How to Create a vSwitch in VMware – Ansible

In my last blog post, I demonstrated how to create an Ansible Playbook that automated several VMware ESXi configuration tasks commonly used. Another time-consuming task can be the creation of vSwitches and VM PortGroups on an ESXi host, hence the power of using Ansible for a consistent and repeatable process.

What is a vSwitch?

A vSwitch provides network connectivity of hosts and virtual machines via physical connected NICs to uplink ports on the upstream physical switch.

Create Virtual Switches – vSwitch

There are several factors to consider when it comes to creating virtual switches (ie. number of physical network adapters, traffic shaping, data isolation and vendor best practises).

During a typical installation of VMware ESXi, the default vSwitch0 is created with a single network adapter assigned to the vSwitch. The creation of additional vSwitches and adapter assignment is dependent on the hardware. In my environment, I have ESXi installed on a host with 10 physical network adapters.

Since I have several network adapters available, I am going to create several vSwitches following several best practices.

vSwitch0 – Management and vMotion (2 network adapters for redundancy)

vSwitch1 – VMDATA VMs (2 network adapters for redundancy)

vSwitch2 – NFS Storage Traffic (2 network adapters for redundancy)

vSwitch3 – iSCSIA Storage (1 network adapter)

vSwitch4 – iSCSIB Storage (1 network adapter)

vSwitch0 – Add redundant Network Adapter

As seen in the screenshot, my vSwitch0 only has one network adapter assigned. Lets continue adding on the ansible playbook I created in my previous blog post.

The “community.vmware.vmware_vswitch” module can be used to configure vswitch settings on VMware ESXi hosts.

# Create vSwitch0 and add Network Adapters
  - name: Add a VMware vSwitch to a specific host system with active/standby teaming - vSwitch0
    community.vmware.vmware_vswitch:
      validate_certs: '{{ validate_certs }}'
      hostname: "{{ item.name }}"
      username: "{{ esxi_username }}"
      password: "{{ esxi_password }}"
      switch_name: '{{ vSwitch0 }}'
      nic_name:
        - vmnic8
        - vmnic9
      teaming:
        active_adapters:
          - vmnic8
        standby_adapters:
          - vmnic9
      traffic_shaping:
        enabled: true
        average_bandwidth: 100000
        peak_bandwidth: 100000
        burst_size: 102400    
    delegate_to: localhost
    loop: '{{ esxi_info }}'

The ansible playbook assigned / added the redundant network adpater.

How to Create vSwitch1

We typically keep Management and vMotion traffic on vSwitch0 and what I call VMDATA or Production Data PortGroups on a seperate vSwitch.

The “community.vmware.vmware_vswitch” module can be used to configure vswitch settings on VMware ESXi hosts.

# Create vSwitch1 and add Network Adapters
  - name: Add a VMware vSwitch to a specific host system with active/standby teaming - vSwitch1
    community.vmware.vmware_vswitch:
      validate_certs: '{{ validate_certs }}'
      hostname: "{{ item.name }}"
      username: "{{ esxi_username }}"
      password: "{{ esxi_password }}"
      switch_name: '{{ vSwitch1 }}'
      nic_name:
        - vmnic2
        - vmnic3
      teaming:
        active_adapters:
          - vmnic2
        standby_adapters:
          - vmnic3
    delegate_to: localhost
    loop: '{{ esxi_info }}'

How to Create vSwitch2

# Create vSwitch2 and add Network Adapters 
  - name: Add a VMware vSwitch to a specific host system with active/standby teaming - vSwitch2
    community.vmware.vmware_vswitch:
      validate_certs: '{{ validate_certs }}'
      hostname: "{{ item.name }}"
      username: "{{ esxi_username }}"
      password: "{{ esxi_password }}"
      switch_name: '{{ vSwitch2 }}'
      nic_name:
        - vmnic4
        - vmnic5
      teaming:
        active_adapters:
          - vmnic4
        standby_adapters:
          - vmnic5
    delegate_to: localhost
    loop: '{{ esxi_info }}'

What is a VM PortGroup?

A port group is a feature of a virtual switch(vSwitch) that can have specific policy’s (traffic shaping, security, teaming) and can be tagged to a specific VLAN.

Now that I have created virtual switches on my VMware ESXi host, I can continue building on my Ansible playbook by adding task’s to create PortGroups, VLANs and vSwitch assignments.

Create NFS Storage PortGroup

If you don’t already have direct attached storage, one the first things to do is add some. I need to create a PortGroup for NFS traffic, then create a vmkernel port with a static IP address. This will allow me to mount a NFS target for datastores.

The “community.vmware.vmware_portgroup” module can be used to configure vmware portgroup settings on VMware ESXi hosts.

#Create NFS VM PortGroup 
  - name: Add NFS Storage VM Portgroup 
    community.vmware.vmware_portgroup:
      validate_certs: '{{ validate_certs }}'
      hosts: "{{ item.name }}"
      hostname: "{{ item.name }}"
      username: "{{ esxi_username }}"
      password: "{{ esxi_password }}"
      switch: "{{ vSwitch2 }}"
      portgroup: "{{ NFSPortGroup }}"
      vlan_id: "{{ nfs_vlan }}"
      security:
        promiscuous_mode: False
        mac_changes: False
        forged_transmits: False
      traffic_shaping:
        enabled: True
        average_bandwidth: 100000
        peak_bandwidth: 100000
        burst_size: 102400
      teaming:
        load_balancing: failover_explicit
        network_failure_detection: link_status_only
        notify_switches: true
        failback: true
        active_adapters:
            - vmnic9
            #- vusb0
        standby_adapters:
            - vmnic8 
    register: teaming_result
    delegate_to: localhost
    loop: '{{ esxi_info }}'
#Create NFS vmKernel using Static Network Type
  - name: Add NFS vmkernel port using static network type
    community.vmware.vmware_vmkernel:
      validate_certs: '{{ validate_certs }}'
      hostname: "{{ item.name }}"
      esxi_hostname: "{{ item.name }}"
      username: "{{ esxi_username }}"
      password: "{{ esxi_password }}"
      vswitch_name: "{{ vSwitch0 }}"
      portgroup_name: "{{ NFSPortGroup }}"
      network:
       type: 'static'
       ip_address: '{{ item.nfs_ip }}'
       subnet_mask: '{{ item.netmask }}'
      state: present
    delegate_to: localhost
    loop: '{{ esxi_info }}'

Mount NFS DataStore

#Mount NFS DataStore. Storage must have NFS Datastores created.    
  - name: Mount NFS datastores to ESXi 
    community.vmware.vmware_host_datastore:
      <<: *esxi_login
      datastore_name: '{{ ext_storage_ds_name }}'
      datastore_type: '{{ ext_storage_ds_type }}'
      nfs_server: '{{ ext_storage_nfs_server }}'
      nfs_path: '{{ ext_storage_nfs_path }}'
      nfs_ro: no
      esxi_hostname: '{{ item.name }}'
      state: present
    delegate_to: localhost
    loop: '{{ esxi_info }}'

Create VMDATA PortGroup

For the remaining Production VM PortGroups / VLANs, just copy and paste the following in your ansible playbook.

#Create Application Port Group. Used for VMs Network Traffic.
  - name: Add Application Portgroup with all settings defined.
    community.vmware.vmware_portgroup:
      <<: *esxi_login
      esxi_hostname: "{{ item.name }}"
      switch: "{{ vSwitch0 }}"
      portgroup: "{{ ApplicationPortGroup }}"
      vlan_id: '{{ apps_vlan }}'
      security:
        promiscuous_mode: False
        mac_changes: False
        forged_transmits: False
      traffic_shaping:
        enabled: True
        average_bandwidth: 100000
        peak_bandwidth: 100000
        burst_size: 102400
      teaming:
        load_balancing: failover_explicit
        network_failure_detection: link_status_only
        notify_switches: true
        failback: true
        active_adapters:
            - vmnic8
            #- vusb0
        standby_adapters:
            - vmnic9
    delegate_to: localhost
    register: teaming_result
    loop: '{{ esxi_info }}'

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top