To initiate a trust establishment between two cloud sites with VMware Cloud Director Availability instances, you initiate pairing from either of the two sites. Depending on the VMware Cloud Director Availability versions in the sites, to complete establishing the trust, you perform the pairing procedure in the local and the remote sites or only in the local site.

Depending on the VMware Cloud Director Availability version in the cloud sites, use the appropriate pairing process:
  • To pair site A and site B, both running version 3.5 or newer, perform the following pairing procedure from both sites:
    1. From site A, initiate the pairing process with site B.
    2. From site B, complete the pairing process with site A.
  • To pair a site X running version 3.5 or newer and a site Y running version 3.0.x, perform the following steps:
    1. In the X site, allow the administrative access from public IPs. For more information, see Allow Public Administrative Access to VMware Cloud Director Availability.
    2. In the Y site, initiate and complete the pairing process with the X site.

      When pairing from the Y site, you must provide the password of the root user. For more information, see Pair 3.0.x Cloud Sites.

    3. In the X site, after completing the pairing process, restrict the administrative access from public IPs. For more information, see Restrict Public Administrative Access to VMware Cloud Director Availability.

Prerequisites

Verify that all the VMware Cloud Director Availability appliances are configured in both cloud sites:
  • Cloud Replication Management Appliance
  • Cloud Replicator Appliance(s)
  • Cloud Tunnel Appliance

Procedure

  1. Log in to the management interface of the Cloud Replication Management Appliance.
    1. In a Web browser, go to https://Appliance-IP-Address/ui/admin.
    2. Select Appliance login or SSO login and enter the root or the single sign-on user credentials.
    3. Click Login.
  2. In the left pane, click Sites.
  3. On the Cloud sites page, click New Pairing.
  4. In the New Pairing window, configure the connection to the cloud site, and to initiate the trust between the two sites click Pair.
    Option Description
    Site name Provide an exact match of the remote cloud site name.
    Service Endpoint Enter the external VMware Cloud Director Availability Service Endpoint URL of the remote site. For port, you can use the external DNAT-ed port (443 by default) and if the Tunnel Services are internally visible between both sites, you might use the internal address and port of the Tunnel Service:8048.

    For example, https://remote-vcda.provider.com:443.
    Description Optionally provide a description for the cloud site pair.
  5. To complete the first half of the pair process, verify the thumbprint and accept the remote Cloud Service SSL certificate.
    VMware Cloud Director Availability initiates the trust between the two sites.
  6. To complete the pairing, log in to the remote cloud site and pair with the local site by repeating this procedure.
    VMware Cloud Director Availability establishes the trust between the two sites.
  7. On the Cloud sites page, verify that the new cloud site is listed and does not show any errors.

What to do next

You can configure new replications, after modifying the default replication policy for both the source and for the destination organization to allow replications. Alternatively, a custom replication policy that is assigned to the source and to the destination organizations must allow replications. For information about the replication policy, see Configuring Replication Policies in VMware Cloud Director Availability User Guide.