VMware vSphere

 View Only
Expand all | Collapse all

Move vSphere Management to a new VLAN

IRIX201110141

IRIX201110141Apr 25, 2020 07:02 AM

  • 1.  Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 06:24 AM

    Hi,

    Have an old vsphere 5.5 setup in which I need to move the management network (ESXi hosts and Windows vCenter) to a new VLAN (Keeping same IP's)

    The new network is setup and ready.

    The ESXi cluster does not have HA enabled.

    Can this be done in a live setup with running VMs without impacting them?

    Is there a requirement to still place the Hosts in Maintenance Mode? Any other considerations?

    Thanks



  • 2.  RE: Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 07:02 AM

    Do you use vSS or vDS?

    Regards,
    Joerg



  • 3.  RE: Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 07:23 AM

    vSS



  • 4.  RE: Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 07:35 AM

    Than its easy.

    1. Create a new Portgroup with VLAN and name ist MGMT/vSphere

    2. Now you can connect with your Browser to the ESXi Hostclient and modify the vNetwork of your vCenter VM and move it into the new Portgroup

    3. Open a ESXi console (iDRAC/ILO) and modify the Management network settings. You need to modify the VLAN

    Thats it.

    Regards,

    Joerg



  • 5.  RE: Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 07:40 AM

    1. Create a new Portgroup with VLAN and name ist MGMT/vSphere. - Done on all ESXi Hosts with exactly the same name and Management VLAN

    2. Now you can connect with your Browser to the ESXi Hostclient and modify the vNetwork of your vCenter VM and move it into the new Portgroup. - Agree as part of plan

    3. Open a ESXi console (iDRAC/ILO) and modify the Management network settings. You need to modify the VLAN - Agree as part of plan

    Step 2 and Step 3 can be done in any order right?

    There should be no need to place the Host in Maintenance Mode right? (Since HA is disabled)

    Thanks



  • 6.  RE: Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 07:57 AM

    No MM needed.  Changing the Management network of an ESXi doesnt effect the running VMs especially when they are on a separate Portgroup.

    Regards

    Joerg



  • 7.  RE: Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 07:03 AM

    If you are certain that the configuration is OK in the new VLAN, and you are going to keep the same segment, Yes. You just need to change the portgroup to the VMs.

    You can do first ONE esxi in maintenance mode (just in case) and test if after changing VLAN ID it works ok.

    And the same with vCenter or PSC or any other VM that you have in that vlan.

    If you need to shift it all at the same time and you cannot do a test, again, if you are certain that everything is OK. It will work!



  • 8.  RE: Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 07:32 AM

    yes plan to change the Management VLAN of one ESXi first and test connectivity via the new VLAN.

    Then move to the other ESXi hosts and test.

    Then change vCenter portgroup to the new management VLAN and test.

    There will be a time when the ESXi hosts will be unable to reach each other and vCenter ( think having HA disabled should be enough to not trigger any VM restarts)

    Does the above make sense? Do you think I should place the first host in Maintenance Mode just to see how it reacts?

    In any case I would need to do the other hosts whilst not in Maintenance Mode as they will not have connectivity to the host/s in the new management vlan.

    There is no shared storage either so probably any migrations will have to be compute AND storage.

    Thanks



  • 9.  RE: Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 09:51 AM

    Management network and virtual machine portgroup are different things. You will be trading in the management network, namely, vmkernel portgroup. If you change the IP address and VLAN of the management network, there will be no problem in virtual machines. You can perform these operations while virtual machine power is on, there will be no interruptions.



  • 10.  RE: Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 11:38 AM

    Yes the only concern I had was around HA as I know that if enabled one of the checks would be to confirm it is able to speak to HA Master or other HA ESXi members.

    But in this case since HA is not enabled I do not think there is anything that would react upon Management disconnectivity



  • 11.  RE: Move vSphere Management to a new VLAN

    Posted Apr 26, 2020 08:04 AM

    Maybe for the future, as you are not having HA enabled now.

    Before doing any kind of changes of this kind when you have HA, first disable host monitoring. Do the changes and then enable again (to avoid any HA acting when it should not)

    Gluck with the change!

    Cheers



  • 12.  RE: Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 10:49 AM

    I'm actually missing details about the current configuration, which is important to know in order to give you an advice.

    How is your network configured? Are the uplink ports on the physical side tagged, or untagged, i.e. do you work with tagged ports and configure the VLAN IDs on the port groups?

    André



  • 13.  RE: Move vSphere Management to a new VLAN

    Posted Apr 25, 2020 11:35 AM

    Thank you, Correct the links between the ESXi and the physical switchports are trunk links and allow all VLANs

    The Standard portgroups have VLANs associated to them

    Windows vCenter VM will need to have its portgroup changed so it is on the portgroup (new VLAN). (Done via ESXi Host GUI to keep visibility/ease of rollback)

    The ESXi will need to have their Management network changed to the new VLAN (Done via DCUI for ease of rollback)