5.5
Table Of Contents
- vCloud Director Installation and Upgrade Guide
- Contents
- VMware vCloud Director Installation and Upgrade Guide
- Overview of vCloud Director Installation, Configuration, and Upgrade
- vCloud Director Architecture
- Configuration Planning
- vCloud Director Hardware and Software Requirements
- Browsers That vCloud Director Supports
- Summary of Network Configuration Requirements for vCloud Director
- Installing and Configuring a vCloud Director Database
- Create SSL Certificates
- Installing and Configuring vShield Manager
- Installing and Configuring an AMQP Broker
- Download and Install the VMware Public Key
- Creating a vCloud Director Server Group
- Install and Configure vCloud Director Software on the First Member of a Server Group
- Configure Network and Database Connections
- Install vCloud Director Software on Additional Members of a Server Group
- Install Microsoft Sysprep Files on the Servers
- Start or Stop vCloud Director Services
- Uninstall vCloud Director Software
- Upgrading vCloud Director
- vCloud Director Setup
- Cell Management Tool Reference
- Index
in your cloud to create catalogs that are published externally, it is safe to
assume that hundreds or even thousands of catalog items will need
space on this volume, and that each catalog item will be the size of a
virtual machine in compressed OVF form.
NOTE If possible, the volume you use for transfer server storage should be
one whose capacity can be easily expanded.
Network Security Recommendations
Secure operation of vCloud Director requires a secure network environment. Configure and test this
network environment before you begin installing vCloud Director
Connect all vCloud Director servers to a network that is secured and monitored. vCloud Director network
connections have several additional requirements:
n
Do not connect vCloud Director directly to the public Internet. Always protect vCloud Director
network connections with a firewall. Only port 443 (HTTPS) must be open to incoming connections.
Ports 22 (SSH) and 80 (HTTP) can also be opened for incoming connections if needed. All other
incoming traffic from a public network must be rejected by the firewall.
Table 1‑6. Ports That Must Allow Incoming Packets From vCloud Director Hosts
Port Protocol Comments
111 TCP, UDP NFS portmapper used by transfer service
920 TCP, UDP NFS rpc.statd used by transfer service
61611 TCP ActiveMQ
61616 TCP ActiveMQ
n
Do not connect the ports used for outgoing connections to the public network.
Table 1‑7. Ports That Must Allow Outgoing Packets From vCloud Director Hosts
Port Protocol Comments
25 TCP, UDP SMTP
53 TCP, UDP DNS
111 TCP, UDP NFS portmapper used by transfer service
123 TCP, UDP NTP
389 TCP, UDP LDAP
443 TCP vCenter, vShield Manager, and ESX
connections
514 UDP Optional. Enables syslog use.
902 TCP vCenter and ESX connections.
903 TCP vCenter and ESX connections.
920 TCP, UDP NFS rpc.statd used by transfer service.
1433 TCP Default Microsoft SQL Server database port.
1521 TCP Default Oracle database port.
5672 TCP, UDP Optional. AMQP messages for task
extensions.
Chapter 1 Overview of vCloud Director Installation, Configuration, and Upgrade
VMware, Inc. 13