VMware vCloud Director - 1.5 User’s Guide

vCloud Director User's Guide

vCloud Director 1.5

This document supports the version of each product listed and
supports all subsequent versions until the document is replaced
by a new edition. To check for more recent editions of this
document, see http://www.vmware.com/support/pubs.

EN-000635-00

vCloud Director User's Guide

You can find the most up-to-date technical documentation on the VMware Web site at:

http://www.vmware.com/support/

The VMware Web site also provides the latest product updates.

If you have comments about this documentation, submit your feedback to:

docfeedback@vmware.com

Copyright © 2010, 2011 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and
intellectual property laws. VMware products are covered by one or more patents listed at

http://www.vmware.com/go/patents.

VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks
and names mentioned herein may be trademarks of their respective companies.

VMware, Inc.

3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com

2 VMware, Inc.

Contents

vCloud Director User's Guide 7

Getting Started with vCloud Director 9

1

Understanding VMware vCloud Director 9

Log In to the Web Console 10

Using vCloud Director 10

Set Mozilla Firefox Options 11

Set Microsoft Internet Explorer Options 12

Set User Preferences 13

Change Your Password 13

Managing Users and Groups 15

2

Managing Users 15

Working with Groups 18

Managing Cloud Resources 21

3

Managing Virtual Datacenters 21

Managing Organization Networks 22

Managing Expired Items 36

Working in an Organization 37

4

Understanding Leases 37

Set Up an Organization 38

Review Your Organization Profile 40

Modify Your Email Settings 41

Modify Your Organization's Policies 41

Set Default Domain for Organization Virtual Machines 42

Manage Users and Groups in Your Organization 42

Manage Resources in Your Organization 42

Manage Virtual Machines in Your Organization 43

Viewing Organization Log Tasks and Events 43

VMware, Inc.

Working with Catalogs 45

5

Add a New Catalog 45

Access a Catalog 46

Publish a Catalog 46

Share A Catalog 47

Change the Owner of a Catalog 47

Delete a Catalog 48

Modify the Properties of Your Catalog 48

Understanding Catalogs and Their Contents 48

3

vCloud Director User's Guide

Working in Published Catalogs 49

Working with Media Files 51

6

Upload Media Files 51

Resume the Upload of a Media File 52

Copy Media Files to a Catalog 52

Move Media Files to Another Catalog 52

Delete Media Files 53

Modify Media File Properties 53

Working with vApp Templates 55

7

Open a vApp Template 55

Add a vApp Template to My Cloud 56

Download a vApp Template 56

Upload an OVF Package as a vApp Template 57

Resume the Upload of a vApp Template 57

Copy a vApp Template from a Public Catalog to an Organization Catalog 58

Copy a vApp Template Between an Organization's Catalogs 58

Move a vApp Template Between an Organization's Catalogs 59

Delete a vApp Template 59

Save a vApp as a vApp Template 59

Modify vApp Template Properties 60

Working with vApps 61

8

Create a vApp From a vApp Template 62

Create a New vApp 62

Copy a vApp 64

Start a vApp 64

Start a vApp with an Older Version of VMware Tools 64

Stop a vApp 65

Suspend a vApp 65

Discard the Suspended State of a vApp 65

Reset a vApp or Virtual Machine 66

View vApp Virtual Machines 66

Add Virtual Machines to a vApp 66

Remove Virtual Machines from a vApp 67

Set vApp Start and Stop Options 67

Working with Networks in a vApp 68

Display a vApp Diagram 78

Modify a vApp Name and Description 78

Modify vApp OVF Environment Properties 79

Reset vApp Leases 79

Share a vApp 79

Change the Owner of a vApp 80

Upgrade the Virtual Hardware Version for a vApp 80

Save vApp as a vApp Template to Your Catalog 81

Copy a vApp to Another vDC 81

Move a vApp to Another vDC 81

4 VMware, Inc.

Delete a vApp 82

Contents

Working with Virtual Machines 83

9

Open a Virtual Machine Console 84

Power On a Virtual Machine 84

Power Off a Virtual Machine 84

Reset a vApp or Virtual Machine 85

Suspend a Virtual Machine 85

Resume a Suspended Virtual Machine 85

Discard the Suspended State of a Virtual Machine 85

Insert a CD/DVD 86

Eject a CD/DVD 86

Insert a Floppy 86

Eject a Floppy 86

Upgrade the Virtual Hardware Version for a Virtual Machine 87

Connect Remotely to a Virtual Machine 87

Copy or Move a Virtual Machine to a vApp 87

Delete a Virtual Machine 88

Modify Virtual Machine General Properties 88

Modify Virtual Machine CPUs and Memory 89

Modify Virtual Machine OVF Environment Properties 89

Configuring Virtual Machine Resource Allocation Settings 90

Modifying Virtual Machine Hard Disks 91

Modifying Virtual Machine Network Interfaces 92

Installing VMware Tools 94

Guest Operating Systems 104

Index 115

VMware, Inc. 5

vCloud Director User's Guide

6 VMware, Inc.

vCloud Director User's Guide

The VMware vCloud Director User's Guide provides information about managing organizations, catalogs, vApps,
and virtual machines.

Intended Audience

This book is intended for anyone who wants to set up and configure organizations in
VMware vCloud Director. The information in this book is written for non-system administrators, including
organization administrators who will create and set up vApps, catalogs, and virtual machines.

VMware, Inc. 7

vCloud Director User's Guide

8 VMware, Inc.

Getting Started with vCloud Director 1

When you log in to the vCloud Director Web console, the Home tab provides access to your resources and
links to common tasks.

You can also set your user preferences and view the product help.

This chapter includes the following topics:

n

“Understanding VMware vCloud Director,” on page 9

n

“Log In to the Web Console,” on page 10

n

“Using vCloud Director,” on page 10

n

“Set Mozilla Firefox Options,” on page 11

n

“Set Microsoft Internet Explorer Options,” on page 12

n

“Set User Preferences,” on page 13

n

“Change Your Password,” on page 13

Understanding VMware vCloud Director

VMware® vCloud Director provides role-based access to a Web console that allows the members of an
organization to interact with the organization's resources to create and work with vApps and virtual machines.

Before you can access your organization, a vCloud Director system administrator must create the organization,
assign it resources, and provide the URL to access the Web console. Each organization includes one or more
organization administrators, who finishes setting up the organization by adding members and setting policies
and preferences. After the organization is set up, non-administrator users can log in to create, use, and manage
virtual machines and vApps.

Organizations

An organization is a unit of administration for a collection of users, groups, and computing resources. Users
authenticate at the organization level, supplying credentials established by an organization administrator
when the user was created or imported. System administrators create and provision organizations, while
organization administrators manage organization users, groups, and catalogs.

Users and Groups

An organization can contain an arbitrary number of users and groups. Users can be created locally by the
organization administrator or imported from a directory service such as LDAP. Groups must be imported from
the directory service. Permissions within an organization are controlled through the assignment of rights and
roles to users and groups.

VMware, Inc.

9

vCloud Director User's Guide

Virtual Datacenters

An organization virtual datacenter (vDC) provides resources to an organization. vDCs provide an environment
where virtual systems can be stored, deployed, and operated. They also provide storage for virtual media,
such as floppy disks and CD ROMs. An organization can have multiple vDCs.

Organization Networks

An organization network is contained within a vCloud Director organization and is available to all the vApps
in the organization. An organization network allows vApps within an organization to communicate with each
other. An organization network can be connected to an external network or isolated and internal to the
organization. Only system administrators can create organization networks, but organization administrators
can manage organization networks, including the network services they provide.

vApp Networks

A vApp network is contained within a vApp and allows virtual machines in the vApp to communicate with
each other. You can connect a vApp network to an organization network to allow the vApp to communicate
with other vApps in the organization and outside of the organization, if the organization network is connected
to an external network.

Catalogs

Organizations use catalogs to store vApp templates and media files. The members of an organization that have
access to a catalog can use the catalog's vApp templates and media files to create their own vApps.
Organizations administrators can copy items from public catlogs to their organization catalog.

Log In to the Web Console

Use the organization URL to log in to your organization and access the Web console.

Contact your organization administrator if you do not know the organization URL.

Procedure

1 In a browser, type the URL of your organization and press Enter.

For example, type https://cloud.example.com/cloud/org/myOrg.

2 Type your user name and password and click Login. .

What to do next

The Web console displays a list of the common tasks and resources available to you based on your role. An
organization administrator can click the Set up this organization link on the Home tab to finish setting up a
newly created organization. See “Set Up an Organization,” on page 38 for more information.

Using vCloud Director

When you log into vCloud Director, the first page you see is the Home page. The information that appears on
this page are the most common tasks for your role.

Organization administrators see the Set up this organization link as their first task. They also see tasks under
these headings.

n

Organizations and resources

n

Content

n

Users & Groups

10 VMware, Inc.

The vApps in your organization are displayed for easy access.

Catalog authors see links to these tasks.

n

Add Cloud Computer System

n

Build new vApp

n

Manage Catalogs

n

New Catalog

vApp authors see links to these tasks.

n

Add Cloud Computer System

n

Build new vApp

vApp users see links to these tasks.

n

Add Cloud Computer System

The vApps in your organization are displayed for easy access.

Console Access Only users have a read-only access to vCloud Director.

Set Mozilla Firefox Options

Chapter 1 Getting Started with vCloud Director

These options and settings help you display and use the vCloud Director Web console in Mozilla Firefox.

Prerequisites

You have the following.

n

At least Firefox 3.x

n

SSL 3.0 Encryption

n

TLS 1.0 Encryption

Procedure

1 In Firefox, select Tools > Options.

2 Click Content and select the JavaScript check box.

3 Click Privacy.

4 In the Firefox will: drop-down menu, select Use custom settings for history.

5 Select the Accept cookies from sites.

This selection also selects the Accept third-party cookies check box.

6 Click OK.

Bypass the Proxy in Mozilla Firefox

You can configure the Firefox proxy server to bypass certain Web addresses.

If all of these conditions exist, you can configure Firefox to bypass specific Web addresses.

n

The internal network is configured with a proxy server to access the external network.

n

The browser's proxy server connection has no local exceptions.

n

The proxy is not configured to look in the internal network after not finding or connecting to the target
on the external network.

n

The user looks for a target on the internal network using Firefox.

VMware, Inc. 11

vCloud Director User's Guide

Procedure

1 Select an option.

Operating System Action

Windows

Linux

Tools > Options

Edit > Preferences

2 Click the Advanced button.

3 On the Network tab, click the Settings button.

4 Enter the IP of the cell or load balancer in the No Proxy for: field.

The specified Web addresses are bypassed by the Firefox proxy server.

Set Microsoft Internet Explorer Options

These options help you display and use the vCloud Director Web console in Microsoft Internet Explorer.

You have the following.

n

At least Internet Explorer 7.

n

SSL 3.0 Encryption

n

TLS 1.0 Encryption

Procedure

1 In Internet Explorer, select Tools > Internet Options.

2 Click the Security tab.

3 Select the Internet content zone for the vCloud Director server.

4 Click Custom Level and select Enable or Prompt for these options.

n

Download signed ActiveX controls

n

Run ActiveX controls and plug-ins

n

Allow META REFRESH

n

Active scripting of Microsoft web browser control

5 Click OK.

6 Click the Advanced tab.

7 If you are using Internet Explorer on Windows 2003, complete these tasks.

a Select Start > Settings > Control Panel.

b Select Add or Remove Programs.

c Click Add/Remove Windows Components.

d Disable Internet Explorer Enhanced Security Configuration.

Bypass the Proxy in Internet Explorer

You can configure the Internet Explorer proxy server to bypass certain Web addresses.

If all of these conditions exist, you can configure Internet Explorer to bypass specific Web addresses.

n

The internal network is configured with a proxy server to access the external network.

12 VMware, Inc.

Chapter 1 Getting Started with vCloud Director

n

The browser's proxy server connection has no local exceptions.

n

The proxy is not configured to look in the internal network after not finding or connecting to the target
on the external network.

n

The user looks for a target on the internal network using Internet Explorer.

Procedure

1 Type the IP address of the cell or load balancer so that VMware Remote Console (VMRC) can bypass the

proxy setting.

2 Select Tools > Internet Options.

3 On the Connections tab, click LAN Settings in the bottom panel.

4 In the Proxy Server panel, click Advanced.

5 In the Exception panel, in the Do not use proxy server for addresses beginning with: text box, type the

IP address of the cell or load balancer.

If the configuration management vehicle supports the use of regular expressions, you must type the DNS
name of the cell or load balancer.

6 Click OK.

The specified Web addresses are bypassed by the Internet Explorer proxy server.

Set User Preferences

You can set certain display and system alerts preferences that take effect every time you log in to the system.

Procedure

1 In the title bar of the Web console, click Preferences.

2 Click the Defaults tab.

3 Select the page to display when you log in.

4 Select the number of days or hours before a runtime lease expires that you want to receive an email

notification.

5 Select the number of days or hours before a storage lease expires that you want to receive an email

notification.

6 Click OK.

Change Your Password

If you have a local (non-LDAP) user account, you can change your password.

Procedure

1 Log in to your organization.

2 In the title bar of the Web console, click Preferences.

3 On the Change Password tab, type your current password, type your new password, and retype your

new password.

4 Click OK.

vCloud Director logs you out.

VMware, Inc. 13

vCloud Director User's Guide

What to do next

Log in using your new password.

14 VMware, Inc.

Managing Users and Groups 2

An organization administrator is the only one who can add users and groups to an organization. The
organization administrator assigns each user or group a role within the organization. Your role controls what
you can see and do in vCloud Director.

An organization administrator can create local user accounts within an organization or import users and
groups from an LDAP server. Contact your system administrator to set up an LDAP connection.

These default roles exist in vCloud Director.

Organization
Administrator

Catalog Author

vApp Author

vApp User

Console Access Only

Contact your system administrator to create custom roles.

This chapter includes the following topics:

n

“Managing Users,” on page 15

n

“Working with Groups,” on page 18

Managing Users

The Users page displays a list of users your organization. You can see whether the users are active, their role,
and whether they are local or LDAP.

As an organization administrator, you can complete these operations.

n

Add a new user

n

Import users from LDAP

Administers the organization

Creates and publishes new catalogs

Creates vApps and uses catalogs

Uses vApps created by others

Uses virtual machine guest operating systems and siews virtual machine state
and properties

VMware, Inc.

n

Send email notifications

n

Deactivate a user

n

Modify a user's properties

n

Delete a user

15

vCloud Director User's Guide

Add a Local User

Adding local users allows organization administrators to provide access to users who do not exist on an LDAP
server. You can also add local users if you do not plan to use an LDAP server.

Procedure

1 Click Administration.

2 In the left pane, select Members > Users.

3 Click the New User button.

4 Type the user name and password.

5 Select a role.

To create a custom role, contact your system administrator.

6 (Optional) Type the contact information.

7 Select the stored and running virtual machine quota limits for this user.

8 Click OK.

The new user appears on the Users page.

Import an LDAP User

Organization administrators can import users from an LDAP server.

Contact a system administrator to configure LDAP settings for your organization.

Prerequisites

The LDAP settings for the organization must be set up and working.

Procedure

1 Click Administration.

2 In the left pane, select Members > Users.

3 Click the Import Users from LDAP button.

4 Type the full or partial user name and click Search.

5 Select a user and click Add.

6 Select a role for the imported user.

7 Click OK.

vCloud Director imports the selected user from your LDAP server into your organization.

Edit a User

An organization administrator can edit local user properties such as the password, role, contact information,
and quotas. For LDAP users, you can only edit their role and quotas.

Procedure

1 Click Administration.

2 In the left pane, select Members > Users.

3 Select a user, right-click, and click Properties.

16 VMware, Inc.

Chapter 2 Managing Users and Groups

4 Modify the necessary properties and click OK.

Delete a User

If a user leaves the company or moves to another organization, an organization administrator can delete a user
from the organization.

Procedure

1 Click Administration.

2 In the left pane, select Members > Users .

3 Select a user, right-click, and select Disable Account.

4 Reselect this user, right-click, and select Delete.

5 Click OK .

The user is deleted from your organization.

Send User Notifications

An organization administrator can send an email notification to users to notify them of events or issues in the
organization.

Procedure

1 Click Administration.

2 In the left pane, select Members > Users.

3 Click the Notify button.

If you select a user and then click this button, the user's name appears as the recipient.

4 Select the recipients and type a subject.

5 Type the message.

6 Click Send Email.

The notification is sent to the selected recipients.

Delete Users in Lost and Found

If a user in your organization is removed from a group, if their group is disabled/removed in LDAP, or if the
user is deleted/disabled in LDAP, the user appears on the Lost & Found page. An organization administrator
can delete the user from the system and assume ownership of the user's objects (for example vApps and vApp
templates).

Procedure

1 Click Administration.

2 In the left pane, select Members > Lost & Found.

3 Right-click a user in the list and click Delete.

4 Click OK.

vCloud Director transfers ownership of the user's objects to you unless you deselect the Transfer user's
objects to me check box.

VMware, Inc. 17

vCloud Director User's Guide

Disable or Enable User Accounts

An organization administrator can disable a user account to log the user out of the Web console and prevent
the user from logging in again. You can enable a user to allow them to log in.

Procedure

1 Click Administration.

2 In the left pane, select Members > Users.

3 Select a user, right-click, and select Disable Account or Enable Account.

Disable user accounts have a red circle in the Enabled column and enabled user accounts have a green check
mark.

What to do next

After you disable a user's account, you can delete that user. See “Delete a User,” on page 17

View and Change a User's Role

An organization administrator assigns a role when adding a user to the organization. The organization
administrator can change the user's role later to give the user more rights or fewer rights.

Procedure

1 Click Administration.

2 In the left pane, select Members > Users.

3 Select a user, right-click, and select Properties.

4 In the User role in organization: drop-down menu, select a new role for the user.

The definition of each role appears as a tool tip.

5 Click OK.

Working with Groups

On the Groups page, you can review the list of groups in your organization.

You can see group names and their assigned roles. As an organization administrator, you can import groups
into your organization, delete groups from your organization, and modify the role of a group.

Import a Group

An organization administrator can import LDAP groups into an organization.

Contact a system administrator to configure LDAP settings for your organization.

Prerequisites

The LDAP settings for the organization must be set up and working.

Procedure

1 Click Administration.

2 In the left pane, select Members > Groups.

3 Click the Import Groups from LDAP button.

4 Type the full or partial group name and click Search.

18 VMware, Inc.

Chapter 2 Managing Users and Groups

5 Select a group and click Add.

6 Select a role for the group.

All the users in the group will be assigned this role.

7 Click OK.

The group is imported into your organization.

Delete a Group

An organization administrator can delete a group to remove it from the organization.

Deleting a group from an organization affects users who are members of the organization based solely on their
membership in the deleted group. These users will not be able to log in to the organization. When you delete
a group from an organization the group still exists in LDAP.

Procedure

1 Click Administration.

2 In the left pane, select Members > Groups.

3 Select a group, right-click, and select Delete.

4 Click Yes.

Modify the Role of a Group

An organization administrator can review and modify the role assigned to a group in your organization.

Procedure

1 Click Administration.

2 In the left pane, select Members > Groups.

3 Select a group, right-click, and select Properties.

4 Select another role for this group.

5 Click OK.

The new role for this group appears in the Groups page.

VMware, Inc. 19

vCloud Director User's Guide

20 VMware, Inc.

Managing Cloud Resources 3

A vCloud Director system administrator creates and assigns virtual datacenters and networks to an
organization. An organization administrator can view information about these resources and perform a limited
set of management tasks. Contact your system administrator if you need more organization virtual datacenters
or organization networks..

This chapter includes the following topics:

n

“Managing Virtual Datacenters,” on page 21

n

“Managing Organization Networks,” on page 22

n

“Managing Expired Items,” on page 36

Managing Virtual Datacenters

Virtual datacenters (vDCs) provide processor, memory, and storage resources to your organization. They are
assigned to your organization by your system administrator. An organization can have multiple vDCs.

Display Virtual Datacenters

When you display the vDCs in your organization, you can monitor the resources, users, and policy settings
that you manage.

You are an organization administrator.

Procedure

1 Click Administration.

2 In the left pane, select Cloud Resources > Virtual Datacenters.

A list of vDCs in your organization appears in the right pane.

3 For details about a vDC, right-click, and select Open.

The vApps, vApp templates, media, and networks attached to this vDC are displayed. When you click
through each tab, you can right click on an object to see the operations you can complete.

Review Virtual Datacenter Properties

You can review the properties of the vDCs that are assigned to your organization.

Procedure

1 Click Administration.

2 Select Cloud Resources > Virtual Datacenters.

VMware, Inc.

21

vCloud Director User's Guide

3 Select a vDC, right-click, and select Properties.

4 Review the properties and click OK.

What to do next

To modify your organizational vDCs, contact your system administrator.

Monitor Your Virtual Datacenter

You can monitor the vDC assigned to your organization and determine when to request additional capacity.

You are an organization administrator.

Procedure

1 Click Administration.

2 Select Cloud Resources > Virtual Datacenters.

3 Click the Monitor button.

Details about the processor, memory, storage, and allocation model appear.

What to do next

Contact your system administrator for more capacity.

Manage Your Virtual Datacenters

You can review information such as the status, allocation model, and the number of vApps in a vDC in your
organization.

You are an organization administrator

Procedure

1 Click Administration.

2 In the left pane, select Cloud Resources > Virtual Datacenters.

3 Click the Manage button.

4 Review the information.

What to do next

You can open the vDC to see the objects in it, notify users about issues or changes, or review the vDCs
properties. Contact your system administrator to make changes to your vDC.

Managing Organization Networks

Organization networks are created and assigned to your organization by a system administrator. An
organization administrator can view information about his networks, configure network services, and more.

There are three type of organization networks.

22 VMware, Inc.

Table 3-1. Types of Organization Networks

Organization Network Type Description

Chapter 3 Managing Cloud Resources

Direct Accessible by multiple organizations. Virtual machines belonging to different

Routed Accessible only by this organization. Only virtual machines within this

Internal Accessible only by this organization. Only virtual machines within this

organizations can connect to and see traffic on this network.

This network provides direct layer 2 connectivity to machines outside of the
organization. Machines outside of this organization can connect to machines
within the organization directly.

organization can connect to this network.

This network also provides controlled access to an external network. System
administrators and organization administrators can configure network address
translation (NAT), firewall, and VPN settings to make specific virtual machines
accessible from the external network.

organization can connect to and see traffic on this network.

This network provides an organization with an isolated, private network that
multiple vApps can connect to. This network provides no connectivity to
machines outside this organization. Machines outside of this organization have
no connectivity to machines within the organization.

Configuring Network Services for an Organization Network

An organization administrator can configure network services, such as DHCP, firewalls, network address
translation (NAT), VPN, and static routing for certain organization networks.

The network services available depend on the type of organization network.

Table 3-2. Network Services Available by Network Type

Organization Network Type DHCP Firewall NAT VPN Static Routing

Direct

Routed X X X X X

Internal X

Configure DHCP for an Organization Network

Organization administrators can configure certain organization networks to provide DHCP services to virtual
machines in the organization.

When you enable DHCP for an organization network, connect a NIC on virtual machine in the organization
to that network, and select DHCP as the IP mode for that NIC, vCloud Director assigns a DHCP IP address to
the virtual machine when you power it on.

Prerequisites

An routed organization network or an internal organization network.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the DHCP tab and select Enable DHCP.

VMware, Inc. 23

vCloud Director User's Guide

5 Type a range of IP addresses or use the default range.

vCloud Director uses these addresses to satisfy DHCP requests. The range of DHCP IP addresses cannot
overlap with the static IP pool for the organization network.

6 Set the default lease time and maximum lease time or use the default values.

7 Click OK.

vCloud Director updates the network to provide DHCP services.

Enable the Firewall for an Organization Network

An organization administrator can configure certain organization networks to provide firewall services. Enable
the firewall on an organization network to enforce firewall rules on incoming traffic, outgoing traffic, or both.

When you enable the firewall, you can specify a default firewall action to deny all incoming and outgoing
traffic or to allow all incoming and outgoing traffic. You can also add specific firewall rules to allow or deny
traffic that matches the rules to pass through the firewall. These rules take precedence over the default firewall
action. See “Add a Firewall Rule to an Organization Network,” on page 24.

If a system administrator specified syslog server settings and those settings have been applied to the
organization network, then you can log events related to the default firewall action. For information about
applying syslog server settings, see “Apply Syslog Server Settings to an Organization Network,” on
page 35. To view the current syslog server settings see “View Syslog Server Settings for an Organization

Network,” on page 35.

Prerequisites

A routed organization network.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the Firewall tab and select Enable firewall.

5 Select the default firewall action.

6 (Optional) Select the Log check box to log events related to the default firewall action.

7 Click OK.

Add a Firewall Rule to an Organization Network

An organization administrator can add firewall rules to an organization network that supports a firewall. You
can create rules to allow or deny traffic that matches the rules to pass through the firewall.

For a firewall rule to be enforced, you must enable the firewall for the organization network. See “Enable the

Firewall for an Organization Network,” on page 24.

When you add a new firewall rule to an organization network, it appears at the bottom of the firewall rule list.
For information about how to set the order in which firewall rules are enforced, see “Reorder Firewall Rules

for an Organization Network,” on page 25.

If a system administrator specified syslog server settings and those settings have been applied to the
organization network, then you can log firewall rule events. For information about applying syslog server
settings, see “Apply Syslog Server Settings to an Organization Network,” on page 35. To view the current
syslog server settings see “View Syslog Server Settings for an Organization Network,” on page 35.

24 VMware, Inc.

Chapter 3 Managing Cloud Resources

Prerequisites

A routed organization network.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the Firewall tab and click Add.

5 Type a name for the rule.

6 Select the traffic direction.

7 Type the source IP address and select the source port.

For incoming traffic, the source is the external network. For outgoing traffic, the source is the organization
network.

8 Type the destination IP and select the destination port.

For incoming traffic, the destination is the organization network. For outgoing traffic, the destination is
the external network.

9 Select the protocol.

10 Select the action.

A firewall rule can allow or deny traffic that matches the rule.

11 Select the Enabled check box.

12 (Optional) Select the Log network traffic for firewall rule check box.

If you enable this option, vCloud Director sends log events to the syslog server for connections affected
by this rule.

13 Click OK and OK.

Reorder Firewall Rules for an Organization Network

Firewall rules are enforced in the order in which they appear in the firewall list. An organization administrator
can change the order of the rules in the list.

When you add a new firewall rule to an organization network, it appears at the bottom of the firewall rule list.
To enforce the new rule before an existing rule, reorder the rules.

Prerequisites

A routed organization network with two or more firewall rules.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the Firewall tab.

5 Drag the firewall rules to establish the order in which the rules are applied.

6 Click OK.

VMware, Inc. 25

vCloud Director User's Guide

Enable IP Masquerading for an Organization Network

An organization administrator can configure certain organization networks to provide IP masquerade services.
Enable IP masquerading on an organization network to hide the internal IP addresses of virtual machines from
the external network.

When you enable IP masquerade, vCloud Director translates a virtual machine's private, internal IP address
into a public IP address for outbound traffic.

Prerequisites

A routed organization network.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the NAT Mapping tab and select Enable IP Masquerade.

5 Click OK.

Add a Port Forwarding Rule to an Organization Network

An organization administrator can configure certain organization networks to provide port forwarding by
adding a NAT mapping rule. Port forwarding provides external access to services running on virtual machines
on the organization network.

When you configure port forwarding, vCloud Director maps an external IP address and a port to a service
running on a port on a virtual machine for inbound traffic.

When you add a new port forwarding rule to an organization network, it appears at the bottom of the NAT
mapping rule list. For information about how to set the order in which NAT mapping rules are enforced, see

“Reorder NAT Mapping Rules for an Organization Network,” on page 27.

Only system administrators can assign external IP addresses to a network. Contact your system administrator
if your organization network lacks external IP addresses.

Prerequisites

A routed organization network and an external IP address.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the NAT Mapping tab and click Add.

5 Select Port Forwarding and configure the port forwarding rule.

a Select an external IP address.

b Select an external port.

c Type the IP address of the destination virtual machine.

n

If the virtual machine is fenced, type its external IP address.

n

If the virtual machine is not fenced, type its internal IP address.

26 VMware, Inc.

Chapter 3 Managing Cloud Resources

d Select an internal port.

e Select a protocol for the type of traffic to forward.

f Click OK.

6 Click OK.

Add an IP Translation Rule to an Organization Network

An organization administrator can configure certain organization networks to provide IP translation by adding
a NAT mapping rule.

When you add a new IP translation rule to an organization network, it appears at the bottom of the NAT
mapping rule list. For information about how to set the order in which NAT mapping rules are enforced, see

“Reorder NAT Mapping Rules for an Organization Network,” on page 27.

When you create an IP translation rule for a network, vCloud Director adds a DNAT and SNAT rule to the
vShield Edge associated with the network's port group. The DNAT rule translates an external IP address to an
internal IP address for inbound traffic. The SNAT rule translates an internal IP address to an external IP address
for outbound traffic. If the network is also using IP masquerade, the SNAT rule takes precedence.

Only system administrators can assign external IP addresses to a network. Contact your system administrator
if your organization network does not have external IP addresses.

Prerequisites

A routed organization network and an external IP address.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the NAT Mapping tab and click Add.

5 Select IP Translation and configure the rule.

a Select an external IP address.

b Type the IP address of the destination virtual machine.

n

If the virtual machine is fenced, type its external IP address.

n

If the virtual machine is not fenced, type its IP address.

c Click OK.

6 Click OK.

Reorder NAT Mapping Rules for an Organization Network

NAT mapping rules are enforced in the order in which they appear in the NAT mapping list. An organization
administrator can change the order of the rules in the list.

When you add a new NAT mapping rule (IP translation or port forwarding) to an organization network, it
appears at the bottom of the NAT mapping rule list. To enforce the new rule before an existing rule, reorder
the rules.

Prerequisites

A routed organization network with two or more NAT mapping rules.

VMware, Inc. 27

vCloud Director User's Guide

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the NAT Mapping tab.

5 Click and drag the rules to establish the order in which the rules are applied.

6 Click OK.

Enable Site-to-Site VPN for an Organization Network

An organization administrator can enable site-to-site VPN for an organization network and then create a secure
tunnel to another network.

vCloud Director supports site-to-site VPN between organization networks in the same organization,
organization networks in different organizations (including organization networks in different instances of
vCloud Director), and remote networks.

Prerequisites

n

A routed organization network.

n

vShield Manager 5.0.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the Site-to-Site VPN tab and select Enable site-to-site VPN.

5 (Optional) Type a public IP address.

If the external network to which the organization network is routed is behind a NAT device, you must
provide a publicly accessible IP address that faces the Internet.

6 Click OK.

What to do next

Create a VPN tunnel to another network.

Create a VPN Tunnel Within an Organization

An organization administrator can create a VPN tunnel between two organizations networks in the same
organization.

If the tunnel endpoints have a firewall between them, you must configure it to allow the following IP protocols
and UDP ports:

n

IP Protocol ID 50 (ESP)

n

IP Protocol ID 51 (AH)

n

UDP Port 500 (IKE)

n

UDP Port 4500

28 VMware, Inc.

Chapter 3 Managing Cloud Resources

Prerequisites

n

At least two routed organization networks with nonoverlapping IP subnets and site-to-site VPN enabled
on both networks.

n

vShield Manager 5.0.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the Site-to-Site VPN tab and click Add.

5 Type a name and optional description.

6 Select a network in this organization from the drop-down menu and select a peer network.

7 Review the tunnel settings and click OK.

vCloud Director configures both peer network endpoints.

Create a VPN Tunnel Between Organizations

An organization administrator can create a VPN tunnel between two organization networks in different
organizations. The organizations can be part of the same vCloud Director installation or a different installation.

If the tunnel endpoints have a firewall between them, you must configure it to allow the following IP protocols
and UDP ports:

n

IP Protocol ID 50 (ESP)

n

IP Protocol ID 51 (AH)

n

UDP Port 500 (IKE)

n

UDP Port 4500

Prerequisites

n

A routed organization network in each of the organizations. The organization networks must have
nonoverlapping IP subnets and site-to-site VPN enabled.

n

vShield Manager 5.0.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the Site-to-Site VPN tab and click Add.

5 Type a name and optional description.

6 Select a network in another organization from the drop-down menu.

VMware, Inc. 29

vCloud Director User's Guide

7 Click Connect to another organization, type the login information for the peer organization, and click

Continue.

Option Description

vCloud URL

Organization

Username

Password

8 Select a peer network.

9 Review the tunnel settings and click Connect.

vCloud Director configures both peer network endpoints.

Create a VPN Tunnel to a Remote Network

An organization administrator can create a VPN tunnel between an organization network and a remote
network.

Base URL of the vCloud instance that contains the peer organization. For
example, https://www.example.com. Do not include /cloud
or /cloud/org/

Organization name that is used as the unique identifier in the organization
URL. For example, if the organization URL is
https://www.example.com/cloud/org/myOrg, type myOrg.

User name of an organization administrator or system administrator that has
access to the organization.

Password associated with the user name.

orgname

in the URL.

If the tunnel endpoints have a firewall between them, you must configure it to allow the following IP protocols
and UDP ports:

n

IP Protocol ID 50 (ESP)

n

IP Protocol ID 51 (AH)

n

UDP Port 500 (IKE)

n

UDP Port 4500

Prerequisites

n

A routed organization network and a routed remote network that uses IPSec.

n

vShield Manager 5.0.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 Click the Site-to-Site VPN tab and click Add.

5 Type a name and optional description.

6 Select a remote network from the drop-down menu.

7 Type the peer settings.

8 Review the tunnel settings and click OK.

vCloud Director configures the organization peer network endpoint.

What to do next

Manually configure the remote peer network endpoint.

30 VMware, Inc.

Chapter 3 Managing Cloud Resources

Enable Static Routing for an Organization Network

An organization administrator can configure certain organization networks to provide static routing services.
After you enable static routing on an organization network, you can add static routes to allow traffic between
different vApp networks routed to the organization network.

Prerequisites

A routed organization network.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 On the Static Routing tab, select Enable static routing and click OK.

What to do next

Create static routes.

Add Static Routes Between vApp Networks Routed to the Same Organization Network

An organization administrator can add static routes between two vApp networks that are routed to the same
organization network. Static routes allow traffic between the networks.

You cannot add static routes between overlapping networks or fenced vApps. After you add a static route to
an organization network, make sure to configure the network firewall rules to allow traffic on the static route.
For vApps with static routes, you should select the Always use assigned IP addresses until this vApp or
associated networks are deleted check box.

Static routes only function when the vApps included in the routes are running. If you change the parent
network of a vApp, delete a vApp, or delete a vApp network, and the vApp includes static routes, those routes
cannot function and you must remove them manually.

Prerequisites

n

vShield 5.0.

n

A routed organization network.

n

Static routing is enabled on the organization network.

n

Two vApp networks routed to the organization network.

n

The vApp networks are in vApps that were started at least once.

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 On the Static Routing tab, click Add.

5 Type a name, network address, and next hop IP.

The network address is for the first vApp network to which you want to add a static route. The next hop
IP is the external IP address of that vApp network's router.

VMware, Inc. 31

vCloud Director User's Guide

6 Select Within this network and click OK.

7 Click OK.

8 Repeat Step 4 through Step 7 to add a route to the second vApp network.

Example: Static Routing Example

vApp Network 1 and vApp Network 2 are both routed to Org Network Shared. You can create static routes
on the organization network to allow traffic between the vApp networks. You can use information about the
vApp networks to create the static routes.

Table 3-3. Network Information

Network Name Network Specification Router External IP Address

vApp Network 1 192.168.1.0/24 192.168.0.100

vApp Network 2 192.168.2.0/24 192.168.0.101

Org Network Shared 192.168.0.0/24 NA

On Org Network Shared, create a static route to vApp Network 1 and another static route to vApp Network

2.

Table 3-4. Static Routing Settings

Static Route to
Network Route Name Network Next Hop IP Address Route

vApp Network 1 tovapp1 192.168.1.0/24 192.168.0.100 Within this network

vApp Network 2 tovapp2 192.168.2.0/24 192.168.0.101 Within this network

What to do next

Create firewall rules to allow traffic on the static routes.

Add Static Routes Between vApp Networks Routed to Different Organization Networks

An organization administrator can add static routes between two vApp networks that are routed to different
organization networks. Static routes allow traffic between the networks.

You cannot add static routes between overlapping networks or fenced vApps. After you add a static route to
an organization network, configure the network firewall rules to allow traffic on the static route. For vApps
with static routes, select the Always use assigned IP addresses until this vApp or associated networks are
deleted check box.

Static routes only function when the vApps included in the routes are running. If you change the parent
network of a vApp, delete a vApp, or delete a vApp network, and the vApp includes static routes, those routes
cannot function and you must remove them manually.

Prerequisites

n

vShield 5.0.

n

Two organization networks routed to the same external network.

n

Static routing is enabled on both organization networks.

n

A vApp network routed to each organization network.

n

The vApp networks are in vApps that were started at least once.

32 VMware, Inc.

Chapter 3 Managing Cloud Resources

Procedure

1 Click Administration.

2 Select Cloud Resources > Networks.

3 Right-click the organization network name and select Configure Services.

4 On the Static Routing tab, click Add.

5 Type a name, network address, and next hop IP address.

The network address is for the vApp network to which you want to add a static route. The next hop IP
address is the external IP address of the router for the organization network to which that vApp network
is routed.

6 Select To external network and click OK.

7 Click Add.

8 Type a name, network address, and next hop IP address.

The network address is for the vApp network that is routed to this organization network. The next hop
IP address is the external IP address of the router for that vApp network.

9 Select Within this network and click OK.

10 Repeat Step 3 through Step 9 to add static routes to the second organization network.

Example: Static Routing Example

vApp Network 1 is routed to Org Network 1. vApp Network 2 is routed to Org Network 2. You can create
static routes on the organization networks to allow traffic between the vApp networks. You can use information
about the vApp networks and organization networks to create the static routes.

Table 3-5. Network Information

Network Name Network Specification Router External IP Address

vApp Network 1 192.168.1.0/24 192.168.0.100

vApp Network 2 192.168.11.0/24 192.168.10.100

Org Network 1 192.168.0.0/24 10.112.205.101

Org Network 2 192.168.10.0/24 10.112.205.100

On Org Network 1, create a static route to vApp Network 2 and another static route to vApp Network 1. On
Org Network 2, create a static route to vApp Network 1 and another static route to vApp Network 2.

Table 3-6. Static Routing Settings for Org Network 1

Static Route to
Network Route Name Network Next Hop IP Address Route

vApp Network 2 tovapp2 192.168.11.0/24 10.112.205.100 To external network

vApp Network 1 tovapp1 192.168.1.0/24 192.168.0.100 Within this network

Table 3-7. Static Routing Settings for Org Network 2

Static Route to
Network Route Name Network Next Hop IP Address Route

vApp Network 1 tovapp1 192.168.1.0/24 10.112.205.101 To external network

vApp Network 2 tovapp2 192.168.11.0/24 192.168.10.100 Within this network

VMware, Inc. 33

vCloud Director User's Guide

What to do next

Create firewall rules to allow traffic on the static routes.

Reset an Organization Network

If the network services, such as DHCP settings, firewall settings, and so on, that are associated with an
organization network are not working as expected, reset the network.

You are an organization administrator.

No network services are available while an organization network resets.

Prerequisites

An external NAT-routed organization network or an internal organization network.

Procedure

1 Click Administration.

2 In the left pane, select Cloud Resources > Networks.

3 Select an organization network, right-click, and select Reset Network.

4 Click Yes.

View IP Usage for an Organization Network

You can view a list of the IP addresses from an organization network IP pool that are currently in use.

You are an organization administrator.

Procedure

1 Click Administration.

2 In the left pane, select Cloud Resources > Networks.

3 Select an organization network, right-click, and select IP Allocations.

Add IP Addresses to an Organization Network IP Pool

If an organization network is running out of IP addresses, you can add more addresses to its IP Pool.

You are an organization administrator.

You cannot add IP addresses to external organization networks that have a direct connection.

Procedure

1 Select Administration.

2 In the left pane, select Cloud Resources > Networks.

3 Select an organization network, right-click, and select Properties.

4 On the Network Specification tab, type an IP address or a range of IP addresses in the text box and click

Add.

5 Click OK.

34 VMware, Inc.

Chapter 3 Managing Cloud Resources

View vApps and vApp Templates That Use an Organization Network

You can view a list of the all the vApps and vApp templates that include virtual machines with a NIC connected
to an organization network.

Prerequisites

You are an organization administrator.

Procedure

1 Click Administration.

2 In the left pane, select Cloud Resources > Networks.

3 Select an organization network, right-click, and select Connected vApps.

4 Click OK.

View Syslog Server Settings for an Organization Network

You can view the syslog server settings for a routed organization network.

You are an organization administrator.

vCloud Director supports logging events related to firewall rules to a syslog server specified by a system
administrator.

If an organization network does not have any syslog server settings and you think it should, or if the settings
are not what you expected, then you can synchronize the network with the most current syslog server settings.
See “Apply Syslog Server Settings to an Organization Network,” on page 35. If there is still a problem after
you synchronize, contact your system administrator.

Prerequisites

An external NAT-routed organization network.

Procedure

1 Click Administration.

2 In the left pane, select Cloud Resources > Networks.

3 Select an organization network, right-click, and select Properties.

4 Click the Syslog Server Settings tab.

Apply Syslog Server Settings to an Organization Network

You apply syslog server settings to a routed organization network to enable firewall rule logging.

You are an organization administrator.

Syslog server settings can only be specified by a system administrator. You should apply those settings to any
organization network that was created before the system administrator specified them. You should also apply
the syslog server settings to an organization network any time a system administrator changes the settings.

Prerequisites

An external NAT-routed organization network.

Procedure

1 Click Administration.

VMware, Inc. 35

vCloud Director User's Guide

2 In the left pane, select Cloud Resources > Networks.

3 Select an organization network, right-click, and select Synchronize syslog server settings.

4 Click Yes.

Managing Expired Items

When vApps or vApp templates expire, you can determine whether you want to renew or delete them.

Manage Expired vApps

You can display a list of expired vApps, delete them, or restore them to your organization.

You are an organization administrator.

The organization policy for what to do when a vApp storage lease expires is set to Move to Expired Items. See

“Configure Organization Lease, Quota, and Limit Settings,” on page 40.

Procedure

1 Select My Cloud > Expired Items.

2 On the Expired vApps tab, review the list of expired vApps.

3 Right-click a vApp and select Delete or Renew and click Yes.

If you selected Delete, the vApp is deleted from the list. If you selected Renew, the restored vApp appears on
the vApps page.

Manage Expired vApp Templates

You can display a list of expired vApp templates and delete them or restore them to your organization.

You are an organization administrator.

The organization policy for what to do when a vApp template storage lease expires is set to Move to Expired
Items. See “Configure Organization Lease, Quota, and Limit Settings,” on page 40.

Procedure

1 Select My Cloud > Expired Items.

2 Click the Expired vApp Templates tab.

3 Right-click on a vApp template, select Delete or Renew, and click Yes.

If you selected Delete, the vApp template is deleted from the list. If you selected Renew, the vApp template
is restored to its catalog.

36 VMware, Inc.

Working in an Organization 4

Most operations in vCloud Director occur in an organization. The system administrator creates the
organization and assigns an organization administrator to it.

The system administrator emails the URL of the organization to the organization administrator, who can log
in to the organization and set it up. In the Home page the organization administrator clicks the Set up the
Organization link to assign resources and manage a variety of operations on the organization.

This chapter includes the following topics:

n

“Understanding Leases,” on page 37

n

“Set Up an Organization,” on page 38

n

“Review Your Organization Profile,” on page 40

n

“Modify Your Email Settings,” on page 41

n

“Modify Your Organization's Policies,” on page 41

n

“Set Default Domain for Organization Virtual Machines,” on page 42

n

“Manage Users and Groups in Your Organization,” on page 42

n

“Manage Resources in Your Organization,” on page 42

n

“Manage Virtual Machines in Your Organization,” on page 43

n

“Viewing Organization Log Tasks and Events,” on page 43

Understanding Leases

Creating an organization involves specifying leases. Leases provide a level of control over an organization's
storage and compute resources by specifying the maximum amount of time that vApps can be running and
that vApps and vApp templates can be stored.

The goal of a runtime lease is to prevent inactive vApps from consuming compute resources. For example, if
a user starts a vApp and goes on vacation without stopping it, the vApp continues to consume resources.

A runtime lease begins when a user starts a vApp. When a runtime lease expires, vCloud Director stops the
vApp.

The goal of a storage lease is to prevent unused vApps and vApp templates from consuming storage resources.
A vApp storage lease begins when a user stops the vApp. Storage leases do not affect running vApps. A vApp
template storage lease begins when a user adds the vApp template to a vApp, adds the vApp template to a
workspace, downloads, copies, or moves the vApp template.

When a storage lease expires, vCloud Director marks the vApp or vApp template as expired, or deletes the
vApp or vApp template, depending on the organization policy you set.

VMware, Inc.

37

vCloud Director User's Guide

For more information about specifying lease settings, see “Configure Organization Lease, Quota, and Limit

Settings,” on page 40.

Users can configure email notification to receive a message before a runtime or storage lease expires. See “Set

User Preferences,” on page 13 for information about lease expiration preferences.

Set Up an Organization

After you receive the URL of your organization from the system administrator, you must set it up. On the
vCloud Director Home page, click Set up this organization.

You are an organization administrator.

Procedure

1 Change the Organization Full Name on page 38

You can change the full name of an organization. This name appears in the Cloud Director application
header when users log in.

2 Import LDAP Users and Groups on page 38

You can add users and groups from an LDAP server to the organization and assign them a role within
the organization.

3 Add Local Users to the Organization on page 39

Every organization should have at least one local, non-LDAP, organization administrator account, so
that users can log in even if the LDAP service is unavailable.

4 Configure Email Preferences on page 39

vCloud Director requires an SMTP server to send user notification and system alert emails. An
organization can use the system email settings or use its own email settings.

5 Configure Organization Lease, Quota, and Limit Settings on page 40

Leases, quotas, and limits constrain the ability of organization users to consume storage and processing
resources. Use these settings to prevent users from depleting or monopolizing an organization's
resources.

Change the Organization Full Name

You can change the full name of an organization. This name appears in the Cloud Director application header
when users log in.

You are an organization administrator.

Procedure

1 On Name this Organization page, in the Organization full name, type the new full name.

2 (Optional) Type a description of the organization.

3 Click Next.

Import LDAP Users and Groups

You can add users and groups from an LDAP server to the organization and assign them a role within the
organization.

Prerequisites

Verify that your organization has a valid connection to an LDAP server.

38 VMware, Inc.

Chapter 4 Working in an Organization

Procedure

1 Click Import.

2 Type a full or partial name of an LDAP user or group and click Search.

3 Select the users or groups to import and click Add.

4 Select a role for the users and groups and click OK.

5 Click Next.

Add Local Users to the Organization

Every organization should have at least one local, non-LDAP, organization administrator account, so that users
can log in even if the LDAP service is unavailable.

Procedure

1 Click Add.

2 Type a user name and password.

3 Assign a role to the user.

4 (Optional) Type the contact information for the user.

5 Select Unlimited or type a user quota for stored and running virtual machines and click OK.

These quotas limit the user's ability to consume storage and compute resources in the organization.

6 Click Next.

Configure Email Preferences

vCloud Director requires an SMTP server to send user notification and system alert emails. An organization
can use the system email settings or use its own email settings.

Procedure

1 Select an SMTP server option.

Option Description

Use system default SMTP server

Set organization SMTP server

2 Select a notification settings option.

Option Description

Use system default notification
settings

Set organization notification
settings

3 (Optional) Type a destination email address and click Test Email Settings to verify that all SMTP server

settings are configured as expected.

The organization uses the system SMTP server.

The organization uses its own SMTP server. Type the DNS host name or IP
address and port number of the SMTP server. (Optional) Select the Requires
authentication check box and type a user name and password.

The organization uses the system notification settings.

The organization uses its own notification settings. Type an email address
that appears as the sender for organization emails, type text to use as the
subject prefix for organization emails, and select the recipients for
organization emails.

4 Click Next.

VMware, Inc. 39

vCloud Director User's Guide

Configure Organization Lease, Quota, and Limit Settings

Leases, quotas, and limits constrain the ability of organization users to consume storage and processing
resources. Use these settings to prevent users from depleting or monopolizing an organization's resources.

For more information about leases, see “Understanding Leases,” on page 37.

Procedure

1 Select the lease options for vApps and vApp templates.

Leases provide a level of control over an organization's storage and compute resources by specifying the
maximum amount of time that vApps can run and that vApps and vApp templates can be stored. You
can also specify what happens to vApps and vApp templates when their storage lease expires.

2 Select the quotas for running and stored virtual machines.

Quotas determine how many virtual machines each user in the organization can store and power on in
the organization's virtual datacenters. The quotas that you specify act as the default for all new users added
to the organization.

3 Select the limits for resource intensive operations.

Certain vCloud Director operations, for example copy and move, are more resource intensive than others.
Limits prevent resource intensive operations from affecting all the users in an organization and also
provide a defense against denial-of-service attacks.

4 Select the number of simultaneous VMware Remote Console connections for each virtual machine.

You might want to limit the number of simultaneous connections for performance or security reasons.

NOTE This setting does not affect Virtual Network Computing (VNC) or Remote Desktop Protocol (RDP)
connections.

5 (Optional) Select the Account lockout enabled check box, select the number of invalid logins to accept

before locking a user account, and select the lockout interval.

6 Click Next.

Review Your Organization Profile

You can review and modify some of the information in your organization's profile

You are an organization administrator.

Procedure

1 Click Administration.

2 In the left pane, select Settings > General.

3 You can complete these operations.

n

Review your organization's default URL.

n

Modify your organization's full name.

n

Type a description.

4 Click Apply.

40 VMware, Inc.

Modify Your Email Settings

You can review and modify the default email settings that were set when the system administrator created
your organization.

You are an organization administrator.

Procedure

1 Click Administration.

2 In the left pane, select Settings > Email.

3 Select an SMTP server option.

Option Description

Use system default SMTP server

Set organization SMTP server

4 Select a notification settings option.

Chapter 4 Working in an Organization

The organization uses the system SMTP server.

The organization uses its own SMTP server. Type the DNS host name or IP
address and port number of the SMTP server. (Optional) Select the Requires
authentication check box and type a user name and password.

Option Description

Use system default notification
settings

Set organization notification
settings

The organization uses the system notification settings.

The organization uses its own notification settings. Type an email address
that appears as the sender for organization emails, type text to use as the
subject prefix for organization emails, and select the recipients for
organization emails.

5 (Optional) Type a destination email address and click Test Email Settings to verify that all SMTP server

settings are configured as expected.

6 Click Apply.

Modify Your Organization's Policies

You can review and modify the default policies that were set by the system administrator when your
organization was created.

You are an organization administrator.

Procedure

1 Click Administration.

2 In the left pane, select Settings > Policies.

3 Select the lease options for vApps and vApp templates.

Leases provide a level of control over an organization's storage and compute resources by specifying the
maximum amount of time that vApps can be running and that vApps and vApp templates can be stored.
You can also specify what happens to vApps and vApp templates when their storage lease expires.

4 Select the quotas for running and stored virtual machines.

Quotas determine how many virtual machines each user in the organization can store and power on in
the organization's virtual datacenters. The quotas you specify act as the default for all new users added
to the organization.

VMware, Inc. 41

vCloud Director User's Guide

5 Select the limits for resource intensive operations.

Certain vCloud Director operations, for example copy and move, are more resource intensive than others.
Limits prevent resource intensive operations from affecting all the users in an organization and also
provide a defense against denial-of-service attacks.

6 Select the number of simultaneous VMware Remote Console connections for each virtual machine.

You may want to limit the number of simultaneous connections for performance or security reasons.

NOTE This setting does not affect Virtual Network Computing (VNC) or Remote Desktop Protocol (RDP)
connections.

7 (Optional) Select the Account lockout enabled check box, select the number of invalid logins to accept

before locking a user account, and select the lockout interval.

8 Click Apply.

Set Default Domain for Organization Virtual Machines

You can set a default domain which virtual machines created in your organization can join. Virtual machines
can always join a domain for which they have credentials, regardless of whether or not you specify a default
domain.

You are an organization administrator.

Procedure

1 Click Administration.

2 In the left pane, select Settings > Guest Personalization.

3 Select the Enable domain join for virtual machines in this organization.

4 Type the domain name, domain user name, domain password.

These credentials apply to a regular domain user, not a domain administrator.

5 Click Apply.

Manage Users and Groups in Your Organization

You can manage the roles and rights that users and groups have in your organization.

You are an organization administrator.

Procedure

1 Click Administration.

2 In the left pane, select Members > Users or Members > Groups.

You can modify properties or roles.

3 Right-click the user or group and select Properties.

4 Make the necessary changes and click OK.

Your user or group settings are updated. See also Chapter 2, “Managing Users and Groups,” on page 15

Manage Resources in Your Organization

You must monitor and manage the resources you add to your organization.

You are an organization administrator.

42 VMware, Inc.

Procedure

1 Click Administration.

2 In the left pane, under Cloud Resources, select Virtual Datacenters or Networks.

The vDCs and networks in your organization appear in the right pane. See also Chapter 3, “Managing Cloud

Resources,” on page 21

Manage Virtual Machines in Your Organization

You can manage virtual machines in your organization. Virtual machines provide access to vCloud Director
operations at the virtual machine console level.

You are an organization administrator.

Procedure

1 Click My Cloud.

2 In the left pane, select VMs.

3 Select a virtual machine, right-click, and select Properties.

4 Modify the relevant properties in each of the tabs and click OK.

Chapter 4 Working in an Organization

What to do next

For more information on managing virtual machines, see Chapter 9, “Working with Virtual Machines,” on
page 83.

Viewing Organization Log Tasks and Events

You can view tasks and events in your organization to monitor and audit vCloud Directory activities.

vCloud Director tasks are long-running operations and their status changes as the task progresses. For example,
a task's status generally starts as Running. When the task finishes, its status changes to Successful or Error.

vCloud Director events are one-time occurrence that indicate an important part of an operation or a significant
state change for a vCloud Director object. vCloud Director also logs an event every time a user logs in, and
notes whether the attempt was successful or not.

View Organization Events

You can view the log for an organization to monitor organization-level events. Failed events and view events
are listed by user.

You are an organization administrator.

Procedure

1 Click the My Cloud.

2 In the left pane, click Logs.

3 Click the Events tab.

vCloud Director displays information about each organization-level event.

4 Double-click an event for more information.

Only system administrators can view the details about most events.

VMware, Inc. 43

vCloud Director User's Guide

View Organization Tasks

You can view the tasks in an organization, which helps you monitor and troubleshoot more effectively.

You are an organization administrator.

Procedure

1 Click My Cloud.

2 In the left pane, click Logs.

3 On the Tasks tab, you can examine the tasks in the organization.

4 Select a task, right-click, and select Open.

5 Review the information and click OK.

What to do next

To troubleshoot a failed task, contact your system administrator.

44 VMware, Inc.

Working with Catalogs 5

A catalog is a container for vApp templates and media files in an organization. Organization administrators
and catalog authors can create catalogs in an organization. Catalog contents can be shared with other users in
the organization and can also be published to all organizations in the vCloud Director installation.

There are two types of catalogs in vCloud Director; organization catalogs and public catalogs. Organization
catalogs include vApp templates and media files that you can share with other users in the organization. If a
system administrator enables catalog publishing for your organization, you can publish an organization
catalog to create a public catalog. Organization administrators from any organization in the vCloud Director
installation can view the vApp templates and media files in a public catalog and copy those files to a catalog
in their organization for use by their members.

There are two ways to add vApp templates to a catalog. You can upload an OVF package directly to a catalog
or save a vApp as a vApp template. For more information, see “Upload an OVF Package as a vApp

Template,” on page 57 and “Save a vApp as a vApp Template,” on page 59. You can upload media files

directly to a catalog. See “Upload Media Files,” on page 51.

Members of an organization can access vApp templates and media files that they own or that are shared to
them. Organization administrators and system administrators can share a catalog with everyone in an
organization, or with specific users and groups in an organization. See “Share A Catalog,” on page 47.

This chapter includes the following topics:

n

“Add a New Catalog,” on page 45

n

“Access a Catalog,” on page 46

n

“Publish a Catalog,” on page 46

n

“Share A Catalog,” on page 47

n

“Change the Owner of a Catalog,” on page 47

n

“Delete a Catalog,” on page 48

n

“Modify the Properties of Your Catalog,” on page 48

n

“Understanding Catalogs and Their Contents,” on page 48

n

“Working in Published Catalogs,” on page 49

Add a New Catalog

You can create catalogs to group your vApp templates and media files.

You are at least a catalog author.

VMware, Inc.

45

vCloud Director User's Guide

Procedure

1 Click Catalogs > My Organization's Catalogs.

2 On the Catalogs tab, click the Add Catalog button.

3 Type a catalog name and optional description and click Next.

4 (Optional) To share the catalog with members of the organization, click Add Members, select users and

groups, select an access level, click OK, and click Next.

5 Select a catalog publishing option and click Next..

Option Description

Don't publish this catalog to other
organizations

Publish to all organizations

NOTE This option might be unavailable, depending on your organizational settings.

6 Review the summary and click Finish.

This catalog will not be visible or available to other organizations in the
vCloud Director installation.

This catalog will be visible to all other organizations in the vCloud Director
installation. Users with the necessary rights (by default, organization
administrators) can view catalog items and copy them to a local organization
catalog.

Access a Catalog

Depending on your role in the organization, you can access catalogs in your organization and public catalogs
that were published by other organizations.

n

To access a public catalog, you must be an organization administrator .

n

To access a catalog in your organization, you must be at least a vApp author.

Procedure

1 Click Catalogs.

2 In the left pane, click on a catalog option.

n

My Organization's Catalogs

n

Public Catalogs

3 In the right pane, select a catalog, right-click, and select Open.

Publish a Catalog

When you publish a catalog, all organizations in vCloud Director can see the catalog.

You are at least a catalog author.

Prerequisites

The system administrator has enabled catalog publishing for the organization.

Procedure

1 Click Catalogs.

2 Select a catalog, right-click, and select Publish.

3 Select Publish to all organizations.

46 VMware, Inc.

4 Click OK.

Your catalog is available to organization administrators in all organizations.

Share A Catalog

Share a catalog to make its contents available to users in your organization. Users with the proper rights and
access level can use vApp templates and media from the shared catalog to create their own vApps.

You are at least a catalog author.

Procedure

1 Click Catalogs > My Organization's Catalogs.

2 Select a catalog, right-click, and select Share.

3 Click Add Members.

4 Select the users and groups with whom you want to share the catalog.

Option Action

Everyone in the organization

Specific users and groups

5 Select an access level and click OK.

Chapter 5 Working with Catalogs

Select this option to share the catalog with everyone.

Select this option, click specific users and groups, and click Add.

Option Supported Actions

Read Only

Read/Write

Full control

The actual actions a user can perform on a catalog and its contents depends on the intersection of the rights
of the user and their access level to the catalog. Sharing a catalog with full control does not grant a user
rights that the user does not already have.

6 Click OK.

Change the Owner of a Catalog

You can change the owner of a catalog. Before you can delete a user who owns a catalog, you must change the
owner or delete the catalog.

You are an organization administrator.

Procedure

1 Click Catalogs > My Organization's Catalogs.

2 On the Catalogs tab, right-click a catalog and select Change Owner.

3 Select a user from the list or search for one.

Open, Add to My Cloud, Download, Copy to Catalog

Open, Add to My Cloud, Download, Copy to Catalog, Publish, Move to
Catalog, Delete

Open, Add to My Cloud, Download, Copy to Catalog, Publish, Move to
Catalog, Delete, Share

You can search for a user by full name or their user name.

4 Click OK.

VMware, Inc. 47

vCloud Director User's Guide

Delete a Catalog

You can delete a catalog from your organization.

You are at least a catalog author.

Prerequisites

The catalog must not contain any vApp templates or media files. You can move these items to a different catalog
or delete them.

Procedure

1 Click Catalogs.

2 In the left pane, click My Organization's Catalogs.

3 Select a catalog, right-click, and select Delete.

4 Click Yes.

The empty catalog is deleted from your organization.

Modify the Properties of Your Catalog

You can review and modify your catalog properties.

You are at least a catalog author.

Procedure

1 Click Catalogs.

2 In the left pane, click My Organization's Catalogs.

3 Select a catalog, right-click, and select Properties.

4 Review the properties in the General, Sharing, and Publishing tabs.

5 Modify the relevant properties and click OK.

Your catalog properties are updated.

Understanding Catalogs and Their Contents

A catalog consists of a list of catalogs, vApp templates, and media files in your organization.

When you click the Catalogs button in the menu bar, these tabs appear.

n

Catalogs

n

vApp Templates

n

Media

If you are an organization administrator, you can access published catalogs in the left pane.

Using vApp Templates in a Catalog

You can access vApp templates in a catalog in your organization or, if you are an organization administrator,
from a published catalog.

To access a vApp template in a catalog in your organization, in the left pane, click My Organization's
Catalogs and click on the vApp Templates tab. Select a vApp template and right-click to see the operations
you can complete.

48 VMware, Inc.

Using Media Files in a Catalog

You can access media files in a catalog in your organization or, if you are a organization administrator, a
published catalog.

To access a media file in a catalog in your organization, in the left pane, click My Organization's Catalogs and
click on the Media tab. Select a media file and right-click to see the operations you can complete.

Working in Published Catalogs

Organization administrators can access a published catalog and copy its vApp templates and media files to a
catalog in their organization. They can then share the organization catalog with other members of their
organization so they can use the vApp templates and media files.

Accessing vApp Templates from a Public Catalog

You can access vApp templates from published catalogs and copy them to your catalog.

You are an organization administrator.

Procedure

1 Click Catalogs.

Chapter 5 Working with Catalogs

2 In the left pane, click Public Catalogs.

3 On the vApp Templates tab, select a vApp template, right-click and select an operation.

n

Open

n

Add to My Cloud

n

Download

n

Copy to Catalog

n

Properties

You cannot modify properties until you copy the vApp template to your catalog. If you select Add to My
Cloud, the vApp template is saved and added as a vApp.

4 Click OK.

The vApp template you selected is added to the specified catalog your organization.

Accessing a Media File from a Public Catalog

You can access a media file from a published catalog and add it to your organization.

You are an organization administrator.

Procedure

1 Click Catalogs.

2 In the left pane, click Public Catalogs.

Media files are available for use if they reside in the same vDC as your Cloud vApp.

3 On the Media tab, select a media file, right-click and select Copy to Catalog.

4 Click OK.

The media file is copied to your catalog.

VMware, Inc. 49

vCloud Director User's Guide

What to do next

You can select the media file and complete a variety of operations on it, such as move it to another catalog in
your organization, delete it, or modify its properties.

50 VMware, Inc.

Working with Media Files 6

The catalog allows you to upload, copy, move, and edit the properties of media files.

This chapter includes the following topics:

n

“Upload Media Files,” on page 51

n

“Resume the Upload of a Media File,” on page 52

n

“Copy Media Files to a Catalog,” on page 52

n

“Move Media Files to Another Catalog,” on page 52

n

“Delete Media Files,” on page 53

n

“Modify Media File Properties,” on page 53

Upload Media Files

You can upload media files to a catalog. Users with access to the catalog can use the media files to install
applications on their virtual machines.

You are at least a catalog author.

VMware, Inc.

Prerequisites

The computer from which you are uploading must have Java Plug-in 1.6.0_10 or later installed.

Procedure

1 Click Catalogs > My Organization's Catalogs.

2 On the Media tab, click the Upload button.

3 Type the path to the media file path or click Browse, locate the file, and click Upload.

4 Type a name and optional description for the media file.

This is the name that appears in vCloud Director.

5 Select the destination vDC and catalog.

6 Click Upload.

The media file is uploaded to the specified location. You can click the Launch Uploads and Downloads
Progress Window button to track the progress.

51

vCloud Director User's Guide

Resume the Upload of a Media File

If you paused, cancelled, or interrupted the upload of a media file, you can resume it.

n

You are at least a catalog author.

n

If you log out of vCloud Director and log in, transfer history is lost. You cannot resume the upload.

n

The default timeout for pending transfer sessions is one hour. You can configure this value.

n

During pending or stopped transfers, the session keep alive heartbeat kicks in every 15 minutes. To ensure
that the session does not time out while tasks are paused, make sure the session timeout value is more
than 15 minutes.

Prerequisites

You have initiated the upload or download of a media file.

Procedure

1 In the Launch the Uploads and Downloads Progress Window, click Pauseor Cancel.

The status changes to Stopped in the progress window and Waiting in the Media Files page.

2 In the Launch the Uploads and Downloads Progress Window, click Resume.

The upload or download process resumes.

3 Monitor the progress in the Launch the Uploads and Downloads Progress window.

Copy Media Files to a Catalog

You can copy media files to another catalog.

You are at least a catalog author.

Prerequisites

You have access to multiple vDCs.

Procedure

1 Click Catalogs.

2 On the Media tab, select a media file, right-click, and select Copy To Catalog.

3 Type a name and description.

4 Select the destination catalog and vDC.

5 Click OK.

The media file is copied to and stored in the selected catalog.

Move Media Files to Another Catalog

You can move media files to another catalog in your organization.

You are at least a catalog author.

Prerequisites

You have access to multiple catalogs and vDCs.

52 VMware, Inc.

Procedure

1 Click Catalogs.

2 On the Media tab, select a media file, right-click, and select Move To Catalog.

3 Select a catalog and a vDC.

The catalog you select must be in your organization.

4 Click OK.

The media file is moved to the selected catalog.

Delete Media Files

You can delete media files from your catalog.

You are at least a catalog author.

Procedure

1 Click Catalogs > My Organization's Catalogs.

2 On the Media tab, select a media file, right-click, select Delete.

3 Click Yes.

Chapter 6 Working with Media Files

The media file is deleted.

Modify Media File Properties

You can review and modify some properties of a media file.

You are at least a catalog author.

Procedure

1 Click Catalogs > My Organization's Catalogs.

2 On the Media tab, select a media file, right-click, and select Properties.

3 Modify the name or description.

4 Click OK.

VMware, Inc. 53

vCloud Director User's Guide

54 VMware, Inc.

Working with vApp Templates 7

A vApp template is a virtual machine image that is loaded with an operating system, applications, and data.
These templates ensure that virtual machines are consistently configured across an entire organization.

This chapter includes the following topics:

n

“Open a vApp Template,” on page 55

n

“Add a vApp Template to My Cloud,” on page 56

n

“Download a vApp Template,” on page 56

n

“Upload an OVF Package as a vApp Template,” on page 57

n

“Resume the Upload of a vApp Template,” on page 57

n

“Copy a vApp Template from a Public Catalog to an Organization Catalog,” on page 58

n

“Copy a vApp Template Between an Organization's Catalogs,” on page 58

n

“Move a vApp Template Between an Organization's Catalogs,” on page 59

n

“Delete a vApp Template,” on page 59

n

“Save a vApp as a vApp Template,” on page 59

n

“Modify vApp Template Properties,” on page 60

Open a vApp Template

You can open a vApp template to learn more about the virtual machines that it contains.

You are at least a vApp user.

Procedure

1 Click Catalogs.

2 In the left pane, click on a catalog option.

n

My Organization's Catalogs

n

Public Catalogs

You can open vApp templates in your organization's catalogs or, if you are an organization administrator,
from a public catalog.

3 On the vApp Templates tab, select a vApp template, right-click, and select Open.

VMware, Inc.

55

vCloud Director User's Guide

Add a vApp Template to My Cloud

You can add a vApp template as a vApp from your catalog to My Cloud.

You are at least a vApp author.

If the vApp template is based on an OVF file that includes OVF properties for customizing its virtual machines,
those properties are passed to the vApp. If any of those properties are user-configurable, you can specify the
values.

Prerequisites

A vApp template is available in a published or a locally shared catalog.

Procedure

1 Click Catalogs.

2 In the left pane, click on a catalog option.

n

My Organization's Catalogs

n

Public Catalogs

You can access vApp templates in your organization's shared catalogs or, if you are an organization
administrator, from a public catalog.

3 On the vApp Templates tab, select a vApp template, right-click, and select Add to My Cloud.

4 Type a name and optional description for the vApp.

5 Select a runtime and storage lease and click Next.

6 Select a virtual datacenter, configure the virtual machines in the vApp, and click Next.

7 Configure the custom properties, if any, and click Next.

8 Configure the networking options for the vApp and click Next.

9 Review the vApp summary information and click Finish.

vCloud Director creates a vApp on the My Cloud > vApps page.

Download a vApp Template

You can download a vApp template from a catalog locally as an OVF file.

You are at least a catalog author.

Prerequisites

The computer from which you are downloading must have Java Plug-in 1.6.0_10 or later installed.

Procedure

1 Click Catalogs.

2 In the left pane, click on a catalog option.

n

My Organization's Catalogs

n

Public Catalogs

You can download vApp templates from your organization's catalogs or, if you are an organization
administrator, from a public catalog.

3 On the vApp Templates tab, select a vApp template, right-click, and select Download.

56 VMware, Inc.

4 Navigate to the local folder where you want to save the OVF file and click Save.

You can click the Launch Uploads and Downloads Progress Window button from My Organization's
Catalogs to track the progress.

Upload an OVF Package as a vApp Template

You can upload an OVF package from remote shares and your local directory to vCloud Director as a vApp
template.

You are at least a catalog creator.

vCloud Director supports OVFs based on the Open Virtualization Format (OVF) Specification. If you upload
an OVF file that includes OVF properties for customizing its virtual machines, those properties are preserved
in the vApp template.

Prerequisites

n

The computer from which you are uploading must have Java Plug-in 1.6.0_10 or later installed.

n

For information about creating OVFs, see the OVF Tool User Guide and VMware vCenter Converter 4.0.1
User's Guide.

n

vCloud Director does not support uploading compressed OVF files.

Chapter 7 Working with vApp Templates

Procedure

1 Click Catalogs > My Organization's Catalogs.

2 On the vApp Templates tab, click the Upload button.

3 Type the name and path of the OVF file to upload, or click Browse, select the OVF file, and click

Upload.

4 Type a name and optional description for the vApp template.

5 Select a destination vDC and catalog.

6 Click Upload.

You can click the Launch Uploads and Downloads Progress Window button to track the progress.

What to do next

Verify that VMware Tools is installed in each virtual machine in the vApp. See “Installing VMware Tools in a

vApp,” on page 95.

Resume the Upload of a vApp Template

If the upload process is interrupted, paused, or cancelled you can resume it.

n

You are at least a catalog creator.

n

If you log out of vCloud Director and log in, transfer history is lost. You cannot resume the upload.

n

The default timeout for pending transfer sessions is one hour. You can configure this value up to one hour.

n

During pending or stopped transfers, the session keep alive heartbeat kicks in every 15 minutes. To ensure
that the session does not time out while tasks are paused, make sure the session timeout value is more
than 15 minutes.

Prerequisites

You have initiated the upload or download of a vApp template.

VMware, Inc. 57

vCloud Director User's Guide

Procedure

1 In the Launch Uploads and Downloads Progress Window, click Pauseor Cancel.

The status changes to Stopped in the progress window and Waiting in the vApp Template page.

2 In the Launch Uploads and Downloads Progress Window, click Resume.

The upload or download process resumes.

3 Monitor the progress in the Launch Uploads and Downloads Progress Window .

Copy a vApp Template from a Public Catalog to an Organization Catalog

You can copy a vApp template from a public catalog to your organization catalog to make it available to users
in your organization.

You are a vApp author or organization administrator.

Prerequisites

You have a catalog and vDC.

Procedure

1 Click Catalogs.

2 In the left pane, click Public Catalogs.

3 On the vApp Templates tab, select a vApp template, right-click, and select Copy To Catalog.

4 Type a name and optional description for the vApp.

5 Select a destination catalog and vDC.

Select a shared catalog to give organization users access to the template.

6 Click OK.

vCloud Director copies the vApp template to the organization catalog. The vApp appears on the vApp
Templates tab in My Organization's Catalogs.

Copy a vApp Template Between an Organization's Catalogs

You can copy a vApp template from one catalog in your organization to another catalog in the same
organization. This is useful if the catalogs are shared with different users and you want both groups of users
to have access to the vApp template.

You are an organization administrator, catalog author, or vApp author.

Prerequisites

You must have access to at least two catalogs and a vDC with available space.

Procedure

1 Click Catalogs > My Organization's Catalogs.

2 On the vApp Templates tab, right-click a vApp template and select Copy to Catalog.

3 Type a name and optional description for the vApp template.

4 Select the destination catalog and vDC.

If you select a published catalog, the vApp template will be available to all organizations in the vCloud
Director installation.

5 Click OK.

58 VMware, Inc.

Chapter 7 Working with vApp Templates

Move a vApp Template Between an Organization's Catalogs

You can move a vApp template from one catalog in your organization to another catalog in the same
organization. This is useful if you want to move a template from a published catalog to an unpublished catalog
or the reverse.

You are an organization administrator or catalog author.

Prerequisites

You must have access to at least two catalogs and a vDC with available space.

Procedure

1 Click Catalogs > My Organization's Catalogs.

2 On the vApp Templates tab, right-click a vApp template and select Move To Catalog.

3 Select a destination catalog and vDC.

If you select a published catalog, the vApp template will be available to all organizations in the vCloud
Director installation.

4 Click OK.

vCloud Director copies the source vApp template to the destination catalog and then deletes the source vApp
template.

Delete a vApp Template

You can delete a vApp template from an organization catalog. If the catalog is published, the vApp template
is also deleted from Public Catalogs.

You are at least a vApp author.

Procedure

1 Click Catalogs > My Organization's Catalogs.

2 On the vApp Templates tab, select a vApp template, right-click, and select Delete.

3 Click Yes.

The selected vApp is deleted.

Save a vApp as a vApp Template

You can save a vApp to a catalog as a vApp template.

You are at least a vApp author.

Prerequisites

n

Your organization has a catalog and a vDC with available space.

n

The vApp must be stopped.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Right-click a vApp and select Add to Catalog.

VMware, Inc. 59

vCloud Director User's Guide

4 Type a name and optional description for the vApp template.

5 Select a vDC, a catalog, and a storage lease.

6 Select a vApp creation option.

This option applies when creating a vApp based on this template. It is ignored when building a vApp
using individual virtual machines from this template.

Option Description

Make identical copy

Customize VM settings

vApps that are created from this vApp template must follow the guest
operating system settings of the vApp template. If you select this option, and
guest customization is enabled, the guest operating system is personalized.

Guest operating system is personalized regardless of the vApp template
settings, and the guest operating system is personalized when the vApp is
deployed. This option requires that a supported version of VMware Tools
be installed on all virtual machines in the vApp.

7 Click OK.

The vApp is saved as a vApp template and appears in the destination catalog.

Modify vApp Template Properties

You can modify some basic properties of a vApp template. To make more advanced changes to a vApp
template, add it to My Cloud, make the changes, then add it back to the catalog as a new vApp template.

You are an organization administrator.

Procedure

1 Click Catalogs > My Organization's Catalogs.

2 On the vApp Templates tab, right-click a vApp template and select Properties.

3 On the General tab, modify the vApp template name and description.

4 Select a vApp creation option.

This option applies when creating a vApp based on this template. It is ignored when building a vApp
using individual virtual machines from this template.

Option Description

Make identical copy

Customize VM settings

vApps that are created from this vApp template must follow the guest
operating system settings of the vApp template. If you select this option, and
guest customization is enabled, the guest operating system is personalized.

Guest operating system is personalized regardless of the vApp template
settings, and the guest operating system is personalized when the vApp is
deployed. This option requires that a supported version of VMware Tools
be installed on all virtual machines in the vApp.

5 Choose whether or not to mark the vApp template as a Gold Master in the catalog.

If you mark a vApp template as a Gold Master, this information appears in the list of vApp templates.

6 To reset the vApp template storage lease, select the Reset lease check box and select a new storage lease.

7 Click OK.

60 VMware, Inc.

Working with vApps 8

A vApp consists of one or more virtual machines that communicate over a network and use resources and
services in a deployed environment. A vApp can contain multiple virtual machines.

This chapter includes the following topics:

n

“Create a vApp From a vApp Template,” on page 62

n

“Create a New vApp,” on page 62

n

“Copy a vApp,” on page 64

n

“Start a vApp,” on page 64

n

“Start a vApp with an Older Version of VMware Tools,” on page 64

n

“Stop a vApp,” on page 65

n

“Suspend a vApp,” on page 65

n

“Discard the Suspended State of a vApp,” on page 65

n

“Reset a vApp or Virtual Machine,” on page 66

n

“View vApp Virtual Machines,” on page 66

VMware, Inc.

n

“Add Virtual Machines to a vApp,” on page 66

n

“Remove Virtual Machines from a vApp,” on page 67

n

“Set vApp Start and Stop Options,” on page 67

n

“Working with Networks in a vApp,” on page 68

n

“Display a vApp Diagram,” on page 78

n

“Modify a vApp Name and Description,” on page 78

n

“Modify vApp OVF Environment Properties,” on page 79

n

“Reset vApp Leases,” on page 79

n

“Share a vApp,” on page 79

n

“Change the Owner of a vApp,” on page 80

n

“Upgrade the Virtual Hardware Version for a vApp,” on page 80

n

“Save vApp as a vApp Template to Your Catalog,” on page 81

n

“Copy a vApp to Another vDC,” on page 81

n

“Move a vApp to Another vDC,” on page 81

61

vCloud Director User's Guide

n

“Delete a vApp,” on page 82

Create a vApp From a vApp Template

You can create a new vApp based on a vApp template stored in a catalog to which you have access.

n

Only organization administrators and vApp authors can access vApp templates in public catalogs.

n

vApp users and above can access vApp templates in organization catalogs shared to them.

If the vApp template is based on an OVF file that includes OVF properties for customizing its virtual machines,
those properties are passed to the vApp. If any of those properties are user-configurable, you can specify the
values.

Procedure

1 Click My Cloud > vApps.

2 Click the Add vApp from Catalog button.

3 Select My organization's catalogs or Public catalogs from the drop-down menu.

4 Select a vApp template and click Next.

5 Type a name and optional description for the vApp.

6 Select a runtime and storage lease and click Next.

7 Select a virtual datacenter, configure the virtual machines in the vApp, and click Next.

8 Configure the custom properties, if any, and click Next.

9 Configure the networking options for the vApp and click Next.

10 Review the vApp summary information and click Finish.

vCloud Director creates a vApp in My Cloud.

Create a New vApp

If you don't want to create a vApp based on a vApp template, you can create a new vApp using virtual machines
from vApp templates, new virtual machines, or a combination of both.

You are at least a vApp author.

Procedure

1 Complete the vApp Profile on page 63

When you create a new vApp, you must provide some basic information.

2 Add Virtual Machines to the vApp on page 63

You can search your catalogs for virtual machines to add to the vApp or add new, blank virtual machines.

3 Configure the Virtual Machines on page 63

Select the virtual datacenter (vDC) in which this vApp is stored and runs when it's started. Name each
virtual machine and select the network to which you want it to connect. You can configure additional
properties for virtual machines after you complete the wizard.

4 Configure Networks on page 63

You can determine how the vApp, its virtual machines, and its networks connect to the organization's
networks.

62 VMware, Inc.

Chapter 8 Working with vApps

Complete the vApp Profile

When you create a new vApp, you must provide some basic information.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps and click the Build New vApp button.

3 Type a name and optional description.

4 Select a runtime and storage lease and click Next.

Add Virtual Machines to the vApp

You can search your catalogs for virtual machines to add to the vApp or add new, blank virtual machines.

You must be an organization administrator or vApp author to access public catalogs.

Procedure

1 To add virtual machines from vApp templates, select My organization's catalogs or Public catalogs from

the drop-down menu, select one or more virtual machines, and click Add.

2 To add a new virtual machine, click New Virtual Machine, provide the required information about the

virtual machine, and click OK.

After you finish creating the new vApp, you can power on the new virtual machine and install an operating
system.

3 Click Next.

Configure the Virtual Machines

Select the virtual datacenter (vDC) in which this vApp is stored and runs when it's started. Name each virtual
machine and select the network to which you want it to connect. You can configure additional properties for
virtual machines after you complete the wizard.

Procedure

1 Select a vDC.

2 (Optional) Modify the full name and computer name of each virtual machine.

3 Select a primary NIC and network for each virtual machine.

4 Select an IP assignment method for each NIC.

If you select Static - Manual, type the IP address.

5 Click Next.

Configure Networks

You can determine how the vApp, its virtual machines, and its networks connect to the organization's
networks.

Procedure

1 Select Show networking details.

2 Review the network information.

3 Click Next.

VMware, Inc. 63

vCloud Director User's Guide

4 Review the summary for the vApp.

5 Click Finish.

Copy a vApp

To create a new vApp based on an existing vApp, you can copy a vApp and modify the copy to meet your
needs.

You are at least a vApp user.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Copy to.

4 Type a name and optional description.

5 Select a vDC.

6 Click OK.

What to do next

Modify the contents and properties of the new vApp.

Start a vApp

Starting a vApp powers on all the virtual machines in the vApp that are not already powered on.

You are at least a vApp author.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right click, and select Start.

Start a vApp with an Older Version of VMware Tools

If a virtual machine in a vApp has an older version of VMware Tools installed and is enabled for guest
customization, you might not be able to start it.

Procedure

1 Click My Cloud.

2 In the left pane, select vApps.

3 Select a vApp, right-click, and select Open.

4 Select a virtual machine, right-click, and select Properties.

5 On the Guest OS Customization tab, deselect the Enable Guest Customization check box and click OK.

6 (Optional) Repeat this step for all your virtual machines.

7 Select the vApp, right-click, and select Start.

64 VMware, Inc.

Stop a vApp

Stopping a vApp powers off or shuts down all the virtual machines in the vApp. You must stop a vApp before
you can perform certain actions. For example, adding it to a catalog, copying it, moving it, and so on.

You can specify whether stopping a vApp powers off or shuts down its virtual machines in the vApp properties
page.

Prerequisites

The vApp must be started.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Stop.

4 Click OK.

Suspend a vApp

Chapter 8 Working with vApps

You can suspend a vApp to save its current state.

Prerequisites

The vApp is running.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Suspend.

The vApp is stopped and is labeled as Stopped.

Discard the Suspended State of a vApp

You can discard the suspended state of a vApp.

Prerequisites

The vApp must be stopped and in a suspended state.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Discard Suspended State.

4 Click Yes.

VMware, Inc. 65

vCloud Director User's Guide

Reset a vApp or Virtual Machine

Resetting a virtual machine clears state (memory, cache, and so on), but the vApps and virtual machines
continue to run.

Prerequisites

Your vApp is started and virtual machine is powered on.

Procedure

1 Click My Cloud.

2 In the left pane, select vApps or VMs.

3 Select a vApp or virtual machine, right-click, and select Reset.

View vApp Virtual Machines

You can access and display the virtual machines in a vApp.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Open.

4 Click on the Virtual Machines tab.

Add Virtual Machines to a vApp

You can add virtual machines to a vApp.

You must be an organization administrator or vApp author to access virtual machines in public catalogs.

If the virtual machine is based on an OVF file that includes OVF properties for customization, those properties
are retained in the vApp. If any of those properties are user-configurable, you can specify the values in the
virtual machine's properties pane after you add it to the vApp.

For information about supported network adapter types, see http://kb.vmware.com/kb/1001805.

Procedure

1 Click the My Cloud tab and click vApps in the left pane.

2 Right-click the vApp and select Open.

3 On the Virtual Machines tab, click the Add VM button.

4 To add virtual machines from vApp templates, select My organization's catalogs or Public catalogs from

the drop-down menu, select one or more virtual machines, and click Add.

5 To add a new virtual machine, click New Virtual Machine, provide the required information about the

virtual machine, and click OK.

After you finish creating the new vApp, you can power on the new virtual machine and install an operating
system.

6 Click Next.

7 (Optional) Modify the full name and computer name of each virtual machine.

8 Select a primary NIC and network for each virtual machine.

66 VMware, Inc.

9 (Optional) Select Show network adapter type and select a type for each NIC.

10 Select an IP assignment method for each NIC.

If you select Static - Manual, type the IP address.

11 Click Next.

12 Select Show networking details, review the network information, and click Next.

13 Review the summary for the vApp and click Finish.

Remove Virtual Machines from a vApp

You can remove virtual machines from a vApp.

You are at least a vApp author.

Prerequisites

The virtual machine is powered off.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

Chapter 8 Working with vApps

3 Select a vApp, right-click, and select Open.

4 On the Virtual Machines tab, select a virtual machine, right-click and select Delete.

5 Click Yes.

Set vApp Start and Stop Options

You can specify certain options that affect what happens to the virtual machines when a vApp is started and
stopped.

You are at least a vApp user.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Properties.

4 On the Starting and Stopping VMs tab, specify the options.

Option Description

Order

Start Action

Start Delay

Stop Action

Stop Delay

For vApps with multiple virtual machines, you can specify the order in which
the machines start and stop by typing numbers in the text box. Virtual
machines with lower numbers start first. You cannot enter negative numbers.

Determines what happens to virtual machines when you start the vApp that
contains them. By default, this option is set to Power On.

How many seconds to wait between when you start a vApp and when
vCloud Director powers on each virtual machine.

Determines what happens to virtual machines when you stop the vApp that
contains them. By default, this option is set to Power Off, but you can also
set it to Shutdown.

How many seconds to wait between when you stop a vApp and when
vCloud Director powers off or shuts down each virtual machine.

VMware, Inc. 67

vCloud Director User's Guide

5 Click OK.

Working with Networks in a vApp

The virtual machines in a vApp can connect to vApp networks (isolated or routed) and organization networks
(direct or fenced). You can add networks of different types to a vApp to address multiple networking scenarios.

Select the Networking tab in a vApp and select the Show networking details check box to view a list of the
networks that are available to the vApp. Virtual machines in the vApp can connect to these networks. If you
want to connect a virtual machine to a different network, you must first add it to the vApp.

A vApp can include vApp networks and organization networks. A vApp network can be isolated by selecting
None in the Connection drop-down menu. An isolated vApp network is totally contained within the vApp.
You can also route a vApp network to an organization network to provide connectivity to virtual machines
outside of the vApp. For routed vApp networks, you can configure network services, such as a firewall and
static routing.

You can connect a vApp directly to an organization network. If you have multiple vApps that contain identical
virtual machines connected to the same organization network and you want to start the vApps at the same
time, you can fence the vApp. This allows you to power on the virtual machines without conflict, by isolating
their MAC and IP addresses.

View vApp Networks

You can access and display the networks in a vApp.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Open.

4 Click on the Networking tab.

5 Select the Show networking details to display details about each network.

Add a vApp Network to a vApp

Add a vApp network to a vApp to make the network available to virtual machines in the vApp.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps, right-click, and select Open.

3 On the Networking tab, select the Show networking details check box.

4 Click the Add Network button.

5 Select vApp Network and click Next.

6 Type the network specifications and click Next.

7 Type a network name and optional description and click Next.

8 Review your vApp network settings and click Finish.

vCloud Director creates an isolated vApp network and displays it in the network list.

9 (Optional) Select an organization network in the Connection drop-down menu.

This routes the vApp network to the organization network.

68 VMware, Inc.

Chapter 8 Working with vApps

10 Click Apply.

What to do next

Connect a virtual machine in the vApp to the network.

Add an Organization Network to a vApp

Add an organization network to a vApp to make the network available to virtual machines in the vApp.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps, right-click, and select Open.

3 On the Networking tab, select the Show networking details check box.

4 Click the Add Network button.

5 Select Organization Network and click Next.

6 Select an organization network and click Finish.

vCloud Director adds the organization network and displays it in the network list.

7 (Optional) Select the Fence vApp check box.

This changes the connection from Direct to Fenced for all organization networks in the vApp. Fencing
allows identical virtual machines in different vApps to be powered on without conflict by isolating the
MAC and IP addresses of the virtual machines.

8 Click Apply.

What to do next

Connect a virtual machine in the vApp to the network.

Configuring Network Services for a vApp Network

You can configure network services, such as DHCP, firewalls, network address translation (NAT), and static
routing for certain vApp networks.

The network services available depend on the type of vApp network.

Table 8-1. Network Services Available by Network Type

vApp Network Type DHCP Firewall NAT Static Routing

Direct

Routed X X X X

Isolated X

Configure DHCP for an vApp Network

You can configure certain vApp networks to provide DHCP services to virtual machines in the vApp.

When you enable DHCP for a vApp network, connect a NIC on virtual machine in the vApp to that network,
and select DHCP as the IP mode for that NIC, vCloud Director assigns a DHCP IP address to the virtual
machine when you power it on.

Prerequisites

A routed vApp network or an isolated vApp network.

VMware, Inc. 69

vCloud Director User's Guide

Procedure

1 Click the My Cloud tab and click vApps in the left pane.

2 Right-click a vApp and select Open.

3 On the Networking tab, select Show networking details.

4 Right-click the vApp network and select Configure Services.

5 Click the DHCP tab and select Enable DHCP.

6 Type a range of IP addresses or use the default range.

vCloud Director uses these addresses to satisfy DHCP requests. The range of DHCP IP addresses cannot
overlap with the static IP pool for the vApp network.

7 Set the default lease time and maximum lease time or use the default values and click OK.

8 Click Apply.

vCloud Director updates the network to provide DHCP services.

Enable the Firewall for a vApp Network

You can configure certain vApp networks to provide firewall services. Enable the firewall on a vApp network
to enforce firewall rules on incoming traffic, outgoing traffic, or both.

When you enable the firewall, you can specify a default firewall action to deny all incoming and outgoing
traffic or to allow all incoming and outgoing traffic. You can also add specific firewall rules to allow or deny
traffic that matches the rules to pass through the firewall. These rules take precedence over the default firewall
action. See “Add a Firewall Rule to a vApp Network,” on page 71.

If a system administrator specified syslog server settings and those settings have been applied to the vApp
network, then you can log events related to the default firewall action. For information about applying syslog
server settings, see “Apply Syslog Server Settings to a vApp Network,” on page 78. To view the current syslog
server settings see “View Syslog Server Settings for a vApp Network,” on page 77.

Prerequisites

A routed vApp network.

Procedure

1 Click the My Cloud tab and click vApps in the left pane.

2 Right-click a vApp and select Open.

3 On the Networking tab, select Show networking details.

4 Right-click the vApp network and select Configure Services.

5 Click the Firewall tab and select Enable firewall.

6 Select the default firewall action.

7 (Optional) Select the Log check box to log events related to the default firewall action.

8 Click OK.

9 Click Apply.

70 VMware, Inc.

Chapter 8 Working with vApps

Add a Firewall Rule to a vApp Network

You can add firewall rules to a vApp network that supports a firewall. You can create rules to allow or deny
traffic that matches the rules to pass through the firewall.

In order for a firewall rule to be enforced, you must enable the firewall for the vApp network. See “Enable the

Firewall for a vApp Network,” on page 70.

When you add a new firewall rule to a vApp network, it appears at the bottom of the firewall rule list. See

“Reorder Firewall Rules for a vApp Network,” on page 72 for information about setting the order in which

firewall rules are enforced.

If a system administrator specified syslog server settings and those settings have been applied to the vApp
network, then you can log firewall rule events. For information about applying syslog server settings, see

“Apply Syslog Server Settings to a vApp Network,” on page 78. To view the current syslog server settings

see “View Syslog Server Settings for a vApp Network,” on page 77.

Prerequisites

A routed vApp network.

Procedure

1 Click the My Cloud tab and click vApps in the left pane.

2 Right-click a vApp and select Open.

3 On the Networking tab, select Show networking details.

4 Right-click the vApp network and select Configure Services.

5 Click the Firewall tab and click Add.

6 Type a name for the rule.

7 Select the traffic direction.

8 Type the source IP address and select the source port.

For incoming traffic, the source is the organization network. For outgoing traffic, the source is the vApp
network.

9 Type the destination IP and select the destination port.

For incoming traffic, the destination is the vApp network. For outgoing traffic, the destination is the
organization network.

10 Select the protocol.

11 Select the action.

A firewall rule can allow or deny traffic that matches the rule.

12 Select the Enabled check box.

13 (Optional) Select the Log network traffic for firewall rule check box.

If you enable this option, vCloud Director sends log events to the syslog server for connections affected
by this rule.

14 Click OK and OK.

15 Click Apply.

VMware, Inc. 71

vCloud Director User's Guide

Reorder Firewall Rules for a vApp Network

Firewall rules are enforced in the order in which they appear in the firewall list. You can change the order of
the rules in the list.

When you add a new firewall rule to a vApp network, it appears at the bottom of the firewall rule list. If you
want to enforce the new rule before an existing rule, reorder the rules.

Prerequisites

A routed vApp network with two or more firewall rules.

Procedure

1 Click the My Cloud tab and click vApps in the left pane.

2 Right-click a vApp and select Open.

3 On the Networking tab, select Show networking details.

4 Right-click the vApp network and select Configure Services.

5 Click the Firewall tab.

6 Drag and drop the firewall rules to establish the order in which the rules are applied.

7 Click OK.

8 Click Apply.

Enable IP Masquerading for a vApp Network

You can configure certain vApp networks to provide IP masquerade services. Enable IP masquerading on a
vApp network to hide the internal IP addresses of virtual machines from the organization network.

When you enable IP masquerade, vCloud Director translates a virtual machine's private, internal IP address
into a public IP address for outbound traffic.

Prerequisites

A routed vApp network.

Procedure

1 Click the My Cloud tab and click vApps in the left pane.

2 Right-click a vApp and select Open.

3 On the Networking tab, select Show networking details.

4 Right-click the vApp network and select Configure Services.

5 Click the NAT tab and select Port Forwarding.

6 Select Enable IP Masquerade and click OK.

7 Click Apply.

Add a Port Forwarding Rule to a vApp Network

You can configure certain vApp networks to provide port forwarding by adding a NAT mapping rule. Port
forwarding provides external access to services running on virtual machines on the vApp network.

When you configure port forwarding, vCloud Director maps an external port to a service running on a port
on a virtual machine for inbound traffic.

72 VMware, Inc.

Chapter 8 Working with vApps

When you add a new port forwarding rule to a vApp network, it appears at the bottom of the NAT mapping
rule list. For information about how to set the order in which port forwarding rules are enforced, see “Reorder

Port Forwarding Rules for a vApp Network,” on page 74.

Prerequisites

A routed vApp network.

Procedure

1 Click the My Cloud tab and click vApps in the left pane.

2 Right-click a vApp and select Open.

3 On the Networking tab, select Show networking details.

4 Right-click the vApp network and select Configure Services.

5 Click the NAT tab, select Port Forwarding, and click Add.

6 Configure the port forwarding rule.

a Select an external port.

b Select an internal port.

c Select a protocol for the type of traffic to forward.

d Select a VM interface.

e Click OK.

7 Click OK.

8 Click Apply.

Add an IP Translation Rule to a vApp Network

You can configure certain vApp networks to provide IP translation by adding a NAT mapping rule.

When you create an IP translation rule for a network, vCloud Director adds a DNAT and SNAT rule to the
vShield Edge associated with the network's port group. The DNAT rule translates an external IP address to an
internal IP address for inbound traffic. The SNAT rule translates an internal IP address to an external IP address
for outbound traffic. If the network is also using IP masquerade, the SNAT rule takes precedence.

Prerequisites

A routed vApp network.

Procedure

1 Click the My Cloud tab and click vApps in the left pane.

2 Right-click a vApp and select Open.

3 On the Networking tab, select Show networking details.

4 Right-click the vApp network and select Configure Services.

5 Click the NAT tab, select IP Translation, and click Add.

6 Select a VM interface and mapping mode and click OK.

For Manual mapping mode, type an external IP address.

7 Click OK.

8 Click Apply.

VMware, Inc. 73

vCloud Director User's Guide

Reorder Port Forwarding Rules for a vApp Network

Port forwarding rules are enforced in the order in which they appear in the NAT mapping list. You can change
the order of the rules in the list.

When you add a new port forwarding rule to a vApp network, it appears at the bottom of the NAT mapping
rule list. To enforce the new rule before an existing rule, reorder the rules.

Prerequisites

A routed vApp network with two or more port forwarding rules.

Procedure

1 Click the My Cloud tab and click vApps in the left pane.

2 Right-click a vApp and select Open.

3 On the Networking tab, select Show networking details and click Details.

4 On the NAT tab, click and drag the rules to establish the order in which the rules are applied and click

OK.

5 Click Apply.

Enable Static Routing for a vApp Network

You can configure certain vApp networks to provide static routing services. After you enable static routing on
two or more vApp networks, you can add static routes to allow virtual machines on different vApp networks
to communicate.

To route traffic between two vApp networks, you must enable static routing on both networks.

Prerequisites

A routed vApp network.

Procedure

1 Click the My Cloud tab and click vApps in the left pane.

2 Right-click a vApp and select Open.

3 On the Networking tab, select Show networking details.

4 Right-click the vApp network and select Configure Services.

5 On the Static Routing tab, select Enable static routing and click OK.

6 Click Apply.

What to do next

Enable static routing on another vApp network and create static routes between the two vApp networks.

Add Static Routes to vApp Networks

You can add static routes between two vApp networks that are routed to the same organization network. Static
routes allow traffic between the networks.

You cannot add static routes to a fenced vApp or between overlapping networks. After you add a static route
to a vApp network, configure the network firewall rules to allow traffic on the static route. For vApps with
static routes, you should select the Always use assigned IP addresses until this vApp or associated networks
are deleted check box.

74 VMware, Inc.

Chapter 8 Working with vApps

Static routes only function when the vApps containing the routes are running. If you change the parent network
of a vApp, delete a vApp, or delete a vApp network, and the vApp includes static routes, those routes cannot
function and you must remove them manually.

Prerequisites

n

vShield 5.0.

n

Two vApp networks routed to the same organization network.

n

The vApp networks are in vApps that were started at least once.

n

Static routing is enabled on both vApp networks.

Procedure

1 Click the My Cloud tab and click vApps in the left pane.

2 Right-click the first vApp and select Open.

3 On the Networking tab, select Show networking details.

4 Right-click the vApp network and select Configure Services.

5 On the Static Routing tab, click Add.

6 Type a name, network address, and next hop IP and click OK.

The network address is for the vApp network to which you want to add a static route. The next hop IP is
the external IP address of that vApp network's router.

7 Click OK.

8 Click Apply.

9 Repeat Step 2 through Step 8 for the second vApp network.

Example: Static Routing Example

vApp Network 1 and vApp Network 2 are both routed to Org Network Shared. You can create a static route
on each vApp network to allow traffic between the networks. You can use information about the vApp
networks to create the static routes.

Table 8-2. Network Information

Network Name Network Specification Router External IP Address

vApp Network 1 192.168.1.0/24 192.168.0.100

vApp Network 2 192.168.2.0/24 192.168.0.101

Org Network Shared 192.168.0.0/24 NA

On vApp Network 1, create a static route to vApp Network 2. On vApp Network 2, create a static route to
vApp Network 1.

Table 8-3. Static Routing Settings

vApp Network Route Name Network Next Hop IP Address

vApp Network 1 tovapp2 192.168.2.0/24 192.168.0.101

vApp Network 2 tovapp1 192.168.1.0/24 192.168.0.100

What to do next

Create firewall rules for the vApp networks to allow traffic on the static routes.

VMware, Inc. 75

vCloud Director User's Guide

Reset Your vApp Network

If the network services, such as DHCP settings, firewall settings, and so on, that are associated with a vApp
network are not working as expected, an organization administrator can reset the network. Network services
are not available during the reset.

Prerequisites

The vApp is running.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Open.

4 On the Networking tab, select the Show networking details check box.

5 Select a vApp network, right-click, and select Reset Network.

6 Click Yes.

Delete a vApp Network

If you no longer need a network in your vApp, you can delete the network.

Prerequisites

The vApp is stopped and no virtual machines in the vApp are connected to the network.

Procedure

1 Click My Cloud.

2 In the left pane, selectvApps.

3 Select a vApp, right-click, and select Open.

4 On the Networking tab, select the Show networking details check box.

5 Right-click a network in the list and select Delete.

6 Click Apply.

Modify Network Properties

You can modify the properties of the networks in a vApp.

Procedure

1 Select Administration.

2 Select Cloud Resources > Networks.

3 Select a network, right-click, and select Properties.

You can modify the name, description, and portions of the network specification.

4 Modify the relevant properties and click OK.

5 Click Apply.

76 VMware, Inc.

Chapter 8 Working with vApps

Display the IP Allocations for Your vApp Network

You can review the IP allocations for the networks in your vApp.

Procedure

1 Click My Cloud.

2 In the left pane, selectvApps.

3 Select a vApp, right-click, and select Open.

4 On the Networking tab, select the Show networking detailscheck box.

5 Select a network, right-click, and select IP Allocations.

6 Review your allocations and click OK.

Configure IP Address Persistence

By default, when you stop a running vApp or power off a virtual machine, vCloud Director releases any IP
and MAC addresses the virtual machines were using. You can configure a vApp to retain the network addresses
of its virtual machines until the vApp, VM, or network is deleted.

Static routing relies on the IP addresses of the virtual machines and virtual routers in a vApp. For vApps that
use static routing, enable IP persistence to make sure that static routes to and from the vApp remain valid.

Procedure

1 Click My Cloud.

2 In the left pane, selectvApps.

3 Select a vApp, right-click, and select Open.

4 On the Networking tab, select the Always use assigned IP addresses...check box and click Apply.

The virtual machines in the vApp keep their assigned IP and MAC addresses, even when they are powered
off.

View Syslog Server Settings for a vApp Network

You can view the syslog server settings for a routed vApp network.

vCloud Director supports logging events related to firewall rules to a syslog server specified by a system
administrator.

If a vApp network does not have any syslog server settings and you think it should, or if the settings are not
what you expected, then you can synchronize the network with the most current syslog server settings. See

“Apply Syslog Server Settings to a vApp Network,” on page 78. If there is still a problem after you

synchronize, contact your system administrator.

Prerequisites

A routed vApp network.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Open.

4 On the Networking tab, select a vApp network, right-click, and select Properties.

VMware, Inc. 77

vCloud Director User's Guide

5 Click the Syslog Server Settings tab.

Apply Syslog Server Settings to a vApp Network

You apply syslog server settings to a routed vApp network to enable firewall rule logging.

Syslog server settings can only be specified by a system administrator. You should apply those settings to any
vApp network that was created before the system administrator specified them. You should also apply the
syslog server settings to a vApp network any time a system administrator changes the settings.

Prerequisites

A routed vApp network.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Open.

4 On the Networking tab, select a vApp network, right-click, and select Synchronize syslog server

settings.

5 Click Yes.

Display a vApp Diagram

A vApp diagram provides a graphical view of the virtual machines and networks in a vApp.

Procedure

1 Click My Cloud.

2 On the vApps page, select a vApp, right-click, and select Open.

3 Click the vApp Diagram tab.

The vApp diagram is displayed.

What to do next

You can perform most of the same operations from this tab that you can from the Virtual Machines and
Networking tabs.

Modify a vApp Name and Description

You can change the name and description associated with a vApp to make it more meaningful.

You are at least a vApp user.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Properties.

4 On the General tab, modify the vApp name and description and click OK.

78 VMware, Inc.

Modify vApp OVF Environment Properties

If a vApp includes user-configurable OVF environment properties, you can review and modify those
properties.

If a virtual machine in the vApp includes a value for a user-configurable property of the same name, the virtual
machine value takes precedence.

Prerequisites

The vApp is stopped and its OVF environment includes user-configurable properties.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Properties.

4 On the Custom Properties tab, modify the properties and click OK.

Reset vApp Leases

Chapter 8 Working with vApps

You can reset the runtime and storage leases for a vApp.

You are at least a vApp user.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Properties.

4 On the General tab, select the Reset leases check box, select a runtime and storage lease, and click OK.

Share a vApp

You can share your vApps with other groups or users in your organization. The access controls you set
determine the operations that can be completed on the shared vApps.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Share.

4 Click Add Members.

5 Select the users with whom you want to share the vApp.

Option Action

Everyone in the organization

Specific users and group

VMware, Inc. 79

Select this option.

Select this option, select the users and groups, and click Add.

vCloud Director User's Guide

6 Select an access level for the users and groups.

Option Description

Full control

Read/write

Read only

7 Click OK.

Your vApp is shared with the specified users or groups.

Change the Owner of a vApp

You can change the owner of the vApp, for example, if a vApp owner leaves the company or changes roles
within the company.

You are an organization administrator.

Procedure

1 Click My Cloud.

Users can open, start, save a vApp as a vApp template (Add to Catalog),
change the owner, copy to a catalog, and modify properties.

Users can open, start, save a vApp as a vApp template (Add to Catalog),
copy to catalog, and modify properties.

Users only have read access to a vApp.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Change Owner.

4 Search for a user or select one from the list.

You can search by user name or full name.

5 Click OK.

The new owner's name appears in the Owner column on the vApp page.

Upgrade the Virtual Hardware Version for a vApp

You can upgrade the virtual hardware version for all the virtual machines in a vApp. Higher virtual hardware
versions support more features.

vCloud Director supports hardware version 4, hardware version 7, and hardware version 8 virtual machines
depending on the resources backing the organization's virtual datacenters.

You cannot downgrade the hardware version of the virtual machines in a vApp.

Prerequisites

The vApp must be stopped and its virtual machines must have the latest version of VMware Tools installed.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Upgrade Virtual Hardware Version.

4 Click Yes.

80 VMware, Inc.

Save vApp as a vApp Template to Your Catalog

You can save a vApp as a vApp template and add it to the catalog.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Add to Catalog.

4 (Optional) Modify the name and description.

5 Select the destination vDC and catalog.

6 In the Storage lease: drop-down menu, select when you would like the vApp template to expire.

7 Select an option.

Option Description

Make Identical Copy

Customize VM Settings

8 Click OK.

vApps that are created from this vApp template must follow the guest
operating system settings of the vApp template. If you select this option, and
guest customization is enabled, the guest operating system is personalized.

Guest operating system is personalized regardless of the vApp template
settings, and the guest operating system is personalized when the vApp is
deployed.

Chapter 8 Working with vApps

The vApp is saved as a vApp template in the selected catalog.

Copy a vApp to Another vDC

When you copy a vApp to another vDC, the original vApp remains in the source vDC.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Copy to.

4 Type a name and description.

5 Select a vDC.

6 Click OK.

The new vDC for this vApp appears in the vDC column on the vAppspage.

Move a vApp to Another vDC

When you move a vApp to another vDC, the vApp is removed from the source vDC.

You are at least a vApp author.

Prerequisites

Your vApp is stopped.

VMware, Inc. 81

vCloud Director User's Guide

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Move to.

4 Select a vDC.

5 Click OK.

Delete a vApp

You can delete a vApp, which removes it from your organization.

You must be at least a vApp author.

Prerequisites

Your vApp must be stopped.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Delete.

4 Click Yes.

82 VMware, Inc.

Working with Virtual Machines 9

Virtual machines have a guest operating system on which you can install and run any software supported by
that operating system. In vCloud Director, you can install VMware Tools, insert DVDs and floppy disks, and
remotely connect to virtual machines.

These are the most basic operations that you can do on a virtual machine.

n

Power On, which is equal to powering on a physical machine.

n

Power Off, which is equal to powering off a physical machine.

n

Suspend, where the CPU of a deployed virtual machine is frozen. You can suspend a machine when you
need to leave a virtual machine but do not want to lose its current state.

n

Reset, which power cycles the virtual machine.

This chapter includes the following topics:

n

“Open a Virtual Machine Console,” on page 84

n

“Power On a Virtual Machine,” on page 84

n

“Power Off a Virtual Machine,” on page 84

n

“Reset a vApp or Virtual Machine,” on page 85

VMware, Inc.

n

“Suspend a Virtual Machine,” on page 85

n

“Resume a Suspended Virtual Machine,” on page 85

n

“Discard the Suspended State of a Virtual Machine,” on page 85

n

“Insert a CD/DVD,” on page 86

n

“Eject a CD/DVD,” on page 86

n

“Insert a Floppy,” on page 86

n

“Eject a Floppy,” on page 86

n

“Upgrade the Virtual Hardware Version for a Virtual Machine,” on page 87

n

“Connect Remotely to a Virtual Machine,” on page 87

n

“Copy or Move a Virtual Machine to a vApp,” on page 87

n

“Delete a Virtual Machine,” on page 88

n

“Modify Virtual Machine General Properties,” on page 88

n

“Modify Virtual Machine CPUs and Memory,” on page 89

n

“Modify Virtual Machine OVF Environment Properties,” on page 89

83

vCloud Director User's Guide

n

“Configuring Virtual Machine Resource Allocation Settings,” on page 90

n

“Modifying Virtual Machine Hard Disks,” on page 91

n

“Modifying Virtual Machine Network Interfaces,” on page 92

n

“Installing VMware Tools,” on page 94

n

“Guest Operating Systems,” on page 104

Open a Virtual Machine Console

Accessing your virtual machine console allows you to view information about a virtual machine, work with
the guest operating system, and perform operations that affect the guest operating system.

You might be required to install VMware Remote Console Plug-In. Click Install in the dialog box that appears.

Prerequisites

The virtual machine is powered on.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Popout Console.

If you close or refresh a virtual machine console while you have one or more client devices connected,
those devices are disconnected.

Power On a Virtual Machine

Powering on a virtual machine is the equivalent of powering on a physical machine.

You cannot power on a virtual machine that has guest customization enabled unless the virtual machine has
a current version of VMware Tools installed.

Prerequisites

A virtual machine that is powered off.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Power On.

Power Off a Virtual Machine

Powering off a virtual machine is the equivalent of powering off a physical machine.

Prerequisites

A virtual machine that is powered on.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Power Off.

84 VMware, Inc.

Reset a vApp or Virtual Machine

Resetting a virtual machine clears state (memory, cache, and so on), but the vApps and virtual machines
continue to run.

Prerequisites

Your vApp is started and virtual machine is powered on.

Procedure

1 Click My Cloud.

2 In the left pane, select vApps or VMs.

3 Select a vApp or virtual machine, right-click, and select Reset.

Suspend a Virtual Machine

Suspending a virtual machine preserves its current state.

Prerequisites

A virtual machine that is powered on.

Chapter 9 Working with Virtual Machines

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Suspend.

4 Click Yes.

Resume a Suspended Virtual Machine

You can resume a suspended virtual machine to power it on and return it to the state it was in when you
suspended it.

Prerequisites

A suspended virtual machine.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Resume.

Discard the Suspended State of a Virtual Machine

If a virtual machine is in a suspended state, you can discard this state, for example, to free storage space.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Discard Suspended State.

VMware, Inc. 85

vCloud Director User's Guide

4 Click Yes.

Insert a CD/DVD

You can access CD/DVD images from catalogs to use in a virtual machine guest operating system. You can
install operating systems, applications, drivers, and so on.

Prerequisites

You have access to a catalog with media files.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 In the right pane, select a virtual machine, right-click, and select Insert CD/DVD from Catalog.

4 Select a media file and click Insert.

The selected CD or DVD is inserted.

Eject a CD/DVD

After you have finished using a CD or DVD in your virtual machine you can eject it.

Procedure

1 Click My Cloud.

2 In the left pane, select VMs.

3 Select a virtual machine, right-click, and select Eject CD/DVD.

The media file is removed from the virtual machine.

Insert a Floppy

You can access floppy disk images from catalogs to use in a guest operating system. When you insert a floppy
disk, you can install operating systems, applications, drivers, and so on.

Prerequisites

You have media files in your catalog.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Insert Floppy from Catalog.

4 Using the drop-down menu, select a floppy disk image or select one from the list and click Insert.

The selected floppy disk is inserted.

Eject a Floppy

After you have finished using a floppy disk in your virtual machine you can eject it.

Procedure

1 Click My Cloud.

86 VMware, Inc.

Chapter 9 Working with Virtual Machines

2 In the left pane, select VMs.

3 Select a virtual machine, right-click, and select Eject Floppy.

The floppy disk is removed from the virtual machine.

Upgrade the Virtual Hardware Version for a Virtual Machine

You can upgrade the virtual hardware version for a virtual machine. Higher virtual hardware versions support
more features.

vCloud Director supports hardware version 4, hardware version 7, and hardware version 8 virtual machines
depending on the resources backing the organization's virtual datacenters.

You cannot downgrade the hardware version of a virtual machine.

Prerequisites

The virtual machine must be powered off and it must have the latest version of VMware Tools installed.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Upgrade Virtual Hardware Version.

4 Click Yes.

Connect Remotely to a Virtual Machine

You can use the Remote Desktop Connection file to connect to a deployed virtual machine from your desktop.

Prerequisites

n

The virtual machine must be powered on, running a Windows guest OS, and have Remote Desktop
enabled in the guest OS.

n

The virtual machine must have an IP assigned on its network that is accessible by the client.

n

The RDP port 3389 must be open on the guest OS.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Download Windows Remote Desktop Shortcut File.

4 In the Download RDP Shortcut File dialog box, click Yes.

5 Navigate to the location where you want to save the file and click Save.

6 Double-click the file and select Connect.

Copy or Move a Virtual Machine to a vApp

You can copy or move a virtual machine to another vApp. When you copy a virtual machine, the original
virtual machine remains in the source vApp. If you move a virtual machine, it is removed from the source
vApp.

Prerequisites

The virtual machine must be powered off.

VMware, Inc. 87

vCloud Director User's Guide

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Copy to or Move to.

4 Follow the prompts to complete the wizard.

5 Click Finish.

Delete a Virtual Machine

You can delete a virtual machine from your organization.

Prerequisites

Your virtual machine must be powered off.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Delete.

4 Click Yes.

Modify Virtual Machine General Properties

You can review and modify the name, description, and other general properties of a virtual machine.

Prerequisites

The virtual machine must be powered off to modify some general properties.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Properties.

4 On the General tab, modify the properties and click OK.

Option Description

Full name

Computer name

Description

Operating System Family

Operating System

Virtual hardware version

Virtual CPU hot add

The display name of the virtual machine in vCloud Director.

The computer/host name set in the guest operating system that identifies the
virtual machine on a network. This field is restricted to 15 characters because
of a Windows OS limitation on computer names.

An optional description of the virtual machines.

Drop-down list containing supported operating system families.

Drop-down list containing supported operating systems.

The virtual hardware version of the virtual machine. Select the Upgrade to
and select a hardware version to upgrade the virtual machine hardware.

Select the check box to enable virtual CPU hot add. This allows you to add
virtual CPUs to a powered on virtual machine. This feature is only supported
on certain guest operating systems and virtual machine hardware versions.

88 VMware, Inc.

Option Description

Memory hot add

Synchronize time

Select the check box to enable memory hot add. This allows you to add
memory to a powered on virtual machine. This feature is only supported on
certain guest operating systems and virtual machine hardware versions.

Select the check box to enable time synchronization between the virtual
machine guest operating system and the virtual datacenter in which it is
running.

Modify Virtual Machine CPUs and Memory

You can modify the number of virtual CPUs and memory for a virtual machine.

The number of virtual CPUs and memory that a virtual machine supports depends on its virtual hardware
version.

Table 9-1. Virtual Hardware Versions and CPU/Memory Support

Virtual Hardware Version Maximum CPUs Maximum Memory

HW4 4 64GB

HW7 8 255GB

HW8 32 1011GB

Chapter 9 Working with Virtual Machines

You must power off the virtual machine before adding CPUs or memory, unless the virtual machine supports
memory hot add and virtual CPU hot add.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Properties.

4 On the Hardware tab, select the number of CPUs and total memory for the virtual machine.

5 Click OK.

Modify Virtual Machine OVF Environment Properties

If a virtual machine includes user-configurable OVF environment properties, you can review and modify those
properties.

If the vApp containing the virtual machine includes a value for a user-configurable property of the same name,
the virtual machine value takes precedence.

Prerequisites

The virtual machine is powered off and its OVF environment includes user-configurable properties.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Properties.

4 On the Custom Properties tab, modify the properties and click OK.

VMware, Inc. 89

vCloud Director User's Guide

Configuring Virtual Machine Resource Allocation Settings

Reservation pool virtual datacenters support the ability to control resource allocation at the virtual machine
level. Users with the necessary rights can customize the amount of resources that are allocated to their virtual
machines.

Use the resource allocation settings (shares, reservation, and limit) to determine the amount of CPU, memory,
and storage resources provided for a virtual machine. Users have several options for allocating resources.

n

Ensure that a certain amount of memory for a virtual machine is provided by the virtual datacenter.

n

Guarantee that a particular virtual machine is always allocated a higher percentage of the virtual
datacenter resources than other virtual machines.

n

Set an upper bound on the resources that can be allocated to a virtual machine.

Resource Allocation Shares

Shares specify the relative importance of a virtual machine within a vDC. If a virtual machine has twice as
many shares of a resource as another virtual machine, it is entitled to consume twice as much of that resource
when these two virtual machines are competing for resources.

Shares are typically specified as High, Normal, or Low and these values specify share values with a 4:2:1 ratio,
respectively. You can also select Custom to assign a specific number of shares (which expresses a proportional
weight) to each virtual machine.

When you assign shares to a virtual machine, you always specify the priority for that virtual machine relative
to other powered-on virtual machines.

The following table shows the default CPU and memory share values for a virtual machine.

Table 9-2. Share Values

Setting CPU share values Memory share values

High 2000 shares per virtual CPU 20 shares per megabyte of configured virtual machine

memory.

Normal 1000 shares per virtual CPU 10 shares per megabyte of configured virtual machine

memory.

Low 500 shares per virtual CPU 5 shares per megabyte of configured virtual machine

memory.

For example, a virtual machine with two virtual CPUs and 1GB RAM with CPU and memory shares set to
Normal has 2x1000=2000 shares of CPU and 10x1024=10240 shares of memory.

The relative priority represented by each share changes when a new virtual machine is powered on. This affects
all virtual machines in the same vDC.

Resource Allocation Reservation

A reservation specifies the guaranteed minimum allocation for a virtual machine.

vCloud Director allows you to power on a virtual machine only if there are enough unreserved resources to
satisfy the reservation of the virtual machine. The vDC guarantees that amount even when its resources are
heavily loaded. The reservation is expressed in concrete units (megahertz or megabytes).

90 VMware, Inc.

Chapter 9 Working with Virtual Machines

For example, assume you have 2GHz available and specify a reservation of 1GHz for VM1 and 1GHz for VM2.
Now each virtual machine is guaranteed to get 1GHz if it needs it. However, if VM1 is using only 500MHz,
VM2 can use 1.5GHz.

Reservation defaults to 0. You can specify a reservation if you need to guarantee that the minimum required
amounts of CPU or memory are always available for the virtual machine.

Resource Allocation Limit

Limit specifies an upper bound for CPU and memory resources that can be allocated to a virtual machine.

A vDC can allocate more than the reservation to a virtual machine, but never allocates more than the limit,
even if there are unused resources on the system. The limit is expressed in concrete units (megahertz or
megabytes).

CPU and memory resource limits default to unlimited. When the memory limit is unlimited, the amount of
memory configured for the virtual machine when it was created becomes its effective limit in most cases.

In most cases, it is not necessary to specify a limit. You might waste idle resources if you specify a limit. The
system does not allow a virtual machine to use more resources than the limit, even when the system is
underutilized and idle resources are available. Specify a limit only if you have good reasons for doing so.

Configure Virtual Machine Resource Allocation Settings

You can configure the resource allocation settings (shares, reservation, and limit) to determine the amount of
CPU, memory, and storage resources provided for a virtual machine.

For more information about shares, reservations, and limits, see “Resource Allocation Shares,” on page 90,

“Resource Allocation Reservation,” on page 90, and “Resource Allocation Limit,” on page 91.

Prerequisites

A reservation pool vDC.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Properties.

4 Click the Resource Allocation tab and set the priority, reservation, and limit for CPU and memory.

5 Click OK.

Modifying Virtual Machine Hard Disks

You can add hard disks, edit hard disks, and delete hard disk from a virtual machine.

Add a Virtual Machine Hard Disk

You can add a virtual hard disk to a virtual machine.

The virtual machine is powered off.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Properties.

VMware, Inc. 91

vCloud Director User's Guide

4 On the Hardware tab, click Add in the Hard Disks section.

5 Select the disk size, bus type, bus number, and unit number and click OK.

What to do next

Power on the virtual machine and use the guest operating system tools to partition and format the new disk.

Edit a Virtual Machine Hard Disk

You can modify the bus number and unit number of a virtual machine hard disk.

The virtual machine is powered off.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Properties.

4 On the Hardware tab, select a new bus number or unit number in the Hard Disks section and click OK.

Delete a Virtual Machine Hard Disk

You can delete a virtual machine hard disk.

The virtual machine is powered off.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Properties.

4 On the Hardware tab, click Delete in the Hard Disks section and click Yes.

5 Click OK.

Modifying Virtual Machine Network Interfaces

You can modify virtual machine network settings, reset a MAC address, add a network interface, and delete
a network interface.

Virtual machine version 4 supports up to four NICs, and virtual machine version 7 and 8 support up to ten
NICs.

Edit Network Interface Settings

You can disconnect a virtual machine NIC, change the network to which a NIC connects, specify a primary
NIC, and change the IP addressing mode for a NIC.

Prerequisites

The virtual machine is powered off.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Properties.

92 VMware, Inc.

Chapter 9 Working with Virtual Machines

4 In the NICs section on the Hardware tab, specify the network settings for each NIC.

Option Action

Connected

Network

Primary NIC

IP Mode

IP Address

Deselect the check box to disconnect a NIC.

Select a network from the drop-down menu.

Select a primary NIC. The primary NIC setting determines the default and
only gateway for the virtual machine.The virtual machine can use any NIC
to connect to other machines that are directly connected to the same network
as the NIC, but it can only use the primary NIC to connect to machines on
networks that require a gateway connection.

Select an IP mode.

n

Static - IP Pool pulls IP addresses from the network's IP pool.

n

Static - Manual allows you to specify an IP address.

n

DHCP pulls IP addresses from a DHCP server.

If you selected Static - Manual, type an IP address.

5 Click OK.

Reset a Network Interface MAC Address

You can reset a network interface MAC address if, for example, you have a MAC address conflict or if you
need to discard saved state quickly and easily.

Prerequisites

The virtual machine is powered off.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Properties.

4 Click the Hardware tab.

5 In the NICs section, click the MAC Addressdrop-down menu and select Reset.

6 Click OK.

Add a Network Interface

You can add one or more virtual NICs to a virtual machine.

Virtual machine version 4 supports up to four NICs, and virtual machine version 7 and 8 support up to ten
NICs.

For information about supported network adapter types, see http://kb.vmware.com/kb/1001805.

Prerequisites

The virtual machine is powered off.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Properties.

4 In the NICs section on the Hardware tab, click Add.

VMware, Inc. 93

vCloud Director User's Guide

5 (Optional) Modify the NIC settings.

6 Click OK.

Remove a Network Interface

You can remove NICs from a virtual machines.

Prerequisites

The virtual machine is powered off.

Procedure

1 Click My Cloud.

2 In the left pane, click VMs.

3 Select a virtual machine, right-click, and select Properties.

4 In the NICs section on the Hardware tab, click Delete.

5 Click OK.

Installing VMware Tools

VMware Tools supports shared folders and cut and paste operations between the guest operating system and
the machine from which you launch the vCloud Director Web console.

vCloud Director depends on VMware Tools to customize the guest OS. Using VMware Tools, you can move
the pointer in and out of the virtual machine console window.

A virtual machine must be powered on to install VMware Tools.

Install VMware Tools in a New Virtual Machine with No Guest Operating System

If your newly created virtual machine has no guest operating system, you must install it before you can install
VMware Tools.

You must be at least a vApp User.

Prerequisites

You have created a vApp in which you have a blank virtual machine.

Procedure

1 Click My Cloud.

2 In the left pane, selectvApps > Open.

3 On the Virtual Machinestab, select a virtual machine, right-click, and select Power On.

4 Log into the virtual machine console and install the guest operating system.

5 Install VMware Tools.

6 Power off the virtual machine.

7 Select the virtual machine, right-click and select Properties.

8 On the Guest OS Customization tab, select the Enable guest customization check box.

9 Power the virtual machine on.

The guest OS in your newly created virtual machine has been customized.

94 VMware, Inc.

Chapter 9 Working with Virtual Machines

Installing VMware Tools in a vApp

When you install VMware Tools in a virtual machine in a vApp, you need to understand the process.

You can trigger VMware Tools installation on a powered on guest virtual machine in a vApp by selecting the
virtual machine, right-click, and selecting Install VMware Tools. Open the virtual machine console to continue
with the installation. For information on installing in a variety of guest OSs, see Table 9-3.

Table 9-3. Installing VMware Tools

Action Reference

To install on a Windows Guest “Install VMware Tools on a Windows Guest,” on page 101

To install on a Linux Guest

To install on a Solaris Guest “Install VMware Tools on a Solaris Guest,” on page 103

If the settings on a guest virtual machine are not in synch with vCloud Director or an attempt to perform guest
customization has failed, you can select the virtual machine, right-click, and select Power on and Force re-
customization.

n

“Install VMware Tools on a Linux Guest in X with the
RPM Installer,” on page 102

n

“Install VMware Tools on a Linux Guest with the Tar
Installer or RPM Installer,” on page 102

When you select Add to My Cloud or Add from Catalog on a vApp template, these are the available options
on the vApp template Properties page.

n

Make identical copy

n

Customize VM Settings

The vApp template is added and saved as a vApp in your organization. These options are not used when you
use a virtual machine, when you create a new vApp, or add a new virtual machine.

Install VMware Tools in a Virtual Machine in a vApp

vApp deployment can fail if VMware Tools are not installed on the virtual machines in the vApp.

Prerequisites

You must stop the vApp.

Procedure

1 Disable Guest Customization on page 96

To install VMware Tools in a virtual machine in a vApp, you must disable guest customization.

2 Start the vApp on page 96

After you install VMware Tools, you must start the vApp.

3 Install VMware Tools on page 96

You must install VMware Tools in your virtual machines to customize the guest operation system.

4 Stop the vApp on page 96

To enable guest customization on a virtual machine, you must stop the vApp.

5 Enable Guest Customization on page 97

After you install or upgrade VMware Tools in your virtual machines, you must enable guest
customization.

VMware, Inc. 95

vCloud Director User's Guide

6 Start the vApp on page 97

After you install VMware Tools, you must start the vApp.

Disable Guest Customization

To install VMware Tools in a virtual machine in a vApp, you must disable guest customization.

Procedure

1 Click My Cloud.

2 In the left pane, select VMs.

3 Select a virtual machine, right-click, and select Properties.

4 On the Guest OS Customization tab, deselect the Enable guest customization check box.

Start the vApp

After you install VMware Tools, you must start the vApp.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

The virtual machines in the vApp will customize when you power on. The guest OS will be rebooted
during customization if necessary.

3 Select the vApp, right click, and select Start.

Install VMware Tools

You must install VMware Tools in your virtual machines to customize the guest operation system.

You are at least a vApp User.

Prerequisites

Guest customization is disabled on the relevant virtual machines.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Open.

4 On the Virtual Machines tab, select a virtual machine, right-click, and select Power On.

5 Select the virtual machine, right-click, and select Install VMware Tools.

VMware tools installation is triggered or Tools CD is mounted. You need to open the virtual machine
console to complete the installation.

VMware Tools is installed.

Stop the vApp

To enable guest customization on a virtual machine, you must stop the vApp.

You are at least a vApp User.

96 VMware, Inc.

Chapter 9 Working with Virtual Machines

Prerequisites

Your vApp is started.

Procedure

1 Click My Cloud.

2 Power off your virtual machines.

3 Select a vApp, right-click, and select Stop.

The vApp is stopped.

Enable Guest Customization

After you install or upgrade VMware Tools in your virtual machines, you must enable guest customization.

Procedure

1 On the Guest OS Customization tab, select the Enable guest customization check box.

2 Select the other check boxes in the dialog box as relevant.

Start the vApp

After you install VMware Tools, you must start the vApp.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

The virtual machines in the vApp will customize when you power on. The guest OS will be rebooted
during customization if necessary.

3 Select the vApp, right click, and select Start.

Install VMware Tools in a vApp Template

You can install VMware Tools on a virtual machine for which guest customization is enabled.

Prerequisites

Guest customization is enabled on the virtual machine's Properties page.

Procedure

1 Save the vApp Template as a vApp on page 98

To install VMware Tools in a vApp, you must save it as a vApp.

2 Disable Guest Customization on page 98

Before you can install VMware Tools on a virtual machine, you must disable guest customization.

3 Install VMware Tools on page 98

You must install VMware Tools in your virtual machines to customize the guest operation system.

4 Enable Guest Customization on page 99

After you install or upgrade VMware Tools in your virtual machines, you must enable guest
customization.

5 Add vApp to Catalog on page 99

After you install or upgrade VMware Tools, you can add the updated vApp to your catalog.

VMware, Inc. 97

vCloud Director User's Guide

Save the vApp Template as a vApp

To install VMware Tools in a vApp, you must save it as a vApp.

Procedure

1 Click Catalogs.

2 On the vApp Templates tab, select a vApp template, right-click, and select Properties.

3 Select Make Identical Copy.

4 Select the vApp template, right-click, and select Add to My Cloud.

The vApp template has been saved as a vApp.

What to do next

You need to install VMware Tools.

Disable Guest Customization

Before you can install VMware Tools on a virtual machine, you must disable guest customization.

Procedure

1 On thevApps page, select a vApp, right-click, and select Open.

2 Select My Cloud > vApps.

3 In a vApp, select a virtual machine, right-click, and select Open.

4 On the Guest OS Customization tab, deselect the Enable guest customization and other check boxes as

desired.

5 Select a virtual machine, right-click, and select Properties

6 On the Guest OS Customization tab, deselect the Enable guest customization check box.

7 Select the vApp, right-click, and select Start.

Install VMware Tools

You must install VMware Tools in your virtual machines to customize the guest operation system.

You are at least a vApp User.

Prerequisites

Guest customization is disabled on the relevant virtual machines.

Procedure

1 Click My Cloud.

2 In the left pane, click vApps.

3 Select a vApp, right-click, and select Open.

4 On the Virtual Machines tab, select a virtual machine, right-click, and select Power On.

5 Select the virtual machine, right-click, and select Install VMware Tools.

VMware tools installation is triggered or Tools CD is mounted. You need to open the virtual machine
console to complete the installation.

VMware Tools is installed.

98 VMware, Inc.

Chapter 9 Working with Virtual Machines

Enable Guest Customization

After you install or upgrade VMware Tools in your virtual machines, you must enable guest customization.

Procedure

1 On the Guest OS Customization tab, select the Enable guest customization check box.

2 Select the other check boxes in the dialog box as relevant.

Add vApp to Catalog

After you install or upgrade VMware Tools, you can add the updated vApp to your catalog.

Procedure

1 Select a vApp, right-click, and select Stop.

2 Select the vApp, right-click, and select Add vApp to Catalog.

3 Select the vApp template, right-click, and select Properties.

4 Select Customize VM Settings or Make Identical Copy.

5 (Optional) Delete the previous version of the vApp template, if necessary.

Install VMware Tools With Guest Customization Disabled

You can install VMware Tools in a vApp template when guest customization is disabled.

Prerequisites

Guest customization is disabled on the virtual machine Properties page.

Procedure

1 Save the vApp Template as a vApp on page 99

To install VMware Tools in a vApp, you must save it as a vApp.

2 Install or Upgrade VMware Tools on page 100

You can either install VMware Tools or upgrade the current version in your virtual machine.

3 Enable Guest Customization on page 100

After you install or upgrade VMware Tools in your virtual machines, you must enable guest
customization.

4 Add vApp to Catalog on page 100

After you install or upgrade VMware Tools, you can add the updated vApp to your catalog.

Save the vApp Template as a vApp

To install VMware Tools in a vApp, you must save it as a vApp.

Procedure

1 Click Catalogs.

2 On the vApp Templates tab, select a vApp template, right-click, and select Properties.

3 Select Make Identical Copy.

4 Select the vApp template, right-click, and select Add to My Cloud.

The vApp template has been saved as a vApp.

VMware, Inc. 99

vCloud Director User's Guide

What to do next

You need to install VMware Tools.

Install or Upgrade VMware Tools

You can either install VMware Tools or upgrade the current version in your virtual machine.

Procedure

1 Click My Cloud.

2 In the left pane, select vApps.

3 On the vApps page, select a vApp, right-click, and select Open.

4 Select a virtual machine, right-click, and select Properties.

5 In the Guest OS Customization tab, deselect the Enable guest customization and other check boxes as

desired.

6 Right-click the virtual machine and select Install VMware Tools.

Enable Guest Customization

After you install or upgrade VMware Tools in your virtual machines, you must enable guest customization.

Procedure

1 On the Guest OS Customization tab, select the Enable guest customization check box.

2 Select the other check boxes in the dialog box as relevant.

Add vApp to Catalog

After you install or upgrade VMware Tools, you can add the updated vApp to your catalog.

Procedure

1 Select a vApp, right-click, and select Stop.

2 Select the vApp, right-click, and select Add vApp to Catalog.

3 Select the vApp template, right-click, and select Properties.

4 Select Customize VM Settings or Make Identical Copy.

5 (Optional) Delete the previous version of the vApp template, if necessary.

Upgrade VMware Tools

If the version of VMware Tools is earlier than 7299 in a virtual machine in your vApp, you must upgrade it.

Upgrading VMware Tools might involve uninstalling your existing VMware Tools versions and installing a
new one from a CD mounted in the operating system. This process can also be done automatically.

Prerequisites

You must stop the vApp.

Procedure

1 Install a New Version of VMware Tools on page 101

After you disable guest customization, you can upgrade VMware Tools.

100 VMware, Inc.