Secure, reliable operation of vCloud Director depends on a secure, reliable network that supports forward and reverse lookup of host names, a network time service, and other services. Your network must meet these requirements before you begin installing vCloud Director.
- IP addresses
vCloud Director server must support two different SSL endpoints. One endpoint is for the HTTP service. The other endpoint is for the console proxy service. These endpoints can be separate IP addresses, or a single IP address with two different ports. You can use IP aliases or multiple network interfaces to create these addresses. Do not use the Linux
ip addr add command to create the second address.
The vCloud Director appliance uses its
eth0IP address with custom port 8443 for the console proxy service.
- Console Proxy Address
The IP address configured as the console proxy endpoint must not be located behind an SSL-terminating load balancer or reverse proxy. All console proxy requests must be relayed directly to the console proxy IP address.
For an installation with a single IP address, you can customize the console proxy address from the Service Provider Admin Portal. For example, for the vCloud Director appliance, you must customize the console proxy address to vcloud.example.com:8443.
- Network Time Service
- You must use a network time service such as NTP to synchronize the clocks of all vCloud Director servers, including the database server. The maximum allowable drift between the clocks of synchronized servers is 2 seconds.
- Server Time Zones
- All vCloud Director servers, including the database server, must be configured to be in the same time zone.
- Host Name Resolution
All host names that you specify during installation and configuration must be resolvable by DNS using forward and reverse lookup of the fully qualified domain name or the unqualified hostname. For example, for a host named
vcloud.example.com, both of the following commands must succeed on a
vCloud Director host:
nslookup vcloud nslookup vcloud.example.comIn addition, if the host vcloud.example.com has the IP address 192.168.1.1, the following command must return vcloud.example.com:
nslookup 192.168.1.1Reverse DNS lookup of the
eth0IP address is required for the appliance. The following command must succeed in your environment:
host -W 15 -R 1 -T <eth0-IP-address>