Guest

Cisco Virtual Application Cloud Segmentation Services Installation and Upgrade Guide, Release 5.4STV3.0

Book Contents
Find Matches in This Book
Available Languages
Download Options

Book Title

Cisco Virtual Application Cloud Segmentation Services Installation and Upgrade Guide, Release 5.4STV3.0

Chapter Title

Installing Cisco VACS Components

Results

Updated:
June 16, 2016

Chapter: Installing Cisco VACS Components

Installing Cisco VACS Components

This chapter contains the following sections:

Cisco VACS Installation Sequence

After you install the Cisco UCS Director—Cisco VACS license and apply the Cisco VACS patch to the UCS Director, you must install and register the following components before you can create the Cisco VACS application container templates:

  • Add the virtual account.

    For information about adding virtual account, see Creating a Virtual Account

  • Install Cisco Prime Network Services Controller (PNSC) using Install PNSC action button.

    For information about installing Cisco PNSC, see the Installing Cisco Prime Network Services Controller.

  • Install Cisco Nexus 1000V using the Install Nexus 1000V action button. Cisco Nexus 1000V is automatically registered with Cisco UCS Director when you install the switch.

    For information about installing Cisco Nexus 1000V, see Installing Cisco Nexus 1000V.

  • Enable Cisco Nexus 1000V forwarding on each virtualized server in the vCenter deployment using the Add Host action button.

    For information about adding hosts, see Adding Hosts.

Creating a Virtual Account

    Step 1   From the Cisco UCS Director menu bar, choose Administration > Virtual Accounts. The Virtual Accounts task icons appear.
    Step 2   Click Add. The Add Cloud dialog box appears.
    Step 3   Choose VMware from the Cloud Type drop-down list. The Add Cloud entry form window appears.
    Step 4   In the Add Cloud entry form window, complete the following mandatory fields:

    1. Cloud Name—Enter the cloud name.

    2. Server Address—Enter the vSphere server address.

    3. Admin Credentials—Enter the administrator credentials.

    Step 5   Choose the POD from the POD drop-down list.

    By default, the POD fro the Virtual Account is Default POD. You can choose the applicable POD from the drop-down list.

    Step 6   Click Add and then click OK. The new virtual account now displays in the Virtual Accounts table.

    Installing Cisco Prime Network Services Controller

    After a successful installation of the Cisco VACS license, Cisco UCS Director enables you to do a new installation of Cisco PNSC. Cisco PNSC is the policy manager for Virtual Security Gateway for traffic between the virtual machines in one virtual cloud account.


    Note

    The Help link provides you access to the corresponding online help.

    Before You Begin

    • Have the administrator privileges to install Cisco PNSC.

    • Ensure that Cisco PNSC and any associated Cisco Nexus 1000V switches are not installed on the same virtual account in Cisco UCS Director. Cisco PNSC and the Cisco Nexus 1000V must not be pre-installed on the virtual accounts on which you plan to install these components using Cisco VACS.

    • Know the location information (data center and IP address) of the host on which you are deploying the Cisco PNSC.

    • Know the virtual machine resources (management port group and data store) for the Cisco PNSC virtual machine.

    • Know the DNS and Network Time Protocol (NTP) server information.

    • Ensure that the data store has sufficient storage space.

      Step 1   From the Cisco UCS Director menu bar, choose Solutions > VACS Container. The Cisco VACS management task icons appear.
      Step 2   Click Install PNSC. The Install PNSC wizard appears.
      Figure 1. Install PNSC Wizard

      Step 3   In the Name and Location Specification screen, complete the following fields.

      Name

      Description

      PNSC OVF Path field

      The PNSC OVF path is auto-populated in this field.

      Virtual Account Information

      Virtual Account drop-down list

      Choose the virtual account for the PNSC installation.
      Note   

      This virtual account can be a vCenter account or a datacenter in a vCenter account.

      PNSC Specification

      PNSC Name field

      Enter a unique name for the PNSC instance.
      Note   

      The name can be alphanumeric, dashes, and underscores and must be between 2 to 32 characters.

      Admin Password field

      Enter the administrator password.
      Note   
      The admin password validation must meet the below conditions:

      • Contains between 8 to 64 characters.

      • Contains at least three of the following:

        1. Lowercase letters

        2. Uppercase letter

        3. Digits

        4. Special characters

      • Does not contain a character that is repeated more than three times consecutively. For example, aaabbb.

      • Is not the user name or the reverse of the user name.

      • Passes a password dictionary check. The password must not be based on a standard dictionary word. PNSC uses the standard Linux open source PAM module.

      • Does not contain the following symbols: dollar sign ($), question mark (?), slash (\), and the equals sign (=).

      • The password must not be blank for a local user and the admin accounts.

      Confirm Admin Password field

      Re-enter the password.

      Shared Secret field

      Enter the shared secret.

      The shared secret is used for authenticating control traffic between the PNSC and the VSM that is involved in managing security policies for and switching between a given set of virtual machines.

      Note   
      The shared secret password must contain the strong password characteristics such as the following:

      • Contains between 8 to 64 characters.

      • Lowercase letters, uppercase letters, digits, and special characters.

      • Does not include characters such as:

        1. Consecutive alphanumeric characters, such as abcd or 1234.

        2. Characters repeated three or more times, such as aaabbb.

        3. A variation of the word Cisco , such as cisco , ocsic , or one that changes the capitalization of letters in the word Cisco.

        4. The username, or the username in reverse.

        5. A permutation of characters present in the username or Cisco.

        6. Characters such as, &, ' " `, ( ), < >, |, \, ;, $, and spaces.

      Confirm Shared Secret field

      Re-enter the shared password.

      IPv4 Address field

      Enter the management IP address that is configured on the PNSC instance.

      Note   
      The IPv4 address must have the following characteristics:

      • Must be a valid unicast IPv4 address.

      • Must have the same subnet with the IPv4 Gateway field.

      IPv4 Address Subnet Mask field

      Enter the netmask address. For example, 255.255.255.0.

      IPv4 Gateway Address field

      Enter the default gateway.

      Step 4   Click Next.
      Step 5   In the Placement and Network Specification screen, complete the following fields.

      Name

      Description

      Networking

      DNS IPv4 field

      Enter the DNS server IPv4 address.

      DNS Hostname field

      Enter a unique DNS hostname for the PNSC.
      Note   
      The DNS hostname must contain the following characteristics:

      • Must be at least 2 characters, no more than 24 characters.

      • Must contain an alphanumeric and a hyphen.

      • Must not start with a digit.

      • Must not start or end with a hyphen.

      DNS Domain Name field

      Enter a DNS domain name.
      Note   

      This name should be a string value from 2 to 256 characters.

      NTP IPv4 Server field

      Enter the NTP server IPv4 address.

      Placement Details Information

      Datacenter drop-down list

      Choose the datacenter of the host on which the PNSC virtual machine must be deployed.

      Host/Cluster drop-down list

      Choose a standalone host or a host from the cluster in the datacenter.

      Management Network drop-down list

      Choose the port group to which the PNSC's Management network should be mapped.

      Datastore drop-down list

      Choose the datastore.

      Step 6   click Next.
      Step 7   In the Install PNSC Summary screen, verify the details of the installation. If the details are correct, click Submit. Otherwise, click Back to go back to a previous step and modify the details.
      After clicking Submit, a dialog box that appears , displays a service request number that can be used to track the progress of the workflow, as described in the next step.
      Note   

      1. If the Cisco PNSC installation fails, there is an automatic rollback to clean up the installation. If Cisco PNSC installation is successful, but the Cisco PNSC registration to the VC and the UCS Director fails, then automatic rollback are not done.

      2. If the input parameters needs to be changed, then re-submission of the workflow will not help.

      3. If the Register Cisco PNSC task has failed, then re-submission of the workflow from the same task is possible.

      4. If the Cisco PNSC installation fails, you can manually recover the partial or an unsuccessful installation. To manually recover the installation, see Removing a PNSC Installation Manually. For additional troubleshooting tips, see Problems with Installing Cisco PNSC.

      Step 8   View the progress of the installation and deployment of Cisco PNSC by choosing the Organization > Service Requests. In the Service Request tab, you can view the Workflow Status or Logs to determine the status of the installation and troubleshoot problems.
      Note   

      If the deployment task failed due to network or host issues which can be corrected, then correct the issues and resubmit the workflow.

      Installing Cisco Nexus 1000V

      After successfully installing Cisco PNSC, the Cisco VACS solution enables you to install a Cisco Nexus 1000V switch. You can install multiple Cisco Nexus 1000V switches. Each of these instances are registered with Cisco PNSC that was installed by the Cisco VACS solution.


      Note

      1. Cisco Nexus 1000V is licensed with 1024 licenses of the Stingray Package.

        During the EVAL period, the expiry date of Cisco Nexus 1000V is the same as that of the EVAL Cisco VACS license expiry. In case Cisco Nexus 1000V is created after installing the Cisco VACS Production licenses, there will not be any expiry (permanent) for Cisco Nexus 1000V.

      2. In case of upgrading the EVAL Cisco VACS license to the Production Cisco VACS license, an existing Cisco Nexus 1000V is not automatically installed with the permanent licenses.


      Note

      The Help link provides you access to the corresponding online help.

      Before You Begin

      • You must be a system administrator with full privileges to perform this task.

      • Set aside one IP address for the VSM and one IP address for the Cisco Virtual Switch Update Manager (Cisco VSUM). Cisco VSUM is the Cisco Nexus 1000V installer.

      • Set aside virtual machine resources (port groups and datastores) for the installer virtual machine, the primary VSM, and the secondary VSM.

      • Each VSM (primary and secondary) must have the following minimum system requirements:

        • 2 vCPUs, 2 GHz

        • 4 GB memory

        • 3 GB storage space

      • The Cisco VSUM must have the following minimum system requirements:

        • 2 vCPUs

        • 4 GB memory

        • 80 GB storage space

      • Reserve a unique numeric domain ID for the Cisco Nexus1000V switch.

        Step 1   From the Cisco UCS Director menu bar, choose Solutions > VACS Container. The Cisco VACS management task icons appear.
        Step 2   Click Install Nexus 1000V. The Cisco Nexus 1000V wizard appears.
        Figure 2. Install Cisco Nexus 1000V Wizard

        Step 3   In the Name and Location Specification screen, complete the following fields, and then click Next:

        Name

        Description

        VSUM OVF Path field

        The Cisco VSUM OVF path is auto-populated.

        Virtual Account drop-down list

        Choose the name of the cloud account that you want to install the Cisco VSUM (installer VM) and the Cisco Nexus 1000V VSMs.

        After you select the cloud account, the IP address of the Cisco PNSC version that you earlier installed is displayed below this field. If you have not installed Cisco PNSC earlier, then you get an error message indicating that the Cisco PNSC server is not found and you are not allowed to proceed with the installation.

        VSUM Name field

        Enter a unique name for Cisco VSUM.
        Note   

        The name of the installer can be an alpha-numeric value, from 2 to 256 characters long.

        Step 4   In the Placement and Network Specification screen, complete the following tasks, and then click Next:

        Name

        Description

        Placement Details

        Datacenter drop-down list

        Choose the VMware datacenter to install the Cisco VSUM.

        Host/Cluster drop-down list

        Choose a standalone host or a host from the cluster in the datacenter.

        Management Network drop-down list

        Choose the port group details for this installer. Ensure that this port group provides reachability to the IP address that you will provide for the Cisco VSUM VM later in the installation process.

        Datastore drop-down list

        Choose the datastore.

        Network Properties Information

        IPv4 Address field

        Enter the IPv4 address of the Cisco VSUM. This IPv4 address must be accessible through the port group that you previously chose.

        IPv4 Subnet Netmask field

        Enter the netmask address. For example, 255.255.255.0.

        Default Gateway IPv4 field

        Enter the default gateway.

        Step 5   In the VSM Deployment Information screen, complete the following tasks and then click Next:

        Name

        Description

        VSM Deployment Information

        Deployment Type field

        The Cisco Nexus 1000V is deployed in the High Availability (HA) mode by default.

        Firmware Version field

        The firmware version of the VSM. The default version is 5.2(1)SV3(1.4).

        VSM Datacenter drop-down list

        Choose the VSM datacenter for deploying the VSM VMs. This is also the datacenter in which the Cisco Nexus 1000V Distributed Virtual Switch will be created.

        Step 6   In the VSM Host Selection screen, complete the following tasks and then click Next:

        Name

        Description

        Primary VSM Host

        Primary IP Address drop-down list

        Choose a stanalone host or a host from the cluster on which the primary Cisco Nexus 1000V VSM will be placed.

        Primary Datastore drop-down list

        Choose the datastore to use for the primary VSM.

        The list contains the datastores that are on host of the primary Cisco Nexus 1000V VSM.

        Secondary VSM Host

        Secondary IP Address drop-down list

        Choose a standalone host or a host from the cluster on which the secondary Cisco Nexus 1000V VSM will be placed.

        Secondary Datastore drop-down list

        Choose the datastore for the secondary VSM.

        Step 7   In the VSM Port Group screen, complete the following tasks and then click Next:

        Name

        Description

        Port Group Information

        Control Interface Portgroup drop-down list

        Choose the control interface portgroup of the VSM.

        Management Interface Portgroup drop-down list

        Choose the management interface portgroup of the VSM.

        Packet Interface Portgroup drop-down list

        Choose the packet interface portgroup of this VSM.
        Note   

        For more information on the port groups, see the http:/​/​www.cisco.com/​c/​en/​us/​support/​switches/​nexus-1000v-switch-vmware-vsphere/​products-installation-and-configuration-guides-list.html

        Step 8   In the SVS Domain and Server Setup Specification screen, complete the following tasks and then click Next.

        Name

        Description

        SVS Domain Setup

        Domain ID field

        Enter a unique ID for the SVS domain. The domain ID must be unique across all of the Cisco Nexus 1000V virtual switches in your datacenter.

        Note   

        Valid range for the domain ID is between 1 to 1023.

        NTP and PNSC Setup

        NTP Server IP field

        The IP address of the NTP server is automatically populated with the IP address of the NTP that was provided during the PNSC installation. This is a non-editable field.

        PNSC Server IP field

        The IP address of the PNSC server is automatically populated with the IP address of the Cisco PNSC server that was provided during the Cisco PNSC installation. This is a non-editable field.

        Step 9   In the VSM Profile Specification screen, complete the following tasks and then click Next.

        Name

        Description

        VSM Profile

        IPv4 Address field

        Enter the management IP address that you want to configure on the VSM.

        Subnet Mask field

        Enter the netmask address. For example, 255.255.255.0.

        Gateway IP Address field

        Enter the gateway IPv4 address.

        Distributed Virtual Switch Name field

        Enter a unique name for the switch. The name can be an alpha-numeric value, from 2 to 32 characters long.

        User and Password

        User Name field

        User name is set to admin by default and cannot be changed.

        Password field

        Enter the password for associated with the VSM profile. The password must contain at least 1 uppercase letter, 1 lowercase letter, and 1 numeric digit, and must be value between 8 to 64 characters long.

        As per the Cisco Nexus 1000V password guidelines, the password must not contain special characters. For information, see http:/​/​www.cisco.com/​c/​en/​us/​td/​docs/​switches/​datacenter/​nexus1000/​sw/​4_2_1_s_v_1_4/​security/​configuration/​guide/​n1000v_security/​n1000v_​security_​2useracct.html.

        Confirm Password field

        Re-enter the password.

        Step 10   In the Install Nexus1000V Summary screen, verify the details of the installation. If the details are correct, click Submit. Otherwise, click Back to go back to a previous step and modify the details.

        After clicking Submit, a dialog box shows a service request number that can be used to track the progress of the Workflow, as described in the next step.

        Note   

        1. If the VSUM installation fails, there is an automatic rollback to clean up the installation. If VSUM installation is successful, but the VSM deployment fails, then only the VSM is automatically rolled back to clean up the VSM installation. If the VSM are also deployed successfully but the VSM configuration tasks fails, then an automatic rollback does not occur.

        2. If the inputs are not right, then re-submission does not work. The Cisco Nexus 1000V wizard must be used again to enter the correct inputs and then submit.

        3. If there are any network, host, or datastore issues, then you must correct them and then resubmit the workflow from the point of failure (in the deploy VSUM or deploy VSM tasks)

        4. If the installation of Cisco VSUM for Cisco VACS fails, you can manually remove the partial installation or unsuccessful installation. To manually remove the installation, see the Removing a Cisco Virtual Switch Update Manager Installation Manually. For additional troubleshooting tips, see Problems with Installing Cisco Nexus 1000V.

        Step 11   View the progress of the installation and deployment of the VSM by clicking on the Organization > Service Requests. In the Service Request tab, you can view the Workflow Status or Logs to determine the status of the installation and troubleshoot problems.
        Step 12   If the deployment tasks is successful, but the Config VSM task fails, then you must resubmit the workflow from the Config VSM task to complete the installation.

        About Adding Hosts to Nexus 1000V DVS

        Adding hosts to Nexus 1000V DVS is a complex operation. This section describes the scope of the Add Hosts wizard and how to translate your intended usage into proper choices.

        Adding a host requires the following :
        Once you name the virtual account for the deployment and select the specifications from the corresponding drop-down lists, the virtual switch and host specifications get created. Port profiles are an abstraction that stands for a set of port level network attributes. They come in the following two flavors :

        1. Physical port profiles

          These contain attributes relevant to the physical interfaces. You can set up a physical port profile to carry multiple VLANs. One of these vlans must be designated as the native VLAN. Traffic on the native VLAN travels on the wire, without 802.1Q encapsulation. A virtual port profile for the purposes of the 'Add Host' wizard can carry traffic on just one VLAN. For any virtual interface, irrespective of whether it is the interface of a VM or a VM Kernel NIC, you can associate a particular virtual port profile only if the VLAN it specifies, has been included in one of the physical port profiles associated with one of the physical interfaces. The VLAN associated with any virtual interface on a host must be carried on one of the physical interfaces of that host.

          Physical port profiles also specify if the interfaces that they attach to form a logical bundle and if they do, whether it is a bundle of type '5 tuple hash-based static portchannel' or of type 'MAC Pinning'. For an understanding of what these interface types are, see the http:/​/​www.cisco.com/​c/​en/​us/​td/​docs/​switches/​datacenter/​nexus1000/​sw/​5_2_1_s_v_3_1_1/​interfaces/​config/​b_Cisco_N1KV_VMware_Interface_Config_521SV311/​b_​Cisco_​Nexus_​1000V_​Interface_​Configuration_​Guide_​Release_​4_​2_​1_​SV_​2_​2_​1_​chapter_​0110.html

        2. Virtual port profiles

          These contain attributes suitable for VMs or VM Kernel NICs. A specially designated virtual Kernel NIC must be established on each host to exchange management and control signals with the Cisco Nexus1000V Virtual Supervisor Module (VSM). The simplest way is to specify migrating the pre-existing management VM Kernel NIC (usually named vmk0). Alternatively you can create a VM Kernel NIC expressly for this purpose. If you exercise the latter option, we recommend that these specifically created VM Kernel NICs belong to the same VLAN and have IP addresses in the same subnet as the management interface of the VSM module. It is not necessary to ensure this when you are simply choosing to use the management VM Kernel NIC as the control VM Kernel NIC.

          You must follow this simple rule for creating VTEP VM Kernel NICs. If the physical interfaces of a host are not in a MAC pinning mode port channel, a single VTEP NIC suffices. If they are in MAC Pinning mode, you can create as many VTEP VM Kernel NIcs as the number of physical interfaces being migrated on that host. Moreover, all VTEP NICs on all hosts in a single virtual switch must be in the same VLAN and the same subnet.

        The Cisco VACS Add Host wizard will try to restrict you to legitimate choices. For instance, it will try to detect which VLAN is native on each physical interfaces that you want to migrate. It will also try to discover which VLAN the management VMKernel NIC is on in case you choose to re-use it as the control VM Kernel NIC. However there are times when these automatic discovery attempts can fail. You must ensure correct choices for native VLANs of the physical interfaces as well as the VLAN for the control VM Kernel NIC.

        Adding Hosts

        After a successful installation of the Cisco VACS license and Cisco Nexus 1000V, you can install Cisco Nexus 1000V Virtual Ethernet Module (VEM) for a VMware ESXserver .


        Note

        • The Help link provides you access to the corresponding online help.

        • Rollback recovery is not supported for the Add Host operation.

        • For this release, Cisco VACs allows you to add only one host at a time to the Nexus1000 DVS.

        • We recommend that you turn on the CDP on the server ports before starting the Add Host wizard.

        Before You Begin

        Before beginning the Cisco Nexus 1000V VEM software installation, you must know or do the following:

        • The following are the disk and memory usage for the VEM software on an ESX/ESXi host:

          • 6.5 MB of disk space

          • Maximum of 4 GB of RAM when all Cisco Nexus 1000V features are activated.

          Step 1   From the Cisco UCS Director menu bar, choose Solutions > VACS Container. The Cisco VACS management task icons appear.
          Step 2   Click Add Host. The Add Host wizard appears.
          Figure 3. Add Host Wizard

          Step 3   In the Host Location Specification screen, complete the following fields :

          Name

          Description

          Virtual Account drop-down list

          Choose the name of the virtual account.

          Datacenter drop-down list

          Choose the datacenter where the host is present.

          Nexus 1000V Switch drop-down list

          Choose a Cisco Nexus 1000V DVS to add the hosts.

          Host drop-down list

          Choose a standalone host or a host from the cluster in the datacenter, that you want to add to the Nexus1000V DVS.

          Step 4   Click Next. The Port Profle Configuration screen appears.
          Step 5   In the Port Profle Configuration screen, review the port profiles that can be used by the physical interfaces (PNIC) or the virtual interfaces (VNIC).

          The Port Profle Configuration screen lets you view or create port profiles. These port profiles are applied to the physical interfaces that you want to add to the virtual switch or to the virtual interfaces of the VMs. The Port Profile table lists the existing port profiles and displays some suggested port profiles for the selected host. You can modify or delete the suggested port profiles, or add new ones. After you finish managing the port profiles, you are prompted to apply them to the host’s physical interfaces or to the VMs on the host that you want to migrate to the Cisco Nexus 1000V. Any newly created port profiles in this list that are not assigned to any interface—physical or virtual—do not persist on the switch. Before exiting this screen, ensure that suitable port profiles exist for all the physical server ports that you intend to migrate to the Cisco Nexus 1000V. If the UI does not pre populate the Port Profile table with suitable port profiles, you must add them manually.

          Note   

          Only those port profiles that have Exists?=no can be modified. The port profile with Exists?=yes are those that are already available on the VSM and cannot be modified. There could be instances wherein this screen will not display any port profiles.

          For Ethernet port profiles, only static port channel and virtual port channel host mode (vPC -HM) is supported.

          The list of port profiles is displayed. You can modify or delete the suggested port profiles, or add new port profiles. If you want to add more port profiles, click + and fill in the following details in the Add Entry to Port Profile screen. If you want to modify an existing port profile, then select the appropriate port profile and click the edit (pencil) icon which is located next to + and modify the existing field.

          Step 6   In the Add Entry to Port Profile screen, complete the following fields:

          Field

          Description

          Profile Name field

          Enter a unique name for the port profile. The valid range is 2 to 32.

          Port Profile Specification

          VLANs field

          Enter a VLAN list as a comma-separated list of numeric IDs and numeric ID ranges. For example, "1,3,5-8,6-9,11,20-30". The valid range is 1 to 3967 and 4048 and 4093.

          A port profile with the Physical Interface check box checked, can usually carry multiple VLANs in a list. Port profiles for virtual machines only carry a single VLAN. Attempting to assign a list to a port profile with the Physical Interface check box unchecked results in an error.

          Physical Interface check box

          Check this check box to indicate that this port profile is intended for use with the physical interfaces of the host. Uncheck the check box to indicate that the port profile is meant for use with one or more virtual interfaces.

          By default, this check box is unchecked.

          Native VLAN field

          If you check the Use for physical interfaces check box, you can enter the Native VLAN ID for this port profile. This field is pre-populated with a value of 1.

          Note   

          • The valid range is 1 to 3967 and 4048 and 4093.

          • Ensure that you provide the correct VLAN for the native VLAN field. If you don't do so, the addition of a host to the Nexus 1000V DVS fails.

          • This field is displayed if the Physical Interface check box is unchecked. I

          Channel Group MacPinning check box

          Check this check box to enable port–channel of type Mac–Pinning. If unchecked, all of the interfaces to which this port profile is applied form a static port channel.

          Note   

          By default, the Channel Group MacPinning is disabled.

          Click Submit.

          Repeat the above steps for physical port-profiles. For virtual machine port-profiles, only the VLAN and Native VLAN fields are displayed. You must choose the appropriate VLAN configuration.

          Step 7   Click Next on the Port Profile Configuration screen after you have modified or added the required port profiles. . The Physical NIC Migration Configuration screen appears.
          Step 8   In the Physical NIC Migration Configuration screen, you can view all the PNICs present in the host, with a suggested port-profile mapped to it and the migration to be set to true.

          Setting the migration flag to a value of true indicates that the corresponding PNIC will be migrated to Cisco Nexus 1000V.

          Step 9   To edit the Port-profile mapping, migration status, or the container traffic check for an existing PNIC, select the appropriate PNIC and click the edit (pencil) icon and modify the existing fields.
          Attention:

          It is necessary that you enable at least one physical NIC to use for container traffic. If you do not enable it, you cannot proceed with the wizard.

          The Edit Physical NICs Entry screen appears.
          Step 10   (Optional) In the Edit Physical NICs Entry screen, modify the existing fields, and then click Submit.

          Name

          Description

          Select PNIC to Migrate

          Name field

          This display-only field shows the interface name.

          Migration check box

          Check the check box to enable the migration of the PNIC to the Cisco Nexus 1000V.

          Note   

          By default, all the PNICs are set to true for that migration. You can uncheck the check box to prevent migrating the PNIC to the Cisco Nexus 1000V.

          Port Profile drop-down list

          Choose the port profile from the list of available port profiles that are associated to the physical interfaces.

          Use for Container Traffic check box

          Check this check box to indicate that the port profile mapped to the PNIC is data-capable. A data-capable port profile is applied to those physical interfaces that carry all of the container traffic. This distinguishes such a port profile from one applied to physical interfaces intended only to carry other traffic classes such as vMotion traffic, host management traffic and storage traffic. All traffic classes can also be multiplexed on the same set of interfaces which would then still be designated as data capable.

          Attention:

          In every host, there must be exactly one physical port profile in use that is marked data capable.

          Source vSwitch field

          This display-only field shows the virtual switch with which the interface is currently associated.

          Repeat this step for the other PNICs that you want to modify.

          Click Submit.

          Step 11   In the Physical NIC Migration Configuration screen, click Next. The Kernel NIC Migration Specification screen appears.
          Step 12   In the Kernel NIC Migration Specification screen, complete the following fields:

          Each host in a Cisco Nexus 1000V virtual switch must set up a virtual kernel NIC (VMKNIC) to carry the control protocol between the host software and the VSM. In Cisco Nexus 1000V terminology, this VMKNIC is referred to as the L3 control VMKNIC of the host. This screen enables you to set up and configure the L3 control VMKNIC for the host and also provides you an option to migrate the existing VMKNICs from the vswitch to Nexus1000V DVS.

          Name

          Description

          Migrate Kernel NICs check box

          Check the check box to view the list of all available VMKNICs.

          By default this check box is checked.

          VM Kernel NICS table

          Displays the list of all available VMKNICS. You are allowed to edit the VLAN and the VMKNIC usage information. This table is displayed when you check the Migrate Kernel NICs check box.

          Note   

          The VMKNICs whose usage is Management will be used for L3 control communication between the host and the VSM. You can have only 1 VMKNIC which can be management (usually the host management VMKNIC)

          An additional VMKNIC can be used for Storage usage. This configures the iSCSI–multipath feature on the Cisco Nexus1000V for that VMKNIC.

          Important:

          You must ensure that the VLANs mentioned in the table are correct for the VMKNIC and that those VLANs are allowed in the port-profile that was mapped to the physical NIC in the Physical NIC Migration Configuration screen.

          Step 13   (Optional) If you want to modify the attributes of an existing VMKNIC, then select the appropriate VMKNIC, and then click the edit (pencil) icon and modify the existing fields.
          Step 14   (Optional) In the Edit VM KNICs Entry screen, modify the existing fields, and then click Submit.

          Name

          Description

          Select VM Kernel to Migrate

          Name field

          This display-only field shows the VM kernel name.

          VLAN drop-down list

          Choose a VLAN to use with the L3 control VMKNIC. The list contains only those VLANS that were added to the physical port profiles and are mapped to the PNICs in the earlier screens.

          Usage drop-downl list

          Choose the usage of the VMKNIC – management, storage, or unassigned (blank).

          Management usage is automatically added to the management VMKNIC of the host by Cisco VACS. If it is not matching the host management VMKNIC, change the management usage mapping to the right VMKNIC.

          If the storage VMKNIC is present, mark the VMKNIC with usage storage. The iSCSI-mulitpath feature of the Cisco Nexus 1000V will be added to this VMKNIC.

          If the VMKNICs are not used for management or storage, then leave the usage as unassigned.

          Note   

          You can have only one VMKNIC with management usage and it has to be the ESX host management VMKNIC.

          Do not change the VMKNIC usage without verifying the existing VMKNIC configuration and usage on the vswitch.

          Click Submit.

          Step 15   (Optional) If you want to add new VMKNICs instead of using existing VMKNICs, then uncheck the Migrate Kernel NICs check box and complete the following fields:

          Name

          Description

          VLAN drop-down list

          Choose a VLAN to use with the L3 control vmknic.

          Note   

          This option is available if the Migrate Kernel NICs check box is not checked.

          IPv4 Address

          Enter the IPv4 address for the L3 control VMKNIC.

          Note   

          This option is available if theMigrate Kernel NICs check box is not checked.

          IPv4 Subnet Mask

          Enter the subnet mask IPv4 address .

          Note   

          This option is available if theMigrate Kernel NICs check box is not checked.

          Step 16   Click Next. The VXLAN VTEP Interfaces screen appears.
          Step 17   In the VXLAN VTEP Interfaces screen, click + to add entries to the list of VXLAN VTEP interfaces list.

          VXLAN operation requires that each host have one or more Virtual Tunnel End Points (VTEPs). These are represented as vmknics. If the host has data-capable physical interfaces configured in a static port channel mode, then a single VTEP suffices. If the host has one or more physical interfaces configured using the Mac Pinning configuration, then the user can accordingly create as many VTEPs as there are physical interfaces in the MAC pinning configuration. Creating fewer VTEPs results in underutilization of the physical bandwidth that is available to the host.

          Name

          Description

          Add Entry to VTEP Interfaces

          IPv4 Address field

          Enter the IPv4 address of the VXLAN VTEP.

          IPv4 Subnet Mask field

          Enter the subnet mask IPv4 address .

          VLAN drop-down list

          Choose a VLAN that will receive and transmit all VXLAN encapsulated frames. The list contains only those VLANS that were added to the physical port profiles and are mapped to the PNICs in the earlier screens.

          Click Submit.

          Note   

          You can create a maximum of four VXLAN VTEP interfaces to add to the list of interfaces. After you add the first interface, you have to enter only the new IPV4 address to create additional interfaces. All other information is shared between the interfaces across all hosts added via Cisco VACS.

          If you want to change the VLAN or subnet mask of the VTEPs, then you must select the first VTEP that you added, click the Edit button at the top of the table, and then change the fields. All of the VTEPS in the table will be changed.

          Attention:

          You must choose a sufficiently large IP subnet as all the VTEPs of all the hosts added to a single Nexus1000V DVS will belong to the same subnet. This cannot be edited in the UI and the add host process will not proceed further if the IP addresses of the provided subnet are completely utilized.

          Step 18   Click Next.
          Step 19   In the VM Migration Configuration screen, select the VM NIC to migrate and click Next. If you want to edit an entry, click the Pencil icon and complete the following tasks in the Edit VM NICs to Migrate screen:

          Field

          Description

          Select a VM to Migrate

          Name field

          This display-only field shows the name of virtual machine that is being migrated.

          Migration check box

          The check box is unchecked by default. Check the check box to migrate the virtual machine to the Cisco Nexus 1000V DVS.

          Port Profile drop-down list

          Choose the port profile for the virtual machine to migrate. Only the virtual port profiles that were displayed or created in the Port Profile Configuration screen are listed in this drop-down list.

          Source vSwitch field

          This display-only field shows the virtual switch with which the virtual machine is currently associated.

          Click Submit.

          Note   

          If there are only fresh hosts, this list is empty. This list will be populated with VMs only when a host is previously used and it has VMs that you want to migrate.

          Step 20   Click Next.
          Step 21   In the Add Host Summary Information screen, verify the details of the host added. If the details are correct, click Submit. Otherwise, click Back to go back to a previous steps and modify the details.

          After clicking Submit, a pop-up window appears that shows a service request number that can be used to track the progress of the Workflow, as described in the next step.

          Step 22   You can view the progress of adding hosts, by clicking on the Organization > Service Requests. In the Service Request tab, you can view the Workflow Status or Logs to determine the status of the installation and troubleshoot problems.
          Note   

          1. Re-submission of Add-host is not recommended. If there are errors, navigate to the Add-Host UI and Submit the form again. Note that, the port-profiles suggested in the 2nd screen will now have changed, so choose/edit them appropriately.

          2. If the host addition fails, you can manually remove the partial or an unsuccessful host addition. To manually remove the hosts added, see the Removing the Hosts Manually. For additional troubleshooting tips, see Problems with Adding Hosts.

          Was this Document Helpful?

          Feedback

          Let Us Help