I'm trying to replicate a physical network configuration involving devices that cannot be virtualized and where the internal VLANS of the vApp needs to map back into the "physical" VLANS outside of vCloud Director.
On the physical configuration the reasons for the multiple VLANS are purely for performance reasons. The segregation of the traffic also increases the security around the traffic type going around.
There is communication between the two VLANS (very limited ports) and one of the machine is on both VLANS to receive the data.
We are trying to replicate this configuration within vCloud Director and are having a hard time keeping everything functional The first attempt was to configuration the organizational network and the vApp network to allow routing between the two internal VLANS. This configuration failed. We ended up taking of the machine inside of the configuration and made it into a router which implied creating scripts to change the routing tables of the different machines.
I've attached the diagram of the network and application that we are trying to replicate inside of vCloud Director.
I've managed to create such configuration with just Virtual Center and a Linux appliance that I used for the NATing and the Routing but replicating the same configuration using vCloud's functionality (and without my Linux appliance) has proven to be quite the challenge. I've searched for document but can't seem to find anything more complex than the NATed network with a single VLAN and a single Gateway.
Any help on how to setup the networking layer of the vApp will be greatly appreciated.
Thanks in advance,
You can achieve the same in many ways, but the easiest of them all would be the following:
Create two different portgroups with these two VLNAs (VLAN A and VLAN B) in the vSwitch/dvSwitch. Create External Networks in vCD using these two portgroups.
Now configure two Organization networks and connect these two Org networks to these two External Networks. This was whatever vApp's connect to these Org networks will essentially be connected to two different VLAN's (A & B).
Now create two different vAPP's with the respective VM's in then (vAPP A and vAPP B). Now you connect vAPP to both external Networks (VLAN A & B). But connect vAPP-B only to external network (VLAN-B)
Both the external networks to vAPP-A and vAPP-B.
Now put Processor, Exporter, DB/File Server in vAPP-A, but connect Processor, Exporter VM's only to external network A (VLAN-A) of vAPP-A whereas DB/File Server should be connected to both the external networks (A & B). In vAPP-B put all the converter VM's and connect them the external network B.
This way what you are trying to achieve can be done.
There are other ways as well, but this will be easiest.
Thanks Sajal for your reply. If I was trying to connect to the physical network directly that would be how I would do it (it's actually how we have done it on the production side of things... well without vCloud Director, but the concept still applies).
I'm trying to provide a level of isolation so there can be more than one instance of that configuration running at once. I also would like to have connectivity between the two VLANS (it's not shown on the diagram but there is a domain controller on the VLAN-A which needs to be accessed by machines on both VLANs).
Have you ever done something like that?