VNET High Availability (HA)


VNET HA provides high availability for switch access through a VNET manager. The VNET manager is a zone, typically with one IP interface, allows a VNET administrator to log into and administer a VNET using the CLI or a REST API.


HA functionality is provided by allowing you to create multiple VNET managers. Access to the VNET managers is enabled when you add either standard or VRRP VIP interfaces to the VNET managers.


Without VNET HA, VNET administrators have only a single point of access where the VNET manager zone is running on a particular switch. If that switch fails, the administrator cannot log into the fabric and administer the VNET.


This feature now provides the following:


  • Create or delete a VNET manager zone.
  • The vnet-manager-interface command now accepts VRRP interfaces. This allows you to create VRRP interfaces on VNET manager zones
  • The vnet-create command now provides an option to not create a VNET manager zone when creating a VNET.
  • Copy and paste SSH host keys used on different VNET managers. This is needed when using a VRRP VIP to access the VNET managers to avoid SSH host key violations if the VIP fails over to the standby VNET manager. Install these keys on the client machine used to connect to the VNET managers.


Creating a VNET Manager Zone


To create additional VNET manager zones, use the vnet-manager-create command.


CLI (network-admin@Leaf1) > vnet-manager-create name name-string vnet vnet-name [disable|enable][location fabric-node name][storage-pool storage-pool name]


vnet-manager-create

Creates a VNET manager

name name-string

Specify the name of service configuration.

vnet vnet-name

Specify the VNET assigned to the service.

any of the following options:

 

disable|enable

Specify to enable or disable the service.

location fabric-node name

Specify the location of the service.

storage-pool storage-pool name

Specify the storage pool assigned to the service.


Deleting a VNET Manager Zone


To delete a VNET manager zone, use the vnet-manager-delete command.


CLI (network-admin@Leaf1) > vnet-manager-delete name name-string


Specify the name of service configuration.


Copying and Pasting SSH Keys


To output SSH host keys to copy and paste to ~/.ssh/known_hosts file of the client host, use the vnet-manager-ssh-host-key-show command.


This allows you to SSH to any VNET manager zone and avoid issues with invalid key hosts.


CLI (network-admin@Leaf1) > vnet-manager-ssh-host-key-show [vnet vnet name]


vnet-manager-ssh-host-key-show

Displays the VNET Manager host keys to copy and past to:

~/.ssh/known_hosts.

name name-string

Displays the name of service configuration.


VNET Manager Command Options


This feature uses a new option [no-]create-vnet-mgr which controls whether to create a VNET manager.


The default behavior is creating a VNET manager as this is the current behavior of creating a VNET manager as part of vnet-create.


CLI (network-admin@Leaf1) > no-create-vnet-mgr


vnet-create

Creates a virtual network (VNET)

name name-string

Specify the VNET name.

scope local|cluster|fabric

Specify the VNET scope as local, cluster, or fabric.

create-vnet-mgr|no-create-vnet-mgr

Create or not create a VNET manager service.


VRRP Interfaces Option


This feature now accepts options for VRRP interfaces. This allows you to create VRRP interfaces on VNET manager zones.

CLI (network-admin@Leaf1) > vnet-manager-interface-add vnet-manager-name name-string [vrrp-id 0,,255][vrrp-primary vrrp-primary-string][vrrp-priority 0..254][vrrp-ad-int 10..40950]

vnet-manager-interface-add

Adds an interface to a VNET manager.

vnet-manager-name name-string

Specify the name of service configuration.

vrrp-id 0..255

Specify the ID assigned to VRRP.

vrrp-primary vrrp-primary-string

Specify the VRRP primary interface.

vrrp-priority 0..254

Specify the VRRP priority for the interface.

vrrp-adv-int 10..40950

Specify the VRRP Advertisement Interval in mseconds. The minimum interval is 10ms and the maximum interval is 40950ms. The default interval is 1000ms.


shared-vnet-mgr Option


There is a new option for service create commands: shared-vnet-mgr vnet-manager-name


This option allows you to specify the VNET manager if the option shared-vnet-service is specified and more than one VNET manager exists.


The VNET manager specified is where the new service is created. The command, vrouter-create, also supports this new option:



Note: For backwards compatibility, the vnet-manager-name argument is optional if only one VNET manager exists. If you do not specify the name and more than one VNET manager exists, the command fails.