Category: Education

Lab Network

So I’ve had a few questions about the network in my lab, since I’m teaching almost nothing but NSX these days.  So let’s talk about it for a bit.

My network is purposefully simple.  And I’ve just rebuilt pretty much everything, so it seems like a good time to document it.

At the edge of my network is a Ubiquiti Networks EdgeRouter Lite (ERL).  It deals with all of my routing inside the network, as well as routing to the outside world.  It’s a 3 interface device – one to the outside world (cable modem), one to my default VLAN and home network, and the third interface is carved into a bunch of sub-interfaces for my VLANs in the lab.

The two internal-facing interfaces are attached to a Cisco SG300-20 that I could also use for routing, but I chose to let the router deal with that.  This is where I have several VLANs set up for my different environments, and that’s all I’ve done with the Cisco switch – no IGMP Snooping, no routing, just VLANs:

  • Local Management – this is where all of my common stuff lives – the vCenter for my physical hosts, vROps, Log Insight, etc
  • Production Management – this is where my GA-versioned vESXi hosts live, along with their relevant supporting pieces – vCenter, NSX Manager, etc
  • Production NSX Control – I set this up simply to have a dedicated network for my NSX 6.1 Controllers.  These could just as easily gone into my Production Management VLAN
  • Production NSX Transport – this is here to simulate a dedicated VXLAN transport network.  Currently, this is superfluous, as NSX 6.0/6.1 VTEPs don’t deal well with VLAN tagging in a nested environment.  Not sure what that’s all about, <sarcasm>I must be running in an unsupported config </sarcasm>
  • Production Management Branch – this network provides a simulation of a remote site
  • Production NSX Transport Branch – again, simulation of a remote site, but much like the Production NSX Transport, this one’s completely superfluous at the moment.
  • I’ve got a matching set of VLANs for my non-GA environment, so that I can have a stable and unstable environments and maintain some level of isolation.  

Since my lab is completely nested, I also have VSAN and vMotion VLANs configured on my distributed switches, but they don’t map to anything in the physical network.

On the NSX side of things, well, I’m rebuilding that right now.  My thought process, since this is a lab, is to attach my outside-facing Edge VMs to the relevant Management network, depending on where I need the Edge.  This sort of flies in the face of having a dedicated Edge cluster, but hey, this is a lab 🙂  

Inside the Edge, my DLR(s?) will attach to a common Transit network, as will the inside interfaces of the Edges.  I’ll set up some OSPF areas so that the EdgeRouter Lite can advertise some networks into the Edge.  The DLR will also advertise its routes up to the Edge, which will in turn advertise back to the ERL.  This should be a pretty simple OSPF config.  I could eliminate the need for OSPF between the Edge and the ERL simply by configuring a default route, but what fun is that?

Then my workloads will attach to whatever Logical Switches I want them attached.  The sky’s the limit inside the SDN.  

For simplicity’s sake at this point, each network segment (VLAN or VXLAN) will have its own /24, though many of them could make due with a /28 or /29 pretty easily.  But I’m not strapped for IP addresses, thanks to our friend RFC 1918, so I’m not going to make things any more complicated than I need to.  

Everything works pretty well.  Sure, I run into some goofy behavior once in a while (see the VTEP VLAN tagging thing above), but this environment is entirely unsupported.  Honestly, it’s a miracle that any of this works at all, and is a galvanizing testament to what VMware software is actually capable of doing.  

Someday, maybe I’ll draw this all up.  But today is not that day.  

Deploying NSX Manager

Well, another day, another post.  

Ok, that may be exaggerating a bit, but I’m trying.  Again.  Still.

I’m rebuilding my lab (more to come on that later), and with the big push toward VMware NSX in my life right now, I thought I’d capture my fun and excitement in deploying everything.  Here’s Part 1, where I deploy the NSX Manager and register it with vCenter.  Nothing earth-shattering here, but it might help someone.

Have you upgraded your vCenter Server Appliance from vSphere 5.1 to vSphere 5.5 yet?

It’s been well over a year since I’ve been here (well, closer to 18 months, really).  I’ll apologize for that now 🙂

The reality, though, is that it’s been a long, exhausting, and rewarding year and a half, and I’ve taken on some different responsibilities at work.  That’s taken up quite a bit of my time.  I decided I just needed to roll some of that time together with this blog.  Well, at least some of the fruits of that work.

We’ve just released the latest, greatest version of vSphere – vSphere 5.5  With a new version comes a need to upgrade.

Some of you may be using the vCenter Server Appliance.  There’s an Update feature in the appliance to help update from one version to another.  But right next to that in the management UI is a tab called Upgrade.  And that’s the process I’ve just stepped through for you.  Keep in mind here that I haven’t read any of the upgrade KBs (shame on me), but this is a relatively intuitive process, I think.  

Take a look at the video – it’s about 20 minutes long – some time has been shaved off; the entire process took me about an hour, but you don’t want to watch a bunch of silence and spinning wheels, do you?  I didn’t think so.

I will throw out a caveat (that I didn’t show onscreen) that I did have to regenerate the self-signed certificates before the Web Client worked properly.  

Test this process extensively before you try this in a production environment!! Please, don’t try this blindly!

I learned quite a bit during this process, and I hope it helps you a bit.

VCP5

Well, they finally let the cat out of the bag!  A couple of months ago now, I took a day trip down to Martin, Tennessee to sit the VCP5 Beta exam.

After a few trials and tribulations getting there (remember all the flooding in the midwest earlier this year?), and them more challenges once I got to the testing facility (one of the other testing software packages didn’t much get along with the Pearson packages), I finally got to sit the exam.  I made it to the facility on time, but with the system problems, it was another 30-45 minutes of waiting before I could actually participate in the exam.

And _wow_ it was long!  And challenging!  This isn’t your father’s VCP exam, assuming most of the questions make it to the final product.  This exam was all about understanding – the product, it’s use cases, everything.  This new generation of VCP will be the sharpest yet (and I think that’s saying something – we’ve had some great exams over the years), and VMware is doing a great job of keeping the value of the VCP at a premium level.

The VCP5 is not a data-regurgitation exam, not can it be explicitly taught.  VMware still has the Install, Configure, Manage requirement if you hold no VCP.  But the class is not going to teach you the exam, just like it’s been since I got into this VMware thing in 2006.  It will, however, provide you with a good foundation with which to start.

If you’re a current VCP4, you can sit the exam with no class requirement until February 29, 2012.

Oh, and I”m writing all this because I finally got my VCP5 exam results.  I passed!  That makes the whole trip to Tennessee and all its trials worth it!

 

Everything’s on hold for the moment

All the cool stuff I have in the works (vCoud Directory 1.5, the rest of the AutoDeploy stuff, and more) is on hold for the moment.  My time is being consumed by a couple of custom classes I’ve got to develop and run.  Pretty much, September is shot 🙂  Of course, October may or may not be much better, with new classes coming up (here’s to me agreeing to be a lead instructor lol)

It’s all still coming, and I will probably not be the first to discuss most of the topics, but I will get the info up.  It’ll be a heck of a lot easier to do all this after I can get some dedicated ESXi hosts early next year.  In the meantime, VMs still fit on the iMac and the old workhorse Precision.

I’ll still be around, just not as online as I have been.

Up and coming

So, I really do work stuff, along with all the tinkering lately.  That’s the problem with new gadgets!

I’ve been gearing up on the vSphere 5 courses from VMware, and I gotta say, you should take these.  Even if it’s just the 2-day What’s New course for you VMware gurus.  What’s New is the condensed “look at all the cool new stuff” class that gets you some hands on time with the new knobs and dials as well as gets you some good discussion time.  The new Install, Configure, Manage class is no slouch, but we’re gently massaging it to work better for most that will likely be taking it.

Add to that the fact that I’m working on a post (more back-burner) about my take on why customers should think about the cloud.  And I’m tossing around a post about automation, and why.  Not so much how, but why.

On the front burner, however, I’m in the process of working through the new Auto Deploy feature of vSphere 5, specifically the integration of Auto Deploy and its related components into the vCenter Server Appliance (vCSA).  Everything’s baked in, so I’m doing a “what to edit and how to make it work” post.  I’m having just a touch of difficulty I think due to the wacky nature of my lab (should be taken care of soon enough, I hope), but the framework is there.

Oh, and add to that my DSL modem gave up the ghost.  I’d say it let out all its magic smoke (you know, the magic smoke that all electronics run on – when the smoke escapes, the electronics don’t work anymore!), but there was no puff of smoke.  It just stopped.  I looked up and there were no lights.  No biggie, I’ve got a U-Verse installation scheduled already to replace the DSL with a fatter pipe, and my cable modem is still the primary pipe.  It just means that my next class won’t have any network redundancy if something goes wrong.

So that’s what’s going on.  Blog breaking, DSL dying, vCSA tinkering fun.  Stay tuned for more goodness!