VCP-IaaS Study Notes: Section 5.2

This is Section 5.2 in the VCP-IaaS blueprint Guide 1.2. The rest of the (completed) sections can be found here.

List operations that can be performed on an Organization

  • See Section 5.1 for modify Organization.

List the vCloud constructs that make up an Organization

  • Organizations provide resources to a group of users and set policies that determine how users can consume those resources. Create an organization for each group of users that requires its own resources, policies, or both.
  • Policies
    • Runtime and storage leases for controlling computing and storage resources
  • Resources
    • vDC with allocation models and Provider specified tier.

Given a tier of server determine the appropriate Organization vDC

  • If your vCloud will have diffirent tiers, eg. Gold, Silver, and Bornze.
    • Gold will have the fastest hardware, SSD disks + SAS disks, or/and other services like Backup.
    • Silver has SAS disks.
    • Bronze has SATA disks.
  • Most of the time the storage layer will change between vDC tiers.
  • Plan the placement of the workload according to its recommendations for performance.

Edit leases/quotas/limits applied to an Organization

  • Leases, quotas, and limits constrain the ability of organization users to consume storage and processing resources. You can modify these settings to prevent users from depleting or monopolizing an organization’s resources.
  • Procedure
    • Click the Manage & Monitor tab and click Organizations in the left pane.
    • Right-click the organization name and select Properties.
    • Click the Policies tab.
    • Select the lease options for vApps and vApp templates.
      • Leases provide a level of control over an organization’s storage and compute resources by specifying the maximum amount of time that vApps can be running and that vApps and vApp templates can be stored. You can also specify what happens to vApps and vApp templates when their storage lease expires.
    • Select the quotas for running and stored virtual machines.
      • Quotas determine how many virtual machines each user in the organization can store and power on in the organization’s virtual datacenters. The quota you specify acts as a default for all new users added to the organization.
    • Select the limits for resource intensive operations.
      • Certain vCloud Director operations, for example copy and move, are more resource intensive than others. Limits prevent resource intensive operations from affecting all the users in an organization and also provide a defense against denial-of-service attacks.
    • Select the number of simultaneous connections for each virtual machine and click OK.

Revise Catalog(s) attached to an Organization

  • Share A Catalog
    • Share a catalog to make its contents available to users in your organization. Users with the proper rights and access level can use vApp templates and media from the shared catalog to create their own vApps.
    • You are at least a catalog author.
    • Procedure
      • Click Catalogs > My Organization’s Catalogs.
      • Select a catalog, right-click, and select Share.
      • Click Add Members.
      • Select the users and groups with whom you want to share the catalog.

      • Select an access level and click OK.

      • The actual actions a user can perform on a catalog and its contents depends on the intersection of the rights of the user and their access level to the catalog. Sharing a catalog with full control does not grant a user rights that the user do not already have.
      • Click OK.
  • Modify the Properties of Your Catalog
    • You can review and modify your catalog properties.
    • You are at least a catalog author.
    • Procedure
      • Click Catalogs.
      • In the left pane, click My Organization’s Catalogs
      • Select a catalog, right-click, and select Properties.
      • Review the properties in the General, Sharing, and Publishing tabs.
      • Modify the relevant properties and click OK.

Add/Remove users and groups

  • Add Users
    • Add a Local User
      • Adding local users allows organization administrators to provide access to users who do not exist on an LDAP server. You can also add local users if you do not plan to use an LDAP server.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Users.
        • Click the New User button.
        • Type the user name and password.
        • Select a role.
          • To create a custom role, contact your system administrator.
        • (Optional) Type the contact information.
        • Select the stored and running virtual machine quota limits for this user.
        • Click OK.
          • The new user appears on the Users page.
    • Import an LDAP User
      • Organization administrators can import users from an LDAP server.
      • Contact a system administrator to configure LDAP settings for your organization.
      • Prerequisites
        • The LDAP settings for the organization must be set up and working.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Users.
        • Click the Import Users from LDAP button.
        • Type the full or partial user name and click Search.
        • Select a user and click Add.
        • Select a role for the imported user.
        • Click OK.
  • Remove Users
    • Delete a User
      • If a user leaves the company or moves to another organization, an organization administrator can delete a user from the organization.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Users .
        • Select a user, right-click, and select Disable Account.
        • Reselect this user, right-click, and select Delete.
        • Click OK .
    • Disable or Enable User Accounts
      • An organization administrator can disable a user account to log the user out of the Web console and prevent the user from logging in again. You can enable a user to allow them to log in.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Users.
        • Select a user, right-click, and select Disable Account or Enable Account.
  • Add Groups
    • Import a Group
      • An organization administrator can import LDAP groups into an organization.
      • Contact a system administrator to configure LDAP settings for your organization.
      • Prerequisites
        • The LDAP settings for the organization must be set up and working.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Groups.
        • Click the Import Groups from LDAP button.
        • Type the full or partial group name and click Search.
        • Select a group and click Add.
        • Select a role for the group.
          • All the users in the group will be assigned this role.
        • Click OK.
  • Remove Groups
    • Delete a Group
      • An organization administrator can delete a group to remove it from the organization.
      • Deleting a group from an organization affects users who are members of the organization based solely on their membership in the deleted group. These users will not be able to log in to the organization. When you delete a group from an organization the group still exists in LDAP.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Groups.
        • Select a group, right-click, and select Delete.
        • Click Yes.

Configure/Edit Organization settings

  • After receive the URL of your organization from the system administrator you can set it up on the vCloud Director Home page by clicking Set up this organization
    • Change the Organization Full Name
    • Import LDAP Users and Groups
    • Add local Users to the Organization
    • Configure email pereferences
    • Configure Organization Lease, Quota and Limit Settings
    • All these procedures can be found in Section 5.1.
  • Modify Email Settings
    • You can review and modify the default email settings that were set when the system administrator created your organization.
    • You are an organization administrator.
    • Procedure
      • Click Administration.
      • In the left pane, select Settings > Email.
      • Select an SMTP server option.

      • Select a notification settings option.

      • (Optional) Type a destination email address and click Test Email Settings to verify that all SMTP server settings are configured as expected.
      • Click Apply.
  • Modify Your Organization’s Policies
    • You can review and modify the default policies that were set by the system administrator when your organization was created
      • Click Administration.
      • In the left pane, select Settings > Policies.
      • Select the lease options for vApps and vApp templates.
      • Select the quotas for running and stored virtual machines.
      • Select the limits for resource intensive operations.
      • Select the number of simultaneous VMware Remote Console connections for each virtual machine.
      • (Optional) Select the Account lockout enabled check box, select the number of invalid logins to accept      before locking a user account, and select the lockout interval.
      • Click Apply.
  • Set Default Domain for Organization Virtual Machines
    • You can set a default domain which virtual machines created in your organization can join. Virtual machines can always join a domain for which they have credentials, regardless of whether or not you specify a default domain.
    • Procedure
      • Click Administration.
      • In the left pane, select Settings > Guest Personalization.
      • Select the Enable domain join for virtual machines in this organization.
      • Type the domain name, domain user name, domain password.
        • These credentials apply to a regular domain user, not a domain administrator.
      • Click Apply.

Allocate resources to an Organization

  • You allocate resources to an organization by creating an organization vDC that is partitioned from a provider vDC. A single organization can have multiple organization vDCs.
  • Open the Allocate Resources Wizard
    • Open the Allocate Resources wizard to start the process of creating an organization vDC for an organization.
    • Procedure
      • Click the Manage & Monitor tab and click Organizations in the left pane.
      • Right-click the organization name and select Allocate Resources from the menu.
      • The Allocate Resources wizard starts.
  • Select a Provider vDC
    • An organization vDC obtains its compute and storage resources from a provider vDC. The organization vDC provides these resources to vApps and virtual machines in the organization.
    • Procedure
      • Select a provider vDC.
        • The provider vDC list displays information about available resources and the networks list displays information about networks available to the selected provider vDC.
      • Click Next.
  • Select an Allocation Model
    • The allocation model determines how and when the provider vDC compute and memory resources that you allocate are committed to the organization vDC.
    • Procedure
      • Select an allocation model.

      • Click Next.
  • Configure the Allocation Model
    • Configure the allocation model to specify the amount of provider vDC resources to allocate to the organization vDC.
    • Procedure
      • Not all of the models include all of the options.

      • Click Next.
  • Allocate Storage
    • An organization vDC requires storage space for vApps and vApp templates. You can allocate storage from the space available on provider vDC datastores.
    • Thin provisioning can help avoid over-allocating storage and save storage space. For a virtual machine with a thin virtual disk, ESX/ESXi provisions the entire space required for the disk’s current and future activities.
    • ESX/ESXi commits only as much storage space as the disk needs for its initial operations.
    • Fast provisioning saves time by using vSphere linked clones for certain operations.
      • IMPORTANT Fast provisioning requires vCenter Server 5.0 and ESXi 5.0 hosts. If the provider vDC on which the organization vDC is based contains any ESX/ESXi 4.x hosts, you must disable fast provisioning. If the provider vDC on which the organization vDC is based contains any VMFS datastores connected to more than 8 hosts, powering on virtual machines may fail. Make sure that datastores are connected to a maximum of 8 hosts. NOTE changed in vCloud 5.1. Max is now 32 hosts.
    • Procedure
      • Enter the amount of storage  to allocate.
      • (Optional) Select the Enable  thin provisioning check box to enable thin provisioning for virtual machines in the organization vDC.
      • (Optional) Deselect the  Enable fast provisioning check box to disable fast provisioning for virtual machines in the organization vDC.
      • Click Next.
  • Select Network Pool
    • A network pool is a group of undifferentiated networks that is used to create vApp networks and NAT-routed or internal organization networks.
    • Procedure
      • Select a network pool or select None.
      • If you select None, you can  add a network pool later.
      • Enter the maximum number of networks that the organization can provision from the network pool.
      • Click Next.
  • Name the Organization vDC
    • You can provide a descriptive name and an optional description to indicate the vSphere functions available for your new organization vDC.
    • Procedure
      • Type a name and optional      description.
      • Click Next.
  • Confirm Settings and Create the Organization vDC
    • Before you create the organization vDC, review the settings you entered.
    • Procedure
      • Review the settings for the organization vDC.
      • (Optional) Click Back to modify the settings.
      • Click Finish to accept the settings and create the organization vDC.
  • When you create an organization vDC, vCloud Director creates a resource pool in vSphere to provide CPU and memory resources.

Explain the purpose and use case for storage options

  • Thin-provisioning
    • Thin provisioning can help avoid over-allocating storage and save storage space. For a virtual machine with a thin virtual disk, ESX/ESXi provisions the entire space required for the disk’s current and future activities.
    • ESX/ESXi commits only as much storage space as the disk needs for its initial operations.
    • Use cases are, to name a few,  development environments, storage-static workloads, Use of VAAI UNMAP thin-provisioning feature at maintenance windows etc.
  • Fast-provisioning
    • Fast provisioning saves time by using linked clones for virtual machine provisioning operations.
    • A linked clone is a duplicate of a virtual machine that uses the same base disk as the original, with a chain of delta disks to track the differences between the original and the clone. If fast provisioning is disabled, all provisioning operations result in full clones.
    • A linked clone cannot exist on a different vCenter datacenter or datastore than the original virtual machine.
    • vCloud Director creates shadow virtual machines to support linked clone creation across vCenter datacenters and datastores for virtual machines associated with a vApp template. A shadow virtual machine is an exact copy of the original virtual machine. The shadow virtual machine is created on the datacenter and datastore where the linked clone is created.
    • Fast provisioning is enabled by default on organization vDCs. Fast provisioning requires vCenter 5.0 and ESXi 5.0 hosts. If the provider vDC on which the organization vDC is based contains ESX/ESXi 4.x hosts, you must disable fast provisioning.
    • Use cases include fast-provisioning dev environments etc.

Configure storage provision options

  • View Shadow Virtual Machines Associated With a Virtual Machine
    • Shadow virtual machines support linked clones of virtual machines that are associated with vApp templates across vCenter datacenters and datastores.
    • A shadow virtual machine is an exact copy of the original virtual machine that vCloud Director creates on the datacenter and datastore where a linked clone is created.
    • Procedure
      • Click the Manage & Monitor tab and click Organizations in the left pane.
      • Right-click the organization name and select Open.
      • Click the My Cloud tab and click VMs in the left pane.
      • Right-click the virtual machine and select Properties.
      • Click the Shadow VMs tab.
        • This tab appears only for virtual machines that have associated shadow virtual machines.
      • vCloud Director shows a list of shadow virtual machines associated with the virtual machine. This list includes the name in vCenter of each shadow virtual machine, the datastore that each shadow virtual machine exists on, and the vCenter server that the shadow virtual machine belongs to.
  • Configure options
    • See Allocate Storage bullet in the Allocate resources to an Organization bullet.

Leave a Reply

Your email address will not be published. Required fields are marked *