Lab Manager User's Guide
5
Specify the access rights for the users and click OK.
If you share a configuration with users outside of the workspace in which the configuration was created,
you can only specify Read access. In addition, configurations created in Global can only be shared with
Read access.
6
Click OK and Done.
Configuration Networking
Before you deploy a configuration, it is helpful to understand how configuration networking works in
Lab Manager.
Physical Networks
In Lab Manager, physical networks represent physical networks connected to the vSphere datacenter.
These networks exist outside configurations and span configurations. Virtual machines that connect to the
same physical network can communicate with each other, even if the virtual machines belong to different
configurations.
The physical networks available to a configuration are based on the physical networks assigned to the
configuration's organization.
Physical networks are bound to virtual switches (vSwitches) on one or more ESX/ESXi hosts in Lab Manager.
You can bind a physical network to a single vSwitch per host, and you can only bind physical networks to
vSwitches with physical adapters. The adapter‐vSwitch association is made in vCenter, and the user must
make the correct association. You can also bind a physical network to a vNetwork Distributed Switch.
A vNetwork Distributed Switch functions like a single virtual switch across all associated hosts. This allows
virtual machines to maintain consistent network configuration as they migrate across multiple hosts.
When you bind, Lab Manager creates a portgroup on the vSwitch, or a dvPort group on the vNetwork
Distributed Switch, names it based on the Lab Manager physical network name, and reports that as the Name
in vCenter on the Network Properties page. If the Lab Manager physical network specifies a VLAN ID, Lab
Manager sets this on the portgroup or dvPort group. Lab Manager does not use or affect existing portgroups
on the vSwitch or vNetwork Distributed Switch.
Fencing Virtual Machines
When you deploy a configuration that includes a physical network, you can choose to isolate the configuration
virtual machines from other machines on the network. This prevents IP and MAC address conflicts that could
exist if multiple copies of the same machine are deployed at the same time.
Fencing a configuration isolates the virtual machines that are defined to be connected to the physical network
from the datacenter network using a virtual router (VR) and bidirectional network address translation (NAT).
Typically, you want to enable network fencing under these circumstances:
You have a configuration with one or more servers, and you anticipate cloning the configuration
numerous times.
You have a configuration involving a difficult and complex setup, and cloning the configuration is an
easier route than repeating the setup.
From a performance perspective, network fencing impacts the traffic flow between modules. Fencing requires
a slightly higher number of resources on the host, such as memory, CPU, and networking. If you enable fencing
but never use it, these resources are not consumed.
Virtual machines in a configuration have preconfigured (internal) IP addresses. When you deploy virtual
machines in fenced mode, Lab Manager assigns a unique external IP address to each of these machines.
Through these external addresses, virtual machines both inside and outside the fence can communicate with
each other. Lab Manager uses a virtual machine called a virtual router (VR) to route packets between these
virtual machines. Lab Manager configures the virtual router when you deploy a fenced configuration and
deletes it when you undeploy the configuration.
56
VMware, Inc.