If your current VMware Cloud Director environment uses an external PostgreSQL database, you can migrate to a new VMware Cloud Director environment that consists of VMware Cloud Director appliance deployments. Your current VMware Cloud Director environment can consist of VMware Cloud Director installations on Linux or VMware Cloud Director appliance deployments. The new VMware Cloud Director environment can use the appliance embedded PostgreSQL databases in high availability mode.
- Upgrading the existing VMware Cloud Director environment
- Creating the new VMware Cloud Director server group by deploying one or more instances of the VMware Cloud Director appliance
- Migrating the external to the embedded database
- Copying the shared transfer service data and the certificates data
Procedure
- If your current external PostgreSQL database is of version 9.x, upgrade the external PostgreSQL database to version 10 or later.
- Upgrade your current VMware Cloud Director environment to version 10.3.x.
- Verify that the migration source VMware Cloud Director restart is successful.
- On each cell of the upgraded VMware Cloud Director environment, run the command to stop the VMware Cloud Director service.
/opt/vmware/vcloud-director/bin/cell-management-tool -u <admin_username> cell –-shutdown
- On the external PostgreSQL database, back up the current database.
pg_dump -U postgres -W -F p vcloud > /tmp/dump_file_name
If there is not enough free space on the /tmp folder, use another location to store the dump file.
- If the database owner and database name are different from
vcloud
, make a note of the user name and database name.You must create this user in the new environment and rename the database at Step 13.
- Copy the properties and certificates files of the existing environment to a location on the external PostgreSQL database, and power off the cells.
- Copy the global.properties, responses.properties, certificates.pem, certificates.key, proxycertificates.pem, proxycertificates.key, and truststore.pem files located at /opt/vmware/vcloud-director/etc/ to the /tmp or any preferred location on the external PostgreSQL database.
- Power off the cells in the existing environment.
- If you want the new VMware Cloud Director environment to use the NFS server of the existing environment, create and export a new directory on this NFS server as the new shared NFS mountpoint.
You cannot reuse the existing mountpoint because the user and group IDs (UID/GID) of the users in the old NFS might not match the user and group IDs in the new NFS.
- Create the new server group by deploying one or more instances of the VMware Cloud Director appliance.
- If you want to use the database high availability function, deploy one primary and two standby cells, and, optionally, one or more vCD application cells.
- If you powered off the cells in the existing environment, you can use the original IP addresses for the new cells.
- If you exported a new path on the existing NFS server, you can use this new shared mountpoint for the new environment.
See Deployment and Initial Configuration of the VMware Cloud Director Appliance.
- On each newly deployed cell, run the cell management tool command to stop the VMware Cloud Director service.
/opt/vmware/vcloud-director/bin/cell-management-tool cell -i $(service vmware-vcd pid cell) -s
- Copy the dump file from the /tmp folder on the external PostgreSQL database to the /tmp folder on the primary cell of the new environment.
See Step 5.
- Change the permissions on the dump file.
chmod a+r /tmp/db_dump_name
- Log in as root to the console of the newly deployed primary cell, and transfer the VMware Cloud Director database from the external to the embedded database.
- Switch the user to
postgres
, connect to thepsql
database terminal, and run the statement to drop thevcloud
database.sudo -i -u postgres /opt/vmware/vpostgres/current/bin/psql -c 'DROP DATABASE vcloud;'
- Create a new
vcloud
database.sudo -i -u postgres /opt/vmware/vpostgres/current/bin/psql -c 'CREATE DATABASE vcloud;'
- Restore the database.
sudo -i -u postgres /opt/vmware/vpostgres/current/bin/psql -U postgres -W -d vcloud -f /tmp/db_dump_name
- If the database owner of the existing VMware Cloud Director environment is different from
vcloud
, change the database owner tovcloud
, and reassign the tables tovcloud
.sudo -i -u postgres /opt/vmware/vpostgres/current/bin/psql -c 'ALTER DATABASE vcloud OWNER TO vcloud;'
sudo -i -u postgres /opt/vmware/vpostgres/current/bin/psql -d vcloud -c 'REASSIGN OWNED BY <db_owner_external_pg> TO vcloud;'
- Switch the user to
- On each newly deployed cell, back up and replace the configuration data, and reconfigure and start the VMware Cloud Director service.
- Back up the properties, truststore, and certificates files, and copy and replace these files from the location on the external PostgreSQL database of the migration source, to which you copied the files in Step 7 a.
The global.properties, responses.properties, truststore.pem, certificates.pem, certificates.key, proxycertificates.pem, and proxycertificates.key files are at /opt/vmware/vcloud-director/etc/.
- Run the command to reconfigure the VMware Cloud Director service.
/opt/vmware/vcloud-director/bin/configure --unattended-installation --database-type postgres --database-user vcloud \ --database-password db_password_new_primary --database-host eth1_ip_new_primary --database-port 5432 \ --database-name vcloud --database-ssl true --uuid --cert /opt/vmware/vcloud-director/etc/user.http.pem --key /opt/vmware/vcloud-director/etc/user.http.key --key-password root_password_new_primary --consoleproxy-cert /opt/vmware/vcloud-director/etc/user.consoleproxy.pem --consoleproxy-key /opt/vmware/vcloud-director/etc/user.consoleproxy.key --consoleproxy-key-password root_password_new_primary --primary-ip appliance_eth0_ip \ --console-proxy-ip appliance_eth0_ip --console-proxy-port-https 8443
Where:- The
--key-password
value matches the initial root password of this appliance. - The
--database-password
value matches the database password that you set during the appliance deployment. - The
--database-host
value matches theeth1
network IP address of the primary appliance. - The
--primary-ip
value matches theeth0
network IP address of the appliance. - The
--console-proxy-ip
value matches theeth0
network IP address of the appliance. - The
--console-proxy-port
value matches the appliance console proxy port 8443.
For troubleshooting information, see Reconfiguring the VMware Cloud Director Service Fails When Migrating or Restoring to VMware Cloud Director Appliance.
- The
- Run the command to start the VMware Cloud Director service.
systemctl start vmware-vcd
You can monitor the progress of the cell startup at /opt/vmware/vcloud-director/logs/cell.log.
- Back up the properties, truststore, and certificates files, and copy and replace these files from the location on the external PostgreSQL database of the migration source, to which you copied the files in Step 7 a.
- After all cells of the new server group finish the startup process, verify that the migration of your VMware Cloud Director environment is successful.
- Open the Service Provider Admin Portal by using the
eth0
network IP address of any cell from the new server group, https://eth0_IP_new_cell/provider. - Log in to the Service Provider Admin Portal with your existing system administrator credentials from the migration source.
- Validate that your vSphere and cloud resources are available in the new environment.
- Open the Service Provider Admin Portal by using the
- After the successful verification of the VMware Cloud Director migration, use the Service Provider Admin Portal to delete the disconnected cells that belong to the old VMware Cloud Director environment.
- From the top navigation bar, under Resources, select Cloud Resources.
- In the left panel, click Cloud Cells.
- Select an inactive cell and click Unregister.
You can deploy the VMware Cloud Director appliance to add members to the server group of the migrated environment.
What to do next
The new migrated VMware Cloud Director appliance environment uses self-signed certificates. To use the well-signed certificates from the old environment, on each cell of the new environment, follow these steps:
- Copy and replace the certificate and key files from the old cell to /opt/vmware/vcloud-director/data/transfer/cert.pem and /opt/vmware/vcloud-director/data/transfer/cert.key.
- Run the cell management tool command to replace the certificates.
Ensure that
vcloud.vcloud
is the owner of this file./opt/vmware/vcloud-director/bin/cell-management-tool certificates -j -p --cert /opt/vmware/vcloud-director/etc/cert.pem --key /opt/vmware/vcloud-director/etc/cert.key --key-password ks_password_old_VCD
- Restart the VMware Cloud Director service.
service vmware-vcd restart
If you add new members to this server group, the new appliance cells are deployed with these well-signed certificates.