vCloud Director 10 – NSX-T – Provider Configuration

As you may be aware vCloud Director from its inception initially was relying on vCNS and after that on NSX-V to provide on-demand , self service cloud networking capabilities and now since VMware is moving towards newly re-written networking platform called NSX-T and with every new version , it is getting mature and feature rich , vCloud Director with version 10 brings many of its capabilities in to it to offer more and more self service capabilities to tenant and ease of implementation and operation for providers, in this post i am covering how to integrate NSX-T with vCD from Provider prospective.


As you may be aware that NSX-T is no more coupled/dependent on vCenter ,so to integrate NSX-T with vCloud Director you must install and configure NSX-T Data Center. Here are the high level steps:

  • Deploy and configure the NSX-T Manager virtual appliances.
  • Create transport zones based on your networking requirements.
  • Deploy and configure Edge nodes and an Edge cluster.
  • Configure the ESXi host transport nodes, these will become PVDC resources of NSX-T based tenants.
  • Create a tier-0 gateway , this will work as “External Network” for vCloud Director.

Register NSX-T Manager

Once NSX-T setup is done, login to vCloud Director with administrator credential and  Click on “vSphere Resources” and go to NSX-T Managers to add NSX-T manager.

Create Network Pool

A network pool is a group of undifferentiated networks that is available for use in an organization virtual datacenter to create vApp networks and certain types of organization virtual datacenter networks.
so once NSX-T manager is added , next thing is we need to create network pool and to create network pool  , go back to “Cloud Resources” , go to “Network Pools” and Click on new:
Here is the creation of Network pool steps:
  1. Name it appropriately.
  2. Select “Geneve Backed” type Network pool
  3. Select Appropriate NSX-T Providers (you can have multiple NSX-T Providers)
  4. Select Appropriate Overlay Transport Zone
  5. review and submit.

This slideshow requires JavaScript.

Configure External Networks

External networks helps providing a connection to the outside the world (internet). external networks are backed up by NSX-T Tier-0 router.

As i said in pre-requisite section , you need to manually create Tier0 in NSX-T, this T0 router will provide external network access to your tenant and should be routable from Internet. Create an Active-Active T0 with ECMP mode is recommended practice.


Once T0 is created , you will then import T0 in to vCloud Director 10. you will also need to define IP pool , which will be used to sub-allocate IPs to Tenants.

Below is the process to create vCloud Director 10 external network by importing Tier0  router created in side NSX-T.

  1. Choose Backing Type as “NSX-T Resources (Tier-0 Router)” and select registered NSX-T
  2. Provide Name
  3. Select Tier-0 router
  4. Add a “Network Pool” with Gateway details.
  5. review and complete , which will import T0 in to vCloud Director construct.

This slideshow requires JavaScript.

Create Provider VDC

Now you can create Provider VDC (PVDC) which is basically mapped to a vSphere cluster or a resource pool. PVDC to successfully work you need to ensure that vSphere cluster has been prepared with NSX-T and part of a transport zone.When creating NSX-T backed PVDC you will have to specify the Geneve Network Pool created in the previous step.

Go to “Cloud Resources” – “Provider VDCs” and Click on “NEW” to create new PVDC backed by NSX-T based networks.

  1. Name your PVDC
  2. Select vCenter which is having NSX-T backed Cluster
  3. Select appropriate Cluster and VM Hardware version
  4. Select appropriate Storage policy
  5. Select NSX-T manager and Network Pool ( as created above – Geneve backed pool )
  6. Review configuration and finish.

This slideshow requires JavaScript.

if everything is configured properly, PVDC get created successfully.


This completes vCloud Director configuration from provider prospective. In the next post i will be covering tenant onboarding process on NSX-T based Network.


vCloud Director 10 : T-Shirt Sizing

In vCloud Director 9.7 compute policies were introduced to offer/manage the T-shirt sizing of the VMs which i have covered in detail in my this post,  in vCloud Director 10 similar concept has been brought in to GUI , which is now easy to implement & manage and in vCD 10 this is being called “Sizing Policy”

So from Cloud Provider prospective VM sizing policy defines the compute resource allocation for virtual machines within an organization VDC. Sizing policy allow provider to control the following aspects of compute resources consumption at the virtual machine level:

  • Number of vCPU, vCPU clock speed, reservations, limits and shares
    • 1.png
  • Amount of memory allocated to the virtual machine , reservation, limits and shares.
    • 2.png

Create T-Shirt Sizes:

Let’s create few example T-Shirt sizing policies:

  • Policy Name – X1
    • Description: Small-size VM policy Memory: 1024 Number of vCPUs: 1
    • Name: X1
    • Memory: 1024
    • Number of vCPUs: 1
  • Policy Name – X2
    • Description: Medium-size VM policy Memory: 2048 Number of vCPUs: 2
    • Name: X2
    • Memory: 2048
    • Number of vCPUs: 2
  • Policy Name – X3
    • Description: Large-size VM policy Memory: 4096 Number of vCPUs: 4
    • Name: X3
    • Memory: 4096
    • Number of vCPUs: 4
  • Policy Name – X4
    • Description: X-Large-size VM policy Memory: 8192 Number of vCPUs: 8
    • Name: X4
    • Memory: 8192
    • Number of vCPUs: 8

Create T-Shirt Sizing policies:

  1. Cloud Provider Administrator, logins to vCloud Director and go to “VM Sizing Policies” and Click on “New” to create new policy
    • 7.png
  2. Name and describe the policy as per above example and move to Next.
    • 3.png
  3. In next section enter CPU related parameters , in this example i am choosing “vCPU Count” , providers can choose based on their requirement and leave it all blank as none of the fields are mandatory.
    • 4.png
  4. In next section enter Memory related parameters , in this example i am choosing only “Memory”, providers can choose based on their requirement and leave it all blank as none of the fields are mandatory.
    • 5.png

that’s it , so simple to create policies , follow the same step to create multiple policies as per above example.

Publish Created Policies:

vCloud Director system administrators create and manage VM sizing policies at a global level and can publish individual policies to one or more organization VDCs.

so above step we have created polices , we need to publish these policies to organisation VDC’s.

  1. Select Cloud Resources then click on Organization VDCs and go inside an organization VDC
    • 8.png
  2. Inside VDC , go to VM Sizing Policies and click on Add
    • 9.png
  3. Select the policies that you want to make available for a Particular oVDC/Tenant
    • 10.png
  4. You can set policies as default policies, which will make policy appear as the default choice for the tenants during a VM and vApp creation and VM edit.
    • 11.png

Once polices published to organisation’s VDC, when tenant user logins and try to deploy a new VM , he/she now see options to chose T-Shirt sizes with their descriptions and if user does not choose any policy , it will pickup default policy and i showed you how to setup default policy.12.png

Tag Template with T-Shirt sizes

So while cloud providers can control sizing of new virtual machines, how about Templates ?

vCloud Director helps providers to achieve this by associating  the VMs of a vApp template with specific VM sizing policies, Providers/tenant  can tag individual VMs of a vApp template with the policies you want to assign.

To Tag template to  a particular sizing policy, you need to login to org and then go to Libraries, and select vApp Templates from the left panel.


Click on particular template/highlight the template and select Tag with Compute Policies.


“TAG WITH COMPUTE POLICIES” gives two options to tag with:

  • VM Placement Policies – which allows VM to deploy in to particular cluster.
  • VM Sizing Policy – As explained in this Post, so when user will try to deploy a VM from template, it will get deployed according to “VM Sizing Policy”


This completes the process , gain control of your cloud offerings.



vCloud Director 10 : VM Placement Policies

vCloud Director 10 has introduced a new concept called VM placement policies which helps Cloud Provider to control the virtual machine (VM) placement on a specific cluster or host.VM placement policies give cloud providers various options to allocate resources to various use cases like:

  1. Deploy VM’s to specific cluster based on performance requirement
  2. Deploy VM’s to Specific cluster based on resource requirements
  3. Deploy VM’s based on Licensing requirement as a part of Oracle/SQL licenses optimisation
  4. Allocate specific hosts to specific Tenants
  5. Deploy container/special use case specific VMs to a specific host/cluster
  6. Restrict elastic VDC pools to deploy VMs to a specific cluster

vCD Provider administrator create and manage VM placement policies and placement policies are created and managed for each provider VDC, because a VM placement policy is scoped at the provider VDC level.

Create a VM Placement Policy

Before we create VM Placement policies, provider need to perform few steps on vCenter , so lets go and login to vCenter which is providing resource to vCloud Director and go to Cluster -> Configure -> VM/Host Groups


In this case i want to limit deployment of Oracle and MS SQL VM’s to specific hosts due to licensing, so let’s create Hosts groups and VM Groups:

Host Groups: 

To create Host Groups , Click on Add inside VM/Host Groups:

  1. Enter  Host Group Name
  2. Select Type as “Host Group”
  3. Click on Add to add Host/Hosts of the cluster.


VM Groups

To create VM Groups , Click on Add inside VM/Host Groups

  1. Enter  VM Group Name
  2. Select Type as “VM Group”
  3. Click on Add to add VM/VMs of the cluster. (select any dummy VM as of now)


once both the groups has been created go to VM/Host rules in the cluster and create a rule.


VM/Host Rules

To create VM/Host Rules, Click on Add inside VM/Host Rules

  1. Enter  Rule Name
  2. Ensure “Enable rule”
  3. Select rule type as “Virtual Machine to Hosts”
  4. VM Group: Select VM Group that we have created above
  5. Here you have four choices: (In my case i have choose Must rule)
    • Must run on host in group
    • Should run on host in group
    • Must not run on host in group
    • Should not run on host in group
  6. Host Group: Select Host Group that we have created above


From vCenter prospective we are done, we have multiple choice to create VM to Hosts affinity/anti-affinity rules , once we have created rules , vCloud director picks up only “VM Groups” which provider will expose to tenants.

Create VM Placement Policies in vCloud Director

  1. Go to Provider VDCs.
  2. Click on a provider VDC from the list , in my case it was “nsxtpvdc”
  3. Click on “VM Placement Policies”
  4. Click the VM Placement Policies tab and click New.


New Policy Creation Wizard

  1. First Page , click on Next
    1. 7
  2. Enter a name for the VM placement policy and description and click Next
    1. 8.png
  3. Select the VM groups or logical VM groups to which you want the VM to be linked and click Next.
    1. 9.png

  4. Review the VM placement policy settings and click Finish.
    1. 10.png

Publish VM Placement Policies to Org VDC

When provider creates a VM placement policy, it is not visible to tenants. Provider need to publish a VM placement policy to an org VDC to make it available to tenants and publishing a VM placement policy to an org VDC makes the policy visible to tenants. The tenant can select the policy when they:

  • Create a new standalone VM
  • Create a VM from a template,
  • edit a VM
  • add a VM to a vApp
  • Create a vApp from a vApp template. 

To publish this newly created policy to tenants , go to:

  1. Organization VDCs and Select an organization VDC
    1. 11.png
  2. Click the VM Placement Policies tab and Click Add.
    1. 12.png
  3. Select the VM placement policies that you want to add to the organization VDC and click OK.
    1. 13.png
  4. Provider can make certain policies as “Default” when customer does not choose any policy , system will automatically use “Default”.
    1. 14.png

Policy Usage by Tenant

Once policies has been created and exposed to tenant organisation, tenant can use those policies while provisioning VMs. like here i have created two policies “Oracle” and “SQL” and tenant can choose based on workload requirement.


NOTE –  Placement Policies are optional and a provider can continue to use the default policy that is created during installation and only one policy can be assigned to a VM.

This completes the creation of placement policies and their exposure to tenants. please feel free to share/comment.




Using vCD-CLI for vCloud Director

VMware vCloud Director vCD-CLI  is a command line interface for vCloud Director using short, easy-to-remember commands to administer vCD. it also allows tenants to perform certain operations for convenience and automation.

vCD-CLI is Python based and fully open source and licensed under the Apache 2.0 license. Installation process is very easy and can be installed on various platforms .  pls check, which has detailed installation instructions for Mac OS X, Linux, and Windows.

if you are using VMware’s container service extension , you need to add extension to vCD-CLI.


Here are steps which is followed for the installation on Photon OS v2 , Photon OS minimal installs lack standard tools like pip3 and even ping, so you need to install a number of packages using tdnf.

  • #tdnf install -y build-essential python3-setuptools python3-tools python3-pip python3-devel
  • 1.png
  • #pip3 install –user vcd-cli
  • 2.png
  • Set PATH  using  #PATH=$PATH:~/.local/bin
  • 3.png
  • Run #vcd (if everything goes well , you should see as below)
  • 4.png

Command Use

  • Login to vcd #vcd login cloud.corp.local system administrator –password <********> -w -i  -> this will login to vCD system.
    • 51.png
  • Let’s create a PVDC using vcd-cli , to create Provider VDC run this:
    • 7.png
    • 8.png
    • VC NAME and -t NSX-T name should be as per vCD Console
    • -r – Resource Pool – Name should be as per VC cluster name
    • -e to enable the PVDC.
    • -s – storage profile name, i am choosing all.
    • PVDC get created successfully.
    • 9.png
  • Let’s now create an organisation
    • to create an organisation run this: #vcd org create T1 Tenant1 -e
    • 10.png

so if you see this is very easy way to create object in vCD using command lines , an script can be written to automate some of the routine tasks and jobs. Refer here for more command syntax.



Setup RabbitMQ Server on Ubuntu for vCloud Director

I am working on a Lab which require messaging queue server , so i setup this and thought of sharing the steps, so here it is..

AMQP is an open standard for message queuing that supports flexible messaging for enterprise systems. vCloud Director uses the RabbitMQ AMQP broker to provide the message bus used by extension services, object extensions, and notifications. we will be setting up this on Ubuntu System , so download Ubuntu and install it on a VM and then follow below steps

Update Ubuntu System

Before starting, you will need to update Ubuntu repository with the latest one.You can do so by running the following commands:

  • #sudo apt-get update -y
  • #sudo apt-get upgrade -y

Installing Erlang on Ubuntu

Before installing Rabbitmq, we will need to install erlang as a prerequisite of rabbitmq. You can install by running the following commands:

Once we are done with Erlang installation, we can continue with installation of RabbitMQ.

Installing RabbitMQ on Ubuntu

First we will need to add Rabbitmq repository to apt and to do that run the following command:

Once the repository has been added, Add the RabbitMQ public key to our trusted key list to avoid any warnings about unsigned packages:

Next step is to update the apt repository with the following command:

  • #sudo apt-get update

Once the repository is updated, go ahead and  install rabbitmq server by running the following command:

  • #sudo apt-get install rabbitmq-server

Once installation is complete, start the rabbitmq server and enable it to start on boot by running the following command:

  • #sudo systemctl start rabbitmq-server
  • #sudo systemctl enable rabbitmq-server

You can check the status of rabbitmq server with the following command:

  • #sudo systemctl status rabbitmq-server 

To enable RabbitMQ Management Console, run the following:

  • #sudo rabbitmq-plugins enable rabbitmq_management

Login to URL using IP address with port number 1567, here it is you have successfully installed RabbitMQ.


Change default admin user (For security hardening)

By default the admin user for RMQ installation is guest/guest. we can change the default admin account by using below commands

  • #rabbitmqctl add_user vmware vmware  (first vmware is admin username and second vmware is password , you change it based on your requirement)
  • #rabbitmqctl set_user_tags vmware administrator (taging user with Admin priveledge)
  • #rabbitmqctl set_permissions -p / vmware “.*” “.*” “.*”
  • Now you can login with new admin user.
  • 4.png

Go ahead and configure it in your vCD instance.


This completes the installation and configuration process.



vCloud Director VM Maximum vCPU&RAM Size limits

As you know vCloud Director 9.7 comes with a default compute policy for VDC , that does provide options for custom vm sizing and this can go out of control from provides point of view as tenant can try to deploy any size of VM which might impact many things and to control this behaviour we need to limit the VM’s maximum number of vCPU and vRAM of a customer VDC can have and with vCloud Director 9.7, this is now easily can be achieved using few API calls , here is the step by step procedure to set the maximum limits:

NOTE – This gets applied on the policy like default policy which has cpuCount and memory fields as null values.

Step-1 – Create a MAX compute Policy

Let’s suppose we want to setup MAX vCPU = 32 and MAX RAM = 32 GB , so to setup this max , let’s first create a compute policy.

Procedure: Make an API call with below content to create MAX VDC compute policy:

  • POST:  https://<vcd-hostname>/cloudapi/1.0.0/vdcComputePolicies
  • Payload:  ( i kept payload short , you can create based on sample section)
    • {
      “description”:”Max sized vm policy”,
  • Header
    • 1.png
  • Post to create compute Policy
    • 2.png

Step-2: Create a Default Policy for VDC

Publish MAX policy to VDC.


  • Get VDC using below API Call
  • Take the entire output of above GET call and put in to body of new call with PUT as below screenshot and inside body add below line after DefaultComputePolicy element

Now if you go back and try to provision a virtual machine with more than 32GB memory , it will through the error as below:


Simple two API calls , will complete the much awaited feature now.


vCloud Director T-Shirt Sizing

Many of my customer with whom i directly interact has been asking this feature from quite some time , few of them says that T-shirt sized based offering matches of what hyper scalars offer, so with the release of vCloud Director 9.7, we can now control the resource allocation and the VM placement much better by using compute policies. As you know traditionally vCloud Director has two type of scope one is Provider VDC and another one Organisation VDC, similarly based on the scope and the function, there are two types of compute policies – provider virtual data center (VDC) compute policies and VDC compute policies.

In this post i will discusses VDC compute Policies and how you can leverage VDC compute policies to offer T-Shirt size option to your Best in class VMware vCloud director based cloud.

Provider VDC Compute Policies

Provider VDC compute policies applies to provider VDC level. A provider VDC compute policy defines VM-host affinity rules that decides the placement of tenant workloads. as you know Provider VDC level configuration is not visible to Tenant users and same applies to PVDC policies.

VDC Compute Policies

VDC compute policies control the compute characteristics of a VM at the organization VDC level and using VDC compute policies. A VDC compute policy groups attributes that define the compute resource allocation for VMs within an organization VDC. The compute resource allocation includes CPU and memory allocation, reservations, limits, and shares. here is the sample configuration:

  • {
    “description”:”2vCPU and 2 GB RAM”,
    “name”:”X2 Policy”,
    “config1″:”value1”  – Key Value Pair

For More detailed description of there parameters , please refer here we will going to create few policies which will reflect your cloud’s T-Shirt sizing options for your tenants/customers.

Step-1: Create VDC Compute Policy

Let’s first Create a VDC compute policy, which should be matching to your T-Shirt Sizes that you want to offer , for example here i am creating four T-shirt sizes as below:

  • X1 – 1 vCPU and 1024 MB Memory
  • X2 – 2 vCPU and 2048 MB Memory
  • X3 – 4 vCPU and 4096 MB Memory
  • X4 – 8 vCPU and 8192 MB Memory


Make an API call with below content to create VDC compute policy:

  • POST:  https://<vcd-hostname>/cloudapi/1.0.0/vdcComputePolicies
  • Payload:  ( i kept payload short , you can create based on sample section)
    • {
      “description”:”8vCPU & 8GB RAM”,
  • Header:
    • 5.png
  • Here is my one of four API call. similarly you make other 3 calls for other three T-Shirt sizes.
    • 1.png
  • After each successful API call , you will get a return like above , here note down the “id” of each T-Shirt size policy , which we will use in subsequent steps. you can also see the compatibility of policy for VDC type.
    • X8 – “id”: “urn:vcloud:vdcComputePolicy:b209edac-10fc-455e-8cbc-2d720a67e812”
    • X4 – “id”: “urn:vcloud:vdcComputePolicy:69548b08-c9ff-411a-a7d1-f81996b9a4bf”
    • X2 – “id”: “urn:vcloud:vdcComputePolicy:c71f0a47-d3c5-49fc-9e7e-df6930660817”
    • X1 – “id”: “urn:vcloud:vdcComputePolicy:1c87f0c1-ffa4-41d8-ac5b-9ec3fab211bb”

Step-2: Get VDC Id to Assign  VDC Compute Policies

Make an API call to your vCloud Director with below content to get the VDC ID:


  • Get:  https://<vcd-hostname>/api/query?type=adminOrgVdc
  • Use Header as in below screenshot:
    • 6.png
  • and write down the VDC ID ( as highlighted in above screenshot in return body) , this we will use in other calls. you can also get VDC id from vCD GUI.

Step-3: Get current Compute Policies Applied to the VDC

Using VDC identifier from step2 , Get the current compute policies applied on this VDC using below API Call:


  • Get: https://<vcd-hostname>/api/admin/vdc/443e0c43-7a6d-43f0-9d16-9d160e651fa8/computePolicies
    • 443e0c43-7a6d-43f0-9d16-9d160e651fa8 – got from step2
  • use Header as per below image
    • 8.png
  • Since this is an Get call , so no body.
    • 7.png
  • Copy the output of this Get and paste in to a new postman window to make a new API Call as this is going to be body for the our next API call.

Step-4: Publish the T-Shirt Size Compute Policies to VDC

In this step we will publish the policies to VDC , let’s create a new API call with below content:


  • PUT: https://<vcd-hostname>/api/admin/vdc/443e0c43-7a6d-43f0-9d16-9d160e651fa8/computePolicies
  • Header as below image:  ensure correct “Content-Type” – application/vnd.vmware.vcloud.vdcComputePolicyReferences+xml
    • 9.png
  • Payload:
    • paste the output of step3 in the body
    • copy full line starting with <VdcComputePolicyReference ******** /> and paste number of times as your policies. in my case i have four policies , i pasted four times.
    • in each line (underline RED) replace policy identifier with identifier we captured in step1 (compute policy identifier).
    • 10.png
  • Here is API call which will associate VDC compute policies to your Tenant’s VDC.


Now go back and login to tenant portal and click on “New VM” and see under compute policy , now you can see all your compute policy which is nothing but your T-shirt size virtual machine offerings..


Once tenant chooses a policy , he can’t choose CPU and Memory parameters..


Step-5: Create a Default Policy for VDC

With Every VDC , there is default policy which is auto generated and  has empty parameters. Now since we have published our four sizing policies to this VDC, we will make one of them default policy of the VDC. This means that if user does not provide any policy during VM creation then the default policy of the vDC would be applied on the VM.


  • Get VDC using below API Call
  • 15.png
  • Take the entire output of above GET call and put in to body of new call with PUT as below screenshot and inside body within <DefaultComputePolicy section , change the id of the Policy.
  • 16

Step-6: Delete System Default Policy

There is “System Default” policy which when selected , give options like “Pre-defined Sizing Options” and “Custom Sizing Options” , and will allow your tenants to define sizes of their choice , to restrict this , we need to un-publish this policy from VDC.

  • ab .png


To disable this policy , follow the procedure in Step-5

  • Query VDC and copy the return Body
  • Make a PUT and inside body paste body copied in above step and remove the “system Default” policy , only keep policy , which you want to offer for this particular VDC.
  • policy_remove.png
  • After above call if you see , there is no “System Default” policy.
  • 17.png

NOTE – Ensure that non of the VM and catalogs are associated with this “System Default” policy , ideally after creation of VDC , you must create and assign policy before these policies are consumed by VM/catalogs.

Extra-Step: Update the Policy

if you want to update the policy make an “PUT” api call to policy with updated body content , see below my policy update API call for reference.


Compute policies cannot be edited except for name and description ,I hope this helps providers now offer various T-Shirt size options to their customers.





vCloud Director 9.7 Portal Custom Branding

Much awaited feature for cloud provider to match thier corporate  standards and to create a fully custom cloud experience, now with release on vCloud Director 9.7 you can set the logo and the theme for your vCloud Director Service Provider Admin Portal and also now you can customize the vCloud Director Tenant Portal of each tenants . In addition, you can modify and add custom links to the two upper right menus in the vCloud Director provider and tenant portals.

Provider Portal Branding

vCloud Director 9.7 UI can be modified for the following elements:

  • Portal name
  • Portal color
  • Portal theme (vCloud Director contains two themes – default and dark.)
  • Logo & Browser icon

Customize Portal Name ,Portal Color and Portal Theme

To configure the Cloud Provider Portal Branding , make a PUT request to vCloud Director end point as below:

  • PUThttps://<vCD Url>/cloudapi/branding
  • BODY – {
    “portalName”: “string”,
    “portalColor”: “string”,
    “selectedTheme”: {
    “themeType”: “string”,
    “name”: “string”
    “customLinks”: [
    “name”: “string”,
    “menuItemType”: “link”,
    “url”: “string”
  • Headers
    • 2.png

Here is my API call using Postman client:


Customize Logo

To change the Logo, here is the procedure for API

  • Headers
    • 4.png
  • PUT
  • Body – This is bit tricky since we need to upload an image as a body.
    • In Postman client inside “Body” click on “Binary” which will allow you to choose file as body. select your logo.
    • 5.png

Customize Icon

To customize the icon, follow this API call and procedure.

  • Headers
    • 9.png
  • PUT
  • Body – same as above section , choose a image
    • 10.png

so after running above API calls , here is what my vCloud Director provider portal looks like.


Tenant Portal Branding

As we did above similarly we can now fully customize Tenant Portal

Customize Portal Name ,Portal Color and Portal Theme

To configure the Cloud Provider Portal Branding , make a PUT request to vCloud Director end point in to tenant organisation as below: ( T1 is my org Name)

  • PUThttps://<vCD Url>/cloudapi/branding/tenant/T1
  • BODY – {
    “portalName”: “string”,
    “portalColor”: “string”,
    “selectedTheme”: {
    “themeType”: “string”,
    “name”: “string”
    “customLinks”: [
    “name”: “string”,
    “menuItemType”: “link”,
    “url”: “string”
  • Headers
    • 11.png

Here is my API call using Postman client:


Customize Logo

To change the Logo, here is the procedure for API

  • Headers
    • 4.png
  • PUT
  • Body – As said above ,this is bit tricky since we need to upload an image as a body.
    • In Postman client inside “Body” click on “Binary” which will allow you to choose file as body, select your logo.
    • 14.png

Once i have done with above API calls, this is how my Tenant portal look like for “T1” organisation.


For a particular tenant, you can selectively override any combination of the portal name, background color, logo, icon, theme, and custom links. Any value that you do not set uses the corresponding system default value.

This completes feature walk through of Provider and Tenant custom branding options available now with vCD9.7.

Upgrade Postgres SQL 9 to 10 for vCloud Director

Since vCloud Director 9.7 has dropped support for Postgres SQL9.5 , so i had to upgrade my postgres to 10 , then i have updated my vCloud Director to versions 9.7 , i followed below steps to upgrade the DB , basically at High level steps are as below:

  • You need to backup the existing database and data directory.
  • Uninstall old version of Postgres SQL.
  • Install Postgres10
  • Restore Backup


  • Create database backup using:
    • su – postgres
    • pg_dumpall > /tmp/pg9dbbackup
    • exit
    • 1
  • Check and Stop the service using
    • #chkconfig
    • #service postgresql-9.5 stop
    • 2
  • Move current data file as .old to /tmp directory using below command.
    • #mv /var/lib/pgsql/9.5/data/ /tmp/data.old
  • Uninstall 9.5 version of Postgres SQL using :
    • yum remove postgresql*
  • Install  PostgreSQL v10:
  • Initialise the database
    • service postgresql-10 initdb
    • as suggested by my friend miguel if above step is not working then use this (/usr/pgsql-10/bin/postgresql-10-setup initdb)
  • Copy the pg_hba.conf and postgresql.conf from old backed up directory to new directory , this will save some time or you can go ahead and edit existing files with required settings.
    • cp /data.old/pg_hba.conf /var/lib/pgsql/10/data/
    • cp /data.old/postgresql.conf /var/lib/pgsql/10/data/
    • service postgresql-10 start
  • Restore backup using below commands:
    • su – postgres
    • psql -d postgres -f /tmp/pg9dbbackup

you can run the reconfigure-database command and that’s it. (change your environment variable accordingly)


This will complete the database upgrade and database migration procedure.




VMware Container Service Extension Upgrade

With the release of new Container Service Extension (CSE) version 1.2.7 due to vulnerability related to docker (CVE-2019-5736 ) for both Ubuntu and Photon OS templates , it is very important to update the CSE ASAP , here is the procedure to help you to upgrade the CSE easily.


  • Check the release notes Here for version compatibility.

Upgrade procedure for Cloud Admins:

  • Update CSE to 1.2.7 ( follow procedure below)
  • Update the templates (follow procedure below)

Upgrading CSE Server Software

  •  Stop CSE Server services gracefully.
    • #vcd cse system stop -y
    • 2.png
  • Reinstall container-service-extension using Python Package Index:
    • #pip3 install –user –upgrade container-service-extension
    • 3.png
  • Review the configuration file for any new options introduced or deprecated in the new version. cse sample  can be used to generate a new sample config file as well.
    • 3.png
    • Follow the steps listed here , to edit your environment variable for CSE to use.
  • If the previously generated templates are no longer supported by the new version, delete the templates and re-generate new ones using below command.
    • cse install -c mysample.yaml –update
    • 12
  • If running CSE as a service, start the new version of the service with
    • $systemctl start cse
    • 4.png

Upgrade procedure for Tenant Users:

  • Delete clusters that were created with older templates. Recreate clusters with new templates
  • Alternatively, tenant-users can update docker version manually on their existing clusters.

This completes the upgrade procedure , go ahead and let the customer consume Kubernetes as a Service from your platform.

VMware CSE Upgrade Error – Missing keys in config file ‘service’ section: {‘enforce_authorization’}

Trying to upgrade CSE to latest version of CSE 1.2.7 and during upgrade process facing error , like this: Missing keys in config file ‘service’ section: {‘enforce_authorization’}


with this new release there are many new options has been added in to configuration file considering PKS integration , so to resolve this issue , there are two options:

  • Create a new sample config.yaml file using command:
    • cse sample > myconfig.yaml  – and reconfigure it.
  • If don’t need PKS integration as of now and edit the existing config.yaml file and add “enforce_authorization: false” in to service section
    • 7.png

and once you done the changes , re-run the command and it should now successfully complete the process.


this new process has not been documented properly in the CSE git page 🙂


VMware Container Service Extension Installation – Part-1

In continuation of my last post on Kubernetes as a service on vCloud Director , here is the next post on installation of Container Server Extension on vCloud Director.

This post applies to CSE version 1.2.5

CSE Installation

This installation procedure applies to Client VM as well as CSE Server VM. For this installation i will leverage a Photon OS 2.0 VM based on the official OVA which is available here. deploy OVA following the standard OVA deployment procedure.Once deployed, make sure you configure static IP and configure networking correctly based on your environment and ensure that this machine can reach to internet to download necessary binaries.

Configure Static IP on Photon OS

Edit file inside directory /etc/systemd/network  and change as below.


By default ping is disabled on this , so open firewall using below commands:


Now Install Python related binaries using below command:

root@photon-machine [ ~ ]# tdnf install -y build-essential python3-setuptools python3-tools python3-pip python3-devel

root@photon-machine [ ~ ]# pip3 install –upgrade pip (double dash –)

Install CSE Software:

Now install and verify the installation CSE:

root@photon-machine [ ~ ]# pip3 install container-service-extension


This completes installation of CSE , now we need to enable CSE client on this VM.

Enable CSE Client:

Go and edit ~/.vcd-cli/profiles.yaml  file to include this section: (exactly like in Image)


vCD Prerequisites:

There are many important requirements that must be fulfilled to install CSE successfully on vCD.

  • Catalog Organization creation:
  • Create a VDC within the org that has an external org network in which vApps may be instantiated and sufficient storage to create vApps and publish them as templates. The external network connection is required to enable template VMs to download packages during configuration. The process as follows:
    • CSE server will upload base OS image to vCloud Director in a CSE Catalog
    • CSE server will deploy the template as a VM on a Org VDC Network that requires internet access and will download and install required kubernetes and docker binaries.
    • CSE will then validate the VM and capture as vApp template and add it back to the CSE Catalog as a valid item for deploying container hosts.
  • Create a user in the org with privileges necessary to perform operations like configuring AMQP, creating public catalog entries, and managing vApps.
  • A good network connection from the host running CSE installation to vCD as well as the Internet. This avoids intermittent failures in OVA upload/download operations.

CSE Server Config File:

The CSE server is controlled by a yaml configuration file that must be filled out prior to installation. Once vCD pre-requisites are ready,  You can generate a sample file using below command:

#cse sample > config.yaml  ( cse sample generates sample config yaml)

Run above command on above VM which we have prepared for our CSE server , This file is having five sections , which i am going to cover one by one.

AMQP Section:

  • During CSE Server installation, CSE will configure AMQP to ensure communication between vCD and the running CSE server. if vCD has already been configured then skip this section while running install command , if vCD has not been configured with AMQP configuration then enter information in this section which will automatically go and configure this for you in vCD. Configure this section as described below:


1 copy

vCD Section:

  • This section is self explanatory , you need to specify vCD related details (ensure API version is related to vCD version):


vCS Section:

  • In this section provide vCenter information like VC name and credential.


 Service Section:

  • The service section specifies the number of threads to run in the CSE server process.


Broker Section:

  • The broker section contains properties to define resources used by the CSE server including org and VDC as well as template definitions. The following Image summarise key parameters. More Details can be found here


  • Sample Config.yaml file can be downloaded from config.


  • Once your are ready with file run CSE install command to start the installation. ( as said earlier we need to create a VM on which CSE server must be installed by the vCloud Director System/Cloud Administrator.The CSE appliance must be reachable to vCenter , vCD and AMQP servers. i am installing on the VM which i have prepared in first section)
  • #cse install -c config.yaml –ssh-key=$HOME/.ssh/ –ext config -amqp skip
  • I am skipping amqp configuration as “AMQP” is already configured in my vCD.



  • it failed due to some issue , so i have to rerun the command after fixing the issue and same can be done multiple times.


  • Once installation is completed , check the installation status using:
  • #cse check –config config.yaml –check-install


  • Now to validate that CSE has been registered in vCD Use “vcd-cli” command line, check that the extension has been registered in vCD:


Running CSE Server as a Service:

  • create a file named “”  inside directory /home/vmware with following content:
    • 7.png
  • create file name cse.service inside directory /etc/systemd/system with following content:
    • 6.png
  • Once installed you can start the CSE service daemon using #systemctl start cse . To enable, disable, and stop the CSE service, use CSE client.
    • 23.png

Setting the API Extension Timeout

  • The API extension timeout is the number of seconds that vCD waits for a response from the CSE server extension. The default value is 10 seconds, which may be too short for some environments. To change the time follow the steps :

    • On the vCloud Director cell run:

    • Go to Cd /opt/vmware/vcloud-director/bin and run below commands -l to list -v to Set.2122

Enable CSE

  • Login to vCD and enable the CSE using below commands…


This completes the installation of Container Server Extension and allow providers to offer Kubernetes as a Service to their customers. feel free to share your experience on this installation.

What is VMware Cloud Provider Pod

There are lots of partners looking for a solution which can automate the entire deployment of vCD based cloud once racking , stacking and cabling is done for their infrastructure that is where VMware Cloud Provider Pod helps…Basically Cloud Provider Pod automate the deployment of VMware-based clouds. A Cloud Provider Pod-deployed stack adheres to VMware Validated Design principles and is thoroughly tested for interoperability and performance. It is also tested for cloud-scale and is built to handle rigorous Cloud Provider workloads. It deploys technologies with core provider capabilities such as data center extension, cloud migration, and multi-tenancy and chargeback, and helps achieve the fastest path to VMware-based cloud services delivery. Cloud provider POD help cloud providers time to market and help in improving service delivery.


2          3     4

Cloud Provider Pod 1.1 : Supported Interoperable Version for Deployment

vSphere 6.7u1
vSAN 6.7u1
NSX 6.4.4
vCloud Director Extender
vRealize Orchestrator 7.5
vRealize Operations 7.0, including Multi-Tenant App 2.0
vRops – Cloud Pod Management Pack
vRealize Log Insight 4.7
vRealize Network Insight 4.0
Usage Meter 3.6.1

POD Designer walk through

The Cloud Provider Pod Designer offers Providers the choice to start with a VMware Validated Design (CONFIGURE YOUR CLOUD) or the Advanced Design which is custom designer based on your environment specific requirement not as per VMware validated design.


The main difference between the VMware Validated Design and the Advanced Configuration modes is that you can choose to use NFS, iSCSI or Fibre Channel as your storage options. The setup of BGP AS and other options is also not required, but can be done.VVD designer start with asking basic details about your cloud environment that you want to build , Click on “Configure Your Cloud” which will take you to below screen where you need to fill in “General Parameters”


Next will take you the screen where you need to choose optional packages that you want to add/exclude from your deployment.


Next will take you to Resource cluster selection , where you need to choose how many resource cluster your deployment will have and within that resource cluster how many host that you would have.


In the next screen , Enter your environment variable like DNS ,NTP  etc…


Enter your Management Cluster’s Networking and public facing ip addressing in “External/DMZ IP Assignment” and in MAC Addresses , you can add the MAC addresses for the hosts during the Cloud Provider Pod Designer workflow, or later during the deployment workflow. The number of available MAC addresses text boxes depends on how many hosts have been configured on the Sizing page



Enter your resource cluster details like VXLAN Segment etc…


Choose Hypervisor’s NIC allocation.


Enter License Keys now or post deployment also licenses can be assigned.


“Generate all Documentation Files”  –  This is very important and all the providers will like it , it basically automate the creation of design document and configuration work book of your environment , which was the biggest pain where Architects/consultants used to spend lots of time writing design document with visio’s etc.. this is all automatically get generated using CPod.


Once you click on “Generate Configuration” , it will generate your deployment bundle and documentation and email it to you then you can use “Cloud Provider Pod Deployer” to start the deployment. here is overall flow of the entire process


Cloud Provider Pod Deployer

Use Cloud provider deployer to deploy entire infrastructure on a click of a button. Detailed documentation and step-by-step instructions on how to use the Cloud Provider Pod Deployer to create a new environment are available in the Cloud Provider Operations guide. This guide is delivered by the Cloud Provider Pod Designer as part of generated documentation by an Email , which you registered at the start of designer.

Deployer Video is here for your reference –



Kubernetes-as-a-Service on vCloud Director

VMware’s Container Service Extension (CSE)  on vCloud Director is a VMware vCloud Director extension that helps Cloud Providers to Offer Kubernetes-as-a-Service to their tenants , who can easily create and work with Kubernetes clusters. basically it means  using CSE a Service Provider can offer compute resources to tenants secured through a multi-tenant IaaS vCloud Director deployment , and tenants/end users will have the ability to deploy & manage their kubernetes clusters from a self service portal

CSE brings Kubernetes-as-a-service to vCD by creating customized VM templates and enabling tenant/organization administrators to deploy fully functional Kubernetes clusters in self-contained vApps.

CSE Components:

  • CSE Client

    • Tenant Organization Administrators and users can use CSE client to handle Kubernetes cluster management. This includes deploying clusters, adding worker nodes, configuring NFS storage etc…
    • CSE client running on a Virtual Machine runs as an extension of vcd-cli which leverages CSE/vCD public API to manage and administer the service.
    • CSE Client which is extension of  vcd-cli offers easy way to manage life cycle of the kubernetes cluster by the Tenant.
    • From this VM CSE commands are getting issued to vCloud Director , which takes these instructions using AMQP message bus to CSE server.
  • vCloud Director Based Cloud

    • Service Provider’s cloud administrators will setup vCD, Org Network , catalog etc.
    • vCD will be the platform which will provider compute , network , security and multi-tenancy on which kubernetes clusters will be deployed.
    • CSE will use vCloud Directors Extensibility framework to deploy Kubernetes cluster , kubernetes cluster scaling operations like scale up/down , scale In/out etc..
  • CSE Server

    • Service Provider’s cloud administrators will setup CSE config file, CSE Server, and VM templates.
    • You install CSE Server on a new VM and it works in conjunction with vCD extensibility framework.
    • CSE automatically downloads and installs required binaries like Kubernetes , docker , weave etc on a template.
    • Handles CSE Client request for creation and deletion of K8s Cluster and nodes.

User Accessibility of Kubernetes cluster

  • Kubectl

    • Developers and other Kubernetes users interact with CSE Kubernetes clusters using kubernetes native “Kubectl” command line tool, For any tenant  users, Kubernetes clusters work like any other Kubernetes cluster implementation. No special knowledge of vCloud Director or CSE administration is required. Such users do not even need a vCloud Director account.

Below figure clearly lists out the required component and their owners , this picture and more details can be accessed from here


Installation Type:

Installation Type dependent on the type of the user as stated in above figure:

Kubernetes User – Install Kubectl on your laptop/desktop.

Tenant Administrator – Install CSE and configure CSE Client on a VM.

Service Provider – Install CSE , Install Messaging Bus , configure and register with vCloud Director.

In the Next series of posts i will be covering installation and configuration of CSE.

vCloud Availability Cloud-to-Cloud Design and Deploy Guide

a.pngvCloud Architecture Toolkit white paper that I have written now has been  published on the website – this design and deploy guide helps cloud providers to design and deploy vCloud Availability Cloud-to-Cloud DR solution.  This guide is based on real life example and helps cloud providers to successfully plan , design and deploy vCloud Availability Cloud-to-Cloud DR based on version 1.5.

White Paper Download Link

This white paper includes the following chapters to plan your deployment:

  • Introduction
  •  Use Cases
  • vCloud Availability Cloud-to-Cloud DR Components
  • vCloud Availability Cloud-to-Cloud DR Node Types and Sizing
  • vCloud Availability Cloud-to-Cloud DR Deployment Requirements
  • vCloud Availability Cloud-to-Cloud DR Architecture Design
  • Physical Design
  • Certificate
  • Network Communication and Firewalls
  • Deployment
  • Replication Policy
  • Services Management Interface Addresses
  • Log Files
  • Configuration Files
  •  References

I hope this helps in your plan, design  and deployment of vCloud Availability Cloud-to-Cloud DR version 1.5. please feel free to share the feedback to make this white paper more effective and helpful.

What is VMware vCloud Availability Cloud-to-Cloud DR

The VMware vCloud Availability for Cloud-to-Cloud DR solution extends existing hybrid cloud offerings of VMware Cloud Providers™ on top of VMware vCloud Director with disaster recovery and application continuity between vCloud Director Virtual Data Centers or Cloud Environments. vCloud Availability Cloud-to-Cloud brings in a much-needed in providing native Disaster Recovery between vCloud Director instances. VMware vCloud Availability for Cloud-to-Cloud DR can help VMware Cloud Providers enable further monetization of existing VMware vCloud Director multi-tenant cloud environments with DR services, including replication and failover capabilities for workloads at both VM and vApp level.



  • vCloud Availability Cloud-to-Cloud DR has capability of each deployment to serve as both source and recovery sites. There are no dedicated source and destination sites. Same set of appliances works as Sources or Destination.
  • Replication and recovery of vApps (VMs) between organization Virtual Data Centers (orgVDC) as well as two instances of vCloud Director for migration, DR, and planned migration.
  • it offers complete self-serviceability for the provider and tenant administrator via a unified HTML5 portal that can be used alongside vCloud Director. Replication, migration, and failover can be managed completely by the tenant or provided as a managed service by the provider.
  • Symmetrical replication flow that can be started from either the source or the recovery vCD instance.
  • Built-in encryption or encryption and compression of replication traffic.
  • Enhanced control with white-listing of DR-enabled vCloud Director organizations, enforcement of specific min Recovery Point Objective (RPO) at an organization (org) level, maximum snapshots per org and max replications per tenant.
  • Provide Non-disruptive, on-demand disaster recovery testing.
  • Policies that allow service provider administrators to control the following system attributes for one or multiple vCloud Director organizations:
    • Limit the number of replications at the vCloud Director organization level
    • Limit the minimum Recovery Point Objective (RPO)
    • Limit number of retained snapshots per VM replication
    • Limit the total number of VM replications

Use Cases:

Though the most obvious use case for VMware vCloud Availability Cloud-to-Cloud DR is disaster recovery from one cloud availability zone to another cloud availability zone, it can handle a number of different use cases and provide significant capability and flexibility to service providers. For all use cases and situations, VMware vCloud Availability Cloud-to-Cloud DR supports non-disruptive testing of protected cloud workload in network and storage isolated environments. This provides the ability to test disaster recovery, disaster avoidance, or planned migrations as frequently as desired to ensure confidence in the configuration and operation of recovery on cloud. The use cases are as below:


A tenant or provider administrator can utilize C2C to migrate workloads from one organization VDC to another with minimal disruption from a self-service portal. End benefit is re-organizing workloads from an easy to use workflow.

  • Easy to use workflow mechanism
  • Organize workloads in different orgVDCs
  • Ability to migrate between vCD instances or within the same vCD instance

Disaster Recovery:

A service provider has multiple sites with vCD based multi-tenant environment. Customer like to do DR from one cloud provider site to another cloud site. Disaster recovery or a planned/unplanned failover is what VMware vCloud Availability Cloud-to-Cloud DR was specifically designed to accomplish for cloud providers. This helps providers and customers to achieve:

  • Fastest RTO
  • Recover from unexpected failure
  • Full or partial site recovery

Disaster Avoidance:

Preventive failover is another common use case for VMware vCloud Availability Cloud-to-Cloud DR. This can be anything from an oncoming storm to the threat of power issues.

VMware vCloud Availability Cloud-to-Cloud DR allows for the graceful shutdown of virtual machines at the protected site, full replication of data, and startup of virtual machines and applications at the recovery site ensuring app-consistency and zero data loss. Solution helps Providers and Customer in recovering from:

  • Anticipate outages
  • Preventive failover
  • Graceful shutdown ensuring no data loss

Upgrade and Patch Testing:

The VMware vCloud Availability Cloud-to-Cloud DR test environment provides a perfect location for conducting operating system and application upgrade and patch testing. Test environments are complete copies of production environments configured in an isolated network segment which ensures that testing is as realistic as possible while at the same time not impacting production workloads or replication.

This will give you basic idea of what vCloud Availability Clout-to-Cloud DR solves for the providers.


vCloud Director – Chargeback

There were frequent asks from VMware based cloud providers that we must have a robust metering capabilities, VMware has launched New vRealize Operations Manager Tenant App for vCloud Director 2.0 in conjunction with vROps which has now inbuilt Charge back and metering capabilities.

Here I am going to discusses few awesome features with detailed screenshot. Go ahead and try these new features in your environment and build a robust Cloud infrastructure with native charge back with additional cost.

Creation of pricing policy based on chargeback strategy: With this new Release  Provider administrator can create one or more pricing policies based on how they can chargeback their consumers. Based on the vCloud Director allocation models, each pricing policy is of the type, allocation, reservation, or pay-as-you-go (PAYG).


This New Tenant App for vCloud Director 2.0 provides following ways to create pricing policies:

  • Base prices for primary resources:

    Pricing policy can be created to charge for primary resources, CPU, memory, storage, and network.

    • CPU & Memory ->

      • Users can be charged base on GHz or vCPU , can be charged “Hourly”,”Daily”,”Monthly”.policy02policy03
      • Charge Flexibility : Users can be charge based on allocation, use, reservation, or the advanced methodology such as, taking maximum of usage and allocation. Fixed cost too is available.policy04policy06
    • Storage ->

      • You can create various policies based on storage tiers to charge differential pricing and it is mapped to your storage policies.storagepolicy01
        • if not using Policy based storage then use based on Standard rate as below:storagepolicy02.png
    • Network ->

      • Data transmitted/received (MB), and network transmitted/received rate (MBPS) can be charged.Network01.png
    • Advanced Network ->

      • Pricing configurations:Pricing policy provides the flexibility to configure advanced chargeback mechanisms for network services, apart from charging primary network resources. Using advanced network pricing, users can apply variable and fixed charges for the following network services associated with edge. BGP Routing, DHCP, Firewall, High Availability, IP, IPV6, IP Sec, Load Balancer, L2 VPN, NAT, OSPF Routing, Static Routing, SSL VPN, Base rate and fixed costs can be applied for Edge Gateway sizes


    • Guest OS pricing ->

      • Guest OS can be charged uniquely. The charge can be applied based on the VM uptime, regardless of the uptime, or if the VM is powered-on at least once.gos01.png

    • Tag based and vCD metadata-based chargeback mechanism -> 

      •  Differential pricing can be established using tags or vCD metadata. Using vCenter tags or vCD metadata, tag key and key value can be referenced to apply base rate or fixed cost for VMs
  • Apply Policy ->

    • New Tenant App provides flexibility to the Service Provider administrator to map the created pricing policies with specific organization vDC. By doing this, the service provider can holistically define how each of their customers can be charged. The following vCloud Director allocation models are supported as part of the chargeback mechanism: Reservation pool Pay-as-you-go Allocation pool.assign.png
  • Exhaustive set of templates – >

    • Service Provider administrator can generate reports at various levels for a different set of objects. The following OOTB default templates are available:

  • Detailed Billing for Each Tenant ->

    • Every tenant/customer of service provider can review their bills using the vCD tenant app interface. Service Provider administrator can generate bills for a tenant by selecting a specific resource and a pricing policy that must be applied for a defined period and can also log in to review the bill details.
    • bill.png

This completes the feature demonstration available with vRealize Operations Manager Tenant App for vCloud Director 2.0. GO ahead and deploy and add native charge back power to your Cloud. 🙂

VMware vCloud Availability Installation-Part-10-Fully Automated Deployment

What i have learnt during deployments that  an automated installation and configuration of the vCloud Availability components is simple, time saving, faster and less error prone compared to the manual deployment. lets deploy it automatically with few clicks of the button.

For the automated installation of vCloud Availability, we must need to create a registry file containing information about the infrastructure and vCloud Availability components we are about to deploy.

Registry template file is located in vCloud Availability Installer appliance located at /root/.vcav/ and file name is – .registry.tmpl. this is self explanatory file about what option do you need to change and what not.

open this file with a text editor and save as “registry”  , here is my “registry” file for your convenience which you can modify based on your environment.

General Options:

Disabling all certification validation and specifying NTP server and SSH_PASSWORD for the entire environment,


Cloud Provider Management vCenter Information:

  1. This is identifier must be remain same and we will use the same in other commands and if you are changing this make sure you update in other commands.
  2. placement-locator – this parameter represents on which cluster your vCAV management VM will deploy. specify correctly.
  3. Make sure you have network Profile/Pool created (i have created with name “default”) and specify IP information accordingly.


Cloud Provider Resource (Tenant ) vCenter Information:

This is your tenant vCenter where your tenant vm resides , in my case i have single vCenter with separate cluster.Notice the identifier – vsphere vc.0 , you will reference this in deploying components. other information as suggested above.


vCloud Director Information:

  1. Notice the Identifier vcd vcd.0.
  2. Number 2 – in amqp parameter we are specifying amqp.1 , this means we need to create an identifier called amqp.1 in next section and since this will be identifier on docker host , so first we need to create docker host.


Docker Host Information:

  1. Again notice the identifier docker docker.0
  2. placement-vsphere  vc.mgmt (this is your vc.mgmt identifier , that means that this docker VM will get deployed on management vcenter.
  3. placement-address – this is the IP address of this VM.
  4. other options are self explanatory.


Message queue container on Docker Host Information:

  1. Again ensure the identifier is written and noted properly.
  2. Notice placement-docker – here we are specifying docker.0 which is docker host identifier in previous step we created.
  3. user – it is the user name that VCD will use to talk to Message queue server.
  4. password – it is the user name that VCD will use to talk to Message queue server.


Cassandra container on Docker Host Information:

  1. Notice the cassandra identifier
  2. Notice placement-docker – here we are specifying docker.0 which is docker host identifier in previous step we created on this docker host this cassandra host will get deployed.
  3. hcs-list – here we specified the vSphere Replication Cloud Service appliance identifier which will be deployed in next step.


vSphere Replication Manager Appliance Information:

  1. Again make a note of hms identifier.
  2. This host will get deployed in vc.mgmt.
  3. This VM will have ip address –
  4. This VM will have hostname – hms01.corp.local
  5. This hms will get registered with mgmt vCenter
  6. This hms will get registered with vCloud Director which we specified in indentifier vcd.0


vSphere Replication Cloud Service Appliance Information

  1. Make a note of hcs identifier.
  2. placement-vsphere is where this appliance will get deployed.
  3. placement-address is the ip address which will get assigned to this vm.
  4. hostname will be the name of this vm.
  5. vcd specified here , this appliance will get registreded to.
  6. Here we are specifying number of “cassanda” servers.
  7. message queuing server to registered with.


vSphere Replication Server Appliance Information:

  1. Make a note of hbr identifier.
  2. placement-vsphere is where this appliance will get deployed.
  3. placement-address is the ip address which will get assigned to this vm.
  4. hostname will be the name of this vm.
  5. vsphere specifies on which vcenter it is going to be registered.
  6. vcd specified here , this appliance will get registered to.


vCloud Availability Portal Host Information:

  1. Make a note of ui identifier.
  2. placement-vsphere is where this appliance will get deployed.
  3. placement-address is the ip address which will get assigned to this vm.
  4. hostname will be the name of this vm.
  5. vcd specified here , this appliance will get registered to.


vCloud Availability Administration Portal Host Information:

  1. Make a note of smp identifier.
  2. placement-vsphere is where this appliance will get deployed.
  3. placement-address is the ip address which will get assigned to this vm.
  4. hostname will be the name of this vm.
  5. vcd specified here , this appliance will get registered to.
  6. The mongodb-database property value is optional. Default value is vcav-smp , if you want you can use custom
  7. The mongodb-user property value is optional. Default value is vcav-smp.
  8. amqp will be used which we have specified in “amqp.1” identifier.
  9. this appliance will get registered with tenant ui which we have deployed in previous step under “ui.1” identifier.


save the file ensure there is no extension and copy to directory in vCAV appliance as below: /root/.vcav/ directory and run below command to validate you registry file , if out put is as below that means your registry file has been created correctly…


if you have configured registry file correctly and if all goes well then after around 20-30 minute appliance returns “OK” . which means we have successfully deployed vCloud Availability.


deployment of vCAV is simpler and less time consuming using automated one.only effort that you need to put in to create a proper registry file.

You can run a single task by running the #vcac next command. The vCloud Availability Installer Appliance detects the first task that is not completed and runs it. You can indicate which task you want to run by adding the #–task=Task-Number argument.

then follow my existing post number 9 

VMware vCloud Availability Installation-Part-9-Tenant On-Boarding

for tenant on-boarding. this completes the installation of vCAV. now you can work with your customers for the demo of DRaaS.

Here is my registry file for your reference.





VMware vCloud Availability Installation-Part-9-Tenant On-Boarding

Let’s Deploy your very known vSphere replication appliances and before we get in to that ensure that Tenant/customer has vSphere and vSphere Web Client installed and if vSphere is installed properly ,then in the vSphere Web Client, select the vCenter Server instance on which you are deploying vSphere Replication, click Manage > Settings > Advanced Settings, and verify that the VirtualCenter.FQDN value is set to a fully-qualified domain name.

Let’s On-Board tenant – Download vSphere Replication appliance ISO , mount the ISO and choose below three files during deployment of OVF from vSphere Client. we had multiple times deployed OVF , so not covering entire process in details , here are the screenshots of installation…


there are two configurations , i am choosing minimum with 2vCPU, for your environment you can choose based on recommendation for production.


Enter IP address and other details, ensure that this IP address is reachable to Cloud ( you can use NAT etc..)


Register your vSphere Replication appliance with vCenter SSO and after registering restart the services and ensure services are up and running.


Pair Sites

Login to vCenter and Click on “Site Recovery” that will take you to below screen , on this screen click on “Configure”.


Configure opens a new Window , Click on “NEW SITE PAIR”


First site must be your current vCenter and “Second Site” – Choose “Cloud Provider”

Cloud Provider Address – Enter the IP address or URL like ( of the vCD without /Cloud.

Enter Organization name which is configured on the cloud and your org cloud credentials and click Next.


if you do not have any connectivity issue , then you should see certificate warning. Accept Certificate warning by clicking on “CONECT”


Select your VDC and click Next.


Configure Network Mapping for your VMs in provider environment , and the best thing is you can select two networks, one for testing DR and another one is actual DR. ( How many Cloud providers has this option ?)


Configuring and enabling replication tasks.


this completes Tenant on-boarding , now Tenant can choose which VM they want to DR to Cloud.


VMware vCloud Availability Installation-Part-8-Integration and DRaaS portal access

As we have completed  the deployment of  all the individual components of vCloud Availability, we must need to configure them to talk/register to each other to support DRaaS.

1- Configure the vSphere Replication Manager

Configure vSphere Replication Manager with vCD using Below command.


Run below command to check if the HMS service started successfully.

hms022– Configure Cassandra

First import  vSphere Replication Cloud Service host certificates to Cassandra host.


Next is to register the Cassandra hosts with the lookup service.  run below command to register. you must see a successful message.


3- Configure vSphere Replication Cloud Service

Next is to configure the vSphere Replication Cloud Service VM, use below command to register vSphere Replication Cloud Service appliance to vCD, resource vCenter Server, and RabbitMQ server.


Run below command to check the status of service. it should return “OK” if service started successfully.


4- Configure vSphere Replication Server

this step is to attach vSphere Replication Server to vSphere Replication Manager and vCenter Server.


5- Configure vCloud Availability portal host

Use below command to configure the vCloud Availability Portal host and if it returns “OK” , then we have successfully configured vCloud Availability portal host.


6- Configure vCloud Availability Administration Portal

This portal runs a small “Mongo DB”. we must configure the vCloud Availability Administration Portal host with the vCloud Director server and its embedded MongoDB server then only services will start.


7 – Assign vSphere Replication Cloud Service Rights to the vCD Org Admin Role

before we enable VDC for replication , we must assign vSphere Replication Cloud Service rights to the vCD org administrator role.

SSH to VCAV appliance and run below command


see “–org” parameter i have put in “*” , that means all organisation’s admin will have vSphere Replication Cloud Service rights , if you want to enable on a particular organisation then instead of “*” , put organisation name.

8 – Enable org VDC for Replication

This step enable particular VDC for replication. run below command to get the list of “organisations” that we have and if you see the output of command , it says we have 4 organisations.


in the next command , let’s find out for organisation “T1” what is the vcd name on which we need to enable DRaas. you can check same thing using GUI also.


This is actual step to enable organisation “T1”  having VDC “T1-VDC” for enabling replication, and if everything goes right then we must see “OK” , that means our VDC is ready to use DRaaS.


This completes configuration, lets login to DR tenant portal using tenant portal URL , you need to use tenant credential for which this service has been enabled.



This is Service provider portal , on which you can check which orgs has been configured for DRaaS. here you will use your administration credential.


This completes service provider end configuration , in next post we will configure client end configuration and will see how to enable replication from customer data center.