My ramblings on the stuff that holds it all together
Hands-On Lab 12: Cisco Nexus 1000v Switch
This lab was very popular but I got there early this morning so didn’t have to wait – it takes you through configuring the new Cisco Nexus Virtual Switch, I was keen to understand how this works and how it integrates with vSphere.
It works as thus;
vSphere ESX is likely to ship with 3 types of virtual switch;
- vSwitch – the normal vSwitch that has always been there
- Virtual Distributed Switch – an enhanced vSwitch that can share a configuration and state across multiple ESX hosts; administered via the vSphere client (ex- VIC)
- NX1000v Virtual Switch from Cisco
The NX1000v will be included in the ESX build but is a separately licenced product which you will buy from VMware (via some kind of OEM agreement); you will enable it via a licence key and there are two components;
- VEM – Virtual Ethernet Module – runs inside the hypervisor but you don’t see it as a ‘normal’ VM – think of it in the same way as the service console is an ‘internal’ VM in ESX 3.5
- VSM – Virtual Supervisor Module – this is what you use to administer the VEM, and it’s IOS – you can use all normal Cisco IOS commands and it’s downloadable as an .OVF but it has been mentioned that it will also be available as a physical device – maybe a blade in one of the the bigger Nexus chassis?
You can only carry out basic configuration via the vSphere Client, most of it is done via the IOS CLI or your Cisco compatible configuration manager tools – it really is the same as a physical Cisco switch – just virtualized my lab had some problems which whilst the Cisco hands-on lab guys were trying to fix, port-group config was set on the vSwitch but wasn’t propagating to the vSphere UI/ESX config… they couldn’t fix it in time and I restarted the lab on an alternative machine which worked fine; this is still a pre-release implementation so it’s not suprising – but it does suggest that there is some back-end process on the VEM/VSM that synchronises configuration with ESX.
the HoL walks through configuring a port group on the NX1000v and then applying advanced ACL’s to it, for example to filter RPC traffic. the UI gives quite a lot of information about port status and traffic – but most of the interface is via the IOS CLI.
All in, an interesting lab – as good as the presentation sessions were, it makes it much easier to understand *how* these things work at a practical level when you get your hands on the UI.
The basic proposition is; if you don’t have “network people” or just need basic switch capabilities then the vSwitch and vDistributed switch suit the understanding and needs of most “server people” just fine, but if you need more advanced management and configuration tools or need to have “network people” support the ESX switching infrastructure then this is the way to go.