SCVMM - Concepts and Configuration

This documentation exists to remind us of how we implemented the networking model in SCVMM 2016 - but using 2012 R2 documentation because we couldn't find reasonable documentation for 2016.

NOTE: I have read somewhere that you can't re-use a cluster shared volume. SO DON'T TRY. Kill the volumes and re-format them. Otherwise they don't appear to be recognized by VMM

Concepts and Configuration

"One key point is to ideally perform all your configuration through SCVMM for your Hyper-V host. Don't create virtual switches, don't create NIC teams, don't start creating virtual machines. The best experience is to define the configuration in SCVMM and let it perform all the configuration on the hosts.

In the order considered, we have the following architectural components:

1. Logical Network
   1. A Network Site
2. Logical Switch
3. VM Networks
4. Port Classifications

Logical Network

Concepts

The first architectural component for SCVMM is the Logical Network. It models your physical network infrastructure and connectivity in SCVMM. Logical Networks are often given purposes: E.g. Management, Internet, DMZ. Do not think of a logical network as being in one place, it can span many "sites" or it can span just one.

The logical network is modeling the physical network so it is important that your objects match the physical topology, such as the correct IP and VLAN configuration!

A Network Site in a logical network may reflect location, but more specifically identifies a set of network configurations. I.e. VLAN and IP subnet - although we don't use a subnet at all! Instead we use MAC pools in SCVMM and DHCP outside of SCVMM.

Summary:

1. Create Logical Networks to mirror the physical networks that exist, OR
2. Create Logical Networks to define the networks that have specific purposes.
3. Identify Logical networks that need to be isolated and identify the isolation method.
4. Determine required network sites, VLANs, PVLANs, and IP pools required for each logical network and deploy them.

Configuration

Step 1-2:

We named our Logical Network VLANS Network because we have a network of VLANS all attached to a router/firewall which takes care of all routing between VLANs. This is Step 1 above (the physical approach).

Logical Network: VLANs Network

Step 3:

Each one of these VLANs is isolated from each of the other ones by a firewall so we identify this as:

VLAN-based independent networks.

Step 4:

The site is simply the SOC or school of computing site. Within that site we have several VLANs with no assigned subnets.

Site: SOC

VLANs include:

• Mangement Network VLAN	10
  VM default VLAN	14
  Firewalled VLAN	119
  Private VLANs	201 - 220

Step 5 This was done in the switches themselves with tagged VLANs. See VLAN configuration

Logical Switches

Concepts

The Logical Switch component acts as the container for all virtual switch settings and ensures a consistent deployment across all servers using the logical switch. I.e. Logical switches are the configuration residing on the SCVMM host. Virtual switches are the actually implementation of switch functionality on a host in the cluster. Hence $$Logical~Switch \rightarrow\rightarrow Virtual~Switch$$.

Defines and uses extensions, port classifications and port profiles.

Before you create a logical switch:

1. Create your logical networks and define the network sites that compose the logical network
2. If you are using Hyper-V extensible virtual switch extensions, install the providers for VMM and add their virtual switch extension managers (we are not).
3. If you are not using a forwarding extension, create native port profiles for uplink adapters that will be used to define the connectivity and behavior of the physical adapters that are connected to the logical switch.
4. Create native port profiles for virtual adapters that will be used to define the port settings for the native Hyper-V virtual switch.

The logical switch is the Live Migration boundary - machines can only be live migrated to other machines that have the same logical switch configuring a virtual switch on the host.

Port Profiles

Two Types:

1. virtual port profiles - settings applied to actual virtual NICs attached to VMs or created on the management host OS itself.
   1. Offload settings (e.g. VMQ, IPsec and SR-IOV... QoS)
   2. There are several built-in virtual port profiles
   3. Think Layer 2 configuration parameters - i.e. ethernet.
2. uplink port profiles - defines the connectivity of the virtual switch to logical networks.

Configuration

We use a single virtual switch for each host, therefore we have a single logical switch configuration that gets applied. Each virtual switch will have two physical adapters, so the uplink mode will be Team.

Logical Switch Name: Single Switch Config
Uplink Mode: Team

Settings: (default)
Extensions: (default)
Virtual Port: Added High Bandwidth port classification with defaults.
Uplinks: Added VLANs Uplink Trunk, Dynamic, Switch Independent, SOC site, Checked Enable Hyper-V...

VM Networks

VM Networks hide the underlying technology used by the logical networks. These are the components that VMs actually connect to. It is what the user sees.

We have four such VM networks: VM Default (14), Server (10), Firewalled (119) and Private (201-220)

People with access to a network get the single VLAN network. However Private must be set by an administrator.

Port Classifications

These abstract the port profiles. and are what is seen in a VM template. I.e. port classifications map to port profiles and are used in VM templates. So give them user friendly names!

...

after extensive work

1. No connected storage device could be identified that satisfies all requirements.
2. No network interface card could be identified that meets all requirements.
3. Creating a virtual machien using fast file copy requires the host og.cs.southern.edu to have an associated Run As account.