Following up on my previous article (VXLAN on Nexus 1000V and UCS), I installed vCloud Director (vCD) v1.5 on the environment that I deployed for that blog post. Why 1.5 instead of 5.1? I’m still studying for the VCP-IaaS exam, and it is based on that vCD version (as well as vCAT 2.0).
In any case, here is some info on how to get vCloud Director working with VXLAN Support in the vShield Manager and the Cisco Nexus 1000V
FYI, I will not be doing a step-by-step of the entire vCloud Director (vCD) deployment process since there are MANY great walkthroughs on the Internet already. Instead, I will focus on the particular steps that apply to the Nexus 1000V.
1. Enable the Network Segmentation Manager (NSM) feature on the Nexus 1000V. It’s not required in the steps to setup VXLAN, but it is required for the integration with vShield Manager (vSM)
feature network-segmentation-manager
2. Connect the vShield Manager to the Nexus 1000V.
You can use the following Nexus 1000V command to verify vSM connectivity
show network-segment manager switch
The connection status should be “connected”
NOTE: if you’re like me and did this step before enabling the NSM feature on the 1000V, don’t worry. Just remove the Nexus 1000V settings in vSM and re-establish the connection.
3. Before leaving vSM be sure to specify the Segment ID pool and Multicast addresses settings. Each vCD network that uses VXLAN will require its own unique 1000V Bridge Domain and Multicast Address. So, make sure you allocate a big enough range:
4. In vCD, create your Network Pool, and specify the Network Pool Type (Network isolation-backed). Click Next, and specify the Number of VCD isolated networks available in that Network Pool. Make sure that you do not exceed the range of vSM Segment IDs specified in the previous steps. For example, if you specified a Segment ID range of 5500-5504, your Network Pool should only allow for 5 networks. Leave the VLAN ID field blank
After completing the previous steps, continue with your vCloud Director deployment to create your Organizations, Organization Networks, and vApps.
Your vCD environment should now be ready to use the Nexus 1000V to provide VXLAN-based networking to tenants. vSM will automatically create new 1000V Port Profiles, with the corresponding VMware portgroup, for each vCD network that you create:
Here are a sample Nexus 1000V bridge domain and port profile generated by vSM:
bridge-domain dvs.VCDVSAlpha-Org-External-65c07083-a923-400e-afc1-5f760c18b96b segment id 4400 group 225.0.0.1 port-profile type vethernet dvs.VCDVSAlpha-Org-External-65c07083-a923-400e-afc1-5f760c18b96b vmware port-group port-binding static auto expand inherit port-profile NSM_template_segmentation switchport access bridge-domain "dvs.VCDVSAlpha-Org-External-65c07083-a923-400e-afc1-5f760c18b96b" description NSM created profile. Do not delete. state enabled
The above steps should be applicable to vCloud Director 5.1 as well. However, I will need to wait until I pass my exam before I experiment with the new VMware vCloud Suite. 🙂
Please share your experiences with vCloud Director and Nexus 1000V in the comments section below.
