VMware Hands-on Labs - HOL-HBD-1481


Module 1 - vCloud Air: Architecture and Consumption Principles (15 Min)

Lab Guidance and Introduction


VMware announced the rebranding of VMware vCloud Hybrid Service to VMware vCloud Air on August 21st, 2014. The new name represents VMware’s transformation into a cloud services provider, and our plans to extend the vCloud Air beyond Infrastructure as a Service. The new name has been rolled out in marketing content and documentation, and it will begin to show up in service UIs, videos, and other assets in the weeks and months ahead. Some references to vCloud Hybrid Service remain in the lab manual.

HOL-HBD-1481 - vCloud Air Jump Start for vSphere Admins

This lab will provide you with the basic skills necessary to successfully navigate the vCloud Air User Interface (UI). After completing this lab, you will be able to:

The tasks above are split up into 4 Lightning Lab modules, each is designed to take between 15-30 minutes to complete. You will have a total of 90 minutes to complete this lab sitting. Depending on how much time you have available, you can go through this lab all at once, or choose to break them up over several lab sittings.

The tasks are broken up into the following modules:

Module 1: vCloud Air: Architecture and Consumption Principles

Duration: 15-30 minutes

Purpose: Understand the different service offerings, and navigate your way around the vCloud Air user interface

Lab Captain: Jeremy Cowan

 

Module 2: Identifying and Deploying Workloads in vCloud Air

Duration: 30 minutes

Purpose: Deploy your first virtual machine in the vCloud Air portal

Copy a virtual machine from your existing vSphere environment to vCloud Air

Lab Captain: Jeremy Cowan

 

Module 3: Administer vCloud Air resources from the vSphere web client

Duration: 30 minutes

Purpose: Learn how to administer vCloud Air using the vCloud Air plug-in for the vSphere web client.

Lab Captain: Carlos Munoz

 

Module 4: vCloud Air: Networking and Security Basics

Duration: 15-30 minutes

Purpose: Understand the basic network and security principles required to connect a virtual machine to an external network

Lab Captain: Chris Willingham

 

Next Steps: Upon completion of this lab, you may consider taking one of the following labs for additional guidance on vCloud Air:

HOL-HBD-1482 – vCloud Air Networking and Security

HOL-HBD-1483 – Managing Your Hybrid Cloud

ELW-HBD-1484 – vCloud Air Disaster Recovery (Expert-led workshop only) 

IMPORTANT! Please note that in this lab you are working in a fully self-contained SIMULATED vCloud Air instance. There is no external access from the lab environment to the internet. The simulated environment has limited resources assigned to it, the performance and stability of the lab may not match what you can expect from the publicly accessible hosted vCloud Air.

** COPY/PASTE NOTE - Please note that you will not be able to copy/paste from the user manual into the lab console. If you need to copy a username/password to enter into a lab exercise, please open and use the 'vPod Readme.txt' file that is on the desktop. If that doesn't work, you can also try the "Send Text" button found under the console window in the NEE interface.


vCloud Air Concepts


vCloud Air

vCloud Air is a secure Infrastructure as a Service (IaaS) cloud owned and operated by VMware.  It is built on the trusted foundation of vSphere and and is ideally suited for running existing Enterprise workloads as well as new applications.  With vCloud Air, IT administrators and architects now have a common platform for seamlessly extending existing data centers to the cloud, leveraging the same tools and processes they use today to manage their on premises environments.

Cloud Service Tiers

vCloud Air has two service tiers: Dedicated Cloud and Virtual Private Cloud (VPC).


 

Dedicated Cloud Details

 

Dedicated Cloud

Dedicated Cloud customers are provided physically isolated pools of vCPU and vRAM.  The compute nodes for Dedicated Cloud are also air-gapped for enhanced security. Network and Storage, on the other hand, are logically isolated on a modern, high-end, multi-tenant infrastructure with appropriate resource guarantees in place for consistent and predictable performance. Lastly, VMware provisions a separate management stack for each Dedicated instance.

The Dedicated Cloud baseline offering starts with 30 GHz of Compute (vCPU) capacity, 120 GB of vRAM, and 6TB of Storage.  3 public IPs are also provided, as well as a 50 Mbps network link that is burstable to 1 Gbps.  Customers can increase the capacity of their dedicated clouds by purchasing additional blocks of storage and compute in the increments you see above.  

 

 

Virtual Private Cloud Details

 

Virtual Private Cloud

Virtual Private Cloud customers are provided pools of vCPU, vRAM Network and Storage using the same design architecture as Dedicated Cloud customers, however, these resources are logically isolated. Thanks to the power of VMware vSphere and vCloud Director, tenants are provided strict guarantees to those resources and load is evenly balanced across the infrastructure, ensuring robust and scalable services to everyone in the cloud.

The Virtual Private Cloud offering includes 5 GHz of Compute (vCPU) capacity burstable to 10GHz, 20 GB of vRAM, and 2TB of Storage to start. In addition, 2 public IPs are provided, as well as a 10 Mbps network link, burstable to 50 Mbps.  As with the Dedicated Cloud, customers can increase capacity of their Virtual Private Clouds by purchasing additional resources in the block sizes reflected above.  

 

 

Virtual Data Center (vDC)

Each cloud instance type includes utilizes the Virtual Datacenter (vDC) construct.  In a Dedicated Cloud a customer could have multiple virtual datacenters (vDC) with each vDC owning a subset of the global resources. In the case of a Virtual Private Cloud a customer only has access to 1 vDC. It is via this vDC construct that VMs are deployed and managed.

 

vCloud Air User Interface


This section will cover how to log in and explore the different administrative tabs within the vCloud Airs user interface.


 

IMPORTANT

 

**This lab is a facsimile of the vCloud Air.  Issues that might arise in this environment are not an indicator of the performance or reliability of the actual service.

*Before you launch Firefox and attempt to login make absolutely sure the DesktopInfo watermark on the desktop says Ready (see graphic).

 

 

Login to vCloud Air

 

Launch Firefox from the desktop.  If the login page for vCloud Air doesn't load, follow step #1, otherwise proceed to step #2.

  1. Enter the URL: https://portal.vchs-int.vmware.com
  2. Username: hol@vmware.com
  3. Password: VMware1#
  4. Click the button labeled "Sign In" to login to vCloud Air

 

 

Top Level Dashboard View

 

This is the main Dashboard view and it's what you will see when you initially log on to the service. The Dashboard is divided into several sections.

  1. These bars represent the amount of each resource - CPU, memory, and storage - that the subscriber has purchased.  The green fill is a visual representation of the resources that have been allocated to the Virtual Data Centers (vDCs) that appear below the heading Virtual Data Centers.  In this lab, all of the available resources have been assigned to the vDC called HOL-DC1-VPC1-3, however, in a Dedicated Cloud you have the option of creating and distributing the resources among multiple vDCs.
  2. Each box that appears in this list is a Virtual Data Center.  A vDC is a logical construct that allows you to subdivide the global resource pool into smaller pools for use inside of vDC.  It also allows you to create logically isolated environments.  vDCs can be created for the different phases of development, such as development, staging, and production.  Or you can align vDCs according to business unit, e.g. sales, marketing, etc.      
  3. These are the "global view tabs". If you wanted to see all Virtual Machines across all vDCs, or all of the Gateways across all vDCs you would select one of these tabs.
  4. By clicking on this icon, you can retrieve the list of users that have been granted access to this tenant.
  5. Displays the number of VMs that have been provisioned.
  6. Number of public IPs used and available

Please click on the the vDC called HOL-DC1-VPC1-3 before moving on to the next section

 

 

Working Within the vDC

This section will cover the Virtual Data Center user interface.

 

 

Usage and Allocation View

 

We are now looking at a specific Virtual Data Center. This section is divided into several sections.

  1. This tab shows the resources that have been allocated to this vDC as well as the amount of those resources currently being consumed by the VMs, templates, and media inside of this VDC.
  2. This is a link for the vCloud Director (vCD) Interface which is used to do advanced configuration.
  3. Tabbed area to access other features of this vDC.

Because this is a Virtual Private Cloud (VPC), we do not have the ability to rename or edit the properties of this vDC.  With a VPC, all of the resources are automatically allocated to the default vDC.  If this were a Dedicated Cloud, you would have the ability to edit the properties of the vDC, including its size.

Please click on the Virtual Machines tab below the blue arrow before continuing.

 

 

Virtual Machine View

 

  1. Ordinarily this is where you'd see a list of the VMs that have been provisioned, their owners, the amount of resources allocated to them, and so on.  However, since there are no virtual machines in this vDC yet, all we see is the button for deploying a new virtual machine.
  2. This button will be used to deploy your first VM. DO NOT SELECT THIS AT THIS TIME. This will be covered in a later module.  After creating a VM, this button will be replaced by an "add one" button that appears at the top of a grid listing the virtual machines in this vDC. Next to it, will be another button for managing the VMs in vCloud Director.

Please select the Gateways tab before proceeding to the next step.

 

 

Gateways View

 

This is where you view and manage the vCloud Networking and Security (vCNS) Edge gateways that are deployed inside of your vDC. These gateways can serve as a firewall, NAT router, network load balancer, DHCP server, and VPN concentrator. Because this is a VPC, we have only 1 gateway here.  In a Dedicated Cloud, you have the ability to create multiple Edge Gateways per vDC.

Please click on the box labeled HOL-DC1-VPC1-3 before continuing.

 

 

Gateway Details View

 

This is where you can configure NAT and firewall rules on the Edge Gateway.  We will look these tabs in greater detail in a later module.

To continue, please click on the Dashboard tab (#1) in the upper left hand corner, click the vDC labeled HOL-DC1-VPC1-3 under the Virtual Data Center heading, and then click the Networks tab.

 

 

Networks View

 

This is the Networks view. When you create a new vDC, 2 networks are automatically created for you: a default-routed network which is connected to the Edge and default-isolated network, which is not.   Here you can see the details of each of the different networks segment (you may have to use the scroll bar to see all the networks).  

  1. Clicking on the "manage in vCloud Director" button will launch the vCloud Director user interface where you can perform advanced configuration.
  2. The "Add one" button allows you to create a new network segment.
  3. This drop down button allows you to edit or delete an existing network.   

Note: each routed network segment consumes an interface on the Edge Gateway.  Each Edge Gateway has 9 available interfaces that you can use to create a variety of networking topologies.

Click on the Users tab before continuing to the next step.

 

 

Users View

 

This is the list of the users that have permission access this vDC. New users are first created "globally" at the annotation labeled #1.

 

 

Conclusion

This completes your introduction to the vCloud Air User Interface.

In Module 2, 3, and 4 you will use your knowledge vCloud Air to deploy new VM's, migrate workloads, and learn more about the networking and security features of the service.

Please close your browser now.

 

Role based access controls


There are two major roles in vCloud Air: Administrators and End-Users.  Administrators can be assigned different sub-roles (Account admins, VI admins, Network admins, Read Only admins and Subscription admins).  End-users have none of the above and can only have rights to deploy in a given Virtual Data Center (vDC) or Virtual Private Cloud (one or more).

There are 6 different rights available in a tenant when you create a new user.

They are:

Account Administrator

Virtual Infrastructure (VI) Admin

Network Administrator

Read-Only Admin

Subscription Admin

End User

These roles cannot be modified or extended. They are available as-is as part of the service.


 

Login to vCloud Air

 

1. Launch Firefox from the desktop and browse to https://portal.vchs-int.vmware.com/

2. In the user name field, type hol@vmware.com

3. In the password field, type VMware1#

4. Click the sign-in button

 

 

Dashboard View

 

Please click on the Users tab in the next to the annotation labeled #1 before continuing.

 

 

The Users UI

 

This is the global users view.  Here you can see a list of the users that have been created within this VPC.

All user management is done through this interface.  

To add a user:

1. Click the "Add Individual User" as shown in the picture above.

 

 

Role assignment

 

This form is where you entitle a new user and set his/her role within the service. Note: we will not be creating a user at this time.  This is merely here to show you how to create and user and assign it to a role group.

When you're done looking at the options on the screen, click the X in the upper right hand corner of the dialog box to close the window.

 

 

Conclusion

This concludes this module.  You can now close your browser windows and proceed to the next section.

 

Module 2 - Identifying and Deploying Workloads in vCloud Air (30 Min)

Deploy a machine from the Enterprise catalog


Introduction

This lab module is going to walk you through the steps of deploying your very first virtual machine in vCloud Air.


 

Launch the vCloud Air Portal

 

Double Click on the Mozilla Firefox icon on the desktop.

 

 

Login to the vCloud Air Portal

 

The home page for Firefox is set to the URL for vCloud Air.  If the page fails to load or another page load, please follow the directions below:  

  1. In the URL field, type https://portal.vchs-int.vmware.com
  2. Userid: hol@vmware.com
  3. Password: VMware1#
  4. Once the information has been entered, click Sign In button to login.

 

 

Select the "Virtual Machines" Tab

 

This is the vCloud Air dashboard.  From here we can a see the amount of resources that have been assigned to this cloud instance and the amount of those resources that have allocated to the virtual data center (vDC) HOL-DC1-VPC1-3.  You can also see the number of virtual machines that have been provisioned as well as the number of IP addresses that have been allocated.  Do not worry if your environment doesn't match the screenshot above; it will not affect this lab.

From the global tabs, click on the Virtual Machines tab that is circled in the picture.

 

 

Deploy a VM

 

This is the Virtual Machine tab.  From here you can create new VMs as well as modify existing VMs.  Aside from the Deploy a Virtual Machine button, the screen appears blank.  That's because this is a pristine environment with no pre-existing VMs to manage.  Once you create a VM, additional options to manage the VM will appear on the screen.  

When you're ready, click the Deploy a Virtual Machine button.

 

 

Select the Destination Virtual Data Center (VDC)

 

When you click on the Deploy a Virtual Machine button, the first thing you will be asked is where you want to provision this VM.  Since this is a Virtual Private Cloud, our only option is to select the default virtual data center (vDC) HOL-DC1-VPC1-3.  If this were a Dedicated Cloud, you would have an option to provision this VM into different vDCs so long as you created multiple vDCs.  

Select the Destination Virtual Data Center

  1. At the New Virtual Machine Pop-Up Window under Available Resources, select the HOL-DC1-VPC1-3 radio button.
  2. Click the green Continue button.

 

 

Select a VM from the My Catalog Tab

 

This is the Select template window.  When you create a new VM, you have the option of creating a VM from a template from the VMware catalog, a template that you've imported, or create a VM from scratch.  Templates that you import will appear on the My Catalog tab as seen above. For this example, we will be creating a VM from a template in the VMware catalog.  Since this is only a facsimile of the vCloud Air, the VMs that appear in the picture above are only shell VMs, i.e. there is no operating system installed.  

  1. Select the VMware Catalog tab.
  2. Click on the button labeled 64 bit next to CentOS 6.3 64 bit.
  3. When you select the button the green Continue button will display. Click the green Continue button.

Certain templates supplied by VMware, e.g. Windows Server, may incur a monthly usage charge.  VMware recommends that you ask your vendors to see whether moving a OS or application license to a public cloud service like vCloud Air will cause you to incur additional costs.

 

 

Configure your VM

 

From this screen you can assign your VM a name and assign it resources.  Unlike other public clouds that force you to use a VM of a particular size, vCloud Air allows you to allocate resources to a VM as you see fit.  Moreover, if you decide later that you need to increase or decrease the amount of resources assigned to a VM, you can do so without having to destroy it.  You also have the option of attaching the VM to different network segments during this phase which is useful when specific network and application architectures are required.  

  1. In the Name field type in the name for your virtual machine (this will be the name of your vApp): MyFirstVM
  2. In the Guest OS Name field, type the name of your guest OS: MyFirstVM
  3. Click the Change hyperlink next to allocated resources.  Leave the resource allocation unchanged.
  4. Click the Green Deploy This Virtual Machine button.

 

 

Wait for the VM to be deployed

 

  1. You will notice the status box on the top of the screen indicating the Virtual Machine is being created.
  2. You will also notice the spinning circle to the left of the name of the Virtual Machine.

After a virtual machine has been deployed, you can always adjust the size of the virtual machine by simply clicking on the "View & Edit Details" option within the Virtual Machine settings.

Provisioning the machine can take between 1-5 minutes in this environment depending on load.

 

 

Wait for the VM "created successfully" Message

 

  1. Wait for the Virtual Machine provisioning process to finish. When complete, the status will show a check mark with the message: "Virtual Machine MyFirstVM created successfully".
  2. When the minus sign and the banner indicating the virtual machine has been created successfully appear, proceed to the next step.

If the status does not update within 5 minutes, refresh your browser.

 

 

Power on VM

 

There are two ways you can power on the Virtual Machine you just created:

  1. Look to the left of the VM name and click the Power Button once to power on the VM -- OR --
  2. Place a check mark in the check box next to the VM name, and click the Power On button.

Use one of these methods to power on the Virtual Machine.

 

 

Validate the Machine Status

 

Once the Virtual Machine is powered on, the icon to the left of the VM name will turn green.

If you look under the MY VMs AT A GLANCE section, you can see the total number of VMs that are currently powered on.

 

 

Launch the Console

 

  1. Place a check mark next to the VM you just created
  2. Expand the Virtual Machine menu and select the Launch Console.

Note: The VM will not boot.  This is by design.  The template we provisioned the VM from is only a shell VM.  

 

 

Verify the console has launched

 

  1. Note how the Console for the MyFirstVM has launched.  The OS itself will not boot. This is by design.
  2. If you happen to click inside the VM console to explore, the way to escape out of the console is to press CTRL+ALT together.
  3. When you're finished looking at the console, click the close button in the upper right hand corner of the window.
  4. Close the rest of the open windows on the desktop.

 

 

Conclusion

Congratulations! You have deployed your first virtual machine from a catalog in vCloud Air.  You can now continue to the next section.

 

Copy an Existing Virtual Machine to vCloud Air


Introduction

This lab is going to walk you through the steps you need to perform to copy a virtual machine from your on-premises vSphere environment to vCloud Air. Copying a machine to vCloud Air involves a virtual appliance known as vCloud Connector (vCC).  Once the appliance is imported into your vSphere environment and properly configured, it will manifest itself as a plug-in for the vSphere client.  


 

Launch the VMware vSphere Client and Log On to the "vcsa-01a.corp.local" vCenter

 

  1. From the desktop double click on the VMware vSphere Client icon to launch the client.
  2. Ensure the vcsa-01a.corp.local is selected from the drop down box.   NOTE: THIS MAY NOT BE THE DEFAULT.  THIS IS CRITICAL FOR THE NEXT STEP.
  3. Type administrator@vsphere.local in the User name field.
  4. Type VMware1! in the Password field.
  5. Click the Login button.

 

 

Launch VMware vCloud Connector

 

  1. At the top left of the screen click the Home button.
  2. On the home page, click the vCloud Connector icon in the Solutions and Applications area.
  3. If you receive a warning. Ignore it and accept the link.
  4. The vCloud Connector Client will launch

NOTE:  IF YOU DO NOT SEE THE vCloud Connector icon, BE CERTAIN THAT YOU ARE CONNECTED TO THE VCSA-01A vCenter.  Please see the previous step.

 

 

Prepare to Add the Local vSphere environment to vCloud Connector

 

  1. In the Browser panel on the left, click on Clouds to select it.
  2. In the Objects panel, click the Add (green plus) icon.

Note: only clouds that have been previously registered with the vCloud Connector Server will appear in the "name" drop down field.  As part of the vCloud Connector setup, you register a vCloud Connector node for each cloud on the vCloud Connector Server.  The node registration includes the name and URL for the node. In this case, the local vSphere environment is referred to as Rainpole Local Datacenter.  If you're interested in learning about how to setup vCC, please consider registering for lab HOL-HBD-1482,  

 

 

Add the Rainpole Local Datacenter to vCloud Connector

 

The Add Cloud dialog box appears.

  1. In the Name field use the drop down box to select Rainpole Local Datacenter.
  2. In the Username field type: administrator@vsphere.local
  3. In the Password field type: VMware1!
  4. Click the Add button.

The Local vSphere will display in the Clouds tree in the Browser panel.

 

 

Verify the Rainpole Local Datacenter has been added to vCloud Connector

 

Verify that the Rainpole Local Data Center has been successfully added.

 

 

Prepare to Add the Rainpole_vCHS_Production Organization to vCloud Connector

 

  1. In the Browser panel on the left, click on Clouds to select it.
  2. In the Objects panel, click the Add (green plus) icon.

 

 

Add the Rainpole_vCHS_Production Organization to vCloud Connector

 

The Add Cloud dialog box appears.

  1. In the Name field use the drop down box to select Rainpole_vCHS_Production
  2. In the Username field type: hol@vmware.com
  3. In the Password field type: VMware1# Note that this is NOT the same password
  4. Click the Add button

 

 

Verify that the Rainpole_vCHS_Production Organization has been added to vCloud Connector

 

Verify that the Rainpole_vCHS_Production has been successfully added.

 

 

Verify That Both Clouds Display in vCloud Connector

 

  1. In the Browser panel both the Rainpole Local Data Center and the Rainpole_vCHS_Production clouds should display.

 

 

Update and Browse the Clouds Inventory

 

  1. It is very important to update the inventory for both the newly added clouds. To do so, click the Black Triangle to the left of the Rainpole Local Datacenter Cloud, and to the left of the Rainpole_vCHS_Production Cloud to expand the clouds.
  2. You may have to click each of these twice, once to connect and once to drop down the inventory.
  3. Collapse these trees by clicking on the Black Triangle again.

 

 

Prepare to Copy a Virtual Machine From "Rainpole Local Datacenter" to vCloud Air

 

  1. Click on the Rainpole Local Datacenter Cloud in the left panel.
  2. In the inventory panel click the Virtual Machines tab.
  3. Select Tiny VM.. This is a powered down virtual machine in the local vSphere environment.

To copy a VM to the vCloud Air using vCC, it first needs to be powered off.  If you know you're going to be moving a lot of data, e.g. > 300GB, you may want to consider doing an Offline Data Transfer (ODT) instead.  With an ODT, VMware will ship you a 12 TB appliance that you can copy your VMs and templates onto [using vCC].  Once you're finished copying your data to the encrypted drive, you return the drive to VMware, where upon arrival, the VMs and templates are imported directly into your environment.  

 

 

Copy a Virtual Machine From "Local vSphere" to vCloud Air

 

  1. Ensure the Tiny VM is selected. You will know this when the Tiny VM is highlighted in blue.
  2. Hover the mouse over the Actions menu (the one with the gear icon). This will cause a drop down list to appear with appropriate Virtual Machine actions. Click on the Copy action.

 

 

Configure the Virtual Machine Properties

 

  1. From the Cloud drop down ensure the the Rainpole_vCHS_Production Cloud is selected.
  2. In the Name field, enter MySecondVM for the virtual machine name.
  3. In the "Select a Catalog" area, highlight by clicking once on the the Rainpolecatalog.
  4. Click the Next button.

 

 

Select the Virtual Datacenter where the Virtual Machine will be Deployed

 

  1. Next to the Select VDC drop down box select the hol-dc1-vpc1-3 vDC.
  2. Click the Next button.

Note: All VMs copied to vCloud Air are thick provisioned.

 

 

Select Deployment Options

 

  1. Select the Deploy vApp after copy radio button,
  2. Unselect the Enable guest csutomization checkbox.
  3. Choose fenced from the Network Connection Mode drop down list.  
  4. Select the "hol-dc1-vpc1-3-default-isolated" as the Selected network configuration. This list is populated automatically with the networks within the vDC.
  5. Select Power on vApp after deployment checkbox.
  6. Select Remove temporary vApp template in destination vCloud catalog checkbox.
  7. Click Next to continue

 

 

In the Ready to Complete Page, Review the Selections to Continue

 

  1. Review the selections.
  2. Click Validate to continue.
  3. Click Finish once validation is complete.

You may see a warning saying "Detected high latency between the nodes. This warning can be safely ignored. If high latency is detected vCC will use HTTPS as the transfer protocol, otherwise it will use UDT, assuming UDT is enabled on the vCloud Connector (vCC) nodes.   

 

 

Monitor the Copy Task within vCloud Connector

 

  1. Once the copy task has started it is important to monitor the progress of the task. Note of the status of the copy will move quickly up to 60% and appear to pause.  Please wait until the progress bar reaches 100% before continuing. This could take as long as 5 minutes.

 

 

Log into the vCloud Air portal

 

Return to the desktop and launch Firefox, then enter the following information:

  1. URL: https://portal.vchs-int.vmware.com
  2. Userid: hol@vmware.com
  3. Password: VMware1#
  4. Once the information has been verified, click Sign In to login

 

 

Select the "Virtual Machines" Tab

 

  1. Select the Virtual Machines tab to open the Virtual Machines page.

 

 

Validate that the "MySecondVM" has Migrated and Powered On Successfully

 

  1. Verify the Virtual Machine is powered on by confirming the green icon to the left of the VM is green.
  2. Note that under the MY VMS AT A GLANCE section, you can see the total number of VMs that are powered on.

If your screen looks slightly different than this, that's okay.  The important thing is to see MySecondVM powered on. If the machine does not appear to be powered on, refresh your browser.

 

 

Navigate to the Virtual Machine Menu to Launch the Console

 

  1. Note the MySecondVM virtual machine in the VM list
  2. Click on the small black triangle to the right of the VDC-DC1-VPC1-3 to expand the virtual machine menu.
  3. Select Launch Console from the menu drop down list.

 

 

Launch the Virtual Machine Console

 

  1. Continuing from the previous step, expand the Virtual Machine menu for the MySecondVM and select the Launch Console.
  2. Note how the Console for the MySecondVM has launched.
  3. Please note that this is an empty VM shell and no operating system is installed.

 

 

 

Conclusion

Congratulations! You have successfully copied a VM to vCloud Air. You can now close your browser and proceed to the next module.

 

Module 3 - Administer vCloud Air resources from vSphere Web Client (30 Min)

Introduction to the vCloud Air Plug-in


This module will introduce you to the vCloud Air Plug-in for the vSphere web client.


 

About the vCloud Air Plug-in

 

vCloud Air vSphere Client Plug-in lets you view and manage your vCloud Air resources in the vSphere Web Client. After you install the plug-in and register your vCloud Air account with it, you can view all your Dedicated Cloud and Virtual Private Cloud instances in the vSphere Web Client. You can browse each cloud instance and manage its inventory of virtual data centers, gateways, networks, and virtual machines

 

 

Prerequisites

The following steps are for illustrative purposes only. The vCloud Air Plug-in has already been installed for you.

 

Note

If you use Active Directory to manage users, ensure that you do the following for the user account that you will use to install or upgrade the plug-in.

  1. Add the Active Directory user as a member of an Active Directory group.
  2. Add that Active Directory group as a member of the Administrators@vsphere.local group.

This is required to obtain the correct privileges for installing or upgrading the plug-in.

 

 

Installing the vCloud Air Plug-in on vSphere Web Client 5.5 Update 1 or Later

 

The following steps are for illustrative purposes only. The vCloud Air Plug-in has already been installed for you.

You use the vCloud Air Plug-in Installer to install the vCloud Air plug-in in vSphere Web Client 5.5 Update 1 or later. The installer is available by default in the vSphere Web Client Home page, under Inventories.

The installer connects to My VMware using the credentials that you provide, downloads the vCloud Air plug-in, and installs it in vSphere Web Client. The installer always installs the latest version of the plug-in.

Once you install the plug-in, the plug-in icon appears in the Home page of the vSphere Web Client.

The vCloud Air installer also enables you to upgrade the vCloud Air plug-in. Information about the current version installed and any updates available is displayed in the Getting Started page of the plug-in. You can click the Install latest update link to update the plug-in to the latest version.

 

 

Launching the vSphere Web Client

 

The following steps are for illustrative purposes only. The vCloud Air Plug-in has already been installed for you.

Double Click Mozilla Firefox Icon on the desktop

 

 

Logging into the vSphere Web Client

 

The following steps are for illustrative purposes only. The vCloud Air Plug-in has already been installed for you.

Log in using the following credentials

  1. User Name - administrator@vsphere.local
  2. Password - VMware1!

Please note that passwords are case-sensitive

 

 

Installing using the vCloud Air Installer

 

The following steps are for illustrative purposes only. The vCloud Air Plug-in has already been installed for you.

  1. Log in to vSphere Web Client 5.5 U1 with vCenter Server Single Sign-on administrator privileges.
  2. In the Home page, under Inventories, click the vCloud Air Installer icon (vCloud Air Installer).

 

 

Install vCloud Air plug-in

 

The following steps are for illustrative purposes only. The vCloud Air Plug-in has already been installed for you.

  1. In the vCloud Air Getting Started page, click the Install vCloud Air plug-in link under Basic Tasks

 

 

Install vCloud Air plug-in continued

 

The following steps are for illustrative purposes only. The vCloud Air Plug-in has already been installed for you.

In the Install vCloud Air Plug-in dialog box, do the following.

  1. Type your MyVMware username
  2. Type your MyVMware password
  3. Check the box to accept the vCloud Air Plug-in Terms and Conditions
  4. Click Install

When the download is complete, the following message appears in the message bar at the top of the Getting Started page: Log out and log back in to complete the installation.

 

 

Install Completed

 

The following steps are for illustrative purposes only. The vCloud Air Plug-in has already been installed for you.

When the download is complete, the following message appears in the message bar at the top of the Getting Started page: Log out and log back in to complete the installation.

 

Getting to know the vCloud Air Plug-in


In this lab we are going to walk through the various features and functions of the vCloud Air Plug-in


 

Accessing the vCloud Air Plug-in

 

After you install the vCloud Air plug-in, it appears as an icon in the Home page of the vSphere Web Client, in the Inventories section. It also appears in the navigation pane on the left.

What to do next

If this is the first time that you are using the vCloud Air plug-in, click the Register vCloud Air account link to register your account with the plug-in, or click Request account to create a new account.

 

 

Launching the vSphere Web Client

 

Double Click Mozilla Firefox Icon on the desktop

 

 

Accessing the vSphere Web Client

 

Connect to you on-premise vCenter where the vCloud Air Web Plug-in has been already installed for you

Navigate to https://vcsa-01a.corp.local:9443/vSphere-client or use the Site A Web Client bookmark located on the toolbar.

 

 

Logging into the vSphere Web Client

 

  1. Select the check box to Use Windows session authentication
  2. Click Login

Should the the Use Windows session authentication option not work you may manual enter the following credentials.

User Name: administrator@vsphere.local

Password: VMware1!

 

 

Register Your vCloud Air Account

 

  1. In the Home page of the vSphere Web Client, under Inventories, click the vCloud Hybrid Service icon.
  2. Click the Summary tab.
  3. Click Register vCloud Hybrid Service account.

 

 

Register Your vCloud Air Account continued

 

In the Register vCHS Account dialog box, complete the following information.

vCloud Air Server - The URL of the vCloud Air server: https://portal.vchs-int.vmware.com

  1. User Name - Your user name for the vCloud Air. Specify your full email address, hol@vmware.com
  2. Password - Your password for the vCloud Air VMware1#
  3. Click OK

 

 

Managing vCloud Air Cloud Instances

 

You can view and manage all your vCloud Air cloud instances in the vCloud Air plug-in. All Dedicated Cloud and Virtual Private Cloud instances appear in the inventory lists.

 

 

View Your Cloud Instances

 

In the vCloud Air plug-in, you can view a list of all your vCloud Air Dedicated Cloud and Virtual Private Cloud instances. You can view details about each instance, such as its available resources and the region in which it is based. You can also customize the list to display a subset of the information. Note that the specific information in the lab pod will not match these screen shots but the concepts are the same.

  1. In the vSphere Web Client Home page, under Inventories, click the vCloud Air icon
  2. In the vCloud Air Home page, select Cloud Instances in the navigation pane on the left.

All cloud instances associated with your vCloud Air account are displayed. You can view information about each instance. You can view the cloud instance name, its type, the geographic region in which it is based, and its available resources, including the number of available public IP addresses

As you can see in the example listed above only a single shared cloud instance is available.

 

 

View a Cloud Instance

 

You can view a Dedicated Cloud or Virtual Private Cloud instance to see summary information about the cloud and browse its inventory. Note that because of the reduced screen resolution in the lab instance, you may not see some of the information displayed in this screen shot. If you don't see the VPC name, region and available IPs you can shrink the left and right panels in the web client in order to display more information in the middle panel.

  1. Summary information includes the geographic region to which the cloud belongs
  2. The number of available IP addresses
  3. The amount of used and free resources.
  4. You can also follow the links to manage the cloud instance in either the vCloud Air portal or in vCloud Director.

As you can see we have plenty of resources available to deploy several virtual machines

 

 

 

Viewing Cloud instance objects

 

You can browse the cloud instance to see all its virtual data centers, virtual machines, templates, gateways, and networks. Detailed information is available at each level. For example, for virtual data centers, you can view the resource consumption, the virtual machine quota, whether the data center is locked or unlocked, and the objects it contains. For a virtual machine, you can view information such as its power state, the vApp and the virtual data center to which it belongs, its guest operating system, and its network settings.

Double-Click the Cloud instance you want to View

 

 

Viewing Virtual Datacenters

 

Click Virtual Datacenters to view Virtual Datacenter instances.

Navigating Virtual Datacenters

  1. Add a new Virtual Datacenter. Please note that you may only create a new Virtual Datacenter in Dedicated Cloud Instances. We are using a Virtual Private Cloud (VPC).
  2. Edit VM Quota of Virtual Datacenter
  3. All actions for selected objects

 

 

 

Viewing & Working with Virtual Machines

 

Click on Virtual Machines to view VMs deployed in vCloud Air instance

  1. Power on and suspend VM
  2. Take Snapshot
  3. All actions for selected objects

Now that we know how to navigate lets deploy a new VM using the vCloud Air Web Plug-in!

 

Deploying a Virtual Machine through the vCloud Air Plug-in


In this section we will guide you through deploying a new Virtual Machine to the vCloud Air through the Web Client Plug-in.


 

Launching the vSphere Web Client

 

Double Click Mozilla Firefox Icon on the desktop

 

 

Accessing the vSphere Web Client

 

Connect to you on-premise vCenter where the vCloud Air Web Plug-in has been already installed for you

Navigate to https://vcsa-01a.corp.local:9443/vSphere-client or use the Site A Web Client bookmark located on the toolbar.

 

 

Logging into the vSphere Web Client

 

  1. Select the check box to Use Windows session authentication
  2. Click Login

Should the the Use Windows session authentication option not work you may manual enter the following credentials.

User Name: administrator@vsphere.local

Password: VMware1!

 

 

Selecting a Cloud Instance

 

The first step we need to do is select the vCloud Air Instance we want to deploy to.

From the vCloud Air plug-in choose the cloud instances from the inventory list

 

 

Select your Cloud Instance

 

Double click hol-dc1-vpc1-3

 

 

 

Double click your available Virtual Datacenter

 

 

Creating a Virtual Machine from a Template

 

Prerequisites

You have a virtual data center in which to create the virtual machine. Virtual Private Cloud instances have a virtual data center by default. In Dedicated Cloud instances, you must create virtual data centers.

Procedure

  1. In the Summary tab, select Create new virtual machine from template from the Actions menu.

 

 

Naming your new virtual machine

 

  1. Type a name for the virtual machine. MyThirdVM
  2. Verify that you want to create the virtual machine in the selected virtual data center, or select a different one, and click Next.

You can view the resources available in each virtual data center

VM Name: MyThirdVM

 

 

Selecting a Template

 

  1. Select the template from which to deploy the virtual machine. Choose Cent OS 6.3 32 Bit
  2. Click Next

 

 

Customizing Resources

 

Customize the number of vCPUs, the amount of memory, and the amount of storage for the virtual machine. For the purposes of this lab please keep defaults.

Click Next

 

 

Selecting a Network

 

Select the network to which to connect the virtual machine.

All networks in the virtual data center, isolated networks and gateway networks, are listed. To get connectivity to the Internet and to use networking services such as NAT, firewall, or load balancing, connect the virtual machine to a gateway network.

You can connect a virtual machine to more than one network.

For the purposes of this lab. Please choose hol-dc1-vpc1-3-default-isolated. Click Next

 

 

Completing your VM deployment through the vSphere Hybrid Cloud Web Plug-in

 

Verify your configuration and click finish.

Your virtual machine is now being deployed on the vCloud Air!

 

 

Powering on your new VM

 

In the previous step you deployed a new VM to the vCloud Air using the web client plug-in. Wait until the Power State for the MyThirdVM shows "Powered Off". That will indicate that the VM has been created.

Locate your VM in Related Objects tab of your cloud instance.

Please note that the VM is powered off by default.

  1. Highlight the MyThirdVM and click power on.

 

 

 

 

Open Virtual Machine Console

 

Procedure

  1. Display the Virtual Machine
    1. In the vCloud Air Home page, click Cloud Instances and double-click the cloud instance that contains the virtual machine.
    2. In the Related Objects tab, click the Virtual Machines tab.
    3. Double-click the virtual machine. The virtual machine details appear.
  2. If the virtual machine is powered off, power it on by selecting Power On from the Actions menu.
  3. Click Launch Console

The console of the Virtual Machine running in your vCloud Air instance is now visible.

This VM is actually an empty shell and no operating system is present. Any PXE boot messages or OS not found messages seen at the console are normal and can safely be ignored.  

 

 

Create a Snapshot of a Virtual Machine

 

Procedure

  1. From the Actions menu, select Create Snapshot.

As you can see many of the basic functions that apply to on-premise virtual machines can also be achieved using the vCloud Air Web plug-in!

 

Module 4 - vCloud Air: Networking and Security Basics (30 Min)

Module 4 - vCloud Air: Networking and Security Basics


vCloud Air provides user-friendly management tools for networking and security.


 

Introduction to vCloud Air Gateways and Networks

Welcome! In this lab, you will be introduced to Gateways and Networks of the vCloud Air.

 

 

Access vCloud Air

 

To access vCloud Air, you'll first need to open a web browser. Click on the Firefox icon located on the desktop.

 

 

 

Login to vCloud Air

 

Enter the URL: https://portal.vchs-int.vmware.com/login or select the bookmark "VMware vCloud Hybrid Service" highlighted in the screenshot.

Username: hol@vmware.com

Password: VMware1#                      Please note, the password ends in #

Click on "Sign in"

 

 

Select Virtual Datacenter

 

From the main Dashboard, click on the Virtual Datacenter labeled "VDC-DC1-VPC1-3".

 

 

Select Gateway

 

Click on the "Gateways" tab from the Virtual Datacenter Details Dashboard.

 

 

Select Networks

 

By default, whenever you create a Virtual Datacenter, a Gateway is automatically created. Here you can see the details of the Gateway.

Notice a few of the details.

You can see the Gateway's IP address. Normally, this would be a publicly routable IP address, but here in the lab at VMworld, it will be a private IP address.

Observe that High Availability is enabled by default.

Next, click on the Network tab and take a look at your Virtual Datacenter's networks.

 

 

Manage in vCloud Director

 

In addition to the Gateway, two default networks are also created when a new Virtual Datacenter is created. One network is internally isolated, while the other is routed.

In order to perform any additional configuration on the Networks or Gateways, you will need to manage them within vCloud Director.

Click on the "Manage in vCloud Director" button.

 

 

View Org VDC Networks

You are now in the vCloud Director portal where you're presented with your two networks once again. From here, take a look at the available services to an Isolated and Routed network.

 

 

View Isolated Network Services

 

Select the first Isolated network by clicking on it, then right-click and select "Configure Services".

The isolated network is identified by Type where Type is "Isolated". Alternatively, you can resize the Name column width and choose "hol-dc1-vpc1-3-default-isolated"

 

 

View DHCP

 

Notice the only available feature is DHCP and that it is not enabled by default.

DHCP is the only feature because this is an Isolated network. Click on the "Cancel" button below.

 

 

View Routed Network Services

 

Select the Routed network by clicking on it. Then, right-click and select "Configure Services".

 

 

View DHCP (routed)

 

With a Routed network, there will be additional features available for configuration.

Due to the nature of a network that is routed, DHCP is disabled by default. One could enable it, but for most environments, it is best that IP addresses to be manually assigned and stay constant so that NAT, Firewall, and Load Balancing rules stay functional.

Click on the "NAT" tab to view the default settings.

 

 

 

View NAT

 

By default, no NAT rules exist.

Click on the "Firewall" tab to see the default Firewall settings.

 

 

 

View Firewall

 

By default, the Firewall on a Routed network is enabled. The default action of the Firewall is to deny all traffic.

Next, click on the "Static Routing" tab to view the default settings.

 

 

 

View Static Routing

 

By default, no static rules exist. This is where users would configure routes between networks within vCloud Air.

Click on the "VPN" tab to take a look at the VPN default settings.

 

 

 

View VPN

 

By default, VPN is disabled. Here, one would configure Site-to-Site edge gateway VPN tunnels.

Click on the "Load Balancer" to see the default settings.

 

 

 

View Load Balancer

 

By default, no Load Balancing rules are configured. Within the Load Balancing tab, one can set up virtual Pool Servers that distribute load to a collection of Virtual Machines.

Click on the "Cancel" button below to exit Configure Services.

 

 

 

View Edge Gateway

 

Now, let's take a look at the Edge Gateway configuration. Click on the "Edge Gateway" tab.

 

 

View Edge Properties

 

Select the Edge Gateway by clicking on it. Then, right-click and select "Properties".

 

 

View IP Settings

 

You are now presented with the Edge Gateway Properties page. From here, you can configure IP settings, IP Pools, Rate Limits and Syslog. Click on "Configure IP Settings".

 

 

 

View External IP

 

Here, you can see the Subnets and IP addresses assigned to the Gateway.

Congratulations! You've just completed the Introduction to vCloud Air Gateways and Networks module.

 

Introduction to vCloud Air NAT and Firewalls


Welcome! In this sub-module, you will be introduced to vCloud Air NAT and Firewalls.


 

Introduction

You will be creating a NAT and Firewall rule that would enable a virtual web server to communicate over an external network.

You won't be creating an actual web server in this lab; we'll only be creating the NAT and Firewall rules that would allow a fictitious web server with an IP address of 10.0.0.1 to communicate.

 

 

Access vCloud Air

 

To access vCloud Air, you will first need to launch a web browser. Click on the Firefox icon located on the desktop or taskbar.

 

 

Login to vCloud Air

 

Enter the URL: https://portal.vchs-int.vmware.com/login or select the bookmark "VMware vCloud Hybrid Service"

Username: hol@vmware.com

Password: VMware1#            Please note, the password ends in #

Then, click on the "Sign in" button.

 

 

Select Virtual Datacenter

 

From the main Dashboard, click on the Virtual Datacenter labeled “HOL-DC1-VPC1-3".

 

 

Select Gateways Tab

 

From the HOL-DC1-VPC1-3 Dashboard, click on the "Gateways" tab.

 

 

Select the Gateway

 

Select the gateway by clicking on it.

 

 

Add a NAT Rule

 

The vCloud Air web interface allows users to configure NAT and Firewall rules directly. First, start with NAT by selecting "Add a NAT Rule".

 

 

Determine source or destination

 

First, one must determine whether the rule will apply to inbound or outbound traffic. On vCloud Air, inbound traffic rules are defined by "Destination NAT" rules. Since the goal is to allow inbound traffic to reach a web server hosted on vCloud Air, please select "Destination NAT".

 

 

Add Destination NAT Rule

 

There are two IP addresses available because this vCloud Air account has two public IP addresses allotted to it.  Select the IP address for the Gateway to be used (192.168.220.103).

 

 

Designate protocol, port, and destination

 

  1. Select "TCP" under Protocol
  2. Type "80" for Original Port/Range
  3. For Translated (Internal) IP/Range, type the address of the web server 10.0.0.1
  4. Type "80" for Translated Port/Range
  5. Verify that "Enable this rule" is selected and click Save.

 

 

Verify successful NAT rule completion

 

There should now be a message at the top of the window showing a check mark and indicating successful update of the Gateway.

Please verify that the rule is correct and enabled. The switch should be green, the original IP should be 192.168.220.103 and port 80, with the translated IP set to 10.0.0.1 and port 80. The protocol should be TCP.

Please close the dialog box by clicking the X.

 

 

Configuring Firewall Rules

 

Next, please select "Firewall Rules".

 

 

Add Firewall rule

 

Please select 'Add a Firewall "Allow" Exception'.

 

 

Select Firewall

 

  1. First, name the rule "Web server".
  2. Verify "Enable this rule" is selected.
  3. Under Protocol, choose "TCP"
  4. Under Source, choose "Any".
  5. Type "80" for Source Port.
  6. Under Destination, choose "Specific CIDR ..." and type "192.168.220.103". That is the external IP address of the gateway. The NAT rule created earlier will relay the traffic to the web server VM.
  7. Type "80" for Destination Port.
  8. Click on Save.

 

 

Verify the Rule change

 

After a few moments, the status box will complete and a message will indicate success.

Please verify that the rule is correct and enabled. The switch should be green, the Source IP should be "Any:80" and the Destination IP should be "192.168.220.103:80". The protocol should be TCP.

Please close the dialog box by clicking on the X.

Congratulations! You have completed the lab and you've just set up a NAT rule and a Firewall rule that would allow external communication to a web server hosted on vCloud Air!

 

Conclusion

Thank you for participating in the VMware Hands-on Labs. Be sure to visit http://hol.vmware.com/ to continue your lab experience online.

Lab SKU: HOL-HBD-1481

Version: 20150226-105312