База знаний

Manual

Information about VDC

A virtual data center (VDC) is an isolated collection of virtual resources dedicated to your organization.

Virtual data center resources:

  • Virtual processor cores vCPU. From 2GHz per virtual core.
  • Virtual RAM 
  • Storage (Storage policy) SATA, SAS or SSD.
  • Edge Gateway (VEG) - edge gateway, virtual gateway.

Edge Gateway is a cloud-based network management tool. It allows you to connect internal networks, as well as configure access to the Internet for virtual machines using a public IP address. VEG also allows you to configure Firewall, NAT, SSL and IPSec VPN, Load Balancing, etc.

Initially, each VDC creates one Edge Gateway, which is assigned an external IP address. One or more external IP addresses can be assigned to a VDC.

  • Data center network

The data center network allows you to connect your entire infrastructure. It is visible to all virtual machines and vApps in the data center. Any connection to external resources also goes through this network.

  • Catalogs

The Catalogs can store templates for virtual machines and vApps, installation images (ISO) of the OS. Initially, your VDC is given access to public catalogs that contain vApp templates and installation images (ISO) of popular operating systems.

  • Virtual machines (VM)

Virtual machines are the main component of the cloud infrastructure. They use cloud resources and are suitable for hosting applications and services. By default, there are no VMs created in the VDC. VMs can be deployed from templates or built from scratch.

  • vApp containers

vApp is a logically separate part of the cloud that allows you to combine VMs into a group. In vApp, you can create your own isolated network, which will be visible only to the VM inside this vApp.

You can use the dedicated resources however is suitable for you. You can create a new virtual machine and manage its resources. It is also possible to create independent vApps with isolated networks.

Access to the VDC is carried out using the login and password that you received from the manager. VCloud Director control panel addresses:

For Moscow site:

https://iaas-mow.linxdatacenter.com/tenant/YourOrgID/ 

For St. Petersburg site:

https://iaas-ru.linxdatacenter.com/tenant/YourOrgID/ 

For Warsaw site:

https://linxcloud.linxdatacenter.com/tenant/YourOrgID/

Using VDC catalogs

You have an access to vCloud Director public and your organization's catalogs. Initially, there are no catalogs in the organization.

Press Menu pastedGraphic.png and select Libraries to view catalogs and content.

vApp Templates - vApp templates.

Media & Other - ISO images.

Catalogs - public and organization catalogs.

pastedGraphic_1.png

To create a catalog:

  1. Go to Catalogs and click New.
  2. In the window that appears, specify:
    Name - enter the name of the catalog.
    Description - provide a description of the catalog. This will help you understand in the future what this catalog is used for.
    Pre-provision on specific storage policy - enable to specify the storage policy for the directory Click OK.

pastedGraphic_2.png

To allow access to the catalog for other users in your organization:

Click and select Share. In the window that appears, click ADD. Select Share with everyone in the organization to provide access to all users in the organization. Select Share with specific users or groups to specify particular users.

  • Access Level - specify the access level:
  • Read Only
  • Change
  • Full Control (full access)

To upload a file (ISO, OVA, etc.) to a catalog:

  1. Select Libraries from the menu.

pastedGraphic_3.png

  1. If you want to download ISO or some other file, select Media & Other on the left and click Add. In the window that appears, specify:

Catalog - the directory where the file will be uploaded.

Name - the name of the file as it will appear in the catalog. For example, Windows_Server_2016.iso

Select media to upload - select the file to be uploaded.

pastedGraphic_4.png

  1. If you want to download an OVA or OVF template, select vApp Templates on the left and click Add. In the Select Source window that appears, specify:

Browse - select the file to be uploaded. Click Next. 

pastedGraphic_5.png

In the Review Details window, check the template information and click Next. In the Select vApp Template Name window, specify:

Name - the name of the template.

Description - description of the template.

Catalog - select the catalog where the template will be loaded. Click Next.

In the Ready to Complete window, check the template settings and click Finish. The template will start downloading to the catalog.

pastedGraphic_6.png

Virtual machines and vApp

A virtual machine (VM) is a virtual computer consisting of a processor, memory, disks, and network adapters. You can install operating systems of the Windows, Linux, etc. on a virtual machine, as well as on a physical server. Unlike a physical server, a virtual machine is not tied to specific equipment and uses part of the shared resources.

VMs are created in the vApp container. One vApp can have multiple VMs. vApp allows you to combine VMs into groups, which in turn simplifies administration. For example, you can create one vApp for a test environment and another for a productive one. In this case, you will have the opportunity to isolate them using different networks. All VMs inside vApp can be turned on or off with one button.

There are two ways to create a VM:

  • Using the template

It is enough to select a template with the desired OS from the catalog and determine the amount of resources that will be allocated to this VM. The VM will be automatically deployed and configured. VM templates with popular OS are available in the Public Catalogs section.

  • Configure VM manually

When you create a VM from scratch, you have more options for customization and configuration. You can create an empty VM, which will contain only the parameters of the future VM, and separately load your own OS image.

vApp creation

  1. In Compute section, select vApps and click NEW VAPP

pastedGraphic_7.png

  1. In the window that appears, specify the following parameters:

Name - enter the name of the application or service you want to deploy.

Description - enter a description. This will help you in the future to understand what this vApp is used for.

  1. Click ADD VIRTUAL MACHINE to add a VM. In the window that appears, specify:

Name - VM name.

Computer name - the name of the computer inside the guest OS.

Description - enter a description. This will help you in the future to understand what this VM is used for.

Type - select New to create an empty VM. Select From Template to create a VM from a template.

Operating System - In this section, specify the OS family and version. Select the ISO to download if required.

Size - set the VM parameters: the number of CPUs, the amount of RAM, the capacity of the virtual disk. Click Customize to set the parameters manually.

Networking - connect a VM to a virtual network. Click ADD to add a network adapter and select a network.

Click OK. 

Click CREATE.

pastedGraphic_8.png

Creating vApp from a template

To create a vApp from a template:

  1. Go to Menu -> Libraries.
  2. On the left, in the vApp Templates section, select the required template. You can only view templates from a specific catalog by enabling the Catalog column filter. pastedGraphic_9.png

  1. Select a template, click and select Create vApp .pastedGraphic_10.png

  1. In the window that appears, specify:

Name - enter the name of the vApp.

Description - enter a description. This will help you in the future to understand what this vApp is used for.

Runtime lease - how long the vApp will run before it is automatically shut down. Use

Never Expires so that the vApp is not automatically turned off.

Storage lease - vApp lifetime after shutdown. Use Never Expires so that the vApp is not automatically deleted after shutdown.

Click Next.

  1. At the Configure Resources step, select the data center (vDC) and storage (storage policy): SATA, SAS, SSD or NVMe. 

Click Next.

pastedGraphic_11.png

  1. At the last step, check the parameters of the future vApp and click Finish. Wait for the vApp creation to complete.

OS installation. The example of Windows Server 2016

  1. To connect the installation disk (ISO file) select the required VM in the section Virtual Machine. Click Actions and select Insert Media.

pastedGraphic_12.png

  1. In the window that appears, select the OS image from the available catalogs. Click Insert to connect the image to the VM.
  2. Click Actions and select Power On to turn on the VM.
  3. Proceed with the OS installation. Click Actions. From the list that appears, select Launch VM Remote Console or Launch Web Console to connect to the VM in a browser.

Note that the mouse may not work on a Windows virtual machine prior to installing VMware Tools. For initial configuration, use the keyboard. Tab - to switch between items, Space or Enter - to select or continue.

If Remote Console is not installed on your computer, select Download VMRC and install the console from the official VMware website.

pastedGraphic_13.png

VMware Tools installations

Once OS on the VM is installed, it is necessiry to install VMware Tools.

VMware Tools is a software that enhances the virtual machine operating system and improves virtual machine management. If the virtual machine does not have this package installed, then the guest operating system is missing some important functions and capabilities.

To install VMware Tools: 

1) Click on Actions. Select Install VMware Tools. After that, the installation ISO will be connected to the VM.

2) Proceed with the installation of VMware Tools. Click Actions. In the list that appears, select

Launch VM Remote Console or Launch Web Console to connect to a VM in a browser.

pastedGraphic_14.png

Network management

By default, a virtual data center-level network is created in the VDC.

vApp network creation

You can set up an isolated network for an individual vApp. The created network will be available only for virtual machines hosted in this vApp. To create a vApp network:

  1. Go to Compute -> vApps.
  2. Select the required vApp and click DETAILS.
  3. Go to the Networks tab. Click NEW.
  4. Select vApp Network. Indicate:

Name - the name of the network. 

Description - description of the network. 

Gateway - gateway address.

Network mask - network mask.

Primary DNS and Secondary DNS - DNS server addresses.

Static IP Pool - a range of network IP addresses. Click ADD.

pastedGraphic_15.png

Data center network creation

You can create a virtual data center (VDC) level network yourself. All vApps in your organization can be connected to such a network. To create a VDC layer network:

  1. Go to the Networks section. Click NEW.
  2. In the menu that opens, specify:

Org VDC is a virtual data center where the network will be created.

Name - the name of the network. 

Description - description of the network.
Type - network type:

  • Isolated network within this Virtual Data Center is an isolated network.
  • Routed network connecting to an existing edge gateway - the network that will be connected to the gateway (VEG). By default, the VDC already has one Edge Gateway. The network can be configured to access the Internet. If you select Routed network, select the gateway to which the network should be connected. Interface type - internal.

Share this network with other VDCs in this organization - check this box to make the network available to other VDCs in your organization.

Network Gateway CIDR - IP address of the network default gateway and mask. For example, if the gateway address is 192.168.0.1 and the mask is 255.255.255.0, then you need to specify 192.168.0.1/24.

Primary and Secondary DNS - IP addresses of DNS servers. Enable the Use gateway DNS option if you want to use VEG to process DNS requests.

Static IP pool - the range of IP addresses that will be used on the network. For example, 192.168.0.2-192.168.0.254.

Click SAVE.

pastedGraphic_16.png 

Setting up Internet access from the data center network

To connect a VM to the network:

  1. Go to the vApps section
  2. Select the vApp you want and click DEATILS
  3. Go to the Networks tab and click NEW
  4. Select Organization VDC network. In the list that appears, select the network to which the vApp will be connected, then click ADD.

pastedGraphic_17.png

pastedGraphic_18.png

  1. Go to the Details tab in the same vApp. In the VMs list, click on the required VM.
  2. In the window that opens, go to the Hardware section. In the NICs section, select the network to which the VM will be connected. Check the Connected checkbox. In the IP Mode field, select:
  • Static - IP Pool - the virtual machine will receive an IP address from the address pool configured for the network.
  • Static - Manual - this option will allow you to manually set the IP address for the VM. IP Address field will become active. You can also specify the IP address inside the OS of the virtual machine.
  • DHCP - the virtual machine will receive an IP address via DHCP. A DHCP server must be available on the network. DHCP can be configured to VEG.

Click SAVE to save the settings.

pastedGraphic_19.png

Setting up VEG for Internet access

  1. Go to Networking -> Edges. Click on VEG. The parameters of the selected VEG are displayed below.
  2. The IP Addresses section contains the external IP address of the VEG and the name of the external network. These parameters are required to configure NAT and Firewall. Memorize them or write them down.

pastedGraphic_20.png

  1. Click CONFIGURE SERVICES.

4) In the NAT tab, click + SNAT RULE to create a SNAT rule that will allow the VM from the internal network to go to the Internet using the external IP address of the VEG. In the rule settings window, specify:

Applied on - external network connected to VEG (see point 2).

Description - enter a description. This will help you understand in the future what the rule was created for.

Original (Internal) source IP / range - specify the range of addresses of the data center network, which the VMs are connected to. You can also specify the entire network, for example 192.168.0.0/24.

Translated (External) source IP / range - specify the external IP address of the VEG (see item 2).

Enabled - enable the rule.

Click KEEP to add the rule. Click Save changes.

pastedGraphic_21.png

pastedGraphic_22.png

  1. Go to the Firewall tab and click +. A row of the new rule will appear in the table.

By default, the Firewall is in Deny mode - traffic blocking. It is recommended to follow this principle for the rules: everything is prohibited except the allowed traffic. Thus, in the rules, you specify which traffic to allow.

To create a rule, specify:

Name - the name of the rule. For example, the Internet.

Source - specify the range of addresses which access is granted for. You can also specify the entire network, for example 192.168.0.1/24. Use internal to specify all internal networks.

Destination - in this case, you need to allow "any external address". Use the external value.

Service - in this case, you need to allow any protocol. Click +, set the value to any.
Action Accept.

pastedGraphic_23.png

  1. Click Save changes.

Connect to the virtual

Port forwarding

Port forwarding through NAT is required to provide access to the virtual machine from the outside. For example, you can create appropriate rules for connecting to a virtual machine via RDP or SSH, open access to a website or application.

To configure port forwarding:

1) Go to Networking -> Edges. Click on VEG. Click CONFIGURE SERVICES.

2) In the NAT tab, click + DNAT RULE to create a DNAT rule that will allow you to connect to the VM on the internal network using the external IP address of the VEG. In the rule settings window, specify:

Applied On - external network connected to VEG (See "Configuring VEG for Internet access" p. 2)

Description - enter a description. This will help you understand in the future what the rule was created for.

Original (External) IP / range - specify the external IP address of the VEG (See "Configuring VEG for Internet access" p. 2)

Translated (Internal) IP / range - specify the IP address of the virtual machine to which you want to connect.

Protocol - specify the used protocol: TCP or UDP.

Original port - specify the port that will be accessible from outside. For security reasons, it is recommended to use ports other than the default ports. For example, TCP port 3389 is used for the RDP protocol. In the Original port field, you can specify 53389. Translated port - specify the port to which you want to connect on the virtual machine. For RDP, TCP port 3389 is used.

Enabled - enable the rule.

Click KEEP to add the rule. Click Save changes.

3) Go to the Firewall tab and click +. A row of the new rule will appear in the table. To create a rule, specify:

Name - the name of the rule.

Source - specify the address which you plan to connect from.

To allow connections from any address, use the value any

Destination - external IP address of the VEG (See "Configuring VEG for Internet access" p. 2). 

Service - click +, specify the used protocol: TCP or UDP.

Source port - use any value.

Destination port - the same value as in the "Original port" field of item 2.

Action – Accept.

Click KEEP to add the rule. Click Save changes.

Setting up IPsec VPN 

IPsec VPN allows you to access servers located in the cloud from your local network. This type of VPN securely connects two networks: for example, a local office network and a virtual data center network.

Some of the settings must be done on the router of your network. The following describes the settings that need to be made on the virtual gateway (Edge gateway).

  1. Go to Networking -> Edges. Click on VEG. Click CONFIGURE SERVICES
  2. In the window that appears, go to the VPN section. Select IPsec VPN Sites and click +. 

pastedGraphic_24.png

  1. In the window that appears, fill in:

Enabled - enable the service.

Name - the name of the IPsec VPN connection.

Local Id and Local Endpoint - specify the external IP address from the list of available external IP addresses for the organization.

Local Subnets - enter the list of subnets of the organization that you want to access from the remote network.

Peer Id and Peer Endpoint - specify the external IP address of the remote network router.

Peer Subnets - specify the list of remote subnets that you want to access from the virtual data center.

Encryption Algorithm - AES256 is recommended. This parameter must be the same on the VEG and on the remote network router.

Pre-Shared Key - enter a key similar to that specified in the IPsec VPN connection settings on the LAN router.

Diffie-Hellman Group - We recommend using the latest available. This parameter must be the same on the VEG and on the remote network router.

  1. Click Keep and Save changes to save the settings.
  2. Go to the Activation Status tab and enable the IPsec VPN Service Status option.

Click Save changes to save your settings.

The necessary NAT and Firewall rules will be created automatically.