Cloud Director Administrator's Guide Cloud Director 1.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
Cloud Director Administrator's Guide You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2010 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws.
Contents About This Book 7 1 Getting Started with Cloud Director 9 Overview of Cloud Director Administration 9 Log In to the Web Console 11 Preparing the System 12 Create a Microsoft Sysprep Deployment Package 12 Replace a Microsoft Sysprep Deployment Package 13 Set User Preferences 14 Change a System Administrator Password 14 2 Adding Resources to Cloud Director 15 Adding vSphere Resources 15 Adding Cloud Resources 17 3 Creating and Provisioning Organizations 23 Understanding Leases 23 Create an Organ
Cloud Director Administrator's Guide Managing vSphere Datastores 66 Managing Stranded Items 66 7 Managing Organizations 69 Enable or Disable an Organization 69 Delete an Organization 69 Modify an Organization Name 70 Modify an Organization Full Name and Description 70 Modify Organization LDAP Options 70 Modify Organization Catalog Publishing Policy 71 Modify Organization Email Preferences 72 Modify Organization Lease, Quota, and Limit Settings 72 Add a Catalog to an Organization 73 Managing Organization
Contents View Usage Information for an Organization vDC Using Cloud Director's JMX Service 93 Viewing the Cloud Director Logs 94 Cloud Director and Cost Reporting 94 Monitoring Quarantined Files 94 93 11 Roles and Rights 97 Predefined Roles and Their Rights 97 Index 101 VMware, Inc.
Cloud Director Administrator's Guide 6 VMware, Inc.
About This Book The VMware Cloud Director Administrator's Guide provides information to the Cloud Director system administrator about how to add resources to the system, create and provision organizations, manage resources and organizations, and monitor the system. Intended Audience This book is intended for anyone who wants to configure and manage a Cloud Director installation.
Cloud Director Administrator's Guide Services provides offerings to help you assess, plan, build, and manage your virtual environment. To access information about education classes, certification programs, and consulting services, go to http://www.vmware.com/services. 8 VMware, Inc.
Getting Started with Cloud Director 1 The first time you log in to the Cloud Director Web console, the Home tab guides you through the steps to configure your installation. You can also set your user preferences and create a Microsoft Sysprep deployment package to support guest customization in Cloud Director virtual machines.
Cloud Director Administrator's Guide Cloud resources include provider and organization virtual datacenters, external networks, organization networks, and network pools. Before you can add cloud resources to Cloud Director, you must add vSphere resources. Provider Virtual Datacenters A provider virtual datacenter (vDC) combines the compute and memory resources of a single vCenter Server resource pool with the storage resources of one or more datastores available to that resource pool.
Chapter 1 Getting Started with Cloud Director Network Pools A network pool is a group of undifferentiated networks that is available for use within an organization vDC. A network pool is backed by vSphere network resources such as VLAN IDs, port groups, or Cloud isolated networks. Cloud Director uses network pools to create NAT-routed and internal organization networks and all vApp networks. Network traffic on each network in a pool is isolated at layer 2 from all other networks.
Cloud Director Administrator's Guide Preparing the System The Home tab in the Cloud Director Web console provides links to the tasks required to prepare the system for use. Links become active after you complete prerequisite tasks. For more information about each task, see Table 1-1. Table 1-1.
Chapter 1 Getting Started with Cloud Director Guest OS Copy Destination Windows XP (32-bit) SysprepBinariesDirectory /winxp Windows XP (64-bit) SysprepBinariesDirectory /winxp_64 SysprepBinariesDirectory represents a location you choose to which to copy the binaries. 2 Run the /opt/vmware/cloud-director/deploymentPackageCreator/createSysprepPackage.sh SysprepBinariesDirectory command. For example, /opt/vmware/cloud-director/deploymentPackageCreator/createSysprepPackage.sh / root/MySysprepFiles.
Cloud Director Administrator's Guide 5 If you have multiple Cloud cells, stop each cell and copy the package and properties file to each cell. scp /opt/vmware/cloud-director/guestcustomization/vcloud_sysprep.properties /opt/vmware/cloud-director/guestcustomization/windows_deployment_package_sysprep.cab root@next_cell_IP:/opt/vmware/cloud-director/guestcustomization 6 Restart each Cloud cell to which you copy the files.
Adding Resources to Cloud Director 2 Cloud Director derives its resources from an underlying vSphere virtual infrastructure. After you register vSphere resources in Cloud Director, you can allocate these resources for organizations within the Cloud Director installation to use.
Cloud Director Administrator's Guide Open the Attach New vCenter Wizard Open the Attach New vCenter wizard to start the process of attaching a vCenter Server to Cloud Director. Procedure 1 Click the Manage & Monitor tab and then click vCenters in the left pane. 2 Click the Attach New vCenter button. The Attach New vCenter wizard launches.
Chapter 2 Adding Resources to Cloud Director Cloud Director attaches the new vCenter Server and registers its resources for provider virtual datacenters to use. What to do next Assign a vShield for VMware Cloud Director license key in the vCenter Server. Assign a vShield License Key in vCenter After you attach a vCenter Server to Cloud Director, you must use the vSphere Client to assign a vShield for VMware Cloud Director license key.
Cloud Director Administrator's Guide If you plan to add a resource pool that is part of a cluster that uses VMware HA, you should make sure you are familiar with how VMware HA calculates slot size. For more information about slot sizes and customizing VMware HA behavior, see the VMware vSphere Availability Guide. Prerequisites Before you can create a provider vDC, you must attach at least one vCenter Server with an available resource pool to Cloud Director.
Chapter 2 Adding Resources to Cloud Director What to do next You can now create an organization network that connects to the external network. Network Pools A network pool is a group of undifferentiated networks that is available for use within an organization vDC to create vApp networks and certain types of organization networks. A network pool is backed by vSphere network resources such as VLAN IDs, port groups, or Cloud isolated networks.
Cloud Director Administrator's Guide Procedure 1 Click the Manage & Monitor tab and click Network Pools in the left pane. 2 Click the Add Network Pool button. 3 Select VCD Network Isolation-backed and click Next. 4 Type the number of networks to create from the network pool. 5 (Optional) Type a VLAN ID. 6 Select a vCenter Server and a vNetwork distributed switch and click Next. 7 Type a name and optional description for the network and click Next.
Chapter 2 Adding Resources to Cloud Director Set the MTU for a Network Pool Backed by Cloud Isolated Networks You can specify the maximum transmission unit (MTU) Cloud Director uses for a network pool that is backed by Cloud isolated networks. MTU is the maximum amount of data that can be transmitted in one packet before it is split into smaller packets.
Cloud Director Administrator's Guide 22 VMware, Inc.
Creating and Provisioning Organizations 3 Organizations provide resources to a group of users and set policies that determine how users can consume those resources. Create an organization for each group of users that requires its own resources, policies, or both.
Cloud Director Administrator's Guide Create an Organization Creating an organization involves specifying the organization settings and creating a user account for the organization administrator. Procedure 1 Open the New Organization Wizard on page 24 Open the New Organization wizard to start the process of creating an organization. 2 Name the Organization on page 25 Provide a descriptive name and an optional description for your new organization.
Chapter 3 Creating and Provisioning Organizations Name the Organization Provide a descriptive name and an optional description for your new organization. Procedure 1 Type an organization name. This name provides a unique identifier that appears as part of the URL that members of the organization use to log in to the organization. 2 Type a display name for the organization. This name appears in the browser header when an organization member uses the unique URL to log in to Cloud Director.
Cloud Director Administrator's Guide Add Local Users to the Organization Every organization should have at least one local, non-LDAP, organization administrator account, so that user can log in even if the LDAP service is unavailable. Procedure 1 Click Add. 2 Type a user name and password. 3 Assign a role to the user. 4 Type the contact information for the user. 5 Specify a user quota for stored and running virtual machines and click OK.
Chapter 3 Creating and Provisioning Organizations Configure Email Preferences Cloud Director requires an SMTP server to send user notification and system alert emails. An organization can use the system email settings or use its own email settings. Procedure 1 2 Select an SMTP server option. Option Description Use the system default SMTP server The organization uses the system SMTP server. Set organization SMTP server The organization uses its own SMTP server.
Cloud Director Administrator's Guide 4 Select the number of simultaneous VMware Remote Console connections for each virtual machine. You may want to limit the number of simultaneous connections for performance or security reasons. NOTE This setting does not affect Virtual Network Computing (VNC) or Remote Desktop Protocol (RDP) connections. 5 Click Next. Confirm Settings and Create the Organization Before you create the organization, review the settings you entered.
Chapter 3 Creating and Provisioning Organizations 7 Name the Organization vDC on page 32 Provide a descriptive name and an optional description for your new organization vDC. 8 Confirm Settings and Create the Organization vDC on page 32 Before you create the organization vDC, review the settings you entered. What to do next Add a network to the organization. Open the Allocate Resources Wizard Open the Allocate Resources wizard to start the process of creating an organization vDC for an organization.
Cloud Director Administrator's Guide Configure the Allocation Model Configure the allocation model to specify the amount of provider vDC resources to allocate to the organization vDC. Procedure 1 Select the allocation model options. Not all of the models include all of the options. 2 Option Action CPU allocation Enter the maximum amount of CPU, in GHz, to allocate to virtual machines running in the organization vDC.
Chapter 3 Creating and Provisioning Organizations Table 3-1. How Allocation Pool Settings Affect Resource Pool Settings (Continued) Allocation Pool Setting Allocation Pool Value Resource Pool Setting Resource Pool Value Memory Allocation 50 GB Memory Limit 50 GB Memory % Guarantee 20% Memory Reservation 10 GB Table 3-2.
Cloud Director Administrator's Guide Name the Organization vDC Provide a descriptive name and an optional description for your new organization vDC. Procedure 1 Type a name and optional description. You can use the name and description fields to indicate the vSphere functionality available to the organization vDC, for example, VMware HA. 2 Click Next. Confirm Settings and Create the Organization vDC Before you create the organization vDC, review the settings you entered.
Chapter 3 Creating and Provisioning Organizations Table 3-4. Types of Organization Networks and Their Requirements Organization Network Type Description Requirements External organization network - direct connection Accessible by multiple organizations. Virtual machines belonging to different organizations can connect to and see traffic on this network. This network provides direct layer 2 connectivity to machines outside of the organization.
Cloud Director Administrator's Guide 5 Type a name and optional description and click Next. 6 Review the settings for the organization network. Click Finish to accept the settings and create the organization network, or click Back to modify the settings. Add an External NAT-Routed Organization Network You can add an external NAT-routed organization network that only this organization can access.
Chapter 3 Creating and Provisioning Organizations Procedure 1 Click the Manage & Monitor tab and then click Organizations in the left pane. 2 Right-click the organization name and select Add Networks. 3 Select the type of setup and network type. You can create an external routed organization network using either method. 4 Option Network Type Typical Select the internal network check box. Advanced Select Internal organization network. Select a network pool and click Next.
Cloud Director Administrator's Guide 36 VMware, Inc.
Creating a Published Catalog 4 You can publish a catalog to make a set of vApp templates or media files available to all of the organizations in a Cloud Director installation. Organizations use catalogs to store vApp templates and media files. The members of an organization can use catalog items as the building blocks to create their own vApps. When you publish a catalog, the items in the catalog become available to all of the organizations in the Cloud Director installation.
Cloud Director Administrator's Guide Procedure 1 Click the Manage & Monitor tab and click Organizations in the left pane. 2 Right-click the organization name and select Open. 3 Click Catalogs and select My Organization's Catalogs in the left pane. 4 On the Catalogs tab, click the New button. 5 Type a catalog name and optional description and click Next. 6 Click Next. 7 Select Published to Organizations and click Next. 8 Review the catalog settings and click Finish.
Chapter 4 Creating a Published Catalog 3 Click Catalogs and select My Organization's Catalogs in the left pane. 4 On the vApp Templates tab, click the Import from vSphere button. 5 Select a vCenter Server and a virtual machine. 6 Type a name and optional description for the vApp template. 7 Select an organization vDC and catalog. 8 Choose whether to move or copy the virtual machine to the catalog. 9 Choose whether or not to mark the vApp template as a Gold Master in the catalog.
Cloud Director Administrator's Guide 5 Type a name and optional description for the media file. 6 Select the source vCenter Server and datastore and type the path to the media file. 7 Select an organization vDC and catalog. 8 Click OK. Publish a Catalog Publish a catalog to make its vApp templates and media files available to all organizations in the installation. Prerequisites The organization containing the catalog allows catalog publishing.
Managing Cloud Resources 5 Provider vDCs, organization vDCs, external networks, organization networks, and network pools are all considered Cloud resources. After you add Cloud resources to Cloud Director, you can modify them and view information about their relationships with each other.
Cloud Director Administrator's Guide Procedure 1 Click the Manage & Monitor tab and click Provider vDCs in the left pane. 2 Right-click the provider vDC name and select Delete. Modify a Provider vDC Name and Description As your Cloud Director installation grows, you might want to assign a more descriptive name or description to an existing provider vDC. Procedure 1 Click the Manage & Monitor tab and click Provider vDCs in the left pane. 2 Right-click the provider vDC name and select Properties.
Chapter 5 Managing Cloud Resources 3 Click the Hosts tab. 4 Right-click the host name and select Prepare Host or Unprepare Host. Cloud Director prepares or unprepares the host for all provider vDCs that use its resources. Upgrade an ESX/ESXi Host Agent for a Provider vDC Host Cloud Director installs agent software on each ESX/ESXi host in the installation. If you upgrade your ESX/ESXi hosts, you also need to upgrade your ESX/ESXi host agents.
Cloud Director Administrator's Guide 4 Click the Add button. 5 Select a datastore from the list, click Add, and click OK. Cloud Director does not support the use of read-only datastores with provider vDCs. In most cases, readonly datastores do not appear in the list, but some read-only NFS datastores may appear. Do not add these datastores to your provider vDC. VMware recommends that you use only shared storage. VMware DRS cannot migrate virtual machines on local storage.
Chapter 5 Managing Cloud Resources Managing Organization vDCs After you create an organization vDC, you can modify its properties, disable or delete it, and manage its allocation model, storage, and network settings. Create an Organization vDC Create an organization vDC to allocate resources to an organization. An organization vDC is partitioned from a provider vDC. A single organization can have multiple organization vDCs.
Cloud Director Administrator's Guide Select an Organization for the Organization vDC You can create an organization vDC to provide resources to any organization in the Cloud Director system. An organization can have more than one organization vDC. Procedure 1 Select an organization. 2 Click Next. Select a Provider vDC An organization vDC obtains its compute and storage resources from a provider vDC. The organization vDC provides these resources to vApps and virtual machines in the organization.
Chapter 5 Managing Cloud Resources Configure the Allocation Model Configure the allocation model to specify the amount of provider vDC resources to allocate to the organization vDC. Procedure 1 Select the allocation model options. Not all of the models include all of the options. 2 Option Action CPU allocation Enter the maximum amount of CPU, in GHz, to allocate to virtual machines running in the organization vDC.
Cloud Director Administrator's Guide Table 5-1. How Allocation Pool Settings Affect Resource Pool Settings (Continued) Allocation Pool Setting Allocation Pool Value Resource Pool Setting Resource Pool Value Memory Allocation 50 GB Memory Limit 50 GB Memory % Guarantee 20% Memory Reservation 10 GB Table 5-2.
Chapter 5 Managing Cloud Resources Name the Organization vDC Provide a descriptive name and an optional description for your new organization vDC. Procedure 1 Type a name and optional description. You can use the name and description fields to indicate the vSphere functionality available to the organization vDC, for example, VMware HA. 2 Click Next. Confirm Settings and Create the Organization vDC Before you create the organization vDC, review the settings you entered.
Cloud Director Administrator's Guide Modify an Organization vDC Name and Description As your Cloud Director installation grows, you might want to assign a more meaningful name or description to an existing organization vDC. Procedure 1 Click the Manage & Monitor tab and click Organization vDCs in the left pane. 2 Right-click the organization vDC name and select Properties. 3 On the General tab, type a new name and description and click OK.
Chapter 5 Managing Cloud Resources Managing External Networks After you create an external network, you can modify its name, description, and network specification, add IP addresses to its IP address pool, or delete the network. Modify an External Network Name and Description As your Cloud Director installation grows, you might want to assign a more descriptive name or description to an existing external network. Procedure 1 Click the Manage & Monitor tab and click External Networks in the left pane.
Cloud Director Administrator's Guide Managing Organization Networks Only a system administrator can add, reset, and delete an organization network. System administrators and organization administrators can modify organization network properties, configure organization network services, and view IP address allocations. Creating Organization Networks Add a network to an organization to enable its virtual machines to communicate with each other or to provide access to the Internet.
Chapter 5 Managing Cloud Resources 3 Select an organization and click Next. 4 Select the type of setup and network type. You can create an external direct organization network using either method. 5 Option Network Type Typical Select the external network check box and select direct connection from the drop-down menu. Advanced Select External organization network - direct connection. Select an external network and click Next.
Cloud Director Administrator's Guide 7 (Optional) Type an external IP address for the network to use for NAT services, click Add, and click Next. This setting is only available in advanced setup. You can add more than one external IP address. 8 Type a name and optional description and click Next. 9 Review the settings for the organization network. Click Finish to accept the settings and create the organization network, or click Back to modify the settings.
Chapter 5 Managing Cloud Resources Table 5-5. Network Services Available by Network Type Network Type DHCP Firewall NAT External organization network - NAT-routed connection X X X Internal organization network X External organization network - direct connection Configure DHCP for an Organization Network You can configure certain organization networks to provide DHCP services to virtual machines in the organization.
Cloud Director Administrator's Guide Add a Firewall Rule for an Organization Network You can add firewall rules to an organization network that supports a firewall to allow traffic that matches the rules to pass through the firewall. In order for a firewall rule to be enforced, you must enable the firewall for the organization network. See “Enable the Firewall for an Organization Network,” on page 55. Both system administrators and organization administrators can add firewall rules.
Chapter 5 Managing Cloud Resources Procedure 1 Click the Manage & Monitor tab and click Organization Networks in the left pane. 2 Right-click the organization network name and select Configure Services. 3 Click the NAT - External IPs tab. 4 Type an IP address and click Add. The IP address must be routable on the external network and unique across internal networks. 5 Click OK. What to do next Configure external IP mapping using the external IP address.
Cloud Director Administrator's Guide Prerequisites An external NAT-routed organization network or an internal organization network. Procedure 1 Click the Manage & Monitor tab and click Organization Networks in the left pane. 2 Right-click the organization network name and select Reset Network. 3 Click Yes. Delete an Organization Network You can delete an organization network to remove it from the organization. Prerequisites Verify that no virtual machines are connected to the organization network.
Chapter 5 Managing Cloud Resources Modify an Organization Network Name and Description As your Cloud Director installation grows, you might want to assign a more descriptive name or description to an existing organization. Procedure 1 Click the Manage & Monitor tab and click Organization Networks in the left pane. 2 Right-click the organization network name and select Properties. 3 On the Name and Description tab, type a new name and optional description and click OK.
Cloud Director Administrator's Guide Add Cloud Isolated Networks to a Network Pool You can add Cloud isolated networks to a VCD network isolation-backed network pool. Prerequisites A VCD network isolation-backed network pool Procedure 1 Click the Manage & Monitor tab and click Network Pools in the left pane. 2 Right-click the network pool name and select Edit Network Pool. 3 On the Network Pool Settings tab, type the number of VCD isolated networks and click OK.
Chapter 5 Managing Cloud Resources Table 5-6. Cloud Cell Commands Command Description service vmware-vcd start Starts the cell service vmware-vcd restart Restarts the cell service vmware-vcd stop Stops the cell When you stop a cell, you may want to display a maintenance message to users that attempt to access that cell using a browser or the vCloud API. See “Turn On Cloud Cell Maintenance Message,” on page 61.
Cloud Director Administrator's Guide Turn Off Cloud Cell Maintenance Message When you are finished performing maintenance on a cell and ready to restart the cell, you can turn off the maintenance message. Procedure 1 Run the /opt/vmware/cloud-director/bin/vmware-vcd-cell stop command. 2 Start the cell using the service vmware-vcd start command. Users can now access the cell using a browser or the vCloud API. 62 VMware, Inc.
Managing vSphere Resources 6 After you add vSphere resources to the Cloud Director system, you can perform some management functions from Cloud Director. You can also use the vSphere Client to manage these resources. vSphere resources include vCenter servers, resource pools, ESX/ESXi hosts, datastores, and network switches and ports.
Cloud Director Administrator's Guide Enable or Disable a vCenter Server You can disable a vCenter Server to perform maintenance. Procedure 1 Click the Manage & Monitor tab and click vCenters in the left pane. 2 Right-click the vCenter Server name and select Disable vCenter or Enable vCenter. 3 Click Yes. Remove a vCenter Server You can remove a vCenter Server to stop using its resources with Cloud Director.
Chapter 6 Managing vSphere Resources Move Running Virtual Machines from one ESX/ESXi Host to Another You can move all the virtual machines that are running on one ESX/ESXi host to another. This is useful if you want to unprepare a host, or if you want to perform maintenance on a host without affecting running virtual machines. Prerequisites You must disable the host. Procedure 1 Click the Manage & Monitor tab and click Hosts in the left pane. 2 Right-click the host name and select Redeploy all VMs.
Cloud Director Administrator's Guide Repair an ESX/ESXi Host If the Cloud Director agent on an ESX/ESXi host cannot be contacted, try to repair the host. Procedure 1 Click the Manage & Monitor tab and click Hosts in the left pane. 2 Right-click the host name and select Repair Host. Managing vSphere Datastores You can enable or disable vSphere datastores in the Cloud Director system and also configure low disk space warnings for each datastore.
Chapter 6 Managing vSphere Resources Delete a Stranded Item You can delete a stranded item to attempt to remove an object from vSphere that you already deleted from Cloud Director. Procedure 1 Click the Manage & Monitor tab and click Stranded Items in the left pane. 2 Right-click a stranded item and select Delete. Cloud Director attempts to delete the stranded item from vSphere. 3 Refresh the page display.
Cloud Director Administrator's Guide 68 VMware, Inc.
Managing Organizations 7 After you create an organization, you can modify its properties, enable or disable it, or delete it.
Cloud Director Administrator's Guide Procedure 1 Click the Manage & Monitor tab and click Organization in the left pane. 2 Right-click the organization name and select Delete. 3 Click Yes. Modify an Organization Name As your Cloud Director installation grows, you might want to assign a more descriptive name to an existing organization. Prerequisites You must disable the organization before you can rename it. Procedure 1 Click the Manage & Monitor tab and click Organizations in the left pane.
Chapter 7 Managing Organizations 4 5 Select the new source for organization users. Option Description Do not use LDAP Organization administrator creates a local user account for each user in the organization. You cannot create groups if you select this option. VCD system LDAP service Use the LDAP service for the Cloud Director system as the source for organization users and groups. Custom LDAP service Connect the organization to its own private LDAP service.
Cloud Director Administrator's Guide Modify Organization Email Preferences Cloud Director requires an SMTP server to send user notification and system alert emails. You can modify the settings you specified when you created the organization. Procedure 1 Click the Manage & Monitor tab and click Organizations in the left pane. 2 Right-click the organization name and select Properties. 3 Click the Email Preferences tab. 4 Select an SMTP server option.
Chapter 7 Managing Organizations 5 Select the quotas for running and stored virtual machines. Quotas determine how many virtual machines each user in the organization can store and power on in the organization's virtual datacenters. The quota you specify affects all the users in the organization. 6 Select the limits for resource intensive operations. Certain Cloud Director operations, for example copy and move, are more resource intensive than others.
Cloud Director Administrator's Guide Managing Organization Users and Groups When you create an organization, you can add one or more local users to the organization. After you create the organization, you, or an organization administrator, can add local users, LDAP users, and LDAP groups to the organization. For more information about adding users and groups to an organization, see the VMware Cloud Director User's Guide.
Chapter 7 Managing Organizations 3 Click the My Cloud tab and click vApps in the left pane. 4 Right-click the running vApp and select Force Stop. 5 Click Yes. VMware, Inc.
Cloud Director Administrator's Guide 76 VMware, Inc.
Managing System Administrators and Roles 8 You can add system administrators to Cloud Director individually, or as part of an LDAP group. You can also add and modify the roles that determine what rights a user has within their organization.
Cloud Director Administrator's Guide Import a System Administrator To add a user with system administrator rights, you can import an LDAP user as a system administrator. System administrators have full rights to Cloud Director and all of its organizations. Prerequisites Verify that you have a valid connection to an LDAP server. Procedure 1 Click the Administration tab and then click Users in the left pane. 2 Click the Import User button.
Chapter 8 Managing System Administrators and Roles Send an Email Notification to Users You can send an email notification to all the users in the entire installation, all system administrators, or all organization administrators. You can send an email notification to let users know about upcoming system maintenance, for example. Prerequisites Verify that you have a valid connection to an SMTP server. Procedure 1 Click the Administration tab and click Users in the left pane.
Cloud Director Administrator's Guide Delete an LDAP Group You can remove a group of system administrators from the Cloud Director system by deleting their LDAP group. When you delete an LDAP group, users who have a Cloud Director account based solely on their membership in that group will become stranded and unable to log in. See “Delete a System Administrator Who Lost Access to the System,” on page 79. Procedure 1 Click the Administration tab and click Groups in the left pane.
Chapter 8 Managing System Administrators and Roles Copy a Role To create a role based on an existing role, you can copy a role and modify its rights. Procedure 1 Click the Administration tab and click Roles in the left pane. 2 Right-click a role and select Copy to. 3 Type a name and optional description for the role. 4 Select the rights for the role and click OK. Edit a Role You can modify the name, description, and rights of a role.
Cloud Director Administrator's Guide 82 VMware, Inc.
9 Managing System Settings A Cloud Director system administrator can control system-wide settings related to LDAP, email notification, licensing, and general system preferences.
Cloud Director Administrator's Guide Table 9-1. General System Settings (Continued) Name Category Description Login Policy Login Policy Select a login policy. Activity Log History to keep Activity Log Number of days of log history to keep before deleting it. Type 0 to never delete logs. Activity Log History shown Activity Log Number of days of log history to display. Type 0 to show all activity.
Chapter 9 Managing System Settings 7 (Optional) Type a destination email address to test the SMTP settings and click Test SMTP settings. 8 Click Apply. Configure System Notification Settings Cloud Director sends system alert emails when it has important information to report. For example, Cloud Director sends an alert when a datastore is running out of space. You can configure Cloud Director to send email alerts to all system administrators or to a specified list of email addresses.
Cloud Director Administrator's Guide Table 9-2. Supported Combinations of Operating System, LDAP Server, and Authentication Method (Continued) Operating System LDAP Server Authentication Method Windows 7 (2008 R2) Active Directory Kerberos SSL Linux OpenLDAP Simple Linux OpenLDAP Simple SSL Configure an LDAP Connection You can configure an LDAP connection to provide Cloud Director and its organizations with access to users and groups on the LDAP server.
Chapter 9 Managing System Settings 7 Type a user name and password to connect to the LDAP server. If anonymous read support is enabled on your LDAP server, you can leave these text boxes blank. 8 Authentication Method User Name Description Simple Type the full LDAP DN. Kerberos Type the name in the form of user@REALM.com. Click Apply. What to do next You can now add LDAP users and groups to the system and to organizations that use the system LDAP settings.
Cloud Director Administrator's Guide 3 Type the name of a user in the LDAP directory and click Test. 4 Review the attribute mapping and click OK. What to do next You can customize LDAP user and group attributes based on the results of the test. Customize LDAP User and Group Attributes LDAP attributes provide Cloud Director with details about how user and group information is defined in the LDAP directory. Cloud Director maps the information to its own database.
Chapter 9 Managing System Settings 5 Type a URL that links to a web site that provides information about your Cloud Director installation. For example, http://www.example.com. Users can follow the link by clicking the company name in the footer of the client UI. 6 Type a URL that links to a web site that provides support for this Cloud Director installation. The Support link on the Home tab of all Cloud Director organizations will open this URL.
Cloud Director Administrator's Guide Configure the Public REST API Base URL If your Cloud Director installation includes multiple Cloud cells running behind a load balancer or NAT, or if the Cloud cells do not have publicly-routable IP addresses, you can set a public REST API base URL. During the initial configuration of each Cloud cell, you specified an HTTP service IP address.
Monitoring Cloud Director 10 System administrators can monitor completed and in-progress operations and view resource usage information at the provider vDC, organization vDC, and datastore level.
Cloud Director Administrator's Guide Procedure 1 Log in to the Cloud Director system as a system administrator. 2 Click the Manage & Monitor tab and click Logs in the left pane. 3 Click the Tasks tab. Cloud Director displays information about each system-level task. 4 Double-click a task for more information.
Chapter 10 Monitoring Cloud Director Procedure 1 Click the Manage & Monitor tab and click Organizations in the left pane. 2 Right-click the organization name and select Open. 3 Click the My Cloud tab and click Logs in the left pane. 4 Click the Events tab. Cloud Director displays information about each organization-level event. 5 Double-click an event for more information. Only system administrators can view the details about most events.
Cloud Director Administrator's Guide 3 Click Remote Process and type the JMX service URL. The URL consists of the host name or IP address of the Cloud Director server, followed by the port number. For example, example.com:8999. The default port is 8999. 4 Type a Cloud Director system administrator user name and password and click Connect. 5 Click the MBeans tab. Viewing the Cloud Director Logs Cloud Director provides logging information for each cloud cell in the system.
Chapter 10 Monitoring Cloud Director Quarantine Uploaded Files You can quarantine files that users upload to Cloud Director so that you can process the files (for example, scan them for viruses) before accepting them. Procedure 1 Click the Administration tab and click General in the left pane. 2 Select the Enable upload quarantine checkbox and type a timeout in seconds. The timeout represents the amount of time to quarantine uploaded files before deleting them. 3 Click Apply.
Cloud Director Administrator's Guide Accept or Reject a Quarantine Request Using JConsole You can use JConsole to accept or quarantine service requests. You will need the information in the request message to construct a response message. Prerequisites You have the text of the request message. Procedure 1 Paste the text of the request message into a text editor. 2 Change the XML element name to QuarantineResponseMessage and add a new attribute to the element, response="accept" or response="reject".
11 Roles and Rights Cloud Director uses roles, and their associated rights, to determine which users and groups can perform which operations. System administrators can create and modify roles. System administrators and organization administrators can assign roles to users and groups in an organization. Cloud Director includes several predefined roles.
Cloud Director Administrator's Guide Table 11-1.
Chapter 11 Roles and Rights Table 11-1.
Cloud Director Administrator's Guide Table 11-1. Default Rights for the Predefined Roles (Continued) System Administrator Organization Administrator General: Administrator Control X X General: Administrator View X X 100 Catalog Author vApp Author vApp User Console Access Only VMware, Inc.
Index A branding the UI 88 repairing 43, 66 upgrading agent 43, 65 external networks adding 18 adding IP addresses 51 defined 18 deleting 51 name and description 51 specification 51 C G activity log 91, 92 adding resources 15 adding vSphere resources 15 allocation models 29, 30, 46, 47 allocation pool allocation model 29, 46 B catalog publishing, enabling 37 catalogs adding 73 creating 37 publishing 37, 40 changing your password 14 Cisco Nexus 1000V 20 cloud cells adding 61 deleting 61 maintenance m
Cloud Director Administrator's Guide media, uploading 39 Microsoft Sysprep 12, 13 monitoring, tasks and events 91 monitoring Cloud Director 91 MTU 21 N network pools adding Cloud isolated networks 60 adding port groups 59 adding VLAN IDs 60 Cloud network isolation-backed 19 defined 19 deleting 60 name and description 59 port group-backed 20 setting the MTU 21 VLAN-backed 19 network quota 31, 48 network services 54 Nexus 1000V 20 O organization networks adding 32 adding a firewall rule 56 adding IP addres
Index Q U quarantine service accepting requests 96 enabling 95 overview 94 rejecting requests 96 viewing requests 95 quick start tasks 12 uploading media 39 vApps 38 user preferences 14 R reservation pool allocation model 29, 46 roles copying 81 creating 80 deleting 81 editing 81 roles and rights 97 runtime leases 23 S SMTP server 72 SMTP settings 84 storage leases 23 stranded items deleting 67 force deleting 67 system monitoring tasks 91 roles and rights 80 system administrators creating accounts 77
Cloud Director Administrator's Guide 104 VMware, Inc.
