VMware vCloud Director. What's new in version 9.0?

VMware vCloud Director (vCD) is a proven solution that helps cloud service providers deliver multi-tenant IT infrastructure services (Multi-Tenant Infrastructure-as-a-service, IaaS). vCloud Director offers a solution for turnkey hybrid clouds in the vSphere infrastructure. What new features have expanded the functionality of the self-service portal (Tenant portal) of vCloud Director version 9.0, which was released recently?

Improved user interface

The completely updated HTML5 user interface is focused on simplifying the use of the cloud by tenants. A web console running on Adobe Flex technology is still available. To access the new user interface of the tenant, users need to log in with the URL address:
')
https: // {vCD _URP_IP} / Tenant / {organization_name}

Key client processes, such as creating vApp instances, deploying new virtual machines, changing the network topology, and others, have been reworked to improve simplicity and efficiency. For example, a new virtual machine can now be created on one interface screen with several options; previously, this required seven steps.


Demonstration of vCloud Director 9.0 HTML 5 Tenant Portal features

Some of the improvements that tenants will see in the new interface:

• Virtual machines can now be viewed as maps. Each card has a choice of actions or options, such as Power, Properties, creating a snapshot.
• Org vDC (Virtual Datacenter) Networks can now be viewed on the Network tab, allowing you to create and edit vDC networks.
• Stand-alone virtual machines can be created and viewed along with the virtual machines that are part of the vApp container. There is also the possibility of filtering. vCD 9.0 eliminates the need to create a vApp to create a separate virtual machine. vCD automatically creates a virtual vApp container for virtual machines.

Multisite Management

The Multisite feature allows you to provide single sign-on to a tenant who has multiple virtual data centers (Org vDC) running different vCDs. In one session, the tenant gains access to several Org vDCs that are managed by different instances of the vCloud Director using the same credentials. Service providers managing two or more vCD instances will have to associate / zapapit one site with another, establishing an association like site-to-site. A site may have several associations, but a link between sites may consist of only two objects.

After the two sites, managed by separate vCD instances, are linked by a System Administrator, Organization Admins can establish trust between them. Each Organization must create a Public / Private Key pair in order to establish trust among themselves. At the same time, local and LDAP users on different sites should have the same user names, roles, and SAML identification.

The API below will provide site attributes, as shown in Figure 1.

GET: https: // {{vcloud.example.com}} / api / site


Figure 1. REST API for retrieving site data

The API below will generate local site data that is used to communicate with the remote site, as shown in Figure 2.

GET: https: // {{vcloud.example.com}} / api / site / association / localAssociationData


Figure 2. Data for setting up an association

The system administrator will need to send this association data to Site B's API and vice versa.

After the sites are linked, the organizations on these sites can be likewise linked to getting the organization association link on site A and sending it to the organization association API on site B.

GET: https: // {{vcloud.example.com}} / api / admin / org / SiteA-OrgA / associations / localAssociationData

Distributed Logical Router

vCD 9.0 allows you to use a distributed logical router to manage the routing needs between two or more Org vDC networks. A distributed logical router (DLR) provides a faster way to build routing tables between org vDC networks. This eliminates the need to route traffic through the Edge Gateway. Prior to vCD 9.0, a tenant could have several org vDC networks, routing between these networks was always done using the Edge Gateway, which was between these and the external network. vCD deploys DLR via NSX. DLR functionality is found in kernel modules on ESXi hosts that are part of the Provider vDC cluster. The DLR is logically located between the Org vCD network and the Edge Gateway. The vCD will automatically create an uplink for the DLR, which will connect to the Edge Gateway network interface.

Tenant networks with DLRs can use the DHCP and DNS functions of the edge gateway through a node that will be managed using vCD.

By default, when a border gateway is created, the tenant can include a DLR, as shown in Figure 3. This will connect the DLR to the Edge Gateway to the backend for the North South traffic flow (external data center traffic) from the org network.

After upgrading to vCD 9.0, existing border gateways will be able to enable DLR by right-clicking on Edge Gateway.


Figure 3. The Distributed Logical Router option when creating an Edge Gateway

Trunking support for external networks and Routed Org Networks

A cloud provider may have clients who want to connect their vLAN to Org vDC networks. vCloud Director had the functionality of creating external networks with vLAN support, but not Trunked vLAN. Trunking support is now added to vCD 9.0 for external and routed networks.

To enable trunking support, create an external network in vCD that has been configured with trunking vLANS support. For Routed Org Network, select the Guest vLAN Allowed check box when creating a network, as shown below.

Flexibility of placing border gateways in a separate pool

Using vCD 9.0, a provider can define a resource pool / cluster that can be used to host NSX Edge Gateway virtual machines. This is done by defining an attribute in the Provider vDC metadata. A metadata attribute called placement.resourcepool.edge = resourcepool moref can be defined in the Provider vDC. Resourcepool moref is the moRef identifier of the resource pool / cluster edge. Resource pools and their moRefs can be obtained by requesting through the vCD API (see Figure 2).

Right-click Provider vDC -> Properties -> Meta-Data tab


Figure 4. Metadata created to host border gateways in the moRef cluster 'resgroup-28'

Note. Creating a default pool when creating a Provider vDC is now an option. The user can select the option to create a default network pool or select from an existing custom network VxLAN pool as shown below.

VM Monitoring and Metrics

vCloud Director can collect and store various VM performance metrics. These metrics include data on CPU / memory usage / storage of the virtual machine, average latency of disk operations and so on. Previous releases of vCloud Director have used Kairos DB, managed by Apache Cassandra. With vCD 9.0, Kairos DB is not necessary for storing and collecting metric data. Indicator data can be stored in the Cassandra database directly.


vCloud Director 9.0 Metrics Dashboard Demo


vRealize Operations Manager Tenant App for vCloud Director

Extensibility

The vCD UI extensibility framework allows you to extend the Tenant Portal user interface by adding additional sections. Using the framework, you can add a new section that can refer to a third-party portal or it can be an embedded iFrame.

Architecture changes

PostgreSQL support

vCloud Director 9.0, in addition to Microsoft SQL and Oracle, supports the PostgreSQL database as an external database. This release supports PostgreSQL version 9.5, cluster configurations, as well as an SSL connection.

For customers with MS SQL or Oracle databases, the Cell Management Tool (CMT) will help you transfer them to a pre-installed PostgreSQL database instance. The 'dbmigrate' option in the CMT will help move an existing database to a new PostgreSQL instance.

[bash] # cell-management-tool dbmigrate

After migrating the database, use the 'reconfigure-database' parameter in the CMT so that the vCD starts using the new PostgreSQL database.


Figure 5. CMT tool for database migration

vCenter Guest OS and hardware version consistency

When a service provider administrator starts creating a vDC, the hardware version defined by vCD will be the highest that the computing cluster can support. This allows vCD to expand the list of guest OSs it can support. vCD will support all guest OS supported by the vSphere environment.

vCD-vCenter Latency

vCloud Director can now support latency up to 100 milliseconds between itself and the vCenter server. This helps service providers use a single vCD instance to manage their vCenter servers, which can be located remotely.

Network Improvements

Security groups

vCloud Director 8.20 introduced Distributed Firewall (DFW) NSX capabilities to self-service tenants. They can define DFW policies by creating individual rules for virtual machines or vApps. At the same time, they can also apply these policies in general to a set of IP addresses, MAC addresses or objects such as virtual machines, Org vDC networks, etc. To use these features, you need to know these IP sets precisely. addresses, MAC addresses or objects.

You can view the full range of vCloud Director 8.20 control panel features using free test access to the Cloud4Y cloud for legal entities.

vCloud Director 9.0 there are Security Groups that help you dynamically define and apply security policies. The tenant administrator can determine the eligibility criteria for individual virtual machines through security groups, and DFW policies can be applied to these security groups.

To create security groups, right-click Edge Gateway-> Edge Gateway Services-> Grouping Objects-> Security Groups


Figure 6. Creating a security group

Data storage enhancements

Hot migration of customer data between data warehouses

With the help of vCloud Director 9.0, Service Providers will be able to perform hot data migration of individual tenants from one data warehouse to another. All objects that belong to the Organization, including virtual machines, directories, images, and so on, will be transferred to another data storage. This operation can only be performed by the administrator of the cloud provider or by a user with access.


Figure 7. Client Storage Migration

To reconfigure tenant vault, log in to vCD
Mange & Monitor-> Organizations-> Right click Organization-> Migrate Tenant Data

This will launch a wizard that will help you select the source and target repositories for transferring tenant data. You can transfer data of more than one tenant at a time.

Keep in mind that the assigned data stores must be visible to all hosts that are part of the cluster / resource pool. In addition, the storage processes should correspond to the source and designated storage.




Figure 8. Selecting data sources and target repositories for tenant data migration

Virtual Volume Support (vVols)

vCloud Director 9.0 adds support for data warehouses created in vCenter using virtual volumes. When you create a Provider vDC, vCD allows you to add data stores with vVols support.

Conclusion

vCloud Director 9.0 completely refreshes the day-to-day operations with virtual infrastructure, both by service providers and tenants. This release focuses on simplifying provider operations by adding support for multisite management and PostgreSQL. Cloud customers will appreciate the new user interface in HTML5, which has become much more convenient and efficient. Of course, we plan to move to 9-ku. We will need some time to validate the infrastructure and test. We will inform you about the transition to the new version later.

This article is based on " vCloud Director 9.0. What's New ".