VMware Cloud Director Integration Details
OnApp gives you a possibility to import multiple VCDs into OnApp. The integration with VMware enables existing VMware Cloud Director installations to use the OnApp CP as their front-end UI. With the integration, OnApp provides UI options for VMware Cloud Direc users (VS monitoring), and expands VMware Cloud Director capabilities with integrated buckets.
OnApp CP and the VMware Cloud Director are synchronized on a daily basis to update the data.
- Control Panel with VMware Cloud Director integration should have at least 3 onapp instances (vcloud L1, vcloud L2 and another one).
- OnApp supports both default and custom VCD roles. Default vCloud roles are mapped using the label, therefore, please do not change the labels of the default user roles in VMware Cloud Director. The custom role will not appear in the user creation wizard if the role does not exist in all organizations under a certain user group. Custom roles are not synchronized between the organizations in a user group, therefore, you will be required to add the same custom role in VCD for all organizations in a user group.
Below you can find the compatibility matrix for VMware Cloud Director and OnApp versions:
|NSX-V||NSX-V||NSX-V + ability to work with network pools||NSX-V + ability to work with network pools||NSX-T, NSX-V + ability to work with network pools||NSX-T, NSX-V + ability to work with network pools|
|Versions||vCD 9.1||vCD 9.5||vCD 9.7||vCD 10.0||VCD 10.1||VCD 10.2||VCD 10.2||VCD 10.3|
OnApp and VMware Cloud Director connection is supported with RabbitMQ. To integrate OnApp with the VMware Cloud Director, you must specify RabbitMQ credentials both on the OnApp CP and the VMware Cloud Director (in beta version, RabbitMQ will be delivered with the OnApp RPMs. RabbitMQ will be synchronizing OnApp and the VMware Cloud Director: it will get the list of actions happen in the VCD and report it to the CP).
After that, add the VMware Cloud Director instance as an OnApp compute resource (vcloud type) and specify the VMware Cloud Director URL and VMware Cloud Director system admin credentials. After that, all the existing VMware Cloud Director resources will be shown in OnApp.
Starting with OnApp 5.5 version, vCloud administrator is imported into OnApp as "System owner" together with VSs and vApps, which belong to this user. "System owner" user can not be edited in OnApp, but cloud administrator has a possibility to reassign "System owner"'s VSs or vApps to other owners.
At the moment, importing a VMware Cloud Director into OnApp includes the following components:
VMware Cloud Director instance (as an OnApp compute resource)
Organizations (added as OnApp user groups)
- Networks (organization vDC networks, external networks and vApp networks)
- Storage policies
Users and their roles (except system administrators)
The import of other VMware Cloud Director components into OnApp is scheduled for the following releases.
When importing VCD resources you can choose whether you wish your users to be associated with one or several VMware Cloud Director instances. If you wish your users to have access to multiple VMware Cloud Director instances, you can set up several organizations from different VCD instances to be associated in OnApp with a single user groups and have access to resources across multiple VCD instances. There the following two variants of importing VCD into OnApp:
- single vCloud Director mode - all resources are imported from the VCD instance. Each organization is imported as a separate user group which can be associated with one VCD instance.
- multiple vCloud director mode - only system level entities are imported (provider VDCs, external networks, etc.). Organizations are imported but are empty, i.e. do not contain resources and users. After the initial import you can select which organization you wish to import and associate with a certain user group. Users imported in this mode can be configured to have access to multiple VCD instances.
If in VCD you delete a user from a user group with which several organizations from different VCDs are associated, the user will be removed but will be recreated after the synchronization. The reason is that the user exists in all organizations within one user group. If you delete such users in OnApp, they are removed from all organizations in the user group.
VMware Cloud Director Instance
Virtual servers, built on a guest operating system, can be used to install and run software compatible with that operation system.
VSs between VMware Cloud Director and vCenter are mapped using MoRef ID.
vApp consists of one or more virtual servers that communicate over a network and use resources and services in a deployed environment.
A vApp template is a virtual server image that is loaded with an operating system, applications, and data. VApp templates are added to catalogs.
A catalog is a container for vApp templates and media files. You can view the list of catalogs at OnApp Control Panel > Cloud > Catalogs menu of your OnApp Cloud.
Edge Gateway is a virtual router for organization vDC (virtualDataCenter) networks. You can view the list of NSX-V and NSX-T edge gateways (together with firewall rules, NAT rules, and VPN service) at OnApp Control Panel > Cloud > Edge Gateways menu of your OnApp Cloud.
VMware Cloud Director Resource Pools
Resource pool is an allocation model which determines how and when the provider virtual data center compute and memory resources are committed to the organization virtual data center. There are three types of resource pools:
- Allocation Pool
- Reservation Pool
Orchestration models enable you to provide your customers with a ready environment which they can use to deploy virtual servers.
VCD Organizations are associated with OnApp user groups. You can view individual organizations at Control Panel > Cloud > Organizations or the user groups the organizations are associated with at Control Panel > Cloud > Groups. If several organizations are associated with one user group, the users from each organization will be created in the other organizations in the group. In this case the users in the user group will have access to multiple VCD instances.
A bucket is a set of limits and prices for the resources used by VMware Cloud Director organizations imported as user groups into OnApp.
External, organization and vApp network types, as well as network pools, are imported into OnApp as networks and network zones of the VPC type. Below are the details on how different VCD networks are imported:
Each network pool is imported into OnApp as two network zones:
- Isolated network zone - this zone contains isolated organization and vApp networks imported from VMware Cloud Director.
- Routed network zone - this zone contains routed organization and vApp networks imported from VMware Cloud Director.
External networks are imported both as a network zone and as a network within that zone. Importing external networks as network zones enables administrators to configure billing for external network usage.
Organization networks are imported into OnApp as Org networks and are associated with a network zone. Depending on the type of the organization network, it will be associated with a certain zone.
- Routed organization networks are associated with their network pool imported as a routed network zone.
- Isolated organization networks are associated with their network pool imported as an isolated network zone.
- Direct organization networks are associated with their external network imported as a network zone.
vApp networks are imported into OnApp as networks and are associated with a network zone. Depending on the type of the vApp network, it will be associated with a certain zone.
- Routed vApp networks are associated with their network pool imported as a routed network zone.
- Isolated vApp networks are associated with their network pool imported as an isolated network zone.
- Direct vApp networks are associated with their parent organization network and are assigned to the network zone to which their parent networks are assigned. So depending on the parent network, they can be imported to Isolated, Routed, or External network zone.
Provider storage policies are imported to OnApp as data store zones of the VPC type. Storage policies appear in the OnApp UI as data stores. You can select them during vApp creation. To view storage policies and the list of disks and VSs associated with them, go to the Admin > Settings > Data Stores menu.
Users are imported with their existing roles. These roles are mapped using the label. OnApp imports the username and creates that user in OnApp. From that point forward, changes to the user should be made inside OnApp. OnApp will generate a random password for each imported user. The user will be emailed with the instructions to change this password to be able to log into OnApp. After the log in, user will be asked to confirm the VMware Cloud Director password.
Also, vCloud users can log in using SAML authentication. The process is the same as for usual OnApp users.
OnApp supports predefined and custom user roles imported from VMware Cloud Director. The custom roles are associated with the user group in which the organization that includes the role resides. Custom VCD roles in OnApp have the following appearance: User Group Label-vCD Role Label. You can view the organization with which the role is associated at Control Panel > Cloud > Roles > Label in the Assigned Organizations field.
If a custom user role exists in several organizations that are under different user groups in OnApp, for each of the user groups this role is created separately. In this case there will be several separate roles with the label of the user group they reside in and the name of the VCD custom role.
Custom roles are not synchronized between the organizations in a user group, therefore, you will be required to add the same custom role in VCD for all organizations in a user group. Additionally, the permissions list is not updated in OnApp for custom roles imported from VCD.