Building a Private Cloud With System Center 2012 (Part 4)

By /

If you would like to read the other parts in this article series please go to:

Introduction

In the previous article in this series, I showed you how to build a logical network that could be used by the private cloud environment. The problem with this however, is that private clouds are designed to be multitenant. If all of the tenants shared the same network infrastructure then there would be a potential for problems such as security breaches or IP address overlaps. That being the case, we need to create some virtual networks that reside on top of the logical network that has already been created. In this article I will show you how.

Creating a Virtual Network

Begin the process of creating a virtual network by opening the Virtual Machine Manager console and selecting the VMs and Services tab. After doing so, go to the navigation section and expand the Tenants option, and then select VM Networks, as shown in Figure A.

Image
Figure A: Select the VM Networks option.

At this point, click on the Create VM Network icon found on the ribbon at the top of the console. This will cause Windows to launch the Create VM Network Wizard.

The wizard’s initial screen requires you to enter a name for the virtual network that you are creating. You can call the network anything that you want, but it is a good idea to use something descriptive and to enter a description of the virtual network’s purpose. For the purposes of this article I will be calling the virtual network Virtual Machine Network.

As you can see in Figure B, the virtual machine network must be bound to a logical network. Make sure that the logical network that you created earlier is selected and then click Next.

Image
Figure B: The virtual machine network must be bound to the previously created service network.

The next screen that you will see is very important. This screen is known as the Isolation screen. It controls the relationship between the virtual machine network and the service network. You can either allow the virtual machine network with direct access to the logical network or you can use a virtual routing domain to isolate the virtual machine network’s traffic. In our case, we need for the virtual machine network to be completely isolated from the underlying service network. Therefore, select the Isolate Using Hyper-V Network Virtualization option shown in Figure C. While you are at it, make sure to select the correct IP address type. This article series assumes the use of IPv4.

Image
Figure C: You must isolate the virtual machine network from the service network.

Click Next and you will be taken to the wizard’s VM Subnets screen. Click the Add button and you will be prompted to specify a subnet to be used. You can use any name that you want. For the purposes of this article, I am going to use the name ServiceNetwork. For the subnet field, I am entering 10.0.0.0/24, which is the same as is used by the service network. You can see what this looks like in Figure D.

Image
Figure D: Enter a name and a subnet.

Click Next and you will see the wizard’s Gateway screen. This screen normally allows you to choose how the virtual machines on the virtual network segment will communicate with the outside world. However, because we have chosen to isolate this segment the only option that is available is No Connectivity. As such, you don’t have to do anything on this screen aside from clicking Next.

You should now see the Summary screen. For whatever reason, the Summary screen only displays the name and the description of the virtual network that you are creating, so there isn’t really anything to review. Simply click Finish to create the virtual machine network. When you do, the virtual machine network should be displayed in the list of VM Networks as shown in Figure E.

Image
Figure E: The new virtual network appears on the list of VM networks.

What We’ve Done So Far

As explained at the beginning of this article series, a private cloud environment is designed to abstract hardware resources in a way that supports the self service provisioning of virtual machines. Up to this point we have been defining resources that will eventually be used by our private cloud. As you may recall, we previously defined some various classes of storage. Similarly, we just defined a virtual machine network. Now that these resources have been defined it is time to construct a private cloud around them.

Binding the Compute Resources to the Service Network

As you will recall, at the beginning of this article series we created a host group called Private Cloud. I then went on to add three lab servers to the host group.

The reason why we created a host group is because the host group defines the compute resources that will be available to the private cloud. As such, we have abstracted network, storage, and compute resources. The problem is however, that these resources were all created separately. As such, we need to bind our compute resources (the computers in the host group) to the virtual machine network that we just created.

Begin the process by selecting the VMs and Services workspace in the Virtual Machine Manager console. Next, expand the All Hosts container and expand the underlying host group. Right click on one of the computers within the host group and select the Properties command from the shortcut menu, as shown in Figure F.

Image
Figure F: Right click on a host server and select the Properties command from the resulting shortcut menu.

At this point, the host’s properties sheet will appear. Select the properties sheet’s Hardware tab and then expand the Network Adapters section, as shown in Figure G.

Image
Figure G: Locate the Network Adapters section.

Now, select the Logical Network option. Select the check box corresponding to the service network that you previously created, as shown in Figure H. You will also have to make sure that the previously created subnet is also selected.

Image
Figure H: You must enable the service network on any physical NICs that you want to use.

One thing to keep in mind as you perform this step is that it is common for servers to include multiple network adapters. As such, you will have to repeat this step for every network adapter that you want to be used by the private cloud. However, you must leave at least one network adapter unprovisioned. The reason is because Hyper-V needs an adapter that it can use to establish communications between the Hyper-V host and the Virtual Machine Manager server.

Conclusion

In this article, we have created a virtual machine network that exists on top of, but is isolated from, our previously created service network. We have also bound our compute resources to our service network. Now that we have defined a series of compute, storage, and network resources we can begin building our private cloud. I will show you how in Part 5.

If you would like to read the other parts in this article series please go to:

About The Author

Brien Posey is a freelance technology author and speaker with over two decades of IT experience. Prior to going freelance, Brien was a CIO for a national chain of hospitals and healthcare facilities. He has also served as a network engineer for the United States Department of Defense at Fort Knox. In addition, Brien has worked as a network administrator for some of the largest insurance companies in America. To date, Brien has received Microsoft’s MVP award numerous times in categories including Windows Server, IIS, Exchange Server, and File Systems / Storage. You can visit Brien’s Website at: www.brienposey.com.

Read Next

Static vs Dynamic IP Address

Static vs Dynamic IP Address

Most people are familiar with Internet Protocol (IP) Addresses, but many people don’t know you have 2 types. In this article, you’ll learn about static…

Read More »

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top