Requirements (business, functional, technical) End User Customer. Subject Matter Experts Stakeholders

Similar documents
VMware Horizon Design and Deploy v6 Additional Slides

vsphere Design and Deploy Fast Track v6 Additional Slides

Administering VMware vsphere and vcenter 5

vsphere Networking Update 1 ESXi 5.1 vcenter Server 5.1 vsphere 5.1 EN

vcenter Server Installation and Setup Modified on 11 MAY 2018 VMware vsphere 6.7 vcenter Server 6.7

EXAM - VCP550. VMware Certified Professional - Data Center Virtualization. Buy Full Product.

VMware Exam VCI550 VMware Certified Instructor on vsphere 5 Version: 7.2 [ Total Questions: 270 ]

vsphere Upgrade Update 2 Modified on 4 OCT 2017 VMware vsphere 6.0 VMware ESXi 6.0 vcenter Server 6.0

vsphere Installation and Setup Update 2 Modified on 10 JULY 2018 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5

vsphere Networking Update 2 VMware vsphere 5.5 VMware ESXi 5.5 vcenter Server 5.5 EN

vcenter Server Installation and Setup Update 1 Modified on 30 OCT 2018 VMware vsphere 6.7 vcenter Server 6.7

Exam Name: VMware Certified Associate Network Virtualization

VMware vsphere: Fast Track [V6.7] (VWVSFT)

VMware vsphere: Fast Track. System administrators System engineers. Cursusduur: 5 Dagen Cursuscode: VSFT Version: 6.7. Beschrijving: Doelgroep:

VMware vsphere with ESX 6 and vcenter 6

VMware vsphere 6.5/6.0 Ultimate Bootcamp

vsphere Networking Update 1 Modified on 04 OCT 2017 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5


Configure RSPAN with VMware

VMware Exam VCP550D VMware Certified Professional 5 - Data Center Virtualization Delta Exam Version: 6.1 [ Total Questions: 270 ]

Configure RSPAN with VMware

Virtual Security Gateway Overview

vsphere Security Update 2 VMware vsphere 5.5 VMware ESXi 5.5 vcenter Server 5.5 EN

2V0-642 vmware. Number: 2V0-642 Passing Score: 800 Time Limit: 120 min.

VMware vsphere: Install, Configure, Manage (vsphere ICM 6.7)

VMware - VMware vsphere: Install, Configure, Manage [V6.7]

vsphere Security Update 2 Modified 04 OCT 2017 VMware vsphere 6.0 VMware ESXi 6.0 vcenter Server 6.0

VMware vsphere 6.5: Install, Configure, Manage (5 Days)

Introduction to Virtualization

Introducing VMware Validated Design Use Cases. Modified on 21 DEC 2017 VMware Validated Design 4.1

ATA Infotech Ventures Pvt. Ltd.

VMWARE VSPHERE: FAST TRACK V6.7 (EDU-VSFT67)

VMware vsphere: Install, Configure, Manage plus Optimize and Scale- V 6.5. VMware vsphere 6.5 VMware vcenter 6.5 VMware ESXi 6.

Vmware VCPC610. VMware Certified Professional 6 - Cloud.

vsphere Networking 17 APR 2018 VMware vsphere 6.7 VMware ESXi 6.7 vcenter Server 6.7

Introducing VMware Validated Design Use Cases

Detail the learning environment, remote access labs and course timings

Customer Onboarding with VMware NSX L2VPN Service for VMware Cloud Providers

vshield Administration Guide

vcloud Air - Virtual Private Cloud OnDemand Networking Guide

VMware vsphere Administration Training. Course Content

21CTL Disaster Recovery, Workload Mobility and Infrastructure as a Service Proposal. By Adeyemi Ademola E. Cloud Engineer

[VMICMV6.5]: VMware vsphere: Install, Configure, Manage [V6.5]

Overview. Prerequisites. VMware vsphere 6.5 Optimize, Upgrade, Troubleshoot

Introducing VMware Validated Designs for Software-Defined Data Center

70-414: Implementing an Advanced Server Infrastructure Course 01 - Creating the Virtualization Infrastructure

VMware vsphere with ESX 4.1 and vcenter 4.1

VCP410 VMware vsphere Cue Cards

Platform Services Controller Administration. Update 1 Modified 03 NOV 2017 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5

Installing and Configuring vcloud Connector

Introducing VMware Validated Designs for Software-Defined Data Center

Introducing VMware Validated Designs for Software-Defined Data Center

"Charting the Course... VMware vsphere 6.5 Optimize, Upgrade, Troubleshoot. Course Summary

Vendor: VMware. Exam Code: VCP550PSE. Exam Name: VMware Certified Professional - Data Center Virtualization (PSE) Version: Demo

Introducing VMware Validated Designs for Software-Defined Data Center

Cisco HyperFlex Systems

Platform Services Controller Administration. Update 1 Modified on 11 DEC 2018 VMware vsphere 6.7 VMware ESXi 6.7 vcenter Server 6.

Quick Start Guide: TrafficWatch

Planning and Preparation. VMware Validated Design 4.0 VMware Validated Design for Remote Office Branch Office 4.0

Deploy the ExtraHop Discover Appliance with VMware

UCS C Series Rack Servers VIC Connectivity Options

Migration. 22 AUG 2017 VMware Validated Design 4.1 VMware Validated Design for Software-Defined Data Center 4.1

Introducing Cisco Cloud Administration CLDADM v1.0; 5 Days; Instructor-led

Platform Services Controller Administration. Modified on 27 JUN 2018 VMware vsphere 6.7 VMware ESXi 6.7 vcenter Server 6.7

vcloud Director Administrator's Guide

Redefining Hybrid Cloud Management with vcenter Hybrid Linked Mode

Creating a VMware Software-Defined Data Center REFERENCE ARCHITECTURE VERSION 1.5

VMware vsphere Customized Corporate Agenda

SnapCenter Software 4.0 Concepts Guide

VMware vsphere 5.5 Advanced Administration

Cisco Nexus 1000V Switch for Microsoft Hyper-V

vsphere Security VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5 EN

Introduction and Data Center Topology For Your System

vsphere Security Modified on 21 JUN 2018 VMware vsphere 6.7 VMware ESXi 6.7 vcenter Server 6.7

VMWARE SOLUTIONS AND THE DATACENTER. Fredric Linder

vrealize Operations Management Pack for NSX for vsphere 3.0

Ordering and deleting Single-node Trial for VMware vcenter Server on IBM Cloud instances

Architecture and Design. 17 JUL 2018 VMware Validated Design 4.3 VMware Validated Design for Management and Workload Consolidation 4.

Basic Configuration Installation Guide

Introducing VMware Validated Designs for Software-Defined Data Center

VMware Integrated OpenStack Quick Start Guide

Securing Containers Using a PNSC and a Cisco VSG

VMware vcloud Director Configuration Maximums vcloud Director 9.1 and 9.5 October 2018

Network Configuration Example

Exam Questions VCPN610

Migrating vrealize Automation 6.2 to 7.1

Data Center Configuration. 1. Configuring VXLAN

Recommended Configuration Maximums. NSX for vsphere Updated on August 08, 2018

Cisco Virtual Networking Solution for OpenStack

Deploy the ExtraHop Discover Appliance with VMware

Deployments and Network Topologies

Managing the VMware Cloud on AWS Data Center. 7 MAR 2018 VMware Cloud on AWS

vsphere Replication for Disaster Recovery to Cloud vsphere Replication 8.1

PASS4TEST 専門 IT 認証試験問題集提供者

vsphere Security Update 1 Modified 03 NOV 2017 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5

vcenter Server and Host Management 17 APR 2018 VMware vsphere 6.7 VMware ESXi 6.7 vcenter Server 6.7

Basic Configuration Installation Guide

IBM Cloud for VMware Solutions Zerto Virtual Replication

New Features in VMware vsphere (ESX 4)

vsphere Security Update 2 Modified on 22 JUN 2018 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5

Transcription:

Requirements (business, functional, technical) Goal Business Case Requirements Compliance rules Manage Expectations End User Customer Subject Matter Experts Stakeholders Current Environment Knowledge and experience Applications Physical environment Networking Virtualization environment Training needed Project Scope Budget Schedule Reusable?

Doel (wat) Business Case (waarom) Vereisten Vereisten (business, functional, technical) Compliance rules Verwachtingsmanagement Eindgebruiker Klant Subject Matter Experts Stakeholders Huidige omgeving Kennis en ervaring Applicaties Fysieke omgeving Netwerken Virtuele omgeving Herbruikbaar? Training nodig Project Bereik Budget Planning (wanneer)

Load-Balancing Method: Originating Virtual Port ID virtual switch physical switch virtual NICs physical NICs 5- #

Load-Balancing Method: Source MAC Hash Internet virtual switch physical switch virtual NICs physical NICs 5- #

Load-Balancing Method: IP-Hash Internet virtual switch physical switch virtual NICs physical NICs 5- #

Standard Switch and Distributed Switch Feature Comparison Feature Standard switch Distributed switch Layer 2 switch VLAN segmentation IPv6 support 802.1Q tagging NIC teaming Outbound traffic shaping Inbound traffic shaping Configuration backup and restore Private VLANs Link aggregation control protocol Data center-level management Network vsphere vmotion VMware vsphere Network I/O Control Per-port policy settings Port state monitoring NetFlow Port mirroring VMware vsphere: Optimize and Scale 2014 VMware Inc. All rights reserved

Private VLANs A private VLAN is: An extension to the VLAN standard Further segmentation of a single VLAN into secondary private VLANs A secondary private VLAN: Exists only in the primary VLAN Shares the same IP network address Is identified on the physical and distributed switches by a unique VLAN ID VMware vsphere: Optimize and Scale 2014 VMware Inc. All rights reserved

Types of Secondary Private VLANs Three types of secondary private VLANs: Promiscuous Isolated Community The type of secondary private VLAN determines packet forwarding rules. Primary Secondary Type 5 5 promiscuous 5 155 isolated 5 17 community VMware vsphere: Optimize and Scale 2014 VMware Inc. All rights reserved

Promiscuous Private VLANs Primary Secondary Type 5 5 promiscuous VM 1 5 155 isolated 5 17 community VM 2 A node attached to a port in a promiscuous secondary private VLAN can send and receive packets to any node in any other secondary private VLAN associated with the same primary. Routers are typically attached to promiscuous ports. 5 VM 6 155 17 VM 5 VM 3 VM 4 VMware vsphere: Optimize and Scale 2014 VMware Inc. All rights reserved

Isolated Private VLANs Primary Secondary Type 5 5 promiscuous VM 1 5 155 isolated 5 17 community VM 2 A node attached to a port in an isolated secondary private VLAN can send to and receive packets only from the promiscuous private VLAN. Only one isolated secondary private VLAN is permitted per primary. 5 VM 6 155 17 VM 5 VM 4 VM 3 VMware vsphere: Optimize and Scale 2014 VMware Inc. All rights reserved

Community Private VLANs Primary Secondary Type 5 5 promiscuous VM 1 5 155 isolated 5 17 community VM 2 A node attached to a port in a community secondary private VLAN can send to and receive packets from other ports in the same secondary private VLAN as well as ports in the promiscuous private VLAN. 5 VM 6 155 17 VM 5 VM 3 VM 4 VMware vsphere: Optimize and Scale 2014 VMware Inc. All rights reserved

Physical Switch Implementation of Private VLANs Standard 802.1Q tagging No double encapsulation Physical switch software decides which ports to forward the frame to, based on the tag and the private VLAN tables. Primary Secondary Type 5 5 promiscuous 5 155 isolated 5 17 community For private VLANs, the VLAN ID is the secondary ID. distributed switch 5 5 155 17 VLAN 5 Private VLAN 5 (promiscuous) Private VLAN 155 (isolated) Private VLAN 17 (community) VMware vsphere: Optimize and Scale 2014 VMware Inc. All rights reserved

Private VLANs and Physical Switches Frames that travel are tagged with the secondary ID. Each virtual machine can send to and receive from different secondary private VLANs. Examples: community and promiscuous A physical switch can be confused by the fact that each MAC address is visible in more than one VLAN tag A physical switch must have a trunk port to the VMware ESXi host and not be in a secondary private VLAN. Most private VLAN problems are caused by physical switches that are configured incorrectly. Compare the private VLAN map in the physical switch to the private VLAN configuration in the distributed switch. VMware vsphere: Optimize and Scale 2014 VMware Inc. All rights reserved

Private VLAN-Aware Physical Switch A virtual machine in a promiscuous private VLAN sends an ARP request for a virtual machine in an isolated private VLAN. The target virtual machine is on a different ESXi host. The physical switch is private VLAN-aware. ARP request tag: 5 ARP request tag: none Promiscuous ARP reply tag: none ARP reply tag: 155 5 155 Distributed Switch ARP request tag: 5 ARP reply tag: 155 Switch ports that see the same MAC address through different VLAN tags Private VLAN logic detects that the destination is isolated, so it acts as if the tag were 155. Isolated ARP reply tag: none ARP request tag: none Primary Secondary Type 5 5 promisc 5 155 isolated 5 17 comm VMware vsphere: Optimize and Scale 2014 VMware Inc. All rights reserved

Configuring and Assigning Private VLANs Configure Select the distributed switch and select Private VLN > Edit. Assign Right-click the distributed port group, select Edit Settings, and select VLAN. VMware vsphere: Optimize and Scale 2014 VMware Inc. All rights reserved

Lesson 4: vcenter Single Sign-On

Learner Objectives By the end of this lesson, you should be able to meet the following objectives: Describe the features and benefits of VMware vcenter Single Sign-On Describe the vcenter Single Sign-On architecture Define the vcenter Single Sign-On deployment modes List the options for protecting vcenter Single Sign-On Describe how to install vcenter Single Sign-On Describe how to configure vcenter Single Sign-On Use vcenter Single Sign-On to create users and assign roles

About vcenter Single Sign-On vcenter Single Sign-On is an authentication service that secures the VMware cloud infrastructure platform. vcenter Single Sign-On allows vsphere software components to communicate with each other through a secure token mechanism. vsphere Web Client AD Open LDAP vcenter Single Sign-On Identity sources vcenter Server VMware vcenter Orchestrator VMware vcloud Director

Benefits of vcenter Single Sign-On vcenter Single Sign-On has the following benefits: Faster operations and a less complex authentication process Ability of vsphere solutions to trust each other without requiring authentication every time a solution is accessed An architecture that supports multi-instance and multisite configurations that provide for single-solution authentication across the entire environment

Features of vcenter Single Sign-On vcenter Single Sign-On has the following features: Support for open standards Support for multiple user repositories, including Active Directory and OpenLDAP Ability for users to see all vcenter Server instances for which they have permission No need to use vcenter Linked Mode for unified views of vcenter Server instances

How vcenter Single Sign-On Works When logging in to vsphere, authentication is passed to vcenter Single Sign-On. On successful authentication, a security token is used to access vsphere components. 1 2 Security Token Service vcenter Single Sign-On Server Admin Service 5 Identity Manager Service (IDM) VMware Directory Service (vmdir) IDM Client 3 4 6 vcenter Lookup Service AD Open LDAP vcenter Server

About Identity Sources and the Default Domain Identity source: A repository for users and groups that vcenter Single Sign-On can use for user authentication Usually a directory service like Active Directory or Open LDAP Provides a means to attach one or more domains to vcenter Single Sign-On Default domain: Used by vcenter Single Sign-On to authenticate users when the user logs in without a domain name. One system identity source named vsphere.local is created when you install vcenter Single Sign-On. vsphere.local is the default domain.

Supported Identity Sources Identity Source Description Name in vsphere Web Client Active Directory Active Directory Only one Active Directory domain as an versions 2003 and (Integrated Windows identity source is allowed. later Authentication) Active Directory over LDAP This identity source is included mainly for compatibility with version 5.1 of vcenter Single Sign-On. Active Directory as an LDAP Server OpenLDAP versions 2.4 and later Local operating system users vcenter Single Sign- On users Multiple OpenLDAP identity sources are allowed. This identity source exists only in basic mode deployments, not in multisite mode or high availability mode deployments. This identity source is created during the install. OpenLDAP localos vsphere.local

vcenter Single Sign-On Architecture vcenter Single Sign-On components are deployed as part of the installation. vcenter Single Sign-On Server Security Token Service Admin Service Identity Manager Client Identity Manager Service VMware Directory Service (vmdir) vcenter Lookup Service AD Open LDAP vcenter Server vcenter Server vcenter Orchestrator vcloud Director

About vcenter Single Sign-On Deployment Modes vcenter Server provides several ways to deploy vcenter Single Sign-On to best serve your vsphere environment. You can deploy vcenter Single Sign-On in one of the following modes: Basic Multiple vcenter Single Sign-On instances in the same location Multiple vcenter Single Sign-On instances in different locations

Basic Deployment Mode Basic mode is the most common deployment option. You usually use the Simple Install option to deploy vcenter Server with vcenter Single Sign-On in basic mode. Basic mode is appropriate for the following scenarios: You have a single vcenter Server instance of an inventory size of up to 1,000 hosts or 10,000 virtual machines. You have geographically dispersed vcenter Server instances that are administered independently of each other. You are using vcenter Server Appliance. vsphere Web Client vcenter Server vcenter Inventory Service vcenter Single Sign-On Windows vcenter Server system or vcenter Server Appliance

Multiple Single Sign-On Instances in the Same Location This deployment mode provides high availability for your vcenter Single Sign-On environment. Use this mode if you do not plan to use VMware vsphere High Availability or VMware vcenter Server Heartbeat, but high availability of the vcenter Single Sign-On server is required. vcenter Single Sign-On vmdir Network Load Balancer Synchronized vsphere Web Client vcenter Server vcenter Inventory Service vcenter Single Sign-On vmdir

Multiple Single Sign-On Instances in Multiple Locations This mode is required when you have geographically dispersed vcenter Server systems and you must administer these instances in Linked Mode. New York Virginia vsphere Web Client vsphere Web Client vcenter Server vcenter Server vcenter Inventory Service vcenter Inventory Service vcenter Single Sign-On vmdir Synchronized vmdir vcenter Single Sign-On

Protecting vcenter Single Sign-On vsphere provides several ways to ensure the availability of your vsphere deployment with vcenter Single Sign-On. Option Description Recovery Time Required Backup and restore Solution must be independent of vcenter Server. Recovery requires manual intervention. Hours or days vsphere HA vcenter Server Heartbeat vcenter Server Single Sign-On high availability mode vsphere feature for maintaining uptime of virtual machines and detecting ESXi host failure Separately licensed vcenter Server plug-in provides vcenter Server protection (physical or virtual) and can protect against host failure. Primary vcenter Single Sign-On instance paired with a second vcenter Single Sign-On instance Minutes Minutes Seconds

Installing vcenter Single Sign-On Using the VMware vcenter Installer: Use the Simple Install option to deploy basic mode. Use the Custom Install option to install multisite or high availability mode. During the custom install, you are prompted to select a deployment mode: Primary Node High availability Multisite

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback