Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3173
Views
15
Helpful
8
Replies

UCS Central and VLan Groups in UCSM

Go to solution
christopher.eakin
Level 1
Level 1

‎04-28-2017 11:27 AM

Came across this and thought I'd share.

We've got a UCS Central managed environment with one UCS Domain.  We have Port channels created in UCSM between ports that segregates data types across different ports.  VLANs are assigned to vNICs and VLANs are then added to VLAN groups and those groups are tied to send that data across a specific port or port channel, i.e. Management, Production, Storage.  Apparently, UCS Central can not manage VLAN groups in UCSM.  This is a bummer unless someone can show me otherwise.  I've found a work around using PowerTool to accomplish adding VLans very easily.  Below is my syntax.

$VLANID = "2000"

$VLANName = "VLAN 2000"

#Creates VLAN

Get-UcsCentralOrgDomainGroup -Name "root" | Get-UcsCentralFabricEp -LimitScope | Get-UcsCentralLanCloud | Add-UcsCentralVlan -Id $VLanID -Name $VlanName

Get-UcsCentralOrg -Level root  | Add-UcsCentralFabricVlanReq -Name $VlanName

#Gets every VNic Template name "Mgmt" and addes the VLAN to the Vnic Template

Foreach ($vNic in Get-UcsCentralVnicTemplate | where {$_.Name -like "*mgmt*"} | select -expand name) {Get-UcsCentralOrg -Level root | Add-UcsCentralVnicTemplate -ModifyPresent -Name $vNic | Add-UcsCentralVnicInterface -Name $VlanName}

#Now comes the problem.  I need to assign this VLAN to a VLAN group in UCSM so it gets channeled into the right port channel

#Connect to the UCSM instance.  You can connect to multiple UCSM instances at once if you have more than one domain.

Connect-Ucs -Credential $cred $UCSM

#Get the VLAN just created in UCS Central and assigned to the Management VNics and add to the VLAN group

Get-UcsLanCloud | Add-UcsFabricNetGroup -ModifyPresent -Name "Mgmt" | Add-UcsFabricPooledVlan -ModifyPresent -Name $VlanName

If anyone have a better method of doing this, I'd love to hear it.  Thanks.

1 Accepted Solution

Accepted Solutions

Go to solution
markdjones82
Level 1
Level 1

‎05-03-2017 01:21 PM

You are correct, you cannot use VLAN groups in Central.  They said it is coming in the next release.

What I've been doing for this same setup is I created a "dummy" VNIC template that has every vlan added to it and I use that to push the VLAN each UCS manager by adding the global VNIC to a local SP.

I then do the same type of command you have to add it to the VLAN group

View solution in original post

8 Replies 8

Go to solution
markdjones82
Level 1
Level 1

‎05-03-2017 01:21 PM

You are correct, you cannot use VLAN groups in Central.  They said it is coming in the next release.

What I've been doing for this same setup is I created a "dummy" VNIC template that has every vlan added to it and I use that to push the VLAN each UCS manager by adding the global VNIC to a local SP.

I then do the same type of command you have to add it to the VLAN group

Go to solution
christopher.eakin
Level 1
Level 1
In response to markdjones82

‎05-18-2017 01:34 PM

This has been resolved in the new UCS Central 2.0 in coordination with UCS Manager 3.1(3).  VLAN groups can now apparently be managed by UCS Central.  Looking forward to testing this!!

Go to solution
markdjones82
Level 1
Level 1

‎05-18-2017 02:32 PM

Cool, do you have to have both levels? Is 2.0 out already??

Go to solution
christopher.eakin
Level 1
Level 1
In response to markdjones82

‎05-19-2017 08:07 AM

Yes, was just recently released.  Upgraded my UCS Central to 2.0 yesterday, my FIs to 3.1.(3) last night and working on blades today.  KVM consoles to blades are no longer through java, now we have HTML5 KVM consoles as well.  They really fixed a lot of stuff this upgrade.  Sweet!

Go to solution
Matthew Faiello
Cisco Employee
Cisco Employee
In response to christopher.eakin

‎05-19-2017 08:14 AM

Thanks for the positive comments Christopher. UCS Central 2.0 also updates the underlying Linux from RHEL 5.11 to CentOS 6.8, with a single .ISO mounted upgrade from UCS Central 1.4 and above. Hopefully your security scans will be much cleaner now as a result.

Go to solution
christopher.eakin
Level 1
Level 1
In response to Matthew Faiello

‎05-19-2017 08:35 AM

Security compliance has been an issue for us with UCS Central.  Being in a DOD environment STIG just wasn't working for us with the old Central.  I'll have them try some compliance scans on the new one see if its any better.  Thanks Matt.

Go to solution
christopher.eakin
Level 1
Level 1
In response to Matthew Faiello

‎05-30-2017 12:01 PM

Matt, can address any ideas you have on this post?  Thanks.

UCS Central 2.0 Powershell

0 Helpful

Go to solution
markdjones82
Level 1
Level 1

‎05-19-2017 08:33 AM

Cool, i'll have to look at getting upgraded for Central.  I have 38 domains though so getting them all to 3.1(3) is going to be a bit slower, but my new domains can go to that and I will be able to test out the VLAN groups.

We have a pretty complex networking setup

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Review Cisco Networking products for a $25 gift card