This is an overview of the manual deployment process that you need to follow to set up and deploy your Oracle Cloud SDDC and associate it with VMware Cloud Director service.

The procedures below provide the information that you need to successfully configure VMware Cloud Director service service with Oracle Cloud VMware Solution, but do not include the full set of steps and instructions for working with the Oracle Cloud VMware Solution or with NSX Manager. For detailed instructions, follow the relevant links to the Oracle documentation and to the NSX Administration Guide.

Create an Oracle Cloud VMware Solution SDDC

To start providing resources for tenants to consume, you must create an Oracle Cloud VMware Solution SDDC.

Prerequisites

  • Verify that you have an Oracle Cloud account with VCN created for Oracle Cloud VMware Solution.
  • To create the Oracle Cloud VMware Solution, verify that you have a node quota allocated in Oracle.

Procedure

  1. Familiarize yourself with the deployment architecture and deployment preparation for the SDDC provisioning. See Learn About Deploying an SDDC to the Cloud chapter in the Oracle documentation.
  2. Create the Oracle Cloud VMware Solution SDDC. See Deploy the SDDC to the Cloud.
  3. Create a jump host VM and and allow controlled access to vCenter Server, NSX, and other services in remote networks. See Create the Computes.

Deploy the VMware Reverse Proxy Appliance and Associate Your VMware Cloud Director to the Oracle SDDC

To use infrastructure resources that are not publicly accessible and have only outbound access to the internet within your VMware Cloud Director service environment, you must set up your VMware Cloud Director instance to use the VMware proxy service.

Prerequisites

  • To be able to deploy the VMware reverse proxy, verify you have an available IP address on the vSphere distributed port group (DPG) network.
  • Create an NSX Manager certificate and include the FQDN of the NSX Manager instance as a CNAME in the NSX Manager certificate. Use the POST /api/v1/cluster/api-certificate?action=set_cluster_certificate API to replace the certificate of the manager cluster VIP. See Replace Certificates in NSX Administration Guide.

Procedure

  1. Create a VMware Cloud Director instance. See How Do I Create a VMware Cloud Director Instance.
  2. Generate an API token to use when you associate your VMware Cloud Director instance to your Oracle SDDC. See How Do I Generate a VMware Cloud Director service API Token.
  3. On the jump host VM, log in to VMware Cloud Partner Navigator, navigate to VMware Cloud Director service and generate the proxy appliance. See How Do I Configure and Download the VMware Reverse Proxy OVА.
    To generate the reverse proxy OVA, enter the following information.
    • In the Datacenter name text box, enter the vCenter Server name of the SDDC to which you are going to associate the VMware Cloud Director instance.
    • In the vCenter FQDN text box, enter the FQDN for the vSphere Client.
      Tip: Locate the FQDN by logging in to Oracle Cloud. Click Hybrid > VMware Solution > Software-Defined Data Centers > SDDC_name. The FQDN is visible under vCenter Information.
    • In the Management IP text box, enter the IP address used to connect to and to manage the vCenter Server instance.
      Tip: The management IP address is the vSphere Client client IP address that you can also find under vCenter information in your Oracle Cloud.
    • In the NSX URL text box, enter the URL for the NSX Manager instance.
      Tip: You can find the FQDN for NSX Manager by examining the certificate when you log in to NSX Manager.

      Locate the IP address to access NSX Manager in Oracle Cloud by clicking Hybrid > VMware Solution > Software-Defined Data Centers > SDDC_name. The IP address is visible under NSX Manager information.

    • Enter the list of the ESXi hosts that VMware Cloud Director must be able to access through the proxy connection.

      You can use either a CIDR range, for example, 10.1.1.1/24, or a list of specific IP addresses. Use new lines to separate list entries.

      Tip: To ensure that future additions of ESXi hosts don't require updates to the allowed targets, use a CIDR notation to enter the ESXi hosts in the allow list.

      To retrieve the management IP addresses for an ESXi host, click the ESXi host name in vCenter Server, and then click Configure > VMkernel Adapters. Make a note of the IP addresses of the adapters with Management activated.

  4. On the Oracle jump host VM, log in to the vCenter Server and deploy the OVA template. See Deploying the Reverse Proxy Appliance.
    • On the Select storage page, select the vsanDatastore to store the OVA template.
    • On the Select networks page, select vSphere DPG VLAN .
    • On the Customize Template page, make a note of the root password.
  5. Verify the proxy appliance connectivity.
    1. Power on the proxy appliance and log in to it as root.
    2. To verify the appliance has obtained an IP address, run ip a.
    3. To ensure that the service is active and running, run systemctl status transporter-client.service.
      Note: If the command results in an error, verify that DNS is working and it can access the internet.
    4. To verify the proxy appliance's connectivity, run transporter-status.sh.
    5. Run the command to diagnose any issues with the proxy appliance. 
      diagnose.sh -o OUTPUT_FILE
      See How Do I Troubleshoot the VMware Cloud Director service Proxy Client Appliance.
  6. In VMware Cloud Director service, navigate to the VMware Cloud Director instance from which you generated the proxy, and associate the data center through VMware Proxy. See How Do I Associate a VMware Cloud Director Instance with an SDDC via VMware Proxy.

Results

When the task completes, the SDDC shows up as a provider VDC in the VMware Cloud Director instance UI.

Configure Networking Connections

To provide network access to tenant workloads, allocate public IP addresses from the tier-0 for the tenant edge gateways and create DNAT rules.

Procedure

  1. Allocate public IP addresses for tenant edge gateways. See Public IP Addresses in the Oracle Cloud Infrastructure Documentation.
  2. Create DNAT rules on the tier-0 gateway for public IP access to the tenant edge gateways. See Managing NSX-T Data Center Edge Gateways in the VMware Cloud Director Service Provider Admin Portal Guide.
  3. To secure stable VPN connections, create an IKE VPN profile and an IPSec VPN profile in NSX with settings that are based on Oracle recommendations. See Supported IPSec Parameters in the Oracle Cloud Infrastructure Documentation. For details on how to add the profiles, see Adding Profiles in the NSX Administration Guide.

Results

Your VMware Cloud Director service instance is ready to deploy tenant VMs. For more information on how to use VMware Cloud Director service, see the VMware Cloud Director service documentation and the VMware Cloud Director documentation.