Hybrid Cloud with NVGRE (Cloud OS)

Update - Version 5: Added "Windows Azure Pack" together with "Troubleshooting and FAQ for Windows Azure Pack". -----------------------------------------------------------------------------------------------------------------------------------------------Update - Version 3: Added

 
 
 
 
 
4.7 Star
(37)
26,733 times
Add to favorites
System Center
7/18/2014
E-mail Twitter del.icio.us Digg Facebook
Sign in to ask a question


  • Deploy Service Template to CSV
    4 Posts | Last post March 01, 2017
    • Hi Kristian,
      
      Very nice guide!
      
      I am trying to deploy the service template for the Virtualization Gateways to a Hyper-V Host Cluster with a CSV as shared storage.
      But because "High availability" is not selected in the Hardware Profile in the Service template the deployment is blocked by SCVMM with the following error.
      “The virtual hard disk requires a host volume which can support shared storage – either a CSV or a registered file share on a clustered scale-out file server running Windows 2012 R2”
      
      Is it no possible to deploy the Virtualization Gateways to a Cluster Shared Volume?
      
      Thanks
      J0F3
      
    • This is indeed possible.
      However, you must remove the VMs from the cluster afterwards (remove roles from Failover Cluster Manager - so that they are not HA).
      See the details on Q&A/Troubleshooting section, and it should be explained in detail.
      
      -kn
    • Hi Kristian,
      I am running into this exact problem. We have shared block level storage on the host HV cluster (A Fiber Channel SAN). No need for SOFS here. But the service template does not allow to proceed and gives teh same error:
      “The virtual hard disk requires a host volume which can support shared storage – either a CSV or a registered file share on a clustered scale-out file server running Windows 2012 R2”
      
      I have looked carefully through the Q&A sections in the pdf, I do not see anything which describes how to accomplish that (deploy gateway to CSV volume instead of SOFS volume)
    • Hi,
      
      I was able to get this work by doing the following:
      
      In the service template designer set the following options:
      - Deselect create an availability set for this tier
      - Select the option to make the machine highly available
      
      Also, in the storage classification of my template I had to ensure that it matched the same classification as my CSV on my gateway/edge hosts which in my case was "Remote"
      
      As Kristian mentioned, after deployment you'll need to go the failover cluster manager on the hyper-v hosts and remove the VM's from HA roles as you don't want to be able to migrate them between hosts.
      
      Ian
  • NVGRE Gateway on different domain from VMM
    1 Posts | Last post September 30, 2016
    • Hi,
      Is it possible to have the NVGRE gateway on a different domain to VMM and the dedicated gateway host?
      
      In my configuration the gateway VM's will be directly assigned public facing ip's so we don't want them part of our trusted management domain that VMM is part of.
      
      When we try this though we have issues with permissions when attempting to create the network service.
      
      Thanks for the great doc.
  • Tired and rebuilt setup 3 times, still NVGRE not working
    2 Posts | Last post August 29, 2016
    • Unable to connect to External Networks, need help..
    • what kind of error you are facing, please share more details
  • Not so much of Q...
    1 Posts | Last post February 25, 2016
    • ...- worked like a charm for me :)
      Thanks a mill, Kristian :)
  • Packet Loss
    1 Posts | Last post February 11, 2016
    • Hi,
      
      I have succesfully set up a Cluster of Gateway's but I encounter a problem.
      
      When my VM is pinging oustide (for example 8.8.8.8) I always lost some packets but I can't find where this packet is dropped.
      
      I've tried to disable the VMQ feature but nothing.
      
      Can you help me to find this out ?
      
      Best regards,
  • Bandwidth Limiting in hosting plans
    1 Posts | Last post September 09, 2014
    • I have configured various hosting plans (Subscriptions) and configured bandwidth limits (Mb/sec/network in) and (Mb/sec/network out) but these are not working.
      Where do these limits get applied?
      
  • Physical Switch configuration for Hybrid cloud with NVGRE Scenario.
    1 Posts | Last post August 27, 2014
    • Hi Kristian,
      Thanks for this very helpful tutorial, i gives lot of help to build up the NVGRE infrastructure. I want to ask one question that you didnt mention the configuration of HP layer 3 managed switch (Management switch). On switch ports which are connected to servers (three ports) what configuration we suppose to apply? These ports should be trunk? 
      
      What routing policy should be on this managed physical switch ?
      I have three physical servers connected to layer 3 switch 
      1. Management server
      2. Tenant Server 
      3. Gateway server
      
      The IP scheme of different networks is as follow
      Management = 10.0.0.0/24
      Cluster = 10.1.0.0.24
      Live migration = 10.2.0.0/24
      PA address = 192.168.0.0/24
      Front end = 103.21.4.0/24
  • Gateway VM does not get ip from ip pool front end in SCVMM
    6 Posts | Last post August 21, 2014
    • Hi Kristian,
      
      I've been following the tutorial in building a network but not using a logical cluster and live migration
      
      configure dedicate gateway host has been successfully. and I add a virtual switch on the host gateway, the following:
        1. The network adapter with internet access = Add gateway switches without add new virtual network appropriate tutorial 
        2. The network adapter with access local = add a production switch with additional management network adapter
      
      but when I build vm gateway, why not get an IP from the IP Pool front and just get the ip pool dari management pool? 
    • but when I build vm gateway, why not get an IP from the IP Pool front and just get the ip pool from management pool? 
    • Hi Hendra. It is not clear for me what the issue really is. If you have multiple logical switches deployed to the hosts, then the service template designer is a bit limited, as it only chooses one logical switch. I would recommend to deploy this gateway as a normal VM manually to connect the vNICs correctly.
    • thanks for your response :)
      ok, i deploy VMgateway as a normal,configuration consists of the following:
      server name : VMgateway
      name VNet Adapter : 1, Back
                          2, Front
                          3, Ethernet
      
      Host Gateway configuration consists of the following:
      server host name : hostgateway
      name virtual switch : 1, Production Switch
                            2, Gateway Switch
      
      one adapter (Front) is connected to the external virtual switch (Gateway Switch) on Hostgateway  and the other two adapters (back and ethernet) are connected to Production VSwitch on Hostgateway  
      
      Logical Network configuration consists of the following:
      1,Name : Front-end
        subnet :192.168.22.0/24
        Gateway :192.168.22.107 
        ip pool : set 50 ip
      
      2,Name : Management
        subnet :192.168.33.0/24
        Gateway :192.168.33.107 
        ip pool : set 50 ip  
      
      3,Name : Provider Address
        subnet :192.168.44.0/24
        Gateway :- 
        ip pool : set 50 ip
      
       
      VM Network configuration consists of the following:
      1,Name : Tenans blue
        logical : Provider Address
        subnet :192.168.0.0/24
        Nat to : front Ip Pool
        
        Pool :
        Gateway :192.168.0.1 
        ip pool : set 50 ip
      
      2, Management VM Network (included to Production Switch)
         logical : Management
      
      3, Front-End VM Network (included to gateway Switch)
         logical : Front-end
      
      
      my question : 
      1, how the IP settings VSwitch (back) in VMgateway ? 
      2, how the IP settings in Hostgateway and VMgateway , whether the settings below are correct :
      
      server host name : hostgateway
      name virtual switch : 1, Production Switch = ip 192.168.33.13 
                            2, Gateway Switch = ip 192.168.22.203
      
      server name : VMgateway
      name VNet Adapter : 1, Back = ip ?
                          2, Front = ip 192.168.22.107 
                          3, Ethernet = ip 192.168.33.107
      
      
    • Dear Kristian,
      
      I am sorry if my question is wrong, but I am still learning and have an affinity with SCVMM and I gave it an IP instead of IP production but IP my lab in the experiments. so please guidance 
      
      thanks 
    • Hendra, can you please mail me the screenshots of your switch deployment from VMM to kristian.nese@lumagate.com ?
      
      thx!
  • SPF permissions
    3 Posts | Last post July 31, 2014
    • Hi, could you explain what are the recommended domain groups used for (I couldn't find them added anywhere and WAP+SPF+VMM seems to work just fine without them) and why do you recommend to add the domain user to the local SPF_ groups?
      My simplified understanding is that the local groups are used for authorization of incoming requests, while the domain account specified for the application pools is used towards SQL and VMM.
      
    • It is best practice to create a local account and use that to connect WAP to SPF. But you should add this local account to the four SPF_ groups on the SPF server. This is not a requirement for non-domain/different domain deployments (as you can specify domain\user format during SPF registratration). The reason (as I see it) is to downsize security risk. If you register with the App Pool account then this information is living in WAP. We give this App Pool account all kind of permissions (Admin in VMM, Sysadmin in SQL). So it is more secure to use the local service account for registration, which will be used to delegate)
    • Hi, this is clear and we use it like that, but in your document you state these, which seem to be unnecessary:
      
      "Groups 
      <SAME DOMAIN AS SPF>\GRP_SPF_Admins 
      <SAME DOMAIN AS SPF >\GRP_SPF_Provider 
      <SAME DOMAIN AS SPF >\GRP_SPF_Usage 
      <SAME DOMAIN AS SPF >\GRP_SPF_VMM"
      
      "Add the domain user to the SPF local groups on the SPF Server (SPF_Admin, SPF_Provider, SPF_Usage, SPF_VMM)"
      
      Is there any reason for these?
  • No internet access through gateway
    2 Posts | Last post July 14, 2014
    • Hi Kristian,
      
      thanks for the guide its been very helpful, however like many others on here I cannot get access to the internet through the NVGRE gateway.
      
      I have UR2 installed, I can ping the gateway from a VM in the VM Network. and i can ping another VM in the network, i have confirmed the VM network has an external IP from the pool and i can ping that external IP. all IP's appear valid,
      
      a ping to 8.8.8.8 times out but a tracert does the same as the R G Technologies Post below, very strange.
      
      it looks like im not the only one having issues with this,
      
      any help is greatly appreciated.
      
      Cheers
    • I would suspect default gateways, metrics and routes to be the issue here. Can you check the FAQ in the whitepaper and see if that helps? 
1 - 10 of 28 Items