functiontemporarilyunavailable

temporarilyunavailable  时间:2021-04-12  阅读:()
VMwarevCloudArchitectureToolkitforServiceProvidersVMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironmentsVersion2.
9January2018TomasFojtaVMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments2|VMwarevCloudArchitectureToolkitforServiceProviders2018Inc.
Allrightsreserved.
ThisproductisprotectedbyU.
S.
andinternationalcopyrightandintellectualpropertylaws.
Thisproductiscoveredbyoneormorepatentslistedathttp://www.
vmware.
com/download/patents.
html.
VMwareisaregisteredtrademarkortrademarkofVMware,Inc.
intheUnitedStatesand/orotherjurisdictions.
Allothermarksandnamesmentionedhereinmaybetrademarksoftheirrespectivecompanies.
VMware,Inc.
3401HillviewAvePaloAlto,CA94304www.
vmware.
comVMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments3|VMwarevCloudArchitectureToolkitforServiceProvidersContentsIntroduction5InteroperabilityandUpgradePath62.
1SolutionInteroperability.
62.
2UpgradePaths7ImpactofNetworkVirtualizationTechnology103.
1CiscoNexus1000V.
103.
2vCloudDirectorNetworkIsolation(VCDNI)10MigrationConsiderations114.
1PortRequirements114.
2vCloudDirectorLegacyEdgeCompatibility.
124.
3Management144.
4Licensing154.
5NSXControllerCluster.
154.
6VMwareNSXVIBUpgrade.
164.
7ControlPlaneMode194.
8VMwarevShieldAppandVMwarevShieldEndpoint20MigrationScenariowithMinimalProductionImpact21ReferenceDocuments23VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments4|VMwarevCloudArchitectureToolkitforServiceProvidersListofTablesTable1.
RequiredNetworkPorts.
11Table2.
NSXControllerClusterRequirements15Table3.
SolutionVersionOverview.
21Table4.
UpgradeScenarioSteps.
21ListofFiguresFigure1.
vCloudDirectortovCloudNetworkingandSecurityandVMwareNSXInteroperability.
6Figure2.
vCloudDirectortovCenterChargebackInteroperability7Figure3.
VMwareNSXUpgradePaths8Figure4.
vCloudDirectorUpgradePaths.
9Figure5.
vCloudNetworkingandSecurityIntegrationwithExternalSwitchProviders.
10Figure6.
VMwareNSXCommunicationRequirements.
11Figure7.
NSXEdgeNodesinLegacyCompatibilityMode12Figure8.
NSXManagerApplianceUserInterface.
14Figure9.
VMwarevCenterSingleSign-OnUserConfiguredinVMwareNSX.
14Figure10.
VMwareNSXUserInterfaceinvSphereWebClient.
15Figure11.
VMwareNSXVIBUpgrade.
16Figure12.
NotReadyStateinVMwareNSXUserInterface17Figure13.
RebootRequiredinvSphere17Figure14.
ChangeofTransportZoneControlPlaneMode(1of2)19Figure15.
ChangeofTransportZoneControlPlaneMode(2of2)19VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments5|VMwarevCloudArchitectureToolkitforServiceProvidersIntroductionVMwarevCloudDirectorreliesonVMwarevCloudNetworkingandSecurityorVMwareNSXforvSpheretoprovideabstractionofthenetworkingservices.
Untilnow,bothplatformscouldbeusedinterchangeablybecausetheybothprovidethesameAPIsthatvCloudDirectorusestoprovidenetworksandnetworkingservices.
ThevCloudNetworkingandSecurityplatformend-of-support(EOS)dateis19September2016.
OnlyNSXforvSpherewillbesupportedwithvCloudDirectorafterthevCloudNetworkingandSecurityend-of-supportdate.
Tosecurethehighestlevelofsupportandcompatibilitygoingforward,migratefromvCloudNetworkingandSecuritytoNSXforvSphere.
Thisdocumentprovidesguidanceandconsiderationstosimplifytheprocessandtounderstandtheimpactofchangestotheenvironment.
NSXforvSphereprovidesasmooth,in-placeupgradefromvCloudNetworkingandSecurity.
TheupgradeprocessisdocumentedinthecorrespondingVMwareNSXUpgradeGuides(versions6.
01,v6.
12,6.
23).
Thisdocumentisnotmeanttoreplacetheseguides.
Instead,itaugmentsthemwithspecificinformationthatappliestotheusageofvCloudDirectorinserviceproviderenvironments.
1http://pubs.
vmware.
com/NSX-6/topic/com.
vmware.
ICbase/PDF/nsx_6_install.
pdf2http://pubs.
vmware.
com/NSX-61/topic/com.
vmware.
ICbase/PDF/nsx_61_install.
pdf3http://pubs.
vmware.
com/NSX-62/topic/com.
vmware.
nsx.
upgrade.
doc/GUID-4613AC10-BC73-4404-AF80-26E924EF5FE0.
htmlVMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments6|VMwarevCloudArchitectureToolkitforServiceProvidersInteroperabilityandUpgradePathVMwareprovidessolutioninteroperabilityandupgradepathmatrixes4thatlistverifiedandsupportedproductcombinations.
Thesematrixesareupdatedfrequentlyasnewproductversionsarereleased.
Therefore,refertothematrixesbeforetheactualmigrationplanning.
2.
1SolutionInteroperabilityThefollowingfigurehighlightskeyconstraintsandconsiderationsthatarevalidatthetimeofthiswriting.
ThekeyconsiderationfocusesonvCloudDirectorsupportoftheunderlyingnetworkingplatformreleases.
Figure1.
vCloudDirectortovCloudNetworkingandSecurityandVMwareNSXInteroperability4http://partnerweb.
vmware.
com/comp_guide2/sim/interop_matrix.
phpVMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments7|VMwarevCloudArchitectureToolkitforServiceProvidersNotevCloudDirector8.
10supportsonlyVMwareNSXandisnotcompatiblewithvCloudNetworkingandSecurity.
ThismeansmigrationfromvCloudNetworkingandSecuritytoVMwareNSXmustbedonewhilerunningavCloudDirectorversionearlierthan8.
10.
ThenetworkplatformversionisstoredinvClouddatabaseandcheckedduringavCloudDirector8.
10upgrade.
Therearealsoothersolutioninteroperabilityconstraintsbasedonserviceproviderenvironments.
Forexample,whileVMwareNSXprovidesbackwardcompatibilityforVMwarevShieldAPIs(sothatmostofthetoolsusingtheseAPIsstillfunction),serviceprovidersareencouragedtoverifysupportpriortotheiractualproductionupgrade.
Thesetoolsmightincludecustomnetworkmonitoringormeteringsolutions.
Forexample,VMwarevCenterChargebackManagercollectsnetworktransferdatathroughtheVMwarevShieldManagerDataCollectorthatusesavShieldAPI.
NoteAtthetimeofwritingthisdocument,themostrecentversionofvCenterChargebackManager,version2.
7.
1,isnotsupportedwithvSphere6andvCloudDirector8.
10.
Figure2.
vCloudDirectortovCenterChargebackInteroperability2.
2UpgradePathsIngeneral,theupgradefromvCloudNetworkingandSecuritytoNSXforvSphereisachievedbyupgradingvShieldManagerwithaspecialVMware-vShield-Manager-Upgrade-bundle-to-NSXupgradebundle.
CurrentlythisupgradebundleisavailableforallNSXforvSpherereleases,except6.
2.
1.
VMwarerecommendsupgradingtothehighestsupportedVMwareNSXversionbasedonthevarioussolutionsandtoolsincorporatedintheserviceproviderenvironment(vCloudDirector,vSphere,andsoon).
VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments8|VMwarevCloudArchitectureToolkitforServiceProvidersFigure3.
VMwareNSXUpgradePathsVMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments9|VMwarevCloudArchitectureToolkitforServiceProvidersFigure4.
vCloudDirectorUpgradePathsVMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments10|VMwarevCloudArchitectureToolkitforServiceProvidersImpactofNetworkVirtualizationTechnologyvCloudDirectorcurrentlysupportsvariousnetworkvirtualizationtechnologies,someofwhicharelegacytechnologiesthatarenolongerrecommendedgoingforward.
ThemostscalablerecommendedvirtualizationtechnologyisVirtualExtensibleLAN(VXLAN).
3.
1CiscoNexus1000VvCloudDirectorsupportstheCiscoNexus1000VvirtualdistributedswitchthroughtheExternalSwitchProviderfeatureofvShieldManager.
ThevShieldAPIcallstodeploy,manage,ordeletevirtualnetworksarethentranslatedtoNetworkSegmentationManagerAPIs,whichrunontheCiscoVirtualSupervisorModule—themanagementcomponentofNexus1000Vswitch.
ThelogicalnetworkscanbeVLAN-basedorVXLAN-based.
Figure5.
vCloudNetworkingandSecurityIntegrationwithExternalSwitchProvidersThisfunctionalityisnolongersupportedwithVMwareNSX.
Insuchcases,youmustfirstmigratefromCiscoNexus1000VtoVMwarevSphereDistributedSwitchandthensubsequentlymigratetoVMwareNSX.
Theactualmigrationstepsareoutofscopeforthisdocument.
3.
2vCloudDirectorNetworkIsolation(VCDNI)BeforeVXLANgainedmassadoption,vCloudDirectorreliedonvCloudnetworkisolationtechnologytoprovidealogicalnetworkoverlay.
ThisMAC-in-MACproprietaryencapsulationtechnologyisstillsupported,however,supportforthistechnologyisnowdeprecated.
UnlikeVXLANlogicalnetworks,VCDNIlogicalnetworksarecreateddirectlybyvCloudDirector,whichcommunicateswithVMwareESXihoststhroughthevCloudAgentrunningintheVMkernel.
Therefore,avCloudNetworkingandSecurityupgradehasnoimpactonVCDNInetworksandthereisnolimitationofusingthemtogetherwithVMwareNSX.
Serviceprovidersare,however,encouragedtouseVXLANtechnologybecauseVCDNIisadeprecatedtechnologyandissupportedonlyforlegacydeployments.
ThemigrationstepsfromVCDNItoVXLANareoutofscopeforthisdocument.
VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments11|VMwarevCloudArchitectureToolkitforServiceProvidersMigrationConsiderations4.
1PortRequirementsNSXforvSphererequiresadditionalportstobeopenedbetweenvariouscomponentsoftheserviceprovider'ssolution.
Thisisduetothenewcontrolplanemechanismaswellasthemanagementplanemessagebus.
Figure6.
VMwareNSXCommunicationRequirementsTable1.
RequiredNetworkPortsSourceTargetPortProtocolNotesESXiHostVMwareNSXManager5671TCPNewrequirement(RabbitMQ)ESXiHostVMwareNSXController1234TCPNewrequirement(UserWorldAgent)NSXManagerNSXController443TCPNewrequirementNSXControllerNSXController2878,2888,3888,7777,30865TCPNewrequirementNSXManagerVMwarevCenterServer443,902TCPSameasvShieldManagervCenterServerNSXManager80TCPSameasvShieldManagerNSXManagerESXiHost443,902TCPSameasvShieldManagerNSXManagerESXiHost8301,8302UDPNewrequirement(DVSSync)VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments12|VMwarevCloudArchitectureToolkitforServiceProvidersSourceTargetPortProtocolNotesESXiHostNSXManager8301,8302UDPNewrequirement(DVSSync)ESXiHostvCenterServer80TCPSameasvShieldManagervCenterServerESXiHost80TCPSameasvShieldManagerNoteAdditionalportsareneededforNTP(TCP123),DNS(TCP53),andSyslog(TCP514).
4.
2vCloudDirectorLegacyEdgeCompatibilityTherearechangesinbehaviorbetweenvCloudDirector8.
10andpreviousversions.
4.
2.
1vCloudDirector8.
0andEarlierInvCloudDirector8.
0andearlierversions,OrganizationVDCandvAppedgegatewaysaredeployedinvShield(legacy)compatibilitymode(NSXEdgeversion5.
5.
4).
Figure7.
NSXEdgeNodesinLegacyCompatibilityModeItisimportantinvCloudDirector8.
0andearliernottoupgradelegacyedgeservicesgatewaystoVMwareNSXversion6becausethiswillbreakvCloudDirectorcompatibility.
OlderversionsofvCloudDirector5.
5.
xand5.
6.
xhaveabugthatresultsinanedgeupgradeonvCloudDirectorredeployaction.
Topreventthisbehavior,thefollowingvCloudDirectordatabasechangeisnecessarypriortovCloudNetworkandSecuritymigration.
WhenupgradingtoVMwareNSX6.
2,addthefollowinglinetotheconfigtableinthevCloudDirectorSQLServerdatabase:INSERTINTOconfig(cat,name,value,sortorder)VALUES('vcloud','networking.
edge_version_for_vsm6.
2','5.
5',0);NoteUsenetworking.
edge_version_for_vsm6.
1ifNSX6.
1isusedornetworking.
edge_version_for_vsm6.
0ifNSX6.
0isused.
Formoreinformation,seethefollowingVMwareKnowledgeBasearticles:http://kb.
vmware.
com/kb/2096351andhttp://kb.
vmware.
com/kb/2108913.
VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments13|VMwarevCloudArchitectureToolkitforServiceProviders4.
2.
2vCloudDirector8.
10InvCloudDirector8.
10,edgegatewaysandvAppedgesaredeployedasfullNSXEdgenodes(version6.
x)withthesamefeatureset,accessiblethroughtheuserinterfaceorAPI,aslegacyNSXEdgenodes.
vCloudDirector8.
10alsosupportslegacyedgesdeployedbeforeupgradetovCloudDirector8.
10.
VMwarerecommendsredeployingtheoldedgesinvCloudDirectororupgradingtheminVMwareNSXtoleveragethemoreefficientmessagebuscommunicationmodewithNSXManagerasopposedtothelegacyVIXAPImode.
IftheNSXEdgenodesareupgradeddirectlyinVMwareNSX,verifythatvCloudDirectorisstillrunningbecauseitneedstobenotifiedabouttheNSXEdgeversionchange.
ThefollowingPowerShellscriptshowshowtheVMwareNSXAPIcanbeusedtoautomatetheupgradeofallNSXEdgenodes(shownforinformationalpurposesonly).
$Username="admin"$Password="default"$NSXManager="nsx01.
gcp.
local"$TargetVersion="6.
2.
3"###Createauthorizationstringandstorein$head$auth=[System.
Convert]::ToBase64String([System.
Text.
Encoding]::UTF8.
GetBytes($Username+":"+$Password))$head=@{"Authorization"="Basic$auth"}##Gettotalnumberofedges$Request="https://$NSXManager/api/4.
0/edges"$r=Invoke-WebRequest-Uri($Request+"startIndex=0&pageSize=1")-Headers$head-ContentType"application/xml"-ErrorAction:Stopif($r.
StatusCode-eq"200"){Write-Host-BackgroundColor:Black-ForegroundColor:GreenStatus:Connectedto$NSXManagersuccessfully.
}$TotalNumberOfEdges=([xml]$r.
content).
pagedEdgeList.
edgePage.
pagingInfo.
totalCount##Getalledges$r=Invoke-WebRequest-Uri($Request+"startIndex=0&pageSize="+$TotalNumberOfEdges)-Headers$head-ContentType"application/xml"-ErrorAction:Stop[xml]$rxml=$r.
Content$Edges=@()foreach($EdgeSummaryin$rxml.
pagedEdgeList.
edgePage.
edgeSummary){$n=@{}|selectName,Id,Version$n.
Name=$edgeSummary.
Name$n.
Id=$edgeSummary.
objectId$n.
Version=$edgeSummary.
appliancesSummary.
vmVersion$Edges+=$n}##Upgradealledgesforeach($Edgein$Edges){if($Edge.
Version-ne$TargetVersion){##UpgradeedgeWrite-Host"UpgradingEdge"$Edge.
Name$Uri="https://$NSXManager/api/4.
0/edges"+"/"+$Edge.
Id+"action=upgrade"$r=Invoke-WebRequest-URI$Uri-MethodPost-Headers$head-ContentType"application/xml"-Body$sxml.
OuterXML-ErrorAction:Stop}}Note:Theupgrade(orredeploy)ofanNSXEdgegatewayimpactsnetworktrafficforashorttime.
VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments14|VMwarevCloudArchitectureToolkitforServiceProviders4.
3ManagementvCloudNetworkingandSecurityismanagedfromauserinterfacethatisaccessedthroughthevShieldManagerapplianceFQDNorthroughtheVMwarevSphereClient(theinstallableversion).
WhenvShieldManagerisupgradedtoNSXManager,itsuserinterfaceisusedonlyformanagementoftheappliance,whiletheVMwareNSXmanagementisperformedfromtheVMwarevSphereWebClientNSXplug-in.
TheNSXManagerapplianceuserinterfaceisaccessedwithalocalaccount.
ThisistheaccountusedforaccessingthevShieldManagerCLI.
Figure8.
NSXManagerApplianceUserInterfaceTheVMwareNSXuserinterfaceinthevSphereWebClient(seeFigure10)isaccessedwiththeVMwarevCenterSingleSign-OnuserwhohasthenecessaryprivilegesinVMwareNSX(seethefollowingfigure).
Figure9.
VMwarevCenterSingleSign-OnUserConfiguredinVMwareNSXVMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments15|VMwarevCloudArchitectureToolkitforServiceProvidersFigure10.
VMwareNSXUserInterfaceinvSphereWebClient4.
4LicensingVMwareNSXusesadifferentlicensekeythanvCloudNetworkingandSecurity.
AfteranupgradeofvShieldManagertoNSXManager,VMwareNSXwillrunundera60-daytriallicense.
YoumustassignaVMwareNSXlicensekeyinthevSphereWebClient.
4.
5NSXControllerClusterTheNSXControllerclusterisacompletelynewcomponent,whichisdeployedaftersuccessfulNSXManagermigration.
TheclustermustbedeployedbeforeanyoftheadvancedVMwareNSXfeaturesthatrequireitcanbeused.
Table2.
NSXControllerClusterRequirementsNSXFeatureNSXControllerClusterRequirementVXLANtransportcontrolplaneMulticastHybridUnicastDistributedfirewall*NSXEdgeservicesgatewaysDistributedLogicalRouter*VXLAN–VLANbridging*ARPsuppressionVMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments16|VMwarevCloudArchitectureToolkitforServiceProviders*ThesefeaturesarenotnativelyexposedthroughthevCloudDirectoruserinterfaceorAPI.
ThefollowingareNSXControllerclusterdesignconsiderations:TheNSXControllerclusterconsistsofNSXControllernodes,whicharedeployedbyNSXManagertothevSphereenvironmentwhichtheNSXManagerispairedwith.
Therefore,theNSXControllerisrunningintheresourcegroup(customerworkload)vSphereclusters.
AnNSXControllerclusteralwaysconsistsofthreenodes(virtualmachines)deployedbyNSXManager.
Forhighavailabilitypurposes,eachNSXControllernodemustbeplacedonadifferenthost.
Thiscanbeachievedwithamanually-created,anti-affinityDRSrulewithinvSphere.
TheNSXControllernodeVMmustbeconnectedtoastandardordistributedportgroup.
ItcannotbeconnectedtoaVXLAN-basedportgroup(logicalswitch).
NSXControllerinstancesmusthavenetworkconnectivitytoNSXManagerandESXimanagementvmknics.
TheydonotneedtobedeployedinthesameL2subnetorvSpherecluster.
4.
6VMwareNSXVIBUpgradeVMwareNSXmustreplacethevShieldVMkernelmodulesandinstallnewVMwareInstallationBundles(VIBs)oneveryvCloudDirectormanagedESXihost.
ThisisdoneintheVMwareNSXuserinterfacebyclickingUpdatenexttoeachvSpherecluster.
Figure11.
VMwareNSXVIBUpgradeTheupgradeofvShieldorVMwareNSXVIBsrequiresareloadofthenewESXiimageand,therefore,arebootoftheESXihost.
VMwareNSXautomaticallytriestoputeachhostintomaintenancemodeandrebootit.
Thisaction,however,isnotrecommendedinvCloudDirectorenvironmentsfortworeasons:BeforeahostisputintoavSpheremaintenancemode,disableitinvCloudDirectorsothatvCloudDirectordoesnottrytoscheduletasksonthehost(forexample,toperformimageuploads).
Allworkloads(notonlyrunningVMs)mustbeevacuatedduringthemaintenancemode.
AcustomerwhodecidestopoweronaVMorcloneaVMthatisregisteredtoarebooting(andtemporarilyunavailable)hostwouldbeotherwiseimpacted.
VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments17|VMwarevCloudArchitectureToolkitforServiceProvidersTherefore,VMwarerecommendsthefollowingstepsinstead:1.
BeforeaVIBupgrade,changetheVMwarevSphereDistributedResourceScheduler(DRS)automationmodetomanualoneachvSphereclustertopreventVMwareNSXfromattemptingtoputhostsinmaintenancemode.
CautionDonotdisableDRS.
DisablingDRSwilldeleteyourresourcepoolsandcorruptyourvCloudDirectorinstallation.
2.
AftertheVIBinstallationfinishes,changetheDRSautomationmodetotheinitialsetting.
IntheVMwareNSXuserinterface,hostswillbeintheNotReadystateandwillrequirearebootinvSphere.
Figure12.
NotReadyStateinVMwareNSXUserInterfaceFigure13.
RebootRequiredinvSphere3.
MakesurethateachvSphereclusterhasenoughcapacitytotemporarilyrunwithoutonehost.
(ItisverycommontohaveatleastN+1HAredundancy.
)4.
DisablethehostinvCloudDirector.
5.
PutthehostintovSpheremaintenancemodewhileevacuatingallrunning,suspended,andpowered-offVMs.
6.
Rebootthehost.
7.
Whenthehostcomesup,exitthemaintenancemode.
8.
EnablethehostinvCloudDirector.
9.
Repeatwithotherhosts.
Steps4-9canbeeasilyautomatedandscripted,forexample,withVMwarevSpherePowerCLI.
VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments18|VMwarevCloudArchitectureToolkitforServiceProvidersThefollowingscriptisshownforinformationalpurposesonly.
##ConnecttovCloudDirectorandallvCenterServersitmanagesConnect-CIServer-Servervcloud.
gcp.
local-UserAdministrator-PasswordVMware1!
Connect-VIServer-Servervcenter.
gcp.
local-UserAdministrator-PasswordVMware1!
$ESXiHosts=Search-cloud-QueryTypeHostforeach($ESXiHostin$ESXiHosts){$CloudHost=Get-CIView-SearchResult$ESXiHostWrite-HostWrite-Host"Workingonhost"$CloudHost.
NameWrite-Host"DisablinghostinvCloudDirector"$CloudHost.
Disable()Write-Host"Evacuatinghost"Set-VMHost$CloudHost.
Name-StateMaintenance-Evacuate|Out-NullWrite-Host"Rebootinghost"Restart-VMHost$CloudHost.
Name-Confirm:$false|Out-NullWrite-Host-NoNewline"Waitingforhosttocomeonline"do{sleep15$HostState=(get-vmhost$CloudHost.
Name).
ConnectionStateWrite-Host-NoNewline".
"}while($HostState-ne"NotResponding")do{sleep15$HostState=(get-vmhost$CloudHost.
Name).
ConnectionStateWrite-Host-NoNewline".
"}while($HostState-ne"Maintenance")Write-HostWrite-Host"Hostrebooted"Set-VMHost$CloudHost.
Name-StateConnected|Out-NullWrite-Host"EnablingHostinvCloudDirector"$CloudHost.
Enable()}VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments19|VMwarevCloudArchitectureToolkitforServiceProviders4.
7ControlPlaneModeWhentheNSXControllerclusterisdeployed,themulticastcontrolplanemodecanoptionallybechangedtounicastorhybridmodestoenablecontroller-basedVXLANoverlays.
Theunicastcontrolplanemodedoesnotrequiremulticastintheunderlyingnetworkatall.
HybridmodedoesnotrequiremulticastroutingacrossL3domains(PIM)butreliesonmulticastineachL2switchingdomain.
ThechangeofthecontrolplanemodeismadeintheVMwareNSXuserinterfaceonthetransportzonescorrespondingtoeachProviderVirtualDataCenter(PVDC)VXLANnetworkpool.
Allexistinglogicalswitches(VXLANlogicalnetworks)mustbemigratedtothenewcontrolplanemodeaswell.
Figure14.
ChangeofTransportZoneControlPlaneMode(1of2)Thechangeofcontrolplanemodeandmigrationofexistinglogicalswitcheshasnoimpactonthenetworkingdataplanetraffic.
Figure15.
ChangeofTransportZoneControlPlaneMode(2of2)VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments20|VMwarevCloudArchitectureToolkitforServiceProviders4.
8VMwarevShieldAppandVMwarevShieldEndpointvCloudNetworkingandSecurityoffersahypervisor-basedfirewall(VMwarevShieldApp)andantivirusandanti-malwareplatform(VMwarevShieldEndpoint)forthird-partyvirtualappliances.
WhenupgradingtoVMwareNSX,thesetechnologiesaremigratedtotheVMwareNSXDistributedFirewallandVMwareNSXGuestIntrospection.
BecauseneitherofthesetwotechnologiesisprovidedthroughvCloudDirector,descriptionsoftheprocessfortheirmigrationareoutofscopeforthisdocument.
TheVMwareNSXUpgradeGuidesprovideareferenceforthemigrationstepsanddescribetheserviceimpact.
VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments21|VMwarevCloudArchitectureToolkitforServiceProvidersMigrationScenariowithMinimalProductionImpactThefollowingscenarioshowsanexampleofaserviceprovidermigratingfromvCloudNetworkingandSecurity,whileatthesametimeupgradingtonewversionsofvCloudDirectorandvSphere.
Impactonthedurationofthemaintenancewindow(andthusonendusers)isalsodiscussed.
Table3.
SolutionVersionOverviewSolutionInitialVersionTargetVersionvCloudDirector5.
6.
48.
10vCloudNetworkingandSecurity/VMwareNSXvCloudNetworkingandSecurity5.
5.
4VMwareNSX6.
2.
2vSphere(vCenterServerandESXi)5.
5U26.
0U2vCenterChargebackManager2.
72.
7.
x5TherecommendedpathforthesolutioninstallationandupgradesisdescribedinthefollowingtabletogetherwiththeimpactonthevCloudDirectorportal,theabilitytomanagevCloudDirectorobjectsthroughthevCloudUI/API,andtheimpactoncustomer'srunningworkloads.
Table4.
UpgradeScenarioStepsStepDescriptionvCloudDirectorPortalImpactManageabilityImpactWorkloadImpact1.
UpgradevCenterChargebackManagerfrom2.
7to2.
7.
x.
NoneNoneNone2.
UpgradevCloudDirectorfrom5.
6.
4to8.
0.
1.
ThiscanbedoneasarollingupgradewhenonlythelastcellanddatabaseconfigurescriptactuallyrequiresvCloudDirectordowntime.
Yes(inminutes)Yes(inminutes)None3.
DisableaspecificvCenterServerinstanceinvCloudDirector6.
ThenupgradetherelatedvShieldManagerwiththeVMware-vShield-Manager-Upgrade-bundle-to-NSXupgradebundle.
Aftertheupgradeiscomplete,enablethevCenterServerinvCloudDirector.
NoneYesfortheworkloadsmanagedbythespecificvCenterServer(30-60mins)None5Atthetimeofthiswriting,vCenterChargebackManagerisnotcompatiblewithvSphere6.
6SeeDisabledvCenterServerContinuestoAcceptvCloudDirectorOperations(https://kb.
vmware.
com/kb/2145610)forimportantconsiderations.
VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments22|VMwarevCloudArchitectureToolkitforServiceProvidersStepDescriptionvCloudDirectorPortalImpactManageabilityImpactWorkloadImpact4.
Repeatstep3forallothervCenterServerinstancesmanagedbyvCloudDirector.
5.
DeploytheNSXControllercluster.
NoneNoneNone6.
UpgradeVMwareNSXVIBsonallhosts(seeSection4.
6).
NoneNoneNone7.
(Optional)ChangethecontrolplanemodeandmigrateallVXLANnetworks.
NoneNoneNone8.
DisableaspecificvCenterServerinstanceinvCloudDirector7.
UpgradethevCenterServerfrom5.
5U2to6.
0U2.
Whencomplete,enablethevCenterServerinvCloudDirector.
NoneYes,fortheworkloadsmanagedbythespecificvCenterServer(30-60mins)None9.
Repeatstep8forallothervCenterServerinstancesmanagedbyvCloudDirector.
10.
UpgradeeachESXihost.
(UseasimilarapproachtothatdiscussedinSection4.
6.
)NoneNoneNone11.
UpgradevCloudDirectorfrom8.
0.
1to8.
10.
ThiscanbedoneasarollingupgradewhenonlythelastcellanddatabaseconfigurescriptactuallyrequiresvCloudDirectordowntime.
Yes(inminutes)Yes(inminutes)None12.
(Optional)UpgradeallNSXEdgegatewaystoversion6.
2.
NoneNoneAfewsecondsofnetworkimpactoneachNSXEdgegateway7SeeDisabledvCenterServerContinuestoAcceptvCloudDirectorOperations(https://kb.
vmware.
com/kb/2145610)forimportantconsiderations.
VMwarevCloudNetworkingandSecurityUpgradetoVMwareNSXinVMwarevCloudDirectorEnvironments23|VMwarevCloudArchitectureToolkitforServiceProvidersReferenceDocumentsItemURLVMwareNSX6.
2UpgradeGuidehttp://pubs.
vmware.
com/NSX-62/index.
jsptopic=%2Fcom.
vmware.
nsx.
upgrade.
doc%2FGUID-C4A1FE0E-7319-494A-A776-BAD3D9208FDA.
htmlVMwareNSX6.
1InstallationandUpgradeGuidehttp://pubs.
vmware.
com/NSX-61/topic/com.
vmware.
ICbase/PDF/nsx_61_install.
pdfVMwareNSX6.
0InstallationandUpgradeGuidehttp://pubs.
vmware.
com/NSX-6/topic/com.
vmware.
ICbase/PDF/nsx_6_install.
pdfVMwareProductInteroperabilityMatrixeshttp://partnerweb.
vmware.
com/comp_guide2/sim/interop_matrix.
phpArchitectingaVMwarevCloudDirectorSolutionfortheVMwareCloudProviderProgramhttp://www.
vmware.
com/content/dam/digitalmarketing/vmware/en/pdf/vcat/vmware-architecting-a-vcloud-director-solution.
pdfVMwarevCloudArchitectureToolkitforServiceProviders(vCAT-SP)http://www.
vmware.
com/solutions/cloud-computing/vcat-sp.
htmlvCloudArchitectureToolkitBloghttp://blogs.
vmware.
com/vcat/

virmach:3.23美元用6个月,10G硬盘/VirMach1核6个月Virmach

virmach这是第二波出这种一次性周期的VPS了,只需要缴费1一次即可,用完即抛,也不允许你在后面续费。本次促销的是美国西海岸的圣何塞和美国东海岸的水牛城,周期为6个月,过后VPS会被自动且是强制性取消。需要临时玩玩的,又不想多花钱的用户,可以考虑下!官方网站:https://www.virmach.comTemporary Length Service Specials圣何塞VPS-一次性6个...

justhost:“第4次VPS测评”,8.3元/月,200M带宽,不限流量,KVM虚拟,4个俄罗斯机房应有适合你的

justhost.ru官方来消息说已经对网络进行了比较全面的优化,针对中国电信、联通、移动来说,4个机房总有一个适合中国用户,让站长进行一下测试,这不就有了这篇有关justhost的VPS的第四次测评。本帖主要关注的是网络,对于其他的参数一概不管! 官方网站:https://justhost.ru 最低配VPS:8.3元/月,KVM,512M内存,5G硬盘,200M带宽,不限流量 购买链接:...

Megalayer(159元 )年付CN2优化带宽VPS

Megalayer 商家我们还算是比较熟悉的,商家主要业务方向是CN2优化带宽、国际BGP和全向带宽的独立服务器和站群服务器,且后来也有增加云服务器(VPS主机)业务。这次中秋节促销活动期间,有发布促销活动,这次活动力度认为还是比较大的,有提供香港、美国、菲律宾的年付VPS主机,CN2优化方案线路的低至年付159元。这次活动截止到10月30日,如果我们有需要的话可以选择。第一、特价限量年付VPS主...

temporarilyunavailable为你推荐
队列route香港iphone支持ipad小企业如何做品牌中小企业如何建立品牌效应,提升品牌效应 ?2019支付宝五福2019年1月25日今天的支付宝集五福了吗?sqlserver数据库sql server数据库是什么 型数据库特朗普吐槽iPhone为什么iphone x卖的这么好美要求解锁iPhone怎么用爱思手机助手解锁苹果手机?人人视频总部基地落户重庆2019.5.30号以后重庆有了新的迁入户口政策,请问外省户口以一般人才方式迁入重庆,可以按揭买房吗flashftp下载《蔓蔓青萝(全)》.TXT_微盘下载
hawkhost 狗爹 外国服务器 日志分析软件 私有云存储 铁通流量查询 电子邮件服务器 怎么测试下载速度 卡巴斯基试用版 gtt google台湾 免费的域名 宿迁服务器 阿里云邮箱怎么注册 phpinfo phpwind论坛 ping值 screen ddos攻击工具 海康流媒体服务器 更多