VCP6-CMA Study Guide Objective 1.3 – Configure and Administer vCloud Connector

Another topic towards VCP6-CMA Exam – Objective 1.3 – Configure and Administer vCloud Connector. The exam – 2V0-631 – is 100 min long and has 85 questions. The passing score is 300. Check further updates and details on VMware Certification page. What is vCloud Connector? It is a component running within vCD infrastructure which transfers workloads between different clouds. It uses a path optimization framework to export data from the source cloud and does the transfer.

What is vCloud Connector? It is a component running within vCD infrastructure which transfers workloads between different clouds. It uses a path optimization framework to export data from the source cloud and does the transfer.

vCloud connector also imports the data into the destination cloud – via parallel processing flow. This is quite a large objective and different chapters are necessary to know. To make you even more uncomfortable, this post does not detail All but consider it perhaps as a starting point. The next steps would be ….. VMware docs, HOL, or home lab…. and lots of time for study.

VMware Knowledge

• Explain the components and configure vCloud Connector
• Explain vApp copy process
• Determine virtual machine state
• Describe necessary configuration for Data Center Extension
• Differentiate between functionality of components of vCloud Connector
• Implement required network and security settings
• Determine storage requirements and add storage for vCloud Connector node
• Register vCloud Connector UI with vCenter Server
• Register vCloud Networking and Security Manager with the vCloud Connector server
• Troubleshoot common vCloud Connector installation and operations issues
• Create a vCloud Connector Content Library
• Publish vSphere folders and vCloud catalogs to a vCloud Connector Content Library
• Subscribe/unsubscribe to a published folder or catalog
• Stretch deploy a virtual machine or vApp using Data Center Extension

PDFs and Tools

• Installing and Configuring vCloud Connector
• Using vCloud Connector
• vRealize Automation Installation and Configuration Guide
• vSphere Client and Web Client
• vCloud Connector vSphere Client Plug-In
• vCloud Connector Web UI
• vRealize Automation Web Console

Explain the components and configure vCloud Connector

vCloud connector has several components:

• vCloud Connector Server – Only one vCloud Connector server is required for each vCloud Connector installation.
• vCloud Connector Node – You can install vCloud Connector nodes in vSphere or vCloud Director clouds. You must install a node in every cloud you want to connect and oversee using vCloud Connector. To connect a public or private vCloud Director cloud, you can either install a node in your organization in the cloud or use a multitenant node installed by the service provider or cloud administrator.
• vCloud Connector user interface – The UI is accessible via plug-in the vSphere client. Cloud connector icon shows on the home page where Solutions and Applications are.

It is the vCloud connector nodes which do the heavy lifting, the job of copying and pushing the data across clouds. The nodes have to be installed in vCD or vSphere based private clouds. In vCloud Air, vCloud connector node is installed by default.

Explain vApp copy process

vCloud Connector uses a path-optimized copy mechanism that provides a relatively higher copy speed and lower storage requirements. It uses a path optimization framework to export data from the source cloud, transfer it, and import it into the destination cloud in a parallel flow, instead of sequentially. The data is streamed in small chunks. As data is being exported from the source cloud, it is transferred and imported into the destination cloud.

Files are not written to the staging area of either the source or destination vCloud Connector node during the copy process. Under optimal conditions, the node staging area is not used during copy. However, in some scenarios (for example, if the transfer or import part of the copy process is slower than the export), data needs to be buffered and the staging area is used to store chunks of data. In such cases, the amount of storage needed might be equivalent to the size of the object being copied. Ensure that you have adequate storage on the nodes.

copy option with:

Data transfer protocol (https, UDT – based on UDP with high speed, but data sends plain text by default)

Support for max 5 tasks at the same time. The 6th is queued.

Determine virtual machine state

If you plan to copy large virtual machines, vApps, or templates, configure your source or destination environments with the settings listed here. Log in to the vCloud Director instance as a system administrator. Inventory panel > click Virtual machines or vApps > view the currnet state of the VM or vApp in the status column.

Describe necessary configuration for Data Center Extension

When you move (stretch deploy) a virtual machine or a vApp to a public cloud from your private datacenter, vCloud Connector stretches the private network of the VM or vApp to the public cloud by creating a Layer 2 SSL VPN tunnel between the private network’s vShield Edge and the public network’s vShield Edge.

vCloud Connector is doing:

• Verifies that the network of the VM or vApp on the private data center can be extended.
• Creates a new routed vApp network in your Organization VDC in the public vCloud.
• Creates NAT and firewall rules in the public network, if required.
• Creates NAT and firewall rules in the private network, if required.
• Creates an SSL VPN tunnel from the vShield Edge of the private network to the vShield Edge of the new routed vApp network in the public vCloud.
• Copies and deploys the VM or vApp into the new routed vApp in the public vCloud.

A network can only be stretched to a single routed vApp network in a public vCloud. This implies that once you stretch deploy a VM or vApp from a private cloud to a public vCloud and vCloud Connector creates a routed vApp network for it in the public vCloud, if you want to stretch- deploy any other VMs or vApps from the same private network, they must be moved to the same routed vApp network on the public vCloud.

img. courtesy of VMware

Needs those products to be installed:

• vSphere – 5.1 or higher
• ESXi Server 5.1 or higher
• vCloud Director 5.1 or higher
• vSphere on which vCloud is based – 5.1 or higher
• vShield Manager – 5.1.2 or higher
• vSphere Distributed Switch 5.1 or higher

Differentiate between functionality of components of vCloud Connector

• Cloud Connector UI – vCloud Connector UI is the user interface that vCloud Connector Server. You can see it through in vSphere Client or at vcloud.vmware.com. If you decide to display your UI via vcloud.vmware.com, and your vCC Server is behind a firewall, only browsers also behind the firewall can see the UI. You decide where to display the UI during the configuration process.

• vCloud Connector Server – vCloud Connnector Server is a VA that coordinates the activity of vCloud Connector, controls vCloud Connector Nodes, and produces the vCloud Connector UI. Only one vCloud Connector Server is needed.

• vCloud Connector Nodes – vCloud Connector Nodes are virtual appliances that handle transferring content from one cloud to another. Transfers between clouds that are interrupted, for example because of network problems, can be resumed at the point that they were interrupted. A vCloud Connector Node must be installed in every vSphere or vCloud cloud that vCloud Connector oversees

Implement required network and security settings

ports need to be open in NAT connection in the vCloud

Required ports:

• Port 8443: For communication between vCC Server and Node and between Nodes.
• Port 5480: For communication with the Web admin interface for the appliance, for example during the registration process.
• 80: For communication between server and nodes, and between nodes
• 8190: Req. on the destination node (only for transfers via UDT)

You can then:

• Change the password
• Adjust log levels
• Manage SSL certificates in the Connector Server ( replace the self signed SSL certificates before use in prod)

Determine storage requirements and add storage for vCloud Connector node

• In order to copy resources, you should have enough storage in your vSphere and vCloud Director clouds. Default storage per node is 40 GB. You may need to increase this if you will be copying large VMs or templates or if you will be copying many items simultaneously.
• Pre-req
  • Take a snapshot of the appliance
• In vSphere
  • Add a second hard drive to the VM
  • Go to console and run: sudo /opt/vmware/hcagent/scripts/resize_disk.sh
• In vCloud
  • Turn off VM in vApp
  • Select properties ->Hardware->Add->Disk.
  • Power on VM – Open console
  • Logon – admin/vmware
  • Name the new disk, command: ls /dev/sd*
  • Add the new disk, command: sudo/opt/vmware/hcagent/scripts/add_disk.sh <diskname>

Register vCloud Connector UI with vCenter Server

• In the vCloud Connector GUI (login via VAMI port 5480) click the vSphere Client button > Fill in the information (IP and name of vCC server and vCenter, user and password for vCenter)
• If you previously registered a vSphere client you can choose: Overwrite existing registration > Click register.

Register vCloud Networking and Security Manager with the vCloud Connector server

After you install a vCloud Connector server and nodes, you use the server Admin Web console to register the nodes with the server. The registration allows the server to manage the nodes. When you register a node, you can specify the node URL with either the node IP address or fully qualified domain name (FQDN). You must use an FQDN with a proper entry in the DNS server so that the FQDN gets resolved to the correct address.

You'll need to go to vCloud Connector server Admin Web console at https://vCCServerIPaddress:5480.

Web console (user: admin     pass: vmware) click Nodes > Click Register Node > complete the info with:

• vShield manager URL
• User/password
• Proxy
• Ignore SSL cert.

Troubleshoot common vCloud Connector installation and operations issues

using curl:

(Note: -k / –insecure.  By default all insecure requests fail. With -k, insecure requests do not fail.)

• vCloud Director: curl -k https://vcd/api/versions
• vCC Node: curl -k https://vccnode/agent/api/v2:org/org:version

Create a vCloud Connector Content Library

The vCloud Connector Content Library is a library of published folders or catalogs of templates to which users can subscribe. These templates can be virtual machine templates from vSphere clouds or vApp templates from vCloud Director clouds or public vClouds.

By default the VCC creates a default library.

Any user of a vCloud Connector instance can publish a folder or catalog of templates to the Content Library and any user can subscribe to a published folder or catalog.

Publish vSphere folders and vCloud catalogs to a vCloud Connector Content Library

In the Browser panel, expand the Clouds tree, find the folder or catalog of templates that you want to publish > Right-click the folder and select Publish to Content Library. If Publish to Content Library is disabled, check that you are right-clicking a folder or catalog. The option is disabled for other objects, such as a datacenter or an organization.

If the option is still disabled, check that you have a valid license and that the license key was entered in the vCloud Connector Server Admin Web console. Click Publish in the confirmation dialog box > In the Browser panel, select Content Library.

The Catalogs table appears in the Inventory panel. The table lists the catalog or folder that you published, along with details such as its location, publisher, and the time that it was last updated. Click on the folder name to view the templates it contains. Users can now subscribe to the published folder.

Subscribe/unsubscribe to a published folder or catalog

It is possible to subscribe to a published folder or catalog. After you subscribe, vCloud Connector keeps your templates synchronized with the source templates. Any changes made to the source folder or catalog will automatically be reflected in your subscription folder or catalog at the interval or time that you specify. You can also synchronize the folders at any time with the Sync Now command.

• To Subscribe: Click Subscribe icon at the top of the inventory panel
• To Unsubscribe: Select Content Library > catalogs table select folder or catalog > Unsubscribe

Note that after unsubscribing, the existing templates in your subscription are not deleted, but manual delete is possible (Select parent cloud > select template > delete icon)

Stretch deploy a virtual machine or vApp using Data Center Extension

Stretch deploy stands basically for a copying VM or vApp from the private data center to public vCloud.

You can stretch deploy:

• A single VM
• A VM within vApp
• Whole vApp (not an empty one)

VM or vApp that you want to stretch deploy must be powered off.

If the VM or vApp has already been stretch deployed, you cannot stretch deploy it again

The process is well written in the doc. Some highlights:

vCloud Connector creates a routed vApp network in your organization in the public vCloud, creates a Layer 2 SSL VPN tunnel between the private network and the routed vApp network in the public cloud, and copies and deploys the VM or vApp in the new vApp in the public cloud.

The VM continues to be part of the private network. Its IP address and MAC address remain the same. You can continue to use it as if it were still in your private datacenter.