CISCO ACI Virtual Machine Networking User Guide

Mataupu lalafi

1 CISCO ACI Virtual Machine Networking

2 Fa'amatalaga o oloa

3 Fa'atonuga o le Fa'aaogaina o Mea

4 Fesootaiga Lagolago

5 Fa'afanua Cisco ACI ma VMware Fausia

6 VMM Domain EPG Asosi

7 E uiga i Trunk Port Group

8 Attachable Entity Profile

9 Fa'atonuina vave

10 NetFlow fa'atasi ai ma feso'ota'iga masini masini

11 Pepa / Punaoa

11.1 Fa'asinomaga

CISCO ACI Virtual Machine Networking

Fa'amatalaga o oloa

Fa'amatalaga:
- Oloa Lagolago ma Fa'atau: Cisco ACI lagolagoina masini masini masini (VMMs) mai oloa eseese ma faʻatau. Va'ai i le Cisco ACI Virtualization Compatibility Matrix mo le lisi sili ona lata mai o oloa fa'afeso'ota'i fa'amaonia.

Fa'atonuga o le Fa'aaogaina o Mea

Fa'afanua Cisco ACI ma VMware Fausia: Cisco Application Centric Infrastructure (ACI) ma VMware faʻaaogaina faaupuga eseese e faʻamatala ai mea tutusa. O le laulau o loʻo i lalo o loʻo tuʻuina atu ai se faʻafanua o Cisco ACI ma VMware faʻamatalaga talafeagai i le VMware vSphere Distributed Switch (VDS).

Cisco ACI Tuutuuga	VMware Tuutuuga
Vaega fa'ai'uga (EPG)	Vaega uafu, vaega uafu
LACP Active	LACP Passive
Fa'amauina MAC	MAC Pinning-Faaletino-NIC-Uta
Alalesi Static – Faiga ON	Pule ole masini ma'i (VMM) vaega VDS
Pule VM	vCenter (Fa'amaumauga)

Pule o le masini fa'atekonolosi Domain Vaega Autu:
- ACI fabric virtual machine manager (VMM) domains e mafai ai e pule ona fetuutuunai faiga faʻavae fesoʻotaʻiga mo masini masini masini. O vaega autu o se faiga fa'avae a le ACI VMM e aofia ai:
- Pule ole masini ma'i (VMM).
- Pule VM
- vCenter (Fa'amaumauga)
- Fa'aaliga: E mafai e se vaega VMM se tasi ona aofia ai le tele o fa'ata'ita'iga o le VM controllers, ae tatau ona mai le fa'atau lava e tasi (fa'ata'ita'iga, VMware po'o Microsoft).
Fa'atonu Pule ole Masini Va'aiga:
- Ose APIC VMM domain profile ose faiga fa'avae e fa'amatala ai se vaega VMM. O le VMM domain policy e faia ile APIC ma tulei i totonu ole la'au sui. VMM domain e maua ai mea nei:
VMM Domain VLAN Pool Association
- VLAN vaita'ele o lo'o fa'atusalia poloka o fe'avea'i VLAN fa'ailoa. Ole vaitaele VLAN ose fa'asoa fa'asoa ma e mafai ona fa'aaogaina e le tele o vaega e pei ole VMM domains ma Layer 4 i Layer 7 auaunaga.
- E mafai ona feso'ota'i se vaega VMM ma na'o le tasi VLAN vaita'ele malosi.
- Ona o le le mafai, o faʻamatalaga VLAN e tuʻuina atu ma le malosi i EPG e fesoʻotaʻi ma VMM domains e le Cisco APIC.
- Ae ui i lea, e mafai e le pulega ona tuʻuina atu se faʻamatalaga VLAN i se vaega pito (EPG) nai lo.
- I ia tulaga, o faʻamatalaga faʻaaogaina e tatau ona filifilia mai poloka encapsulation i totonu o le VLAN pool e fesoʻotaʻi ma le VMM domain, ma o latou ituaiga faʻasoa e tatau ona suia i static.
- O le Cisco APIC o loʻo tuʻuina atu le VMM domain VLAN i luga o laupepa laulaau e faʻavae i luga o mea EPG, pe faʻapipiʻi faʻamau i luga o laupepa lau poʻo faʻavae i luga o mea VM mai pule e pei o VMware vCenter poʻo Microsoft SCVMM.
- Fa'aaliga: I vaituloto VLAN malosi, afai e vavae ese se VLAN mai se EPG, o le a otometi lava ona toe faʻafesoʻotaʻi ma le EPG pe a uma le lima minute.
- Dynamic VLAN association e le o se vaega o le suiga o le faatulagaga, o lona uiga afai na aveese muamua se EPG poʻo se tagata nofoia ma toe faʻafoʻi mai le faʻamaumauga, o le a otometi lava ona tuʻuina atu se VLAN fou mai vaituloto VLAN malosi.

FAQ:
- Q: O a oloa ma fa'atau oloa e lagolagoina e Cisco ACI?
- A: Cisco ACI lagolagoina masini masini masini (VMMs) mai oloa eseese ma faʻatau. Fa'amolemole va'ai ile Cisco ACI Virtualization Compatibility Matrix mo le lisi sili ona lata mai o oloa fa'afeso'ota'i fa'amaonia.
- Q: E mafai ona ou tuʻuina atu se faʻamatalaga VLAN i se EPG nai lo le tuʻuina atu ma le malosi?
- A: Ioe, e mafai ona e tu'uina atu se fa'amatalaga VLAN i se vaega pito (EPG) e feso'ota'i ma se vaega VMM. Ae ui i lea, e tatau ona filifilia le faʻamatalaga mai poloka faʻapipiʻi i totonu o le VLAN pool e fesoʻotaʻi ma le VMM domain, ma e tatau ona suia le tuʻufaʻatasiga i le static.
- Q: O le a le mea e tupu pe a vavae ese se VLAN mai se EPG i totonu o se vaitaele VLAN malosi?
- A: Afai e vavae ese se VLAN mai se EPG i totonu o se vaitaele VLAN malosi, o le a otometi lava ona toe faʻafesoʻotaʻi ma le EPG pe a uma le lima minute.
- Q: O le VLAN so'oga malosi o se vaega o le fa'asologa o le toe fa'afo'i?
- A: Leai, e le o se vaega o le fa'asologa o le toe fa'afo'i. Afai na ave'esea muamua se EPG po'o se tagata mautotogi ma toe fa'afo'i mai le fa'amaumauga, o le VLAN fou o le a otometi lava ona fa'asoa mai vaituloto VLAN malosi.

O lenei mataupu e aofia ai vaega nei:

• Cisco ACI VM Networking Support for Virtual Machine Managers, i le itulau 1
• Fa'afanua Cisco ACI ma VMware Constructs, i le itulau 2
• Vaega Autu o le Pule ole masini masini, ile itulau 3
• Vaega Pule Pulea o masini, i le itulau 4
• VMM Domain VLAN Pool Association, i le itulau 4
• VMM Domain EPG Association, i le itulau 5
• E uiga i Trunk Port Group, i le itulau e 7
• Attachable Entity Profile, i le itulau e 8
• Fa'atonu Faiga Fa'avae a le EPG ma Fa'atino vave, i le itulau 9
• Ta'iala mo le tapeina o VMM Domains, i le itulau 10
• NetFlow with Virtual Machine Networking, itulau 11
• Fa'afitauli VMM Feso'ota'i, i le itulau 13

Fesootaiga Lagolago

Cisco ACI VM Networking Lagolago mo Pule masini masini

Fa'amanuiaga ole ACI VM Networking

Cisco Application Centric Infrastructure (ACI) masini komepiuta (VM) fesoʻotaʻiga e lagolagoina hypervisors mai le tele o faʻatau.
E maua ai le avanoa fa'apolokalame ma fa'autometi a le hypervisor i fa'atonuga fa'atekonolosi fa'atekonolosi e fa'atino maualuga.
Polokalama ma fa'autometi o vaega taua ia o atina'e fa'atekonolosi fa'atekonolosi fa'amaumauga.
O le Cisco ACI open REST API e mafai ai ona tu'ufa'atasia masini fa'apitoa ma fa'apipi'iina le fa'ata'ita'iga o faiga fa'avae Cisco ACI ie.
Cisco ACI VM networking e mafai ai ona faʻamalosia pea faiga faʻavae i luga o galuega faʻapitoa ma le tino o loʻo pulea e hypervisors mai le tele o faʻatau.
Vaega fa'apipi'i profiles faigofie ona mafai VM fealuai ma le tuʻuina o galuega mamafa i soʻo se mea i le Cisco ACI ie.
O le Cisco Application Policy Infrastructure Controller (APIC) o loʻo tuʻuina atu ai faʻafitauli faʻapitoa, togi o le soifua maloloina o talosaga, ma le mataʻituina o le virtualization.
Cisco ACI multi-hypervisor VM masini faʻaititia pe faʻaumatia le faʻatulagaina o tusi lesona ma mea sese tusi lesona. O lenei mea e mafai ai e nofoaga autu faʻamatalaga faʻamaonia e lagolago ai le tele o VM ma le faʻatuatuaina ma le taugofie.

Oloa Lagolago ma Fa'atau

Cisco ACI lagolagoina masini masini masini (VMMs) mai oloa nei ma faʻatau:
Cisco Unified Computing System Manager (UCSM)
Tuufaatasiga o Cisco UCSM o loʻo lagolagoina e amata ile Cisco Cisco APIC Release 4.1(1). Mo faʻamatalaga, vaʻai le mataupu "Cisco ACI ma Cisco UCSM Integration i le Cisco ACI Virtualization Guide, Faʻasaʻo 4.1 (1).

Cisco Application Centric Infrastructure (ACI) Virtual Pod (iPod)

Cisco ACI vPod o loʻo avanoa lautele e amata ile Cisco APIC Release 4.0(2). Mo faʻamatalaga, vaʻai le Cisco ACI vPod faʻamaumauga i luga Cisco.com.

Cloud Foundry

Cloud Foundry integration ma Cisco ACI e lagolagoina e amata ile Cisco APIC Release 3.1(2). Mo faʻamatalaga, vaʻai i le tala faʻavae malamalama, Cisco ACI ma Cloud Found Integration on Cisco.com.

Kubernetes

Mo faʻamatalaga, vaʻai i le tusiga faʻavae malamalama, Cisco ACI ma Kubernetes Integration on Cisco.com.

Microsoft System Center Virtual Machine Manager (SCVMM)

Mo faʻamatalaga, tagaʻi i mataupu "Cisco ACI ma Microsoft SCVMM" ma le "Cisco ACI ma Microsoft Windows Azure Pack" i le Cisco ACI Virtualization Taiala on Cisco.com.

OpenShift

Mo fa'amatalaga, va'ai le OpenShift pepa aloaia. luga Cisco.com.

OpenStack

Mo fa'amatalaga, va'ai le OpenStack pepa aloaia on Cisco.com.

Fa'ata'otoga Puti Mumu (RHV)

Mo faʻamatalaga, vaʻai i le tusiga faʻavae malamalama, Cisco ACI ma Red Hat Integration. luga Cisco.com.

VMware Virtual Distributed Switch (VDS)

Mo faʻamatalaga, vaʻai le mataupu "Cisco "ACI ma VMware VDS Integration" i le Cisco ACI Virtualization Taiala.
Vaai i le Cisco ACI Virtualization Compatibility Matrix. mo le lisi aupito lata mai o oloa fa'amaonia fa'afeso'ota'i.

Fa'afanua Cisco ACI ma VMware Fausia

Cisco Application Centric Infrastructure (ACI) ma VMware faʻaaogaina faaupuga eseese e faʻamatala ai mea tutusa. O lenei vaega o loʻo tuʻuina atu ai se laulau mo le faʻafanua Cisco ACI ma VMware faʻamatalaga; o faʻamatalaga e talafeagai ile VMware vSphere Distributed Switch (VDS).

Cisco ACI Tuutuuga	VMware Tulaga
Vaega fa'ai'uga (EPG)	Vaega uafu, vaega uafu

Cisco ACI Tuutuuga	VMware Tulaga
LACP Active	• Auala e fa'atatau ile IP hash (downlink port group) • LACP Enabled/Active (uplink port group)
LACP Passive	• Auala e fa'atatau ile IP hash (downlink port group) • LACP Enabled/Active (uplink port group)
Fa'amauina MAC	• Auala e fa'atatau i le amataga o le uafu virtuali • LACP ua le atoatoa
MAC Pinning-Faaletino-NIC-Uta	• Auala e fa'atatau ile uta NIC fa'aletino • LACP ua le atoatoa
Alalesi Static – Faiga ON	• Auala e fa'atatau i le IP Hash (fa'atasiga uafu vaega) • LACP ua le atoatoa
Pule ole masini ma'i (VMM).	VDS
Pule VM	vCenter (Fa'amaumauga)

Pule ole masini fa'atekonolosi Domain Vaega Autu

ACI fabric virtual machine manager (VMM) domains e mafai ai e le pule ona fetuutuunai faiga faʻavae fesoʻotaʻiga mo masini masini masini. O vaega taua o se faiga fa'avae a le ACI VMM e aofia ai mea nei:

Pule ole masini fa'asolo ole Domain Profile—Fa'alapotopotoga VM pule fa'atasi ma faiga fa'avae feso'otaiga tutusa. Mo example, VM pule e mafai ona fa'asoa VLAN vaituloto ma vaega fa'ai'uga talosaga (EPGs). O le APIC e fesoʻotaʻi ma le pule e faʻasalalau fesoʻotaʻiga fesoʻotaʻiga e pei o kulupu o loʻo faʻaogaina i luga o galuega faʻapitoa. Le VMM domain profile e aofia ai vaega taua nei:
Fa'ailoga—Fa'afeso'ota'i se fa'amatalaga fa'aoga fa'aoga fa'aoga VM ma se vaega APIC VMM.
Pule—Fa'amanino pe fa'afefea ona fa'afeso'ota'i ile pule ole VM ose vaega ole vaega ole tulafono fa'amalosia.

Mo exampO le mea lea, e faʻamaonia e le pule le fesoʻotaʻiga i se VMware vCenter o se vaega o le VMM domain.

Manatua

O se tasi VMM domain e mafai ona aofia ai le tele o faʻataʻitaʻiga o le VM controllers, ae tatau ona sau mai le faʻatau tutusa (mo example, mai VMware poʻo mai Microsoft.

Asosi EPG—O vaega fa'ai'uga e fa'atulafonoina feso'ota'iga ma va'ava'ai i fa'ai'uga i totonu o le lautele o le VMM fa'avae tulafono. VMM domain EPGs amio e pei ona taua i lalo: O le APIC e tuleia nei EPG e avea ma vaega o taulaga i totonu o le VM pule. E mafai e le EPG ona fa'alautele le tele o vaega VMM, ma o le VMM e mafai ona aofia ai le tele o EPG.
Attachable Entity Profile Asosi—Fa'afeso'ota'i se vaega VMM fa'atasi ma atina'e feso'otaiga fa'aletino. Ose faalapotopotoga fa'apipi'i profile (AEP) o se faʻataʻitaʻiga fesoʻotaʻiga fesoʻotaʻiga e mafai ai ona faʻapipiʻi faiga faʻavae VM i luga o se seti tele o laupepa sui laulaau. O le AEP o loʻo faʻamaoti mai po o fea sui ma ports o loʻo avanoa, ma pe faʻafefea ona faʻatulagaina.
VLANPool Association—A VLAN pool o loʻo faʻamaonia ai VLAN ID poʻo laina faʻaoga mo VLAN encapsulation o loʻo faʻaaogaina e le VMM domain.

Vaega Pule Pulea masini

Ose APIC VMM domain profile ose faiga fa'avae e fa'amatala ai se vaega VMM. O le VMM domain policy e faia ile APIC ma tulei i totonu ole la'au sui.

VMM domain e maua ai mea nei:

Ose tulaga masani i le ie ACI e mafai ai ona fa'asalaina le fa'apalepale fa'aletonu mo le tele o fa'atonu VM.
Lagolago VMM mo le tele o tagata nofoia i totonu ole ie ACI. VMM domains o lo'o iai fa'atonu VM pei ole VMware vCenter po'o le Microsoft SCVMM Manager ma fa'amaoniga e mana'omia mo le ACI API e fegalegaleai ai ma le pule VM.
Ole VMM e mafai ai e le VMmobility ile vaega ae le o le isi itu.

E mafai e se vaega VMM se tasi ona aofia ai le tele o fa'ata'ita'iga o le VM controllers ae tatau ona tutusa le ituaiga.
Mo example, o le VMM domain e mafai ona aofia ai le tele o VMware vCenters e pulea le tele o pule ta'itasi e fa'atino le tele o VM ae atonu e le o iai fo'i le SCVMM Pule.
O le VMM domain inventories elemene e pulea (e pei o pNICs, vNICs, VM igoa, ma isi mea) ma tuleia faiga faʻavae i totonu o (s), fatuina vaega o taulaga, ma isi elemene talafeagai.

O le ACI VMM domain e faʻalogo mo faʻatonuga faʻapitoa e pei o le VM mobility ma tali mai e tusa ai.

VMM Domain VLAN Pool Association

VLAN vaita'ele o lo'o fa'atusalia poloka o fe'avea'i VLAN fa'ailoa. Ole vaitaele VLAN ose fa'asoa fa'asoa ma e mafai ona fa'aaogaina e le tele o vaega e pei ole VMM domains ma Layer 4 i Layer 7 auaunaga.

O vaita'ele ta'itasi o lo'o i ai se ituaiga fa'asoa (static po'o le malosi), fa'amatalaina i le taimi na faia ai.
O le fa'asoaina ituaiga e fuafua pe o fa'amatalaga o lo'o iai i totonu o le a fa'aaogaina mo le fa'atonuina otometi e le Cisco APIC (dynamic) po'o le fa'atulagaina manino e le pule (static).
Ona o le faaletonu, o poloka uma o loʻo i totonu o le VLAN vaitaele e tutusa le tuʻufaʻatasia ma le vaitaele ae mafai e tagata faʻaoga ona suia le tuʻufaʻatasiga mo poloka encapsulation o loʻo i totonu o vaitaʻele malosi i static. O le faia o lena mea e le aofia ai i latou mai le vaevaega malosi.

E mafai ona feso'ota'i se vaega VMM ma na'o le tasi VLAN vaita'ele malosi.
Ona o le le mafai, o le tuʻuina atu o faʻamatalaga VLAN i EPG e fesoʻotaʻi ma VMM domains e faia faʻamalosi e le Cisco APIC.
E ui o le fa'asoa fa'anatinati o le fa'aletonu ma le fa'atonuga, e mafai e le pule ona tu'u fa'amautu se fa'amatalaga VLAN i se vaega pito (EPG) nai lo.

I lena tulaga, o faʻamatalaga faʻaaogaina e tatau ona filifilia mai poloka encapsulation i le VLAN pool e fesoʻotaʻi ma le VMM domain, ma o latou ituaiga faʻasoa e tatau ona suia i le static.
O le Cisco APIC o loʻo tuʻuina atu le VMM domain VLAN i luga o laupepa laʻau e faʻavae i luga o mea tutupu EPG, pe faʻamauina i luga o laupepa laulaau poʻo faʻavae i luga o mea VM mai pule e pei ole VMware vCenter poʻo Microsoft SCVMM.

Manatua

I vaituloto VLAN malosi, afai e vavae ese se VLAN mai se EPG, e otometi lava ona toe faʻafesoʻotaʻi ma le EPG i le lima minute.

Manatua

Dynamic VLAN association e le o se vaega o le toe faʻatulagaina, o lona uiga, pe a fai na aveese muamua se EPG poʻo se tagata nofoia ma toe faʻafoʻi mai le faʻamaumauga, o se VLAN fou e otometi lava ona tuʻuina mai vaitaele VLAN malosi.

VMM Domain EPG Asosi

O le Cisco Application Centric Infrastructure (ACI) ie e fesoʻotaʻi ma tagata nofoia talosaga profile vaega pito i'uga (EPGs) i le pule masini masini (VMM) domains, O le Cisco ACI e faia a le otometi e se vaega orchestration e pei o Microsoft Azure, po o se Cisco Application Policy Infrastructure Controller (APIC) pule faia ia configurations. E mafai e le EPG ona fa'alautele le tele o vaega VMM, ma o le VMM e mafai ona aofia ai le tele o EPG.

I le fa'ata'ita'iga muamua, o fa'ai'uga (EPs) o lanu tutusa o se vaega o le EPG tutusa. Mo example, o EP lanu meamata uma o lo'o i totonu o le EPG lava e tasi e ui o lo'o i totonu o vaega VMM eseese e lua. Va'ai le ta'iala lata mai Fa'amaonia Scalability mo Cisco ACI mo feso'otaiga vavave ma VMM vaega EPG fa'amatalaga gafatia.

Manatua

Ole tele ole VMM e mafai ona fa'afeso'ota'i ile su'iga laula'au e tasi pe a leai ni vaita'ele VLAN o lo'o i luga ole uafu e tasi.

E fa'apena fo'i, e mafai ona e fa'aogaina vaita'ele VLAN tutusa i vaega eseese pe a latou le fa'aogaina le uafu tutusa o se la'au ki.

E mafai e EPG ona fa'aogaina le tele o VMM domains i auala nei:

O se EPG i totonu o le VMM e iloagofie e ala i le fa'aogaina o se fa'amatalaga fa'apipi'i. Cisco APIC e mafai ona pulea otometi le faʻamatalaga, pe mafai e le pule ona filifili faʻamau. O se example o se VLAN, o se Fa'asinomaga Feso'ota'iga (VNID).

E mafai ona fa'afanua se EPG i le tele o mea fa'aletino (mo 'au'auna u'amea e leai ni mea) po'o vaega fa'apitoa. E mafai ona faʻaogaina VLAN poʻo VNID faʻapipiʻi eseese i vaega taʻitasi.

Manatua

Ona o le le mafai, o le Cisco APIC e faʻatautaia le faʻasoaina o se VLAN mo se EPG.

VMware DVS pule e iai le filifiliga e faʻapipiʻi se VLAN patino mo se EPG.
I lena tulaga, o le VLAN e filifilia mai se poloka vaevaega faʻapitoa i totonu o le vaitaele e fesoʻotaʻi ma le VMM domain.
O talosaga e mafai ona fa'apipi'i ile VMM domains.

A'o lagolagoina le femalaga'iga ola o VM i totonu ole VMM, e le lagolagoina le femalaga'iga ola ole VM ile VMM.

Manatua

A e suia le VRF i luga o le alalaupapa o loʻo fesoʻotaʻi atu i se EPG ma se VMM e fesoʻotaʻi, e tape le vaega o le taulaga ona toe faʻaopoopo lea i luga o le vCenter.

O le mea lea e mafua ai ona le faʻaaogaina le EPG mai le VMM domain. E fa'amoemoeina le amio.

E uiga i Trunk Port Group

E te fa'aogaina se kulupu uafu e tu'ufa'atasia ai fe'avea'i o vaega fa'ai'uga (EPGs) mo VMware virtual machine manager (VMM) domains.
E le pei o vaega masani o taulaga, o loʻo faʻapipiʻiina i lalo o le Tenants tab i le Cisco Application Policy Infrastructure Controller (APIC) GUI, o loʻo faʻapipiʻiina vaega o pusa i lalo o le VM Networking tab.

O vaega masani o uafu e mulimuli i le T|A|E fa'asologa o igoa EPG.
O le tuufaatasiga o EPG i lalo o le vaega lava e tasi e faʻavae i luga o se VLAN, lea e faʻamaonia o poloka faʻapipiʻi o loʻo i totonu o le pusa ogalaau.
Soo se taimi lava e suia ai le faʻapipiʻiina o se EPG pe suia le poloka faʻapipiʻi o se vaega o le pusa ogalaau, e toe iloilo le faʻaopoopoga e iloa ai pe tatau ona faʻapipiʻi le EGP.

O se vaega o le uafu ogalaau e pulea le faʻaogaina o laulaau o punaoa fesoʻotaʻiga, e pei o VLAN, o loʻo tuʻuina atu i le EPG o loʻo faʻapipiʻiina.
O EPG e aofia uma ai le EPG faavae ma microsegmented (uSeg) EPGs. I le tulaga o se tagata fa'aoga EPG, e mana'omia le VLAN laina o le pusa ogalaau e aofia uma ai VLAN muamua ma lona lua.

Mo nisi fa'amatalaga, va'ai i faiga nei:

Attachable Entity Profile

O le ie ACI e maua ai le tele o mea faʻapipiʻi e fesoʻotaʻi atu i laupepa laulaau i faʻalapotopotoga eseese i fafo e pei o faʻauʻu uʻamea, masini masini masini, suiga Layer 2 (mo faʻaulu.ample, le Cisco UCS ie feso'ota'i), po'o Layer 3 routers (mo example Cisco Nexus 7000 Fa'asologa suiga). O nei mea fa'apipi'i e mafai ona avea ma ports fa'aletino, FEX ports, port channels, po'o se virtual port channel (vPC) i luga o la'au sui.

Manatua

Pe a fatuina se vaega VPC i le va o suiga laulaau e lua, e tatau ona i ai ia ki e lua i le faʻatupuina o suiga e tasi, o se tasi o mea nei:

Tupulaga 1 – Cisco Nexus N9K sui e aunoa ma le "EX" poʻo le "FX" i le pito o le igoa ki; mo example, N9K-9312TX
Tupulaga 2 – Cisco Nexus N9K sui i le "EX" poʻo le "FX" i le pito o le igoa faʻataʻitaʻiga sui; mo example, N9K-93108TC-EX

Suiga pei o nei e lua e le fetaui ma VPC tupulaga. Nai lo lena, fa'aaoga ki o le tupulaga lava e tasi. Ose Vaega Fa'apipi'i Profile (AEP) o lo'o fa'atusalia ai se vaega o fa'alapotopotoga mai fafo e tutusa mana'oga o faiga fa'avae. O faiga fa'avae e aofia ai faiga fa'akomepiuta fa'apitoa e fa'atulaga ai filifiliga fa'akomepiuta eseese, e pei ole Cisco Discovery Protocol (CDP), Link Layer Discovery Protocol (LLDP), po'o le Link Aggregation Control Protocol (LACP) E mana'omia se AEP e fa'apipi'i ai vaitaele VLAN i luga o la'au sui. . O poloka fa'apipi'i (ma VLANs e feso'ota'i) e mafai ona toe fa'aoga i suiga o laulaau. O le AEP o lo'o tu'uina atu ai le lautele o le VLAN vaita'ele i mea tetele fa'aletino. O mana'oga a le AEP ma fa'alagolago e tatau ona fa'amauina i fa'asologa o fa'asologa eseese, e aofia ai feso'ota'iga feso'ota'iga, VMM domains, ma le tele pod configuration:

O le AEP o loʻo faʻamalamalamaina le tele o VLANS faʻatagaina ae e le tuʻuina atu. E leai se ta'avale e tafe se'i vagana ua fa'atūina se EPG i luga o le uafu. A aunoa ma le faʻamalamalamaina o se VLAN vai i totonu o se AEP, e le mafai ona faʻaogaina se VLAN i luga o le laulautusi e tusa lava pe o loʻo tuʻuina atu se EPG.
O se VLAN fa'apitoa e tu'uina atu pe fa'aagaaga i luga o le lau'au o lo'o fa'avae i luga o fa'alavelave EPG pe fa'amauina fa'amau i luga o se la'au uafu po'o fa'avae i mea VM mai fa'atonu fafo e pei ole VMware vCenter po'o le Microsoft Azure Service Center Virtual Machine Manager (SCVMM).
Fa'apipi'i fa'alapotopotoga profiles e mafai ona fa'afeso'ota'i sa'o ma EPG talosaga, lea e fa'apipi'i le EPG fa'atatau i na ports uma e feso'ota'i ma le fa'alapotopotoga fa'apipi'i pro.file. O le AEP o loʻo i ai se galuega faʻatulagaina lautele (infraGeneric), o loʻo i ai se fesoʻotaʻiga i se EPG (infraRsFuncToEpg) o loʻo faʻapipiʻiina i luga o fesoʻotaʻiga uma o se vaega o tagata filifilia e fesoʻotaʻi ma le faʻapipiʻi faʻalapotopotoga pro.file.

E otometi lava ona maua e le pule o masini masini (VMM) faiga fa'avae fa'aletino mai vaega o faiga fa'avae a le AEP.
E mafai ona fa'aoga se faiga fa'alilolilo i le AEP e fa'amaoti ai se faiga fa'avae fa'apitoa mo se VMM. E aoga lenei faiga fa'avae i fa'aaliga o lo'o feso'ota'i ai le VM controller i le la'au sui e ala i le vaeluagalemu o le Layer 2 node, ma e mana'omia se isi faiga fa'avae i le la'au sui ma le VM fa'atonu uafu faaletino. Mo example, e mafai ona e fetuutuunai LACP i le va o se la'au ki ma se Node Layer 2. I le taimi lava e tasi, e mafai ona e faʻamalo le LACP i le va o le VM controller ma le Layer 2 ki e ala i le faʻamalo LACP i lalo o le AEP override policy.

Fa'atonuina vave

Faiga Fa'avae a le EPG ma Fa'atino Fa'anatinati

So'o se taimi e fa'afeso'ota'i ai se vaega fa'ai'uga (EPG) i le pule o masini masini (VMM), e mafai e le pule ona filifili le fa'ai'uga ma le fa'atulagaina o mana'oga e fa'ailoa mai ai le taimi e tatau ai ona tuleia se faiga fa'avae i suiga o lau.

Fa'ai'uga vave

mua'i saunia: Fa'amaoti mai o se faiga fa'avae (mo fa'ata'ita'igaample, VLAN, VXLAN fusifusia, konekarate, poʻo filiga) e sii mai i luga o le laiga ki aʻo leʻi faʻapipiʻiina se VM pule i le ki faʻaoga (mo ex.ample, VMware vSphere Distributed Switch (VDS). O le mea lea e mua'i tu'uina atu le fa'atulagaga i le ki.

E fesoasoani lea i le tulaga o loʻo faʻaogaina ai e le pulega o fefaʻatauaiga mo hypervisors / VM controllers le ki faʻaogaina e fesoʻotaʻi ma le Cisco Application Policy Infrastructure Controller (APIC) VMM domain (VMM switch).
O le tuʻuina atu o se faiga faʻavae VMM e pei o le VLAN i luga o le Cisco Application Centric Infrastructure (ACI) laʻau sui e manaʻomia ai Cisco APIC e aoina faʻamatalaga CDP / LLDP mai hypervisors uma e ala i le VM pule ma Cisco ACI laʻau ki. Ae peitaʻi, afai e tatau ona faʻaogaina e le VM le faʻaogaina o le VMM policy (VMM switch) e fesoʻotaʻi ma ana hypervisors poʻo Cisco APIC, o le CDP / LLDP faʻamatalaga mo hypervisors e le mafai ona aoina ona o le faiga faʻavae e manaʻomia mo le VM controller / hypervisor. e le'i fa'atinoina le pulega o felauaiga.
Pe a faʻaaogaina vave tuʻuina atu, o loʻo sii mai le faiga faʻavae i le Cisco ACI leaf switch e tusa lava po o le a

CDP/LLDP pitonuu. E tusa lava pe leai se hypervisor host e fesoʻotaʻi i le VMM ki.
Vave: Fa'ailoa mai o faiga fa'avae a le EPG (e aofia ai konekarate ma filiga) e la'u mai i le komipiuta fa'afeso'ota'i lau la'au i luga ole laiga fa'apipi'i ESXi ile DVS. LLDP po'o OpFlex fa'atagaga o lo'o fa'aogaina e fo'ia ai le pule o le VM e fa'apipi'i ai node lau.
O le a la'uina i lalo le faiga fa'avae i Leaf pe a e fa'aopoopoina se tagata talimalo i le ki VMM. CDP/LLDP tuaoi mai le talimalo i laulaau e manaʻomia.

I luga ole mana'oga: Fa'amaoti mai o se faiga fa'avae (mo fa'ata'ita'igaample, VLAN, VXLAN fusifusia, konekarate, poʻo filiga) e tuleia i le node laulaʻau pe a faʻapipiʻi se ESXi host i se DVS ma tuʻu se VM i le vaega uafu (EPG).
O le a la'u mai le faiga fa'avae i le laupe'a pe a fa'aopoopo le tagata talimalo i le ki VMM. O le VM e manaʻomia ona tuʻuina i totonu o se vaega o le taulaga (EPG). CDP/LLDP tuaoi mai le talimalo i laulaau e manaʻomia. Faatasi ai ma le vave ma luga ole manaoga, afai e leiloa e le talimalo ma lau laulaau le tuaoi LLDP/CDP e aveese faiga faavae.

Manatua

I vaega VMM fa'avae OpFlex, o se sui o le OpFlex i luga o le hypervisor e lipotia se VM/EP virtual network interface card (vNIC) fa'apipi'i i se EPG i le la'au OpFlex process.
A fa'aogaina le On Demand Resolution Immediacy, o le EPG VLAN/VXLAN o lo'o fa'apolokalameina i luga ole la'au uafu ports ports, virtual port channel ports, po'o mea uma e lua pe a moni mea nei:
- E feso'ota'i le Hypervisors i laula'au i luga o le port channel po'o le virtual port channel o lo'o fa'apipi'i sa'o po'o le sui o lau.
- O se VM poʻo se faʻataʻitaʻiga vNIC o loʻo faʻapipiʻi i se EPG.
- O lo'o fa'apipi'iina Hypervisors o se vaega o le EPG po'o le VMM domain.
O vaega VMM fa'avae Opflex o Microsoft Security Center Virtual Machine Manager (SCVMM) ma HyperV, ma Cisco Application Virtual Switch (AVS).

Fa'atonuina vave

O le taimi lava e la'u mai ai faiga fa'avae ile polokalame lau'au, fa'apipi'i fa'atopetope e mafai ona fa'ama'oti mai le taimi e tuleia ai le faiga fa'avae i totonu ole fa'atonuga fa'apolokalame fa'apolokalame-addressable memory (CAM).
Vave: Fa'ailoa mai o le faiga fa'avae o lo'o fa'apolokalameina i le hardware policy CAM i le taimi lava e la'u mai ai le faiga fa'avae i le la'au polokalama.
I luga ole mana'oga: Fa'amaoti mai o le faiga fa'avae e fa'apolokalameina i totonu o le hardware policy CAM na'o le taimi e maua ai le pepa muamua i le ala fa'amatalaga. O lenei faiga e fesoasoani e faʻamalieina le avanoa o meafaigaluega.

Manatua

A e fa'aogaina fa'atotonuga fa'apipi'i fa'atasi ma VPC fa'apipi'i MAC, e le tuleia konekarate EPG i le la'au fa'asologa o mea e mafai ona fa'afeso'ota'i (TCAM) se'ia a'oa'oina le pito muamua i le EPG i laulaau ta'itasi.
O lenei mea e mafai ona mafua ai le fa'aogaina o le TCAM i isi VPC. (E masani lava, o le konekarate o le a tuleia i tupulaga uma e lua.)

Taiala mo le tapeina o VMM Domains

Mulimuli i le faʻasologa o loʻo i lalo e faʻamautinoa ai o le talosaga APIC e tape se VMM domain e otometi ona faʻaosoina le VM pule (mo example VMware vCenter poʻo Microsoft SCVMM) e faʻamaeʻa le faʻagasologa masani ma e leai se EPG matuaoti e paʻulia i le ie ACI.

E tatau i le pule o le VM ona aveese uma VM mai vaega o taulaga (i le tulaga o VMware vCenter) poʻo fesoʻotaʻiga VM (i le tulaga o SCVMM), na faia e le APIC. I le tulaga o Cisco AVS, e manaʻomia foi e le VM admin le tapeina o fesoʻotaʻiga VMK e fesoʻotaʻi ma le Cisco AVS.
E tape e le pule o le ACI le VMM domain i le APIC. O le APIC e faʻaosoina le tapeina o le VMware VDS Cisco AVS poʻo le SCVMM suiga talafeagai ma mea e fesoʻotaʻi.

Manatua

E le tatau i le pule o le VM ona tapeina le suiga faʻapitoa poʻo mea e fesoʻotaʻi (e pei o vaega o taulaga poʻo fesoʻotaʻiga VM); fa'ataga le APIC e fa'aosoina le tapeina o ki fa'amalama pe a mae'a le la'asaga 2 i luga. E mafai ona matuaoti le EPG i le APIC pe afai e tape e le pule o le VM le ki mai le VM pule aʻo leʻi tapeina le VMM domain i le APIC. Afai e le mulimulita'ia lenei fa'asologa, e tapeina e le pule VM le ki fa'apitoa e feso'ota'i ma le APIC VMM domain. I lenei fa'aaliga, e tatau i le pule o le VM ona aveese ma le lima le VM ma le vtep associations mai le VM controller, ona tape lea o le kilia (es) sa feso'ota'i muamua ma le APIC VMM domain.

NetFlow fa'atasi ai ma feso'ota'iga masini masini

E uiga i le NetFlow ma le Virtual Machine Networking

Ole tekinolosi NetFlow e maua ai le faʻavae mo se seti autu o talosaga, e aofia ai faʻamatalaga o fefaʻatauaiga o fesoʻotaʻiga, faʻaogaina o fesoʻotaʻiga faʻaogaina, fuafuaga o fesoʻotaiga, faʻapea foʻi ma le faʻafitia o le mataʻituina o auaunaga, mataʻituina o fesoʻotaiga, maketi i fafo, ma faʻamatalaga faʻamatalaga mo kamupani uma e lua. tagata fa'atau pisinisi.
Cisco e tuʻuina atu se seti o NetFlow talosaga e aoina ai NetFlow faʻamatalaga faʻatau atu, faʻatino le faʻaititia o le tele o faʻamaumauga, faʻatinoina le faʻagasologa, ma tuʻuina atu talosaga faʻauʻu e faigofie ona maua faʻamaumauga NetFlow.
Afai ua e mafaia e NetFlow le mataituina o feoaiga o loʻo tafe atu i au nofoaga autu o faʻamatalaga, o lenei vaega e mafai ai ona e faia le tulaga tutusa o le mataʻituina o feoaiga o loʻo tafe mai i le Cisco Application Centric Infrastructure (Cisco ACI) fabric.
Nai lo meafaigaluega e auina atu sa'o fa'amaumauga i le aoina, o fa'amaumauga o lo'o fa'agaioia i le masini supavaisa ma fa'atau atu i le NetFlow collectors masani i le faatulagaga mana'omia. Mo nisi faʻamatalaga e uiga i NetFlow, vaʻai i le Cisco APIC ma NetFlow faʻavae malamalama tusiga.

E uiga ile NetFlow Exporter Policy ma Virtual Machine Networking

O se faiga fa'avae mo le fa'atauina atu o masini masini (netflowVmmExporterPol) o lo'o fa'amatalaina ai fa'amatalaga e uiga i fa'amaumauga na aoina mo se tafega e lafo i le fa'aumau lipoti po'o le NetFlow collector. Ole NetFlow collector ose fa'alapotopotoga i fafo e lagolagoina le NetFlow protocol ma talia fa'ailoga ua fa'ailogaina i ulutala NetFlow talafeagai.
O se faiga fa'atau oloa e iai meatotino nei:

VmmExporterPol.dstAddr—O lenei meatotino fa'atulafonoina o lo'o fa'amaoti mai ai le IPv4 po'o le IPv6 tuatusi o le NetFlow collector e talia le NetFlow flow packets. E tatau ona i ai i le faatulagaga talimalo (o lona uiga, "/32" poʻo le "/128"). E lagolagoina se tuatusi IPv6 ile vSphere Distributed Switch (vDS) version 6.0 ma mulimuli ane.
VmmExporterPol.dstPort—O lenei meatotino fa'atulafonoina o lo'o fa'amaoti mai ai le taulaga o lo'o fa'alogo ai le NetFlow collector application, lea e mafai ai e le tagata aoina ona talia feso'ota'iga o'o mai.
VmmExporterPol.srcAddr—O lenei meatotino e fa'atonuina e fa'amaoti mai ai le tuatusi IPv4 o lo'o fa'aogaina e avea ma tuatusi fa'apogai i totonu o fa'aulu atu i fafo NetFlow fa'amama taga.

Lagolago NetFlow ma le VMware vSphere Distributed Switch

Ole VMware vSphere Distributed Switch (VDS) e lagolagoina NetFlow ma faʻamaumauga nei:

O le aoina mai fafo e tatau ona o'o atu ile ESX. E le lagolagoina e le ESX le fa'aogaina o auala ma fa'asalalauga (VRF).
E mafai e se vaega uafu ona fa'agaoioia pe tape le NetFlow.
E le lagolagoina e le VDS le fa'amama fa'asolo.

Fa'atulaga vaega VDS nei ile VMware vCenter:

tuatusi IP ma le taulaga. IPv6 o lo'o lagolagoina ile VDS version 6.0 pe mulimuli ane. O nei mea e fa'atulafonoina.
tuatusi IP puna. O le filifiliga lea.
Taimi fa'agaoioiga fa'agasolo, fa'agasolo taimi fa'agasolo, ma le sampfua faatatau. O nei mea e filifili.

Fa'atulagaina o le NetFlow Exporter Policy mo VM Networking Fa'aaoga le GUI
O le fa'agasologa o lo'o mulimuli mai e fa'apipi'i ai se faiga fa'atau atu a le NetFlow mo feso'ota'iga VM.

Taualumaga

Laa 1 I luga o le lisi lisi, filifili Ie> Avanoa Faiga Faʻavae.
Laa 2 I le fa'ailoga fa'asaga, fa'alautele Policies > Interface > NetFlow.
Laa 3 Kiliki-matau NetFlow Exporters mo VM Networking ma filifili Fausia NetFlow Exporter mo VM Networking.
Laa 4 I le Fausia NetFlow Exporter mo le VM Networking dialogue box, faʻatumu fanua pe a manaʻomia.
Laa 5 Kiliki Auina atu.

Fa'aaogaina o le NetFlow Exporter Policy I lalo ole VMM Domain Fa'aaogā le GUI

O le fa'agasologa o lo'o mulimuli mai e fa'aaogaina ai le NetFlow fa'atau oloa i lalo ole VMM fa'aoga ile GUI.

Taualumaga

Laasaga 1 I luga o le lisi lisi, filifili Virtual Networking> Inventory.
Laasaga 2 I totonu o le Navigation pane, faʻalautele le VMMDomains folder, kiliki-saʻo VMware, ma filifili Create Center Domain.
Laasaga 3 I totonu o le Create vCenter Domain dialog box, fa'atumu fanua pe a mana'omia, se'i vagana ua fa'amaonia:
- a) I le NetFlow Exporter Policy drop-down list, filifili le faiga fa'atau oloa e mana'omia pe fai se mea fou.
- b) I totonu o le Taimi Taimi Fa'agaoioiga, fa'aofi le taimi fa'agasolo e mana'omia, i sekone. O le fa'asologa o le Taimi Fa'ato'aga Fa'agaoioi e fa'amaoti mai ai le tuai o fa'atali NetFlow pe a mae'a ona amata le tafega, a mae'a ona tu'uina atu lea e NetFlow fa'amaumauga ua aoina. Ole laina ole 60 ile 3600. O le tau fa'aletonu ole 60.
- c) I totonu o le fanua o le Taimi Fa'aletonu, fa'aoga le taimi fa'agasolo e mana'omia, i sekone. O le Idle Flow Timeout parameter o loʻo faʻamaoti mai ai le tuai o NetFlow e faʻatali pe a maeʻa le tafega, a maeʻa ona tuʻuina atu e NetFlow faʻamaumauga aoina. Ole laina ole 10 ile 300. ole tau fa'aletonu ole 15.
- d) (VDS na'o) I le Sampling Fuafua fanua, ulufale i le s e mana'omiaampfua faatatau. O le Sampling Fuafua fa'atatau e fa'amaoti mai pe fia le aofa'i o pa'u NetFlow o le a pa'u pe a uma ona aoina mai pepa uma. Afai e te faʻamaonia se tau o le 0, ona le tuʻuina lea e NetFlow ni afifi. Ole laina ole 0 ile 1000. Ole tau fa'aletonu ole 0.
Laasaga 4 Kiliki Auina atu.

Fa'aagaoioi le NetFlow i luga o le Endpoint Group i le VMM Domain Association Fa'aaoga le GUI

O le fa'agasologa o lo'o mulimuli mai e mafai ai e NetFlow i luga o se vaega fa'ai'uga i le VMM fa'alapotopotoga.
Ae e te le'i amataina
Atonu na e fa'atulagaina mea nei:

O se talosaga profile
Se vaega fa'ai'uga talosaga

Taualumaga

Laa 1 I luga o le lisi lisi, filifili mautotogi> mautotogi uma.
Laa 2 I le vaega o Galuega, kiliki faalua le igoa o le tagata mautotogi.
Laa 3 I le itu agavale navigation pane, fa'alautele tenant_name > Application Profiles > application_profile_igoa > Application EPGs > application_EPG_name
Laa 4 Kiliki taumatau Domains (VMs ma Bare-Metals) ma filifili Fa'aopoopo VMM Domain Association.
Laa 5 I le Add VMM Domain Association dialog box, faʻatumu fanua pe a manaʻomia; ae ui i lea, i le NetFlow eria, filifili Enable.
Laa 6 Kiliki Auina atu.

Fa'afitauli VMM Feso'ota'i

Ole fa'agasologa o lo'o mulimuli mai e fo'ia ai fa'afitauli feso'ota'iga VMM:

Taualumaga

Laasaga 1 Fa'aoso le toe fa'aopoopoina o fa'amaumauga i luga o le Pule Fa'atonu Fa'atonu (APIC). Mo nisi faʻamatalaga e uiga i le faʻafefea ona faʻaosoina se suʻesuʻega resync ile APIC, vaʻai i le tala faʻavae malamalama lea:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_VMM_OnDemand_Inventory_in_APIC.html.
Laasaga 2 Afai e le fo'ia e le Laasaga 1 le fa'afitauli, mo EPG ua a'afia, fa'atulaga vave le fa'ai'uga e fa'aoga le tu'uina atu i le VMM. O le “Pre-Provision” e aveesea ai le mana'omia mo tuaoi tuaoi po'o fa'atagaga OpFlex ma mulimuli ane ai le natura malosi ole VMM Domain VLAN Polokalama. Mo nisi fa'amatalaga e uiga i ituaiga Resolution Immediacy, va'ai le vaega o lo'o i lalo ole EPG Policy Resolution and Deployment Immediacy vaega:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals_chapter_01011.html#concept_EF87ADDAD4EF47BDA741EC6EFDAECBBD.
Laasaga 3 Afai e le faʻaleleia e Laasaga 1 ma le 2 le faʻafitauli ma e te vaʻai i le mataupu i luga o VM uma, ona tape lea o le VM controller policy ma faitau le faiga faʻavae.
Manatua O le tapeina o le tulafono fa'atonutonu e a'afia ai feoaiga mo VM uma o lo'o i luga ole pule. Cisco ACI Virtual Machine Networking.

Pepa / Punaoa

CISCO ACI Virtual Machine Networking [pdf] Taiala mo Tagata Fa'aoga
ACI Virtual Machine Networking, ACI, Virtual Machine Networking, Machine Networking, Networking

Fa'asinomaga

Tusi Taiala

CISCO ACI Virtual Machine Networking

Fa'amatalaga o oloa

Fa'atonuga o le Fa'aaogaina o Mea

Fesootaiga Lagolago

Fa'afanua Cisco ACI ma VMware Fausia

VMM Domain EPG Asosi

E uiga i Trunk Port Group

Attachable Entity Profile

Fa'atonuina vave

NetFlow fa'atasi ai ma feso'ota'iga masini masini

Pepa / Punaoa

Fa'asinomaga

Tuu se faamatalaga

Fa'aleaogaina le tali