Installing Nexus 1000V on vSphere 5.1 (Part One)
The Cisco Nexus 1000v is a distributed virtual switch ( DVS ). This switch is a machine that is installed into the vSphere infrastructure (Virtual Supervisor Module) and the virtual switch itself, which is installed into the kernel of the hypervisor as an update (Virtual Ethernet Module).
VSM can be reserved by High Availability ( HA ) technology - one active second stand-by.
There is an iron version of the Cisco Nexus - a model of the Cisco Nexus 1100 Virtual Services Appliance , I have never worked with it, but as far as I understand it is a kind of iron server, there will be a machine with VSM .
')
Data Center Architecture with Cisco Nexus 1000V:
Structurally, Cisco Nexus 1000v - modular switch. The first two modules are reserved for management ( VSM ) and the remaining 64 modules for connecting virtual machines ( VEM ).
Here is a comparison of the Cisco Nexus 1000v with a vSwitch and a standard DVS, you can read. Just recently, information appeared that IBM also released an analogue of DVS , I can’t say anything about it - I didn’t test it.
VSM has 3 interfaces - Control, Management and Packet.
Control - monitors the status of the VEM and controls them.
Management - port for managing the supervisor.
Packet - port for CDP , IGMP and LACP protocols.
The recommendations say that you need to use different VLANs under Control and Packet. It looks reasonable, it is also worth considering - that Control should be in the same VLAN with Management interfaces of hosts.
The VEM can be downloaded from the VMware site - and the VSM (virtual machine applins) from the Cisco site.
Inside the VMS is NX-OS , the operating system that is used on all Cisco Nexus devices.
Well and the most important, Cisco follows in the direction of product development for virtual data centers - so they have a bunch of products that require the Cisco Nexus 1000v installed.
In the picture, those products that require the Nexus 1000v are highlighted in red.
In detail about all products it is better to read on these Internet.
I will describe them briefly:
The Cisco ASA 1000v is the virtual counterpart of the Cisco ASA (formerly the Cisco PIX), a firewall for virtual machines.
Cisco vWaaS is a virtual solution from Cisco for application optimization.
Cisco VSG - Virtual Security Gateway, supports security policies at the level of virtual machines, VLAN and infrastructure.
About VSM I already wrote above.
The Cisco Cloud Service Router (CSR) 1000v is a Cisco virtual router, I really want to see what it is and think that I’ll see it in the near future and review it.
Citrix NetScaler VPX is a Citrix solution, virtualized by load-balancer with great traffic protection capabilities.
The picture also does not show Cisco Nexus 1000v InterCloud , which will be an applains installed in the cloud in the provider’s cloud (as long as there is support for the Amazon public cloud) and allowing you to completely manage your infrastructure, move machines and manage security policies through a single console.
He is promised in the middle of the year, while very little is known about him - but I hope that we will be able to work with him in the near future.
Regarding licensing of Cisco Nexus 1000v, currently there are 2 licenses, Essential Edition and Advanced Edition .
Here is a comparison:
The Essential version is free, and the extended version costs $ 695 for each socket. You will also need an Enterprise Plus license for vSphere.
Installation requirements.
Cisco Nexus 1000V Installer App.
- The host must have one or more physical network interfaces on the standard VMware switches used (it is better to have several NICs - because during migration you will need to transfer networks from a standard switch to a new distributed Nexus)
- A standard VMware switch should not have machines running on it, to prevent the loss of their connection to the network during migration.
- You need to configure the VSM connection to the vCenter server.
- The host should have only one standard VMware switch.
- Make sure you have not previously installed any VEM before installing VSM.
- VCenter administrator rights are required.
Requirements for hosts.
- Must be installed vCenter
- Must be installed vSphere Client
- You must have a VMware Enterprise Plus license
- Hosts must be running ESX / ESXi from version 4.1
- For fault tolerance, there should be two network interfaces. But it is possible to install with only one on the host.
- When using several switches (meaning physical, to which hosts are connected), you need to make sure that the trunk has all the necessary VLANs between the switches and on the necessary interfaces (including Packet and Control VLAN).
- Control and Management must be configured on the host to use the VSM.
- All vmnics must have the same configuration.
Iron Switch Requirements
- If you use several switches, it is necessary to register trunks everywhere with all VLANs between all switches that are used.
- It is necessary to configure STP on those ports to which the hosts connect - it is required to enable BPDU Guard.
- It is necessary to transfer all ports to which hosts connect to trunk mode, if there is a need to use untagged traffic - use Native VLAN.
VSM requirements
- Separate IP
- Installed vCenter and VMware Update Manager (VUM)
- In a fail-safe installation (i.e., when you install two VSM machines in HA mode), you must first configure the first machine, and then only install the second one.
VEM requirements
- If a cluster is used, before installing VEM via VUM, you must turn off VMware HA, DRS, FT (Fault tolerance) and VMware distributed power management (DPM)
- If the hosts are in ESXi stateless mode, then you need to enable the Pxe Booted ESXi host settings option by following the link: Home> Update Manager> Configuration> ESXi host / cluster.
- Installation of VEM is possible either in automatic mode (through the installation of the .jar file, through the host CLX ESX \ ESXi and via VUM).
Let's go directly to the Cisco Nexus 1000v installation.
1) Adding networks.
As I wrote above, for Nexus 1000v you need 3 grids - Packet, Management and Control.
You need to go to the host in the Configuration -> Networking tab and add these networks to the standard vSwitch.
Connection type we set the Virtual machine naturally - and preferably for different Packet and Control networks different VLANs.
I have a test stand - so I pushed everything into a single VLAN. For Management, I use the standard VM Network, which contains all of my VMs .
2) Installing VSM
First, download the archive from cisco.com (you need an account to download), currently the latest version is 4.2.1.SV2.1.1a.
There will be several folders in the archive, in the folder Nexus -> VSM -> Install lies the OVF template, and it should be installed.
Connect to the vCenter through the vSphere client, select File> Deploy OVF Template
Then, step by step, when asked for the configuration, select the Nexus 1000V Installer for the main server of the HA cluster.
You can also select the manual configuration of the Nexus 1000V to specify all the parameters in the initial installation dialog after deploying a VM from this template.
In the network selection step, we select those networks for the traffic that was created earlier:
In the settings window:
VSM Domain ID is the domain number, for each individual switch the Cisco Nexus 1000v should be different if several different DVS are to be used.
Password - the password to access the switch (standard admin login).
Management IP Address , Management IP Subnet Mask , Management IP Gateway - the corresponding IP settings for management will be assigned to the Management interface.
We start VM, we wait while it is loaded and we log in on it:
This concludes the first part.
In the second part I will explain how to configure VSM and install VEM .
VSM can be reserved by High Availability ( HA ) technology - one active second stand-by.
There is an iron version of the Cisco Nexus - a model of the Cisco Nexus 1100 Virtual Services Appliance , I have never worked with it, but as far as I understand it is a kind of iron server, there will be a machine with VSM .
')
Data Center Architecture with Cisco Nexus 1000V:
Structurally, Cisco Nexus 1000v - modular switch. The first two modules are reserved for management ( VSM ) and the remaining 64 modules for connecting virtual machines ( VEM ).
Here is a comparison of the Cisco Nexus 1000v with a vSwitch and a standard DVS, you can read. Just recently, information appeared that IBM also released an analogue of DVS , I can’t say anything about it - I didn’t test it.
VSM has 3 interfaces - Control, Management and Packet.
Control - monitors the status of the VEM and controls them.
Management - port for managing the supervisor.
Packet - port for CDP , IGMP and LACP protocols.
The recommendations say that you need to use different VLANs under Control and Packet. It looks reasonable, it is also worth considering - that Control should be in the same VLAN with Management interfaces of hosts.
The VEM can be downloaded from the VMware site - and the VSM (virtual machine applins) from the Cisco site.
Inside the VMS is NX-OS , the operating system that is used on all Cisco Nexus devices.
Well and the most important, Cisco follows in the direction of product development for virtual data centers - so they have a bunch of products that require the Cisco Nexus 1000v installed.
In the picture, those products that require the Nexus 1000v are highlighted in red.
In detail about all products it is better to read on these Internet.
I will describe them briefly:
The Cisco ASA 1000v is the virtual counterpart of the Cisco ASA (formerly the Cisco PIX), a firewall for virtual machines.
Cisco vWaaS is a virtual solution from Cisco for application optimization.
Cisco VSG - Virtual Security Gateway, supports security policies at the level of virtual machines, VLAN and infrastructure.
About VSM I already wrote above.
The Cisco Cloud Service Router (CSR) 1000v is a Cisco virtual router, I really want to see what it is and think that I’ll see it in the near future and review it.
Citrix NetScaler VPX is a Citrix solution, virtualized by load-balancer with great traffic protection capabilities.
The picture also does not show Cisco Nexus 1000v InterCloud , which will be an applains installed in the cloud in the provider’s cloud (as long as there is support for the Amazon public cloud) and allowing you to completely manage your infrastructure, move machines and manage security policies through a single console.
He is promised in the middle of the year, while very little is known about him - but I hope that we will be able to work with him in the near future.
Regarding licensing of Cisco Nexus 1000v, currently there are 2 licenses, Essential Edition and Advanced Edition .
Here is a comparison:
The Essential version is free, and the extended version costs $ 695 for each socket. You will also need an Enterprise Plus license for vSphere.
Installation requirements.
Cisco Nexus 1000V Installer App.
- The host must have one or more physical network interfaces on the standard VMware switches used (it is better to have several NICs - because during migration you will need to transfer networks from a standard switch to a new distributed Nexus)
- A standard VMware switch should not have machines running on it, to prevent the loss of their connection to the network during migration.
- You need to configure the VSM connection to the vCenter server.
- The host should have only one standard VMware switch.
- Make sure you have not previously installed any VEM before installing VSM.
- VCenter administrator rights are required.
Requirements for hosts.
- Must be installed vCenter
- Must be installed vSphere Client
- You must have a VMware Enterprise Plus license
- Hosts must be running ESX / ESXi from version 4.1
- For fault tolerance, there should be two network interfaces. But it is possible to install with only one on the host.
- When using several switches (meaning physical, to which hosts are connected), you need to make sure that the trunk has all the necessary VLANs between the switches and on the necessary interfaces (including Packet and Control VLAN).
- Control and Management must be configured on the host to use the VSM.
- All vmnics must have the same configuration.
Iron Switch Requirements
- If you use several switches, it is necessary to register trunks everywhere with all VLANs between all switches that are used.
- It is necessary to configure STP on those ports to which the hosts connect - it is required to enable BPDU Guard.
- It is necessary to transfer all ports to which hosts connect to trunk mode, if there is a need to use untagged traffic - use Native VLAN.
VSM requirements
- Separate IP
- Installed vCenter and VMware Update Manager (VUM)
- In a fail-safe installation (i.e., when you install two VSM machines in HA mode), you must first configure the first machine, and then only install the second one.
VEM requirements
- If a cluster is used, before installing VEM via VUM, you must turn off VMware HA, DRS, FT (Fault tolerance) and VMware distributed power management (DPM)
- If the hosts are in ESXi stateless mode, then you need to enable the Pxe Booted ESXi host settings option by following the link: Home> Update Manager> Configuration> ESXi host / cluster.
- Installation of VEM is possible either in automatic mode (through the installation of the .jar file, through the host CLX ESX \ ESXi and via VUM).
Let's go directly to the Cisco Nexus 1000v installation.
1) Adding networks.
As I wrote above, for Nexus 1000v you need 3 grids - Packet, Management and Control.
You need to go to the host in the Configuration -> Networking tab and add these networks to the standard vSwitch.
Connection type we set the Virtual machine naturally - and preferably for different Packet and Control networks different VLANs.
I have a test stand - so I pushed everything into a single VLAN. For Management, I use the standard VM Network, which contains all of my VMs .
2) Installing VSM
First, download the archive from cisco.com (you need an account to download), currently the latest version is 4.2.1.SV2.1.1a.
There will be several folders in the archive, in the folder Nexus -> VSM -> Install lies the OVF template, and it should be installed.
Connect to the vCenter through the vSphere client, select File> Deploy OVF Template
Then, step by step, when asked for the configuration, select the Nexus 1000V Installer for the main server of the HA cluster.
You can also select the manual configuration of the Nexus 1000V to specify all the parameters in the initial installation dialog after deploying a VM from this template.
In the network selection step, we select those networks for the traffic that was created earlier:
In the settings window:
VSM Domain ID is the domain number, for each individual switch the Cisco Nexus 1000v should be different if several different DVS are to be used.
Password - the password to access the switch (standard admin login).
Management IP Address , Management IP Subnet Mask , Management IP Gateway - the corresponding IP settings for management will be assigned to the Management interface.
We start VM, we wait while it is loaded and we log in on it:
This concludes the first part.
In the second part I will explain how to configure VSM and install VEM .
Source: https://habr.com/ru/post/175663/
All Articles