Wednesday, October 1, 2008

ESX network configuration automation with esxcfg-vswitch

ESX network configuration automation with esxcfg-vswitch

For VI3 environments with multiple VLANs, configuration accuracy is an important step in providing virtual machines with the correct connectivity. Using the esxcfg-vswitch ESX host commands can make life as a VMware admin easier, but there’s a lot to learn. Lucky for you, I have taken the time to familiarize myself with the esxcfg-vswitch ESX host series of commands and have documented them for quick network configuration recreation. A word of caution, however; esxcfg-vswitch is an interactive command and if you are experimenting, you should work with a host in maintenance mode to avoid causing an interruption to your live workload.

In describing how to use the esxcfg-vswitch command, I want to first explain some practice points that I use in my VI3 environment. Most importantly, I create a virtual switch exclusively for the service console and VMkernel (VMotion) roles, and a separate virtual switch for all of the guest virtual machine port groups. The port groups on this separate virtual switch will have 802.1Q VLAN tags applied. With that, let’s jump into the command.

One of the first things you can do is inspect the current virtual switch configuration. This is done with the following command:

esxcfg-vswitch -l

The result will be something similar to what is shown below:

To recreate networks, we can use the esxcfg-vswitch to do this task. My preference is to remove the existing virtual switch, and re-create it to expected configuration. Here is a sample script that will first remove and then re-create the entire virtual switch and five port groups with their corresponding VLAN identifiers:

esxcfg-vswitch -d MainGuestVirtualSwitch

esxcfg-vswitch -a MainGuestVirtualSwitch

esxcfg-vswitch –link=vmnic3 MainGuestVirtualSwitch

esxcfg-vswitch –link=vmnic4 MainGuestVirtualSwitch

esxcfg-vswitch –add-pg=PrivateNetwork MainGuestVirtualSwitch

esxcfg-vswitch –add-pg=ShopFloor MainGuestVirtualSwitch

esxcfg-vswitch –add-pg=BackBuildingUpper MainGuestVirtualSwitch

esxcfg-vswitch –add-pg=BackBuildingLower MainGuestVirtualSwitch

esxcfg-vswitch –add-pg=CoreCorporate MainGuestVirtualSwitch

esxcfg-vswitch –vlan=334 –pg=PrivateNetwork MainGuestVirtualSwitch

esxcfg-vswitch –vlan=332 –pg=ShopFloor MainGuestVirtualSwitch

esxcfg-vswitch –vlan=236 –pg=BackBuildingUpper MainGuestVirtualSwitch

esxcfg-vswitch –vlan=237 –pg=BackBuildingLower MainGuestVirtualSwitch

esxcfg-vswitch –vlan=100 –pg=CoreCorporate MainGuestVirtualSwitch

A couple of notes on this: MainGuestVirtualSwitch is the name for the virtual switch instead off the default vSwitch1 (remember the first one - vSwitch0 - is for service console and VMkernel). There are two interfaces available to this virtual switch, vmnic3 and vmnic4. The port group names are the friendly names of the networks that are used in VI3. After running this script, the following will immediately appear in the networking configuration section of the host in the VMware Infrastructure Client:

clip_image001

I usually go into the virtual switch after it is created through script to make both interfaces active, instead of the default scripted result of one as active and subsequent vmnic interfaces as standby. Good information on esxcfg-vswitch is a little light, but VMworld 2006 had a couple of mentions of it and virtualization expert Mike Laverick makes some mentions of esxcfg-vswitch on the RTFM site.

No comments: