Post

Centralized Point of Management (CPoM) in Cloud Director 10.4.1

Posted
Preview Image
By Grant Davis 3 min read

Introduction

Cloud Director Centralized Point of Management (CPoM) is a UI Plugin that empowers providers to provide customers dedicated vCenter instances. Cloud Director can also act as a proxy which allows providers to simplify tasks such as setting up VPNs and navigating complex NAT configurations. Cloud Director can also act as an API endpoint for all your vcenters, which could simplify automation.

This blog article will run through the installation and configuration of CPoM

  • Cloud Director can access the vCenter server via HTTPS
  • System Administrator role in VCD Provider Portal
  • Login account to the vCenter resource

This steps we are going to take here are:

  • Enable the CPoM feature
  • Add dedicated vCenter as cloud resource
  • Publish resource to Tenant
  • Configure proxy settings

Enabling the CPoM Feature

CPoM can be enabled in the Provider Portal under More » Customize Portal, select ‘CPOM extension’ and click Enable

Figure 1: Enable the feture under customize portal

The CPoM feature will also need to be publised to tenants, while the CPOM extension is still selected click Publish and choose your tenants

Figure 1a: Publish CPOM extension to Tenant

Add Dedicated vCenter as Cloud Resource

Next is to add the vCenter server as a Cloud Resource. Click on Resources » vCenter Server Instances » Infrastructure Resources » ADD. Figure 2: Add vCenter as cloud resource

vCenter Server

The Add vCenter Wizard opens and you will be prompted for the following:

  • Name: Unique name to identify vCenter instance
  • Description: Optional description field
  • URL: https:// url of vCenter server
  • Username: Username/Password to authenticate with vCenter
  • Password: Username/Password to authenticate with vCenter
  • Enabled: If enabled you will be ready to publish this vCenter to a Tenant.

The below screen shot uses the administrator@ vsphere.local username to authenticate with the vCenter Server, I couldnt find any offical documentation on this but I tested an account with a Read Only Global Permission role and that also worked fine.

Figure 3: Add vCenter as cloud resource wizard

Once you filled that out Click Next. Youll get a prompt to retreive and trust the vCenter certificate

Figure 4: Accept Certificate

NSX-V Manager

I am going to disable NSX-V Manager by clicking on the Configure Settings slider. NSX-V is being replaced by NSX-T.

Figure 5: NSX Manager

Click Next

Access Configuration

Now this is where you actually define this as a dedicated vCenter rather than a shared vCenter resource for orgVDCs. This is done by selecting Enable Tenant Access. We are also going to enable Generate Proxies so we can walk through that as well.

Figure 6: Access Configuration

Click Next

Ready to Complete

Ready to complete is an overview on what we have done so far, review your settings and then click Finish

Figure 7: Ready to Complete

I did get prompted to trust the vCenter certificate again. Figure 8: Certificate Trust

You should see the new vCenter now. In the screen shot below I have 2 vCenters with different usage fields, vcsa01 has a usage class of IaaS this is for my tradational orgVDC backed shared compute environment and the vCenter vcsa02 has a usage class of SDDC (Software Defined Data Center)

Figure 9: New SDDC resource created.

Publish to Tenant

Now to publish this Dedicated Resource to a Tenant, select the SDDC vCenter and click Manage Tenants

Figure 10: Manage Tenants.

Select your Tenant and click Save

Figure 11: Select Tenants.

Proxy Configuration

When we added the vCenter server, we enabled the Generate Proxies setting which created a proxy for us. This can be view by clicking on the vCenter server and then Proxies on the sidebar. Here you can also generate new proxies for NSX Managers, ESXi Hosts UI and SSO is there in case there is an external PSC.

Figure 12: View Proxies.

Extra Configuration

For Tenants to see this new dedicated vSphere instance you’ll need to confirm the following, the first 2 have already been done in this exercise.

  • The CPOM Plugin has been published to the tenant.
  • The vCenter server has been published to the tenant.
  • Modify rights bundles and tenant roles to access the SDDC Resource

Figure 13: Modify rights bundles and tenant roles to access the SDDC Resource

Tenant Portal

Lets log into the Tenant Portal, browse to Data Centers » Dedicated vSphere Data Centers.

And you should see the new SDDC ready to go!

Figure 14: Tenant Portal

Tenant Portal Proxy Configuration

You may need to action a few steps to configure the proxy capabilities, either by downloading a chrome extension or updating your Windows OS Internet LAN Settings with a automatic configuration script. When you click Actions under your SDDC Instance and click Username and Password you will get the Proxy credentials needed.

Figure 15: Proxy Configuration

Figure 16: Proxy Credentials

Conclusion

And there you have it! Customers can have all their dedicated resources in the one UI with a quick glance of capacity requirements and total number of VMs.

Figure 17: Final UI in the Tenant Portal

vmware
vcd
This post is licensed under CC BY 4.0 by the author.

Trending Tags

vcd nsx avi aws saa-c03