16ab how to get started with vios configure networking …schd.ws/hosted_files/commons17/0b/37co...

© 2016, 2017 IBM Corporation 1

© 2016, 2017 IBM Corporation

Session ID:

Agenda Key:

Cognitive Systems

37CO How to Get Started with VIOS Configure Networking in a Virtual EnvironmentGary KonicekIBM Lab [email protected]

170296

37CO


Cognitive Systems

Network Virtualization Options and Purposes

• There are 3 types of network virtualization available with PowerVM– built-in virtual ethernet network that is included in every Power system

• For partition to partition communication on the hypervisor’s private network• No additional hardware needed

– SR-IOV adapters virtualized by the hypervisor• Access external network• Provide all or portion of adapter port to client partitions or VIOS• Specific adapters and software level required

– Virtualize a physical ethernet adapter in VIOS and share it with one or more client partitions (IBM i, AIX, Linux)

• Access external network• Adapter can be a physical network card, IVE/HEA ports (POWER6), or SR-IOV port

• In order for an IBM i client to use a physical network adapter in VIOS, a virtual ethernet adapter must be created in both the VIOS and IBM i LPARs– Virtual ethernet adapters need to be on the same VLAN

2



Cognitive Systems

Private Network Configuration

Hypervisor

Client LPARs

VLAN 5

LPAR1

CMN05

Slot 5

CMN04

Slot 5

CMN06

Slot 5

CMN04

Slot 5

CMN04

Slot 5

LPAR2 LPAR3 LPAR5LPAR4

10.10.10.xxx

• Use virtual adapters to communicate on the hypervisor’s internal network

• Select a different PVID (VLAN ID) for the private network

• Do not bridge to the external network

3


Cognitive Systems

Create Virtual Ethernet Adapter in IBM i LPAR

Using VLAN 5 for the

private network.

Do not bridge to the external network.

4



Cognitive Systems

View of Private VLAN – Virtual Network Management - Classic

5


Cognitive Systems

Shared Ethernet Adapter (SEA)

VIOS provides the capability to share a physical network adapter by creating a Shared Ethernet Adapter (SEA)

IBM i virtual servers (LPARs) using VIOS SEA can access the external network through a virtual Ethernet adapter

Eliminates the need for each IBM i virtual server to have a physical adapter

Many IBM i virtual servers could share a single adapter

IBM i

Client 1

CMN01

Slot 2

VIOS1

en0

Intf

ent4

Slot 2

ent0

C10-T1

ent1

C10-T2

ent2

C10-T3

ent3

C10-T4

ent5

SEASwitch

Hypervisor PVID 1000

IBM i

Client 2

CMN01

Slot 2

10.1.123.xx1 10.1.123.xx2

6



Cognitive Systems

Link Aggregation

Link aggregation is the capability to aggregate multiple physical adapter ports to make a single physical link

Link Aggregation and Shared Ethernet Adapters can be used concurrently

Benefits of Link Aggregation

– Increased bandwidth in a single link

• Three 1Gb ports become one 3Gb link

• Allows an SEA to be shared with more client partitions

– Higher availability – if one physical port fails, the link can stay up

VIOS1

en0

Intf

ent4

Slot 2

ent0

C10-T1

ent1

C10-T2

ent2

C10-T3

ent3

C10-T4

ent6

SEASw

itch

Hypervisor PVID 1000

ent5

Link

IBM i

Client 1

CMN01

Slot 2

IBM i

Client 2

CMN01

Slot 2

10.1.123.xx1 10.1.123.xx2

7


Cognitive Systems

SEA Failover with Link Aggregation

Failover and Redundancy– VIOS 1 can be taken down for maintenance – VIOS 2 would take over the network traffic– A broken cable, or failed adapter would not disrupt Ethernet traffic

• Control Channel may be required to communicate between two VIOS– Recent firmware levels may not require a control channel

VIOS1

en0

Intf

10.1.xxx.201

ent4

Slot 2

PVID 99

Primary

ent0

C10-T1

ent1

C10-T2

ent2

C10-T3

ent3

C10-T4

ent6

Slot 3

ent7

SEA

ent5

Link

VIOS2

ent6

Slot 3

ent7

SEA

ent5

Link

ent4

Slot 2

Standby

PVID 99 10.1.xxx.202

en0

Intf

ent0

C12-T1

ent1

C12-T2

ent2

C12-T3

ent3

C12-T4

PVID 1000

Control Channel

IBM i

Client 1

CMN01

Slot 2

IBM i

Client 2

CMN01

Slot 2

10.1.123.xx1 10.1.123.xx2

8



Cognitive Systems

Requirements for the SEA – Initial Steps

First, be sure you have a physical ethernet adapter assigned to each VIOS

9


Cognitive Systems

Settings on Virtual Ethernet Adapter used by the SEA

Select when using virtual adapter for SEA

Repeat for VIOS2 and set Priority = 2.

Select if using Virtual LAN ID

tagging on the external switch

Each SEA needs a unique

Port Virtual Ethernet ID or

VLAN ID

10



Cognitive Systems

Physical/Virtual Adapter View on Command Line

ent0, ent1, ent2, ent3 = ports on physical ethernet adapter

ent4 = virtual ethernet adapter (created on previous slide)

Note: All adapters are “Available”

If adapter is removed or failed, the status is “Defined”

11


Cognitive Systems

Locating Physical Adapter in the Power System

How do you know where the physical adapter port ent0 is located?

– lsdev –dev ent0 -vpd

Enclosure and slot Port Number

12



Cognitive Systems

Create Virtual Adapter in Client Partition

Needs to match VLAN ID

in VIOS.

Any adapter on this

VLAN can communicate

with this LPAR

13


Cognitive Systems

Link Aggregation

Link aggregation is the capability to aggregate multiple physical adapter ports to make a single physical link

Link Aggregation and Shared Ethernet Adapters can be used concurrently

Benefits of Link Aggregation

– Increased bandwidth in a single link

• Three 1Gb ports become one 3Gb link

• Allows an SEA to be shared with more client partitions

– Higher availability – if one physical port fails, the link can stay up

VIOS1

en0

Intf

10.1.xxx.201

ent4

Slot 2

Primary

ent0

C10-T1

ent1

C10-T2

ent2

C10-T3

ent3

C10-T4

ent5

Link

VIOS2

ent5

Link

ent4

Slot 2

Standby

10.1.xxx.202

en0

Intf

ent0

C12-T1

ent1

C12-T2

ent2

C12-T3

ent3

C12-T4

PVID 1000

14



Cognitive Systems

Creating an Aggregated Link

There is currently no interface in the Classic HMC to create an aggregated link

Aggregated link is created from the VIOS command line or VIOS cfgassist menu

mkvdev -lnagg ent1 ent2 ent3 -attr mode=standard hash_mode=dst_port

If network switch is using etherchannel, use mode = standard

If network switch is using LACP, use mode = 8023ad

Repeat on VIOS2 15


Cognitive Systems

VIOS1

en0

Intf

10.1.xxx.201

ent4

Slot 2

PVID 99

Primary

ent0

C10-T1

ent1

C10-T2

ent2

C10-T3

ent3

C10-T4

ent6

Slot 3

ent5

Link

VIOS2

ent6

Slot 3

ent5

Link

ent4

Slot 2

Standby

PVID 99 10.1.xxx.202

en0

Intf

ent0

C12-T1

ent1

C12-T2

ent2

C12-T3

ent3

C12-T4

PVID 1000

Control Channel

Aggregated Link with Control Channel

A control channel is created to allow a primary VIOS to communicate with a secondary VIOS so

that a failover can occur if the primary VIOS is unavailable

The control channel is a virtual ethernet adapter pair (one on each VIOS) that is linked to the SEA

on that VIOS

Heartbeat messages are passed from the primary to the secondary VIOS over a separate VLAN

(PVID)

16



Cognitive Systems

Create Virtual Adapter Control Channel

Control channel must be created before the failover SEA is created on the secondary VIOS

–Operation will fail if control channel doesn’t exist

–EXCEPTION: Recent firmware levels may not require a control channel

Repeat on VIOS2

17


Cognitive Systems

SEA Failover with Link Aggregation

Each VIOS has a SEA adapter

Each VIOS has a link aggregation

A control channel is created between the 2 VIOS

– Note: One SEA adapter must

have a lower priority at creation

Failover and Redundancy– VIOS 1 can be taken down for

maintenance

– VIOS 2 would take over the network traffic

– A broken cable, or failed adapter would not disrupt Ethernet traffic

VIOS1

en0

Intf

10.1.xxx.201

ent4

Slot 2

PVID 99

Primary

ent0

C10-T1

ent1

C10-T2

ent2

C10-T3

ent3

C10-T4

ent6

Slot 3

ent7

SEA

ent5

Link

VIOS2

ent6

Slot 3

ent7

SEA

ent5

Link

ent4

Slot 2

Standby

PVID 99 10.1.xxx.202

en0

Intf

ent0

C12-T1

ent1

C12-T2

ent2

C12-T3

ent3

C12-T4

PVID 1000

Control Channel

18



Cognitive Systems

Create Shared Ethernet Adapter

19


Cognitive Systems

Create SEA with Failover

VIOS2(2)

VIOS1(1)

20



Cognitive Systems

View of Both VLANs - Virtual Network ManagementVLAN 1 – SEAs and Clients VLAN 99 – Control Channel

21


Cognitive Systems

View of SEA from Command Line

Shared Ethernet Adapter ent7

22



Cognitive Systems

Cases that Initiate Failover When the standby SEA detects that the keep-alive (heartbeat) messages are no

longer received over the control channel.

When the active SEA detects that a loss of physical link is reported by the physical Ethernet adapter’s device driver.

On VIOS with primary adapter, when ha_mode is manually set to standby

The active SEA pings no longer receives replies

VIOS1

en0

Intf

10.1.xxx.201

ent4

Slot 2

PVID 99

Primary

ent0

C10-T1

ent1

C10-T2

ent2

C10-T3

ent3

C10-T4

ent6

Slot 3

ent7

SEA

ent5

Link

VIOS2

ent6

Slot 3

ent7

SEA

ent5

Link

ent4

Slot 2

Standby

PVID 99 10.1.xxx.202

en0

Intf

ent0

C12-T1

ent1

C12-T2

ent2

C12-T3

ent3

C12-T4

PVID 1000

Control Channel

IBM i

Client 1

CMN01

Slot 2

IBM i

Client 2

CMN01

Slot 2

10.1.123.xx1 10.1.123.xx2

23


Cognitive Systems

Steps for Configuring SEAs using Command Line

Create control channel adapters first– mkvdev –vlan 99 (for each VIOS)

Create primary VIOS objects

– Create Aggregated Link (if desired)•mkvdev –lnagg ent3 ent4 –attr mode=standard hash_mode=dst_port

– Create Shared Ethernet Adapter•mkvdev -sea ent5 -vadapter ent2 -default ent2 -defaultid 1 -attr ha_mode=autoctl_chan=ent7

– Configure Shared Ethernet Adapter•cfgassist -> VIOS TCP/IP Config and use en6 for network interface

Create secondary VIOS objects

– Create Aggregated Link (if desired)•mkvdev –lnagg ent0 ent1 –attr mode=standard hash_mode=dst_port

– Create Shared Ethernet Adapter•mkvdev -sea ent3 -vadapter ent2 -default ent2 -defaultid 1 -attr ha_mode=autoctl_chan=ent4

– Configure Shared Ethernet Adapter

•use en5 for network interface

VIOS 1BVIOS 1A IBM i

Client

VLAN 99

Control

Channel

PV

ID =

99

PV

ID =

99

Hyp

erv

isor

PV

ID =

1

PV

ID =

1

PV

ID =

1

Primary Standby

CMN0

Virt

Ent 4

Virt

Ent 2

Virt1Gb 1GbEnt 2

Virt

Ent 7

Virt

Ent 3

Aggr

Ent 5

Aggr

Ent 6

SEAEnt 5

SEA

Ent 0

Phy

Ent 1

PhyEnt 3

Phy

Ent 4

Phy

24



Cognitive Systems

Dual SEAs

Another option is to create shared ethernet adapters (SEAs) in each VIOS and make them peers (not primary/secondary)

–This is also referred to as “load sharing”

–Sharing is scoped to a VLAN so this option can be used only when you have multiple VLANs

HMC does not support this feature yet so need to use VIOS command line

Need to set ha_mode = sharing when creating the SEAs from the VIOS command line

If changing existing SEAs that were previously set to primary/secondary, make sure you change the ha_mode attribute on the primary first

–chdev -dev entX -attr ha_mode=sharing (where entX is name of the SEA)

25


Cognitive Systems

SEA with Clients in Multiple VLANs• IBM i 7.1 and earlier does NOT

support multiple VLANs, but VIOS does support multiple VLANs

• What if you want multiple IBM iclients in different VLANs (subnets) to share a single ethernet adapter link?

• IBM i Client uses PVID that matches a secondary VLAN on the virtual adapter in VIOS

• Network switch config must be aware of secondary VLANs

VIOS 1

Ent4

SEA

Hypervisor

Switch

PV

ID =

3 V

LA

N =

11

Ent 3

Aggr

IBM i

Client 1

PV

ID =

11

CMN0

Virt1GbEnt 2

Virtual

Ent 0

Phy

Ent 1

Phy

IBM i

Client 2

PV

ID =

22

CMN0

Virt

PV

ID =

3 V

LA

N =

22

123.123.11.xxx 123.123.22.xxx

26



Cognitive Systems

Creating Virtual Ethernet Adapters with VLAN Tagging

27


Cognitive Systems

IEEE 802.1Q VLAN Tagging Considerations

• When using 802.1Q VLAN tagging to enable multiple VLANs on a single SEA, consider the following:

– Port Virtual Ethernet ID (PVID) in IBM i LPAR needs to match the 802.1Q tag in the VIOS LPAR

– When 802.1Q tagging is used, the network switch needs to be configured to understand each 802.1q VLAN that is configured in VIOS

• Avoid using VLAN=1 because this is often used as the switch management VLAN

• Good VLAN Tagging Reference

– http://www.ibm.com/developerworks/aix/library/au-managevlans/

28

http://www.ibm.com/developerworks/aix/library/au-managevlans/



Cognitive Systems

Summary

• Use the HMC browser to reduce complexity

• Keep the overall design as simple as possible

• Take advantage of the failover capability in the hypervisor

for maximum availability

29

#COMMONS17www.common.org

Don’t Forget Your Session Surveys

• Sign in to the Online Session Guide (www.common.org/sessions)

• Go to your personal schedule

• Click on the session that you attended

• Click on the Feedback Survey button located above the abstract

Completing session surveys helps us plan future programming and provides feedback used in speaker awards. Thank you for your participation.

http://www.common.org/sessions



Cognitive Systems

https://facebook.com/IBMPowerSystems

https://twitter.com/IBMPowerSystems

https://www.linkedin.com/company/ibm-power-systems

IBM Power Systems Official Channels:

http://www.youtube.com/c/ibmpowersystems

https://www.ibm.com/blogs/systems/topics/servers/power-

systems/

Power Systems Social Media


Cognitive Systems

32

More to Follow:

Blogs to Follow More to Follow Hashtags To Use

• IBM Systems Magazine You and I (Steve Will)

• IBM Systems Magazine i-Can (Dawn May)

• IBM Systems Magazine: iDevelop (Jon Paris and

Susan Gantner)

• IBM Systems Magazine: iTalk with Tuohy

• IBM DB2 for i (Mike Cain)

• IBM DB2 Web Query for i (Doug Mack)

@IBMSystems@COMMONug

@IBMChampions@IBMSystemsISVs

@LinuxIBMMag@OpenPOWERorg

@AIXMag@IBMiMag

@SAPonIBMi@SiDforIBMi

@IBMAIXeSupp@IBMAIXdoc

#PowerSystems

#IBMi

#IBMAIX

#POWER8

#LinuxonPower

#OpenPOWER

#HANAonPower

#ITinfrastructure

#OpenSource

#HybridCloud

#BigData

https://facebook.com/IBMPowerSystems

https://twitter.com/IBMPowerSystems

https://www.linkedin.com/company/ibm-power-systems

http://www.youtube.com/c/ibmpowersystems

https://www.ibm.com/blogs/systems/topics/servers/power-systems/

http://www.ibmsystemsmag.com/Blogs/you-and-i/

http://ibmsystemsmag.com/Blogs/i-Can/

http://www.ibmsystemsmag.com/Blogs/iDevelop/

http://ibmsystemsmag.com/ibmi/trends/iTALK-WITH-TUOHY/

http://db2fori.blogspot.com/

http://db2webqueryi.blogspot.com/

https://twitter.com/IBMSystems

https://twitter.com/COMMONug

https://twitter.com/IBMChampions

https://twitter.com/IBMSystemsISVs

https://twitter.com/LinuxIBMMag

https://twitter.com/OpenPOWERorg

https://twitter.com/AIXmag

https://twitter.com/IBMimag

https://twitter.com/SAPonIBMi

https://twitter.com/SiDforIBMi

https://twitter.com/IBMAIXeSupp

https://twitter.com/IBMAIXdoc

16ab how to get started with vios configure networking …schd.ws/hosted_files/commons17/0b/37co...

Documents