vCloud Director Installation and Upgrade Guide vCloud Director 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
vCloud Director Installation and Upgrade Guide You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2010–2013 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws.
Contents VMware vCloud Director Installation and Upgrade Guide 5 1 Overview of vCloud Director Installation, Configuration, and Upgrade 7 vCloud Director Architecture 7 Configuration Planning 8 vCloud Director Hardware and Software Requirements 8 2 Creating a vCloud Director Server Group 23 Install and Configure vCloud Director Software on the First Member of a Server Group Configure Network and Database Connections 26 Install vCloud Director Software on Additional Members of a Server Group 29 Install M
vCloud Director Installation and Upgrade Guide 4 VMware, Inc.
VMware vCloud Director Installation and Upgrade Guide The VMware vCloud Director Installation and Upgrade Guide provides information about installing or upgrading VMware vCloud Director software and configuring it to work with VMware vCenter™ to ® provide VMware-ready VMware vCloud services. Intended Audience The VMware vCloud Director Installation and Upgrade Guide is intended for anyone who wants to install or upgrade VMware vCloud Director software.
vCloud Director Installation and Upgrade Guide 6 VMware, Inc.
Overview of vCloud Director Installation, Configuration, and Upgrade 1 ® A VMware vCloud combines a vCloud Director server group with the vSphere platform. You create a vCloud Director server group by installing vCloud Director software on one or more servers, connecting the servers to a shared database, and integrating the vCloud Director server group with vSphere. The initial configuration of vCloud Director, including database and network connection details, is established during installation.
vCloud Director Installation and Upgrade Guide Figure 1‑1. vCloud Director Architecture Diagram vCloud Director Installation vCloud Director Database vCloud Director Server Cell VMware vCloud Director VMware vSphere ESX/ESXi ESX/ESXi vCenter vShield Manager vCenter Database The vCloud Director installation and configuration process creates the cells, connects them to the shared database, and establishes the first connections to a vCenter server, vShield Manager, and hosts.
Chapter 1 Overview of vCloud Director Installation, Configuration, and Upgrade vSphere Configuration Requirements Servers and hosts intended for use with vCloud Director must meet specific configuration requirements. n vCenter networks intended for use as vCloud Director external networks or network pools must be available to all hosts in any cluster intended for vCloud Director to use.
vCloud Director Installation and Upgrade Guide Table 1‑2. Required Software Packages (Continued) Package Name Package Name Package Name findutils libXau redhat-lsb glibc libXdmcp sed grep libXext tar initscripts libXi which krb5-libs libXt libgcc libXtst Supported vCloud Director Databases vCloud Director supports Oracle and Microsoft SQL Server databases.
Chapter 1 Overview of vCloud Director Installation, Configuration, and Upgrade Table 1‑4. Browser Support and Operating System Compatibility on Linux Platforms Platform Google Chrome Mozilla Firefox CentOS 6.x YES YES Red Hat Enterprise Linux 6.x YES YES Ubuntu 12.x YES YES Browser Support on Windows Platforms On Windows platforms, the vCloud Director Web Console is compatible with at least one version of Microsoft Internet Explorer.
vCloud Director Installation and Upgrade Guide Summary of Network Configuration Requirements for vCloud Director Secure, reliable operation of vCloud Director depends on a secure, reliable network that supports forward and reverse lookup of hostnames, a network time service, and other services. Your network must meet these requirements before you begin installing vCloud Director.
Chapter 1 Overview of vCloud Director Installation, Configuration, and Upgrade in your cloud to create catalogs that are published externally, it is safe to assume that hundreds or even thousands of catalog items will need space on this volume, and that each catalog item will be the size of a virtual machine in compressed OVF form. NOTE If possible, the volume you use for transfer server storage should be one whose capacity can be easily expanded.
vCloud Director Installation and Upgrade Guide Table 1‑7. Ports That Must Allow Outgoing Packets From vCloud Director Hosts (Continued) Port Protocol Comments 61611 TCP ActiveMQ 61616 TCP ActiveMQ n Route traffic between vCloud Director servers and the vCloud Director database server over a dedicated private network if possible. n Virtual switches and distributed virtual switches that support provider networks must be isolated from each other.
Chapter 1 Overview of vCloud Director Installation, Configuration, and Upgrade 4 Configure database connection, process, and transaction parameters. The database must be configured to allow at least 75 connections per vCloud Director cell plus about 50 for Oracle's own use. You can obtain values for other configuration parameters based on the number of connections, where C represents the number of cells in your vCloud Director cluster.
vCloud Director Installation and Upgrade Guide Procedure 1 Configure the database server. A database server configured with 16GB of memory, 100GB storage, and 4 CPUs should be adequate for most vCloud Director clusters. 2 Specify Mixed Mode authentication during SQL Server setup. Windows Authentication is not supported when using SQL Server with vCloud Director. 3 Create the database instance. The following script creates the database and log files, specifying the proper collation sequence.
Chapter 1 Overview of vCloud Director Installation, Configuration, and Upgrade Create SSL Certificates vCloud Director requires SSL to secure communications between clients and servers. Before you install and configure a vCloud Director server group, you must create two certificates for each member of the group and import the certificates into host keystores. Each vCloud Director server requires two IP addresses, so that it can support two different SSL endpoints.
vCloud Director Installation and Upgrade Guide Procedure 1 Create an untrusted certificate for the HTTP service. This command creates an untrusted certificate in a keystore file named certificates.ks. keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -genkey -keyalg RSA alias http The certificate is valid for 90 days. 2 Answer the keytool questions.
Chapter 1 Overview of vCloud Director Installation, Configuration, and Upgrade 10 When you receive the signed certificates, import them into the keystore file. a Import the Certification Authority's root certificate into the keystore file. This command imports the root certificate from the root.cer file to the certificates.ks keystore file. keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import -alias root -file root.
vCloud Director Installation and Upgrade Guide n Verify that you have access to a computer that has a Java version 6 runtime environment, so that you can use the keytool command to create the certificate. The vCloud Director installer places a copy of keytool in /opt/vmware/vcloud-director/jre/bin/keytool, but you can perform this procedure on any computer that has a Java version 6 runtime environment installed.
Chapter 1 Overview of vCloud Director Installation, Configuration, and Upgrade Procedure 1 Use the vSphere Client to log in to your vCenter Server. 2 Select File > Deploy OVF Template. 3 Browse to the location of the vShield Manager.ovf file and follow the prompts to deploy the OVF file. 4 After the OVF file is deployed, power on the vShield Manager virtual machine and open the console. 5 Log in to the console with the user name admin and password default. 6 At the manager prompt, type enable.
vCloud Director Installation and Upgrade Guide n The port at which the broker listens for messages. The default is 5672. n The RabbitMQ virtual host. The default is "/". What to do next By default, the vCloud Director AMQP service sends unencrypted messages. If you configure it to encrypt these messages using SSL, it verifies the broker's certificate by using the default JCEKS trust store of the Java runtime environment on the vCloud Director server.
Creating a vCloud Director Server Group 2 A vCloud Director server group consists of one or more vCloud Director servers that share a common database and other configuration details. To create a server group, you install and configure vCloud Director software on the first member of the group. Installation and configuration of the first group member creates a response file that you use to configure additional members of the group.
vCloud Director Installation and Upgrade Guide n Verify that the database service starts when the database server is rebooted. 5 Verify that all vCloud Director servers, the database server, and all vCenter and vShield Manager servers can resolve each other's names as described in “Summary of Network Configuration Requirements for vCloud Director,” on page 12.
Chapter 2 Creating a vCloud Director Server Group 2 Download the installation file to the target server. If you purchased the software on a CD or other media, copy the installation file to a location that is accessible to all target servers. 3 Verify that the checksum of the download matches the one posted on the download page. Values for MD5 and SHA1 checksums are posted on the download page.
vCloud Director Installation and Upgrade Guide Configure Network and Database Connections After vCloud Director software is installed on the server, the installer prompts you to run a script that configures the server's network and database connections. You must install vCloud Director software on the server before you can run the configuration script. The installer prompts you to run the script after installation is complete, but you can choose to run it later.
Chapter 2 Creating a vCloud Director Server Group Choice [default=1]:2 Please enter your choice for the remote console proxy IP address 1: 10.17.118.158 Choice [default=1]: 2 Specify the full path to the Java keystore file. Please enter the path to the Java keystore containing your SSL certificates and private keys:/opt/keystore/certificates.ks 3 Type the keystore and certificate passwords.
vCloud Director Installation and Upgrade Guide 7 Specify database connection information. The information that the script requires depends on your choice of database type. This example shows the prompts that follow specification of an Oracle database. Prompts for other database types are similar. a Type the hostname or IP address of the database server. Enter the host (or IP address) for the database:10.150.10.78 b Type the database port, or press Enter to accept the default value.
Chapter 2 Creating a vCloud Director Server Group To add more servers to this group, see “Install vCloud Director Software on Additional Members of a Server Group,” on page 29. After vCloud Director services are running on all servers, you can open the Setup wizard at the URL displayed when the script completes. See Chapter 4, “vCloud Director Setup,” on page 43.
vCloud Director Installation and Upgrade Guide n Verify that the SSL certificates that you created for this server are installed in a location that the installer can access. See “Create and Import a Signed SSL Certificate,” on page 17. The configuration script does not run with a privileged identity, so the keystore file and the path in which it is stored must be readable by any user. Using the same keystore path (for example, /tmp/certificates.
Chapter 2 Creating a vCloud Director Server Group When the configuration script runs, it looks for the certificates in the path saved in the response file (for example, /tmp/certificates.ks) , then prompts you to supply the keystore and certificate passwords. If the configuration script does not find valid certificates in the pathname saved in the response file, it prompts you for a pathname to the certificates. 6 (Optional) Repeat this procedure to add more servers to this server group.
vCloud Director Installation and Upgrade Guide 5 Copy the Sysprep binary files to the appropriate location on each vCloud Director server in the server group. 6 Ensure that the Sysprep files are readable by the user vcloud.vcloud. Use the Linux chown command to do this. [root@cell1 /]# chown -R vcloud.vcloud $VCLOUD_HOME/guestcustomization When the Sysprep files are copied to all members of the server group, you can perform guest customization on virtual machines in your cloud.
Upgrading vCloud Director 3 To upgrade vCloud Director to a new version, install the new version on each server in the vCloud Director server group, upgrade the vCloud Director database, and restart vCloud Director services. You must also upgrade the vSphere components that support vCloud Director, including vShield Manager. After you upgrade a vCloud Director server, you must also upgrade its vCloud Director database.
vCloud Director Installation and Upgrade Guide 6 Upgrade vShield Manager. All vShield Manager installations registered to this server group must be upgraded to a version of vShield Manager software that is compatible with the version of vCloud Director installed by the upgrade. If the upgrade program detects an incompatible version of vShield Manager, upgrading is not allowed.
Chapter 3 Upgrading vCloud Director Displaying the Maintenance Message During an Upgrade If you anticipate a lengthy upgrade process and want to have the system display a maintenance message while the upgrade is underway, verify that at least one cell remains accessible while the others are being upgraded. Run the /opt/vmware/vcloud-director/bin/vmware-vcd-cell command on that cell to turn on the cell maintenance message. [root@cell1 /opt/vmware/vcloud-director/bin]# .
vCloud Director Installation and Upgrade Guide 2 Use the cell management tool to gracefully shut down the cell. a Retrieve the current job status. The following cell-management-tool command supplies system administrator credentials and returns the count of running jobs. [root@cell1 /opt/vmware/vclouddirector/bin]# ./cell-management-tool -u administrator cell --status Job count = 3 Is Active = true b Stop the task scheduler to quiesce the cell. Use a cell-management-tool command of the following form.
Chapter 3 Upgrading vCloud Director Procedure 1 Log in to the target server as root. 2 Download the installation file to the target server. If you purchased the software on a CD or other media, copy the installation file to a location that is accessible to all target servers. 3 Verify that the checksum of the download matches the one posted on the download page. Values for MD5 and SHA1 checksums are posted on the download page.
vCloud Director Installation and Upgrade Guide After you confirm that you are ready to upgrade the server, the installer verifies that the host meets all requirements, unpacks the vCloud Director RPM package, stops vCloud Director services on the server, and upgrades the installed vCloud Director software. Would you like to upgrade now? (y/n) y Extracting vmware-vcloud-director ......done Upgrading VMware vCloud Director... Installing the VMware vCloud Director Preparing...
Chapter 3 Upgrading vCloud Director Procedure 1 Open a console, shell, or terminal window, and type the following command to run the database upgrade script. /opt/vmware/vcloud-director/bin/upgrade IMPORTANT If the database upgrade script detects that an incompatible version of vShield manager is registered to this installation of vCloud Director, it displays this warning message and cancels the upgrade.
vCloud Director Installation and Upgrade Guide Executing upgrade task: Stop UpdateStatementManager ...[3] ... Successfully ran upgrade task 3 (Optional) Rebuild the database indexes and update the database statistics. These procedures can lead to better database performance after the upgrade. Do you wish to rebuild the database indexes? This may take several minutes. [Y/N] y Rebuilding database indexes ... Do you wish to update the database statistics? This may take several minutes.
Chapter 3 Upgrading vCloud Director 2 (Optional) If you have configured vCloud Director to use vCenter Single Sign On, you must unregister and re-register vCloud Director with the vCenter Lookup Service. a Log in to vCloud Director as a system administrator using a local or LDAP account. Do not use vCenter Single Sign On for this log in. b Unregister vCloud Director with the vCenter Lookup Service.
vCloud Director Installation and Upgrade Guide 42 VMware, Inc.
vCloud Director Setup 4 After you configure all servers in the vCloud Director server group and connect them to the database, you can initialize the server group's database with a license key, system administrator account, and related information. When this process is complete, you can use the vCloud Director Web Console to complete the initial provisioning of your cloud.
vCloud Director Installation and Upgrade Guide Review the License Agreement Before you can configure a vCloud Director server group, you must review and accept the end user license agreement. Procedure 1 Review the license agreement. 2 Accept or reject the agreement. Option Action To accept the license agreement. Click Yes, I accept the terms in the license agreement. To reject the license agreement No, I do not accept the terms in the license agreement.
Chapter 4 vCloud Director Setup 2 Use the Installation ID field to specify the installation ID for this installation of vCloud Director. If a datacenter includes multiple installations of vCloud Director, each installation must specify a unique installation ID. Ready to Log In to vCloud Director After you provide all of the information that the Setup Wizard requires, you can confirm your settings and complete the wizard.
vCloud Director Installation and Upgrade Guide 46 VMware, Inc.
Cell Management Tool Reference 5 The cell management tool is a command-line utility that you can use to manage a cell and its SSL certificates, and to export tables from the vCloud Director database. Superuser or system administrator credentials are required for some operations. The cell management tool is installed in /opt/vmware/vcloud-director/bin/cell-management-tool. Listing Available Commands To list the available cell management tool commands, use the following command line.
vCloud Director Installation and Upgrade Guide n Commands for Replacing SSL Certificates on page 51 Use the certificates command of the cell management tool to replace the cell's SSL certificates. n Commands for Generating Self-Signed SSL Certificates on page 52 Use the generate-certs command of the cell management tool to generate new self-signed SSL certificates for the cell.
Chapter 5 Cell Management Tool Reference Example: Getting Task Status The following cell-management-tool command line supplies system administrator credentials and returns the count of running jobs. When the Job count value is 0 and the Is Active value is false, you can safely shut down the cell. [root@cell1 /opt/vmware/vclouddirector/bin]# .
vCloud Director Installation and Upgrade Guide Specifying a Properties File By default, the dbextract command extracts data from the vCloud Director database using the database connection information in the current cell's $VCLOUD_HOME/etc/global.properties file. To extract data from a different vCloud Director database, specify the database connection properties in a file and use the -properties option to provide the pathname to that file on the command line.
Chapter 5 Cell Management Tool Reference Limiting and Ordering Exported Rows For any table, you can specify how many rows to export and how to order the exported rows. Use the exportSettingsFile option and create a data_export_settings.ini file that specifies individual tables. This file is a UTF-8 file that contains zero or more entries of the following form: [TABLE_NAME] rowlimit=int orderby=COLUMN_NAME TABLE_NAME The name of a table in the database. To see a list of table names, export all tables.
vCloud Director Installation and Upgrade Guide Table 5‑3. Cell Management Tool Options and Arguments, certificates Subcommand (Continued) Option Argument Description --responses (-r) full pathname to the cell's responses.properties file Defaults to $VCLOUD_HOME/etc/responses.p roperties. --keystore (-s) keystore-pathname Full pathname to a JCEKS keystore containing the signed certificates. --keystore-pwd (-w) keystore-password Password for the JCEKS keystore referenced by the --keystore option.
Chapter 5 Cell Management Tool Reference Table 5‑4. Cell Management Tool Options and Arguments, generate-certs Subcommand (Continued) Option Argument Description --keystore-pwd (-w) keystore-password Password for the keystore on this host. --expiration (-x) days-until-expiration Number of days until the certificates expire. Defaults to 365 Example: Creating Self-Signed Certificates Both of these examples assume a keystore at /tmp/cell.ks that has the password kspw.
vCloud Director Installation and Upgrade Guide 54 VMware, Inc.
Index A AMQP broker, to install and configure 21 B browsers, supported 10 overview of 7 to create 23 Installation ID, to specify 44 J Java, required JRE version 10 C cell management tool cell command 48 certificates command 51 dbextract command 49 generate-certs command 52 options 47 certificate self-signed 19 signed 17 configuration, confirm settings and complete 45 D database about 14 connection details 26 Oracle 14 SQL Server 15 supported platforms 8 to upgrade 38 F firewall, ports and protocols 1
vCloud Director Installation and Upgrade Guide vShield Manager installing and configuring 20 supported releases 8 56 VMware, Inc.
