vCD 5.1.X series – Requirements and Preparation

vCloud director 5.1.X is on the market for a quite long time, since VMworld 2012 event. Unfortunately I had no time to give a try and install it, especially when I had in my mind problems during vCloud Director 5.1 installation – it was a nightmare.  But finally I decided to give a shoot and install it on my homelab – just to see how the things works and what has changed since vCD 15 times. Second reason is to connect my vCAC 5.2 with vCD and test it.

Requirements:

  • Hardware:
    • 1vCPU
    • 2GB RAM
    • 20GB disk drive
    • 2vNIC
  • Operating system
    • officially only RedHat is supported as operating system for vCD 5.1.X installation
      • Red Hat Enterprise Linux 5 (64-bit), Update 4
      • Red Hat Enterprise Linux 5 (64-bit), Update 5
      • Red Hat Enterprise Linux 5 (64-bit), Update 6
      • Red Hat Enterprise Linux 5 (64-bit), Update 8
      • Red Hat Enterprise Linux 6 (64-bit), Update 1
      • Red Hat Enterprise Linux 6 (64-bit), Update 2
      • Red Hat Enterprise Linux 6 (64-bit), Update 3
      • Red Hat Enterprise Linux 6.3 (64-bit)
    • I will install vCD on CentOS 6.3 with all required packages

    [box type=”warning”] NOTE: CentOS is not officially supported for vCloud Director deployments[/box]

  • Packages required:

Preparation

Repeat steps for second vCloud director Cell in implementation and proceed to vCloud Director Installation and Configuration.Step 2 – CentOS installation and configuration 
  • prepare virtual machine with hardware specs (see point above) and 2 vNIC cards
  • Install CentOS  – choose server system installation profile
  • After reboot you have to modify /etc/sysconfig/network-scripts/ifcfg-eth0 and make ONBOOT=no to ONBOOT=yes

It is CentOS “security feature” and default behaviour when OS detects more than 2 network adapters – 🙂

  • restart network services : service network restart
  • Repeat above steps for second network adapter.
  • Add DNS servers into /etc/resolv.conf

  • Stop firewall, run below commands:
    • service iptables save
    • service iptables stop
    • chkconfig iptables off
  • Stop  SELinux

  • Add required packages using yum
Step 3 – MSSQL DB preparation

vCloud director 5.1.X supports MSSQL 2008 and Oracle

  • Create vCloud DB – Execute below SQL scripts – MSSQL

 Step 4 – configure NFS export for transfer between vCloud Directors cells

That share will be used for transfer files between vCloud Director cells, mostly for sharing application catalogues. In my Homelab I have Nexenta storage as a virtual appliance.

  • From Nexenta web GUI go to DataManagement –> Data Sets –> Folders –> Create :
    • Volume
    • Folder name
    • Description
    • Record Size
    •  and more
  • Enable NFS protocol on new folder
NFS export on Nexenta

NFS export on Nexenta

  • Edit NFS share permission and enable root access from vCD cells to NFS share, otherwise you will get an error cpio: chown failed – Operation not permitted during vCloud director installation.

On non Nexenta NFS share set no_root_squash option on transfer NFS export. However on Nexenta you have to edit NFS export and grand root access to export from clients. On below example I give root access to NFS export from all hosts in network range 192.168.137.X

grant root access to NFS export in Nexenta

root access to NFS export in Nexenta

Step 6 – Mount NFS on vCloud Directory Cell
  • Log into vCD cell as a root
  • create directory  mkdir -p /opt/vmware/vcloud-director/data/transfer

[box type=”warning”] Make sure that before installation of the first vCD cell, NFS share which will be used as a transfer between cells in mounted under  $VCLOUD_HOME/data/transfer which points to  /opt/vmware/vcloud-director/data/transfer[/box]

  • Modify /etc/fstab add line to mount transfer NFS share automatically during vCloud director cell boot.

  • run command mount -a to mount all mount points from /etc/fstab and verify if NFS was mounted by run mount -l

 Step 7 – prepare certificates

You can create keystore either on vCloud Director Cell or on any OS with JAVA installed.

  • keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -genkey -keyalg RSA validity 731 -alias consoleproxy
  • keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -genkey -keyalg RSA -validity 731 -alias http
    • What is your first and last name? [Unknown]:vcd01.lab.local
    • What is the name of your organizational unit? [Unknown]:LAB
    • What is the name of your organization? [Unknown]:vmwaremine.com
    • What is the name of your City or Locality? [Unknown]:FFM
    • What is the name of your State or Province? [Unknown]:HE
    • What is the two-letter country code for this unit? [Unknown]:DE
  • keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -list

[box type=”warning”] NOTE: file with the certificates (certificates.ks) will get created in the path where you executed command from. If it is /root home folder, move certificates.ks file into different location.[/box]

Repeat above steps on each and every vCD cell in implementation or if you run on workstation then repeat above steps for all server and copy certificates.ks to all vCD cells ot to NFS share. You will need the keystore path name when you run the configuration script.

[box type=”info”] Because the vCloud Director configuration script does not run with a privileged identity, the keystore file and the directory in which it is stored must be readable by any user.[/box]

Repeat steps for second vCloud director Cell in implementation and proceed to vCloud Director Installation and Configuration.

Step 8 – Install and configure vShield Manager
  • Download vShield MAnager OVF image from VMware
  • Deploy VM from OVF template
  • Power on vSield Manager and log in to console with:
    • username: admin
    • password: default
vShield Manager login

vShield Manager login

  • at the manager prompt type: enable and password default to enable vShield Manager setup mode
  • at the manager# prompt type setup to begin with vShield Manager networking configuration provide:
    • IP address
    • subnet mask
    • default getways
    • DNS details
  • Save networking configuration
vShield Manager networking configuration

vShield Manager networking configuration

[box type=”info”] It is not necessary to synchronize vShield Manager with vCenter or register the vShield Manager as a vSphere Client plug-in when you use vShield Manager with vCloud Director[/box]

Step 9 – Integrate vShield Manager with vCenter server – Optional
  • Use web browser and log in to vShield Manager administrator console
vShield Manager log in screen

vShield Manager log in screen

  • From Setting and Reporting in configuration tab type:
    • SSO lookup service FQDN and credentials
    • vCenter server FQDN and credentials
    • NTP server – Optional
    • Syslog server – Optional

    vCenter connection data in vShield manager configuration tab

    vCenter connection data in vShield manager configuration tab

  • Next, log in to vCenter server via vSphere client and verify if vShield tab appear on cluster and ESXi hosts
vShield manager tab on ESXi host

vShield manager tab on ESXi host

Artur Krzywdzinski

Artur is Consulting Architect at Nutanix. He has been using, designing and deploying VMware based solutions since 2005 and Microsoft since 2012. He specialize in designing and implementing private and hybrid cloud solution based on VMware and Microsoft software stacks, datacenter migrations and transformation, disaster avoidance. Artur holds VMware Certified Design Expert certification (VCDX #077).