VCF on vCloud Director

This is however not a new topic and not the first time. Writing this for the people who have the vCloud Director based lab environments. I was talking to someone in my team on this and thought of doing this myself and share the experience through this blog. I will walk-through on how VCF can be deployed in the nested environment on a vAPP in the vCloud Director based environment.

Lets take a look at the diagram first and see what are we trying to do here,

 

As you can see above, we would have a vSphere environment with all components setup and on top of that there is a vCloud Director based infrastructure on which Users will create vAPPs consisting of VMs.

 

 Assumptions

• You already have vCloud Director setup up and running
• You also know how to operate vCD
  
• You already have knowledge on VCF and its architecture

 Constraints

• This is pure nested environment
• Possibly slow performance (depends on type of underlying hardware too)

Risks

• Frustration if this does not succeeded in first go. Don't leave, fix and try again.
• It worked for me after 5 failed attempts
  

 

 vCloud Director vAPP Components

 

• 1 x Internal Network (vAPP Network) (192.168.1.x/24)

• 1 x Org Network (x.x.x.x/24)

 

•  4 x ESXi Servers with sufficient Compute Capacity for VCF deployment
• NIC assignments on ESXi hosts
   

 

 

• 1 x PFsense server for routing and firewall
• NIC assignment on pfsense
   

 

Network Connectivity View

 

pfsense setup

There are tons of articles already available on how to deploy pfsense step-by-step so I will not cover here. However, lets take a look at the configurations post pfsense deploy required for this deployment.

• Subnets for each network

 

•  VLANs

• Interface Assignments 
• GUI View
  

• Console View

IP-Assignment to a Network

Do this for all other networks as well accordingly.

• Firewall Rule

        Configure Any-Any rule for all the other Interfaces too.

Cloud Builder Deployment

You can provision another lightweight ESXi just for Cloud Builder deployment in the same vAPP. Else if you have another vCenter environment running somewhere that has connectivity should be fine too. I used the first option.

Again Cloud Builder deployment is straight forward task and I will not cover here. It is just like any other OVA deployment on vSphere.

Input Sheet or Deployment Sheet

You can get this input sheet  directly from the Cloud Builder appliance or from the VMware portal. I used the first one. Some of the information this sheet collects is, even though it is a lab deployment but these must be valid else deployment will fail.

• IPs and VLANs
• NTP / DNS
• Licenses
• Hostnames/FQDNs

Few other items you will need to fill in the sheet. Below are the steps you can use,

SSH Thumbprint

 

Login to CloudBuilder. SSH must be enabled on ESXi hosts

 

# cd /home/admin

# ssh-keygen -lf <(ssh-keyscan mclabesxi4.mclab.local 2>/dev/null)

 

  

SSL Thumbprint

 

# openssl x509 -in /etc/vmware/ssl/rui.crt -fingerprint -sha256 -noout

E5:E8:03:AE:52:96:31:64:17:3A:EC:27:D7:E9:43:8B:AF:19:28:A4

  

Timesync on the Cloud Builder appliance

# systemctl stop systemd-timesyncd -l

# systemctl start systemd-timesyncd

# systemctl status systemd-timesyncd -l

 

# ntpdate 192.168.1.2

 

To set the Device as SSD on ESXi using CLI

# esxcli storage hpp device set -d mpx.vmhba0:C0:T1:L0 -M true --cfg-file

# reboot

Setup the ESXi hostname correctly

Make sure the ESXi hostnames are setup correct with correct domain name. There are various ways to do this, but I prefer this method as it always works accurately.

Launch Cloud Builder 

1. Login to the CB using the credentials provided during the deployment

 

 

2. Select the type of deployment. Here it will be first option.

 

3. Accept the Agreement

 

 

4. Upload the Deployment Workbook prepared

 

 

5. Click Next. Cloud Builder start the validation.

 

You might notice a Warnnig on the VSAN validation where the disks are not SSDs. This can be ignored.

 

 

 

6. Once all the validation steps are passed, click on the 'Acknowledge' if there are any warnings.     Click 'Next'.

You may or may not face issue on two things,

    a. Migrate ESXi Host vmknics to vSphere Distributed Switch

        If you face this issue then login to the vCenter and manually move the Management vmk0 to Distributed Swtich

 

    b. Create vSAN Disk Groups

 

        Login to the vCenter --> Clusters --> Configure --> Disk Management

        Select each host one by one and 'View Disks' --> Create Disk Group. Do this for all hosts.

        Once done. Go back to Cloud Builder and hit 'Retry'

 

 

  

7. Rest all should go fine. Once complete --> Hit Finish to launch SDDC Manager

 

8. Launch SDDC Manager

 

 

 

 

9. From here continue to setup SDDC Manager as per the VCF Best practices. And add the Workload Domain.

 

Thank you!