vCloud Director Installation and Configuration Guide vCloud Director 1.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
vCloud Director Installation and Configuration Guide You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2010, 2011 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws.
Contents VMware vCloud Director Installation and Configuration Guide 5 1 Overview of vCloud Director Installation and Configuration 7 vCloud Director Architecture 7 Configuration Planning 8 vCloud Director Hardware and Software Requirements 9 2 Creating a vCloud Director Server Group 25 Install and Configure vCloud Director Software on Any Member of a Server Group 26 Configure Network and Database Connections 27 Start or Stop vCloud Director Services 31 Install vCloud Director Software on Additional Ser
vCloud Director Installation and Configuration Guide 4 VMware, Inc.
VMware vCloud Director Installation and Configuration Guide The VMware vCloud Director Installation and Configuration Guide provides information about installing VMware vCloud Director software and configuring it to work with VMware vCenter™ to provide VMware® ready VMware vCloud services. Intended Audience This book is intended for anyone who wants to install and configure VMware vCloud Director software.
vCloud Director Installation and Configuration Guide 6 VMware, Inc.
Overview of vCloud Director Installation and Configuration 1 ® A VMware vCloud combines a vCloud Director server group with the vSphere platform. You create a vCloud Director server group by installing vCloud Director software on one or more servers, connecting the servers to a shared database, and integrating the vCloud Director server group with vSphere.
vCloud Director Installation and Configuration Guide Figure 1-1.
Chapter 1 Overview of vCloud Director Installation and Configuration vCloud Director Hardware and Software Requirements Each server in a vCloud Director server group must meet certain hardware and software requirements. In addition, a supported database must be accessible to all members of the group. Each server group requires access to a vCenter server, a vShield Manager server, and one or more ESX/ESXi hosts.
vCloud Director Installation and Configuration Guide n vCenter servers must trust their ESX/ESXi hosts. vSphere Licensing Requirements vCloud Director requires the following vSphere licenses: n VMware DRS, licensed by vSphere Enterprise and Enterprise Plus. n VMware Distributed Switch and dvFilter, licensed by vSphere Enterprise Plus. This license enables creation and use of vCloud Director isolated networks. Supported vCloud Director Server Operating Systems Table 1-4.
Chapter 1 Overview of vCloud Director Installation and Configuration Supported LDAP Servers Table 1-6.
vCloud Director Installation and Configuration Guide Browsers That vCloud Director Supports The vCloud Director Web Console is compatible with many versions of the Firefox and Internet Explorer Web browsers. NOTE The vCloud Director Web Console is compatible only with 32-bit browsers. Where a browser is listed as supported on a 64-bit platform, use of a 32-bit browser on the 64-bit platform is implied. Browsers Supported on Microsoft Windows Platforms Table 1-8.
Chapter 1 Overview of vCloud Director Installation and Configuration Supported TLS and SSL Protocol Versions and Cipher Suites vCloud Director requires clients to use SSL. Supported versions include SSL 3.0 and TLS 1.0. Supported cipher suites include those with RSA, DSS, or Elliptic Curve signatures and DES3, AES-128, or AES-256 ciphers.
vCloud Director Installation and Configuration Guide Network Security Recommendations Secure operation of vCloud Director requires a secure network environment. Configure and test this network environment before you begin installing vCloud Director Connect all vCloud Director servers to a network that is secured and monitored. vCloud Director network connections have several additional requirements: n Do not connect vCloud Director directly to the public Internet.
Chapter 1 Overview of vCloud Director Installation and Configuration Installing and Configuring a vCloud Director Database vCloud Director cells use a database to store shared information. This database must exist before you can complete installation and configuration of vCloud Director software. NOTE Regardless of the database software you choose, you must create a separate, dedicated database schema for vCloud Director to use. vCloud Director cannot share a database schema with any other VMware product.
vCloud Director Installation and Configuration Guide 5 Create the vCloud Director database user account. Do not use the Oracle system account as the vCloud Director database user account. You must create a dedicated user account for this purpose.
Chapter 1 Overview of vCloud Director Installation and Configuration 3 Create the database instance. The following script creates the database and log files, specifying the proper collation sequence. USE [master] GO CREATE DATABASE [vcloud] ON PRIMARY (NAME = N'vcloud', FILENAME = N'C:\vcloud.mdf', SIZE = 100MB, FILEGROWTH = 10% ) LOG ON (NAME = N'vcdb_log', FILENAME = N'C:\vcloud.ldf', SIZE = 1MB, FILEGROWTH = 10%) COLLATE Latin1_General_CS_AS GO The values shown for SIZE are suggestions.
vCloud Director Installation and Configuration Guide Procedure 1 List the IP addresses for this server. Use a command like ifconfig to discover this server's IP addresses. 2 For each IP address, run the following command to retrieve the fully qualified domain name to which the IP address is bound. nslookup ip-address 3 Make a note of each IP address, the fully qualified domain name associated with it, and whether vCloud Director should use the address for the HTTP service or the console proxy service.
Chapter 1 Overview of vCloud Director Installation and Configuration 3 For the remaining questions, provide answers appropriate for your organization and location, as shown in this example. What is your first and last name? [Unknown]:mycloud.example.
vCloud Director Installation and Configuration Guide c Import the certificate for the HTTP service. This command imports the certificate from the http.cer file to the certificates.ks keystore file. keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import -alias http -file http.cer d Import the certificate for the console proxy service. This command imports the certificate from the consoleproxy.cer file to the certificates.ks keystore file.
Chapter 1 Overview of vCloud Director Installation and Configuration Procedure 1 Create an untrusted certificate for the HTTP service. This command creates an untrusted certificate in a keystore file named certificates.ks. keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -genkey -keyalg RSA alias http 2 Create an untrusted certificate for the console proxy service. This command adds an untrusted certificate to the keystore file created in Step 1. keytool -keystore certificates.
vCloud Director Installation and Configuration Guide 9 Enter the IP address, subnet mask, and default gateway for the vShield Manager virtual machine. You need this information to attach a vCenter Server to Cloud Director. 10 Type exit to log out. 11 Close the console and leave the virtual machine running. It is not necessary to synchronize vShield Manager with vCenter or register the vShield Manager as a vSphere Client plug-in when you use vShield Manager with vCloud Director.
Chapter 1 Overview of vCloud Director Installation and Configuration Procedure 1 Obtain and import the VMware Packaging Public Keys. a Create a directory to store the VMware Packaging Public Keys. b Use a Web browser to download all of the VMware Public Packaging Public Keys from the http://packages.vmware.com/tools/keys directory. c Save the key files to the directory that you created. d For each key that you download, run the following command to import the key.
vCloud Director Installation and Configuration Guide 24 VMware, Inc.
Creating a vCloud Director Server Group 2 A vCloud Director server group consists of one or more vCloud Director servers. Each server in the group runs a collection of services called a vCloud Director cell. To create a server group, you install vCloud Director software on each server, configure its network and database connections, and start its vCloud Director services. Prerequisites for Creating a vCloud Director Server Group IMPORTANT This procedure is for new installation only.
vCloud Director Installation and Configuration Guide 5 Verify that all vCloud Director servers, the database server, and all vCenter and vShield Manager servers can resolve each other's names as described in “Summary of Network Configuration Requirements,” on page 13. 6 Verify that all vCloud Director servers and the database server are synchronized to a network time server.
Chapter 2 Creating a vCloud Director Server Group 3 Verify that the checksum of the download matches the one posted on the download page. Values for both MD5 and SHA1 checksums are posted on the download page. Use the appropriate tool to verify that the checksum of the downloaded installation file matches the one shown on the download page. A command of the following form validates the checksum for installation-file using the MD5 checksum-value copied from the download page.
vCloud Director Installation and Configuration Guide Prerequisites n Verify that a database of a supported type is accessible from the vCloud Director server. See “Installing and Configuring a vCloud Director Database,” on page 15 and “vCloud Director Hardware and Software Requirements,” on page 9. n Have the following information available: n Location and password of the keystore file that includes the SSL certificates for this server. See “Create and Import a Signed SSL Certificate,” on page 18.
Chapter 2 Creating a vCloud Director Server Group 4 Configure audit message handling options. Services in each vCloud Director cell log audit messages to the vCloud Director database, where they are preserved for 90 days. To preserve audit messages longer, you can configure vCloud Director services to send audit messages to the syslog utility in addition to the vCloud Director database. Option Action To log audit messages to both syslog and the vCloud Director database.
vCloud Director Installation and Configuration Guide The script validates the information you supplied, then continues with three more steps. 1 It initializes the database and connects this server to it. 2 It offers to start vCloud Director services on this host. 3 It displays a URL at which you can connect to the Setup wizard after vCloud Director service starts. This fragment shows a typical completion of the script. Connecting to the database: jdbc:oracle:thin:vcloud/vcloud@10.150.10.
Chapter 2 Creating a vCloud Director Server Group 2 Reuse the response file. Copy the file to a location accessible to the servers you are ready to configure. The file must be owned by vcloud.vcloud and have read and write permission for the owner, as shown in this example, or the configuration script cannot use it. % ls -l responses.properties -rw------- 1 vcloud vcloud 418 Jun 8 13:42 responses.
vCloud Director Installation and Configuration Guide 2 Download the installation file to the target server. If you purchased the software on a CD or other media, copy the installation file to a location that is accessible to all target servers. 3 Ensure that the installation file is executable. The installation file requires execute permission.
Chapter 2 Creating a vCloud Director Server Group Guest OS Copy Destination Windows XP (32-bit) SysprepBinariesDirectory /winxp Windows XP (64-bit) SysprepBinariesDirectory /winxp_64 SysprepBinariesDirectory represents a location you choose to which to copy the binaries. 2 Run the /opt/vmware/cloud-director/deploymentPackageCreator/createSysprepPackage.sh SysprepBinariesDirectory command. For example, /opt/vmware/clouddirector/deploymentPackageCreator/createSysprepPackage.sh /root/MySysprepFiles.
vCloud Director Installation and Configuration Guide 34 VMware, Inc.
Upgrading vCloud Director 3 To upgrade vCloud Director to a new version, install the new version on each server in the vCloud Director server group, upgrade the vCloud Director database, and restart vCloud Director services. After you upgrade a vCloud Director server, you must also upgrade its vCloud Director database. The database stores information about the runtime state of the server, including the state of all vCloud Director tasks it is running.
vCloud Director Installation and Configuration Guide Using a Load Balancer to Reduce Service Downtime If you are using a load balancer or other tool that can force requests to go to specific servers, you can upgrade a subset of the server group while keeping existing services available on the remaining subset. This approach reduces vCloud Director service downtime to the length of time required to upgrade the vCloud Director database.
Chapter 3 Upgrading vCloud Director Prerequisites n Before you can run the tool on a vCloud Director 1.0 or 1.0.1 server, you must download the tool and install it. See http://kb.vmware.com/kb/1033575. n Verify that you have superuser credentials for the target server. n Verify that you have vCloud Director system administrator credentials. Procedure 1 Log in to the target server as root. 2 Use the cell management tool to gracefully shut down the cell. a Retrieve the current job status.
vCloud Director Installation and Configuration Guide Table 3-1. Cell Management Tool Options and Arguments, login and help Option Argument Description --help (-h) None Displays a usage message. --username (-u) vCloud Director system administrator user name You must have system administrator credentials to manage the task scheduler and view task status. --password (-p) vCloud Director system administrator password If you omit this argument, the tool prompts for the password.
Chapter 3 Upgrading vCloud Director Procedure 1 Log in to the target server as root. 2 Download the installation file to the target server. If you purchased the software on a CD or other media, copy the installation file to a location that is accessible to all target servers. 3 Verify that the checksum of the download matches the one posted on the download page. Values for both MD5 and SHA1 checksums are posted on the download page.
vCloud Director Installation and Configuration Guide After you confirm that you are ready to upgrade the server, the installer verifies that the host meets all requirements, unpacks the vCloud Director RPM package, stops vCloud Director services on the server, and upgrades the installed vCloud Director software. Would you like to upgrade now? (y/n) y Extracting vmware-vcloud-director ......done Upgrading VMware vCloud Director... Installing the VMware vCloud Director Preparing...
Chapter 3 Upgrading vCloud Director Procedure 1 Open a console, shell, or terminal window, and type the following command to run the database upgrade script. /opt/vmware/vcloud-director/bin/upgrade 2 Respond to the database upgrade prompt. Welcome to the vCloud Director upgrade utility This utility will apply several updates to the database. Please ensure you have created a backup of your database prior to continuing. Do you wish to upgrade the product now? [Y/N]: y Option Action Continue the upgrade.
vCloud Director Installation and Configuration Guide Upgrade vCenter and ESX/ESXi Hosts After you upgrade vCloud Director and its database, you can upgrade the vCenter servers and ESX/ESXi hosts attached to your cloud to enable new vCloud Director features. This upgrade is optional, but several vCloud Director features depend on it. For a list of vCloud Director features that depend on new versions of vCenter and ESX/ESXi, see “vCloud Director Hardware and Software Requirements,” on page 9.
Chapter 3 Upgrading vCloud Director 2 Upgrade all vShield Edge appliances that the upgraded vShield Manager manages. Use the vShield Manager user interface to manage this upgrade. NOTE If you use the vCloud Director Web console or REST API to reset a network that vShield Edge protects, this upgrade occurs automatically. Using the vShield Manager user interface to manage the vShield Edge provides better administrative control over the upgrade process and related network downtime.
vCloud Director Installation and Configuration Guide 44 VMware, Inc.
vCloud Director Setup 4 After you configure all servers in the vCloud Director server group and connect them to the database, you can initialize the server group's database with a license key, system administrator account, and related information. When this process is complete, you can use the vCloud Director Web Console to complete the initial provisioning of your cloud.
vCloud Director Installation and Configuration Guide Review the License Agreement Before you can configure a vCloud Director server group, you must review and accept the end user license agreement. Procedure 1 Review the license agreement. 2 Accept or reject the agreement. Option Action To accept the license agreement. Click Yes, I accept the terms in the license agreement. To reject the license agreement No, I do not accept the terms in the license agreement.
Chapter 4 vCloud Director Setup 2 Use the Installation ID field to specify the installation ID for this installation of vCloud Director. If a datacenter includes multiple installations of vCloud Director, each installation must specify a unique installation ID. Ready to Log In to vCloud Director After you provide all of the information that the Setup Wizard requires, you can confirm your settings and complete the wizard.
vCloud Director Installation and Configuration Guide 48 VMware, Inc.
Index A K AMQP broker, to install and configure 22 keystore 17 B L browsers, supported 12 C cell management tool, options 37 certificate self-signed 20 signed 18 configuration, confirm settings and complete 47 D database about 15 connection details 27 Oracle 15 SQL Server 16 supported platforms 9 to upgrade 40 E ESX/ESXi, to upgrade 42 F license agreement 46 M Microsoft Sysprep 32 N network configuration requirements 13 security of 14 P product serial number to enter 46 to obtain 46 R RPM fi
vCloud Director Installation and Configuration Guide 50 VMware, Inc.
