Skip navigation

Tag Archives: vds


First of all, Happy New Year of 2013!! I am happy the whole world didn’t blow up and my guess those Mayan dudes just running out of space on that piece of stone  so they think, why the hell I need to care about world in thousands years later? Winking smile

Now, back to Vmware. With vSphere 5.1.0b released, I start to wonder whether it’s time to consider to use vDS (Virtual distribution switch) to replace VSS.

vDS has been around for years, only Enterprise plus license would actually use it. The concept of vDS is great, but the real world is not practical from my point of View to use vDS to complete replace VSS.

My suggestion is to have hybrid environment with vSS and vDS. As matter of fact, that , I’m afraid, is your only option. There will be time for you to failover VMs from broken vDS to something else, so between another vDS and vSS, which one you would go?

I did a little bit research regarding vDS and I would like to share some tricks and “how to” to everyone. Feel free to pop up question and correct my mistakes as usual.

vSphere Client or vSphere Web Client?

Now, with vSphere Web Client getting more and more popular, should we use Web Client and dump old one? The answer is No. The new Web Client is incompleted, slow but it does provide more functions than C++ version. I will stick with Web client in this post as much as possible.

What’s is vDS?

You can always find this answer from my old post here. Comparing with vSS, vDS provide more virtual gateways (not like vSS, vDS also virtualize Uplink). More control and monitoring on the traffic going through virtual switch and also profile base deploying from vCenter to Hosts so vDS is aware all hosts network rather than working alone like vSS.

However, it does bring lots of other issue if you want to put vDS into production. One of few issues is to rename Uplink.

Why do we need to rename Uplink?

Uplink exists on vDS only. It’s a virtual port group which you connects your physical  nics to. Assuming you have 10 hosts, it’s hard to guarantee all vmnic01 will connect to Uplink01 since vmnic01 may connect to different network in the real world. After a while, you may get confused about what each Uplink for.

Tricks:

Always rename your Uplink before you start to connect anything to vDS.

You need to rename your Uplink ASAP after you create your vDS. Once vDS is hook up something, it simply won’t let you touch Uplink because it may connect to something. Even if you remove the connection to another link, the vDS will still hold same configuration till refresh time. (for me details and solution, please check my old post).

Steps to rename Uplink

Login to Web Client,

image

After you rename your Uplink, you can start to create vMotion group for vDS.

Create vMotion for vDS

The funny thing for this step is you have to create a vDS port group first before you can do anything lese.

clip_image002

clip_image002[5]

clip_image002[7]

Now, you can create a new Uplink for vMotion

image

image

image

image

I skip the rest of parts.

Tricks:

I don’t think you can vMotion between vss and vDS. You can only vmotion between same type of vSwitch. Although you can migrate vms from VSS to vDS with few ping drops.

Assign specific vmnic to Uplink

One thing you would like to do is to assign vmnic01 (for example) to a specific Uplink. Please follow these steps.

Add Physical adapters into vDS via web client

image

change Auto-assign to a specific Uplink

vds-01

Delete a Uplink (not physical nic connection)

The simple thing I want to do is to remove one of Uplinks. It’s virtual Uplink on vSwitch, it is NOT the physical nic which I connect to Uplink. but this very simple thing almost can’t be done via either vSphere Client or Web client.

To give you a better understanding, a new vDS coming with 4 Uplinks connecting with nothing. What happen if I add more uplinks now and want to remove some Uplinks latter?

The way you add more Uplink is here

image

Unfortunately, the only way to remove Uplink is either rebuild a new vDS or migrate all your VMs to other switch and remove all physical host nic connection to Uplink and go back to here and to set a LOWER number!

If you set this number to 3, 2 uplinks will disappear but it won’t let you choose which 2 uplinks. Therefore, you better move all VMs and connections between physical host nics to Uplink before you remove Uplink.

This is not just my conclusion, a Vmware Support Engineer was on the phone 1 hour with me and come up with this solution. Maybe there is another way to do it, but we are not able to find out. If you know how to do it, please let me know or leave it in comment.

Conclusion:

There are still lots testing we can do with vDS, but at this stage, I definitely wouldn’t recommend to ditch vSS and use vDS solely. A hybrid environment is what I would recommend.

Advertisements

This is part 2 of vDS (vNetwork Distributed Switch), My Understanding.

How does vDS work?

What will your instructor tell you? “Please don’t consider vDS is a switch connecting to Hosts. vDS is just a template”  Well, that’s what you always heard from all your instructors. but template of what? The answer is vDS is template of HIDDEN vSwitch sitting on your local host. vDS(the template) is managed by vCenter(high level operation) and your local Host(low level operation). Let’s see a diagram.

From this diagram, you can see there are two hosts. Each host has hidden switch which received template (vDS) from vCenter. The local template will be updated every 5 minutes like what I mentioned in Part 1.

Now, let’s open this hidden switch and see what’s happening in there.

As you can see, the hidden switch has forwarding engine and teaming engine which will be configured and controlled by setting in vCenter. There are two IO filters (not just one) is to be used in VMSafe. So what VMSafe does is let third party software (for example, the Trend Micro)  build a VM appliance and be certified by VMWARE to prove it won’t do any damage. That special VM will use special API to monitor traffice (like firewall) or check virus. Meaning, if you want to use VMSafe product, you have to use vDS, meaning you have buy Enterprise Plus license! I guess that’s why VMSafe product is not popular.

ok. Back to vDS. Let’s make a small conclusion. vDS is also a vSS. But it’s hidden in the Host. This hidden vSS is using template made by vCenter and Local Host so you can control traffic and share switch data between hosts.

Few things you need to know about vDS

vDS is capable to do everything vSS can do because it’s basically a super (hidden) vSS. Once you assign a vmnic OR VMkernal, SC or VM to vDS, you won’t be able to use them in vSS. It’s same thing as vSS.

I won’t say there are not much point to use vDS but if you do want to use vDS, you would either use Cisco Nexus to replace vDS or you want to use VMSafe product. Or you have Enterprise Plus license and want to use host profiles.

vDS timeout issue

vDS is not as convenient as vSS which only connects to single Host. sometimes, it’s not easy to remove vDS switches or even switch physical nic to different vDS switches. If vDS believes a port is busy, vCenter won’t allow you to delete vDS or remove a host from it. By the default, vCenter automatically forces all “busy” ports on all distributed switches to time out every 24 hours.

You can make change on vpxd.cfg to make it as 10 minutes.

vpxd.conf is located at c:\documents and settings\all users\application data\VMware\VMware VirtualCenter\vpxd.cfg

In vpxd.cfg, add the line <vpxd><dvs><portReserveTimeout>10</portReserveTimeout></dvs></vpxd> and save the file.

Restart vCenter. The default timeout is now set to ten minutes.

After the port reservation has timed out, remove the vNetwork Distributed Switch or dvPort group.

Reset the default timout by removing the line you previous added to vpxd.cfg.

Restart vCenter.

Best Practise for vDS daily operation

If you run into problem with vDS, always start checking from vCenter->Networking level. Because it has general view to tell you all vDS details such as IP on each port group, PVLAN info and which VM or kernal ports it connects. Then, you should drill down to single host ->Configuration->Networking to add or remove objects. If you do have issue, try to remove all objects to another vDS and then, make your change.

For the rest of details, like PVLAN, blocking of individual ports, you can check this file to continue your journey of vDS.

http://vmware.com/files/pdf/vsphere-vnetwork-ds-migration-configuration-wp.pdf

Reference:

http://kb.vmware.com/1010913

http://vmware.com/files/pdf/vsphere-vnetwork-ds-migration-configuration-wp.pdf


vSphere has introduced many new features. One of new feature is vDS (vNetwork Distributed Switch) which always confuses me and lots of people. I’m trying to explain it as simple and easy, also deep to you as I can. If I make any mistakes, please feel free to leave comment. Thank you.

So What is vDS? What’s difference between vSS and vDS from configure file structure?

vDS is a new Virtual Switch introduced by Vmware. The old vSS is more like local Host property. All switch data saved in the local Host. Other Host is not aware what kind of vSS other Host has.Not only vCenter can’t do anything about it, it causes trouble when you do vMotion.  vDS is saved in both vCenter and Host. One copy in the vCenter, vDS is saved in the SQL database. In the local host, vDS has another local database cache copy sits at /etc/vmware/dvsdata.db. This local cache will be updated by vCenter every 5 minutes.

You can use following command to help you to get copy to read the local host database.

cd /usr/lib/vmware/bin

./net-dvs > /tmp/dvs.txt

then, you can read dvs.txt

Also, after you configure vDS on your local host, your esx.conf (/etc/vmware) has record shows brief configuration information of vDS.

Those 3 configuration combines vDS structure. This also makes vDS can work even after Host disconnected from vCenter.

What’s difference between vSS and vDS on control level?

With vSS, everything should be controlled on local host. Basically, you go to Local Host->Configuration->Networking. Then, you start everything from there. But vDS is different. vDS divide control into 2 different level. I call them high level and low level.

High Level: High level is to create/remove, management teaming, distribution port group etc. This level sits at vCenter->Inventory->Networking.

Low Level: This level is to connect your vm, vmkernel, and your local physical cards to vDS. Please be aware that your vm, vmkernel, etc are connecting to distribute port group. Unlike local vSS (you have create same vswitch, same vswitch port group on all hosts), vDS is pushed from vCenter to all Hosts. As long as you are connecting to same vDS, you will have same distribute port group.

With local physical nic card, they need to connect to dvUPlink side. You can choose any number of local nics to connect or even no nic at all. But what you can’t do is to setup teaming (only work for 2 nics from same host), traffic shaping, VLAN because you need to setup on high level.

To be continued. ……..