vDS: when to use it and what benefits does it 'really' provide.

Deathmage

Hey guys,

So I just read two books on the kindle the past 24 hours and I'm curious of a few things but vDS really interests me. I don't use it on my home-lab (or should I) since I don't fully grasp it's real-world benefits and why it needs to be used.

Can one of the VMware Guru's explain please.

tomtom1

Well, it's fairly simpel. Suppose you have 200 ESXi hosts. Your networking team provides a new VLAN for you to provision to VM's. Would you rather:

1) Go on each and every single host and add a VM port group with the new VLAN?
2) Add one port group on the DvSwitch and let the DVSwitch propagate the information to your ESXi hosts?

Also, the VDS supports some extra features, like network vMotion (the network performance informations is retained when a VM is vMotioned over to another hosts), LLDP (open source variant of CDP), Netflow (to gather performance information), and egress traffic shaping among some more features but the main benefit is the fact that all your ESXi hosts have the same standardised network configuration, with vCenter as your single management organ.

jibbajabba

Private VLANs is another feature What I'd be more interested in is how one can read two books in 24hrs

slinuxuzer

Ingress and egress traffic shaping is only available on VDS. support for LACP only vds. biggest use case is probably ease of management in large environments. NIOC (network I/O Control) also on VDS only. Enhanced traffic mirroring/taping options for troubleshooting / IPS/IDS VDS only. If you have safari read Chris Wahls netwokring for VMware admins, excellent book.

Keep in mind the management plane for the VDS exists in Vcenter/Vcenter database, if your vcenter box becomes unavailable you won't be able to manage your VDS(s), all traffic will still flow as the I/O plane exists still on the ESXI hosts, but you won't be able to create port groups, change port group assigments, or make changes to the VDS whatsoever, and if by chance you lose the Vcenter database totally, your looking at a reboot of every single VM in your environment as well as every host in your environment to fix the issue. Don't lose your VCDB, just don't do it.

Deathmage

jibbajabba wrote: »

Private VLANs is another feature What I'd be more interested in is how one can read two books in 24hrs

Read VMware vSphere 5 Administration: instant reference last night in about 6 hours and then since I was cruising along downloaded Scott Lowe's book (bear in mind I read faster) but since there was tons of lapse info it was quicker to read.... just finished Scott's book 20 minutes ago.

I passed out at 1:30 and woke up at 8 and kept reading. Now to go lab since I learned some stuff for the lab...

OT: I see the be benefits of vDS I just don't see it for a small (under 5 host) cluster. I could be wrong though. But it's still good to plant in the back of my mind.

Deathmage

slinuxuzer wrote: »

Ingress and egress traffic shaping is only available on VDS. support for LACP only vds. biggest use case is probably ease of management in large environments. NIOC (network I/O Control) also on VDS only. Enhanced traffic mirroring/taping options for troubleshooting / IPS/IDS VDS only. If you have safari read Chris Wahls netwokring for VMware admins, excellent book.

Keep in mind the management plane for the VDS exists in Vcenter/Vcenter database, if your vcenter box becomes unavailable you won't be able to manage your VDS(s), all traffic will still flow as the I/O plane exists still on the ESXI hosts, but you won't be able to create port groups, change port group assigments, or make changes to the VDS whatsoever, and if by chance you lose the Vcenter database totally, your looking at a reboot of every single VM in your environment as well as every host in your environment to fix the issue. Don't lose your VCDB, just don't do it.

Is there a way to backup the database? ....or would best practise be to do a acronis/ghost system state backup of the entire appliance? ....in a DR scenario of course.

tomtom1

Deathmage wrote: »

OT: I see the be benefits of vDS I just don't see it for a small (under 5 host) cluster. I could be wrong though. But it's still good to plant in the back of my mind.

Well, it kind of depends on the features you're willing to use. For example, the VDS supports "Route based on physical NIC load" which evaluates the load of the physical NIC every 5 seconds on a given port group / vswitch and it will failover to another NIC if the utilization of that physical NIC exceeds 75%.

Also, do keep in mind that every organization grows. You may start out with 5 machines, but what if you add a sixth? Sure, you can install ESXi on it, and recreate your port groups manually, but wouldn't it be way nicer if you could just hook the host up to your vCenter.

If you have the feature (do note: Ent Plus only) I'd most definitely use it for scalability, even in a 5 host cluster setup.

Deathmage wrote: »

Is there a way to backup the database? ....or would best practise be to do a acronis/ghost system state backup of the entire appliance? ....in a DR scenario of course.

You can either put the vCenter database on a different server (even in a MSSQL Master / Slave setup for example), or you can export the VDS seperately since version 5.1. Also note that the exporting of the VDS is only supported in the vSphere web client. Either way, losing the vCenter database can cause you some major headaches, trust me, I've been there. Although a nice learning process, not really great in production.

slinuxuzer

Vcenter installs SQL express by default, but SQL express is generally considered only suitable for super tiny environments of 50 VMs or less. Most prod deployments will use MSSQL full version or Oracle and you can backup the DB through the features they provide.

Best practice is to use full recovery model, which writes a transaction log and allows restoration of the DB to any point in time. The other recovery model would be simple and allows a restore of the DB to only as recent as the last full backup, generally 24 hour RPO (recovery point objective) assuming you back it up nightly.

Yes, you can and probably should also use the native backup feature for VDS, but this isn't a replacement for backing up the full vcenter DB, the Vcenter DB stores other critical info, VM registrations, security config, performance stats, and many other mission critical things.

Essendon

Elastic ports is an advantage of the vDS, you set them to Elastic and the vDS increases the ports on demand. Not a new thing, but exposed via the GUI (5.1 and up). BPDU filters is another advantage of the vDS.

Deathmage

So. vDS will not needed for a small cluster makes your life easier with multiple config....and it's other features.

Would it be safe to compare it to a group policy?

Essendon

I'd always use a vDS (if licensed of course). I got far better things to do than creating a port group on every host. Use it. 5.1 and onwards, you can rollback any unintended changes.

Yeah you can kinda compare it with group policy.

QHalo

Yup, only 6 hosts here and I use it. Host profiles are so hit and miss sometimes with networking that it's almost worth it just for that alone.

kj0

Not to mention that if you have Host Profiles, you also have Distributed Switches

QHalo

Touche!