After creating your vCloud Director server group, you can configure the external PostgreSQL database to require SSL connections from the vCloud Director cells and adjust some database parameters for optimal performance.

The most secure connections require a well-signed SSL certificate, which includes a complete trust chain rooted in a well-known public certificate authority. Alternatively, you can use a self-signed SSL certificate or an SSL certificate that is signed by a private certificate authority, but you must import that certificate to the vCloud Director truststore.

To obtain optimal performance for your system specification and requirements, you can adjust the database configurations and autovacuum parameters in the database configuration file.

Procedure

  1. Configure SSL connections between vCloud Director and the PostgreSQL database.
    1. If you used a self-signed or private certificate for the external PostgreSQL database, from each vCloud Director cell, run the command to import the database certificate to the vCloud Director truststore.
       [root@cell1 /opt/vmware/vcloud-director/bin]#cell-management-tool import-trusted-certificates --source path_to_self-signed_or_private_cert
    2. Run the command to enable SSL connections between vCloud Director and PostgreSQL.
       [root@cell1 /opt/vmware/vcloud-director/bin]# cell-management-tool reconfigure-database --database-ssl true
      You can run the command against all cells in the server group by using the --private-key-path option.
       [root@cell1 /opt/vmware/vcloud-director/bin]# cell-management-tool reconfigure-database --database-ssl true  --private-key-path path_to_private_key
    For more information about using the cell management tool, see Cell Management Tool Reference.
  2. Edit the database configurations in the postgresql.conf file for your system specification.
    For example, for a system with 16 GB of memory, you can use the following fragment.
    max_connections = 500
    # Set effective cache size to 50% of total memory.
    effective_cache_size = 8GB
    # Set shared buffers to 25% of total memory
    shared_buffers = 4GB
  3. Edit the autovacuum parameters in the postgresql.conf file for your requirements.
    For typical vCloud Director workloads, you can use the following fragment.
    autovacuum = on
    track_counts = on
    autovacuum_max_workers = 3
    autovacuum_naptime = 1min
    autovacuum_vacuum_cost_limit = 2400
    The system sets a custom autovacuum_vacuum_scale_factor value for the activity and the activity_parameters tables.

What to do next

If you edited the postgresql.conf file, you must restart the database.