Table of Contents
vCloud Director 8.0 is the latest version available for service providers and can be downloaded from here.
It’s been quite sometime that I am dealing with vCloud Director in our production environment and as well as my test lab. In past I have written a post on how to install vCloud Director 5.5. You can also read the entire vCloud Director post series from Here
Since v8 is out there in market for sometime, I decided to try my hands on it and implement that in my homelab.
There are various posts available on internet about what is vCloud Director and what it does. So I will not talk much about it and jump directly into action.
In this post we will be going to learn how to deploy vCloud Director with high availability.
Pre-requisites before installing vCloud Director:
1: Two server (for 2 vcd cells) with Redhat as guest operating system installed and configured. Hostname and DNS should be configured. Also make sure your Redhat guest os is syncing its time from NTP server.
2: The Redhat Server must have 2 NIC’s and each with different IP address (preferred) for HTTP and Console connection. This server should be reachable to your database server over the network.
3: vCloud Director installation file (bin file) downloaded and copied to server where it will be installed.
4: Certificates must be generated for http and console-proxy connection.
5: vCloud Director database configured.
6: Additional Redhat server (or any other Linux flavor) configured as NFS server.
Let’s see configuration of each component one by one.
vCloud Director database configuration
Run the following script on your SQL server to configure database for vcloud Director. In my lab I am running SQL 2014 as database.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
//Create Database USE [master] GO CREATE DATABASE [vcloud] ON PRIMARY (NAME = N’vcloud’, FILENAME = N’E:MSSQLVCDDBDatavcloud.mdf’, SIZE = 100MB, FILEGROWTH = 10% ) LOG ON (NAME = N’vcdb_log’, FILENAME = N’E:MSSQLVCDDBLogsvcloud.ldf’, SIZE = 1MB, FILEGROWTH = 10%) COLLATE Latin1_General_CS_AS GO //Set the transaction isolation level USE [vcloud] GO ALTER DATABASE [vcloud] SET SINGLE_USER WITH ROLLBACK IMMEDIATE; ALTER DATABASE [vcloud] SET ALLOW_SNAPSHOT_ISOLATION ON; ALTER DATABASE [vcloud] SET READ_COMMITTED_SNAPSHOT ON WITH NO_WAIT; ALTER DATABASE [vcloud] SET MULTI_USER; GO //Create the database user and password USE [vcloud] GO CREATE LOGIN [vcloud] WITH PASSWORD = ‘YourPWD’, DEFAULT_DATABASE =[vcloud], DEFAULT_LANGUAGE =[us_english], CHECK_POLICY=OFF GO CREATE USER [vcloud] for LOGIN [vcloud] GO //Assign permissions to the user USE [vcloud] GO sp_addrolemember [db_owner], [vcloud] GO |
Make sure your sql server is reachable from both vcd cells at port 1433
[root@vcd01 ~]# telnet sqlsrv01 1433
Trying 192.168.109.3…
Connected to sqlsrv01.
Escape character is ‘^]’
[root@vcd02 ~]# telnet sqlsrv01 1433
Trying 192.168.109.3…
Connected to sqlsrv01.
Escape character is ‘^]’
Create NFS Mounts
Login to your NFS server and create a directory which will be mounted as NFS share on VCD cell. I am running my NFS server on RHEL 6.
Verify the NFS Export settings
[root@vcdnfs ~]# cat /etc/exports
/home/data/ 192.168.109.0/24(rw,sync,no_root_squash)
Start NFS Services
[root@vcdnfs ~]# service nfs start
Starting NFS services: [ OK ]
Starting NFS quotas: [ OK ]
Starting NFS mountd: [ OK ]
Starting NFS daemon: [ OK ]
Starting RPC idmapd: [ OK ]
Make sure NFS service is set to start on system boot
[root@vcdnfs ~]# chkconfig nfs on
Generate Certificates on VCD cell
a: Certificate for http
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
[root@vcd01 ~]# keytool -keystore vcd.ks -storetype JCEKS -storepass vcl@2016 -validity 9999 -genkey -keyalg RSA -alias http What is your first and last name? [Unknown]: Alex Hunt What is the name of your organizational unit? [Unknown]: Cloud What is the name of your organization? [Unknown]: Virtual reality What is the name of your City or Locality? [Unknown]: Bangalore What is the name of your State or Province? [Unknown]: Karnataka What is the two-letter country code for this unit? [Unknown]: IN Is CN=Alex Hunt, OU=Cloud, O=Virtual reality, L=Bangalore, ST=Karnataka, C=IN correct? [no]: yes Enter key password for <http> (RETURN if same as keystore password) |
b: Certificate for console proxy
|
1 2 3 4 5 6 7 8 9 10 11 |
[root@vcd01 ~]# keytool -keystore vcd.ks -storetype JCEKS -storepass vcl@2016 -validity 9999 -genkey -keyalg RSA -alias consoleproxy What is your first and last name?[Unknown]: Alex Hunt What is the name of your organizational unit?[Unknown]: Cloud What is the name of your organization?[Unknown]: Virtual reality What is the name of your City or Locality?[Unknown]: Bangalore What is the name of your State or Province?[Unknown]: Karnataka What is the two-letter country code for this unit?[Unknown]: IN Is CN=" Alex Hunt", OU=Cloud, O=Virtual reality, L=Bangalore, ST=Karnataka, C=IN correct? [no]: yes Enter key password for <consoleproxy> (RETURN if same as keystore password): |
c: List the generated certificates
[root@vcd01 ~]# keytool -storetype JCEKS -storepass vcl@2016 -keystore vcd.ks -list
Keystore type: JCEKS
Keystore provider: SunJCE
Your keystore contains 2 entries
consoleproxy, Jun 4, 2016, PrivateKeyEntry,
Certificate fingerprint (SHA1): B5:66:36:28:D3:E1:6A:07:9A:16:9C:75:BA:BF:D9:95:3E:17:14:D6
http, Jun 4, 2016, PrivateKeyEntry,
Certificate fingerprint (SHA1): 45:FE:93:61:67:C3:49:D6:B3:D3:BF:5A:95:43:BE:B0:72:09:80:51
Install vCloud Director on First Cell
Run the vCloud Director bin file but don’t invoke configuration script as of now. We will invoke the script later after doing some modifications on server.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 |
[root@vcd01 ~]# ./vmware-vcloud-director-8.3.1-3168797.bin Checking free disk space…done Checking for a supported Linux distribution…Detected Red Hat Linux system done Checking for necessary RPM prerequisites…done Extracting VMware vCloud Director. Please wait, this could take a few minutes… vmware-vcloud-director-8.3.1-3168797.x86_64.rpm vmware-vcloud-director-rhel-8.3.1-3168797.x86_64.rpm done Verifying RPM signatures…done Installing the VMware vCloud Director RPMs… warning: vmware-vcloud-director-8.3.1-3168797.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID 66fd4949: NOKEY Preparing… ########################################### [100%] 1:vmware-vcloud-director-########################################### [ 50%] 2:vmware-vcloud-director ########################################### [100%] You should now run the configuration script (/opt/vmware/vcloud-director/bin/configure) to perform other required post-installation configuration. If you will be deploying a vCloud Director cluster you must mount the shared transfer server storage prior to running the configuration script. If this is a single server deployment no shared storage is necessary. If you are not ready to do this right now, you may run the script later prior to starting the vmware-vcd service. Would you like to run the script now? (y/n)? n Skipping. You may run the configuration script at a later time by executing /opt/vmware/vcloud-director/bin/configure |
Mount NFS share on vCloud Cell
a: List the NFS mount
[root@vcd01 transfer]# showmount -e 192.168.109.32
Export list for 192.168.109.32:
/home/data 192.168.109.0/24
b: Mount the NFS share in /opt/vmware/vcloud-director/data/transfer directory
[root@vcd01 transfer]# mount -t nfs 192.168.109.32:/home/data/ /opt/vmware/vcloud-director/data/transfer
c: Verify that NFS share has been mounted on VCD Cell
[root@vcd01 transfer]# mount | grep nfs
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
192.168.109.32:/home/data/ on /opt/vmware/vcloud-director/data/transfer type nfs (rw,vers=4,addr=192.168.109.32,clientaddr=192.168.109.30)
d: Mount the NFS share permanently on the vCD Cell by editing /etc/fstab file and making an entry as shown below
192.168.109.32:/home/data/ /opt/vmware/vcloud-director/data/transfer nfs defaults 0 0
e: Change the owner of transfer directory to vcloud user and set the permission to RW
[root@vcd01 ~]# chown -R vcloud:vcloud /opt/vmware/vcloud-director/data/transfer
[root@vcd01 ~]# chmod -R 750 /opt/vmware/vcloud-director/data/transfer
6: Move the certificate file which we generated in step 3 to /opt/vmware/vcloud-director. Why we need to do so is explained here
[root@vcd01 ~]# cp /root/vcd.ks /opt/vmware/vcloud-director/
Also import the public key from VMware
[root@vcd01 etc]# rpm –import https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-DSA-KEY.pub
[root@vcd01 etc]# rpm –import https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub
Invoke the vCD configuration script.
We need to specify following:
- IP Address for the HTTP service
- IP Address for the Console Proxy IP
- Location of the certificate keystore certificates.ks
- IP Address for the Syslog server (which I skipped as I dont have syslog server in lab)
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
[root@vcd01 ~]# /opt/vmware/vcloud-director/bin/configure Welcome to the vCloud Director configuration utility. You will be prompted to enter a number of parameters that are necessary to configure and start the vCloud Director service. Please indicate which IP address available on this machine should be used for the HTTP service and which IP address should be used for the remote console proxy. The HTTP service IP address is used for accessing the user interface and the REST API. The remote console proxy IP address is used for all remote console (VMRC) connections and traffic. Please enter your choice for the HTTP service IP address: 1. 192.168.108.15 2. 192.168.109.30 3. 192.168.122.1 4. 127.0.0.1 5. [fe80:0:0:0:250:56ff:febe:5869] 6. [fe80:0:0:0:250:56ff:febe:6964] 7. [0:0:0:0:0:0:0:1] Choice [default=1]: 2 Please enter your choice for the remote console proxy IP address: 1. 192.168.108.15 2. 192.168.122.1 3. 127.0.0.1 4. [fe80:0:0:0:250:56ff:febe:5869] 5. [fe80:0:0:0:250:56ff:febe:6964] 6. [0:0:0:0:0:0:0:1] Choice [default=1]: 1 Please enter the path to the Java keystore containing your SSL certificates and private keys: /opt/vmware/vcloud-director/vcd.ks Please enter the password for the keystore: If you would like to enable remote audit logging to a syslog host please enter the hostname or IP address of the syslog server. Audit logs are stored by vCloud Director for 90 days. Exporting logs via syslog will enable you to preserve them for as long as necessary. Syslog host name or IP address [press Enter to skip]: No syslog host was specified, disabling remote audit logging. Next is to specify the database details. The following database types are supported: 1. Oracle 2. Microsoft SQL Server 3. vPostgres Enter the database type [default=1]: 2 Enter the host (or IP address) for the database: sqlsrv01.alex.local Enter the database port [default=1433]: 1433 Enter the database name [default=vcloud]: vcloud Enter the database instance [Press enter to use the server’s default instance]: Using server’s default instance name. Enter the database username: vcloud Enter the database password: Connecting to the database: jdbc:jtds:sqlserver://192.168.109.3:1433/vcloud;socketTimeout=90;prepareSQL=2 …………………………………./Database configuration complete. vCloud Director configuration is now complete. Once the vCloud Director server has been started you will be able to access the first-time setup wizard at this URL: https://vcd01.alex.local Installer will ask you to start the VCD cell service. Press “Y” to continue Would you like to start the vCloud Director service now? If you choose not to start it now, you can manually start it at any time using this command: service vmware-vcd start Start it now? [y/n] y Starting vmware-vcd-watchdog: [ OK ] Starting vmware-vcd-cell [ OK ] The vCD service will be started automatically on boot. To disable this, use the following command: chkconfig –del vmware-vcd |
You can tail cell.log to see the startup progress.
|
1 2 3 4 5 6 7 8 9 10 11 |
[root@vcd01 ~]# tail -f /opt/vmware/vcloud-director/logs/cell.log Application startup event: Subsystem ‘com.vmware.vcloud.computeservice.broker’ startup initiated. Application startup begins: Subsystem ‘com.vmware.vcloud.computeservice.broker’ at 6/5/16 5:25 PM Application Initialization: ‘com.vmware.vcloud.computeservice.broker’ 50% complete. Subsystem ‘com.vmware.vcloud.backend-core-base’ started Application Initialization: ‘com.vmware.vcloud.computeservice.broker’ 100% complete. Subsystem ‘com.vmware.vcloud.computeservice.broker’ started Application Initialization: ‘com.vmware.vcloud.computeservice.broker’ complete. Server is ready in 0:00 (minutes:seconds) Application Initialization: ‘com.vmware.vcloud.common.core’ 95% complete. Subsystem ‘com.vmware.vcloud.jax-rs-servlet’ started Application Initialization: ‘com.vmware.vcloud.common.core’ 100% complete. Subsystem ‘com.vmware.vcloud.ui-vcloud-webapp’ started Application Initialization: ‘com.vmware.vcloud.common.core’ complete. Server is ready in 1:28 (minutes:seconds) Successfully posted pending audit events: com/vmware/vcloud/event/cell/start Successfully verified transfer spooling area: /opt/vmware/vcloud-director/data/transfer |
Installation of first cell has been completed here. Let’s see how to deploy additional cell for failover
Deploy Additional cell for failover
Copy the certificate file which you created on first vcd cell to your second vcd cell. Also copy the response.properties file to the second cell. The default location for response.properties file is /opt/vmware/vcloud-director/etc/
This file contains the location of the keystore certificates.ks and also the DB server information such as IP, Database instance name, login etc.
a: Install vCloud Director on second cell and press ‘n’ when it invokes for configuration script
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
[root@vcd02 ~]# ./vmware-vcloud-director-8.3.1-3168797.bin Checking free disk space…done Checking for a supported Linux distribution…Detected Red Hat Linux system done Checking for necessary RPM prerequisites…done Extracting VMware vCloud Director. Please wait, this could take a few minutes… vmware-vcloud-director-8.3.1-3168797.x86_64.rpm vmware-vcloud-director-rhel-8.3.1-3168797.x86_64.rpm done Verifying RPM signatures…done Installing the VMware vCloud Director RPMs… Preparing… ########################################### [100%] 1:vmware-vcloud-director-########################################### [ 50%] 2:vmware-vcloud-director ########################################### [100%] You should now run the configuration script (/opt/vmware/vcloud-director/bin/configure) to perform other required post-installation configuration. If you will be deploying a vCloud Director cluster you must mount the shared transfer server storage prior to running the configuration script. If this is a single server deployment no shared storage is necessary. If you are not ready to do this right now, you may run the script later prior to starting the vmware-vcd service. Would you like to run the script now? (y/n)? n Skipping. You may run the configuration script at a later time by executing /opt/vmware/vcloud-director/bin/configure |
b: Mount same NFS share in transfer directory which you mounted on cell-a
3: Invoke the configuration script with -r /path_to_response_file option. Make sure you copy response.properties file on /opt/vmware/vcloud-director/ folder. Also make the owner of the file vcloud user and assign appropriate permission on the file
[root@vcd02 vcloud-director]# chmod 755 /opt/vmware/vcloud-director/responses.properties
[root@vcd02 vcloud-director]# chown vcloud:vcloud /opt/vmware/vcloud-director/responses.properties
This time the configuration script will only ask for http and http_proxy ip.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
[root@vcd02 vcloud-director]# /opt/vmware/vcloud-director/bin/configure -r /opt/vmware/vcloud-director/responses.properties Welcome to the vCloud Director configuration utility. You will be prompted to enter a number of parameters that are necessary to configure and start the vCloud Director service. Please indicate which IP address available on this machine should be used for the HTTP service and which IP address should be used for the remote console proxy. The HTTP service IP address is used for accessing the user interface and the REST API. The remote console proxy IP address is used for all remote console (VMRC) connections and traffic. Please enter your choice for the HTTP service IP address: 1. 192.168.108.16 2. 192.168.109.31 3. 192.168.122.1 4. 127.0.0.1 Choice [default=1]: 2 Please enter your choice for the remote console proxy IP address: 1. 192.168.108.16 2. 192.168.122.1 3. 127.0.0.1 Choice [default=1]: 1 Connecting to the database: jdbc:jtds:sqlserver://192.168.109.3:1433/vcloud;socketTimeout=90;prepareSQL=2 DB credentials read successfully from response file. …Database configuration complete. vCloud Director configuration is now complete. Once the vCloud Director server has been started you will be able to access the first-time setup wizard at this URL: https://vcd02.alex.local Would you like to start the vCloud Director service now? If you choose not to start it now, you can manually start it at any time using this command: service vmware-vcd start Start it now? [y/n] y Starting vmware-vcd-watchdog: [ OK ] Starting vmware-vcd-cell [ OK ] The vCD service will be started automatically on boot. To disable this, use the following command: chkconfig –del vmware-vcd |
I hope you enjoyed reading this post. Feel free to share this on social media if it is worth sharing. Be sociable 
This is copy paste from articles . Please elaborate what and why we should upgrade to vcloud director 8 .
Which article are you referring here. Can’t you see all screenshots have been taken from my lab. Every component of my lab is running on my domain alex.local.
As far as why we use vCD 8.x is to get advantages of new features that were introduced in 8.x like leveraging use of ANS that is part of vCAN and also support for NSX 6.2
If you see the release notes of vCD 8.0 following advantages one is going to get:
vSphere 6.0 support: vCloud Director for Service Providers 8.0 adds support for vSphere 6.0 in backward compatibility mode.
NSX support: vCloud Director for Service Providers 8.0 adds support for NSX 6.1.4 in backward compatibility mode. This means that tenants’ consumption capability is unchanged and remains at the vCloud Networking and Security feature level of vCloud Director 5.6.
Organization virtual data center templates: Allows system administrators to create organization virtual data center templates, including resource delegation, that organization users can deploy to create new organization virtual data centers.
vApp enhancements: Enhancements to vApp functionality, including the ability to reconfigure virtual machines within a vApp, and network connectivity and virtual machine capability during vApp instantiation.
OAuth support for identity sources: Support added for OAuth2 tokens.
Tenant throttling: : Prevents a single tenant from consuming all of the resources for a single instance of vCloud Director and ensures fairness of execution and scheduling among tenants.
And I will be happy if you can tell me which article I have copied here. If you cant appreciate work of someone then dont blame unnecessarily.
Hi,
I am looking for some good information on vCloud Air and vRealize Suite.
Please share the information if you have it.
Thank you
Harikishan