A Network Virtual Distributed Switch (N-VDS) is a virtual switch that delivers faster packet processing. The N-VDS has two performance modes. With an NSX-T deployment, VMware Integrated OpenStack Carrier Edition supports the enhanced mode known as N-VDS enhanced by default.

If you want to separate the N-VDS enhanced transport zone from the standard transport zone, you can use multiple availability zones. To expose multiple availability zones in VMware Integrated OpenStack, you modify the custom.yml file.

Note:

Due to NSX performance problems, N-VDS enhanced does not support firewall and switch security.

Prerequisites

Physical bare metal requirements for an NSX deployment:

  • ESXi version 6.7 or later.

  • NIC supports Fortville (i40en) and Niantic (10G ixgben).

  • N-VDS enhanced driver installed with a physical NIC that supports the N-VDS enhanced overlay and VLAN transport zone.

  • Separate edges added in the N-VDS enhanced transport zone and standard transport zone, or edges added in both the N-VDS enhanced transport zone and standard transport zone.

  • Separate DHCP profile and metadata proxy for different transport zones.

Physical bare metal requirement for an NSX-T deployment:

  • Mapping to a previously created N-VDS enhanced overlay and VLAN transport zone.

Procedure

  1. Implement the custom.yml file.
    sudo mkdir -p /opt/vmware/vio/custom
    sudo cp /var/lib/vio/ansible/custom/custom.yml.sample /opt/vmware/vio/custom/custom.yml
  2. Open the /opt/vmware/vio/custom/custom.yml file in a text editor.

    Configure different availability zones for network resources such as routers and network edge routers, specified using a comma-separated string of zone names. Each availability zone in the list is configured with a separate set of resources.

    nsxv3_availability_zones: zone1, zone2
    {
       'zone_name': 'zone1',
       'metadata_proxy': <profile-name-or-uuid, mandatory>,
       'dhcp_profile': <profile-name-or-uuid, mandatory>,
       'native_metadata_route:<optional>',
       'dns_domain': <optional>,
       'nameservers':<optional>,
       'default_overlay_tz': <optional>,
       'default_vlan_tz': <optional>,
       'switching_profiles: <optional>',
       'dhcp_relay_service': <optional>
    }
    {
       'zone_name': 'zone2',
       ...
    }
  3. Push the new configuration to your VMware Integrated OpenStack deployment.
    viocli deployment configure --limit controller
  4. As a VMware Integrated OpenStack user, consume N-VDS enhanced.
    1. Create the Neutron network and port for the overlay.
      neutron net-create net1 --port_security_enabled false --availability-zone-hint <NVDS_Availability_Zone>
      neutron port-create net1 --port_security_enabled false
      

      For a Nova boot instance, use no-security-group.

    2. Create the Neutron network for the VLAN.
      neutron net-create net1 --provider: network_type vlan --port_security_enabled false --availability-zone-hint <NVDS_Availability_Zone>