ngakhale kusamuka kwamoyo kwa ma VM mkati mwa dera la VMM kumathandizidwa, kusamuka kwamoyo kwa ma VM kudutsa madomeni a VMM sikuthandizidwa.

Zindikirani

Mukasintha VRF pabwalo lamilatho lomwe limalumikizidwa ndi EPG yokhala ndi dera la VMM, gulu la doko limachotsedwa ndikuwonjezedwanso pa vCenter.

Izi zimapangitsa kuti EPG isagwiritsidwe ntchito kudera la VMM. Izi zimayembekezeredwa khalidwe.

Zambiri za Trunk Port Group

Mumagwiritsa ntchito gulu la doko la trunk port kuti muphatikize kuchuluka kwa magalimoto amagulu omaliza (EPGs) a madera a VMware virtual machine manager (VMM).
Mosiyana ndi magulu amtundu wamba, omwe amakonzedwa pansi pa tabu ya Tenants mu Cisco Application Policy Infrastructure Controller (APIC) GUI, magulu amtundu wa doko amakonzedwa pansi pa VM Networking tabu.

Magulu a madoko okhazikika amatsata mtundu wa T|A|E wa mayina a EPG.
Kuphatikizika kwa ma EPG pansi pa domain lomwelo kumatengera mtundu wa VLAN, womwe umatchulidwa ngati midadada yotsekera yomwe ili mugulu la doko la thunthu.
Nthawi zonse pamene encapsulation ya EPG isinthidwa kapena chipika cha encapsulation cha trunk port group chisinthidwa, kuphatikizikako kumawunikidwanso kuti muwone ngati EGP iyenera kuphatikizidwa.

Gulu la doko la trunk port limayang'anira kutumizidwa kwa masamba kwa zida zamanetiweki, monga ma VLAN, omwe amaperekedwa ku ma EPG akuphatikizidwa.
Ma EPG akuphatikiza ma EPG oyambira ndi ma microsegmented (uSeg) EPGs. Pankhani ya wogwiritsa ntchito EPG, ma VLAN a gulu la doko la thunthu amafunikira kuphatikiza ma VLAN oyambira ndi achiwiri.

Kuti mudziwe zambiri, onani njira zotsatirazi:

Attachable Entity Profile

Nsalu ya ACI imapereka malo olumikizira angapo omwe amalumikizana kudzera pamadoko atsamba kupita kuzinthu zosiyanasiyana zakunja monga ma seva opanda zitsulo, makina ophatikizira makina, ma switch a Layer 2 (kwa ex.ample, cholumikizira cha nsalu cha Cisco UCS), kapena ma router 3 (mwachitsanzoample Cisco Nexus 7000 Series masiwichi). Malo ophatikizika awa amatha kukhala madoko akuthupi, madoko a FEX, ma doko, kapena njira yolumikizira (vPC) pama switch atsamba.

Zindikirani

Mukapanga dera la VPC pakati pa masiwichi awiri amasamba, masinthidwe onse awiri ayenera kukhala mum'badwo womwewo wosinthira, chimodzi mwa izi:

M'badwo 1 - Cisco Nexus N9K masinthidwe opanda "EX" kapena "FX" kumapeto kwa dzina losinthira; za exampndi, N9K-9312TX
M'badwo 2 - Cisco Nexus N9K imasintha ndi "EX" kapena "FX" kumapeto kwa dzina lachitsanzo; za example, N9K-93108TC-EX

Zosintha monga ziwirizi sizigwirizana ndi anzawo a VPC. M'malo mwake, gwiritsani ntchito masiwichi amtundu womwewo. An Attachable Entity Profile (AEP) ikuyimira gulu la mabungwe akunja omwe ali ndi zofunikira zofanana za ndondomeko ya zomangamanga. Mfundo za zomangamanga zimakhala ndi ndondomeko za mawonekedwe a thupi zomwe zimakonza njira zosiyanasiyana za protocol, monga Cisco Discovery Protocol (CDP), Link Layer Discovery Protocol (LLDP), kapena Link Aggregation Control Protocol (LACP) An AEP ikuyenera kuyika ma VLAN pools pa zosinthira masamba. . Ma encapsulation blocks (ndi ma VLAN ogwirizana) amatha kugwiritsidwanso ntchito pamasamba. AEP imapereka kuchuluka kwa dziwe la VLAN kuzinthu zachilengedwe. Zofunikira ndi zodalira za AEP zotsatirazi ziyenera kuwerengedwa pazosintha zosiyanasiyana, kuphatikiza kulumikizidwa kwa netiweki, madera a VMM, ndi masinthidwe amitundu yambiri:

AEP imatanthawuza kuchuluka kwa VLANS zololedwa koma sizipereka. Palibe magalimoto oyenda pokhapokha EPG itayikidwa padoko. Popanda kufotokozera dziwe la VLAN mu AEP, VLAN siyiloledwa pa doko lamasamba ngakhale EPG itaperekedwa.
VLAN inayake imaperekedwa kapena kuthandizidwa pa doko lamasamba lomwe limakhazikitsidwa ndi zochitika za EPG zomwe zimamangiriza pa doko lamasamba kapena kutengera zochitika za VM kuchokera kwa oyang'anira akunja monga VMware vCenter kapena Microsoft Azure Service Center Virtual Machine Manager (SCVMM).
Zophatikizidwa ndi profiles zitha kulumikizidwa mwachindunji ndi ma EPG ogwiritsira ntchito, omwe amatumiza ma EPG ogwirizana nawo kumadoko onse omwe amalumikizidwa ndi pro.file. AEP ili ndi ntchito yosinthika yosinthika (infraGeneric), yomwe ili ndi mgwirizano ndi EPG (infraRsFuncToEpg) yomwe imayikidwa pamawonekedwe onse omwe ali gawo la zosankhidwa zomwe zimagwirizana ndi cholumikizira cholumikizira.file.

Domeni yoyang'anira makina owoneka bwino (VMM) imangotengera mfundo za mawonekedwe akuthupi kuchokera kumagulu a mfundo za mawonekedwe a AEP.
Ndondomeko yowonjezera pa AEP ingagwiritsidwe ntchito kufotokoza ndondomeko yosiyana ya mawonekedwe amtundu wa VMM. Ndondomekoyi ndi yothandiza pazochitika zomwe chowongolera cha VM chimalumikizidwa ndi kusintha kwamasamba kudzera pagawo lapakati la Gawo 2, ndipo mfundo ina imafunidwa pakusintha kwamasamba ndi madoko amtundu wa VM. Za example, mutha kukonza LACP pakati pa tsamba losinthira ndi gawo la Layer 2. Nthawi yomweyo, mutha kuletsa LACP pakati pa chowongolera cha VM ndi chosinthira cha Layer 2 poletsa LACP pansi pa mfundo za AEP.

Kutumiza Mwachangu

EPG Policy Resolution and Deployment Immediacy

Nthawi zonse gulu la endpoint (EPG) limagwirizana ndi domain manager (VMM), woyang'anira akhoza kusankha chisankho ndi zokonda zotumizira kuti afotokoze nthawi yomwe mfundo iyenera kukankhidwa muzosintha zamasamba.

Resolution Immediacy

Kukonzekeratu: Zimatanthawuza kuti ndondomeko (mwachitsanzoample, VLAN, VXLAN kumanga, makontrakitala, kapena zosefera) zimatsitsidwa ku switch yamasamba ngakhale wolamulira wa VM asanamangiridwe ku switch yowonera (kwa ex.ample, VMware vSphere Distributed Switch (VDS). Izi zimakonzeratu kasinthidwe pa switch.

Izi zimathandiza momwe magalimoto oyendetsera olamulira a hypervisors/VM akugwiritsanso ntchito kusintha kogwirizana ndi Cisco Application Policy Infrastructure Controller (APIC) VMM domain (VMM switch).
Kutumiza mfundo za VMM monga VLAN pa switch ya tsamba ya Cisco Application Centric Infrastructure (ACI) kumafuna Cisco APIC kutolera zambiri za CDP/LLDP kuchokera ku ma hypervisors onse kudzera pa VM controller ndi Cisco ACI leaf switch. Komabe, ngati wolamulira wa VM akuyenera kugwiritsa ntchito ndondomeko yomweyo ya VMM (kusintha kwa VMM) kuti alankhule ndi hypervisors kapena Cisco APIC, chidziwitso cha CDP/LLDP cha hypervisors sichingasonkhanitsidwe chifukwa ndondomeko yomwe ikufunika kwa VM controller/hypervisor. magalimoto oyang'anira sanatumizidwe panobe.
Mukamagwiritsa ntchito pre-preservation immediacy, mfundoyi imatsitsidwa ku Cisco ACI leaf switch mosasamala kanthu

CDP/LLDP moyandikana. Ngakhale opanda hypervisor host host yomwe imalumikizidwa ndi VMM switch.
Pompopompo: Imatchula kuti mfundo za EPG (kuphatikiza makontrakitala ndi zosefera) zimatsitsidwa ku pulogalamu yosinthira tsamba yomwe imalumikizidwa ndi ESXi ku DVS. Zilolezo za LLDP kapena OpFlex zimagwiritsidwa ntchito kuthetsa wowongolera wa VM kuti agwirizane ndi masamba.
Ndondomekoyi idzatsitsidwa ku Leaf mukawonjezera wolandila ku VMM switch. CDP/LLDP yoyandikana nayo kuchokera kutsamba kupita ku tsamba ndiyofunika.

Zomwe zikufunidwa: Zimatanthawuza kuti ndondomeko (mwachitsanzoample, VLAN, VXLAN bindings, contracts, or filters) amakankhidwira ku tsamba la tsamba pokhapokha ngati wolandira ESXi alumikizidwa ku DVS ndipo VM imayikidwa mu gulu la doko (EPG).
Ndondomekoyi idzatsitsidwa patsamba pamene wolandirayo awonjezeredwa ku VMM switch. VM iyenera kuyikidwa mu gulu la doko (EPG). CDP/LLDP yoyandikana nayo kuchokera kutsamba kupita ku tsamba ndiyofunika. Pokhapokha komanso pakufunidwa, ngati wolandirayo ndi tsamba atataya LLDP/CDP moyandikana ndondomeko zimachotsedwa.

Zindikirani

M'magawo a VMM ozikidwa pa OpFlex, wothandizira wa OpFlex pa hypervisor amafotokoza za VM/EP virtual network interface card (vNIC) ku EPG ku tsamba la OpFlex.
Mukamagwiritsa ntchito On Demand Resolution Immediacy, EPG VLAN/VXLAN imakonzedwa pamadoko onse amtundu wamasamba, madoko a doko, kapena zonse ziwiri ngati izi zili zoona:
- Ma Hypervisors amalumikizidwa ndi masamba panjira ya doko kapena njira yolumikizira doko yolumikizidwa mwachindunji kapena kudzera pakusintha kwamasamba.
- VM kapena chitsanzo vNIC imalumikizidwa ndi EPG.
- Ma Hypervisors amalumikizidwa ngati gawo la EPG kapena VMM domain.
Madera a VMM ozikidwa pa Opflex ndi Microsoft Security Center Virtual Machine Manager (SCVMM) ndi HyperV, ndi Cisco Application Virtual Switch (AVS).

Kutumiza Mwachangu

Ndondomekozi zikatsitsidwa ku pulogalamu yamasamba, kutumizira mwachangu kungatchule nthawi yomwe ndondomekoyo ikankhidwira mu memory policy content-addressable memory (CAM).
Pompopompo: Imatchula kuti ndondomekoyi imakonzedwa mu ndondomeko ya hardware CAM mwamsanga ndondomekoyi ikatsitsidwa mu pulogalamu yamasamba.
Zomwe zikufunidwa: Imatanthawuza kuti ndondomekoyi imakonzedwa mu ndondomeko ya hardware CAM pokhapokha paketi yoyamba ilandiridwa kudzera mu njira ya deta. Izi zimathandiza kukhathamiritsa malo a hardware.

Zindikirani

Mukamagwiritsa ntchito pompopompo kutumizidwa ndi ma VPC okhomedwa ndi MAC, mapangano a EPG samakankhidwira ku memory ternary content-addressable memory (TCAM) mpaka kumapeto koyamba kuphunziridwa mu EPG patsamba lililonse.
Izi zitha kuyambitsa kugwiritsa ntchito TCAM mosagwirizana ndi anzawo a VPC. (Nthawi zambiri, mgwirizanowo umakankhidwira kwa anzawo onse awiri.)

Malangizo Ochotsa Ma Domain a VMM

Tsatirani ndondomeko ili m'munsiyi kuti muwonetsetse kuti pempho la APIC lochotsa domeni ya VMM imangoyambitsa woyang'anira wa VM (kwa ex.ample VMware vCenter kapena Microsoft SCVMM) kuti amalize ntchitoyi moyenera komanso kuti palibe ma EPGs amasiye omwe ali pansalu ya ACI.

Woyang'anira VM ayenera kuchotsa ma VM onse kumagulu adoko (ngati VMware vCenter) kapena ma VM network (ngati SCVMM), opangidwa ndi APIC. Pankhani ya Cisco AVS, woyang'anira VM akufunikanso kuchotsa mawonekedwe a VMK okhudzana ndi Cisco AVS.
Woyang'anira ACI amachotsa dera la VMM mu APIC. APIC imayambitsa kuchotsedwa kwa VMware VDS Cisco AVS kapena SCVMM logical switch ndi zinthu zogwirizana.

Zindikirani

Woyang'anira VM sayenera kufufuta zosinthira zenizeni kapena zinthu zomwe zikugwirizana nazo (monga magulu a madoko kapena ma netiweki a VM); lolani APIC kuyambitsa kuchotsedwa kosinthika pakumaliza gawo lachiwiri pamwambapa. Ma EPG atha kukhala amasiye mu APIC ngati woyang'anira VM achotsa chosinthira kuchokera kwa wolamulira wa VM dera la VMM lisanachotsedwe mu APIC. Ngati kutsatizanaku sikutsatiridwa, wolamulira wa VM amachotsa kusintha komwe kumalumikizidwa ndi dera la APIC VMM. Munkhaniyi, woyang'anira VM ayenera kuchotsa pamanja ma VM ndi ma vtep kuchokera kwa wowongolera wa VM, ndikuchotsa zosinthira zomwe zidalumikizidwa kale ndi APIC VMM domain.

NetFlow yokhala ndi Virtual Machine Networking

Za NetFlow yokhala ndi Virtual Machine Networking

Ukadaulo wa NetFlow umapereka maziko owerengera pamapulogalamu ofunikira, kuphatikiza ma accounting a traffic, kugwiritsa ntchito ma network, kukonza ma network, komanso kukana kuyang'anira ntchito, kuyang'anira maukonde, kutsatsa kwapaintaneti, ndi migodi ya data kwa onse opereka chithandizo komanso makasitomala amalonda.
Cisco imapereka mapulogalamu angapo a NetFlow kuti asonkhanitse deta yotumiza kunja kwa NetFlow, kuchepetsa kuchuluka kwa data, kukonza pambuyo pake, ndikupereka mapulogalamu omaliza omwe ali ndi mwayi wofikira ku data ya NetFlow.
Ngati mwathandizira NetFlow kuyang'anira kuchuluka kwa magalimoto omwe akuyenda m'malo anu a data, izi zimakuthandizani kuti muzitha kuyang'anira kuchuluka kwa magalimoto omwe akuyenda pansalu ya Cisco Application Centric Infrastructure (Cisco ACI).
M'malo mwa hardware kutumiza mwachindunji zolembazo kwa wosonkhanitsa, zolembazo zimakonzedwa mu injini ya woyang'anira ndipo zimatumizidwa kwa osonkhanitsa a NetFlow mumtundu wofunikira. Kuti mumve zambiri za NetFlow, onani Cisco APIC ndi NetFlow chidziwitso choyambira.

Za NetFlow Exporter Policy with Virtual Machine Networking

Ndondomeko yotumizira kunja kwa makina opangira makina (netflowVmmExporterPol) imafotokoza zambiri zazomwe zasonkhanitsidwa kuti ziziyenda zomwe zimatumizidwa ku seva yopereka malipoti kapena wokhometsa NetFlow. Wotolera wa NetFlow ndi gulu lakunja lomwe limathandizira NetFlow protocol ndikulandila mapaketi omwe ali ndi mitu yovomerezeka ya NetFlow.
Ndondomeko yotumiza kunja ili ndi izi:

VmmExporterPol.dstAddr—Katundu wovomerezekayu amatchula adilesi ya IPv4 kapena IPv6 ya NetFlow yosonkhanitsa yomwe imavomereza mapaketi a NetFlow flow. Izi ziyenera kukhala mumtundu wa wolandila (ndiko, "/ 32" kapena "/128"). Adilesi ya IPv6 imathandizidwa ndi vSphere Distributed Switch (vDS) mtundu 6.0 ndi mtsogolo.
VmmExporterPol.dstPort—Katundu wovomerezekayu amatchula doko lomwe pulogalamu ya NetFlow yosonkhanitsa ikumvera, zomwe zimathandiza wokhometsa kuvomereza zolumikizira zomwe zikubwera.
VmmExporterPol.srcAddr—Katunduyu amatchula adilesi ya IPv4 yomwe imagwiritsidwa ntchito ngati adilesi yamapaketi otuluka a NetFlow.

Thandizo la NetFlow ndi VMware vSphere Distributed Switch

VMware vSphere Distributed Switch (VDS) imathandizira NetFlow ndi mapanga awa:

Wokhometsa wakunja ayenera kupezeka kudzera mu ESX. ESX sichirikiza njira zoyendera ndi kutumiza (VRFs).
Gulu la doko litha kuloleza kapena kuletsa NetFlow.
VDS sichirikiza kusefa kwa mlingo wotuluka.

Konzani magawo otsatirawa a VDS mu VMware vCenter:

Adilesi ya IP ndi doko. IPv6 imathandizidwa pa mtundu wa VDS 6.0 kapena mtsogolo. Izi ndi zovomerezeka.
Adilesi ya IP. Izi ndizosankha.
Kutha kwa nthawi yogwira ntchito, kutha kwa nthawi yopanda ntchito, ndi sampmtengo. Izi ndizosankha.

Kukonza NetFlow Exporter Policy ya VM Networking Pogwiritsa Ntchito GUI
Njira yotsatirayi ikukonzekera ndondomeko ya NetFlow yotumiza kunja kwa VM networking.

Ndondomeko

Khwerero 1 Pa menyu kapamwamba, sankhani Nsalu > Ndondomeko Zofikira.
Khwerero 2 Pagawo loyang'anira, onjezerani Malamulo> Chiyankhulo> NetFlow.
Khwerero 3 Dinani kumanja kwa NetFlow Exporters kwa VM Networking ndikusankha Pangani NetFlow Exporter ya VM Networking.
Khwerero 4 Mu Pangani NetFlow Exporter for VM Networking dialogue box, lembani minda momwe ikufunikira.
Khwerero 5 Dinani Tumizani.

Kugwiritsa Ntchito NetFlow Exporter Policy Pansi pa VMM Domain Pogwiritsa Ntchito GUI

Njira yotsatirayi imagwiritsa ntchito mfundo zotumizira kunja kwa NetFlow pansi pa dera la VMM pogwiritsa ntchito GUI.

Ndondomeko

Gawo 1 Pa menyu, sankhani Virtual Networking> Inventory.
Gawo 2 Mu Navigation pane, kulitsa foda ya VMMDomains, dinani kumanja VMware, ndikusankha Pangani Center Domain.
Gawo 3 Mu bokosi la bokosi la Pangani vCenter Domain, lembani minda momwe mukufunikira, kupatula monga momwe tafotokozera:
- a) Pamndandanda wotsikirapo wa NetFlow Exporter Policy, sankhani mfundo zomwe mukufuna kutumiza kunja kapena pangani ina.
- b) Mugawo la Active Flow Timeout, lowetsani nthawi yomwe mukufuna, mumasekondi. The Active Flow Timeout parameter imatchula kuchedwa komwe NetFlow imadikirira pambuyo poyambira, kenako NetFlow imatumiza zomwe zasonkhanitsidwa. Mtunduwu umachokera ku 60 mpaka 3600. Mtengo wokhazikika ndi 60.
- c) M'munda wa Idle Flow Timeout, lowetsani nthawi yomwe mukufuna, mumasekondi. The Idle Flow Timeout parameter imafotokoza kuchedwa komwe NetFlow imadikirira pambuyo poyambira, kenako NetFlow imatumiza zomwe zasonkhanitsidwa. Mtunduwu umachokera ku 10 mpaka 300. Mtengo wokhazikika ndi 15.
- d) (VDS yokha) Mu Sampling Rate field, lowetsani sampmtengo. The Sampling Rate parameter imatchula mapaketi angati a NetFlow adzatsika pambuyo paketi iliyonse yosonkhanitsidwa. Ngati mutchula mtengo wa 0, ndiye kuti NetFlow siponya mapaketi aliwonse. Mtunduwu umachokera ku 0 mpaka 1000. Mtengo wokhazikika ndi 0.
Gawo 4 Dinani Tumizani.

Kuthandizira NetFlow pa Endpoint Group kupita ku VMM Domain Association Pogwiritsa Ntchito GUI

Njira zotsatirazi zimathandizira NetFlow pagulu lakumapeto kupita ku gulu la VMM domain.
Musanayambe
Muyenera kuti mudapanga izi:

Pulogalamu ya profile
Gulu lomaliza la ntchito

Ndondomeko

Khwerero 1 Pa menyu kapamwamba, kusankha Tenants> Onse Tenanti.
Khwerero 2 Pagawo la Ntchito, dinani kawiri dzina la wobwereka.
Khwerero 3 Pagawo lakumanzere lolowera, onjezerani tenant_name> Application Profiles > application_profile_name> Ntchito EPGs> application_EPG_name
Khwerero 4 Dinani kumanja Magawo (VMs ndi Bare-Metals) ndikusankha Add VMM Domain Association.
Khwerero 5 mu Add VMM Domain Association dialog box, lembani minda momwe mukufunikira; komabe, m'dera la NetFlow, sankhani Yambitsani.
Khwerero 6 Dinani Tumizani.

Kuthetsa Kulumikizana kwa VMM

Njira zotsatirazi zimathetsa zovuta zolumikizana ndi VMM:

Ndondomeko

Gawo 1 Yambitsani kulunzanitsanso kwazinthu pa Application Policy Infrastructure Controller (APIC). Kuti mumve zambiri zamomwe mungayambitsire kulunzanitsanso kwazinthu pa APIC, onani zoyambira zachidziwitso zotsatirazi:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_VMM_OnDemand_Inventory_in_APIC.html.
Gawo 2 Ngati sitepe 1 siyikukonza vutolo, kwa ma EPG omwe akhudzidwa, ikani chigamulocho nthawi yomweyo kuti mugwiritse ntchito kukonzekereratu mu dera la VMM. "Pre-Provision" imachotsa kufunikira kwa malo oyandikana nawo oyandikana nawo kapena zilolezo za OpFlex ndipo pambuyo pake mawonekedwe amphamvu a VMM Domain VLAN Programming. Kuti mumve zambiri za mitundu ya Resolution Immediacy, onani gawo lotsatirali la EPG Policy Resolution and Deployment Immediacy:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals_chapter_01011.html#concept_EF87ADDAD4EF47BDA741EC6EFDAECBBD.
Gawo 3 Ngati masitepe 1 ndi 2 sakukonza vutolo ndipo muwona vuto pa ma VM onse, ndiye chotsani mfundo zowongolera za VM ndikuwerenga mfundozo.
Zindikirani Kuchotsa malamulo owongolera kumakhudza kuchuluka kwa magalimoto kwa ma VM onse omwe ali pawowongolerawo. Cisco ACI Virtual Machine Networking.

Zolemba / Zothandizira

CISCO ACI Virtual Machine Networking [pdf] Buku Logwiritsa Ntchito
ACI Virtual Machine Networking, ACI, Virtual Machine Networking, Machine Networking, Networking

Maumboni

Buku Logwiritsa Ntchito

CISCO ACI Virtual Machine Networking

Zambiri Zamalonda

Malangizo Ogwiritsira Ntchito Zogulitsa

Thandizo la Networking

Mapu a Cisco ACI ndi VMware Constructs

VMM Domain EPG Association

Zambiri za Trunk Port Group

Attachable Entity Profile

Kutumiza Mwachangu

NetFlow yokhala ndi Virtual Machine Networking

Zolemba / Zothandizira

Maumboni

Siyani ndemanga

Letsani yankho