If you manage a vSphere hypervisor environment, you can configure virtual switches (vSwitches) and distributed virtual switches (dvSwitches) with virtual ports to allow virtual machines on the same ESX Server host to communicate on the network. Your VMware environment also requires port groups, which, according to the VMware Infrastructure Library “define how a connection is made through the vSwitch to the (physical) network construct.”
You can use the Orchestration Server to monitor the discovered VMs in your vSphere environment (provided that you have configured the vSwitches or dvSwitches on those VMs), dynamically deleting unused port groups from the virtual switches to free up resources on the vSwitch or dvSwitch so that it can be used elsewhere in the virtual network. Then, if you later decide to provision a VM that requires the port group, the Orchestration Server can be configured to automatically re-create the required port group. This allows VMs to be moved or migrated from one host to another without reconfiguring the networking information on either the VM or the host.
This section includes the following information:
When the Orchestration Server discovers a vSphere VM, it maps port group configuration settings (including its associated vSwitch or dvSwitch configuration settings) to a virtual bridge (vBridge) grid object in the Orchestration Server. As the virtual networking settings (including the VLAN ID) of these resources are determined during VM and VM host discovery, the Orchestration Server also automatically creates a Network group object to group similarly associated vBridge objects. All necessary information required for re-creating a port group is preserved on the Network object and the vBridge object.
You can instruct the Orchestration Server to dynamically create a port group in the vSphere environment if a VM that you are provisioning requires it or you can delete and existing port group when the last VM utilizing that port group is shut down. Port groups are dynamically created on the host/dvSwitch only when a VM requiring a port group is provisioned. A port group is deleted only when there are no active VMs utilizing it and if it is not configured as a management network interface. In order for dynamic creation or deletion to function properly, you need to configure the dvSwitches/vSwitches in the vSphere environment.
The vsphere provisioning adapter utilizes information it gathers during discovery and stores on the Network objects to determine how to correctly create a required port group and to attach it to the correct dvSwitches or vSwitches. You can modify this information on the discovered Network objects, or you can add it to Network objects that you customize in the Orchestration Console.
This section includes the following information:
The Orchestration Server uses the following facts when it creates a port group:
group.dvswitch: A Boolean fact that specifies if the port group is to be attached to a dvSwitch or to a standard host vSwitch. The value is set to true for a dvSwitch or false if set for a vSwitch.
group.switch: The name of the dvSwitch or vSwitch that the port group is to be attached to. This fact can be a regular expression to match against different dvSwitches or vSwitches on different hosts
group.vsphere.portgroupsettings: An XML string that describes the settings on the port group (for example, Security, Traffic Shaping, or Teaming policies). Use the vSphere tools to configure these settings, so that the Orchestration Server can properly populate the fact upon discovery.
group.vlanid: The vLAN ID that is associated with the port group. A value of zero (0) is equivalent to no vLAN.
The Orchestration Server also uses the group.vbridge.matchname.fact. This is a regular expression used during discovery of Networks to correlate port groups that are functionally identical (and should therefore be grouped in the same Network object in the Orchestration Server) but are not named the same. So, if Host A contains a port group named HostA-InternetConnection and Host B contains a port group named HostB-InternetConnection, modifying the group.vBridge.matchname fact to Host?-InternetConnection” results in creating a vBridge object for each host under a single Network object.
Complete the following steps to enable the dynamic creation of port groups described in Section 18.3.2, Dynamically Creating Port Groups.
Assign the vsphere_ignoreNetwork.policy to all vSphere hosts where you want to enable port group creation. This lets the host be considered as a provisioning target, even if the port groups do not currently exist on the host’s dvSwitches or vSwitches.
Associate the vsphere_ignoreNetwork.policy with all VMs where you want to enable port group creation. This enables the computed facts that are necessary to provide proper ordering of provisioning plans.
In the vsphere.policy, update the vsphere.vcenters fact by setting the setting to true.
Modifying the and settings is not necessary to enable dynamic creation of port groups, but is necessary for automatically reclaiming the port group resources when they are not in use.