This isn't a bug, and your performance isn't being throttled. It’s a side effect of how different OS versions interpret the Xen Paravirtual (PV) storage path.

1. The Core Problem: Virtualization vs. Reality

When you create a VM, the hypervisor presents a virtual disk via a virtualized controller. For XCP-ng, this is the Xen PV SCSI Host Adapter. In Windows, this appears as a "XENSRC PVDISK SCSI Disk Device."

Because the connection type is SCSI, modern Windows versions have to make a choice:

• Windows Server 2019: Often leaves the "Media Type" field blank. It doesn't want to guess the hardware type if it isn't explicitly told.

• Windows Server 2022: Microsoft updated the UI to be more specific. If the OS sees a SCSI bus and hasn't received a "Non-Rotational" flag from the host, it defaults to the HDD label because SCSI has historically been mechanical storage.

2. Windows Verification: Checking the "Truth"

Don't trust the Task Manager icon. Use these commands to see exactly what is happening under the hood.

The Driver Check

First, ensure your Guest Tools are healthy. In Device Manager, you should see XENSRC PVDISK. This confirms you are using the high-performance PV driver rather than a generic emulated one.

The PowerShell Diagnostic

The "Media Type" listed here is what Windows uses to decide whether to Defrag (Bad for SSD) or TRIM (Good for SSD).

PowerShell

# Check how Windows identifies the hardware
Get-PhysicalDisk | Select-Object FriendlyName, MediaType, BusType, OperationalStatus

• FriendlyName: XENSRC PVDISK confirms your Guest Tools are active.

• MediaType: Unspecified is the culprit. When Windows sees this, Server 2022/2019 defaults to "HDD."

• BusType: SCSI is the paravirtualized path used for high performance.

3. Linux Verification: Rotational vs. SSD

Linux is much more transparent. It uses a binary "Rotational" (ROTA) flag: 1 for spinning, 0 for solid state.

The lsblk Command

Run the following to check your drive status (usually xvda or xvdb in Xen):

Bash

lsblk -d -o NAME,ROTA,TYPE,SIZE

• ROTA = 0: The kernel correctly identifies it as an SSD.

• ROTA = 1: The kernel thinks it's a spinning disk.

Verify TRIM (Discard) Support

Even if the label is wrong, check if the OS can "TRIM" the drive:

Bash

lsblk --discard

If DISC-GRAN shows a value (like 4K), your VM is successfully communicating with the underlying NVMe.

4. The Real Fix: Host-Level Flagging

Since Windows and Linux can't always change their "hardware" identity from the inside when the media type is "Unspecified," you must tell the XCP-ng host to "advertise" the SSD status.

Run these commands on your XCP-ng Host CLI (Not inside the VM):

1. Find your VM's UUID:

   xe vm-list name-label="Your_VM_Name"

2. Find the VBD (Virtual Block Device) UUID for that VM:

   xe vbd-list vm-uuid=<VM_UUID>

3. Set the SSD flag on the VBD:

   xe vbd-param-set uuid=<VBD_UUID> device-config:type=ssd

4. Restart the VM.

Final Comparison Summary

The Bottom Line: Your "HDD" is actually a high-speed NVMe. The label in Windows 2022 is a visual placeholder for the SCSI bus. As long as your PowerShell shows OperationalStatus: OK, you are running at full speed!

Imagine you're deploying a new Ubuntu VM via Apache CloudStack on your XCP-ng hypervisor. Everything seems to go smoothly, but then you check the VM's properties in XCP-ng Center (or Xen Orchestra), and there it is – a red flag indicating "Invalid configuration" next to your CPU topology.

You scratch your head. You've set the vCPUs in CloudStack, and the VM is running (or trying to), but this error persists. This is precisely the situation our user encountered, as seen in their screenshot:

Notice the "Topology: 2 cores per socket (Invalid configuration)" message. This isn't just a visual nuisance; it can prevent VMs from starting, especially after migration or reboot, and it can mislead guest operating systems about their CPU resources.

Understanding the Root Cause: CPU Topology Mismatch

The core of the problem lies in how XCP-ng (and its underlying XAPI) enforces CPU topology rules, and how Apache CloudStack communicates these rules (or sometimes, doesn't) when creating VMs.

XCP-ng's Golden Rule: XCP-ng requires that the Max number of vCPUs must always be perfectly divisible by the Cores per socket. If this mathematical relationship isn't met, XCP-ng flags it as an "Invalid Configuration."

CloudStack's Default Behavior:

• High Max vCPUs: CloudStack often sets Max vCPUs to a very high number (e.g., 80 in our example) in the XCP-ng VM metadata (VCPUs-max). This is done to facilitate CPU hot-plugging, allowing you to scale vCPUs upwards without a reboot.

• Cores per socket Defaults: Unless explicitly told otherwise, CloudStack frequently defaults to telling XCP-ng that a VM should have 1 core per socket (or sometimes 2, as in our user's case).

The Conflict: When CloudStack deploys a VM with, say, 6 Virtual CPUs (VCPUs-at-startup) and a Max number of vCPUs of 80, but the platform:cores-per-socket parameter is set to 2:

• For VCPUs-at-startup (6): 6/2=3 (Valid!)

• For VCPUs-max (80): 80/2=40 (Still mathematically valid!)

So, why the error? The issue often arises because:

1. Missing or Implicit Platform Key: CloudStack might not explicitly set the platform:cores-per-socket key when provisioning, or XCP-ng Center's stricter validation logic flags a potential future conflict if VCPUs-at-startup doesn't match the cores-per-socket rule in the context of hotplugging.

2. XCP-ng Center's Sensitivity: XCP-ng Center can be particularly sensitive to these settings, sometimes flagging configurations that Xen Orchestra or the XAPI might tolerate.

The most common real-world impact is when the guest OS sees many "sockets" (if cores-per-socket is low), potentially impacting software licensing (like Windows Server, which is often licensed per socket or core).

Step-by-Step Solutions

Let's fix this, starting with the immediate remedy for an existing VM, and then moving to the preventive measure in CloudStack.

1. The Immediate Fix: Correcting a Running VM via XCP-ng CLI

If you have a VM already deployed and showing this error, you can fix its cores-per-socket value directly on the XCP-ng host.

Access Your XCP-ng Host: SSH into the XCP-ng host where the problematic VM is running (in our example, DHCLD-AZ1C2-XCPH01).

Identify the VM's UUID: You can see the UUID in the XCP-ng Center screenshot (0d5821cf-99c6-ab7c-0415-8dd3921d9a09). If not, find it with:

Bash

xe vm-list name-label="i-716-14647-VM" --minimal
# This will output just the UUID, e.g., 0d5821cf-99c6-ab7c-0415-8dd3921d9a09

Apply the Fix: The safest and most compatible value for cores-per-socket is 1. This ensures that any VCPUs-at-startup or VCPUs-max value will be divisible by 1, satisfying XCP-ng's rule.

Bash

xe vm-param-set uuid=0d5821cf-99c6-ab7c-0415-8dd3921d9a09 platform:cores-per-socket=1

Replace the UUID with your VM's actual UUID.

Verify the Change: You can check the updated platform parameters:

Bash

xe vm-list uuid=0d5821cf-99c6-ab7c-0415-8dd3921d9a09 params=VCPUs-at-startup,VCPUs-max,platform

You should now see cores-per-socket: 1 in the output. The "Invalid configuration" message in XCP-ng Center should also clear after a refresh.

2. The Permanent Fix: Updating CloudStack Service Offerings

To prevent this issue for all future VMs deployed from a specific Service Offering, you need to configure CloudStack to explicitly set cores-per-socket when provisioning.

Log into CloudStack UI: Navigate to Service Offerings under the Service Offerings or Compute section.

Edit Your Service Offering:

• Select the Service Offering you use for XCP-ng deployments (e.g., your "Ubuntu 16.04 LTS" offering).

• Click View Details or Edit.

Add a Custom Detail:

• Find the Details section.

• Add a new custom detail:

  • Key: cpu.corespersocket

  • Value: 1 (Recommended for broadest compatibility and to avoid this specific error)

Considerations for cpu.corespersocket Value:

• 1 is Safest: As mentioned, 1 will always satisfy the divisibility rule. The guest OS will see many sockets, each with one core.

• Matching Physical Topology: If you have specific licensing requirements or want to optimize for NUMA awareness, you might choose a value that reflects your physical host's core count per socket (e.g., 4 or 8). Just ensure this value evenly divides into your Max vCPUs and your Virtual CPUs set in the offering.

• Example: If your Service Offering provides up to 16 vCPUs and you set cpu.corespersocket=4, the VM will be presented with 4 sockets, each with 4 cores.

3. (Optional) Bulk Update Service Offerings via CloudStack API

If you have many Service Offerings that need updating, doing it manually is tedious. You can use the CloudStack API to perform a bulk update.

First, you'll need to find the id of your Service Offering. You can do this by using the listServiceOfferings API call:

Bash

# Example: Replace your-cloudstack-api-url and api-key/secret-key
curl "http://your-cloudstack-api-url/client/api?command=listServiceOfferings&name=Your%20Offering%20Name&response=json&apiKey=YOUR_API_KEY&secretKey=YOUR_SECRET_KEY"

Once you have the id, you can use the updateServiceOffering command, specifying the custom detail:

Bash

# Example: Replace your-cloudstack-api-url, offering-id, and api-key/secret-key
curl "http://your-cloudstack-api-url/client/api?command=updateServiceOffering&id=OFFERING_ID&details[0].key=cpu.corespersocket&details[0].value=1&response=json&apiKey=YOUR_API_KEY&secretKey=YOUR_SECRET_KEY"

Remember to replace OFFERING_ID, YOUR_API_KEY, and YOUR_SECRET_KEY with your actual values.

Why is CPU Topology Important Beyond Just "Fixing the Error"?

• Operating System Licensing: Many older Windows Server licenses are socket-based. Presenting a VM with 16 vCPUs as 16 sockets (1 core/socket) could hit a 2- or 4-socket OS license limit, causing the OS to ignore most of its assigned vCPUs. Setting cores-per-socket to a higher value (e.g., 4 or 8) makes the OS see fewer sockets with more cores, aligning better with licensing models.

• Performance: While modern hypervisors are very good at abstracting CPU resources, aligning the VM's perceived CPU topology with the underlying physical host's NUMA (Non-Uniform Memory Access) architecture can sometimes yield minor performance benefits by optimizing cache utilization.

• Guest OS Awareness: Some applications or monitoring tools within the guest OS might behave differently based on the reported CPU topology.

Conclusion

The "Invalid configuration" error regarding CPU topology between Apache CloudStack and XCP-ng is a common integration challenge. By understanding XCP-ng's strict divisibility rule and explicitly configuring cpu.corespersocket in your CloudStack Service Offerings (or directly on the VM via XCP-ng CLI), you can ensure smooth VM deployments, avoid frustrating errors, and potentially optimize guest OS behavior.

Don't let a small configuration detail derail your cloud infrastructure – a simple platform:cores-per-socket=1 can save you a lot of headaches!

Think of protocols as the common languages that different computers speak to understand each other. Without them, the internet as we know it simply wouldn't exist. Let's break down some of the most fundamental networking protocols and explore their roles with real-world examples.

1. HTTP: The Foundation of the Web

Protocol Name: HTTP (Hypertext Transfer Protocol) Description: Used by web browsers and servers to communicate and exchange information.

HTTP is the unsung hero of your daily internet experience. Every time you type a website address into your browser, you're initiating an HTTP request.

Example: When you visit www.google.com, your web browser sends an HTTP request to Google's servers. The server then responds with the HTML, CSS, and JavaScript files that make up the Google homepage, which your browser renders for you to see. It's a stateless protocol, meaning each request from the client to the server is independent.

2. HTTPS: Securing Your Online Interactions

Protocol Name: HTTPS (Hypertext Transfer Protocol Secure) Description: An extension of HTTP that offers secure and encrypted communication.

HTTPS is the secure version of HTTP. It adds a layer of encryption (SSL/TLS) to protect your data from eavesdropping and tampering. You'll often see a padlock icon in your browser's address bar when a website uses HTTPS.

Example: When you log into your online banking account or make a purchase on an e-commerce site, HTTPS ensures that your sensitive information, like passwords and credit card numbers, is encrypted as it travels between your computer and the server, preventing unauthorized access.

3. FTP: Transferring Files with Ease

Protocol Name: FTP (File Transfer Protocol) Description: Used to transfer files between a client and a server.

FTP has been a long-standing method for moving files between computers over a network. While often superseded by more secure alternatives for general web content, it's still used in specific scenarios.

Example: A web developer might use FTP to upload website files (HTML, images, scripts) from their local computer to a web hosting server. Similarly, you might use an FTP client to download large software packages from a remote server.

4. TCP: Ensuring Reliable Data Delivery

Protocol Name: TCP (Transmission Control Protocol) Description: Delivers a stream of ordered bytes from one computer to another.

TCP is a connection-oriented protocol that provides reliable, ordered, and error-checked delivery of a stream of bytes between applications. It ensures that data reaches its destination completely and in the correct sequence.

Example: When you're streaming a video on YouTube, TCP is working behind the scenes to ensure that all the video data packets arrive in the correct order, so you don't experience a jumbled or incomplete video. If a packet is lost, TCP will request its retransmission.

5. IP: The Internet's Addressing System

Protocol Name: IP (Internet Protocol) Description: Addresses and routes packets of data sent between networked devices.

IP is the backbone of the internet, responsible for addressing and routing data packets. Every device connected to a network has an IP address, which is like its unique postal address.

Example: When you send an email, your computer uses IP to determine the recipient's email server's IP address. The email data is then broken down into packets, and IP helps route these packets across various routers and networks until they reach their destination.

6. UDP: Fast but Unreliable

Protocol Name: UDP (User Datagram Protocol) Description: A simple and connectionless protocol that does not divide messages into packets and sends them in order.

Unlike TCP, UDP is a connectionless protocol, meaning it doesn't establish a persistent connection or guarantee delivery. It's faster because it has less overhead, but it sacrifices reliability for speed.

Example: UDP is commonly used for real-time applications where speed is more critical than guaranteed delivery, such as online gaming or live video conferencing. If a few packets are lost in a game, it might result in a minor glitch, but the game continues without significant interruption.

7. SMTP: The Mailman of the Internet

Protocol Name: SMTP (Simple Mail Transfer Protocol) Description: Used to transmit emails across IP networks.

SMTP is the protocol that allows you to send emails. When you hit "send" on an email, SMTP takes over to deliver your message to the recipient's mail server.

Example: When you send an email from your Gmail account to a friend using Outlook, your Gmail server uses SMTP to communicate with your friend's Outlook server to deliver the email.

8. SSH: Secure Remote Access

Protocol Name: SSH (Secure Shell) Description: A cryptographic network protocol to secure data communication, remote command-line login, and remote command execution between two networked computers.

SSH provides a secure channel over an unsecured network by using strong encryption. It's widely used by network administrators and developers to access and manage remote servers.

Example: A system administrator might use SSH to securely log into a remote server located in a data center to perform maintenance, install software, or troubleshoot issues, all without the risk of their commands or data being intercepted.

Why are Protocols So Important?

These protocols, and many others, work together in a layered fashion (often referred to as the TCP/IP model or OSI model) to ensure that data travels efficiently and reliably across the globe. They provide the necessary structure, rules, and standards that allow diverse devices and systems to communicate effectively, making the internet the powerful tool it is today. Understanding these fundamental protocols is key to grasping how our digital world functions.

VPN stands for Virtual Private Network, and it's like a secret tunnel for your internet connection. It helps keep your online activities private and secure. Let's break down some of the key things to know about VPNs.

What Kinds of VPNs Are There?

Just like there are different types of cars, there are different types of VPNs for various needs:

• Remote Access VPN: This is what many individuals use to connect securely to a private network, often for work from home.

• Site-to-Site VPN: Imagine two company offices in different locations needing to securely share information. A site-to-site VPN connects their networks directly.

• SSL VPN: This type uses web browsers for secure connections, often seen in specific applications.

• MPLS VPN: Used mostly by large businesses for connecting multiple sites over a provider's network.

How Do VPNs Work? (The "Secret Sauce")

VPNs use special rules and methods to keep your data safe. These are called VPN Protocols:

• IPSec: A common and secure set of protocols.

• L2TP/IPSec: Another combination for secure connections.

• SSL/TLS: Often used for secure web Browse and in some VPNs.

• IKEv2/IPSec: Known for its speed and stability, especially on mobile devices.

• OpenVPN: An open-source and very flexible protocol, popular for its security.

• WireGuard: A newer, faster, and simpler protocol gaining popularity.

Key Ideas Behind VPNs

When you use a VPN, a few important things happen:

• Encryption: Your data is scrambled so no one can read it if they intercept it. Think of it like putting your message in a secret code.

• Tunneling: Your internet traffic travels through a secure "tunnel" to the VPN server, hidden from your internet provider or anyone else trying to snoop.

• Authentication: The VPN makes sure that only authorized users and devices can connect to the network.

• Split Tunneling: This lets you choose which apps or websites use the VPN tunnel and which don't. So, you could watch a streaming service through the VPN while Browse a local news site directly.

• Full Tunnel: All your internet traffic goes through the VPN. This is the most secure option.

Who Makes VPN Technologies?

Many companies offer VPN solutions, often with their own specific technologies:

• Cisco: Known for AnyConnect.

• Fortinet: Offers FortiClient.

• Palo Alto: Uses GlobalProtect.

• OpenVPN: This is both a protocol and a popular open-source solution.

• MikroTik: Utilizes WireGuard.

Why Do People Use VPNs?

VPNs are incredibly useful for many situations:

• Corporate Access for Remote Workers: If you work from home, a VPN lets you securely connect to your company's internal network and resources.

• Secure Connection Between Data Centers: Businesses use VPNs to protect data exchanged between their different data storage facilities.

• Bypassing Geographic Restrictions: Ever seen a video or website that's blocked in your country? A VPN can make it look like you're Browse from a different location, letting you access that content.

• Protecting Data on Public Wi-Fi: When you're using public Wi-Fi at a coffee shop or airport, your data can be vulnerable. A VPN encrypts your traffic, keeping it safe from prying eyes.

In a nutshell, VPNs are powerful tools for enhancing your online privacy and security, whether you're working, traveling, or just Browse the web. They create a secure pathway for your data, giving you more control over your digital footprint.

What is a Network?

Think of a network as a group of devices (like your phone, laptop, or printer) connected together. These connections allow them to share information and resources.

There are different types of networks, depending on their size and reach:

• LAN (Local Area Network): This is a small network, like the one in your home or office.

• WAN (Wide Area Network): This covers a larger area, like connecting cities or even countries (the internet is a huge WAN!).

• MAN (Metropolitan Area Network): This is somewhere in between, covering a city or a large campus.

What are Switches?

Imagine you have many devices in your house that want to talk to each other. A switch is like a traffic controller that helps these devices connect within your local network (LAN). It knows which device is where and directs data only to the intended recipient.

Switches come in different types:

• Unmanaged Switch: Simple plug-and-play, no configuration needed.

• Managed Switch: Offers more control and features for network administrators.

• Layer 3 Switch: A more advanced switch that can also perform some routing functions.

• Smart Switch: A hybrid between unmanaged and managed, offering some basic management features.

What is a Router?

While a switch connects devices within a local network, a router is what connects your local network to other networks, like the internet! It's like a post office that knows the best path to send your data packets to their destination.

Routers use different methods to figure out these paths, called "routing":

• Static Routing: You manually tell the router the paths.

• Dynamic Routing: The router automatically learns the best paths.

• Default Routing: A pre-set path for traffic that doesn't have a specific route.

What is a VLAN?

Sometimes, even within a single network, you might want to separate groups of devices. That's where VLANs (Virtual Local Area Networks) come in. They allow you to segment a physical network into multiple smaller, virtual networks. It's like having different departments in an office, each with its own private network, even if they share the same physical cables.

Common types include:

• Default VLAN: The default VLAN all ports belong to initially.

• Voice VLAN: Dedicated for voice traffic to ensure quality.

• Data VLAN: For general data traffic.

• Native VLAN: Used for untagged traffic on a trunk link.

What is Trunking?

If you have multiple VLANs and want them to communicate over a single physical link (like one cable between two switches), you use trunking. It enables that single link to carry traffic for multiple VLANs by adding special "tags" to the data.

Common trunking protocols include:

• 802.1Q (Dot1Q): The industry standard for VLAN tagging.

• ISL (Inter-Switch Link): A Cisco-proprietary trunking protocol.

What is EtherChannel?

Imagine you have two switches and want more speed and reliability between them. EtherChannel allows you to bundle multiple physical links (cables) into a single logical link. This increases bandwidth and provides redundancy – if one cable fails, the others can pick up the slack.

EtherChannel can be configured in a few ways:

• PagP (Port Aggregation Protocol): A Cisco-proprietary protocol.

• LACP (Link Aggregation Control Protocol): An open standard.

• Static (Manual): You manually configure the bundle.

What is STP?

Sometimes, devices can get confused if there are multiple paths to the same destination, creating loops in the network. STP (Spanning Tree Protocol) is a clever protocol that prevents these loops by strategically blocking redundant paths, ensuring there's only one active path at any given time.

Different versions exist:

• STP: The original Spanning Tree Protocol.

• RSTP (Rapid Spanning Tree Protocol): A faster version of STP.

What is ACL?

Think of an ACL (Access Control List) as a security guard for your network. It filters network traffic based on predefined rules, allowing or denying specific types of data from passing through. This helps protect your network from unauthorized access and malicious traffic.

ACLs come in different forms:

• Standard ACL: Filters traffic based on source IP address.

• Extended ACL: Filters traffic based on source/destination IP address, port number, protocol, etc.

• Named ACL: Gives a name to an ACL for easier management.

And there you have it! A simple overview of some essential networking concepts. Understanding these basics can help you better appreciate how our digital world is connected.

At its core, SNMP facilitates communication using the User Datagram Protocol (#UDP) on specific ports: 161 and 162.

• Port 161 is the designated channel for interaction between an SNMP manager and its agents. Here, the manager sends requests to the agent residing on the managed device.

• Port 162 serves a different purpose, allowing agents to send unsolicited notifications, known as #snmptraps, directly to the manager. This is crucial for immediate alerts on critical events.

Key Components of SNMP

To understand how SNMP functions, it's essential to recognize its core components:

1. #SNMP Management Device: This is typically a centralized server or workstation, such as a SCADA Server or a Network Management System (NMS), where the SNMP Manager software is executed.

2. #SNMP Manager: The brain of the SNMP operation. The Manager controls and monitors network device activities by sending out requests and processing the responses received from agents.

3. #SNMP Managed Device: Any network-enabled device that is being monitored via SNMP. Examples include Ethernet switches, GPS devices, servers, and workstations.

4. #SNMPAgent: Software residing on the managed device. Its primary role is to collect and store management information locally. Upon receiving a request from the SNMP Manager, the Agent retrieves the requested data and sends back a response.

5. #MIB (Management Information Base): Think of this as a structured database utilized by SNMP. It defines the hierarchy and characteristics of the network data that can be accessed. Within the MIB are #OIDs (Object Identifiers), which are unique identifiers representing specific pieces of information about the managed device.

SNMP Versions: A Historical Perspective

SNMP has evolved through different versions, each introducing improvements and addressing limitations of its predecessors:

• #SNMPv1: The initial version, characterized by its basic functionality but lacking robust security features like encryption and strong authentication.

• #SNMPv2c: This version introduced community-based security, allowing access based on shared community strings. It also brought enhancements like bulk data transfers, but still lacked encryption for data confidentiality.

• #SNMPv3: The most secure version to date. SNMPv3 implemented user-based security, providing authentication through usernames and passwords, and crucially, incorporating encryption to protect the integrity and confidentiality of SNMP messages.

Understanding the principles and components of SNMP is vital for anyone involved in managing and maintaining modern OT environments. Its ability to provide a unified view of network devices makes it an indispensable tool for ensuring network health and operational efficiency.

Now, before we dive into the nitty-gritty details, I want to mention that we'll skip over the basic setup tasks like assigning IP addresses and enabling SSH. Instead, let's jump straight into the action!

Configure Virtual Switch Unit (VSU)

In Ruijie switches, the concept of Virtual Switch Unit (VSU) is akin to switch stacking in other vendors' switches like CISCO. It allows us to virtualize multiple physical switches into one logical unit for simplified management and enhanced redundancy. Here's how we set it up:

First, we'll configure Virtual Switch Unit (VSU) on each switch. This helps combine multiple switches into one logical unit for easier management. Each VSU gets a unique domain ID, but multiple switches can share the same ID if they're part of the same VSU.

Next, we'll assign a priority number to each switch. This number determines which switch is the main one (active) and which is the backup (passive). The active switch handles configuration changes, while the passive one waits in case the active switch goes down.

Then, we'll configure the interfaces for the Virtual Switch Link (VSL). The number of interfaces needed depends on the switch model, usually between 2 to 8. You can check your switch's configuration guide for details. Here, I've used Ten Gig Interfaces 23 and 24 from both switches.

Finally, we'll switch the mode to virtual. This process backs up the old standalone switch configuration and reloads it when you remove the VSU setup later on. It's like putting the switch into a special mode where it behaves as part of a larger virtual unit.

On Switch 1:

Copy

sw_A> enable
sw_A# configure terminal
sw_A(config)# switch virtual domain 100
sw_A(config-vs-domain)# switch 1
sw_A(config-vs-domain)# switch 1 priority 200
sw_A(config-vs-domain)# switch 1 description sw_A
sw_A(config-vs-domain))# exit
sw_A(config)# vsl-port
sw_A(config-vsl-port)# port-member interface tengigabitethernet 0/23
sw_A(config-vsl-port)# port-member interface tengigabitethernet 0/24
sw_A(config)# exit
sw_A# switch convert mode virtual

On Switch 2:

Copy

sw_B> enable
sw_B# configure terminal
sw_B(config)# switch virtual domain 100
sw_B(config-vs-domain)# switch 2
sw_B(config-vs-domain)# switch 2 priority 150
sw_B(config-vs-domain)# switch 2 description sw_B
sw_B(config-vs-domain))# exit
sw_B(config)# vsl-port
sw_B(config-vsl-port)# port-member interface Tengigabitethernet 0/23
sw_B(config-vsl-port)# port-member interface Tengigabitethernet 0/24
sw_B(config-vsl-port)# exit
sw_B# switch convert mode virtual

Configuration VLAN

If you're here after reading my previous article, you might recall that we're planning to use separate VLANs for VM migration and CEPH. Now, let's dive into configuring those. If you haven't had a chance to read the previous article yet, you can find it here.

Copy

virtual_switch(config)# vlan 4
virtual_switch(config-vlan)# name migration
virtual_switch(config-vlan)# exit

virtual_switch(config)# vlan 5
virtual_switch(config-vlan)# name storage
virtual_switch(config-vlan)# exit

Configure Link Aggregation (LAG)

For simplicity, I'll demonstrate the LAG configuration for just one aggregate port, which we'll call aggregatePort3. However, in our setup, we've actually configured LAG for other aggregate ports as well, specifically aggregatePort 4, 5, 9, 10, and 11.

Link Aggregation is essential for increasing throughput and ensuring redundancy by combining multiple physical links into a single logical link. Let's walk through the steps:

1. Create a Port Group: Assign two ports from different switches to a group.

Copy

// Select an interface of switch 1
virtual_switch(config)# interface tenGigabitEthernet 1/0/3
virtual_switch(config-if-TenGigabitEthernet 1/0/3)# port-group 3 mode active 
virtual_switch(config-if-TenGigabitEthernet 1/0/3)# exit

// Select an interface of switch 2
virtual_switch(config)# interface tenGigabitEthernet 1/0/3
virtual_switch(config-if-TenGigabitEthernet 1/0/3)# port-group 3 mode active  // 3 is group ID 
virtual_switch(config-if-TenGigabitEthernet 1/0/3)# exit

Here, we've set up an active-active configuration. This means we're maximizing both throughput and failover safety.

2. Show Aggregate Port Status: Check the status of the aggregate port.

Copy

virtual_switch(config)# show aggregatePort 3 summary
// You can see switchport mode is access

3. Convert to Trunk Mode: Convert the access mode to trunk. Ruijie switches, LAG operates exclusively in Trunk mode and requires explicit setup.

Copy

virtual_switch(config)# interface aggregatePort3 
virtual_switch(config-if-AggregatePort 3)# switchport mode trunk
virtual_switch(config-if-AggregatePort 3)# switchport trunk allowed vlan add 4,5
virtual_switch(config-if-AggregatePort 3)# end

4. Save Configuration: Ensure all configurations are saved for persistence across reboots.

Copy

virtual_switch# write

And there you have it! With VSU for high availability and LAG for improved link utilization and redundancy, our hyperconverged infrastructure is becoming more resilient and efficient by the minute.

Stay tuned for more updates as we continue to fine-tune our setup and explore new horizons in the world of IT infrastructure.