Deploy SDN using Windows Admin Center

Applies to: Azure Stack HCI, versions 21H2 and 20H2

This article describes how to deploy Software Defined Networking (SDN) through Windows Admin Center after you configured your Azure Stack HCI cluster. Windows Admin Center enables you to deploy all the SDN infrastructure components on your existing Azure Stack HCI cluster, in the following deployment order:

  • Network Controller
  • Software Load Balancer (SLB)
  • Gateway

To deploy SDN Network Controller during cluster creation, see Step 5: SDN (optional) of the Create cluster wizard.

Alternatively, you can deploy the entire SDN infrastructure through the SDN Express scripts.

You can also deploy an SDN infrastructure using System Center Virtual Machine Manager (VMM). For more information, see Manage SDN resources in the VMM fabric.

Important

You can't use Microsoft System Center VMM 2019 to manage clusters running Azure Stack HCI, version 21H2 or Windows Server 2022. You can use Microsoft System Center VMM 2022 instead, which is currently in preview.

Important

You can't use Microsoft System Center VMM 2019 and WAC to manage SDN at the same time.

Before you begin

Before you begin an SDN deployment, plan out and configure your physical and host network infrastructure. Reference the following articles:

Requirements

The following requirements must be met for a successful SDN deployment:

  • All server nodes must have Hyper-V enabled
  • All server nodes must be joined to Active Directory
  • A virtual switch must be created
  • The physical network must be configured

Create the VHDX file

SDN uses a VHDX file containing the Azure Stack HCI operating system (OS) as a source for creating the SDN virtual machines (VMs). The version of the OS in your VHDX must match the version used by the Azure Stack HCI Hyper-V hosts. This VHDX file is used by all SDN infrastructure components.

If you've downloaded and installed the Azure Stack HCI OS from an ISO, you can create the VHDX file using the Convert-WindowsImage utility. The following shows an example of using Convert-WindowsImage:

Install-Module -Name Convert-WindowsImage
Import-Module Convert-WindowsImage

$wimpath = "E:\sources\install.wim"
$vhdpath = "D:\temp\AzureStackHCI.vhdx"
$edition=1
Convert-WindowsImage -SourcePath $wimpath -Edition $edition -VHDPath $vhdpath -SizeBytes 500GB -DiskLayout UEFI

Note

You must run this script from a Windows client computer. You will probably need to run this as Administrator and to modify the execution policy for scripts using the Set-ExecutionPolicy command.

Deploy SDN Network Controller

SDN Network Controller deployment is a functionality of the SDN Infrastructure extension in Windows Admin Center. Complete the following steps to deploy Network Controller on your existing Azure Stack HCI cluster.

  1. In Windows Admin Center, under Tools, select Settings, and then select Extensions.

  2. On the Installed Extensions tab, verify that the SDN Infrastructure extension is installed. If not, install it.

  3. In Windows Admin Center, under Tools, select SDN Infrastructure, then click Get Started.

  4. Under Cluster settings, under Host, enter a name for the Network Controller. This is the DNS name used by management clients (such as Windows Admin Center) to communicate with Network Controller. You can also use the default populated name.

    SDN deployment wizard in Windows Admin Center

  5. Specify a path to the Azure Stack HCI VHD file. Use Browse to find it quicker.

  6. Specify the number of VMs to be dedicated for Network Controller. We strongly recommend three VMs for production deployments.

  7. Under Network, enter the VLAN ID of the management network. Network Controller needs connectivity to same management network as the Hyper-V hosts so that it can communicate and configure the hosts.

  8. For VM network addressing, select either DHCP or Static.

    • For DHCP, enter the name for the Network Controller VMs. You can also use the default populated names.

    • For Static, do the following:

      1. Specify an IP address.
      2. Specify a subnet prefix.
      3. Specify the default gateway.
      4. Specify one or more DNS servers. Click Add to add additional DNS servers.
  9. Under Credentials, enter the username and password used to join the Network Controller VMs to the cluster domain.

  10. Enter the local administrative password for these VMs.

  11. Under Advanced, enter the path to the VMs. You can also use the default populated path.

  12. Enter values for MAC address pool start and MAC address pool end. You can also use the default populated values. This is the MAC pool used to assign MAC addresses to VMs attached to SDN networks.

  13. When finished, click Next: Deploy.

  14. Wait until the wizard completes its job. Stay on this page until all progress tasks are complete, and then click Finish.

Redeploy SDN Network Controller

If the Network Controller deployment fails or you want to deploy it again, do the following:

  1. Delete all Network Controller VMs and their VHDs from all server nodes.

  2. Remove the following registry key from all hosts by running this command:

     Remove-ItemProperty -path 'HKLM:\SYSTEM\CurrentControlSet\Services\NcHostAgent\Parameters\' -Name Connections
    
  3. Run the deployment wizard again.

Deploy SDN Software Load Balancer

SDN SLB deployment is a functionality of the SDN Infrastructure extension in Windows Admin Center. Complete the following steps to deploy SLB on your existing Azure Stack HCI cluster.

Note

Network Controller must be set up before you configure SLB.

  1. In Windows Admin Center, under Tools, select Settings, and then select Extensions.

  2. On the Installed Extensions tab, verify that the SDN Infrastructure extension is installed. If not, install it.

  3. In Windows Admin Center, under Tools, select SDN Infrastructure, then click Get Started on the Load Balancer tab.

  4. Under Load Balancer Settings, under Front-End subnets, provide the following:

    • Public VIP subnet prefix. This could be public Internet subnets. They serve as the front end IP addresses for accessing workloads behind the load balancer, which use IP addresses from a private backend network.

    • Private VIP subnet prefix. These don’t need to be routable on the public Internet because they are used for internal load balancing.

  5. Under BGP Router Settings, enter the SDN ASN for the SLB. This ASN is used to peer the SLB infrastructure with the Top of the Rack switches to advertise the Public VIP and Private VIP IP addresses.

  6. Under BGP Router Settings, enter the IP Address and ASN of the Top of Rack switch. SLB infrastructure needs these settings to create a BGP peer with the switch. If you have an additional Top of Rack switch that you want to peer the SLB infrastructure with, add IP Address and ASN for that switch as well.

  7. Under VM Settings, specify a path to the Azure Stack HCI VHDX file. Use Browse to find it quicker.

  8. Specify the number of VMs to be dedicated for software load balancing. We strongly recommend at least two VMs for production deployments.

  9. Under Network, enter the VLAN ID of the management network. SLB needs connectivity to same management network as the Hyper-V hosts so that it can communicate and configure the hosts.

  10. For VM network addressing, select either DHCP or Static.

    • For DHCP, enter the name for the Network Controller VMs. You can also use the default populated names.

    • For Static, do the following:

      1. Specify an IP address.
      2. Specify a subnet prefix.
      3. Specify the default gateway.
      4. Specify one or more DNS servers. Click Add to add additional DNS servers.
  11. Under Credentials, enter the username and password that you used to join the Software Load Balancer VMs to the cluster domain.

  12. Enter the local administrative password for these VMs.

  13. Under Advanced, enter the path to the VMs. You can also use the default populated path.

  14. When finished, click Next: Deploy.

  15. Wait until the wizard completes its job. Stay on this page until all progress tasks are complete, and then click Finish.

Deploy SDN Gateway

SDN Gateway deployment is a functionality of the SDN Infrastructure extension in Windows Admin Center. Complete the following steps to deploy SDN Gateways on your existing Azure Stack HCI cluster.

Note

Network Controller and SLB must be set up before you configure Gateways.

  1. In Windows Admin Center, under Tools, select Settings, then select Extensions.

  2. On the Installed Extensions tab, verify that the SDN Infrastructure extension is installed. If not, install it.

  3. In Windows Admin Center, under Tools, select SDN Infrastructure, then click Get Started on the Gateway tab.

  4. Under Define the Gateway Settings, under Tunnel subnets, provide the GRE Tunnel Subnets. IP addresses from this subnet are used for provisioning on the SDN gateway VMs for GRE tunnels. If you don't plan to use GRE tunnels, put any placeholder subnets in this field.

  5. Under BGP Router Settings, enter the SDN ASN for the Gateway. This ASN is used to peer the gateway VMs with the Top of the Rack switches to advertise the GRE IP addresses. This field is auto populated to the SDN ASN used by SLB.

  6. Under BGP Router Settings, enter the IP Address and ASN of the Top of Rack switch. Gateway VMs need these settings to create a BGP peer with the switch. These fields are auto populated from the SLB deployment wizard. If you have an additional Top of Rack switch that you want to peer the gateway VMs with, add IP Address and ASN for that switch as well.

  7. Under Define the Gateway VM Settings, specify a path to the Azure Stack HCI VHDX file. Use Browse to find it quicker.

  8. Specify the number of VMs to be dedicated for gateways. We strongly recommend at least two VMs for production deployments.

  9. Enter the value for Redundant Gateways. Redundant gateways don't host any gateway connections. In event of failure or restart of an active gateway VM, gateway connections from the active VM are moved to the redundant gateway and the redundant gateway is then marked as active. In a production deployment, we strongly recommend to have at least one redundant gateway.

  10. Under Network, enter the VLAN ID of the management network. Gateways needs connectivity to same management network as the Hyper-V hosts and Network Controller VMs.

  11. For VM network addressing, select either DHCP or Static.

    • For DHCP, enter the name for the Gateway VMs. You can also use the default populated names.

    • For Static, do the following:

      1. Specify an IP address.
      2. Specify a subnet prefix.
      3. Specify the default gateway.
      4. Specify one or more DNS servers. Click Add to add additional DNS servers.
  12. Under Credentials, enter the username and password used to join the Gateway VMs to the cluster domain.

  13. Enter the local administrative password for these VMs.

  14. Under Advanced, provide the Gateway Capacity. It is auto populated to 10 Gbps. Ideally, you should set this value to approximate throughput available to the gateway VM. This value may depend on various factors, such as physical NIC speed on the host machine, other VMs on the host machine and their throughput requirements.

  15. Enter the path to the VMs. You can also use the default populated path.

  16. When finished, click Next: Deploy the Gateway.

  17. Wait until the wizard completes its job. Stay on this page until all progress tasks are complete, and then click Finish.

Next steps