CISCO ACI Virtual Machine Networking User Guide

Zviri mukati hide

1 CISCO ACI Virtual Machine Networking

2 Product Information

3 Mirayiridzo Yekushandiswa Kwechigadzirwa

4 Networking Support

5 Mepu Cisco ACI uye VMware Inovaka

6 VMM Domain EPG Association

7 Nezve Trunk Port Group

8 Attachable Entity Profile

9 Deployment Immediacy

10 NetFlow ine Virtual Machine Networking

11 Zvinyorwa / Zvishandiso

11.1 References

CISCO ACI Virtual Machine Networking

Product Information

Zvinodiwa:
- Zvinotsigirwa Zvigadzirwa uye Vatengesi: Cisco ACI inotsigira chaiwo mamaneja emuchina (VMMs) kubva kune akasiyana zvigadzirwa uye vatengesi. Tarisa kuCisco ACI Virtualization Compatibility Matrix kune yazvino runyorwa rwezvakasimbiswa zvinodyidzana zvigadzirwa.

Mirayiridzo Yekushandiswa Kwechigadzirwa

Mepu Cisco ACI uye VMware Inovaka: Cisco Application Centric Infrastructure (ACI) uye VMware vanoshandisa mazwi akasiyana kutsanangura zvakafanana zvivakwa. Iyi tafura inotevera inopa mepu yeCisco ACI uye VMware temu ine chekuita neVMware vSphere Distributed Switch (VDS).

Cisco ACI Terms	VMware Terms
Endpoint group (EPG)	Portgroup, portgroup
LACP Active	LACP Passive
MAC Pinning	MAC Pinning-Physical-NIC-Load
Static Channel - Mode ON	Virtual Machine Maneja (VMM) domain VDS
VM controller	vCenter (Datacenter)

Virtual Machine Maneja Domain Main Zvikamu:
- ACI jira rekuona muchina maneja (VMM) madomasi anobvumira maneja kuti agadzirise ekubatanidza marongero evanotonga muchina. Izvo zvakakosha zvikamu zve ACI VMM domain policy zvinosanganisira:
- Virtual Machine Maneja (VMM) domain
- VM controller
- vCenter (Datacenter)
- Cherechedza: Imwe chete VMM domain inogona kuve neakawanda zviitiko zveVM controller, asi ivo vanofanirwa kubva kune mumwe chete mutengesi (semuenzaniso, VMware kana Microsoft).
Virtual Machine Maneja Domains:
- An APIC VMM domain profile ipolicy inotsanangura VMM domain. Iyo VMM domain policy inogadzirwa muAPIC uye inosundirwa mukati memashizha switch. VMM domains inopa zvinotevera:
VMM Domain VLAN Pool Association
- VLAN madziva anomiririra zvivharo zvetraffic VLAN identifiers. Dziva reVLAN chinhu chakagovaniswa uye chinogona kudyiwa nemadomasi akawanda seVMM domains uye Layer 4 kune Layer 7 masevhisi.
- Iyo VMM domain inogona kubatanidzwa neiyo chete ine simba VLAN dziva.
- Nekutadza, VLAN identifiers inopihwa zvine simba kuEPGs yakabatana neVMM domains neCisco APIC.
- Nekudaro, maneja anogona kugovera VLAN identifier kune endpoint group (EPG) pachinzvimbo.
- Mumamiriro ezvinhu akadaro, zviziviso zvinoshandiswa zvinofanirwa kusarudzwa kubva kune encapsulation blocks mudziva reVLAN rakabatana neVMM domain, uye rudzi rwavo rwekugovera runofanira kushandurwa kuita static.
- Iyo Cisco APIC inopa VMM domain VLAN pane mashizha madoko zvichienderana nezviitiko zveEPG, ingave yakasungirirwa pamashizha madoko kana zvichibva pazviitiko zveVM kubva kuvatongi vakaita seVMware vCenter kana Microsoft SCVMM.
- Cherechedza: Mumadziva eVLAN ane simba, kana VLAN ikaparadzaniswa kubva kuEPG, inozobatana neEPG mushure memaminitsi mashanu.
- Dynamic VLAN kushamwaridzana haisi chikamu chekumisikidza kudzoreredza, zvichireva kuti kana EPG kana muroja akatanga kubviswa ndokuzodzoserwa kubva kubhegi, VLAN nyowani inozopihwa otomatiki kubva kumadziva eVLAN ane simba.

FAQ:
- Q: Ndezvipi zvigadzirwa uye vatengesi vanotsigirwa neCisco ACI?
- A: Cisco ACI inotsigira chaiwo mamaneja emuchina (VMMs) kubva kune akasiyana zvigadzirwa uye vatengesi. Ndokumbira utarise kuCisco ACI Virtualization Compatibility Matrix kune yazvino runyorwa rwezvakasimbiswa zvinodyidzana zvigadzirwa.
- Q: Ndinogona here kugovera chiziviso cheVLAN kune EPG pachinzvimbo chekuchipa zvine simba?
- A: Ehe, iwe unogona kugovera zvakatarwa chiziviso cheVLAN kuboka rekupedzisira (EPG) rakabatana neVMM domain. Nekudaro, iyo identifier inofanirwa kusarudzwa kubva kune encapsulation blocks mudziva reVLAN rakabatana neVMM domain, uye rudzi rwekugovera runofanira kushandurwa kuita static.
- Q: Chii chinoitika kana VLAN ikaparadzaniswa kubva kuEPG mune ine simba VLAN dziva?
- A: Kana VLAN ikaparadzaniswa kubva kuEPG mune ine simba VLAN dziva, inozozvibatanidza neEPG mushure memaminitsi mashanu.
- Q: Is dynamic VLAN association chikamu chekugadzirisa rollback?
- A: Aiwa, dynamic VLAN kushamwaridzana haisi chikamu chekugadzirisa rollback. Kana EPG kana muroja akatanga kubviswa ndokuzodzoserwa kubva kubhegi, VLAN itsva inozopihwa otomatiki kubva kumadziva eVLAN ane simba.

Chitsauko ichi chine zvikamu zvinotevera:

• Cisco ACI VM Networking Support yeVirtual Machine Managers, papeji 1
• Kugadzira Cisco ACI neVMware Constructs, papeji 2
• Virtual Machine Maneja Domain Main Zvikamu, papeji 3
• Virtual Machine Manager Domains, papeji 4
• VMM Domain VLAN Pool Association, papeji 4
• VMM Domain EPG Association, papeji 5
• NezveTrunk Port Group, papeji 7
• Inosungirirwa Entity Profile, papeji 8
• EPG Policy Resolution uye Deployment Immediacy, papeji 9
• Mazano eKudzima VMM Domains, papeji 10
• NetFlow ine Virtual Machine Networking, papeji 11
• Kugadzirisa VMM Kubatana, papeji 13

Networking Support

Cisco ACI VM Networking Tsigiro yeVirtual Machine Mamaneja

Benefits ye ACI VM Networking

Cisco Application Centric Infrastructure (ACI) virtual muchina (VM) networking inotsigira hypervisors kubva kune vakawanda vatengesi.
Inopa iyo hypervisor's programmable uye otomatiki yekuwana kune yakakwirira-inoshanda scalable virtualized data center zvivakwa.
Programmability uye otomatiki zvinhu zvakakosha zve scalable data center virtualization infrastructure.
Iyo Cisco ACI yakavhurika REST API inogonesa chaiyo muchina kubatanidzwa pamwe uye orchestration yepolicy modhi-yakavakirwa Cisco ACI jira.
Cisco ACI VM networking inogonesa kutevedzwa kwemitemo kune ese ari maviri uye emuviri mitoro yebasa inotungamirwa nema hypervisors kubva kune akawanda vatengesi.
Attachable entity profiles inogonesa nyore VM kufamba uye kuiswa kwemabasa akawandisa chero kupi muCisco ACI jira.
Iyo Cisco Application Policy Infrastructure Controller (APIC) inopa centralized troubleshooting, application health score, uye virtualization monitoring.
Cisco ACI yakawanda-hypervisor VM otomatiki inoderedza kana kubvisa manyorerwo ekugadzirisa uye zvikanganiso zvemanyorero. Izvi zvinogonesa virtualized data centers kutsigira nhamba huru dzeVM zvakavimbika uye zvinodhura-zvinobudirira.

Zvinotsigirwa Zvigadzirwa uye Vatengesi

Cisco ACI inotsigira chaiwo mamaneja emuchina (VMMs) kubva kune zvinotevera zvigadzirwa uye vatengesi:
Cisco Unified Computing System Manager (UCSM)
Kubatanidzwa kwe Cisco UCSM inotsigirwa kutanga muCisco Cisco APIC Release 4.1 (1). Kuti uwane ruzivo, ona chitsauko "Cisco ACI neCisco UCSM Kubatanidzwa muCisco ACI Virtualization Guide, Release 4.1(1).

Cisco Application Centric Infrastructure (ACI) Virtual Pod (iPod)

Cisco ACI vPod iri kuwanikwa kazhinji kutanga muCisco APIC Release 4.0(2). Kuti uwane ruzivo, ona iyo Cisco ACI vPod zvinyorwa pa Cisco.com.

Cloud Foundry

Cloud Foundry kubatanidzwa neCisco ACI inotsigirwa kutanga neCisco APIC Release 3.1(2). Kuti uwane ruzivo, ona chinyorwa cheruzivo, Cisco ACI uye Cloud Yakawanikwa Kubatanidzwa pa Cisco.com.

Kubernetes

Kuti uwane ruzivo, ona chinyorwa chekutanga cheruzivo, Cisco ACI uye Kubernetes Kubatanidzwa on Cisco.com.

Microsoft System Center Virtual Machine Maneja (SCVMM)

Kuti uwane ruzivo, ona zvitsauko "Cisco ACI ine Microsoft SCVMM" uye "Cisco ACI ine Microsoft Windows Azure Pack" mu Cisco ACI Virtualization Guide on Cisco.com.

OpenShift

Kuti uwane ruzivo, ona iyo OpenShift zvinyorwa. on Cisco.com.

OpenStack

Kuti uwane ruzivo, ona iyo OpenStack zvinyorwa on Cisco.com.

Red Hat Virtualization (RHV)

Kuti uwane ruzivo, ona chinyorwa chekutanga cheruzivo, Cisco ACI uye Red Hat Kubatanidzwa. on Cisco.com.

VMware Virtual Distributed Switch (VDS)

Kuti uwane ruzivo, ona chitsauko "Cisco "ACI ine VMware VDS Integration" mu Cisco ACI Virtualization Guide.
Onai Cisco ACI Virtualization Compatibility Matrix. kune yazvino runyorwa rwezvakasimbiswa kudyidzana zvigadzirwa.

Mepu Cisco ACI uye VMware Inovaka

Cisco Application Centric Infrastructure (ACI) uye VMware vanoshandisa mazwi akasiyana kutsanangura zvakafanana zvivakwa. Ichi chikamu chinopa tafura yekugadzira mepu yeCisco ACI neVMware mazwi; ruzivo rwakakosha kune VMware vSphere Distributed Switch (VDS).

Cisco ACI Terms	VMware Terms
Endpoint group (EPG)	Portgroup, portgroup

Cisco ACI Terms	VMware Terms
LACP Active	• Nzira yakavakirwa paIP hashi (downlink port group) • LACP Yakabatidzwa/Inoshanda (uplink port group)
LACP Passive	• Nzira yakavakirwa paIP hashi (downlink port group) • LACP Yakabatidzwa/Inoshanda (uplink port group)
MAC Pinning	• Nzira yakavakirwa pamavambo chaiwo echiteshi • LACP Yakaremara
MAC Pinning-Physical-NIC-Load	• Nzira yakavakirwa pamutoro weNIC • LACP Yakaremara
Static Channel - Mode ON	• Nzira yakavakirwa paIP Hash (downlink port group) • LACP Yakaremara
Virtual Machine Maneja (VMM) domain	VDS
VM controller	vCenter (Datacenter)

Virtual Machine Maneja Domain Main Zvikamu

ACI jira virtual muchina maneja (VMM) madomasi anogonesa maneja kugadzirisa marongero ekubatanidza kune chaiwo madhiraivha emuchina. Izvo zvakakosha zveiyo ACI VMM domain policy zvinosanganisira zvinotevera:

Virtual Machine Maneja Domain Profile—Mapoka VM controllers ane zvakafanana networking policy zvinodiwa. For example, VM controllers vanogona kugovera VLAN madziva uye application endpoint mapoka (EPGs). Iyo APIC inotaurirana nemutongi kuti ibudise magadzirirwo etiweki senge mapoka echiteshi anozoiswa kune chaiwo mabasa. Iyo VMM domain profile inosanganisira zvinotevera zvakakosha zvikamu:
Credential-Inobatanidza iyo inoshanda VM controller user credential neAPIC VMM domain.
Controller-Inotsanangura nzira yekubatanidza kune VM controller iyo iri chikamu cheiyo mutemo inoteedzera domain.

For example, mutongi anotsanangura chinongedzo kuVMware vCenter icho chiri chikamu cheVMM domain.

Cherechedza

Imwe chete VMM domain inogona kuve neakawanda zviitiko zveVM controllers, asi ivo vanofanirwa kubva kune mumwe chete mutengesi (yeex.ample, kubva kuVMware kana kubva kuMicrosoft.

EPG Association-Mapoka ekugumisira anotonga kubatana uye kuoneka pakati pemagumo mukati mechikamu cheiyo VMM domain policy. VMM domain EPGs inoita sezvizvi: Iyo APIC inosundira maEPG aya semapoka echiteshi kupinda muVM controller. EPG inogona kutenderera akawanda maVMM domains, uye VMM domain inogona kuve neakawanda EPGs.
Attachable Entity Profile Sangano—Inoshamwaridzana neVMM domain neyemuviri network network. An attachable entity profile (AEP) inetiweki interface template inogonesa kuendesa VM controller marongero pane yakakura seti yeshizha switch ports. An AEP inotsanangura kuti ndedzipi switch uye madoko aripo, uye kuti akagadziridzwa sei.
VLANPool Association—A VLAN dziva rinotsanangudza maVLAN ID kana masanji anoshandiswa kuVLAN encapsulation inodyiwa neVMM domain.

Virtual Machine Maneja Domains

An APIC VMM domain profile ipolicy inotsanangura VMM domain. Iyo VMM domain policy inogadzirwa muAPIC uye inosundirwa mukati memashizha switch.

VMM domains inopa zvinotevera:

Iyo yakajairika dhizaini mumucheka weACI inogonesa scalable kukanganisa-kushivirira rutsigiro kune akawanda VM controller mapuratifomu.
VMM rutsigiro kune akawanda maroja mukati meiyo ACI jira. VMM domains ine VM controllers seVMware vCenter kana Microsoft SCVMM Maneja uye humbowo (s) hunodiwa kuti ACI API ibatane neVM controller.
A VMM domain inogonesa VMmobility mukati medura asi kwete munzvimbo dzese.

Imwe chete VMM domain inogona kunge iine akati wandei maVM controller asi iwo anofanirwa kunge akafanana.
For exampuye, nzvimbo yeVMM inogona kuva neVMware vCenters yakawanda inotonga vatongi vakawanda imwe neimwe inoshandisa maVM akawanda asi inogona kunge isinawo SCVMM Mamaneja.
Iyo VMM domain inventories controller zvinhu (senge pNICs, vNICs, VM mazita, uye zvichingodaro) uye inosundira marongero mukutonga (s), kugadzira mapoka echiteshi, uye zvimwe zvinodiwa.

Iyo ACI VMM domain inoteerera kune controller zviitiko senge VM kufamba uye inopindura zvinoenderana.

VMM Domain VLAN Pool Association

VLAN madziva anomiririra zvivharo zvetraffic VLAN identifiers. Dziva reVLAN chinhu chakagovaniswa uye chinogona kudyiwa nemadomasi akawanda seVMM domains uye Layer 4 kune Layer 7 masevhisi.

Dziva rega rega rine mhando yekugovera (static kana dynamic), inotsanangurwa panguva yekusikwa kwayo.
Mhando yekugovera inosarudza kana zviziviso zvirimo zvichashandiswa otomatiki kugoverwa neCisco APIC (dynamic) kana kuisirwa zvakajeka nemutungamiriri (static).
Nekusagadzika, zvidhinha zvese zviri mukati medziva reVLAN zvine mhando yekugovera yakafanana nedziva asi vashandisi vanogona kushandura rudzi rwekugoverwa kwezvivharo zve encapsulation zviri mumadziva ane simba kuita static. Kuita izvi kunovabvisa kubva kune dynamic allocation.

Iyo VMM domain inogona kubatanidzwa neiyo chete ine simba VLAN dziva.
Nekutadza, kupihwa kweVLAN identifiers kune EPGs inosanganiswa neVMM domains inoitwa zvine simba neCisco APIC.
Nepo dhizaini yekugovera iri iyo yekusarudzika uye inosarudzika gadziriso, maneja anogona kugadzika chiziviso cheVLAN kuboka rekupedzisira (EPG) pachinzvimbo.

Muchiitiko ichocho, zviziviso zvinoshandiswa zvinofanirwa kusarudzwa kubva kune encapsulation blocks mudziva reVLAN rakabatana neVMM domain, uye mhando yavo yekugovera inofanirwa kuchinjwa kuita static.
Iyo Cisco APIC inopa VMM domain VLAN pane mashizha madoko zvichienderana nezviitiko zveEPG, ingave inosunga pamashizha emashizha kana zvichibva pazviitiko zveVM kubva kuvatongi vakaita seVMware vCenter kana Microsoft SCVMM.

Cherechedza

Mumadziva eVLAN ane simba, kana VLAN ikaparadzaniswa kubva kuEPG, inobatanidzwa zvakare neEPG mumaminetsi mashanu.

Cherechedza

Dynamic VLAN kushamwaridzana haisi chikamu chekumisikidza kudzoreredza, ndiko kuti, kana EPG kana muroja akatanga kubviswa obva adzoreredzwa kubva kubheji, VLAN nyowani inongopihwa otomatiki kubva kumadziva eVLAN ane simba.

VMM Domain EPG Association

Iyo Cisco Application Centric Infrastructure (ACI) jira rinobatanidza roja application profile endpoint mapoka (EPGs) kune chaiwo muchina maneja (VMM) madomasi, Iyo Cisco ACI inozviita otomatiki nechikamu che orchestration seMicrosoft Azure, kana neCisco Application Policy Infrastructure Controller (APIC) maneja achigadzira masisitimu akadaro. EPG inogona kutenderera akawanda maVMM domains, uye VMM domain inogona kuve neakawanda EPGs.

Mumufananidzo wapfuura, magumo (EPs) emavara akafanana chikamu cheEPG imwechete. For exampuye, ese maEPs akasvibira ari muEPG imwechete kunyangwe ari mumadomasi maviri akasiyana eVMM. Ona yazvino Verified Scalability Guide yeCisco ACI yevirtual network uye VMM domain EPG ruzivo rwehuwandu.

Cherechedza

Multiple VMM domains anogona kubatana kune imwechete shizha switch kana isina anopindirana VLAN madziva pachiteshi chimwe chete.

Saizvozvo, iwe unogona kushandisa iwo madhiri eVLAN mumatunhu akasiyana kana asingashandisi chiteshi chimwe chete cheshizha switch.

EPGs inogona kushandisa akawanda maVMM domains nenzira dzinotevera:

EPG mukati meVMM domain inotaridzwa nekushandisa encapsulation identifier. Cisco APIC inogona kubata iyo identifier otomatiki, kana maneja anogona kuisarudza. An example is a VLAN, ari Virtual Network ID (VNID).

EPG inogona kumepu kune akawanda mafizikisi (yeisina simbi maseva) kana chaiwo madomasi. Inogona kushandisa akasiyana VLAN kana VNID encapsulations mune yega yega domain.

Cherechedza

Nekutadza, iyo Cisco APIC inobata zvine simba kugoverwa kweVLAN yeEPG.

VMware DVS vatariri vane sarudzo yekugadzirisa chaiyo VLAN yeEPG.
Muchiitiko ichocho, iyo VLAN inosarudzwa kubva kune static allocation block mukati medziva inobatanidzwa neVMM domain.
Zvishandiso zvinogona kuiswa munzvimbo dzese dzeVMM.

Nepo kutama kwepamoyo kweVM mukati meVMM domain kunotsigirwa, kutama mhenyu kweVMs kuyambuka VMM domain hakutsigirwe.

Cherechedza

Paunoshandura iyo VRF pane bhiriji domain yakabatana neEPG ine yakabatana VMM domain, boka rechiteshi rinobviswa uye rozowedzerwa kumashure pavCenter.

Izvi zvinoita kuti EPG isashandiswe kubva kuVMM domain. Izvi zvinotarisirwa maitiro.

Nezve Trunk Port Group

Iwe unoshandisa trunk port boka kuunganidza traffic ye endpoint mapoka (EPGs) yeVMware virtual muchina maneja (VMM) domains.
Kusiyana nemapoka ezviteshi enguva dzose, ayo akagadziridzwa pasi peTenants tebhu muCisco Application Policy Infrastructure Controller (APIC) GUI, mapoka ezvikepe anogadzirwa pasi peVM Networking tab.

Mapoka ezviteshi enguva dzose anotevera T|A|E mafomati eEPG mazita.
Iko kuunganidzwa kweEPGs pasi penzvimbo imwechete kwakavakirwa paVLAN renji, iyo inotsanangurwa senge encapsulation blocks iri mutrunk port boka.
Pese panoshandurwa encapsulation yeEPG kana kuti encapsulation block ye trunk port group inoshandurwa, kuunganidzwa kunoongororwazve kuti uone kana EGP ichifanirwa kuunganidzwa.

Boka re trunk port rinotonga kutumirwa kwemashizha etiweki zviwanikwa, zvakaita seVLAN, zvakapihwa maEPG ari kuunganidzwa.
Iwo EPGs anosanganisira ese ari maviri base EPG uye microsegmented (uSeg) EPGs. Panyaya yemushandisi EPG, iwo maVLAN mitsara yetrunk port boka inodiwa kuti ibatanidze ese ekutanga uye echipiri maVLAN.

Kuti uwane rumwe ruzivo, ona maitiro anotevera:

Attachable Entity Profile

Iro jira reACI rinopa akawanda ekubatanidza mapoinzi anobatana kuburikidza nemashizha madoko kune akasiyana ekunze ekunze senge asina simbi maseva, chaiwo muchina hypervisors, Layer 2 switch (ye ex.ample, iyo Cisco UCS jira yekubatanidza), kana Layer 3 routers (yeexampuye Cisco Nexus 7000 Series switches). Aya mapoinzi ekunamatira anogona kunge ari enyama madoko, FEX ports, chiteshi chechiteshi, kana chaiyo port chiteshi (vPC) pane mashizha switch.

Cherechedza

Paunenge uchigadzira VPC domain pakati pemashizha maviri anochinja, zvese zvinochinja zvinofanirwa kunge zviri muchizvarwa chimwe chete chekuchinja, chimwe chezvinotevera:

Chizvarwa 1 - Cisco Nexus N9K inochinja isina "EX" kana "FX" pakupera kwezita rekuchinja; zve example, N9K-9312TX
Chizvarwa 2 - Cisco Nexus N9K inochinja ne "EX" kana "FX" pakupera kwezita rekuchinja modhi; zve example, N9K-93108TC-EX

Shanduko dzakadai seidzi mbiri hadzienderane nevezera reVPC. Pane kudaro, shandisa maswichi echizvarwa chimwe chete. An Attachable Entity Profile (AEP) inomiririra boka remasangano ekunze ane zvimiro zvakafanana zvinodiwa. Mitemo yezvivakwa inoumba maratidziro emuviri anogadzirisa nzira dzakasiyana dzeprotocol, seCisco Discovery Protocol (CDP), Link Layer Discovery Protocol (LLDP), kana Link Aggregation Control Protocol (LACP) An AEP inodiwa kuendesa madziva eVLAN pamashizha emashizha. . Encapsulation blocks (uye maVLAN anosanganisirwa) anogona kushandiswazve pamashizha ekuchinja. Iyo AEP inopa pachena chiyero chedziva reVLAN kune zvivakwa zvemuviri. Zvinotevera zvinodiwa neAEP uye zvinovimbika zvinofanirwa kuverengerwa munzvimbo dzakasiyana-siyana dzekugadzirisa, kusanganisira network yekubatanidza, VMM domains, uye akawanda pod kumisikidzwa:

Iyo AEP inotsanangura huwandu hweVLANS inotenderwa asi haina kuvapa. Hapana traffic inoyerera kunze kwekunge EPG yaiswa pachiteshi. Pasina kutsanangura dziva reVLAN muAEP, VLAN haigoneswe pashizha chiteshi kunyangwe EPG ichipihwa.
Imwe VLAN inopihwa kana kugoneswa pachiteshi cheshizha chakavakirwa pazviitiko zveEPG zvingave zvakasungirirwa pashizha chiteshi kana zvichibva pazviitiko zveVM kubva kune vekunze vanodzora seVMware vCenter kana Microsoft Azure Service Center Virtual Machine Manager (SCVMM).
Yakabatanidzwa entity profiles inogona kubatanidzwa zvakananga nemashandisirwo EPGs, ayo anoendesa inosanganisirwa application EPGs kune ese madoko ane hukama neyakasungirirwa entity pro.file. Iyo AEP ine inogadziriswa generic basa (infraGeneric), iyo ine hukama neEPG (infraRsFuncToEpg) iyo inoiswa pane ese mainterface ari chikamu chevanosarudza vanobatana neinosungirirwa entity pro.file.

A virtual muchina maneja (VMM) domain inowana otomatiki maratidziro emuviri kubva kuinterface policy mapoka eAEP.
Chirevo chepamusoro paAEP chinogona kushandiswa kutsanangura imwe chimiro chechimiro chechimiro cheVMM domain. Uyu mutemo unobatsira mumamiriro ezvinhu apo VM controller yakabatana neshizha chinja kuburikidza nepakati Layer 2 node, uye imwe policy inodiwa pamashizha switch uye VM controller physical ports. For example, unogona kugadzirisa LACP pakati peshizha switch uye Layer 2 node. Panguva imwecheteyo, unogona kudzima LACP pakati peVM controller uye Layer 2 switch nekudzima LACP pasi peiyo AEP override policy.

Deployment Immediacy

EPG Policy Resolution uye Deployment Immediacy

Pese kana boka rekupedzisira (EPG) richibatana kune virtual muchina maneja (VMM) domain, maneja anogona kusarudza sarudzo uye kuendesa zvaunofarira kutsanangura apo mutemo unofanirwa kusundirwa mumashizha emashizha.

Resolution Immediacy

Pre-provision: Inotsanangura kuti mutemo (weexample, VLAN, VXLAN inosunga, makondirakiti, kana mafirita) inotorwa kune shizha switch kunyangwe VM controller isati yabatanidzwa kune chaiyo switch (ye ex.ample, VMware vSphere Distributed Switch (VDS). Izvi zvinofanopa zvigadziriso pane switch.

Izvi zvinobatsira mamiriro ezvinhu apo manejimendi traffic ye hypervisors/VM controllers iri kushandisawo iyo chaiyo switch yakabatana neCisco Application Policy Infrastructure Controller (APIC) VMM domain (VMM switch).
Kuisa mutemo weVMM wakadai seVLAN paCisco Application Centric Infrastructure (ACI) mashizha switch inoda Cisco APIC kuunganidza CDP/LLDP ruzivo kubva kune ese ari hypervisors kuburikidza neVM controller uye Cisco ACI leaf switch. Nekudaro, kana iyo VM controller ichifanirwa kushandisa imwecheteyo VMM mutemo (VMM switch) kutaurirana neayo hypervisors kana kunyange Cisco APIC, iyo CDP/LLDP ruzivo rwe hypervisors harugone kuunganidzwa nekuti mutemo unodiwa kuVM controller/hypervisor. manejimendi traffic haisati yaiswa.
Paunenge uchishandisa pre-provision immediacy, mutemo unotorwa kuCisco ACI shizha switch zvisinei nekuti

CDP/LLDP nharaunda. Kunyangwe isina hypervisor host iyo yakabatana neVMM switch.
Pakarepo Inotsanangura kuti EPG marongero (kusanganisira zvibvumirano uye mafirita) anotorwa kune yakabatana mashizha switch software pane ESXi host inonamatira kuDVS. LLDP kana OpFlex mvumo inoshandiswa kugadzirisa VM controller kune mashizha anonamirwa node.
Iyo policy ichatorwa kuLeaf kana iwe ukawedzera muenzi kuVMM switch. CDP/LLDP nharaunda kubva kune imwe nzvimbo kuenda kune shizha inodiwa.

Paunoda: Inotsanangura kuti mutemo (weexample, VLAN, VXLAN bindings, makondirakiti, kana mafirita) inosundirwa kushizha node chete kana ESXi host yanamirwa kuDVS uye VM yaiswa muboka rechiteshi (EPG).
Iyo policy ichatorwa pasi pashizha kana muenzi awedzerwa kuVMM switch. Iyo VM inoda kuiswa muboka rechiteshi (EPG). CDP/LLDP nharaunda kubva kune imwe nzvimbo kuenda kune shizha inodiwa. Nezvese zviri zviviri nekukurumidza uye-pakuda, kana muenzi neshizha akarasikirwa neLLDP/CDP nharaunda marongero anobviswa.

Cherechedza

MuOpFlex-based VMM domains, mumiriri weOpFlex pa hypervisor anoshuma VM/EP virtual network interface kadhi (vNIC) yekunamatira kuEPG kune shizha OpFlex maitiro.
Paunenge uchishandisa On Demand Resolution Immediacy, iyo EPG VLAN/VXLAN inorongwa pane ese mashizha echiteshi chiteshi machiteshi, chaiwo echiteshi chechiteshi, kana ese ari maviri kana anotevera ari echokwadi:
- Hypervisors yakabatana nemashizha pachiteshi chechiteshi kana chaiyo chiteshi chiteshi chakasungirirwa zvakananga kana kuburikidza neblade switch.
- VM kana muenzaniso vNIC yakasungirirwa kune EPG.
- Hypervisors yakanamatira sechikamu cheEPG kana VMM domain.
Opflex-based VMM domains ndeyeMicrosoft Security Center Virtual Machine Manager (SCVMM) uye HyperV, uye Cisco Application Virtual Switch (AVS).

Deployment Immediacy

Kana iyo mitemo ichinge yatorwa kune yemashizha software, kutumirwa kwekukurumidza kunogona kutsanangura kana mutemo wasundirwa mukati meiyo hardware policy content-addressable memory (CAM).
Pakarepo Inotsanangura kuti mutemo wacho wakarongwa mumutemo we hardware CAM nokukurumidza apo mutemo unotorwa mumashizha emashizha.
Pane-zvinodiwa: Inotsanangura kuti iyo purogiramu yakarongwa mumutemo we hardware CAM chete kana pakiti yekutanga inogamuchirwa kuburikidza nenzira yedata. Iyi nzira inobatsira kukwiridzira nzvimbo yehardware.

Cherechedza

Paunoshandisa pane-inoda kutumirwa kwekukurumidza neMAC-yakaroverwa VPCs, zvibvumirano zveEPG hazvisundidzirwe kune leaf ternary content-addressable memory (TCAM) kusvika pekutanga kupera kwadzidzwa muEPG pashizha rega rega.
Izvi zvinogona kukonzera kusaenzana kweTCAM kushandiswa kwese kweVPC vezera. (Kazhinji, chibvumirano chaizosundirwa kune vese vezera.)

Nhungamiro dzekudzima VMM Domains

Tevedzera kutevedzana pazasi kuti uve nechokwadi chekuti chikumbiro cheAPIC chekudzima VMM domain chinokonzeresa chinokonzeresa VM controller (ye ex.ample VMware vCenter kana Microsoft SCVMM) kuti vapedze maitiro acho zvakajairika uye kuti hapana nherera EPGs dzakasungwa mumucheka weACI.

Mutariri weVM anofanirwa kubvisa maVM ese kubva kumapoka echiteshi (munyaya yeVMware vCenter) kana VM network (munyaya yeSCVMM), yakagadzirwa neAPIC. Panyaya yeCisco AVS, iyo VM admin inodawo kudzima VMK interfaces ine chekuita neCisco AVS.
ACI maneja anodzima VMM domain muAPIC. Iyo APIC inokonzeresa kubviswa kweVMware VDS Cisco AVS kana SCVMM zvine musoro switch uye zvinhu zvakabatana.

Cherechedza

Mutariri weVM haafanire kudzima switch chaiyo kana zvinhu zvakabatana (senge mapoka echiteshi kana VM network); bvumira iyo APIC kukonzeresa iyo chaiyo switch yekudzima kana wapedza nhanho 2 pamusoro. MaEPG anogona kuitwa nherera muAPIC kana maneja weVM akadzima switch chaiyo kubva kuVM controller iyo VMM domain isati yadzimwa muAPIC. Kana kutevedzana uku kukasateedzerwa, mutongi weVM anodzima switch chaiyo yakabatana neiyo APIC VMM domain. Muchiitiko ichi, maneja weVM anofanira kubvisa nemaoko VM uye vtep masangano kubva kuVM controller, obva adzima iyo chaiyo switch (es) yaimbove yakabatana neiyo APIC VMM domain.

NetFlow ine Virtual Machine Networking

Nezve NetFlow ine Virtual Machine Networking

Iyo NetFlow tekinoroji inopa metering base kune yakakosha seti yezvishandiso, zvinosanganisira network traffic accounting, kushandiswa-kwakavakirwa network kubhadharisa, network kuronga, pamwe nekuramba kwekutarisa masevhisi, kutarisa kwenetiweki, kushambadzira kunze, uye kuchera data kune vese vanopa masevhisi uye. bhizinesi vatengi.
Cisco inopa seti yeNetFlow zvikumbiro kuunganidza NetFlow ekunze data, kuita kuderedza vhoriyamu yedata, kuita post-kugadzirisa, uye kupa ekupedzisira-mushandisi maapplication nekuwana nyore kuNetFlow data.
Kana iwe wakagonesa NetFlow yekutarisa traffic irikuyerera kuburikidza nenzvimbo dzako dzedhata, chiitiko ichi chinogonesa iwe kuti uite yakafanana nhanho yekutarisa traffic inoyerera kuburikidza neCisco Application Centric Infrastructure (Cisco ACI) jira.
Panzvimbo yehardware kutumira marekodhi zvakananga kumuunganidzi, marekodhi anogadziriswa muinjini yevatariri uye anotumirwa kune akajairwa NetFlow vateresi mune inodiwa fomati. Kuti uwane rumwe ruzivo nezve NetFlow, ona Cisco APIC uye NetFlow ruzivo base chinyorwa.

Nezve NetFlow Exporter Policies neVirtual Machine Networking

A virtual muchina maneja ekunze mutemo (netflowVmmExporterPol) inotsanangura ruzivo nezve data rakaunganidzwa kuitira kuyerera rinotumirwa kune yekubika server kana NetFlow muunganidzi. Muunganidzi weNetFlow inhengo yekunze inotsigira yakajairwa NetFlow protocol uye inogamuchira mapaketi akamisikidzwa nemisoro yeNetFlow.
An exporter policy ine zvinotevera:

VmmExporterPol.dstAddr—Ichi chivakwa chinosungirwa chinotsanangura iyo IPv4 kana IPv6 kero yeNetFlow muunganidzi inogamuchira iyo NetFlow inoyerera mapaketi. Izvi zvinofanirwa kunge zviri muchimiro chekugamuchira (kureva, "/ 32" kana "/128"). IPv6 kero inotsigirwa muvSphere Distributed Switch (vDS) vhezheni 6.0 uye gare gare.
VmmExporterPol.dstPort—Ichi chivakwa chinosungirwa chinotsanangura chiteshi pane iyo NetFlow muunganidzi application iri kuteerera, izvo zvinoita kuti muunganidzi agamuchire anouya anobatana.
VmmExporterPol.srcAddr—Ichi chakasarudzika chivakwa chinotsanangura iyo IPv4 kero inoshandiswa seyosiyo kero mune inotumirwa kunze kweNetFlow kuyerera mapaketi.

NetFlow Tsigiro neVMware vSphere Distributed Switch

Iyo VMware vSphere Distributed Switch (VDS) inotsigira NetFlow nemapako anotevera:

Muunganidzi wekunze anofanira kuwanikwa kuburikidza neESX. ESX haitsigire chaiyo nzira uye kutumirwa (VRFs).
Boka rechiteshi rinogona kugonesa kana kudzima NetFlow.
VDS haitsigire kuyerera-level kusefa.

Gadzira zvinotevera VDS paramita muVMware vCenter:

Muunganidzi IP kero uye chiteshi. IPv6 inotsigirwa paVDS vhezheni 6.0 kana kuti gare gare. Izvi zvinosungirwa.
Kwakabva IP kero. Izvi ndezvekusarudza.
Active flow flow timeout, idle flow timeout, uye sampling rate. Izvi ndezvekusarudza.

Kugadzirisa NetFlow Exporter Policy yeVM Networking Uchishandisa iyo GUI
Iyi inotevera maitiro inogadzirisa mutemo weNetFlow wekutengesa kunze kweVM network.

Maitiro

Danho 1 Pabhari yemenu, sarudza Mucheka> Svika Policies.
Danho 2 Munzvimbo yekufambisa, wedzera Matemo> Interface> NetFlow.
Danho 3 Tinya-kurudyi NetFlow Exporters yeVM Networking uye sarudza Gadzira NetFlow Exporter yeVM Networking.
Danho 4 MuGadzira NetFlow Exporter yeVM Networking dialogue box, zadza minda sezvinodiwa.
Danho 5 Dzvanya Tumira.

Kushandisa NetFlow Exporter Policy Pasi peVMM Domain Uchishandisa GUI

Iyi inotevera maitiro inoshandisa NetFlow kunze kwenyika mutemo pasi peVMM domain uchishandisa iyo GUI.

Maitiro

Danho 1 Pane menyu bar, sarudza Virtual Networking> Inventory.
Danho 2 Mune Navigation pane, wedzera iyo VMMDomains folda, tinya-kurudyi VMware, uye sarudza Gadzira Center Domain.
Danho 3 MuGadzira vCenter Domain dialog box, zadza minda sezvinodiwa, kunze kwekunge zvataurwa:
- a) Mune yeNetFlow Exporter Policy yekudonha-pasi runyorwa, sarudza yaunoda kunze kwenyika mutemo kana gadzira imwe nyowani.
- b) Muchikamu cheActive Flow Timeout, isa yaunoda kuyerera nguva yekubuda, mumasekonzi. Iyo Active Flow Timeout parameter inotsanangura kunonoka uko NetFlow inomirira mushure mekunge kuyerera kunoshanda kwatangwa, mushure meiyo NetFlow inotumira data rakaunganidzwa. Mutsara unobva pa 60 kusvika pa 3600. Mutengo wakagara uri 60.
- c) Mumunda weIdle Flow Timeout, pinda yaunoda kuyerera isina basa nguva yekubuda, mumasekonzi. Iyo Idle Flow Timeout parameter inotsanangura kunonoka uko NetFlow inomirira mushure mekunge kuyerera kwekusaita kwatangwa, mushure meiyo NetFlow inotumira iyo data yakaunganidzwa. Mutsara unobva pa10 kusvika pa300. Mutsara wenguva dzose ndeye 15.
- d) (VDS chete) MuSampling Rate munda, isa yaunoda sampling rate. Iye Sampling Rate paramende inotsanangura kuti mangani mapaketi NetFlow anodonha mushure mese akaunganidzwa pakiti. Kana iwe ukatsanangura kukosha kwe0, saka NetFlow haidonhedze chero mapaketi. Mutsara unobva pa0 kusvika pa1000. Mutengo wenguva ndeye 0.
Danho 4 Dzvanya Tumira.

Kugonesa NetFlow pane Endpoint Group kuenda kuVMM Domain Association Uchishandisa iyo GUI

Iyi inotevera maitiro inogonesa NetFlow paboka rekupedzisira kuenda kuVMM domain association.
Usati watanga
Iwe unofanirwa kunge wakagadzirisa zvinotevera:

An application profile
Boka rekupedzisira rekushandisa

Maitiro

Danho 1 Pane menyu bar, sarudza Tenants> Vese Tenants.
Danho 2 MuChirongwa cheBasa, tinya kaviri zita remuroja.
Danho 3 Muruboshwe rwekutenderera pane, wedzera tenant_name> Application Profiles > application_profile_name> Application EPGs> application_EPG_name
Danho 4 Tinya-kurudyi Domains (VMs uye Bare-Metals) uye sarudza Wedzera VMM Domain Association.
Danho 5 MuAdd VMM Domain Association dialog box, zadza minda sezvinodiwa; zvisinei, munzvimbo yeNetFlow, sarudza Gonesa.
Danho 6 Dzvanya Tumira.

Troubleshooting VMM Kubatana

Iyi inotevera maitiro inogadzirisa nyaya dzekubatanidza VMM:

Maitiro

Danho 1 Tamba nhanho yekubatanidza pane iyo Application Policy Infrastructure Controller (APIC). Kuti uwane rumwe ruzivo nezve nzira yekukonzeresa resync resync paAPIC, ona chinotevera chinyorwa cheruzivo:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_VMM_OnDemand_Inventory_in_APIC.html.
Danho 2 Kana nhanho yekutanga ikasagadzirisa nyaya, kune iyo yakakanganiswa EPGs, isa sarudzo nekukurumidza kushandisa preprovisioning muVMM domain. "Pre-Provision" inobvisa kudiwa kwevavakidzani vepedyo kana mvumo yeOpFlex uyezve hunhu hunosimba hweVMM Domain VLAN Programming. Kuti uwane rumwe ruzivo nezve Resolution Immediacy marudzi, ona inotevera EPG Policy Resolution uye Deployment Immediacy chikamu:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals_chapter_01011.html#concept_EF87ADDAD4EF47BDA741EC6EFDAECBBD.
Danho 3 Kana nhanho 1 ne2 dzikasagadzirisa nyaya uye ukaona nyaya yacho pamaVM ese, wodzima mutemo weVM controller uye uverenge mutemo.
Cherechedza Kudzima mutemo wekutonga kunokanganisa traffic kune ese maVM ari pane iyo controller. Cisco ACI Virtual Machine Networking.

Zvinyorwa / Zvishandiso

CISCO ACI Virtual Machine Networking [pdf] Bhuku reMushandisi
ACI Virtual Machine Networking, ACI, Virtual Machine Networking, Machine Networking, Networking

References

User Manual

CISCO ACI Virtual Machine Networking

Product Information

Mirayiridzo Yekushandiswa Kwechigadzirwa

Networking Support

Mepu Cisco ACI uye VMware Inovaka

VMM Domain EPG Association

Nezve Trunk Port Group

Attachable Entity Profile

Deployment Immediacy

NetFlow ine Virtual Machine Networking

Zvinyorwa / Zvishandiso

References

Siya mhinduro

Kanzura mhinduro