Archive for September, 2013

VCAP-CIA objective 3.4 – Manage an Organization

September 9th, 2013 No comments

The blueprint states the following skills needed to cover this objective.

  • Create and manage Organizations
  • Manage Organization policies and settings

The process to create an Organization in vCloud Director is described in the English version of the vCloud Director Administrator’s Guide on pages 28 – 32 and the following kb article. Creating an Organization in VMware vCloud Director To create an Oganization in vCloud Director simply click the according link on the home screen which will bring up a wizard.


Next fill out the organization name, keep it short as this will be part of the URL that is called to access the organization. You can actually set a longer name in the Organization full name field which will appear in the browser header and an optional description.


The next screen gives you the choice for directory services, you can choose between none which basically means you will need to create the users in vCloud Director manually and they are stored in the vCloud Director database. You also have the choice to connect to the same LDAP system as the vCloud Director provider. You can choose different OUs for different organizations but you won’t have the flexibility as with the last option which is a completely independent ldap service. Further information on configuring ldap for vCloud Director can be found in the vCloud Director Administrator’s Guide on page 123 and the following kb article.

Setting up Kerberos authentication for vCloud Director



The next screen will give you the option to add or create local users in case ldap services are down.


Next up is the choice if the organization admin can publish catalogues or not.


The next screen will allow you to override the default smtp settings to send emails for this organization.


The last screen will let you configure the policies for the organization. This includes the maximum runtime, template and storage leases, the storage clean-up policy, quotas, limits on resource intensive operations and console connections and account lockout policies.



When you click “Finish” on the summary page your Organization will be created and you will be able to use it as a container for Organization VDCs.

The vCloud Director Administrator’s Guide describes the following management tasks for an Organization on the pages 105 – 110 in the English version.

  • Enable or Disable an Organization
  • Delete an Organization
  • Add a Catalog to an Organization
  • Editing Organization Properties
  • Managing Organization Resources
  • Managing Organization Users and Groups

Disabling or Enabling an Organization can be done using the “Manage & Monitor” tab by right clicking the Organization. This will prevent or allow users to login into the Organization. It won’t affect the ability of administrators to allocate resources or make changes to the network. All vApps will also continue to run just fine.

From this menu you can also delete the Organization and edit the properties of the Organization. You will need to change the ownership of all objects within that Organization that the current users own to be able to delete it.


To add a catalogue to an Organization go to the quick start page and choose option 7 “Add a catalog to an Organization”.


Choose an Organization in the Wizard to add the catalogue to.


Name the catalogue.


And finally choose the publishing option if you are allowed to that depending on the Organization options.


You will be able to edit most properties you selected during the creation process by choosing the “Properties” option when right clicking the Organization. If you actually want to change the Organization name though you will need to disable the Organization first.


You also have the option to change the LDAP settings for the Organization, to choose if catalogues can be  published to all Organizations, email notification settings and the policies you choose at creating the Organization.

To manage the resources of an Organization you will need to create, modify or delete Organization VDCs which is described in detail in objective 3.3.

To add and manage users for an Organization you can double click the Organization in the “Manage & Monitor” tab and add either vCloud Director local users or import users and groups from an LDAP source.



You will have some more options to manage those users when you right click them. You will be able to enable and disable accounts, unlock a locked account or delete an account. Depending if the account is a local account or an LDAP account you will also be able to reset the password, change the role, edit the contact info and quotas by choosing the “Properties” option.



Categories: Certification, VCAP Tags:

VCAP-CIA objective 3.3 – Manage Organization VDCs

September 9th, 2013 No comments

The blueprint states the following skills needed to cover this objective.

  • Configure storage tiers
  • Create, manage and delete org VDCs

As I already covered how to add more storage to a Provider VDC we will concentrate on how to change attached storage profiles for a Organization VDC. As every Organization can consist of several Organization VDCs you will be able to assign different storage profiles, which need to be pre-existent in your vSphere environment, to these VDCs so that your Dev&Test VDC is not eating up all your precious space and performance for your production workloads.

The assigning process can be done either directly during the creation process of an Organization VDC which will be described in the second part of this post or at any later stage by opening the Organization VDC and choosing the “Storage Profiles” tab.


In the same menu you can also disable a storage profile, delete it, change the default profile to be used or changing the size limit for the Organization VDC in the properties option.


Fast provisioning and thin provisioning settings can also be changed after creation an Organization VDC using the “Manage & Monitor” tab and right clicking the Organization VDC choosing the “Properties” option.


The second goal of this objective is to create, manage and delete Organization VDCs.  The process is described as well in the following kb article and in the English version of the vCloud Director Administrator’s Guide on pages 32 – 40.

Creating an Organization Virtual Data Center in VMware vCloud Director

As Organization VDCs are created using a specific allocation model with different use cases for each model some more information can be found using the following resources.

Allocation Models for Organizations using vCloud Director

So let’s start by creating one. This can be done by choosing option 6 on the quick start page.


You will then need to choose an organization and a Provider VDC to host the Organization VDC.



The next step is to choose an appropriate allocation model.


You then will be able to configure the resource settings, limits and reservation for CPU, memory and the maximum number of VMs that can be deployed in that Organization VDC. This screen differs a bit between the different allocation models. You will only be able to choose a specific vCPU speed in the PAYG model and you won’t be able to set any reservations in the Reservation Pool model. There will also be a rough estimation on how many VMs this Organization VDC will be able to host scaled in 3 different VM instances; “small”, “medium” and “large”.




Next up will be the storage configuration. Here you can add the storage profiles and thereby the datastores available to the Organization VDC as well as setting the default instantiation storage profile. An upper limit on how much space can be used for each storage profile can be configured as well. You can also choose the options for thin and fast provisioning in this screen.


This leaves the network pools to set. You will be able to choose 1 network pool from which the vApp networks will be created. If you already pre-configured a vShield Edge device in that network pool you will see a list of all the configured services that Edge device offers.


On the next screen you will be able to choose if you want to deploy a new Edge device and also configure it on the spot even though you may choose to do the configuration part later as well. Advanced settings like IP settings, IP Pools and rate limits can also be configured on the spot.


If you choose to deploy an Edge Gateway you will need to select the external networks that gateway can provide access to.


If needed you can create a routed organization network and also share it across the whole organization.


The last step will be to name and enable the organization VDC.


The different options for managing the Organization VDC are described on page 52 – 63 in the English version of the vCloud Administrator’s Guide.

These include the following tasks:

  • Enable or disable an Organization VDC
  • Delete an Organization VDC
  • Add a storage profile to an Organization VDC
  • Modify the Organization VDC name and description
  • Edit the Allocation Model settings
  • Edit storage settings
  • Edit network settings

All these tasks can be done by using the “Manage & Monitor” tab. To enable or disable the VDC just right click on it and choose the according option. You can also delete the VDC this way as long as it is disabled and all vApps, Templates and media was deleted or removed as well.


The process to add a storage profile to the Oganization VDC was described in the beginning of this post.

To change the name and description of the VDC select the “Properties” option when right clicking the VDC and choose the “General” tab.


You will not be able to change the actual allocation model for an Organization VDC but you can change the settings of the current model, e.g. the CPU reservation by selecting the “Allocation” tab.


If you want to enable or disable thin and fast provisioning you will need to select the “Storage” tab.


The “Network Pool & Services” tab will let you change the network pool backing the Organization VDC as well as the actual number of networks provisioned for this VDC.


Categories: Certification, VCAP Tags:

VCAP-CIA objective 3.2 – Manage vCloud Director network resources

September 8th, 2013 No comments

The blueprint states the following skills needed to cover this objective.

  • Create and manage network pools
  • Create Provider external networks
  • Manage and remove network resources

By default vCloud Director 5.1 will try to create a VXLAN backed network pool whenever you create a Provider VDC. If you want to use VXLAN backed pools the cluster should be prepared to actually use VXLAN which is described in detail in objective 2.3.

Duncan Epping gives a great overview about the 3 other network pools that can be created in vCloud Director.

There is also a kb describing the process.

Creating network pools in VMware vCloud Director

Additional information can also be found in the English version of the vCloud Director Administrator’s Guide on pages 23 – 25. Remember that you can assign only 1 network pool to each Organization VDC but share the same pool across different Organization VDCs. If you are opting for the network-isolation backed pool remember to increase the MTU on the distributed virtual switch backing that pool. These pools are used to back up the networking demands of the organizations in vCloud Director.  So let’s walk through the process of creating a new network pool.

Click on option 4 on the quick start page.


The first step in the wizard is to decide which network pool will be created.


The next steps differ for each pool type. While the VLAN backed pool will need information about a VLAN range, the isolation-backed pool will require only 1 VLAN and the number of isolated networks that need to be created. For the port group backed network pool you will need to choose pre-created port groups from the vSphere layer.




The rest of the process is the same for all network pool types which consists of naming the pool and possibly giving it a description and clicking “Finish” on the summary page.


You will be able to manage and modify network pools by clicking on the “Manage and Monitor” tab.


By right-clicking and selecting “Properties” you will be able to expand the pool by adding additional resources like VLANs, port groups or simply networks to it. You can also rename the network pool this way and increase the MTU to the recommended size of 1600 as described in the vCloud Director Administrator’s Guide on page 25.


The steps to create a Provider external network are described in the English version of the vCloud Director Administrator’s Guide on pages 22-23 and the following kb article.

Creating External (Provider) Networks in VMware vCloud Director

All we need to do is click option 3 on the quick start page.


The next step is to pick a vCenter server attached to vCloud Director and a appropriate port group providing access to the external network. This needs to be pre-configured on the vSphere level. According to the Administrator’s Guide this should be an auto-expanding static port group. Don’t worry as the exam is based on vSphere 5.1 this is already in place by default but for those more curious about this feature there is more information in the following 2 links.

Choosing a port binding type


Next up is configuring the actual network settings like standard gateway, subnet mask, DNS servers and the IP pool.


The last step in the creation process is naming the external network.


After clicking “Finish” on the summary page the new external network will be created. You can check the result on the “Manage and Monitor” page within vCloud Director.


The last goal for this objective is to manage and remove network resources. I am assuming that this is also related to network pools like the rest of this objective as vShield Edge devices are covered in more detail in objectives 4.1 and 4.2.

You can get an overview of the Organization networks connected to the network pools by clicking on the Organization VDC in the “Manage & Monitor” tab. The “Org VDC Networks” tab contains the information the different Organization networks and the related network pool status. By right clicking on an Organization network you will reveal the management options depending on the network type. For internal and routed networks you will be able to manage the services the vShield Edge device delivers to that network. You will also be able to reset the network, view the IP allocations and connected vApps and also manage the static IP pool settings and name by choosing “Properties”. You can delete an Organization network in this screen as well when no virtual machines are connected to that network anymore.


To change the allocated network pool for an Organization VDC simply the properties windows of that Organization VDC in the “Manage & Monitor” tab. This step is needed when you want to delete a network pool.


To actually find out which Organization VDCs are using a network pool you can simply click it in the “Manage & Monitor” tab.


By right clicking a network pool in the Network Pools overview you will be able to repair and delete the network pool. You can also change the settings of a network pool like already described in the last goal to change the MTU for a network backed pool for example.


Categories: Certification, VCAP Tags: