SANGFOR - HCI (Hyper-Converged Infrastructure) - User Manual

SANGFOR Hyper-Converged
Infrastructure(HCI) User Manual
2016.10
1
Table of Contents
Declaration.......................................................................................................................................... 4
Preface................................................................................................................................................. 5
About This Manual...................................................................................................................... 5
Document Conventions...............................................................................................................6
Graphic Interface Conventions....................................................................................................6
Symbol Conventions....................................................................................................................6
Technical Support........................................................................................................................ 7
Acknowledgements..................................................................................................................... 7
1. Installing SANGFOR HCI Software................................................................................................... 8
1.1. Hardware Requirements...................................................................................................... 8
1.2. Installing HCI Software......................................................................................................... 9
1.2.1. Writing Image File to USB Drive................................................................................9
1.2.2. Installation of HCI Manager.................................................................................... 13
2. Migrating Physical/Virtual Machines to HCI Platform.................................................................. 21
2.1. Converting Physical Servers to Virtual Machines.............................................................. 21
2.1.1. Converting Windows-based Server........................................................................ 22
2.1.2. Converting Linux-based Server ............................................................................. 27
2.2. Migrating VM to SANGFOR HCI Platform from Other Platforms.......................................31
2.2.1. Exporting OVA File...................................................................................................31
2.2.2. Importing OVA File ................................................................................................ 36
3. High-Availability(HA) Cluster......................................................................................................... 40
3.1. Working Principle of Cluster...............................................................................................40
3.2. Creating Cluster ................................................................................................................ 40
3.3. Creating Clustered Virtual Machine...................................................................................41
3.4. HA....................................................................................................................................... 43
3.5. Manual Migration...............................................................................................................46
4. VM Backup.....................................................................................................................................48
4.1. Introduction ......................................................................................................................48
4.1.1. Backup Objects........................................................................................................48
4.1.2. Backup Characteristics............................................................................................ 49
4.1.3. VM Backup and Recovery....................................................................................... 50
4.2. Backup Scenarios................................................................................................................52
4.2.1. Backup on Hosts in Cluster......................................................................................52
4.2.2. Backup on Shared Storage...................................................................................... 53
4.2.3. Backup on Hosts and Shared Storage..................................................................... 53
4.3. Creating Backup..................................................................................................................54
4.3.1. Manual Backup ......................................................................................................54
4.3.2. Scheduled Backup................................................................................................... 55
4.4. Recovering VM................................................................................................................... 57
5. Network Visualization................................................................................................................... 60
5.1. Easier Network Deployment with “You Get What You Draw” Editor................................60
5.1.1. Deploying Network Topology..................................................................................60
2 SANGFOR HCI User Manual
5.1.2. Configuring Edge..................................................................................................... 61
5.1.3. Configuring Virtual Switch...................................................................................... 65
5.1.4. Configuring Virtual Router...................................................................................... 73
........................................................................................................................................... 88
5.1.5. Configuring Virtual Network Device....................................................................... 88
5.2. Traffic Visualization............................................................................................................ 96
5.3. Simpler Troubleshooting.................................................................................................... 96

Declaration
No part of the contents of this document shall be extracted, reproduced or transmitted in any
form or by any means without prior written permission of SANGFOR.
SANGFOR and the Sangfor logo are the trademarks or registered trademarks of Sangfor Inc.
All other trademarks used or mentioned herein belong to their respective owners.
This manual shall only be used as usage guide, and no statement, information, or suggestion in it
shall be considered as implied or express warranty of any kind, unless otherwise stated. This
manual is subject to change without notice. To obtain the latest version of this manual, please
contact the Customer Service of Sangfor.

Preface
About This Manual
This user manual includes the following chapters:
1. Installing SANGFOR HCI Software
2. Migrating Physical/Virtual Machine to HCI Platform
3. High-Availability(HA) Cluster
4. VM Backup
5. Network Visualization
The contents are based on SANGFOR HCI Platform official version 4.5. There are
some differences in configuration for different versions.

Document Conventions
Graphic Interface Conventions
This manual uses the following typographical conventions for special terms and instructions:
Convention Meaning Example
Page/tab name example:
Navigate to Nodes > Storage to enter the Storage

configuration page.
Parameter example:
Page title, IP Address: Specifies the IP address that you want

parameter, to reserve for certain computer.
button, Button example:

boldface
key press, Click the OK button to save the settings.
other highlighted Key press example:

keyword or item
Press Log In to enter the administrator console of
the Sangfor HCI platform.
Highlighted keyword/item example:
The user name and password are Admin by

default.
italics Directory, URL Enter the following address in the IE address bar:
http://10.254.254.254:1000
> Multilevel menu and Navigate to Storage> iSCSI Virtual Disks to create iSCSI
submenu virtual disk.
“” Prompt The browser may pop up the prompt to ask you to

confirm the current operation.
Symbol Conventions
This manual also adopts the following symbols to indicate the parts which need special attention
to be paid during the operation:

Convention Meaning Description
Indicates actions that could cause setting error, loss of data

Caution
or damage to the device
Warning Indicates actions that could cause injury to human body
Note Indicates helpful suggestion or supplementary information
Technical Support
For technical support, please contact us through the following:
E-mail: tech.support@sangfor.com
Tel: +60 12711 7129 (7511)
Website: www.SANGFOR.com.
Acknowledgements
Thanks for using our product and user manual. If you have any suggestions on our products,
please provide us feedback by phone or e-mail. Your suggestion will be much appreciated.

1. Installing SANGFOR HCI Software
SANGFOR HCI platform is a suit of software which is installed on a physical server, to virtualize
resources of physical server (CPU/memory/storage and others), and to provide a number of guest
operating systems with complete hardware system functions and independent running
environment, which are called virtual machines.
This section introduces the installation of SANGFOR HCI software and installation requirements
for hardware. After the software is installed correctly, you also need to configure it, and do
troubleshooting.
1.1. Hardware Requirements
Before installation, a number of physical servers are needed. Performance of virtual machines is
determined by that of server's CPU, memory, and storage. The better server’s performance, the
better virtual machine’s user experience will be.
Additionally, there are some requirements for hardware configuration of servers:
Resource Requirements
CPU Support Intel Virtualization Technology(VT)
Memory >8GB
Disk capacity >=60GB
Number of NICs >=1

1.2. Installing HCI Software
1.2.1. Writing Image File to USB Drive
Software required: UltraISO
Steps: Insert a USB drive into PC, and then follow the steps below:
UltraISO should be the latest version; Write format of the USB drive should be USB-HDD or
USB-HDD, choose Verify to check whether the image file is written correctly; USB drive capacity
should be larger than the size of ISO file.
Launch UltraISO, select File > Open and load ISO file of HCI software from local disk.

Select Bootable > Write Disk Image and choose the USB drive into which you want to write the
image file. Then, click on Write button and keep others default. You can remove the USB drive
after the image file is written to the USB drive.

Enable virtualization technology in BIOS as shown below (note: BIOS settings vary from
computer to computer) and you also need to set RAID mode to Non-Raid or JBOD in BIOS to
support storage virtualization.

1.2.2. Installation of HCI Manager
Insert the USB drive into which image file has been written, to computer, and set the USB drive as
first boot device priority in BIOS settings. Reboot the computer, system enters the start screen,
select "Install HCI(server virtualization) Manager," press ENTER to enter installation page.
Computer’s processor should be 64-bit Intel architecture. If it is AMD architecture, system

will prompt that installation of HCI manager is not supported by the current processor.

Click I agree and then system will check whether server’s hardware and BIOS settings meet the
installation requirements. Note that HCI software only supports Intel architecture processor. For
AMD architecture processor, system will exit installation.

Select the disk where you want to install HCI software, then select OK to begin installation.
The installation will format the system disk. Enter "format" to confirm formatting disk, select OK
to continue installation or select Cancel to go back to the previous step
After you select OK, the following page Disk Speed Tester appears. To test disk speed, select Yes,
To skip this step, select No.

Choose Yes to continue installation.
For a better user experience, the recommended disk read speed is: >=100 MB/s, and the
recommended write speed is: >=60MB/s

After installing the HCI software, you are prompted to configure network on the following page.
Select the network interface "eth0" with up and down arrow keys, then choose OK to enter
network interface eth0 configuration page
Set IP address, netmask and gateway address, then click OK.
The default gateway can only be set on one NIC; IP address of eth0 interface and gateway
should be on a same network segment, otherwise error may occur.

After the interface eth0 is configured, you will be asked whether to continue to configure another
interface. To continue, click Yes to return to network configuration page, or click No to complete
the installation

After installation completes, remove USB drive and then click Reboot to restart the computer.

Administrator can log into Web admin console of HCI platform by entering https: // IP address
into browser address toolbar(the IP address is configured on network configuration page).
Web admin console of HCI platform can only be accessed through the following browsers:
Chrome, Firefox, IE11, IE10.

2. Migrating Physical/Virtual Machines to HCI
Platform
This section introduces how to migrate the following objects to Sangfor HCI platform:
1. Physical Servers
2. VMs from Other Virtualization Platforms
2.1. Converting Physical Servers to Virtual Machines
Requirements for Physical Servers:

CPU: 64-bit CPU
Memory: >=2GB
Disk: All supported except for dynamic disks
NICs: At least 1
OS:32-bit or 64-bit Windows XP/7/2003/2008/2012, Linux (Kernel version 2.6.18 and later)
Notes:
1. Only HCI softing figure indicates that Sangfor Converter is being instware of 3.3 version and
later support conversion of physical machines
2. Conversion tool for Windows system is an independent EXE file; for Linux system, the tool is
integrated into HCI installer.
3. Conversion speed is up to physical network bandwidth and disk IO of the host where HCI
software is installed. Recommendations:
a. Bandwidth should be larger than 1 GBps
b. RAID mode of the host where HCI software is installed should be RAID 10
4. Since conversion will affect disk performance of the host where HCI software is installed, it’s
recommended to perform conversion when business system is not busy and ensure that number
of conversion tasks is less than 3.
5. Storage capability of HCI platform should be larger than the used space of disk of the physical

machine to be converted, or else conversion will fail.
6. Disable host-based firewall before conversion.
2.1.1. Converting Windows-based Server
Download and install the SANGFOR_aSV_Converter.exe in Windows system, and then open it.
Click Start Now next to Virtualize this physical machine, as shown in the following figure:

Select the destination host where the primary Sangfor SDDC controller resides.

Configure the virtual machine to which the physical machine is converted, as shown below:

The following figure indicates that Sangfor Converter is being installed.
Select an operation which will be performed upon migration completion.

After the physical machine is restarted, you will see the figure below and follow the instruction
displayed on that figure to start migration.
And you can log in to Web admin console of Sangfor HCI platform to see the migration process,

as shown below:
2.1.2. Converting Linux-based Server
Insert the USB drive to which HCI software image file is written, to a physical machine running
Linux, boot the system from USB drive, and select Migrate physical server to VM with P2V.
Before migration, Sangfor Converter will prompt you required steps. Click OK on the following
page.
Network configuration is required before migration. Select a physical network interface of the
current physical host to communicate with the host where SANGFOR HCI software is installed.

Configure IP address and netmask for selected interface, and gateway, as well as cluster primary
IP address. Make sure the host at the specified IP address can access that cluster.
After network is configured, Sangfor Converter will check whether the current host and the host
where Sangfor HCI software is installed.can communicate with each other. If communication fails,
it will return to the network configuration page. If the communication is normal, you can click OK.
After the network connection is successful, the following page appears, which means you can
start migration of this physical machine. The Installer login is used for troubleshooting when
migration fails.

To view migration tasks, log in to Web admin console of Sangfor HCI platform and click Convert to
VM in Home.
In the task window, as shown below, click Migrate to start migration

2.2. Migrating VM to SANGFOR HCI Platform from Other
Platforms
SANGFOR HCI platform supports importing ova virtual machine file.
2.2.1. Exporting OVA File
OVA file can be exported from VMware vSphere and Citrix XenServer platforms.
2.2.1.1. Exporting OVA File from VMware vSphere Client
Select the VM that needs to be exported in the VMware vSphere Client, select File ->Export ->
Export OVF Template in the menu.

Choose Single file (OVA) from format drop-down menu.
Click OK to start exporting OVA file.
2.2.1.2. Exporting OVA File from Citrix XenServer
Select the VM that you want to export, right-click on that virtual machine and select Export.

Choose the VM export format, location and filename. Note that the format should be OVF/OVA
Package.

Confirm the VMs to be exported. By default the selected option is the virtual machine you have
selected. It is better to export one VM at a time. Thus, there’s no need to change settings and you
can go to next step directly by clicking Next.
You can add EULA files on the following page. If you do not want to add EULA file, you can skip it
and go to next step.
On the Advanced Options tab, select the option Create OVA package, but not the option
Compress OVF files.

On the Transfer VM Settings tab, select the network on which the temporary VM used to
perform the export operation will run and configure the network settings. Generally, keep the
default settings, and then click Next.
Confirm the export settings on the following page. Then, click Finish to start export.

The following figure shows the progress of exporting the selected virtual machine(s).
2.2.2. Importing OVA File
You can create a new virtual machine by importing an existing OVA file to Sangfor HCI platform.
To create a new virtual machine, click Add in Compute page, and choose “Import Virtual
Machine”.

Choose an ova file, and specify VM Group, Datastore and Run on Node for the VM.
Click Import to import the selected ova file.

After the file is uploaded, creating VM starts. The process may take a while.
After the VM is created successfully, the VM’s information will be listed as below:

To see he detailed information of the VM, click Summary.

3. High-Availability(HA) Cluster
A high-availability cluster consists of a group of hosts which work together but independently.
A clustered virtual machine is a virtual machine which runs in cluster environment and is
configured with high availability(HA) enabled. It can run on any host. When the working host fails
due to network connection error or others., the clustered virtual machine will be migrated from
the failed host to another host, which can minimize downtime to ensure business continuity.
3.1. Working Principle of Cluster
A cluster works based on the clustered file system(CFS). Physical hosts communicate with each
other and update host state through host’s management interface. Virtual machines running on
physical hosts are connected to edge through virtual switches.
System will check whether host meets the requirements for running a clustered virtual machine,
based on storage, memory and network, when powering on the virtual machine. Then, system
will automatically select a qualified host to run the virtual machine.
3.2. Creating Cluster
To create a cluster, at least two hosts that have installed HCI software are required. Navigate to
Nodes page, click Add Node. as shown below:

Then you will see a page introducing nodes and then click Next to enter the following page:
Select the node that you want to add. If the node you want to add is not in the list, it can be
discovered manually by clicking "+" icon to input its IP address, username and password. Then,
click Finish.
3.3. Creating Clustered Virtual Machine
Since clustered virtual machines need to run on shared datastore, you need to add shared
datastore before creating a clustered virtual machine. If you have already added shared
datastore, select the HA option when creating VM(once this option is selected, only shared
datastores will be displayed in dwhich all nodes can acceatastore list), then select a shared
datastore from that list, as shown below:

After you select a datastore, only the nodes that can access that datastore will be displayed in
node list, as shown below:
To test high availability of cluster, select a datastore which can be accessed by all nodes and
choose <Auto> for Run on Node.
Thus, the virtual machine created in the way described above is a clustered VM which will be
marked ‘HA’ at the upper left corner of the corresponding card, as shown below:
3.4. HA
Generally, the node running a clustered virtual machines is connected to two networks. One is
the external network, and the other is the shared storage network. You can merge the two
networks into one. In this test example, assume node 1 running a clustered virtual machine is
connected two networks, as shown below:

If any of the two networks goes down or the node running the virtual machine fails, that virtual
machine will be powered off and recovered on another node.
Test scenario:
Status: Normal: √, Failed: ×
Storage lock timeout: 20s (storage lock can be released by shut downing virtual machine); check
interval is 5 seconds.
[Networking]: You can configure virtual network in Networking on HCI platform.
Fault-tolerant time: If network interface cable is unplugged 3 times, status of network
connection will be deemed as abnormal; if storage cannot be accessed 2 times, the storage will
be deemed as abnormal.
HA scenario: If the node where virtual machine runs cannot be connected to network or access
storage, that VM will be migrated to another node. The following shows configuration of a virtual
machine with HA enabled:

As shown above, there are two nodes(101 and 102) which can access VM’s datastore. The virtual
machine is connected to the edge which connects to the eth2 interface of the two nodes
separately. Assume that the virtual machine is running on node 101 and memory of the node
102 is sufficient. In the following situations, that virtual machine will be migrated to node 102:
1) If the network cable of interface eth2 on node 101 is unplugged, the virtual machine will be
migrated to node 102; 2) When node 101 cannot access shared iSCSI storage, the virtual machine

will be migrated to node 102. 3) If node 101 goes down, the virtual machine will be migrated to
node102.
However, the virtual machine will not be migrated in the following scenario:
eth1 interface is used to communicate with other nodes. If the interface is unplugged, node 101
will become offline but the virtual machine running on it will not be migrated to node 102,
because the virtual machine is connected to the edge which does not connects to eth1 interface.
3.5. Manual Migration
When server is under maintenance, business system will be interrupted. Once server is
virtualized, business system can be migrated to another server to ensure business continuity.
Go to Compute, select the VM that needs to be migrated, and then select More > Others >
Migrate.
In the popup dialog, specify Datastore and Node under Destination Location, then click OK to
start migration.

If there are backups in the current data store, a dialog will pop up to ask you to confirm, the
migration process will not affect business continuity.

4. VM Backup
4.1. Introduction
Gaining the following knowledge about backup is necessary for reading this section.
1 Offsite Backup: Virtual machine is backed up to another datatore instead of the datatore where
the VM is stored.
1) Full Backup:
Data can be backed up completely every time. In the event of data loss, all the data can be
restored through full backup, and the recovery process is simple and takes a very short time.
2) Incremental Backup:
Only the files modified after last incremental or full backup occurred can be backed up.
Advantages of incremental backup: The amount of data to be backed up is relatively small;
Backup process takes a shorter time. However, recovery with incremental backup needs other
backup records, which leaves a potential risk
2 Local Backup: Virtual machine are backed up to the datastore where the VM is stored.
Local backup is to take a snapshot of VM, The process is very fast, but virtual machine cannot be
recovered if the VM’s image file is damaged.
4.1.1. Backup Objects
On Sangfor HCI platform, the main backup objects are VM data, including VM disk, config files
and so on. Similar to physical hosts, VM data must be backed up periodically in order to prevent
data loss due to human or technical error.

4.1.2. Backup Characteristics
Virtual machine can be recovered from backup when host fails or the VM cannot be powered on.
VM recovery operation needs to be performed by administrator on Sangfor HCI Web admin
console and destination location for recovery can be specified.
1) Incremental backup supported: All the data will be backed up the first time, but only
changes made after last backup occurred will be backed up, which will bring less impact on
host and network, and speed up backup process.
2) Hot backup supported: There is no need to shut down VM before backup. Thus, there is no
impact on use of VM during backup.
3) Scheduled backup supported: Backup can be planned to be performed at midnight, which
can reduce impact on user experience
4) VM data can be backed up to external storage or to another node in the cluster in case
there is no external storage.
5) Specific backup policy can be applied to new VMs. Therefore, there is no need to configure
VM backup policy for each new virtual machine.

6) Virtual machine can be recovered to the state at a specific time point when the backup
happened.
7) Auto backup directory supported: An optimal backup directory is automatically chosen
based on disk usage of clustered hosts and existing number of copies.
4.1.3. VM Backup and Recovery
Virtual machine can be recovered on the host running the virtual machine or on another host.
If host A fails, administrator can recover VM1, VM2 and VM3 running on host A to host B or C.
Typical Scenarios:
1. If host A operates properly but VM1 cannot be powered on, VM1 can be recovered on host A
from its backup.

2. If host A fails, VM1 can be recovered on host C. Since VM1’s backup is stored on host C, VM1
can be powered on quickly without synchronizing VM1data to host C.
3. If host A fails, VM1 can be recovered on host B of higher performance, instead of the host C
where VM1 backup is stored.

4.2. Backup Scenarios
4.2.1. Backup on Hosts in Cluster
If there is no external storage, you can back up virtual machine to another host in the
the cluster. When one host fails, virtual machine can be quickly recovered on another
host from its backup.

4.2.2. Backup on Shared Storage
In the cluster, if there is external shared storage, virtual machines can be backed up
on the shared storage. When one of the hosts fails, virtual machines running on the
failed host can be recovered on another host from backup on the shared storage.
4.2.3. Backup on Hosts and Shared Storage

In the cluster, there is external shared storage, and virtual machines are backed up
on hosts and the shared storage. Therefore, when a host or the shared storage fails,
virtual machine can be recovered from the backup on the shared storage or host.
4.3. Creating Backup
4.3.1. Manual Backup
To create VM backup, go to Compute and select the virtual machine you want to back up. Then
select More >Backup, as shown below:

Specify Backup Name and Destination Datastore. If the working and destination datastores are
the same, the backup will be deemed as snapshot. If they are different, it would be a full backup.
After backup name and destination datastore are specified, click OK to start backup.
4.3.2. Scheduled Backup
On Sangfor HCI platform, you can create scheduled backup policy to have VMs backed up
periodically.
Log in to Sangfor HCI Web admin console, go to System > VM Backup and Recovery > Backup.
Then, click Enable Scheduled Backup
To add a scheduled backup policy, click Add. Specify Policy Name, Backup VM, Backup Directory,
Periodic and Copies. Then, click OK to save the settings.

4.4. Recovering VM
In Compute, you can recover a virtual machine. First, select the virtual machine that you want to
recover, then select More > Summary, as shown below:
Go to the Backup tab and select the backup from which you want to recover the virtual machine.
Click on the backup file and the following dialog pops up. In the dialog, select Recover.

On the following page, specify Location, Node and Datastore, then click Next
Input OK if the configuration is right . Then, click Recover to start recovering the VM.

5. Network Visualization
5.1. Easier Network Deployment with “You Get What You

Draw” Editor
When you log in to Sangfor HCI platform for the first time, a wizard wil pop up to guide you
through virtual network deployment, as shown below: (You can also enter the wizard by clicking
How To on the upper-right corner)
5.1.1. Deploying Network Topology
In Networking, you can deploy virtual network topology. To edit topology, you must enter
editing status, otherwise, the topology can only be viewed. Click Edit to enter editing status, as
shown below:

5.1.2. Configuring Edge
Edge connects physical network and virtual network. It uses physical interface or aggregate
interface to connect to physical network in Trunk mode. When configuring edge, you need to
specify port group. A port group consists of more than one interfaces with the same
configuration(such as VLAN).
To deploy an edge, drag an edge onto the canvas from the left panel, select the physical
interfaces that need to be connected and then click Apply Changes.

5.1.2.1. Viewing Edge Settings
Select an edge and click on Settings button on the right to enter edge settings page. On the
Settings page, you can view and configure physical interface and port group.
Configuring Physical Interface
On the Physical Interface tab, you can add a new physical interface, delete or edit existing
physical interface, as shown below:

Configuring Port Group
On the Port Group tab, you can add a new port group, delete or edit existing port group.
To add a new port group, click Add to enter the following page and configure related fields.

[Name]: Specifies a name for the port group.
[Type]: Specifies the type of VLAN interface, Trunk or Access. Trunk port is used for VLAN
trunking or VLAN aggregation. It allows packets which carry VLAN information and VLAN ID is
within specific VLAN ID range. If the VLAN ID is not in the specific VLAN ID range, the packets will
be rejected.
Access port is used for untagged VLAN. If it receives packets without carrying VLAN information,
the packets will be tagged with specific VLAN IDs, which will be removed when the packets go out
of that Access port. It rejects all packets with VLAN information.
[VLAN ID]: It is required when the type is Trunk.
[PVID]: It is the default VLAN ID that will be tagged on the packets going through the switch but
carrying no VLAN ID.

5.1.3. Configuring Virtual Switch
A virtual switch provides connection, access control list (ACL) and broadcast storm prevention.
First, you need to check whether overlay network interfaces(VXLAN) of each node are configured
on a same network segment. If they belong to different subnets, nodes cannot communicate with
each other through a virtual switch. To check overlay network interface settings, select a node in
Nodes, click Summary to enter node summary page and then click Advanced on the Network tab
to enter the following page:
Navigate to Networking page and then drag a virtual switch onto the canvas. To make the switch
take effect, click Apply Changes.

5.1.3.1. Viewing Switch Settings
Select a virtual switch, you can view the switch’s configuration on the right. To configure switch,
click Settings button to enter Settings page, as shown below. On the following page, you can add
connection and access control policy, and enable broadcast storm prevention.
Adding Connection
On the Device tab, you can add connection to virtual machines and network devices(such as
router, NGAF, vADC) , as shown below:

To add connection to virtual machine, select Add Connection > To Virtual Machine, then select
the VM that you want to connect to the switch. Click OK to save the settings.
To add connection to network device, select Add Connection > To Network Device, select the
network device that you want to connect to the switch and then click OK.

Configuring Access Control Policy
On the Access Control tab, you can add access control policy. There is a default access control
policy which can be enabled or disabled but not deleted.
To add an access control policy, click Add to enter the following page:

[Enabled]: Select this option to enable the policy.
[Description]: Descriptive information of the policy.
[Filter]: Specifies Source and Destination.
[All]: Indicates any source or destination IP address.
[Interface]: Specifies source or destination interface.
[Specified]: Specifies specific source or destination IP address.
[Action]: Specifies action against matching packets. To allow the packets, select Allow. To
reject packets, select Reject
Configuring Advanced Settings
On the Advanced tab, you can enable and configure broadcast storm prevention which can help
to restrain outgoing packets or block some interface if multicast or broadcast storm occurs on
switch. Broadcast storm prevention is disabled by default.
To configure broadcast storm prevention, click Settings to enter the following page and specify
threshold.
5.1.3.2. Viewing Switch Summary
To view detailed settings of a switch, select the switch and click Summary button to enter switch
summary page Here you can view Basics, Traffic, Status and Network. You can also view admin
logs on the Admin Logs tab.

To refresh the current page, click Refresh.
To configure the switch, click Settings.
To capture packets, click Packet Capture to enter the following page:

The following are the contents on the above page:
Interface: Specifies the interface. The packets passing through that interface will be captured.
Expression: Specifies expression to filter packets. On the right panel of the Packet Capture &
Analysis page, it displays the expression formats.
Max File Size: Specifies the maximum size of the file. Packet capture will stop if the file size
exceeds the maximum.
Admin Logs: This section displays administrator logs, which record various operations performed
by the administrator, such as adding connection. Each log contains the following information:
Status, Action, Start Time, End Time, Username, Node, Object Type, Object and Operation. To
view detailed information of logs, click View.

5.1.4. Configuring Virtual Router
A virtual router provides functions like interface, VLAN subinterface, static route, NAT, access
control, DHCP, DNS and high availability(HA).
To deploy a virtual router, go to Networking page, enter editing status, drag a virtual router onto
the canvas and then click Apply Changes, as shown in the following page. To edit router’s name,
select the router and edit its name on the right panel.
5.1.4.1. Router Settings
You can configure a virtual router by clicking Settings button to enter the Settings page. On that
page, you can configure interface and VLAN subinterface, static route, NAT, access control policy,
DHCP, DNS and high availability(HA).

Configuring Interface
On the Interface tab, you can configure the router's network interface and the corresponding
VLAN subinterface.

Configuring Static Route
On the Route tab, you can configure a static route or more than one at a time. Static route is
required when router needs to send packets to various subnets.
To add a static route, click Add Static Route and configure related fields on the following page:
The following contents are included on the above page:
[Dst IP]: Specifies the destination IP address.
[Netmask]: Specifies netmask corresponding to the destination IP address.

[Next-Hop IP]: Specifies the next-hop IP address.
[Interface]: Specifies the interface through which data is forwarded.
To add multiple static routes, click Add Multiple to enter,the following page:
One static route per row. Example: destination IP address, netmask, next-hop IP address.
Configuring NAT Rule
On the NAT tab, you can configure SNAT and DNAT rules SNAT is used to translate source IP
address of a data packet, while DNAT is used to translate destination IP address of a data packet.
DNAT is commonly used to publish an internal service on a publicly accessible IP address.

To add a source NAT rule, click Add on the Source NAT tab and configure the fields on the
following page:
[Enabled]: Select this option to enable the SNAT rule.

[Interface]: Specifies outgoing interface through which data is forwarded.
[Source]: Specifies source IP address. Options are All and Specified. If Specified is selected, only
the IP addresses within the specified IP range will be translated
[Destination]: Specifies destination IP address. Options are All and Specified. If Specified is
selected, only the source IP addresses of the packets routed to the specified destination IP
address will be translated.
[Address Translation]: Specifies mapped source IP address. If Outgoing interface IP is selected,
source IP address will be translated to the IP address of specified outgoing interface. If Specified
is selected, source IP address will be translated to the specified IP address.
To add a DNAT rule, click Add on the Destination NAT tab, as shown below:
[Enabled]: Select this option to enable the DNAT rule.

[Interface]: Specifies the incoming interface through which external data flows into intranet.
[Source]: Specifies source IP address.
[Destination]:Specifies destination IP address and port. Destination IP address can be IP address
of incoming interface or a specific IP address. If Incoming interface IP is selected, the destination
IP address will be translated to specified IP address only when it is the IP address of specified
incoming IP address. To specify destination port, you need to specify protocol and port number
To bypass ACL and allow access via incoming interface, select the option Bypass ACL and allow
access via incoming interface.
[Address Translation]: Specifies mapped destination IP address and mapped port.
Configuring Access Control Policy
On the Access Control tab, you can add access control policy. There is a default access control
policy which can be enabled or disabled but not deleted.
To add an access control policy, click Add to enter the following page:

[Enable]: Select this option to enable the policy.
[Description]: Descriptive information of the policy.
[Filter]: Specifies Source and Destination.
[All]:Indicates any source or destination IP address.
[Interface]: Specifies source or destination interface.
[Specified]: Specifies specific source or destination IP address.
[Service]: Specifies service, such as WEB, DNS and other services.

[Action]: Specifies action. To allow access, select Allow; To reject access, select Reject.
Configuring DHCP
DHCP is used to automatically assign IP addresses to virtual machines. You can configure DHCP IP
address pool on the IP Address Pool tab and view status of assigned IP addresses on the Status
tab.
To add IP address pool, click Add IP Address on the IP Address Pool tab.

On the above page, specify Interface, Start IP, End IP, Netmask, Default Gateway, Preferred DNS
and Alternate DNS.
Advanced: You can specify Preferred WINS, Alternate WINS, and Lease, as shown below:
On the Status tab, it displays the following information: Interface, IP Address, Host Name, MAC,
Time Assigned, Lease Expiration and Bindings. To bind IP address with the corresponding host,
click Bind and specify MAC address. Thus, the IP address will be only assigned to the host with
the specified MAC address.

Configuring DNS
DNS proxy can help to resolve domain names for the devices connected to the virtual router. To
edit DNS server, click Edit.
Configuring Advanced Options
On the Advanced tab, you can enable high availability (HA) and specify a node to run the virtual
router.

To enable HA, select the option HA. If HA is enabled, a second router will be built on another
node and synchronize data in real time. If one node fails, the second router will take over
seamlessly. However, synchronizing data between the two routers will consume extra network
bandwidth.
Without HA enabled, the router will be recovered on another node when the node running that
router fails, but it will take a longer time.
[Router Running on Node]: By default, the node where the router runs is automatically selected
according to the settings on the following page. You can also change the current node running
the router as per your need.

5.1.4.2. Viewing Router Summary
You can view detailed information of a virtual router by selecting the router and clicking
Summary button. On the Summary page, it displays Basics, Traffic, Status and Network. On the
Admin Logs page, it displays administrator logs.

To refresh the current page, click Refresh.
To configure the virtual router, click Settings.
To capture packets, click Packet Capture to enter the following page:

The following are contents on the above page:
Interface: Specifies the interface. The packets passing through that interface will be captured.
Expression: Specifies expression to filter packets. On the right panel of the Packet Capture &
Analysis page, it displays the expression formats.
Max File Size: Specifies the maximum size of the file. Packet capture will stop if the file size
exceeds the maximum.
Admin Logs: This section displays administrator logs, which record various operations performed
by the administrator, such as adding connection. Each log contains the following information:
Status, Action, Start Time, End Time, Username, Node, Object Type, Object and Operation. To
view detailed information of logs, click View.

5.1.5. Configuring Virtual Network Device
Currently, only the virtual network devices(NGAF and vADC) could be deployed into virtual
network in Networking.
5.1.5.1. Uploading Template
In Networking > Templates, you can upload the .vma file of virtual network devices, as shown
below:

To upload a template file, click Upload, select the vma file that you want to upload and specify
datastore. Then click Upload to start upload.
If the template file is uploaded successfully, you will see its information in the template list, as
shown below:
To build a virtual network device, drag the virtual network device onto the canvas and configure
the basic information, then click Apply Changes.
5.1.5.2. Licensing Virtual Network Device
To make a virtual network device available, you need to license that device first by clicking
Licensing, as shown below:

When you click Licensing, the following page appears:
On the above page, you can specify configuration type, configure licensed resources, and view
licensed hardware usage and licensed resource usage.
Device Name: Displays the name of the current virtual network device.
Config Type: Specifies configuration type of the virtual network device. Note that configuration
can only be set higher.
Licensed Resources: Specifies licensed resources for the virtual network device.
Licensed Features: Displays licensed functions.
If the virtual network device is licensed successfully, it will be automatically restarted and then
you will see the Web Console and More buttons on the right panel in Networking. To perform
more operations against the virtual network device, click More button, and select the operation,
such as Shut Down, Power Off, Backup, Recover, Migrate and Clone, etc.

To enter Web admin console of the virtual network device, click Web Console.
5.1.5.3. Configuring Virtual Network Device
You can configure virtual network device by selecting the device and clicking Settings button.

Configuring Interface
On the Interface tab, it displays the following information: Interface, IP Address, Netmask, MAC
Address, Connected To and Status. To change number of interfaces, click Edit.
To change interface’s status, click or icon . To disable an interface, click on
. To enable an interface, click on .
Modifying Configuration
On the Configuration tab, you can change configuration of the virtual network device by clicking

Change button.
On the above page, you can modify hardware configuration on the right.
Hardware configuration can only be set higher.
Changing Location
On the Location tab, you will see the information of datastore and the current node running the
virtual network device. To change the current location, click Change button to enter the following
page and specify destination location.

As shown above, the current location is displayed on the left side and the destination location
can be specified on the right side.
If the destination datastore is not shared, HA will not be supported.
Configuring Advanced Options
There are advanced options on the Advanced tab, as shown below:
To have the virtual network device power on upon node startup, select Power on at node startup.
High priority can ensure that the virtual network device has enough resources even when overall
resources are inadequate. Reboot if error occurs enables virtual device to restart automatically
when it is not responding due to stuck. HA enables virtual network device to be migrated to
another node when the working node fails.
To configure debugging options, click Debug, as shown below:

Disk write caching feature enables files on disks to be loaded to memory so as to improve disk IO
performance.
5.1.5.4. Viewing Summary of Virtual Network Device
You can view detailed information of virtual network device by selecting the device and clicking
Summary button. The following information are displayed on the Summary page: device status,
sessions, connection status, and inbound and outbound rate. On the Admin Logs page, you can
view detailed operation logs.
On the above page, you can perform the following operations: Power On, Shut Down, Backup,
Settings, Licensing. Click More to perform more operations, such as Power Off, Migrate and
Clone.
5.2. Traffic Visualization
On Sangfor HCI platform, traffic going through virtual devices on the topology can be viewed
intuitively, which helps to find network connection problems.
To display traffic data, click icon on the topology In Networking.
To hide traffic data, click icon. Thus, you can view virtual network devices and virtual
machines more clearly.
5.3. Simpler Troubleshooting
With network connection detection, troubleshooting becomes much simpler and more intuitive,
and network problems could be found more quickly. To test connectivity, you need to specify the
source virtual machine and destination IP address, and then click Start to start test.

Click Test Connectivity to enter the following page:
Click … to select a virtual machine, and input destination IP address (domain name not
supported), then click Start.
Then, the detailed test process will display, including sending request and receiving response.
Therefore, network connection problem can be quickly located.

SANGFOR - HCI (Hyper-Converged Infrastructure) - User Manual

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

SANGFOR - HCI (Hyper-Converged Infrastructure) - User Manual

Hochgeladen von

Copyright:

Verfügbare Formate

SANGFOR Hyper-Converged

Infrastructure(HCI) User Manual

3 SANGFOR HCI User Manual

form or by any means without prior written permission of SANGFOR.

contact the Customer Service of Sangfor.

4 SANGFOR HCI User Manual

This user manual includes the following chapters:

1. Installing SANGFOR HCI Software

2. Migrating Physical/Virtual Machine to HCI Platform

some differences in configuration for different versions.

5 SANGFOR HCI User Manual

Graphic Interface Conventions

Convention Meaning Example

Page/tab name example:

Navigate to Nodes > Storage to enter the Storage

Page title, IP Address: Specifies the IP address that you want

button, Button example:

other highlighted Key press example:

Highlighted keyword/item example:

The user name and password are Admin by

“” Prompt The browser may pop up the prompt to ask you to

to be paid during the operation:

6 SANGFOR HCI User Manual

Indicates actions that could cause setting error, loss of data

Warning Indicates actions that could cause injury to human body

Note Indicates helpful suggestion or supplementary information

For technical support, please contact us through the following:

Tel: +60 12711 7129 (7511)

7 SANGFOR HCI User Manual

environment, which are called virtual machines.

1.1. Hardware Requirements

better virtual machine’s user experience will be.

Additionally, there are some requirements for hardware configuration of servers:

CPU Support Intel Virtualization Technology(VT)

Disk capacity >=60GB

Number of NICs >=1

8 SANGFOR HCI User Manual

1.2.1. Writing Image File to USB Drive

Software required: UltraISO

should be larger than the size of ISO file.

9 SANGFOR HCI User Manual

after the image file is written to the USB drive.

10 SANGFOR HCI User Manual

support storage virtualization.

11 SANGFOR HCI User Manual

Computer’s processor should be 64-bit Intel architecture. If it is AMD architecture, system

13 SANGFOR HCI User Manual

AMD architecture processor, system will exit installation.

14 SANGFOR HCI User Manual

to continue installation or select Cancel to go back to the previous step

To skip this step, select No.

15 SANGFOR HCI User Manual

recommended write speed is: >=60MB/s

16 SANGFOR HCI User Manual

network interface eth0 configuration page

Set IP address, netmask and gateway address, then click OK.

17 SANGFOR HCI User Manual

18 SANGFOR HCI User Manual

19 SANGFOR HCI User Manual

into browser address toolbar(the IP address is configured on network configuration page).

20 SANGFOR HCI User Manual

2. VMs from Other Virtualization Platforms

2.1. Converting Physical Servers to Virtual Machines