Is there a way to create isolated networks within the nutanix cluster that would allow communication only for the VMs that has a NIC connected to that network?
Find attached an example of what I mean if we were talking about ESXi
Thanks in advance!
Best answer by JeremyJ
View original
+4
Hi
That’s an interesting question. I wonder what the use case would be on a Nutanix cluster. Like in your example from vSphere, the network cannot extend beyond the individual host so VMs would have to be on the same host else they could not communicate. You might want to set a VM-to-VM affinity rule to keep them together if you need them to communicate to eachother.
If you look at the AHV networking guide, steps are provided for adding a second bridge (see the section for “2x 10 Gb and 2x 1 Gb separated”). The setup describes uses the 1G ethernet ports for the additional bridge br1, while primary networking uses the 10g ports br0. A similar approach using the “manage_ovs” utility in AOS is described in the AHV Administration Guide section titled “Creating an Open vSwitch Bridge”
If those 1g ports are not physically connected, or if you omit the step of adding ethernet interfaces to the bridge, you functionally have an isolated virtual switch the same as in your example vSphere setup.
To create the virtual network to use this isolated bridge, follow the steps in the AHV Administration Guide section “Creating a VLAN on a Custom Bridge (Non br0)”
If you wanted to have a cluster-wide isolated virtual network which *can* communicate between nodes in the cluster I would just suggest adding a vlan which has no gateway accessible to route beyond the VLAN. If only the AHV host ports are allowed to use this VLAN and no other physical ports are configured to allow that VLAN you will have an isolated cluster-wide network to use. In Prism just add a network from the VMs dashboard, Manage Networking link in the top right corner.
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
