Cloud Services Uncategorized

How to Deploy a vCloud Networking and Security Edge Device

By: David Hill, Senior Cloud Consultant for the VMware Global Centre of Excellence in Cloud Infrastructure

This is a repost from Dave’s personal blog, Virtual-Blog.com

Today I have been working in the lab messing around with vCloud Networking and Security for one of the projects I am working on. With all the new changes in vCloud Networking and Security version 5.1, deploying an edge device needs a little understanding. I have written this blog article to walk you through the steps involved in deploying an edge device, and what to look for when you have deployed it.

The following steps show how to deploy a vCloud Networking and Security edge device through the vCloud Networking and Security Manager.

  • Login to the vCloud Networking and Security Manager (formerly and still called vShield Manager).

  • Expand Datacenters, and select the datacenter you want to deploy your edge device in, and select the tab Network Virtualization.

  • Select Edges.  You will be shown a list of the current edge devices.  Click the green plus to add a new edge device.

  • Type the name you want to call the edge device.  This is the virtual machine display name you will see in vCenter.  If you want to enable HA (High Availability) on the edge, tick the Enable HA device.

  • Enter the CLI username and password that you set when configuring the vCloud Networking and Security Manager.

  • Select the appliance size. I always recommend to keep the Auto rule generation tick box enabled.  Before clicking next, you MUST click the green plus to enter the configuration details for the edge device.

  • Select from the dropdowns, which Cluster or Resource pool and datastore you want to deploy the edge on.

  • You now need to add the interfaces for this edge device, click the green plus.

  • Enter the details for your edge device uplink.  This is the external interface.

  • Select the port group you want to connect the edge to.

  • Specify the IP address for this external interface.

  • Enter the subnet.

  • Scroll down the edge interface window and change the MTU to 1600.  Note: The MTU must be changed on your switches for this to work.

  • Follow the steps again to create an internal interface.  This is the interface that you will use to route traffic from your VMs.
  • Configure the Default Gateway by clicking the check box, and add the gateway IP.  This is the default gateway for your external interface that you added in the previous steps.

  • Enable the tickbox Configure Firewall default policy and set the default policy.  If you ticked the HA box you can set the configuration options for this here.

  • Review the summary and click Finish to deploy the edge device.

  • You will now see the status of the edge Deploying vShield edge device.

  • Once the edge has deployed you will see the status Deploy.

To understand what you have actually deployed, if you look within vCenter at the vSwitch you have deployed the edge on, you will be able to see the different port groups and connections the Edge device has.

David Hill is currently a Senior Cloud Consultant for the VMware Global Centre of Excellence in Cloud Infrastructure. David has been a self-employed IT Consultant and Architect for around 15 years, working on projects for large consultancies and financial institutions. Dave blogs at his personal blog, Virtual-Blog.com, where he hopes to provide readers with an informative reference site when designing/deploying or troubleshooting virtualisation and cloud technologies.

Related Articles

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.