Migration from VMware VDS to Cisco ACI Virtual Edge

This chapter describes migration from VMware VDS to Cisco ACI Virtual Edge, including different methods.

About Migrating a VDS Domain to Cisco ACI Virtual Edge

If you have VMware VDS domains configured, you can migrate that domain to Cisco ACI Virtual Edge. The migration enables you to take advantage of Cisco ACI Virtual Edge features. These include the ability to use VXLAN encapsulation and Distributed Firewall.

When you migrate a VDS domain, Cisco APIC creates inside and outside and port groups on the DVS in vCenter. The domain appears as a Cisco ACI Virtual Edge domain. However, you can choose to have some endpoints operate in native VDS mode and other operate in AVE (Cisco ACI Virtual Edge) mode. That is, endpoints are switched through the VDS or the Cisco ACI Virtual Edge.

You can migrate VMware VDS domains to Cisco ACI Virtual Edge by using the Cisco APIC GUI, the NX-OS style CLI, or REST API.


Note

Changing the switching mode from native to AVE (Cisco ACI Virtual Edge) on an EPG requires changing the underlying switching platform from regular VMware DVS to Cisco ACI Virtual Edge. It also requires moving all the associated ports from DVS to Cisco ACI Virtual Edge.

This operation requires reprogramming of the port group associated with that EPG. That in turn requires a vCenter operation. It make take a few seconds for this operation to complete and for ports to show up in forwarding state on the Cisco ACI Virtual Edge switching platform. It length of time depends on the vCenter load as well as the number of endpoints that reside on the EPG that is being moved from native to AVE mode.

Migrate a VDS Domain to Cisco ACI Virtual Edge Using the GUI

This procedure migrates the existing VMM domain to a new Cisco ACI Virtual Edge VMM domain. The properties of the original VMM domain are preserved. However, no copy of the original VMM domain remains.

Before you begin

  • You have created a VDS domain. See the procedure "Creating a VMM Domain Profile" in the Cisco ACI Virtualization Guide.

  • If Cisco ACI Virtual Edge will be deployed in mixed-mode or VLAN mode, create two VLAN pools: one for primary encapsulation and one for private VLAN implementation.

    The role for the private VLAN pool must be internal. If Cisco ACI Virtual Edge will be deployed in VXLAN mode, only a private VLAN pool is necessary.


    Note
    Alternatively, you can create the private VLAN pool when you migrate from VDS to Cisco ACI Virtual Edge.

  • You have disabled First-Hop Security.

    Take the following steps:

    1. Under the Tenants tab, select your tenant, navigate to the bridge domain on which First Hop Security is enabled. Click the Advanced/Troubleshooting tab, and in the work pane, delete the policy.

    2. Under the Tenants tab, navigate to the EPG on which the trust control policy is applied, click the General tab, and in the work pane, remove the FHS trust control policy.

Procedure

Step 1

Log in to the Cisco APIC.
Step 2

Go to Virtual Networking > Inventory.

Step 3

In the Inventory navigation pane, expand the VMM Domains folder and the VMware folder, right-click the VDS domain that you want to migrate, and then choose Migrate to Cisco AVE.

Step 4

In the Migrate To Cisco AVE dialog box, complete the following actions:

  1. In the AVE Fabric-Wide Multicast Address field, enter a multicast address.

  2. From the Pool of Multicast Addresses (one per-EPG) drop-down list, choose or create a pool.

  3. From the VLAN Pool drop-down list, choose or create a VLAN pool.

    If Cisco ACI Virtual Edge will be deployed in mixed-mode or VLAN mode, create two VLAN pools: one for primary encapsulation and one for private VLAN implementation. The role for the private VLAN pool must be internal. If Cisco ACI Virtual Edge will be deployed in VXLAN mode, only a private VLAN pool is necessary.

  4. Click OK.

    The domain that you migrated retains its original name. However, if you click the domain in the navigation pane, you can see that the value for Virtual Switch changed from Distributed Switch to Cisco AVE.