You can create a VMware Cloud Director server group by installing the VMware Cloud Director software of one or more Linux servers. Installation and configuration of the first group member creates a response file that you use to configure additional members of the group.
Service providers, sub-providers, and tenants can use the VMware Cloud Director API to test connections to remote servers, and to verify the server identity as part of an SSL handshake. To protect VMware Cloud Director network connections, configure a deny list of internal hosts that are unreachable to tenants who are using the VMware Cloud Director API for connection testing. Configure the deny list after the VMware Cloud Director installation or upgrade and before granting tenants access to VMware Cloud Director. See Configure a Test Connection Denylist.
Prerequisites
- Verify that the target servers for your server group meet the VMware Cloud Director Hardware and Software Requirements.
- Verify that you created an SSL certificate for each endpoint of the target servers for your server group. All directories in the pathname to the SSL certificates must be readable by any user. Using the same certificate and key paths on all members of a server group simplifies the installation process, for example /tmp/cert.pem and /tmp/cert.key. See Before You Create SSL Certificates for Your VMware Cloud Director on Linux.
- Verify that you prepared an NFS or other shared storage volume that is accessible to all target servers for your VMware Cloud Director server group. See Preparing the Transfer Server Storage for Your VMware Cloud Director on Linux.
- Verify that you created a VMware Cloud Director database that is accessible to all servers in the group. See Configure an External PostgreSQL Database for Your VMware Cloud Director on Linux. Verify that the database service starts when you reboot the database server.
- Verify that all VMware Cloud Director servers, the database server, all vCenter systems, and the associated NSX-V Manager instances can resolve each host name in the environment as described in Network Configuration Requirements for VMware Cloud Director.
- Verify that all VMware Cloud Director servers and the database server are synchronized to a network time server with the tolerances noted in Network Configuration Requirements for VMware Cloud Director.
- If you plan to import users or groups from an LDAP service, verify that the service is accessible to each VMware Cloud Director server.
- Open firewall ports as shown in Network Security Requirements for VMware Cloud Director. Port 443 must be open between VMware Cloud Director and vCenter Server systems.