vSphere Adding iSCSI Storage

vSphere Adding iSCSI KB ID 0001378

Problem

iSCSI storage is nice and cheap, so adding iSCSI 10/1Gbps storage to your virtual infrastructure is a common occurrence.

vSphere Adding iSCSI Solution (vSphere 7/8)

Add a Software iSCSI Adaptor: Select the host > Configure > Storage Adapters > Add > Software iSCSI adaptor > OK.

After a few seconds you should see it appear at the bottom of the list.

Create a vSwitch and VMKernel:If you already have this configured you can skip this section, but basically you need a vSwitch, with a VMKernel interface (that has an IP address on it that can ‘see’ your iSCSI device), and then you need to connect a physical NIC from that vSwitch the iSCSI network (or VLAN).

With the host still selected > Configure > Virtual Switches > Add Networking.

.

VMKernel Network Adapter > Next.

New Standard Switch > Set the MTU to 9000 to enable jumbo frames > Next.

Note: Make sure the physical switches you are connecting to also support Jumbo Frames. Each vendor will be slightly different to configure.

THIS IS CONFUSING: Select the NIC you want to add the the vSwitch, and then ‘Move Down‘ so that it is listed in Active Adapters > Next.

Give the switch a sensible name (like iSCSI) > Next.

Define the IP address of the VMKernel (this needs to be able to see the iSCSI Target IP addresses) > Next.

Note: Don’t worry about the default gateway, it will display the default gateway of the managment network, that’s fine, unless you need to route to the iSCSI devices).

Review the settings > Finish.

You should now have a new vSwitch for iSCSI.

vSphere Adding iSCSI Storage: Create Port Binging

Back on the Storage Adapters tab > Select the iSCSI adapter > Network Port Binding > Add.

Select the one you’ve just created > OK.

vSphere Adding iSCSI Storage: Add iSCSI Target

Dynamic Discovery > Add.

Add in the iSCSI Target IP for your storage device/provider > OK.

At this point it’s a good idea to do a full storage rescan.

No Storage Has Appeared? Remember at this point your iSCSI storage device probably needs to ‘allow’ this ESX server access to the storage before it will either appear (if it’s already been formatted as VMFS and is in use by other hosts) or if it’s the first host that needs to connect to format the datastore as VFMS.

How this is done varies from vendor to vendor.

If you need to add the storage manually > Host > Storage > New Datastore.

vSphere Adding iSCSI Solution (vSphere 5/6)

Add a Software iSCSI Adaptor: Select the host > Configure > Storage Adaptor > Add > Software iSCSI adaptor.

After a few seconds you should see it appear at the bottom of the list.

Create a vSwitch and VMKernel:If you already have this configured you can skip this section, but basically you need a vSwitch, with a VMKernel interface (that has an IP address on it that can ‘see’ your iSCSI device), and then you need to connect a physical NIC from that vSwitch the iSCSI network (or VLAN).

Note: You can add a port group to an existing switch, (or use a distributed switch!) Here I’m using a standard vSwitch and keeping my storage on its own vSwitch.

With the host still selected > Configure > Virtual Switches > Add.

VMware Kernel Adaptor > Next > New Standard Switch > Next > Add in the Physical NIC that’s connected to your iSCSI network > Next.

Give the VMKernel port a name (i.e. Storage-iSCSI) > Next > Put in the IP details* > Next > Finish.

*Note: You may need to add a gateway if your iSCSI device is on another network.

Jumbo Frames Warning: Edit the properties of the switch and set it’s MTU to 9000 to allow for jumbo frames.

vSphere Adding iSCSI Storage, make sure the physical switches you are connecting to also support Jumbo Frames. Each vendor will be slightly different in my case the switches are Cisco Catalyst 3750-X’s so I just need to enable jumbo frames universally on the switch (which requires a reload/reboot!)

Allow Jumbo Frames Cisco Catalyst 3750-X

Execute the following commands;

[box]

Petes-Switch#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Petes-Switch(config)#system mtu jumbo 9198
Changes to the system jumbo MTU will not take effect until the next reload is done

Then Reboot/Reload the Switch and Check

Petes-Switch#show system mtu

System MTU size is 1500 bytes
System Jumbo MTU size is 9198 bytes
System Alternate MTU size is 1500 bytes
Routing MTU size is 1500 bytes

[/box]

vSphere Configure iSCSI: Back on your vCenter, we need to ‘Bind’ the VMKernel port we created above, to our Software iSCSI adaptor. With the host selected > Configure > Storage Adaptors > Select the iSCSI Adaptor > Network Port Binding > Add.

Select the VMKernel Port  > OK.

Note: If you can’t see/select anything, make sure each iSCSI port group is set to use ONLY ONE physical NIC, (i.e. move the others into ‘unused’). That’s on the port group properties NOT the failover priority of the vSwitch.

Add an iSCSI Target to vSphere: With the iSCSI Adaptor still selected > Targets Add.

Give it the IP address of your iSCSI device.

At this point, I would suggest you perform a ‘Storage Rescan’.


Ensure ALL HOSTS, have had the same procedure carried out on them. Then (assuming you have configured your iSCSI device), presented the storage, and allowed access to it from your ESX hosts. Right click the Cluster > Storage > New Datastore > Follow the instructions.

IBM Storagewize v3700 iSCSI 

This article is just for configuring the VMware side, but just as a placeholder, (and to jog my memory if ever I put in another one.) The process is.

1. iSCSI IP addresses, Note: these are under Settings > Network > Ethernet Ports. (Not iSCSI confusingly.) 

2. Create the Hosts (Note: you can copy the iqn in from vCenter).

 

3. Create MDiscs (RAID groups) from the available disks, Note: Global Spares are allocated here.

4. Create a Pool, I don’t really see the point of these, but you need one to create a volume.

5. Create the Volumes, which you will present to the Hosts, then create host mappings.

 

Related Articles, References, Credits, or External Links

vSphere ESX – Configure Buffalo Terastation 5000 as an iSCSI Target

GNS3 Cannot Connect Network Interfaces when running on VMware vSphere

KB ID 0000671 

Problem

I have plenty of real ASA firewalls to play with, but it’s getting round to re-certification time, so for ease I thought I’d run up a Virtual ASA on my vSphere 5 box just for testing and breaking.

However no matter what type of Virtual Network adaptor I used (vmxnet3, e1000, etc) I could not connect to the virtual firewall.

Solution

1. Firstly make sure you actually have an IP address in the correct range set on the ASA, and the interface is up.

Note: To connect a virtual ASA to the outside world you need to have a ‘Cloud’, then assign your machines NIC to the cloud. Finally you join the cloud to the ASA with a switch.

2. From my laptop (out on the network), I could not connect to, or ping the ASA 🙁

3. However if you log into your ESX/vCenter Server and change the settings on the virtual switch that the parent VM is attached to. Configuration > Networking > Switch > Properties > vSwitch > Edit > Security Tab > Change Promiscuous Mode to Accept > OK.

4. Now it works!

Related Articles, References, Credits, or External Links

NA

Cisco Catalyst – Configure Ports for VMware ESXi NICs using VLANS

KB ID 0001065 

Problem

If you don’t need different virtual machines to be in different VLANS on your vSphere/ESXi servers then you probably just connect everything together and it all works fine. I was trying to carve off some hosts into their own VLAN today, and setup a new vSwitch.

or if you prefer to work in the fat client.

Now you can see (above), I’ve presented one physical NIC to this vSwitch (vmnic1). This is patched into a Cisco 3750 Catalyst switch. I configured this switch as an ‘access port’ in VLAN 200, I made sure VLAN 200 had an IP address (an SVI address on the switch). and hit a brick wall!

No entries in the switch MAC address table, no bytes being transmitted from the VM, nothing?

Solution

I was pondering on this during my drive home, and the thought struck me, “I’ve got a ‘port group’ in VLAN 200. I had made the port on the Cisco switch an ‘access port’, so I could never add another port group with another VLAN, that’s probably why it’s not working”.

Now if I was connecting two ‘real’ switches together and wanted to do this, I would need to create a ‘trunk’ port between the two switches, and ‘allow’ VLANs across the trunk, (or allow all VLANs).

Just because you are connecting to a VMware virtual switch the process is the same, even if you only have one port group and VLAN connecting to the vSwitch! You CANT configure trunking on the virtual switch (because it does not support DTP), so you need to do everything on the Cisco Catalyst Switch.

In the example below you will need to change the port and VLAN to match your own (highlighted in red).

[box]

interface FastEthernet1/0/2
description Connected to ESX vmnic1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200
switchport mode trunk
switchport nonegotiate
spanning-tree portfast trunk

[/box]

Here’s me carrying out the procedure on my 3750;

[box]

User Access Verification

Password:
Petes-3750>enable
Password:********
Petes-3750#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Petes-3750(config)#interface fastEthernet 1/0/2
Petes-3750(config-if)# description Connected to ESX vmnic1
Petes-3750(config-if)# switchport trunk encapsulation dot1q
Petes-3750(config-if)# switchport trunk allowed vlan 200
Petes-3750(config-if)# switchport mode trunk
Petes-3750(config-if)# switchport nonegotiate
Petes-3750(config-if)# spanning-tree portfast trunk
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc... to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION

Petes-3750(config-if)#exit
Petes-3750(config)#exit
Petes-3750#write mem
Building configuration...
[OK]
Petes-3750#

[/box]

ESX/Cisco ‘Switchport Mode Access’

So can you do this? Yes you can, as long as you DO NOT specify the VLAN number on the vSwitch ‘port group’.

To prove it here’s another switch, connected to vmnic2, it has NO VLAN ID, and it’s connected to port FastEthernet 1/0/5 on my switch. Here is the configuration for that, (again this assumes you have VLAN 201 created with an SVI);

[box]

Petes-3750#show run Interface FastEthernet 1/0/5
Building configuration...

Current configuration : 148 bytes
!
interface FastEthernet1/0/5
description Connected to ESX vmnic2
switchport access vlan 201
switchport mode access
spanning-tree portfast
end

Petes-3750#

[/box]

Related Articles, References, Credits, or External Links

NA