VMware VMM Domain

Location in GUI: Virtual Networking » VMware

Diagram

Classes

fabric_policies (apic)

Name	Type	Constraint	Mandatory	Default Value
vmware_vmm_domains	List	`[vmware_vmm_domains]`	No

vmware_vmm_domains (apic.fabric_policies)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
access_mode	Choice	`read-only`, `read-write`	No	`read-write`
delimiter	String	Regex: `^[\|~!@^+=]$`	No
tag_collection	Boolean	`true`, `false`	No	`false`
vlan_pool	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
allocation	Choice	`dynamic`, `static`	No	`dynamic`
security_domains	List	String[Regex: `^[a-zA-Z0-9_.:-]{1,64}$`]	No
vswitch	Class	`[vswitch]`	No
credential_policies	List	`[credential_policies]`	No
vcenters	List	`[vcenters]`	No
uplinks	List	`[uplinks]`	No

vswitch (apic.fabric_policies.vmware_vmm_domains)

Name	Type	Constraint	Mandatory
cdp_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
lldp_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
port_channel_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
enhanced_lags	List	`[enhanced_lags]`	No
mtu_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
netflow_exporter_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

credential_policies (apic.fabric_policies.vmware_vmm_domains)

Name	Type	Constraint	Mandatory
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
username	String	Regex: `[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	Yes
password	String		Yes

vcenters (apic.fabric_policies.vmware_vmm_domains)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
hostname_ip	Any	String[Regex: `^[a-zA-Z0-9:][a-zA-Z0-9.:-]{0,254}$`] or IP	Yes
datacenter	String	min: `1`, max: `512`	Yes
dvs_version	Choice	`unmanaged`, `5.1`, `5.5`, `6.0`, `6.5`, `6.6`, `7.0`	No	`unmanaged`
statistics	Boolean	`true`, `false`	No	`false`
credential_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
mgmt_epg	Choice	`inb`, `oob`	No	`inb`

uplinks (apic.fabric_policies.vmware_vmm_domains)

Name	Type	Constraint	Mandatory	Default Value
id	Integer	min: `1`, max: `32`	Yes
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes

enhanced_lags (apic.fabric_policies.vmware_vmm_domains.vswitch)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,16}$`	Yes
mode	Choice	`active`, `passive`	No	`active`
lb_mode	Choice	`dst-ip`, `dst-ip-l4port`, `dst-ip-vlan`, `dst-ip-l4port-vlan`, `dst-mac`, `dst-l4port`, `src-ip`, `src-ip-l4port`, `src-ip-vlan`, `src-ip-l4port-vlan`, `src-mac`, `src-l4port`, `src-dst-ip`, `src-dst-ip-l4port`, `src-dst-ip-vlan`, `src-dst-ip-l4port-vlan`, `src-dst-mac`, `src-dst-l4port`, `src-port-id`, `vlan`	No	`src-dst-ip`
num_links	Integer	min: `2`, max: `8`	No	`2`

Examples

Example-1: this is a simple VMM domain named VMM_DOM with the most basic required data. The VMM domain is associated with a dynamic VLAN pool VMM_VLP, and is configured with the integration credentials under the VCENTER_CREDS credentials policy, specifying the vSphere username and password. These credentials are used to authenticate against the vCenters defined under the vcenters list, named PROD_VCENTER, which defines the vCenter hostname/IP of 10.10.10.10, datacenter name on the vSphere side (DC1 in this example), and the associated credentials policy. A new VDS with the name of the VMM domain will be created on the vCenter upon successful integration.

apic:
  fabric_policies:
    vmware_vmm_domains:
      - name: VMM_DOM
        vlan_pool: VMM_VLP
        credential_policies:
          - name: VCENTER_CREDS
            username: admin
            password: password
        vcenters:
          - name: PROD_VCENTER
            hostname_ip: 10.10.10.10
            datacenter: DC1
            credential_policy: VCENTER_CREDS

Example-2: this VMM domain VMM_DOM defines specific configuration for the vSwitch policies, such as the CDP, LLDP and port-channel policies for the VDS. If left unspecified, the APIC will create custom CDP and LLDP policies for the VDS, so the system policies are used to achieve the required intent. CDP is enabled as it is used by default on the VDS using the ACI system policy of system-cdp-enabled, and LLDP is disabled using the equivalent system-lldp-disabled policy. The port-channel policy is set to system-mac-pinning to enable load sharing across the uplinks without using LACP, following the recommendation from VMware. This VMM domain defines the uplinks as well to be used by the ESXi hosts to be attached to the VDS, in this case defining UPLINK1 and UPLINK2 with their respective IDs of 1 and 2. This should only be defined when the uplink count is well-known and uniform across all hosts attached to the VDS, otherwise it should be left undefined for the VMware admin to define as needed.

apic:
  fabric_policies:
    vmware_vmm_domains:
      - name: VMM_DOM
        vlan_pool: VMM_VLP
        credential_policies:
          - name: VCENTER_CREDS
            username: admin
            password: password
        vcenters:
          - name: PROD_VCENTER
            hostname_ip: 10.10.10.10
            datacenter: DC1
            credential_policy: VCENTER_CREDS
        vswitch:
          cdp_policy: system_cdp_pol_enabled
          lldp_policy: system_lldp_pol_disabled
          port_channel_policy: system_mac_pinning
        uplinks:
          - id: 1
            name: UPLINK_1
          - id: 2
            name: UPLINK_2

Example-3: full example- of VMM domain with all properties configured

apic:
  fabric_policies:
    vmware_vmm_domains:
      - name: VMM1
        access_mode: read-write
        delimiter: '|'
        tag_collection: true
        vlan_pool: VMM1
        allocation: dynamic
        vswitch:
          cdp_policy: CDP-ENABLED
          lldp_policy: LLDP-ENABLED
          port_channel_policy: LACP-ACTIVE
          netflow_exporter_policy: VMM-EXPORTER1
          enhanced_lags:
            - name: ELAGCUSTOM
              mode: active
              lb_mode: src-dst-l4port
              num_links: 3
        credential_policies:
          - name: CRED1
            username: Administrator
            password: C1sco123
        vcenters:
          - name: VC
            hostname_ip: 10.10.10.10
            datacenter: DC1
            dvs_version: unmanaged
            statistics: true
            credential_policy: CRED1
        uplinks:
          - id: 1
            name: UPLINK1
          - id: 2
            name: UPLINK2