Install vCloud Director 8 with High Availability

vCloud Director 8.0 is the latest version available for service providers and can be downloaded from here.

It’s been quite sometime that I am dealing with vCloud Director in our production environment and as well as my test lab. In past I have written a post on how to install vCloud Director 5.5. You can also read the entire vCloud Director post series from Here

Since v8 is out there in market for sometime, I decided to try my hands on it and implement that in my homelab.

There are various posts available on internet about what is vCloud Director and what it does. So I will not talk much about it and jump directly into action.

In this post we will be going to learn how to deploy vCloud Director with high availability.

Pre-requisites before installing vCloud Director:

1: Two server (for 2 vcd cells) with Redhat as guest operating system installed and configured. Hostname and DNS should be configured. Also make sure your Redhat guest os is syncing its time from NTP server.

2: The Redhat Server must have 2 NIC’s and each with different IP address (preferred) for HTTP and Console connection. This server should be reachable to your database server over the network.

3: vCloud Director installation file (bin file) downloaded and copied to server where it will be installed.

4: Certificates must be generated for http and console-proxy connection.

5: vCloud Director database configured.

6: Additional Redhat server (or any other linux flavour) configured as NFS server.

Let’s see configuration of each component one by one.

1: vCloud Director database configuration

Run the following script on your SQL server to configure database for vcloud Director. In my lab I am running SQL 2014 as database.

//Create Database

USE [master]
GO
CREATE DATABASE [vcloud] ON PRIMARY
(NAME = N’vcloud’, FILENAME = N’E:\MSSQL\VCDDB\Data\vcloud.mdf’, SIZE = 100MB, FILEGROWTH = 10% )
LOG ON
(NAME = N’vcdb_log’, FILENAME = N’E:\MSSQL\VCDDB\Logs\vcloud.ldf’, SIZE = 1MB, FILEGROWTH = 10%)
COLLATE Latin1_General_CS_AS
GO

//Set the transaction isolation level

USE [vcloud]
GO
ALTER DATABASE [vcloud] SET SINGLE_USER WITH ROLLBACK IMMEDIATE;
ALTER DATABASE [vcloud] SET ALLOW_SNAPSHOT_ISOLATION ON;
ALTER DATABASE [vcloud] SET READ_COMMITTED_SNAPSHOT ON WITH NO_WAIT;
ALTER DATABASE [vcloud] SET MULTI_USER;
GO

//Create the database user and password

USE [vcloud]
GO
CREATE LOGIN [vcloud] WITH PASSWORD = ‘YourPWD’, DEFAULT_DATABASE =[vcloud],
DEFAULT_LANGUAGE =[us_english], CHECK_POLICY=OFF
GO
CREATE USER [vcloud] for LOGIN [vcloud]
GO

//Assign permissions to the user
USE [vcloud]
GO
sp_addrolemember [db_owner], [vcloud]
GO

Make sure your sql server is reachable from both vcd cells at port 1433

[root@vcd01 ~]# telnet sqlsrv01 1433
Trying 192.168.109.3…
Connected to sqlsrv01.
Escape character is ‘^]’

[root@vcd02 ~]# telnet sqlsrv01 1433
Trying 192.168.109.3…
Connected to sqlsrv01.
Escape character is ‘^]’

2: Create  NFS Mounts

Login to your NFS server and create a directory which will be mounted as NFS share on VCD cell. I am running my NFS server on RHEL 6.

Verify the NFS Export settings

[root@vcdnfs ~]# cat /etc/exports
/home/data/ 192.168.109.0/24(rw,sync,no_root_squash)

Start NFS Services

[root@vcdnfs ~]# service nfs start
Starting NFS services: [ OK ]
Starting NFS quotas: [ OK ]
Starting NFS mountd: [ OK ]
Starting NFS daemon: [ OK ]
Starting RPC idmapd: [ OK ]

Make sure NFS service is set to start on system boot

[root@vcdnfs ~]# chkconfig nfs on

3: Generate Certificates on VCD cell

a: Certificate for http

[root@vcd01 ~]# keytool -keystore vcd.ks -storetype JCEKS -storepass vcl@2016 -validity 9999 -genkey -keyalg RSA -alias http
What is your first and last name?
[Unknown]: Alex Hunt
What is the name of your organizational unit?
[Unknown]: Cloud
What is the name of your organization?
[Unknown]: Virtual reality
What is the name of your City or Locality?
[Unknown]: Bangalore
What is the name of your State or Province?
[Unknown]: Karnataka
What is the two-letter country code for this unit?
[Unknown]: IN
Is CN=Alex Hunt, OU=Cloud, O=Virtual reality, L=Bangalore, ST=Karnataka, C=IN correct?
[no]: yes

Enter key password for <consoleproxy>
(RETURN if same as keystore password):

b: Certificate for console proxy

[root@vcd01 ~]# keytool -keystore vcd.ks -storetype JCEKS -storepass vcl@2016 -validity 9999 -genkey -keyalg RSA -alias consoleproxy
What is your first and last name?
[Unknown]: Alex Hunt
What is the name of your organizational unit?
[Unknown]: Cloud
What is the name of your organization?
[Unknown]: Virtual reality
What is the name of your City or Locality?
[Unknown]: Bangalore
What is the name of your State or Province?
[Unknown]: Karnataka
What is the two-letter country code for this unit?
[Unknown]: IN
Is CN=” Alex Hunt”, OU=Cloud, O=Virtual reality, L=Bangalore, ST=Karnataka, C=IN correct?
[no]: yes

Enter key password for <consoleproxy>
(RETURN if same as keystore password):

c: List the generated certificates

[root@vcd01 ~]# keytool -storetype JCEKS -storepass vcl@2016 -keystore vcd.ks -list

Keystore type: JCEKS
Keystore provider: SunJCE

Your keystore contains 2 entries

consoleproxy, Jun 4, 2016, PrivateKeyEntry,
Certificate fingerprint (SHA1): B5:66:36:28:D3:E1:6A:07:9A:16:9C:75:BA:BF:D9:95:3E:17:14:D6

http, Jun 4, 2016, PrivateKeyEntry,
Certificate fingerprint (SHA1): 45:FE:93:61:67:C3:49:D6:B3:D3:BF:5A:95:43:BE:B0:72:09:80:51

4: Install vcloud Director

Run the vCloud Director bin file but don’t invoke configuration script as of now. We will invoke the script later after doing some modifications on server.

[root@vcd01 ~]# ./vmware-vcloud-director-8.3.1-3168797.bin
Checking free disk space…done
Checking for a supported Linux distribution…Detected Red Hat Linux system
done
Checking for necessary RPM prerequisites…done
Extracting VMware vCloud Director. Please wait, this could take a few minutes…
vmware-vcloud-director-8.3.1-3168797.x86_64.rpm
vmware-vcloud-director-rhel-8.3.1-3168797.x86_64.rpm
done
Verifying RPM signatures…done
Installing the VMware vCloud Director RPMs…
warning: vmware-vcloud-director-8.3.1-3168797.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID 66fd4949: NOKEY
Preparing… ########################################### [100%]
1:vmware-vcloud-director-########################################### [ 50%]
2:vmware-vcloud-director ########################################### [100%]

You should now run the configuration script (/opt/vmware/vcloud-director/bin/configure) to perform other required post-installation configuration.

If you will be deploying a vCloud Director cluster you must mount the shared transfer server storage prior to running the configuration script. If this is a single server deployment no shared storage is necessary.

If you are not ready to do this right now, you may run the script later prior to starting the vmware-vcd service.

Would you like to run the script now? (y/n)? n

Skipping. You may run the configuration script at a later time by executing /opt/vmware/vcloud-director/bin/configure

5: Mount NFS share on vCloud Cell

a: List the NFS mount

[root@vcd01 transfer]# showmount -e 192.168.109.32
Export list for 192.168.109.32:
/home/data 192.168.109.0/24

b: Mount the NFS share in /opt/vmware/vcloud-director/data/transfer directory

[root@vcd01 transfer]# mount -t nfs 192.168.109.32:/home/data/ /opt/vmware/vcloud-director/data/transfer

c: Verify that NFS share has been mounted on VCD Cell

[root@vcd01 transfer]# mount | grep nfs
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
192.168.109.32:/home/data/ on /opt/vmware/vcloud-director/data/transfer type nfs (rw,vers=4,addr=192.168.109.32,clientaddr=192.168.109.30)

d: Mount the NFS share permanently on the vCD Cell by editing /etc/fstab file and making an entry as shown below

192.168.109.32:/home/data/ /opt/vmware/vcloud-director/data/transfer nfs defaults 0 0

e: Change the owner of transfer directory to vcloud user and set the permission to RW

[root@vcd01 ~]# chown -R vcloud:vcloud /opt/vmware/vcloud-director/data/transfer

[root@vcd01 ~]# chmod -R 750 /opt/vmware/vcloud-director/data/transfer

6: Move the certificate file  which we generated in step 3 to /opt/vmware/vcloud-director. Why we need to do so is explained here

[root@vcd01 ~]# cp /root/vcd.ks /opt/vmware/vcloud-director/

Also import the public key from VMware

[root@vcd01 etc]# rpm –import https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-DSA-KEY.pub

[root@vcd01 etc]# rpm –import https://packages.vmware.com/tools/keys/VMWARE-PACKAGING-GPG-RSA-KEY.pub

7: Invoke the VCD configuration script.

We need to specify following:

  • IP Address for the HTTP service
  • IP Address for the Console Proxy IP
  • Location of the certificate keystore certificates.ks
  • IP Address for the Syslog server (which I skipped as I dont have syslog server in lab)

[root@vcd01 ~]# /opt/vmware/vcloud-director/bin/configure
Welcome to the vCloud Director configuration utility.

You will be prompted to enter a number of parameters that are necessary to
configure and start the vCloud Director service.

Please indicate which IP address available on this machine should be used for
the HTTP service and which IP address should be used for the remote console proxy.

The HTTP service IP address is used for accessing the user interface and the
REST API. The remote console proxy IP address is used for all remote console (VMRC)
connections and traffic.

Please enter your choice for the HTTP service IP address:
1. 192.168.108.15
2. 192.168.109.30
3. 192.168.122.1
4. 127.0.0.1
5. [fe80:0:0:0:250:56ff:febe:5869]
6. [fe80:0:0:0:250:56ff:febe:6964]
7. [0:0:0:0:0:0:0:1]
Choice [default=1]: 2

Please enter your choice for the remote console proxy IP address:
1. 192.168.108.15
2. 192.168.122.1
3. 127.0.0.1
4. [fe80:0:0:0:250:56ff:febe:5869]
5. [fe80:0:0:0:250:56ff:febe:6964]
6. [0:0:0:0:0:0:0:1]
Choice [default=1]: 1

Please enter the path to the Java keystore containing your SSL certificates and private keys: /opt/vmware/vcloud-director/vcd.ks
Please enter the password for the keystore:

If you would like to enable remote audit logging to a syslog host please enter the hostname or IP address of the syslog server. Audit logs are stored by vCloud Director for 90 days. Exporting logs via syslog will enable you to preserve them for as long as necessary.

Syslog host name or IP address [press Enter to skip]:
No syslog host was specified, disabling remote audit logging.

Next is to specify the database details.

The following database types are supported:
1. Oracle
2. Microsoft SQL Server
3. vPostgres
Enter the database type [default=1]: 2
Enter the host (or IP address) for the database: sqlsrv01.alex.local
Enter the database port [default=1433]: 1433
Enter the database name [default=vcloud]: vcloud
Enter the database instance [Press enter to use the server’s default instance]:
Using server’s default instance name.

Enter the database username: vcloud
Enter the database password:
Connecting to the database: jdbc:jtds:sqlserver://192.168.109.3:1433/vcloud;socketTimeout=90;prepareSQL=2
…………………………………./Database configuration complete.

vCloud Director configuration is now complete.

Once the vCloud Director server has been started you will be able to access the first-time setup wizard at this URL: https://vcd01.alex.local

Installer will ask you to start the VCD cell service. Press “Y” to continue

Would you like to start the vCloud Director service now? If you choose not to start it now, you can manually start it at any time using this command:
service vmware-vcd start

Start it now? [y/n] y

Starting vmware-vcd-watchdog: [ OK ]
Starting vmware-vcd-cell [ OK ]

The vCD service will be started automatically on boot. To disable this, use the following command: chkconfig –del vmware-vcd

You can tail cell.log to see the startup progress.

[root@vcd01 ~]# tail -f /opt/vmware/vcloud-director/logs/cell.log
Application startup event: Subsystem ‘com.vmware.vcloud.computeservice.broker’ startup initiated.
Application startup begins: Subsystem ‘com.vmware.vcloud.computeservice.broker’ at 6/5/16 5:25 PM
Application Initialization: ‘com.vmware.vcloud.computeservice.broker’ 50% complete. Subsystem ‘com.vmware.vcloud.backend-core-base’ started
Application Initialization: ‘com.vmware.vcloud.computeservice.broker’ 100% complete. Subsystem ‘com.vmware.vcloud.computeservice.broker’ started
Application Initialization: ‘com.vmware.vcloud.computeservice.broker’ complete. Server is ready in 0:00 (minutes:seconds)
Application Initialization: ‘com.vmware.vcloud.common.core’ 95% complete. Subsystem ‘com.vmware.vcloud.jax-rs-servlet’ started
Application Initialization: ‘com.vmware.vcloud.common.core’ 100% complete. Subsystem ‘com.vmware.vcloud.ui-vcloud-webapp’ started
Application Initialization: ‘com.vmware.vcloud.common.core’ complete. Server is ready in 1:28 (minutes:seconds)
Successfully posted pending audit events: com/vmware/vcloud/event/cell/start
Successfully verified transfer spooling area: /opt/vmware/vcloud-director/data/transfer

Installation of first cell has been completed here. Let’s see how to deploy additional cell for failover

8: Deploy Additional cell for failover

Copy the certificate file which you created on first vcd cell to your second vcd cell. Also copy the response.properties file to the second cell. The default location for response.properties file is /opt/vmware/vcloud-director/etc/

This file contains the location of the keystore certificates.ks and also the DB server information such as IP, Database instance name, login etc.

a: Install vCloud Director on second cell and press ‘n’ when it invokes for configuration script

[root@vcd02 ~]# ./vmware-vcloud-director-8.3.1-3168797.bin
Checking free disk space…done
Checking for a supported Linux distribution…Detected Red Hat Linux system
done
Checking for necessary RPM prerequisites…done
Extracting VMware vCloud Director. Please wait, this could take a few minutes…
vmware-vcloud-director-8.3.1-3168797.x86_64.rpm
vmware-vcloud-director-rhel-8.3.1-3168797.x86_64.rpm
done
Verifying RPM signatures…done
Installing the VMware vCloud Director RPMs…
Preparing… ########################################### [100%]
1:vmware-vcloud-director-########################################### [ 50%]
2:vmware-vcloud-director ########################################### [100%]

You should now run the configuration script
(/opt/vmware/vcloud-director/bin/configure) to perform other required
post-installation configuration.

If you will be deploying a vCloud Director cluster you must mount the shared transfer server storage prior to running the configuration script. If this is a single server deployment no shared storage is necessary.

If you are not ready to do this right now, you may run the script later prior to starting the vmware-vcd service.

Would you like to run the script now? (y/n)? n

Skipping. You may run the configuration script at a later time by executing
/opt/vmware/vcloud-director/bin/configure

b: Mount same NFS share in transfer directory which you mounted on cell-a

3: Invoke the configuration script with -r /path_to_response_file option. Make sure you copy response.properties file on /opt/vmware/vcloud-director/ folder. Also make the owner of the file vcloud user and assign appropriate permission on the file

[root@vcd02 vcloud-director]# chmod 755 /opt/vmware/vcloud-director/responses.properties

[root@vcd02 vcloud-director]# chown vcloud:vcloud /opt/vmware/vcloud-director/responses.properties

This time the configuration script will only ask for http and http_proxy ip.

[root@vcd02 vcloud-director]# /opt/vmware/vcloud-director/bin/configure -r /opt/vmware/vcloud-director/responses.properties
Welcome to the vCloud Director configuration utility.

You will be prompted to enter a number of parameters that are necessary to
configure and start the vCloud Director service.

Please indicate which IP address available on this machine should be used for the HTTP service and which IP address should be used for the remote console proxy.

The HTTP service IP address is used for accessing the user interface and the REST API. The remote console proxy IP address is used for all remote console (VMRC) connections and traffic.

Please enter your choice for the HTTP service IP address:
1. 192.168.108.16
2. 192.168.109.31
3. 192.168.122.1
4. 127.0.0.1
Choice [default=1]: 2

Please enter your choice for the remote console proxy IP address:
1. 192.168.108.16
2. 192.168.122.1
3. 127.0.0.1
Choice [default=1]: 1

Connecting to the database: jdbc:jtds:sqlserver://192.168.109.3:1433/vcloud;socketTimeout=90;prepareSQL=2
DB credentials read successfully from response file.
…\Database configuration complete.

vCloud Director configuration is now complete.

Once the vCloud Director server has been started you will be able to
access the first-time setup wizard at this URL:
https://vcd02.alex.local

Would you like to start the vCloud Director service now? If you choose not
to start it now, you can manually start it at any time using this command:
service vmware-vcd start

Start it now? [y/n] y

Starting vmware-vcd-watchdog: [ OK ]
Starting vmware-vcd-cell [ OK ]

The vCD service will be started automatically on boot. To disable this, use the following command: chkconfig –del vmware-vcd

I hope you enjoyed reading this post. Feel free to share this on social media if it is worth sharing. Be sociable :)

No Comments

Add a Comment