Solved

How to : Network resource management/pools

Posted on 2011-09-27
21
328 Views
Last Modified: 2012-06-27
I need to determine a way to deploy network resource limits to individual hosts on a vSwitch, not at the vSwitch level.  I'd rather do this at the ESX level than at the individual host OS-level.

For example, I want hosta/eth0 to be capped to a max throughput of 100mb/s, hosta/eth1 to be uncapped, hostb/eth0 to be capped to 1gb/s etc.

Am unsure if this is possible to do at the host level, in a way similar to resource pooling ram, cpu or disk.

0
Comment
Question by:sirbunnz
  • 11
  • 5
  • 5
21 Comments
 
LVL 40

Expert Comment

by:coolsport00
ID: 36709031
Resource Pools is indeed the 'tool' to use to manage resources for varying VMs. They are created on the individual hosts though. See starting on pg. 43 of the Res Mgmt Guide here:
http://www.vmware.com/pdf/vsphere4/r41/vsp_41_resource_mgmt.pdf

Regards,
~coolsport00
0
 
LVL 118
ID: 36709038
You can create a VIrtual Machine Network Port Group which is Bandwidth Throttled?
0
 
LVL 40

Expert Comment

by:coolsport00
ID: 36709042
But, resource pools are specifically for CPU/RAM resources. For network resources, you can only use the vSwitch for doing this, and that is also at the host level. You can create VLANs and assign a specific NIC to a vSwitch.
0
 
LVL 118
ID: 36709051
bandwith throttled Virtual Machine Port Group
0
 
LVL 1

Author Comment

by:sirbunnz
ID: 36709057
Yeah, can't do it at the vSwitch level without extensive reconfiguration.  I dont want to limit the vSwitch throughput, just the virtual ETH device on specific hosts.
0
 
LVL 118
ID: 36709067
Traffic shaping can be performed on the vSwitches (virtual switches), but the vSwitch are after the HOST NIC interfaces, if you wanted to throttle the host interfacaes you would have to throttle on the physical switch, that they are connected to.

But why not group by virtual machine port groups via vSwitches?

two vSwitches with two Virtual Machine portgroups,

1. max throughput of 100mb/s
2. uncapped
0
 
LVL 118
ID: 36709078
the NICs on the host are physical not virtual?

Extensive congfiguration, it's just adding a new Virtual Machine Port Group?
0
 
LVL 40

Expert Comment

by:coolsport00
ID: 36709082
Well, just assign a separate NIC (if available) to a 2nd vSwitch and configure bandwidth how you're needing to. Pg. 15 of the Config Guide explains a little bit more on Networking:
http://www.vmware.com/pdf/vsphere4/r41/vsp_41_esxi_server_config.pdf (good read IMO)
0
 
LVL 118
ID: 36709087
What are you trying to achieve, limiting Virtual Machines bandwidth?
0
 
LVL 1

Author Comment

by:sirbunnz
ID: 36709125
Hmm, I think I'm not understanding your comments.

I have 4 physical NICs on the ESX Hosts, 4 virtual switches.  No network redundancy is deployed.  Each switch represents a physically segrated network segment.  One of those segments, vSwitch3 in this instance, is my LAN segment that hosts a lot of servers.  I want to prioritise, or limit, the network usage from specific hosts on my LAN, without limiting in any way the total throughput of the vSwitch.

I'm not running VLANs on any of this and not deploying QOS across the LAN just to deliver this functionality.

Ideally, I want to configure the NICs on the VM's to behave themselves (be thottled or capped), but if I can't do that, I'll have to look at guest OS-Level implementations, which will be complicated.

Is your VM PortGroup things an option?  I"m not sure what that refers to in relation my current environment.  But then, I wasn't all that clear on my current environment I guess.  ;)

Why can they not simply have resource pooling for network resources the same way they have for most other things?  :)

By what I can see, there is a link between a vSwitch and a physical NIC, so the same physical NIC cannot be present on multiple vSwitches?  If there is a way to make this work, then I can probably do the throttling at a vSwitch level and simply deploy my "throttled" hosts to that vSwitch.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 40

Expert Comment

by:coolsport00
ID: 36709160
VMs use the VM Network Portgroup for their traffic from the virtual NIC they use through the physical NIC of the host. Not all the NIC bandwidth is used solely for VMs...potentially. It's just whatever you have configured for the phys NIC on the vSwitch (could be Mgmt traffic, vKernel traffic for VMotion, etc.). But, it sounds like in your case, vSwitch 3 may be used solely for the VMs? If that is true, then configuring the VM Network portgroup on vSwitch3 would limit the traffic for the VMs that use that vSwitch, and thus the traffic passing through the NIC assigned to vSwitch3. Yes, the same phys NIC canNOT be assigned to multiple vSwitches. But a vSwitch can have multiple phys NICs...for redundancy, etc.
0
 
LVL 118
ID: 36709161
Are you getting hosts confused with guest VMs?

Do you want to throttle the Guest Virtual Machines on the HOST ESXi/ESX Server?

You throttle on the vSwitch internally to the VMs.

There is no overall throttle on the physical NIC in the ESX/ESXi server (HOST).
0
 
LVL 118

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
ID: 36709185
You simply create a new Virtual Machine network on ALL your vSwitches.

Edit this Virtual Machine Network, and select the throttle required.

Connect the VMs that you want to be throttled to this NETWORK!

You do not have to configure anything inside the VM.

Throttle is done on the Network Portgroup.

BUT, Network Throttle CAN also be performed on the ACTUAL vSwitch itself.

So this would perform the same function?
0
 
LVL 118
ID: 36709200
If you want to read more on networking in VMware ESX/ESXi, then I recommend the following:-

I would also recommend reading through the Networking Sections of the following guides to gain a better understanding of Networking in VMware ESX/ESXi.

Pages 13 - 73 Discuss Networking in Detail, including trunks, VLANs, switches, and load balancing

ESXi Configuration Guide ESXi 4.1
http://www.vmware.com/pdf/vsphere4/r41/vsp_41_esxi_server_config.pdf

Virtual Networking
http://www.vmware.com/technical-resources/virtual-networking/virtual-networks.html

Virtual Networking Concepts
http://www.vmware.com/files/pdf/virtual_networking_concepts.pdf
0
 
LVL 1

Author Comment

by:sirbunnz
ID: 36709257
I may be confusing you with host/guest.

At the ESX HOST Level
- the physical servers have 4 physical NICs, each allocated to a seperate vSwitch.  Each physical NIC is connected to a segregated PHYSICAL network.

At the GUEST OS Level
- I want to rate-limit the network traffic to/from specific hosts
- the guest os in question has 2 virtual nics, connected to 2 different vswitches
- i want to rate-limit the virtual nic connected to vswitch3

The "problem I'm trying to solve" is that the nature of the network is such that some machines ip traffic communicate entirely within the cluster, even when crossing physical network boundaries, without their packets "hitting the wire" and being limited to wirespeed, which esx delivers/sends at full speed.  This causes flow-on affects as my guests try to write data to disks, deliver that data out the physical wire etc.

Basically, an FTP session from a box on vSwitch3 to the DMZ (vSwitch2), has data delivered via IP at a rate faster than its disks can keep up, leading to disk congestion on OTHER requests to access the guests disks.  This issue has cropped up due to the deployment of a collapsed network environment using a virtual firewall, meaning that this traffic now never actually hits a physical wire/speed limit.  In fact, esx reports network speeds of >35,000Kb/s on send/receive to this particular guest in this situation.

Without affecting the other virtual machines, I merely want to "slow down" the rate at which 2 of my hosts can generate IP packets, which obviously isn't something ESX is overly concerned about (SLOWER?  YOU WANT SLOWER?  ARE YOU MAD?!?!?!) and dont seem to make easy.

From what I can see with PortGroups, this again targets the transmission of packets onto the physical wire/NIC, not the virtual NIC.

0
 
LVL 118
ID: 36709302
create a new virtual network on the vswitch3, apply traffic shaping to this virtual network, and connect guest vm nic to this network?

whats wrong with above?
0
 
LVL 118
ID: 36709323
yes, i understand what your are stating.....its packet generation in the VM?
0
 
LVL 1

Author Comment

by:sirbunnz
ID: 36709329
Doing that now.

Am not convinced from the documentation that this will actually throttle traffic that DOESNT HIT THE PHYSICAL NIC however and instead heads to another vSwitch.

Thanks for the assist however, will let you know in 15 minutes if it worked or not.
0
 
LVL 1

Author Comment

by:sirbunnz
ID: 36709629
Well, that actually looks to work, despite what the documentation says, excellent.  Thanks for the assist guys!
0
 
LVL 40

Expert Comment

by:coolsport00
ID: 36709633
Awesome...glad you're up and going :)
0
 
LVL 118
ID: 36709704
No problems!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, I will show you HOW TO: Suppress Configuration Issues and Warnings Alert displayed in Summary status for ESXi 6.5 after enabling SSH or ESXi Shell.
In this article, I show you step by step with screenshots to assist you - HOW TO: Deploy and Install the VMware vCenter Server Appliance 6.5 (VCSA 6.5), with some helpful tips along the way.
Teach the user how to install and configure the vCenter Orchestrator virtual appliance Open vSphere Web Client: Deploy vCenter Orchestrator virtual appliance OVA file: Verify vCenter Orchestrator virtual appliance boots successfully: Connect to the …
This Micro Tutorial steps you through the configuration steps to configure your ESXi host Management Network settings and test the management network, ensure the host is recognized by the DNS Server, configure a new password, and the troubleshooting…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now