VCPA-CIA Objective 1.2 – Configure vCloud Director for scalability
The blueprint states the following skills needed to cover this objective:
- Generate vCloud Director response files
- Add vCloud cells to an existing installation using response files
- Set up vCloud Director transfer storage space
- Configure vCloud Director load balancing
A response file is automatically created after the installation of the first cell in /opt/vmware/vcloud-director/etc and is called response.properties. The process to add a vCloud cell to an existing installation is described on page 29 – 30 in the English version of the vCloud Director Installation and Upgrade Guide.
The procedure is also described in the following kb article.
Installing VMware vCloud Director software on additional servers
We will need access to the response file during the installation so this file could be copied to the transfer storage which needs to be mounted to the additional cells anyway and can be deleted after the installation process.
Before we continue with the server group installation we should do a couple of things.
- Create a DNS entry for the new cell as the services will not start otherwise
- The transfer storage NFS share should already be set up, if not here is what I did in my lab environment, the async parameter in the export config costs reliability but enhances the speed.
- add disk – create a partition with cfdisk – create a filesystem with mkfs.ext3 or mkfs.ext4
- create a mountpoint, e.g. /nfs/datastore1
- edit /etc/fstab to auto mount the filesystem, e.g. /dev/sdb1 /nfs/datastore1 ext3 defaults 0 0
- edit /etc/exportfs to export the share, e.g. /nfs/datastore1 *(rw,async,no_root_squash)
- service nfs restart
- Edit the /etc/fstab file to auto mount the transfer storage on every cell
- Check permissions on the transfer storage, these should be user and group vcloud, if they are not set them with “chown -R “vcloud:vcloud” /opt/vmware/vcloud-director/data/transfer”
- Check permissions on the installation binary are set to executable, otherwise change them with “chmod u+x installation-file” and install the vCloud director binaries
- Generate the proper SSL certificates using the keytool
- /opt/vmware/vcloud-director/jre/bin/keytool -genkey -keystore /opt/ssl/certificates.ks -storetype JCEKS -storepass passwd -keyalg RSA -validity 731 -alias http
- /opt/vmware/vcloud-director/jre/bin/keytool -genkey -keystore /opt/ssl/certificates.ks -storetype JCEKS -storepass passwd -keyalg RSA -validity 731 -alias consoleproxy
- /opt/ssl was the path I chose to save the keystores, you might do or be requested otherwise in the exam
- Run the configure script with the -r option pointing at the response.properties, e.g. /opt/vmware/vcloud-director/bin/configre -r /opt/vmware/vcloud-director/data/transfer/response.properties
- If you are done with all the cells delete the response.properties from the transfer storage directory
This leaves the load balancing configuration on the vCloud Director side as I would suppose the actual load balancer configuration should not be part of the exam itself as it is not covered in the Installation and Upgrade guide which is referenced in the blueprint. If you need more information on the actual load balancer configuration I will post some links to different blogs showing how to configure pfsense, F5 and vShield Edge to be an actual load balancer for vCloud Director.
What is relevant for the exam according to the blueprint can be found at Administration -> System Settings -> Public Addresses as can be seen in the screenshot below.
This concludes the second objective of the VCAP-CIA, as promised here are the links for some example load balancer configuration guides and best practices.