VMware CLOUD DIRECTOR 1.0 Bedienungsanleitung PDF herunterladen (Seite 12)

Network Requirements

The network that connects Cloud Director server hosts, the database server host, vCenter servers, and vShield

Manager hosts, must meet several requirements:

IP addresses

Each Cloud Director server host requires two IP addresses, so that it can

support two different SSL connections: one for the HTTP service and another

for the console proxy service. You can create these addresses through the use

of IP aliases or multiple network interfaces. You cannot create the second

address using the Linux ip addr add command.

Network Time Service

You must use a network time service such as NTP to synchronize the clocks of

all Cloud Director server hosts, including the database server host. The

maximum allowable drift between the clocks of synchronized hosts is 2

seconds.

Hostname Resolution

All host names specified during Cloud Director and vShield Manager

installation and configuration must be resolvable by DNS using forward and

reverse lookup of the fully-qualified domain name or the unqualified

hostname. For example, for a host named mycloud.example.com, both of the

following commands must succeed on a Cloud Director host:

nslookup mycloud

nslookup mycloud.example.com

In addition, if the host mycloud.example.com has the IP address 192.168.1.1, the

following command must return mycloud.example.com:

nslookup 192.168.1.1

Transfer Server Storage

To provide temporary storage for uploads and downloads, shared storage

must be accessible to all hosts in a Cloud Director cluster. The transfer server

storage volume must have write permission for root. Each host must mount

this storage at $VCLOUD_HOME/data/transfer

(typically /opt/vmware/cloud-director/data/transfer). Uploads and

downloads occupy this storage for a short time (a few hours to a day), but

because transferred images can be large, allocate at least several hundred

gigabytes to this volume.

Network Security

Connect all Cloud Director services to a network that is secured and monitored.

Cloud Director network connections have several additional requirements:

Do not connect Cloud Director directly to the Public Internet. Always

protect Cloud Director network connections with a firewall. Only port 443

(HTTPS) must be open to incoming connections from hosts outside the

Cloud Director cluster. Ports 22 (SSH) and 80 (HTTP) can also be opened

for incoming connections if needed. All other incoming traffic from a

public network must be rejected by the firewall. Table 1-8 lists the ports

used for incoming connections within a Cloud Director cluster.

Table 1-8. Ports That Must Allow Incoming Packets From Cloud

Director Hosts

Port Protocol Comments

111 TCP, UDP NFS portmapper used by

transfer service

920 TCP, UDP NFS rpc.statd used by transfer

service

Cloud Director Installation and Configuration Guide

12 VMware, Inc.

1 2 ... 7 8 9 10 11 12 13 14 15 16 17 ... 33 34

Kommentare zu diesen Handbüchern

Keine Kommentare

VMware CLOUD DIRECTOR 1.0 Bedienungsanleitung Seite 12

Kommentare zu diesen Handbüchern

Verwandte Produkte und Handbücher für Software-Handbücher VMware CLOUD DIRECTOR 1.0