This part is covering the basics of vCD Networking.
vCD networking is
used to provide network services to vCD elements which are:
1. Organizations
2. vApps
3. vCD VMs
Those network
services include:
1. Internet Connection
2. Firewall Services
3. NAT Services
4. Load Balancer Services
5. VPN Services
The elements which
provide vCD network services are:
1. vShield Edge (vSE) - The firewall component provided by VMware is now upgraded to be present in vCD environment in addition to vCenter environment.
2. vApp Networks - Each vApp network represents a single wire where VM(s) are connected to. vNIC(s) can have IP addresses assigned manually or obtain from vApp Network IP Pool.
3. Org vDC Networks - Those represents the next hop where vApp Networks will connect to. vApp network can connect to Org vDC network directly or through vSE component. Single Org vDC network can have one or more vApp networks connected to it.
4. External Networks - This is the entry/exist point to/from your cloud which connect Org(s) to external physical network. Its always preferred to have one dedicated External Network per Org instead of sharing it across Orgs. Again Org vDC networks can be connected to external networks directly or through vSE.
Those
elements can be used in different cloud deployments, below are some examples.
How vCD Network Elements Reflect in vCenter
Infrastructure ?
An External Network
is always backed by a Portgroup, meaning that a portgroup needs to exist
within vSphere before you can create this vCD network object. This portgroup
can be on a regular vSwitch, a dvSwitch or you could use Nexus 1KV.
Note: An external network can be
a port group shared with non-vCD VMs.
Org vDC Network can
be backed by a Portgroup or not. This depends on the type of OvDC Network
selected during creation. In case OvDC Network is directly connected to
External network without vSE, Portgroup won't be required or created as it will
be logical link. Physically, vApp Networks will be directly connected to
External Network Portgroup.
However, if OvDC
Network is connected to External network using vSE, in this case Portgroup will
be created . This Portgroup will include one vNIC from vSE. There are different
types of Portgroups created for OvDC networks based on the type of OvDC network
resource pool. We will be covering this later.
Similar to OvDC
network, vApp network can be backed by Portgroup or not. If vApp network is
directly connected to OvDC network, no Portgroup is created as this will be a
logical link. Physically, vNICs for VMs are directly connected to OvDC network
Portgroup.
However, if vApp
network is connected to OvDC network through vSE, Portgroup is created and will
have one vNIC from vSE as well as VM's vNIC(s).
Important note: For OvDC network and vApp network,
vDS is only supported for their Portgroups. In case PvDC is using N1KV or vSS,
OvDC networks and vApp networks can't be created.
In case PvDC is using N1KV or vSS, OvDC networks and vApp networks can't be created - is this still the case?
ReplyDeletei am using the 1000v and it works for me
This is right if you want to deploy Routed OvDC network using Port-Group Backed network pool. In this case, you can create N1KV or Standard Port-Groups in vCenter and use them in vCD.
ReplyDeleteHowever, for Routed OvDC Networks using network pools types vCDNI or VLAN-Backed, N1KV and Standard Port-Groups aren't supported.
Also, its not supported for Direct OvDC Networks.