Quantcast
Channel: VMware Communities: Message List
Viewing all 252940 articles
Browse latest View live

Re: How to force Distributed Switch traffic through a particular NIC between two cluster member?

May 19, 2019, 9:40 am
$
0
0

I'l try to draw something up in PowerPoint. I just hope I can make it all fit on one page.

 

At the moment, the machines are neither racked nor configured, so unfortunately I can't just post a screenshot of the current configuration. Which, not coincidentally is why I am asking that question, because I am not sure how to configure it. I will draw up what I have in mind.

 

While I've been running a hobby ESXi server for years, I wouldn't say vSphere is my area of expertise. I've only recently got into clustering and Distributed Switches, and have a simple cluster with Distributed Switches running at my home. The configuration at the ISP will be more complex, so it may take me a while to get this all drawn up. Will do my best.

 

Thanks,

--Marc

Search

VCSA with no domain

May 19, 2019, 10:07 am
$
0
0

is it worth the hassle to deploy a VCSA appliance not connected to a domain for “testing” purposes and then take to site and join it to the domain?

 

Ive never done it without a domain before, always joined it to one. Plus it’s part of the initial install where it asks for the FQDN etc I thought?

 

It would be built on a new setup in a different location and then tested to a certain extent before being delivered and any final config testing being done at that final site. Not the way I want to do it, but seems that the project it’s for want it doing this way, even though the test equipment it will be connected to will only be a slight representation of the actual on site domain config.

 

We have built a test system that’s staying in a test area location, it is part representative of the on site config and uses the same domain name etc, but to join it to this domain would not be the same as the on site domain, only in name only, so would then likely need unconfiguring before being shipped then reconfiguring again. Seems more trouble than it’s worth to me

Re: How can I get more than 1000 results from TaskManager Collector?

May 19, 2019, 10:18 am
$
0
0

Ah, many thanks!

 

So you have to run the ReadNextTasks($TaskNumber) method against the Collector over and over, reading 1000 (or whatever number you specify) at a time.

 

I put it in my script.  Working great now.

Re: VCSA with no domain

May 19, 2019, 10:19 am
$
0
0

Plus, does it not need DNS locators when it’s deployed as the installation will fail if can’t resolve it? Giving the VCSA an IP instead of a name might work, but what would be the point

Re: Need help running a Minecraft server on a virtual machine of Ubuntu on vmware esxi

May 19, 2019, 10:19 am
$
0
0

I just made a Windows 10 virtual machine and set up a Minecraft server on it and tested port 25565, and it still appears to be closed.

Re: Need help running a Minecraft server on a virtual machine of Ubuntu on vmware esxi

May 19, 2019, 10:39 am
$
0
0

No idea about Minecraft so another forum would seem to be more appropriate, but ESXi does not block any ports for VM traffic as I've already said.

Re: VCSA with no domain

May 19, 2019, 10:40 am
$
0
0

is it worth the hassle to deploy a VCSA appliance not connected to a domain for “testing” purposes and then take to site and join it to the domain?

What would you be able to test without it being on site and managing the destined hosts? Joining a vCSA to an AD domain is not required, even to allow principles from AD to login.

 

Plus it’s part of the initial install where it asks for the FQDN etc I thought?

No, FQDN has nothing to do with domain join, and the SSO domain also has nothing to do with external AD domains.

 

Plus, does it not need DNS locators when it’s deployed as the installation will fail if can’t resolve it?

Yes, vCSA must have forward and reverse DNS records preexisting in local DNS prior to installation. If it cannot find itself, the installation will fail. Just another reason why what tests you're trying to do make little sense unless it's deployed in its final resting place.

Re: How to force Distributed Switch traffic through a particular NIC between two cluster member?

May 19, 2019, 10:48 am
$
0
0

As requested, here is a diagram for what we have in mind. Please do feel free to ask me any questions about it.

 

Please ignore the "Phase 2" question on the same diagram as part of my post here. That Phase 2 question is included on the diagram to be considered in the future. The question to which I am seeking an answer in this post here is the question labeled as "How to force Dswitch traffic through this NIC?"

 

Big Thanks!

--Marc

Search

Re: VCSA with no domain

May 19, 2019, 10:59 am
$
0
0

Well, it's certainly possible to pre-install everything and ship it on-site, but you have to have everything identical with respect to external infra. as it is on-site. The better approach here is to learn how to automate the setup and configuration of vCenter and ESXi, both of which are capable of end-to-end setup and configuration in automated, unattended fashion. Depending on how many times you're going through this exercise, that could either save you a bunch of time or cost you a bunch of time. It really depends.

Re: VCSA with no domain

May 19, 2019, 10:50 am
$
0
0

You get me wrong, I’m not the one trying to do this, I’m the one saying we need to configure this on site and test it there properly, otherwise we are achieving nothing. All new equipment is in our office at moment ready to be configured in a vanilla form and then shipped. My plan is to configure the SAN, switches and install ESX on the hosts here, then ship it, go up there and install/configure vcenter on the host and complete the usual config and then test it. But those that think they know what they are on about here think, despite being told it’s pointless, that we can do it ALL here and take it up there and it will just magically work.

Re: How can I get more than 1000 results from TaskManager Collector?

May 19, 2019, 11:00 am
$
0
0

Indeed, the window slides over the tasks by each call to ReadNextTasks.
The size of the window is max 1000 entries.

Re: VCSA with no domain

May 19, 2019, 11:04 am
$
0
0

And that’s the issue, it’s not identical. Hence why I keep saying we can do so much here as a time saving excercise on site and finish the install there.

Re: Need help running a Minecraft server on a virtual machine of Ubuntu on vmware esxi

May 19, 2019, 11:07 am
$
0
0

Well, thanks for all the help you've given me!  I've posted in another forum, and hopefully someone there can help.  Or, maybe somebody here will know the answer.

 

Thanks!

Re: Mouse flickering/jumping since VMPlayer 14 (in multi monitor config)

May 19, 2019, 11:23 am
$
0
0

The problem is real however there seems to be no interest in that issue (no posts for almost 2 years).

 

It took over two years but finally it seems that version 15.1 of VMWare Player (with latest Tools) is free from described problem!

I'm not sure if it was fixed intentionally or "by mistake". Good thing is that problem is gone.

 

It is sad however that it took so long.

I hope that fix is permanent and future releases will not bring it back.

 

--

Regards,

Marek

Re: How to force Distributed Switch traffic through a particular NIC between two cluster member?

May 19, 2019, 11:31 am
$
0
0

Alright, where do I begin. What you're trying to do just doesn't make a whole lot of sense to me, so maybe I'm still not understanding the objectives.

 

  1. You say you have 3 1 GbE vmnics (physical NICs) per host. Your diagram shows all three in some team as uplinks for vSS 0. Also connected to vSS 0 you appear to have a vmkernel port (I'm presuming the only kernel service this is offering is management, is that correct?) and a virtual machine port group to which a pfSense VM will be connected. You also strangely have IPs assigned (somehow) to each individual vmnic in that team. That just isn't possible to do, nor would you want to try it in this configuration anyhow. A vmkernel port is capable of having an IP assigned, so that part makes sense. What is that IP? On what network? And your pfSense VM has what IP on the interfaces that connects to its VM port group?
  2. Second is the matter of the DHCP server to begin with. This just confuses me. You show two VMs per host (not counting pfSense which is also a VM). Why do you need DHCP services at all anywhere here? Is DHCP the only reason you're using a pfSense box here?
  3. Cross-connecting these 40 GbE interfaces in this fashion isn't supported, do you know that? I get that your hosting provider doesn't have 40 GbE connectivity, but this would be one case where if you absolutely require it, you should provide your own switch which can be private to this environment.
  4. Alternatively to #3, why not cluster within an ESXi host so it doesn't have to egress? Each host can have both VMs that act in a given cluster. If you're concerned about failover, there are ways to replicate VMs or sets of VMs to another host in the case of a single host failure.

 

All of this aside, let me just try to answer your direct question about steering traffic out of a distributed switch:

 

If you've got your workload VMs (whatever you want to call them) that have a single interface connected to a distributed port group with a given network assigned, you need to not assign that same network to another port group and connect it to both places, otherwise you've just created a L2 loop. As long as the uplink used for the vDS is in the same broadcast domain as the VMs on the other side, the ARP table will have those MACs populated and traffic will get routed out that uplink. And you don't assign IPs to uplinks. You assign IPs to either vmkernel ports or to vNICs (virtual machine NICs) connected to port groups. Those are your only two options for interface assignment.

 

What I would recommend here (and which you may not be interested in) is to look at a redesign of this networking idea. Start at the applications. What are these? How are they used? What are the requirements based around them? Is it solely availability? Something else? How many VMs are involved? How many users are involved? Etc.

Search

Re: VCSA with no domain

May 19, 2019, 11:35 am
$
0
0

Then I guess I don't understand what they're hoping to accomplish with these "tests". Is it to "test" if the hardware works? Is it to "test" the concept of vCenter managing ESXi hosts? Something else? Presuming the networking requirements are met, the storage requirements are met, and the hardware functions, there's not much to test.

Re: VCSA with no domain

May 19, 2019, 12:02 pm
$
0
0

And that’s pretty much the argument I have been having for the past few weeks. If those functions work, there really is no issue.

 

the test environment we’ve built that’s slightly representative works as it should, the same configuration is planned for this equipment, that’s going to site. It’s like talking to a wall though

Re: VCSA with no domain

May 19, 2019, 12:24 pm
$
0
0

Ok then if you and I agree, what's the question here?

Re: How to force Distributed Switch traffic through a particular NIC between two cluster member?

May 19, 2019, 12:34 pm
$
0
0

Thanks again for the time and effort  you are investing in this response. I realize that in a likelihood I am missing something obvious.

 

My apologies in advance for any bugs in my drawing of the right side (green side) of the diagram. That part is working in my test setup, as is the pfSense router/DHCP VM. It has been a while since I looked at the green parts in detail, having focused on the other colors instead, which I can't model in my test setup.

 

I have pfSense connected to a regular vSwitch on the LAN side of pfSense on a single machines and I can connect VMs to that LAN vSwitch via DHCP just fine.

 

In practice, there will be more VMs connected to the Distributed Switches on both ESXi hosts than just four total. I drew four total to show what the use cases are and because I don't have space on that page to draw 20-30 VMs.

 

You are correct that the vmKernel port on the green side currently only supports management. I suspect that there will need to be vmKernel ports connected the Dswitch A and Dswitch B that support vmMotion, etc. What I don't know, and have not been able to find on the Internet, is which of the 5 or 6 properties that one can assign to a vmKernel port is used to move data between Distributed Switches. Is it "management"? Is it "vMotion"? Is it something else? /Something/ has to move the Distributed Switch data between two machines in a cluster. What is that something? I suspect that Distributed Switches between two cluster members are somehow connected via vmKernel ports on each cluster member using one of the set of properties one can enable for a vmKernel port. I would love to know which of the properties this is, because I think it would make things much clearer in my mind.

 

One reason why I went to the egress via the 2x 40Gbps NICs is because that allows us to run, for certain load testing scenarios, one workload VM on each ESXi host using the full set of computing resources that each host provides and to closest model how two systems running the software might be connected in real life. Also, we managed to pick up the 2x 40Gbps NICs for a very reasonable price. Alas, a QFSP+ switch exceeds the budget for this project. Hence the DACs.

 

Reading your response carefully, I believe one area where I may have gone wrong in that I was under the impression that I had to assign IP addresses to the interconnect NICs.

 

Finally, to answer your question about why we went the DHCP route for the workload VMs in the first place, it was to allow easy migration of the VMs both between the two /24 flowing into the two cluster members and to also allow for easy running of some of the VMs at a DR site that has yet another IP address space, all without having to manually renumber each VM. If VMs are moved between hosts, sites, and address spaces, all we have do is to load the corresponding IP address for that VM and that site into DNS and at most an hour later that VM will be up, running, and accessible. Be it on the other cluster member or on some server half a world away.

 

(We plan to use Veeam for the failover, which was recommended to me in a previous inquiry to this forum and which based on my limited testing so far seems to do what we are looking for regarding enabling DR. As long as the VMs don't require manual renumbering when being run from another site).

 

I will mark your previous answer as best answer and again thank you for your time. If you can think of any other advice or happen to know the answer to the question how exactly Distributed Switches move data between cluster members, I would love to know the answer.

 

I am deeply appreciative of your effort and your detailed responses!!!

--Marc

Re: VCSA with no domain

May 19, 2019, 12:41 pm
$
0
0

Not so much a question, seemingly more a second opinion based on my own opinion of it all and how I see this entire episode

Viewing all 252940 articles
Browse latest View live
Search