Architecting a vCloud Director Solution
Introduction
Technology Mapping
2.1 Glossary of Terms
Deployment Model Considerations
3.1 Service Offerings
3.1.1 IaaS Single Availability Zone
3.1.2 IaaS Multiple Availability Zones
3.1.2.1 Distributed Resource Groups
3.1.2.2 Stretched Resource Group
3.1.3 IaaS Multiple Regions
3.1.4 IaaS with Disaster Recovery SLA
3.1.5 Consumption Models
3.1.5.1 On-Demand Cloud
3.1.5.2 Virtual Private Cloud
3.1.5.3 Dedicated Cloud
Architectural Overview
Cloud Management Components
5.1 Management vCenter Server
5.2 vCloud Director
5.2.1 vCloud Director Cells
5.2.2 vCloud Director Database
5.3 VM Metric Database
5.4 Pivotal RabbitMQ
5.5 VMware vCenter Chargeback Manager
5.6 vRealize Business for Cloud
5.7 vRealize Log Insight
5.8 vRealize Orchestrator
5.9 vRealize Operations Manager
5.9.1 Service Provider Internal Use Case
5.9.2 Managed Services Use Case
5.10 vCloud Usage Meter
Resource Groups
6.1 Resource Group Management Components
6.2 Compute Resource
6.3 Networking
6.3.1 Transport Zones
6.3.2 NSX Edge Cluster
6.3.2.1 Design Option 1 – Traditional
6.3.2.2 Design Option 2a – Combined Edge/Compute Cluster
6.3.2.3 Design Option 2b – Combined Edge/Compute Cluster with Non-Elastic VDC
6.3.2.4 Design Option 3a – Dedicated Edge
6.3.2.5 Design Option 3b – Dedicated Edge Cluster with ECMP Edges
6.3.3 Summary of Edge Cluster Deployment Options
6.3.4 NSX Controller Cluster
6.3.4.1 Design Option I – Edge Cluster
6.3.4.2 Design Option 2 – Compute Clusters
6.3.4.3 Design Option 3 – Universal NSX Controller Cluster
6.3.5 NSX Distributed Firewall and Logical Routing
6.3.6 Other Network Services
6.4 Storage
6.4.1 Storage Tiering
6.4.2 Datastore Clusters
6.4.3 Cloning and Copy Operations
6.4.4 vSAN
vCloud Director Design
7.1 Provider Virtual Data Centers
7.1.1 Placement Engine
7.1.2 Tiers
7.2 Organizations
7.2.1 User Management
7.2.2 OAuth Authentication
7.2.3 Granular Role-Based Access Control
7.3 Organization Virtual Data Centers
7.3.1 Non-Elastic Allocation Pool VDC
7.3.2 Elastic Allocation Pool VDC
7.3.3 Pay-As-You-Go VDC
7.3.4 Reservation Type VDC
7.3.5 Org VDC vSphere Resource Settings
7.4 Networks
7.4.1 Network Pools
7.4.2 External Networks
7.4.3 Organization VDC Networks
7.4.4 vApp Networks
7.4.5 vCloud Director Edge Gateways
7.4.6 Service Network Use Case Example
7.4.7 Distributed Firewall
7.5 Storage
7.5.1 Snapshots
7.5.2 Fast Provisioning
7.5.3 Datastore Thresholds
7.6 Catalogs
7.7 vApps
7.7.1 Overview
7.7.2 vApp Deployment
7.7.3 Guest Customization
7.7.4 VM Auto Import
Scalability
8.1 Resource Group
8.1.1 Provider VDC Scalability
8.1.2 Cluster Scalability
8.1.3 Scalability Within vCenter Server
8.1.4 Scalability Across vCenter Server Systems
8.1.5 Storage
8.1.6 Networking
8.2 Management Cluster
8.2.1 vCloud Director Database
8.2.2 vCloud Director Cells
8.2.3 NSX Manager
8.3 vCloud Director Federation
Recoverability
9.1 Overview
9.2 Management Cluster
9.3 Tenant Workloads
Security
10.1 Guidelines
10.1.1 Key Management and Encryption
10.1.2 vCloud Configuration Sensitive Files
10.1.3 Web Application Firewall
10.1.3.1 Web Portal
10.1.4 vCloud API
10.1.5 vCloud Director API for NSX
10.2 Audit Logging
Operational Considerations
11.1 vCloud Director Monitoring
11.1.1 vCloud Services Monitoring
11.1.2 vCloud Log Monitoring
11.1.3 Time Synchronization
11.2 VMware vCloud Director Patching
11.2.1 vCloud Director Cells
11.2.2 NSX Manager and NSX Edge Instances
Extending vCloud API with vCloud Extensibility Framework
Introduction
1.1 vCloud Director API Extension Requirements
Command-Line API Calls
2.1 Log in to vCloud Director API using HTTPie
Extension Example
3.1 Register an Extension
3.2 Handling Extension AMQP Messages
3.2.1 Basic Example
3.3 Full Ticketing Example
3.4 Adding API Links
Summary
Automated vRealize Automation Deployments
Introduction and Solution Overview
1.1 Service Provider Deployment Models
1.2 Business Drivers
Solution Design
2.1.1 vRealize Automation
2.1.1 vRealize Automation
2.1.1.1 vRealize Automation Appliance
2.1.1.2 vRealize Automation IaaS Web Service
2.1.1.3 vRealize Automation IaaS Manager Service
2.1.1.4 vRealize Automation DEM Workers and Agents
2.1.1.5 vRealize Automation vRealize Automation Agents
2.1.1.6 vRealize Orchestrator
2.1.2 Deployment Sizing
2.1.3 Hosting Environment Management Infrastructure
2.1.3.1 vCloud Director
2.1.3.2 vSphere
2.1.4 Development and Test Environments
2.1.4.1 Service Provider Development Instance
2.1.4.2 Customer Development Instance
2.2 Infrastructure Prerequisites
2.2.1 Active Directory
2.2.2 Domain Name Service (DNS)
2.2.3 Certificates
2.2.4 Network Connectivity
2.2.4.1 Connectivity with vCloud Director
2.3 Use Case Software Components and Considerations
2.3.1 vRealize Automation
2.3.2 vRealize CloudClient
2.3.3 Converged Blueprint JSON Files (Optional)
2.3.4 Execution with vRealize Orchestrator
2.4 vRealize Automation Component Configuration
2.4.1 vRealize Automation vApp
2.5 Silent Installation
2.6 vRealize CloudClient Configuration
2.6.1 CloudClient, User Roles, and Environment Variables
2.7 PowerShell Script Configuration
2.7.1 Input Parameters
2.7.2 Environment Variables
2.7.3 vRealize Automation Groups and Object Naming Creation
2.7.4 Leveraging Cloud Client with PowerShell
2.7.5 vRealize Automation API
Deploying the Solution
3.1 Executing vRealize Automation Instance Deployment
Operational Considerations
4.1 Tenant Roles and Responsibilities
4.1.1 Tenant Admin
4.1.2 Infrastructure Admin
4.1.3 Fabric Group Admin
4.1.4 Infrastructure Architect
4.1.5 XaaS Architect
4.1.6 Software Architect
4.1.7 Catalog Administrator
4.1.8 Business Group Manager
4.1.9 Business Group Support User
4.1.10 Business Group User
4.1.11 Service Provider vs. Customer Role Demarcation
4.1.12 AD Groups Recommendations
4.1.13 Blueprints
4.1.13.1 Templates
4.2 Upgrading and Patching vRealize Automation
4.3 Backups
4.4 Content Management
Conclusion
Appendix A: Acronyms and Terms
Appendix B: References
Architecting Multisite vCloud Director
Introduction
1.1 Overview
1.2 Document Purpose and Scope
1.3 Definitions, Acronyms and Abbreviations
1.3.1 Definitions
1.3.2 Acronyms and Abbreviations
Multisite vCloud Director v8.20 and Earlier
2.1 vCloud Director Management Cluster Topologies
2.1.1 Single-Site Management Cluster
2.1.2 Stretched Management Metro-Cluster
2.2 Single-Site vCloud Director
2.3 Dual-Site Stretched vCloud Director
2.3.1 Dual vCenter Server Instances – Stretched vCloud Director
2.3.2 Single vCenter Server – Stretched vCloud Director
2.4 The Benefits of a Stretched vCloud Director Solution
Multisite vCloud Director v9.0
3.1 Multisite Concepts
3.2 Site Association
3.2.1 Site Association Process
3.2.1.1 Site Association Workflow
3.2.2 Site Association Mesh
3.3 Organization Association
3.3.1 Organization Association Process
3.3.1.1 Organization Association Workflow
3.3.2 Organization Association Using the GUI
3.3.3 Organization Association Mesh
3.4 Multisite Tenant User Interface
User Access to a Multisite vCloud Director UI
4.1 Direct Site Access
4.2 Switching Between Associated Sites
4.3 Global Site Access
4.3.1 Global Site Access with Traffic Load Sharing
4.3.2 Global Site Access with DNS Load Balancing
4.4 Association Partial-Mesh Access
4.4.1 Per-Customer Partial Mesh-Access
4.4.2 Regional Partial-Mesh Access Model
4.5 User Account Requirements for Multisite Access
Multisite vCloud Director Design Decisions
5.1 The Need for Stretched vCloud Director Instances
5.2 The Need for Global Access
5.3 Prerequisites for a vCloud Director v9.0 Upgrade or Deployment
References
Introduction
References