OmniVista 2500 Virtual Machine Management (VMM) edemo Script Table of Contents 1. Introduction... 2 2. Demo Setup and Short Description... 3 3. Demo connectivity... 4 Connectivity through Remote Desktop Connection... 4 Connectivity through locally installed applictions... 7 Virtual Intranet Access (VIA) Client... 7 VMware vsphere client 5.5 (or later)... 9 OmniVista 2500... 11 4. Demo Run... 12 Connect to vsphere Client... 12 Connect to OV... 13 VM Manager... 14 Hypervisors Systems... 15 VMM Devices List... 16 VM Locator Host Networks... 17 VM Locator VM Networks... 18 VLAN Notification... 19 VM VLAN Configuration... 20 MVRP configuration... 27 VM Migration... 31 5. Reset the demo... 35 1
1. Introduction OmniVista 2500 Virtual Network Manager (OV2500 VMM ) is a software component of OmniVista 2500 NMS focusing on providing visibility of Virtual Management hypervisor, associated Virtual Machines and network infrastructure provisioning based on Virtual Machines movements, Its purpose is to simplify network equipment configuration, deployment related to Virtual Machine movements initiated by Virtualization Hypervisor platforms. Using the OmniVista 2500 VMM, network operators can monitor and control virtual networks, ensuring that virtual network policies are consistently and automatically applied across the infrastructure. During the VMM demo audience would be able to witness: Inter-operability of VMM with VMware s vcenter Information required and originated from VM Hypervisor such as VMware Vcenter: o Host (Hypervisor) name and its Mac/IP address o Vlan, VSwitch, VNIC and Physical NIC associations o Virtual Machine Name o Virtual Machine MAC/IP and associated VM Network Vlan ID o Other info from Hypervisor/Vcenter if available, such as VMProfile Location and tracking of discovered Virtual Machines (VM) A unified view of switches, Ports, Hypervisors and Virtual Machines related info. This specific component shall provide way for the network administrator to establish visibility and resource associations between entities from the Network infrastructure and Virtualization/Storage environment Universal Network Profile (UNP) creation, deployment and management UNP feature provides network administrators with the ability to define and apply network access control to specific types of devices according to specific 2
matching profile criteria. This allows network administrators to create virtual machine network profiles (vnps) and user network profiles from a unified framework of operation and administration. o A VLAN tag classification will be used to create VLAN port based on the VLAN ID contained in device packets. o The profile can allow, deny, or require actions by users or machines on the network. o Membership to a VLAN is based on UNP profile criteria therefore devices assigned to the VLAN are not tied to a specific port or switch allowing device mobility within the network while maintaining network security. Realtime UNP support in dynamic VM migrations across the network 2. Demo Setup and Short Description As it could be seen on the above picture this demo consists of: two OS 6900, release 7.3.4R02 or higher, OmniVista 2500, release 4.2.1 or higher, two VMWare ESXi hypervisors and VMVare vcenter 3
In this demo presenter will show the audience how OmniVista notifies about missing Qtag configuration on the switch related to VideoServer VLAN 906 Virtual Machine causing communication of Video Server with the switches to fail (1), how to create UNP profile in the OmniVista and apply it to the respectable switches and ports (2), how to apply MVRP configuration between two switches for the VLAN used by VideoServer (3) and at the end migration of VideoServer from one hypervisor to another accross the network experiencing only a subsecond communication interruption due to functionality and features supported by OmniVista and UNP. 3. Demo connectivity There are two options available to connect to the demo setup, using Remote Desktop Connection provided by edemo administrator or through installing Virtual Internet Client & vspehere client locally on presenter s station. Connectivity through Remote Desktop Connection Upon approval of demo request, one will receive an email from edemo with approved slots and Details for connection including all necessary login credentials available for the requested timeslot similar to this Details for connection: vmm o Computer: 192.168.6.11 o o o Remote Desktop gateway: dmz33-rdpgw.al-mydemo.com First login (Your personal one for the gateway): ebs\slaven.rumenjak First password (Your personal one for the gateway):... o Second login: ebs\vmm o Second password:... 4
Attached to this email one will also receive vmm.rdp file. Upon starting Remote Desktop session the following screen will appear: Click on Connect and use the First login/password credentials provided in the email After which enter the Second password provided in the email 5
Successfully passing the second login you will be presented with the desktop from which you can further start OmniVista 2500 and vspeher client. Note that you will still need credentials to login to both but there is no need for installing vsphere client on your laptop and using local browser to connect to OmniVista. One can start vsphere client using the following connectivity details and credentials: Remote Server: 192.168.6.206 Username: root Password: adminswitch2014! OmniVista can be started using first credentials received in the mail from edemo: o o First login (Your personal one for the gateway): ebs\slaven.rumenjak First password (Your personal one for the gateway):... 6
Connectivity through locally installed applictions Virtual Intranet Access (VIA) Client Since most of the VMM demos will be performed on customer s site and without direct connectivity to ALE resources on internal network one has to have installed Virtual Intranet Access (VIA) client, a hybrid IPsec/SSL VPN application to access demo physically hosted in ALE facilities in Brest. The VIA client with appropriate profile is available and could be downloaded from at https://195.128.146.40/via with the following credentials: User: dtdata1 Password: dtdata#vpn1! Once downloaded and installed, use VIA client to connect to demo premises using following details and credentials: Remote Server: 195.128.146.40 Username: dtdata1 Password: dtdata#vpn1! 7
Once connected you will receive the screen similar to this: 8
VMware vsphere client 5.5 (or later) The vsphere Client will be used to access vcenter Server located at ALE premises and hosting virtual machines like Video Server and other resources required in this demo. After successful authentication, a session starts in vcenter Server allowing the demonstrator to see and utilize assigned virtual machines. One can download vsphere Client from the following web site: https://kb.vmware.com/selfservice/microsites/search.do?language=en_us&cmd=dis playkc&externalid=2089791 Once downloaded and installed, use vsphere Client to connect to demo vsphere Server using following connectivity details and credentials: Remote Server: 192.168.6.206 Username: root Password: adminswitch2014! 9
Upon entering above credentials you will receive the Security Warning message. Click on Ignore button. After successful login you will be presented with the Home page of vsphere Client where you can find VideoServer VLAN906 Virtual Machine installed on host 192.168.6.100. 10
OmniVista 2500 OmniVista 2500 could be accessed via web browser using the following address: https://192.168.6.214/login.html 11
4. Demo Run Perform the following steps to perform VMM demo Connect to vsphere Client Using vsphere client verify that VM VideoServer VLAN906 is connected to the host 192.168.6.100. At the beginning of the demo provisioned VM has no connectivity with the network which could be verified using ping utility towards IP Gateway address residing on the switch. To start continues ping double-click on ping gateway icon via Console of the VM. Verify that response is Request timed out. 12
Connect to OV By connecting to OV you will be presented with the Home Page displaying a dashboard with application widgets for a quick overview of key applications. Since the dashboard is customizable it is possible that the Hope Page will look slightly different than presented here. 13
VM Manager The OmniVista Virtual Machine (VM) Manager application interfaces with vsphere, XenServer, or Hyper-V to provide a single GUI interface to easily monitor Virtual Machines, including tracking Virtual Machines and their network associations if the machines move to a different Host on the network. Moreover, VM Manager interfaces with the Universal Network Profile (UNP) feature within OmniVista's Access Guardian application to shape Virtual Machine traffic based on userconfigured UNP rules (e.g., VLAN Tag Rules, IP Rules, MAC Range Rules). VM Manager is reachable from Hope Page via Network VM Manager 14
Hypervisors Systems The VM Manager Hypervisor Systems Screen displays a list of all VM Servers connected to OmniVista; and is used to configure the connection from OmniVista to a VM Server. Verify your Hypervisor System, in this case VMWare vcenter (IP address 192.168.6.206), is listed here. There is no need for any changes on Hypervisor Systems screen. 15
VMM Devices List The VM Manager VM Devices List Screen displays all switches connected to a Host Machine. The list is used to poll switches for VM Locator updates. Verify switches, in this case OS6900-1 (IP address 192.168.6.251) and OS6900-2 (IP address 192.168.6.252) are listed here. There is no need for any changes on VMM Device List screen. 16
VM Locator Host Networks The VM Manager Host Networks Screen is used to search for and display information on the Host Machines on which the Virtual Machines reside. You can view information for all Host Machines or enter search criteria to view specific Host Machines. Verify that hosts with IP addresses 192.168.6.100 and 192.168.6.101 are connected to switches OS6900 with IP addresses 192.168.6.251 and 192.168.6.252. There is no need for any changes on VM Locator Host Networks screen. 17
VM Locator VM Networks The VM Manager VM Networks Screen is used to search for and display information on the Virtual Machines residing on the Host Machine. You can view information for all Virtual Machines or enter search criteria to view specific Virtual Machines. Verify that VM VideoserverVLAN906 residing on Hypervisor Host 192.168.6.100 is connected to port 1/4 of the switch 192.168.6.251. There is no need for any changes on VM Locator VM Networks screen. 18
VLAN Notification The VM Manager VLAN Notification Screen displays displays VM VLAN Notifications generated by the VMM Service for missing VLAN/UNP configuration on a switch slot/port where VMs are connected. The notifications briefly describe the problem and enable you to resolve it. Ideally, no notifications should be present in this panel but if there is one it could be resolved using the Resolve Feature. In this demo OmniVista discovered that Q-tag configuration for VLAN 906 is missing on the port 1/4 causing ping from VM VideoServer VLAN906 towards IP addresses of the switches to fail as shown at the beginning of the demo. This information is presented on an entry created in the Active Notifications of VLAN Notification screen. In order to resolve this problem one has to select active notification from the list (1) and click on Resolve button (2) 19
VM VLAN Configuration User will be transferred to VM VLAN Configuration page used to associate VM VLANs with Universal Network Profiles (UNP), and enable MVRP Ports on network switches/ports. The recommended way to manage Virtual Machines in a data center using VM Manager is to have the Virtual Machines communicate using tagged VLAN packets, and provisioning the network using UNP VLAN Tag Classification rules over UNP Ports. Once all Virtual Machines are associated by VLAN tag with VM VLANs, any Virtual Machine movement will not require further adjustment to the configuration. This also ensures that OmniVista will notify the user through VM VLAN Notifications when a Virtual Machine and its VM VLAN are mis-configured. Resolving the problem of missing Qtag configuration in this demo will start by clicking the first box Apply UNP VLAN 20
The VM Manager Apply UNP VLAN Screen is used to apply VLAN Tag Rules to network switches/ports. 1. Select VLAN Tag Rules - Select an existing VLAN Tag Rule VLAN Tag=906 from the drop-down list. 2. Enable UNP Ports - Enables UNP on the selected ports. By default, UNP Ports are enabled when you create UNP Port Policies. 3. Select UNP Port Policy - Select as UNP Port Policy VideoServersVLAN906 from the drop-down menu 4. Select Devices - Select an option from the drop-down menu "Use Switch Picker" or "Use Topology" and click on the Add/Remove Devices button to select the devices o 192.168.6.251 on which VM VideoServer906 is currently connected o 192.168.6.252 to which we plan to migrate VideoServer906 21
Both switches have to be selected by clicking on + sign. After both switches are selected one has to click on OK. 22
Select Ports - Click on a device and click on the Add Ports button to select the port(s) on which you want to apply the VLAN Tag Rule(s). On each switch select port 1/4 to which VM Hosts are connected and confirm with OK. 23
24
After the ports 1/4 are selected for ach switch confirm the configuration by clicking on Apply after which you will receive the confirmation screen. Click OK to proceed further with the configuration. 25
At this moment you can already check that Check vsphere client and verify there is connectivity for VM after applying UNP profile to the port where Hosts are connected 26
MVRP configuration Next step is to enable Multiple VLAN Registration Protocol (MVRP) on network switches ports used for connectivity between switches. MVRP supports dynamic VLAN registration (and deregistration) on ports in a VLAN bridges network. MVRP has to be configured on ports used for switches interconnectivity (port 1/20 on both switches) to dynamically register VLAN 906. 27
Click on the Add/Remove Devices button to select the both switches on which you want to enable MVRP Ports. Then select a device and click on the Add Ports button to enable MVRP on ports 1/20 on each switch. At the end of the configuration click on Apply to confirm configuration. 28
29
After applying configuration one will receive the confirmation screen. Click OK to proceed further. 30
VM Migration After applying UNP profiles on ports to which VM hosts are connected and configuring MVRP on ports used for switch interconnectivity, the setup is ready to perform migration of VideoServer VLAN906 virtual machine to the second VM Host 192.168.6.101. The network is configured in a way that no service interruption is expected due to migration. Follow the steps to migrate virtual machine from one Host to another. 31
32
33
The migration of VideoServer VLAN906 is successfully performed from one Host to another. Ping utility shows service interruption for a period below one second which is related to VM migration. 34
5. Reset the demo In order to be able to perform the demo following this script one has to, after successfully performing the demo, perform the following steps to set the demo to its starting configuration: - Migrate VideoServer VLAN906 back to Host 192.168.10.100 - Run OV2500 telnet scripts (VMM2_DEMO_RESET_SCRIPT) on both switches Verify the demo is reset properly. VideoServer VLAN906 should lose connectivity with its gateway and ping utility will give response of Request Timed Out as it was at the beginning of this demo. 35