Shulou(Shulou.com)06/02 Report--

Cisco HyperFlex Multi-area Uplink (Disjoint Networks Upstream)

Deploy Layer 2 Disjoint Networks Upstream in End Host Mode for HyperFlex

In a general sense, the HX platform is deployed in a second-tier environment, and different vlan run different functions (data,mgt,vmotion,storage), but all are in the same second-tier environment.

Because the network structure of users here is not like this, the network structure strictly isolates and separates multiple areas with firewalls, but it cannot deploy a set of FI for each area, requiring FI to connect multiple areas. If the fi+ blade is relatively easy to solve in the case of a custom template, but the HX platform has a high degree of automation, it is easy to cause all kinds of errors and omissions.

The following problems occurred in the experiment:

1the vlan of vlan vnic is inconsistent with the vlan of the connection, resulting in the vnic being down

2. After adding vinc, multiple vswitch networks are unstable, some are connected, some are up, some are down, some are down down, so it doesn't affect the business, and the down is stored (may be related to vnic reordering or other reasons, failed to reproduce the failure)

3. Deleting a specific vnic in the profile matching to rack causes all vnic to be deleted, even the computer template in the master template under root is deleted, all of it is deleted. It is strange that only a vnic of the rack node template in use is deleted, which results in the template of the computing node in the master also deleted.

4 the vnic generated by intaller is always out of order. The strange thing is that the mac generated by install can generally correctly judge the upper connection. Although the vmware has reordered (and sometimes makes mistakes), the multi-area upper connection added by oneself is sorted by vmware every time, which is directly the wrong connection (guess here: because the latter mac-pool is added by yourself, rather than using the mac automatically generated by install, when taking the mac, the FI takes it up and down according to its own algorithm. Then the vmware is rearranged because of the size of the mac (compared with the definition of macpool), the order is different each time you add vnic,)

The method of action is impermanent, and impermanence is untrue. Knowledge and knowledge are only valid or barely correct for some things in a certain geographical range and time range, but not always correct, and will change. Many manufacturers and devices have their own special features in function, such as rock firewall can change layer 2 vlan tag, etc., but the special usage is too much for later affairs, including expansion. Merging, updating, adding, and other requirements will have an impact, perhaps because of the sophomore product design assumptions, the HX platform does not have the flexibility to change multi-area uplink ports like Dell rack servers.

Therefore, I feel that the solution that suits me is the best, and choose the one that is closest to the best practice in the solution that suits me, so as to maximize the benefits. The highest level should be an excellent top-level design solution, not overly complex in technology.

Add vlan to installer

Vlan is added to vm-network because the automation script does not judge multiple connections at all and wants to delete these vlan on this switch and add portgroup to the correct switch later.

The vlan on FI has been added for the sake of implementing installer. All your operations depend on install as far as possible. Do not manually configure these automated scripts for compliance. On the one hand, you may not be able to change them. On the other hand, you may not know that you are related to many places.

The reason for adding mac-pool is to use a separate mac-pool because it is easy to identify, and after this correction, the order of the vnic in the vmware has changed, resulting in a fundamentally different network. I need to re-adjust the uplink of the vswitch according to the mac recognition vnic.

Add vnic-temp Note my path LAN/POLICY/ROOT/SUB-ORAGANIZATIONS/LZTLJ/VNIC is in the group under root rather than directly under root

Continue to look at the path. Add vnic to lan connectivity policies in the lztlj group under root because three new uplink areas have been added, so add 6 vnic,uplink vlan and vlan in vnic and vlan in uplinmanager should be the same, otherwise two pictures will be added after down down.

After the addition is completed, the alarm will be asked for a restart (adding or subtracting vnic from the template will cause the restart). After the restart, check in the template that it has been successfully added.

The order of vnic in VMware has been changed, which may cause some networks to fail, even the most important network, which may need to be adjusted manually.

Finally, add vswitch and vlan portgroup with three new uplink areas, which I like to add in esxi because the switch name can be customized.

The workload of manual adjustment is much larger than that of automatic adjustment, mainly because it is easy to make mistakes.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.