VMware vCloud Director - 1.5 Installation Manual
vCloud Director Installation and
Configuration Guide
vCloud Director 1.5
This document supports the version of each product listed and
supports all subsequent versions until the document is replaced
by a new edition. To check for more recent editions of this
document, see http://www.vmware.com/support/pubs.
EN-000582-01
vCloud Director Installation and Configuration Guide
You can find the most up-to-date technical documentation on the VMware Web site at:
http://www.vmware.com/support/
The VMware Web site also provides the latest product updates.
If you have comments about this documentation, submit your feedback to:
docfeedback@vmware.com
Copyright © 2010, 2011 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and
intellectual property laws. VMware products are covered by one or more patents listed at
http://www.vmware.com/go/patents.
VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks
and names mentioned herein may be trademarks of their respective companies.
VMware, Inc.
3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com
2 VMware, Inc.
Contents
VMware vCloud Director Installation and Configuration Guide 5
Overview of vCloud Director Installation and Configuration 7
1
vCloud Director Architecture 7
Configuration Planning 8
vCloud Director Hardware and Software Requirements 9
Creating a vCloud Director Server Group 25
2
Install and Configure vCloud Director Software on Any Member of a Server Group 26
Configure Network and Database Connections 27
Start or Stop vCloud Director Services 31
Install vCloud Director Software on Additional Servers 31
Create a Microsoft Sysprep Deployment Package 32
Uninstall vCloud Director Software 33
Upgrading vCloud Director 35
3
Use the Cell Management Tool to Quiesce and Shut Down A Server 36
Upgrade vCloud Director Software on Any Member of a Server Group 38
Upgrade the vCloud Director Database 40
Upgrade vCenter and ESX/ESXi Hosts 42
Upgrade vShield Manager 42
Reverting an Upgrade 43
vCloud Director Setup 45
4
Review the License Agreement 46
Enter the License Key 46
Create the System Administrator Account 46
Specify System Settings 46
Ready to Log In to vCloud Director 47
Index 49
VMware, Inc. 3
vCloud Director Installation and Configuration Guide
4 VMware, Inc.
VMware vCloud Director Installation and Configuration Guide
The VMware vCloud Director Installation and Configuration Guide provides information about installing
VMware vCloud Director software and configuring it to work with VMware vCenter™ to provide VMwareready VMware vCloud® services.
Intended Audience
This book is intended for anyone who wants to install and configure VMware vCloud Director software. The
information in this book is written for experienced system administrators who are familiar with Linux,
Windows, IP networks, and VMware vSphere®.
VMware, Inc. 5
vCloud Director Installation and Configuration Guide
6 VMware, Inc.
Overview of vCloud Director
Installation and Configuration 1
A VMware vCloud® combines a vCloud Director server group with the vSphere platform. You create a
vCloud Director server group by installing vCloud Director software on one or more servers, connecting the
servers to a shared database, and integrating the vCloud Director server group with vSphere.
VMware vCloud Director builds on the VMware vSphere® foundation and exposes virtualized shared
infrastructure as multitenant virtual datacenters that are decoupled from the underlying hardware and isolated
from one another. You can expose virtual datacenters to users through a Web-based portal and define and
expose a catalog of services that you can deploy within the virtual datacenter.
This chapter includes the following topics:
n
“vCloud Director Architecture,” on page 7
n
“Configuration Planning,” on page 8
n
“vCloud Director Hardware and Software Requirements,” on page 9
vCloud Director Architecture
A vCloud Director server group consists of one or more vCloud Director servers. These servers share a common
database, and are linked to an arbitrary number of vCenter servers and ESX/ESXi hosts. vShield Manager
servers provide network services to vCenter and vCloud Director.
VMware, Inc.
A simple cloud architecture might contain a vCloud Director server group comprising multiple servers. Each
server can run a collection of services called a vCloud Director cell. All servers in the group share a single
database. The group connects to multiple vCenter servers and the ESX/ESXi hosts that they manage. Each
vCenter server connects to a vShield Manager server.
7
vCloud Director Server Group
vCloud Director
Server
Cell
vCloud Director
Database
VMware vCloud Director
VMware vSphere
vCenter
Database
vShield
ger
vShield
ger
vShield
Manager
vCenter
Database
vCenter
Database
vCenter
vCenter
vCenter
ESX/ESXi
ESX/ESXi
ESX/ESXi
ESX/ESXi
ESX/ESXi
vCloud Director Installation and Configuration Guide
Figure 1-1. vCloud Director Architecture Diagram
The vCloud Director installation and configuration process creates the cells, connects them to the shared
database, and establishes the first connections to a vCenter server, vShield Manager, and ESX/ESXi hosts. A
system administrator can then use the vCloud Director Web console to connect additional vCenter servers,
vShield Manager servers, and ESX/ESXi servers to the vCloud Director server group at any time.
Configuration Planning
vSphere provides storage, compute, and networking capacity to vCloud Director. Before you begin installation,
consider how much vSphere and vCloud Director capacity you need, and plan a configuration that can support
it.
Configuration requirements depend on many factors, including the number of organizations in the cloud, the
number of users in each organization, and the activity level of those users. The following guidelines can serve
as a starting point for most configurations:
n
Allocate one vCloud Director server (cell) for each vCenter server that you want to make accessible in
your cloud.
n
Be sure that all vCloud Director servers meet at least the minimum requirements for memory, CPU, and
storage detailed in “vCloud Director Hardware and Software Requirements,” on page 9.
n
Configure the vCloud Director database as described in “Installing and Configuring a vCloud Director
Database,” on page 15.
8 VMware, Inc.
Chapter 1 Overview of vCloud Director Installation and Configuration
vCloud Director Hardware and Software Requirements
Each server in a vCloud Director server group must meet certain hardware and software requirements. In
addition, a supported database must be accessible to all members of the group. Each server group requires
access to a vCenter server, a vShield Manager server, and one or more ESX/ESXi hosts.
Supported vCenter, ESX/ESXi, and vShield Manager Versions
IMPORTANT The most current information about supported versions of ESX/ESXi and vCenter Server is
available from the VMware Product Interoperability Matrixes at
http://partnerweb.vmware.com/comp_guide/sim/interop_matrix.php.
Table 1-1. Supported vCenter Versions
vCenter Version Notes
4.0 Update 2
4.0 Update 3
4.1
4.1 Update 1
5.0 Required for Fast Provisioning, Hardware Version 8, and VPN support
Table 1-2. Supported ESX/ESXi Versions
ESX or ESXi Version Notes
4.0 Update 2
4.0 Update 3
4.1
4.1 Update 1
5.0 Required for Fast Provisioning and Hardware Version 8 support
Table 1-3. Supported vShield Manager Versions
vShield Manager Version Notes
1.0
1.0 Update 1
5.0 Required for static routing and VPN support
vSphere Configuration Requirements
vCenter servers and ESX/ESXi hosts intended for use with vCloud Director must meet specific configuration
requirements.
n
vCenter networks intended for use as vCloud Director external networks or network pools must be
available to all hosts in any cluster intended for vCloud Director to use. Making these networks available
to all hosts in a datacenter simplifies the task of adding new vCenter servers to vCloud Director.
n
DVS must be used for cross-host fencing and network pool allocation.
n
vCenter clusters used with vCloud Director must be configured to use automated DRS. Automated DRS
requires shared storage attached to all hosts in a DRS cluster.
n
vCenter 5 clusters used with vCloud Director must not enable storage DRS.
VMware, Inc. 9
vCloud Director Installation and Configuration Guide
n
vCenter servers must trust their ESX/ESXi hosts.
vSphere Licensing Requirements
vCloud Director requires the following vSphere licenses:
n
VMware DRS, licensed by vSphere Enterprise and Enterprise Plus.
n
VMware Distributed Switch and dvFilter, licensed by vSphere Enterprise Plus. This license enables
creation and use of vCloud Director isolated networks.
Supported vCloud Director Server Operating Systems
Table 1-4. Supported vCloud Director Server Operating Systems
Operating System
Red Hat Enterprise Linux 5 (64 bit), Update 4
Red Hat Enterprise Linux 5 (64 bit), Update 5
Red Hat Enterprise Linux 5 (64 bit), Update 6
Disk Space
Requirements
Memory Requirements
Each vCloud Director server requires approximately 950MB of free space for
the installation and log files.
Each vCloud Director server must be provisioned with at least 1GB of memory.
2GB is recommended.
The required packages are typically installed by default with the operating system software. If any packages
are missing, the installer fails with a diagnostic message.
Table 1-5. Required Software Packages
Package Name Package Name Package Name
alsa-lib libICE module-init-tools
bash libSM net-tools
chkconfig libstdc pciutils
coreutils libX11 procps
findutils libXau redhat-lsb
glibc libXdmcp sed
grep libXext tar
initscripts libXi which
krb5-libs libXt
libgcc libXtst
Supported vCloud Director Databases
vCloud Director supports Oracle and Microsoft SQL Server databases. The most current information about
supported databases is available from the VMware Product Interoperability Matrixes at
http://partnerweb.vmware.com/comp_guide/sim/interop_matrix.php.
For recommended database server configurations, see “Installing and Configuring a vCloud Director
Database,” on page 15.
10 VMware, Inc.
Chapter 1 Overview of vCloud Director Installation and Configuration
Supported LDAP Servers
Table 1-6. Supported LDAP Servers
Platform LDAP Server Authentication Methods
Windows Server 2003 Active Directory Simple, Simple SSL, Kerberos, Kerberos SSL
Windows Server 2008 Active Directory Simple
Windows 7 (2008 R2) Active Directory Simple, Simple SSL, Kerberos, Kerberos SSL
Linux OpenLDAP Simple, Simple SSL
Guest OS Support
vCloud Director supports virtual machines running the following guest operating systems.
Table 1-7. Guest OS Support
Guest OS ESX 4.0 U2 ESX 4.0 U3 ESX 4.1 ESX 4.1 U1 ESX 5.0
Windows Server 2008 R2 (x64) YES YES YES YES YES
Windows Server 2008 YES YES YES YES YES
Window 7 YES YES YES YES YES
Windows Vista YES YES YES YES YES
Windows XP/Embedded YES YES YES YES YES
Windows Server 2003 YES YES YES YES YES
Windows Server 2000 YES YES YES YES YES
Windows NT YES YES YES YES YES
CentOS 4/5 YES YES YES YES YES
SLES 11 YES YES No YES YES
SLES 10 YES YES YES YES
SLES 8,9 YES YES YES YES YES
Asianux 4 No No No No YES
Asianux 3 YES YES YES YES YES
RHEL 6 YES YES YES YES YES
RHEL 5 YES YES YES YES YES
RHEL 4 YES YES YES YES YES
RHEL 3 YES YES YES YES YES
RHEL 2 (x32) YES YES YES YES YES
Debian GNU/Linux 6 No No No No YES
Debian GNU/Linux 5 YES YES YES YES YES
Debian GNU/Linux 4 YES YES YES YES YES
Ubuntu YES YES YES YES YES
Oracle Enterprise Linux 4/5 YES YES No YES YES
Other 2.6.x Linux YES YES YES YES YES
Other 2.4.x Linux YES YES YES YES YES
Solaris 10 YES YES YES YES YES
VMware, Inc. 11
vCloud Director Installation and Configuration Guide
Browsers That vCloud Director Supports
The vCloud Director Web Console is compatible with many versions of the Firefox and Internet Explorer Web
browsers.
NOTE The vCloud Director Web Console is compatible only with 32-bit browsers. Where a browser is listed
as supported on a 64-bit platform, use of a 32-bit browser on the 64-bit platform is implied.
Browsers Supported on Microsoft Windows Platforms
Table 1-8. Browser Support and Operating System Compatibility on Microsoft Windows Platforms
Internet
Platform
Windows XP Pro 32-bit YES YES No YES YES
Windows XP Pro 64-bit YES YES No YES YES
Windows Server 2003 Enterprise
Edition 32-bit
Windows Server 2003 Enterprise
Edition 64-bit
Windows Server 2008 YES YES YES YES N/A
Windows Server 2008 R2 No YES YES YES N/A
Windows Vista 32-bit YES YES YES YES YES
Windows Vista 64-bit YES YES YES No YES
Windows 7 32-bit No YES YES YES YES
Windows 7 64-bit No YES YES YES YES
Explorer 7.x
YES YES No YES YES
YES YES No YES YES
Internet
Explorer 8.x
Internet
Explorer 9.x
Firefox 3.6,
4.x Firefox 5.x
Browsers Supported Linux Platforms
Table 1-9. Browser Support and Operating System Compatibility on Linux Platforms
Platform Firefox 3 Firefox 4.x Firefox 5.x
Red Hat Enterprise Linux 5 (32 bit), Update6No YES YES
Red Hat Enterprise Linux 6 (32 bit) No YES YES
Red Hat Enterprise Linux 6 (64 bit) No YES YES
SLES 11 32-bit No YES YES
Ubuntu 10.10 32-bit No YES YES
Ubuntu 10.10 64-bit No YES YES
Supported Versions of Adobe Flash Player
The vCloud Director Web Console requires Adobe Flash Player version 10.2 or later. Only the 32-bit version
is supported.
Supported Versions of Java
vCloud Director clients must have JRE 1.6.0 update 10 or later installed and enabled. Only the 32-bit version
is supported.
12 VMware, Inc.
Chapter 1 Overview of vCloud Director Installation and Configuration
Supported TLS and SSL Protocol Versions and Cipher Suites
vCloud Director requires clients to use SSL. Supported versions include SSL 3.0 and TLS 1.0. Supported cipher
suites include those with RSA, DSS, or Elliptic Curve signatures and DES3, AES-128, or AES-256 ciphers.
Summary of Network Configuration Requirements
Secure, reliable operation of vCloud Director depends on a secure, reliable network that supports forward and
reverse lookup of hostnames, a network time service, and other services. Your network must meet these
requirements before you begin installing vCloud Director.
The network that connects vCloud Director servers, the database server, vCenter servers, and vShield Manager
servers, must meet several requirements:
IP addresses
Console Proxy Address
Network Time Service
Hostname Resolution
Each vCloud Director server requires two IP addresses, so that it can support
two different SSL connections. One connection is for the HTTP service. The
other is for the console proxy service. You can use IP aliases or multiple network
interfaces to create these addresses. You cannot use the Linux ip addr add
command to create the second address .
The IP address configured as the console proxy address must not be located
behind an SSL-terminating load balancer or reverse proxy. All console proxy
requests must be relayed directly to the console proxy IP address.
You must use a network time service such as NTP to synchronize the clocks of
all vCloud Director servers, including the database server. The maximum
allowable drift between the clocks of synchronized servers is 2 seconds.
All host names that you specify during vCloud Director and vShield Manager
installation and configuration must be resolvable by DNS using forward and
reverse lookup of the fully qualified domain name or the unqualified hostname.
For example, for a host named mycloud.example.com, both of the following
commands must succeed on a vCloud Director host:
nslookup mycloud
nslookup mycloud.example.com
In addition, if the host mycloud.example.com has the IP address 192.168.1.1, the
following command must return mycloud.example.com:
nslookup 192.168.1.1
Transfer Server Storage
To provide temporary storage for uploads and downloads, an NFS or other
shared storage volume must be accessible to all servers in a vCloud Director
cluster. This volume must have write permission for root. Each host must
mount this volume at $VCLOUD_HOME/data/transfer,
typically /opt/vmware/vcloud-director/data/transfer. Uploads and
downloads occupy this storage for a few hours to a day. Transferred images
can be large, so allocate at least several hundred gigabytes to this volume.
VMware, Inc. 13
vCloud Director Installation and Configuration Guide
Network Security Recommendations
Secure operation of vCloud Director requires a secure network environment. Configure and test this network
environment before you begin installing vCloud Director
Connect all vCloud Director servers to a network that is secured and monitored. vCloud Director network
connections have several additional requirements:
n
Do not connect vCloud Director directly to the public Internet. Always protect vCloud Director network
connections with a firewall. Only port 443 (HTTPS) must be open to incoming connections. Ports 22 (SSH)
and 80 (HTTP) can also be opened for incoming connections if needed. All other incoming traffic from a
public network must be rejected by the firewall.
Table 1-10. Ports That Must Allow Incoming Packets From vCloud Director Hosts
Port Protocol Comments
111 TCP, UDP NFS portmapper used by transfer service
920 TCP, UDP NFS rpc.statd used by transfer service
61611 TCP ActiveMQ
61616 TCP ActiveMQ
Do not connect the ports used for outgoing connections to the public network.
Table 1-11. Ports That Must Allow Outgoing Packets From vCloud Director Hosts
Port Protocol Comments
25 TCP, UDP SMTP
53 TCP, UDP DNS
111 TCP, UDP NFS portmapper used by transfer service
123 TCP, UDP NTP
389 TCP, UDP LDAP
443 TCP vCenter and ESX connections
514 UDP Optional. Enables syslog use
902 TCP vCenter and ESX connections
903 TCP vCenter and ESX connections
920 TCP, UDP NFS rpc.statd used by transfer service
1433 TCP Default Microsoft SQL Server database port
1521 TCP Default Oracle database port
5672 TCP, UDP Optional. AMQP messages for task extensions
61611 TCP ActiveMQ
61616 TCP ActiveMQ
n
Do not connect physical host computers to physical networks that are uplinks for the vNetwork distributed
switches that back vCloud Director network pools.
n
Route traffic between vCloud Director servers and the vCloud Director database server over a dedicated
private network if possible.
n
Virtual switches and distributed virtual switches that support provider networks must be isolated from
each other. They cannot share the same level 2 physical network segment.
14 VMware, Inc.
Chapter 1 Overview of vCloud Director Installation and Configuration
Installing and Configuring a vCloud Director Database
vCloud Director cells use a database to store shared information. This database must exist before you can
complete installation and configuration of vCloud Director software.
NOTE Regardless of the database software you choose, you must create a separate, dedicated database schema
for vCloud Director to use. vCloud Director cannot share a database schema with any other VMware product.
Configure an Oracle Database
Oracle databases have specific configuration requirements when you use them with vCloud Director. Install
and configure a database instance and create the vCloud Director database user account the before you install
vCloud Director.
Procedure
1 Configure the database server.
A database server configured with 16GB of memory, 100GB storage, and 4 CPUs should be adequate for
most vCloud Director clusters.
2 Create the database instance.
Use commands of the following form to create separate data (CLOUD_DATA) and index (CLOUD_INDX)
tablespaces:
Create Tablespace CLOUD_DATA datafile '$ORACLE_HOME/oradata/cloud_data01.dbf' size 1000M
autoextend on;
Create Tablespace CLOUD_INDX datafile '$ORACLE_HOME/oradata/cloud_indx01.dbf' size 500M
autoextend on;
3 Create the vCloud Director database user account.
The following command creates database user name vcloud with password vcloudpass.
Create user $vcloud identified by $vcloudpass default tablespace CLOUD_DATA;
NOTE When you create the vCloud Director database user account, you must specify CLOUD_DATA as
the default tablespace.
4 Configure database connection, process, and transaction parameters.
The database must be configured to allow at least 75 connections per vCloud Director cell plus about 50
for Oracle's own use. You can obtain values for other configuration parameters based on the number of
connections, where C represents the number of cells in your vCloud Director cluster.
Oracle Configuration Parameter Value for C Cells
CONNECTIONS
PROCESSES
SESSIONS
TRANSACTIONS
OPEN_CURSORS
75*C+50
= CONNECTIONS
= PROCESSES*1.1+5
= SESSIONS*1.1
= SESSIONS
VMware, Inc. 15
Loading...