If your current vCloud Director environment of an earlier version uses an external PostgreSQL database, you can migrate to a new vCloud Director environment that consists of vCloud Director 9.7 appliance deployments. Your current vCloud Director environment can consist of vCloud Director installations on Linux or vCloud Director appliance deployments. The new vCloud Director environment can use the appliance embedded PostgreSQL databases in a high availability mode.

The migration workflow includes four major stages.
  • Upgrading the existing vCloud Director environment
  • Creating the new vCloud Director server group by deploying one or more instances of the vCloud Director 9.7 appliance
  • Migrating the external to the embedded database
  • Copying the shared transfer service data and the certificates data.

Procedure

  1. If your current external PostgreSQL database is of version 9.x, upgrade the external PostgreSQL database to version 10.
  2. Upgrade your current vCloud Director environment to version 9.7.

    See Upgrading vCloud Director and Patching the vCloud Director Appliance.

  3. Verify that the migration source vCloud Director restart is successful.
  4. On each cell of the upgraded vCloud Director environment, run the command to stop the vCloud Director service.
    /opt/vmware/vcloud-director/bin/cell-management-tool -u <admin username> cell –-shutdown
  5. On the external PostgreSQL database, back up the current database.
    sudo -u postgres path_to_pg_dump -Fc db_name > /tmp/db_dump_name

    If there is not enough free space on the /tmp folder, use another location to store the dump file.

  6. If the database owner and database name are different from vcloud, make a note of the user name and database name.

    You must create this user in the new environment and rename the database at Step 13.

  7. If you want the new vCloud Director environment to use the IP addresses of the existing environment, you must copy the properties and the certificates files to a location on the external PostgreSQL database and power off the cells.
    1. Copy the global.properties, responses.properties, certificates, and proxycertificates files located at /opt/vmware/vcloud-director/etc/ to the /tmp or any preferred location on the external PostgreSQL database.
    2. Power off the cells in the existing environment.
  8. If you want the new vCloud Director environment to use the NFS server of the existing environment, create and export a new directory on this NFS server as the new shared NFS mountpoint.

    You cannot reuse the existing mountpoint because the user and group IDs (UID/GID) of the users in the old NFS might not match the user and group IDs in the new NFS.

  9. Create the new server group by deploying one or more instances of the vCloud Director 9.7 appliance.
    • If you want to use the database high availability function, deploy one primary and two standby cells, and, optionally, one or more vCD application cells.
    • If you powered off the cells in the existing environment, you can use the original IP addresses for the new cells.
    • If you exported a new path on the existing NFS server, you can use this new shared mountpoint for the new environment.

    See Deploying the vCloud Director Appliance.

  10. On each newly deployed cell, run the command to stop the vCloud Director service.
    service vmware-vcd stop
  11. Copy the dump file from the /tmp folder on the external PostgreSQL database to the /tmp folder on the primary cell of the new environment.

    See Step 5.

  12. Change the permissions on the dump file.
    chmod a+r /tmp/db_dump_name
  13. Log in as root to the console of the newly deployed primary cell, and transfer the vCloud Director database from the external to the embedded database.
    1. Switch the user to postgres, connect to the psql database terminal, and run the statement to drop the vcloud database.
      sudo -i -u postgres /opt/vmware/vpostgres/current/bin/psql -c 'DROP DATABASE vcloud;'
    2. If the database owner of the existing external database is different from vcloud, create a user with the name that you noted at Step 6.
      sudo -i -u postgres /opt/vmware/vpostgres/current/bin/psql -c 'CREATE USER <db_owner_external_pg>;'
    3. Run the pg_restore command.
      sudo -u postgres /opt/vmware/vpostgres/current/bin/pg_restore -C -d postgres /tmp/db_dump_name
    4. If the database name of the existing external database is different from vcloud, change the database name to vcloud by using the name that you noted at Step 6.
      sudo -i -u postgres /opt/vmware/vpostgres/current/bin/psql -c 'ALTER DATABASE <db_name_external_pg> RENAME TO vcloud;'
    5. If the database owner of the existing vCloud Director environment is different from vcloud, change the database owner to vcloud, and reassign the tables to vcloud.
      sudo -i -u postgres /opt/vmware/vpostgres/current/bin/psql -c 'ALTER DATABASE vcloud OWNER TO vcloud;'
      sudo -i -u postgres /opt/vmware/vpostgres/current/bin/psql -d vcloud -c 'REASSIGN OWNED BY <db_owner_external_pg> TO vcloud;'
  14. On each newly deployed cell, back up and replace the configuration data, and reconfigure and start the vCloud Director service.
    1. Back up the properties and the certificates files, and copy and replace these files from the location on the external PostgreSQL database of the migration source, to which you copied the files in step 7a.
      The global.properties, responses.properties, certificates, and proxycertificates files are at /opt/vmware/vcloud-director/etc/.
      Important: If you are migrating to vCloud Director version 9.7.0.1 or later, you must also back up, copy, and replace the truststore file from the migration source, along with the other files.
    2. Back up the keystore file that is at /opt/vmware/vcloud-director/certificates.ks.

      Do not copy and replace with the keystore file from the migration source.

    3. Run the command to reconfigure the vCloud Director service.
      /opt/vmware/vcloud-director/bin/configure --unattended-installation --database-type postgres --database-user vcloud \
      --database-password db_password_new_primary --database-host eth1_ip_new_primary --database-port 5432 \
      --database-name vcloud --database-ssl true --uuid --keystore /opt/vmware/vcloud-director/certificates.ks \
      --keystore-password root_password_new_primary --primary-ip appliance_eth0_ip \
      --console-proxy-ip appliance_eth0_ip --console-proxy-port-https 8443 
      Where:
      • The --keystore-password value matches the initial root password of this appliance.
      • The --database-password value matches the database password that you set during the appliance deployment.
      • The --database-host value matches the eth1 network IP address of the primary appliance.
      • The --primary-ip value matches the eth0 network IP address of the appliance.
      • The --console-proxy-ip value matches the eth0 network IP address of the appliance.
      • The --console-proxy-port value matches the appliance console proxy port 8443.

      For troubleshooting information, see Reconfiguring the vCloud Director Service Fails When Migrating or Restoring to vCloud Director Appliance.

    4. Run the command to start the vCloud Director service.
      service vmware-vcd start

      You can monitor the progress of the cell startup at /opt/vmware/vcloud-director/logs/cell.log.

  15. After all cells of the new server group finish the startup process, verify that the migration of your vCloud Director environment is successful.
    1. Open the vCloud Director Web Console by using the eth0 network IP address of any cell from the new server group, https://et0_IP_new_cell/cloud.
    2. Log in to the vCloud Director Web Console with your existing system administrator credentials.
    3. Validate that your vSphere and cloud resources are available in the new environment.
  16. After the successful verification of the vCloud Director migration, use the vCloud Director Web Console to delete the disconnected cells that belong to the old vCloud Director environment.
    1. From the Manage & Monitor tab, click Cloud Cells.
    2. Right-click a cell name and select Delete.

You can deploy the vCloud Director appliance to add members to the server group of the migrated environment.

What to do next

The new migrated vCloud Director appliance environment uses self-signed certificates. To use the well-signed certificates from the old environment, on each cell of the new environment, follow these steps:

  1. Copy and replace the keystore file from the old cell to /opt/vmware/vcloud-director/data/transfer/certificates.ks.
  2. Run the cell management tool command to replace the certificates.

    Ensure that vcloud.vcloud is the owner of this file.

    /opt/vmware/vcloud-director/bin/cell-management-tool certificates -j -p --keystore /opt/vmware/vcloud-director/data/transfer/certificates.ks \
    --keystore-password ks_password_old_vCD
  3. Restart the vCloud Director service.
    service vmware-vcd restart
    

If you add new members to this server group, the new appliance cells are deployed with these well-signed certificates.