5.1
Table Of Contents
- vCloud Director Installation and Upgrade Guide
- Contents
- VMware vCloud Director Installation and Upgrade Guide
- Overview of vCloud Director Installation, Configuration, and Upgrade
- vCloud Director Architecture
- Configuration Planning
- vCloud Director Hardware and Software Requirements
- Creating a vCloud Director Server Group
- Upgrading vCloud Director
- vCloud Director Setup
- Index
Changes to Upgraded Networks
Because of changes in the vCloud Director networking infrastructure, existing networks and services are
sometimes modified by the upgrade process. While none of these modifications affect existing network
connections, post-upgrade reconfiguration might be required for some network services.
Organization Networks
When you upgrade vCloud Director to this release, existing organization networks are converted to use the
new vCloud Director networking infrastructure. You can expect to see the following changes in your upgraded
organization networks.
n
Routed organization networks become routed organization vDC networks. These networks are connected
to an Edge Gateway in one of your organization vDCs. Services, such as NAT and firewall, that had been
defined in the organization network are now defined in the Edge Gateway. If your organization has
multiple vDCs, organization vDC networks created during an upgrade are shared across all vDCs in the
organization.
n
Isolated organization networks become isolated organization vDC networks.
n
Directly connected organization networks are unchanged.
n
New organization VDC networks use the network pool assigned to the organization VDC in which the
network is created.
n
NAT rules in routed organization networks are converted to Edge Gateway NAT rules. The effect of each
rule remains the same, though the rule is expressed differently. See the vCloud Director Administrator's
Guide for more about NAT rules. NAT rules in routed vApp networks are unchanged.
Edge Gateways and vApp Networks
Firewall services and firewall rules have been changed to allow greater flexibility in configuration in both Edge
gateways and vApp networks.
After an upgrade, all firewall services in Edge Gateways and routed vApp networks are running in
compatibility mode, which preserves the operational semantics of their firewall rules. After you convert
existing firewall rules to the current format, you can upgrade your networks to remove the limitations imposed
by compatibility mode. See the vCloud Director Administrator's Guide for more about firewall rules.
Network Limitations in Compatibility Mode
Several limitations apply while the system is in compatibility mode.
n
Each EdgeGateway can support exactly one uplink and one internal interface, so there can be only one
routed organization vDC network per Edge Gateway.
n
Version 5.1 firewall rules cannot be created in a firewall service.
To remove these limitations, see “Reconfigure Edge Gateways and vApp Networks to Enable Normal
Operation,” on page 48
Reconfigure Edge Gateways and vApp Networks to Enable Normal Operation
After you convert existing firewall rules to the current format, you can reconfigure your Edge Gateways and
vApp networks to enable normal operation and remove the limitations imposed by compatibility mode.
In earlier releases of vCloud Director, firewall rules specified the direction of packets subject to the rule.
Beginning with this release, packet direction is derived from the source and destination IP addresses. In the
Source or Destination IP address of a firewall rule, you can now use the keywords internal and external in
addition to the any keyword or an IP address.
vCloud Director Installation and Upgrade Guide
48 VMware, Inc.