At this point we will need to upload the vCloud Director Installer as we need to run prerequisites checker as this also installs the relevant tools to create the certificates. You need to download the ISO via your VMware Partner Portal and upload this to your vCloud Director cell. The easiest way I find to do this is to use WinSCP to transfer the file. I have uploaded mine to the /media directory as you can see in the screenshot below –

You will now need to make sure that the file is executable by running the below command as per the installation guide –

chmod u+x installation file name – In my example it would be

chmod u+x vmware-vcloud-director-distribution-8.10.0-3880025.bin

Now run the installation by running the below command –

./vmware-vcloud-director-distribution-8.10.0-3880025.bin

You need to make sure you select No here (N) as we need to continue with setting up the vCloud Director cell before we run this script.

Untrusted Certificates –

I will not be covering this section as I will be using Trusted Certificates requested from my CA in my Lab Environment.

HTTP Service –

keytool -keystore certificates.ks -alias http -storepass passwd -keypass passwd -storetype JCEKS -genkeypair -keyalg RSA -keysize 2048 -validity 365 -dname “CN=vcd1.example.com, OU=Engineering, O=Example Corp, L=Palo Alto S=California C=US” -ext “san=dns:vcd1.example.com,dns:vcd1,ip:10.100.101.9”

Console Proxy Service –

keytool -keystore certificates.ks -alias consoleproxy -storepass passwd -keypass passwd -storetype JCEKS -genkeypair -keyalg RSA -keysize 2048 -validity 365 -dname “CN=vcd2.example.com, OU=Engineering, O=Example Corp, L=Palo Alto S=California C=US” -ext “san=dns:vcd2.example.com,dns:vcd2,ip:10.100.101.10”

Confirm the certificates are now in the certificates.ks keystore

keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -list

Trusted Certificates –

You will need to change directory to the following directory as this is where the keytool that we will be using to create the certificates is installed.

cd /opt/vmware/vcloud-director/jre/bin

HTTP Service –

Configure these variables for your environment –

CN=FQDN of your vCD Cell

OU – Organisational Unit

O – Organization

L – Locality

S – State

C – Country

SAN=FQDN of your vCD Cell

DNS – DNS Shortname of your vCD Cell

IP = HTTP IP of your cell

./keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -genkey -keyalg RSA -keysize 2048 -alias http -dname “CN=JACOB-vCD01.JACOB.local, OU=Information Technology, O=JACOB, L=Northampton S=Northamptonshire C=GB” -ext “san=dns:JACOB-vCD01.JACOB.local,dns:JACOB-vCD01,ip:172.16.0.231”

Fill in the relevant certificate information.

Console Proxy Service –

./keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -genkey -keyalg RSA -keysize 2048 -alias consoleproxy -dname “CN=JACOB-vCD01-RC.JACOB.local, OU=Information Technology, O=JACOB, L=Northampton S=Northamptonshire C=GB” -ext “san=dns:JACOB-vCD01-RC.JACOB.local,dns:JACOB-vCD01-RC,ip:172.16.0.232”

HTTP Service Certificate Signing Request –

keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -certreq -alias http -file http.csr

Console Proxy Service Certificate Signing Request

keytool -keystore certificates.ks -storetype JCEKS -storepass passwd -certreq -alias consoleproxy -file consoleproxy.csr

You will now need to submit these .CSR files to your certificate authority and save the responses as .CER files. These will be in the following directory /opt/vmware/vcloud-director/jre/bin I recommend you use WinSCP as this is an easy method.

Navigate to your certificate authority web browser, usually http://CAFQDN/certsrv or https://CAFQDN/certsrv – This is references a Windows CA.

You will initially need to download the CA Certificate, Click Download a CA certificate, certificate chain or CRL.

You should name this certificate root.cer

Now you should navigate back to the previous page and Select Request a Certificate

Submit an Advanced Certificate Request

Open the http certificate file and copy the contents

Paste this in to the Advanced Certificate Request Box and select the Web Server template.

Select DER Encoded and Download the certificate. Rename this to http.cer as this makes it easier for us to determine the correct certificate for each service.

Repeat these steps for the Console Proxy certificate.

You should now see these two certificates and the root certificate in the directory.

You should now upload these .CER files to the vCloud Director cell. Again this can be completed easily using WinSCP.

I recommend uploading this to the same directory as this is the directory that keytool is installed.

We initially need to import the root certificate, this can be completed using the following command –

keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import -alias root -file root.cer

Import these to the certificates directory we created earlier then run the below commands –

Import HTTP Service –

keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import -alias http -file http.cer

Import Console Proxy Service –

keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -import -alias consoleproxy -file consoleproxy.cer

Confirm the certificates are now in the certificates.ks keystore

keytool -storetype JCEKS -storepass passwd -keystore certificates.ks -list

Remember you will need to repeat these steps on any other vCloud Director cell you will be adding to vCloud Director.

Configuring NFS Transfer Storage for vCloud Director Cells

We now need to setup the transfer storage on the vCloud Director Cell. I have a NFS server that I will be using for this, but you can setup a NFS share on a Synology box If you have one or another NAS device such as FreeNAS. You can find my guide for setting up a NFS server on Ubuntu 14.03 here

We need to navigate to the following directory as this is where we will be mounting the NFS share.

cd /opt/vmware/vcloud-director/data/transfer

Mount the NFS share to the /opt/vmware/vcloud-director/data/transfer directory using the below command –

mount -t nfs IPofNFS:/Share /opt/vmware/vcloud-director/data/transfer

We now need to edit the fstab file so we can start this NFS mount when the vCloud Director Cell starts.

vi /etc/fstab

Press I to change to Insert mode inside the text editor.

Enter the following to the file so that this starts the NFS mount on boot. Change the relevant share to your NFS share.

172.16.0.13:/media/transfer /opt/vmware/vcloud-director/data/transfer nfs rw 0 0

Press Esc and then press :wq! To save the file.

We can confirm this is mounted by running the below command –

df -h

vCloud Director Installer

We can finally start the vCloud Director Installation! We will need to navigate to the correct directory using the below command –

cd /opt/vmware/vcloud-director/bin

./configure

Select the IP for the HTTP Service and select the IP for the Remote Console Proxy.

Enter the path to the keystore we created earlier called certificates.ks – Enter the directory below and type your keystore password (Default was passwd).

/opt/vmware/vcloud-director/jre/bin/certificates.ks

At this point you can configure a syslog host name or IP address If you have one on your network.

We now need to configure the SQL Database. Specify the following information –

Hostname of SQL Database/SQL Cluster Listener DNS Name/IP Address.

Default Port – 1433

vCloud Database Name, if you used the scripts above it will be called – vcloud

Database Instance – This will be default unless you have multiple instances on your SQL Server.

Enter the Database Username – vcloud

Enter the Database Password – Default as per the scripts above was – vcloudpass

The vCloud Director installer will configure the database as you can see below and then ask you if you want to start the vmware-vcd service.

When the service is started you can navigate to the web site as specified below –

You will now be able to navigate to the vCloud Director website as specified above.

Enter your vCloud Director License Key after agreeing to the License Agreement.

Specify an account name and password and also specify the contact Info.

Select Next and Finish

You will now be presented with the vCloud Director Login page!

Adding Additional vCloud Director Cells

To add additional cells to the deployment we will need to copy the responses.properties file, this is stored in the following location –

cd /opt/vmware/vcloud-director/etc

When you are in this location you can run the below command to copy this file to the vCloud Director Transfer storage.

cp responses.properties /opt/vmware/vcloud-director/data/transfer

You will now need to repeat the steps for the vCloud Director cell and when you reach the vCloud Director installation stage you need to run this command instead of the usual ./configure command that we used for this cell.

./configure -r /opt/vmware/vcloud-director/transfer/responses.properties

This will add an additional cell to vCloud Director!

Configuring CentOS Routing For Two NICS When Using Same Subnet (Thanks to Matt F)