You complete the Provider VM configuration in the VMware Data Services Manager Provider console.

Step 1: Satisfy the Prerequisites
Step 2: Login to VMware Data Services Manager
Step 3: Create an Organization
Step 4: Choose the user identity source, and configure an Organization Administrator user
Step 5: Configure access to database templates and software updates
Step 6: (Optional) Configure other settings
Step 7: Define a VM Plan
Step 8: Publish a database template
Step 9: Validate Provider Readiness for Onboarding

Audience

The procedures in this topic are performed by a VMware Data Services Manager user in the Provider Administrator role.

Step 1: Prerequisites

Before you begin configuring the Provider, ensure that:

  • You have installed and configured all the Hardware and Software Requirements.
  • You can identify your VMware Data Services Manager Provider Administrator console login credentials. These are the Provider email and Provider password specified when you deployed the Provider VM.
  • You can identify the IP address of the Provider VM. Use the IP address that is part of the Management network subnet to login to the Provider VM console. You had configured the Management network during the installation of the Provider .ova.

You must perform these tasks on a host that can access the Provider VM.

Step 2: Login to VMware Data Services Manager

Perform the following procedure to log in to VMware Data Services Manager:

  1. Open a browser window, and enter the Provider VM IP address.

  2. Provide your credentials to log in to the VMware Data Services Manager console.

Note: Irrespective of the web browser, always use an https:// URL to enter the Provider VM IP address.

Step 3: Creating an Organization

An Organization is a logical grouping of users. The Provider Administrator adds an Organization in the VMware Data Services Manager UI.

When the Provider Administrator adds an Organization, they must identify the VM Configuration Mode available to users in the Organization. The VM Configuration Mode identifies how VMware Data Services Manager determines the vCPU and memory resources initially available to a provisioned database VM. VMware Data Services Manager supports two modes of vCPU and memory resource configuration when a user in the Organization provisions a database:

  • Free Mode - The provisioning user specifies the vCPU and memory settings for the database VM.
  • Plans Mode - The vCPU and memory settings for the database VM are constrained by the currently configured VM plans (named, pre-defined combinations of compute and memory resources), one of which must be selected by the provisioning user.

Plans Mode requires that you define at least one VM plan for the VMware Data Services Manager installation (described in Step 7: Defining a VM Plan). No additional configuration is required on your part for Free Mode.

Procedure

Perform the following procedure to add an Organization to your VMware Data Services Manager installation:

  1. After logging in to VMware Data Services Manager, select Organizations from the left navigation pane.

    This action displays the Organizations view, a table that lists the configured organizations.

  2. Click CREATE ORGANIZATION in the upper right corner of the view.

    This action opens the Create Organization form.

  3. Specify the Organization Name, company Email address, and DB FQDN Suffix. The organization name must be unique.

  4. Select the desired service VM Configuration Mode for the organization.

  5. Click ADD to create the organization.

    The new organization is added to the table.

Step 4: Choosing the User Identity Source and Configuring an Organization Administrator User

VMware Data Services Manager user accounts can originate from two different identity sources: the Provider local database (Local user) and a configured LDAP server (LDAP user). VMware Data Services Manager manages Local users and LDAP users independently and differently.

You can choose to use one, or both, identity sources in your VMware Data Services Manager installation. For deployment, you must choose the identity source for an Organization Administrator user to manage the Organization that you created in Step 2. An Organization Administrator user has administrative privileges within an Organization, and is permitted to manage and monitor any service provisioned within the org.

Creating an Organization Administrator Local User

The Provider Administrator adds an Organization Administrator Local user in the VMware Data Services Manager UI, identifying the user's name, email address, password, and role. The Provider Administrator must also specify the Organization to which the user belongs.

Be sure to assign the Organization Administrator user the Admin role.

Procedure

Perform the following procedure to add an Organization Administrator Local user to your VMware Data Services Manager installation:

  1. Navigate to Users in the left pane.

    This action displays the Users view, a table that lists the configured users.

  2. Click CREATE USER in the upper right corner of the view.

    This action opens the Add User form.

  3. Set the following properties for this new Organization Administrator Local user:

    Property Name Value
    First name The first name of the user.
    Last name The last name of the user.
    Organization The organization to which to assign the user; use the drop-down list to select the organization that you just created.
    Email id The email address of the user. This is the user's login username in the VMware Data Services Manager console.
    Role The user's role in the organization; click the checkbox to assign the Admin role to this user.
    Password The password for the user. This is the user's login password in the VMware Data Services Manager console.
    Confirm Password Enter the password a second time.
    Contact Number The contact number for the user. Optional.
  4. Click ADD

    The new Local user is added to the table.

Configuring an LDAP Server

You can integrate VMware Data Services Manager with an external identity provider and import those users into an organization. The integration with Lightweight Directory Access Protocol (LDAP) enables an organization to use its existing LDAP service as a user source for VMware Data Services Manager.

To take advantage of this LDAP integration, you must configure an LDAP server for your VMware Data Services Manager installation. This server becomes the single LDAP user source for all organizations that are configured in VMware Data Services Manager.

Prerequisites

Before you configure an LDAP server, ensure that you can identify the server host address, domain, and the user name and password of a read-only service user.

The LDAP endpoint must be resolvable by the DNS server specified at the time of Provider VM deployment.

Procedure

Perform the following procedure to configure an LDAP server:

  1. Select Settings from the left navigation pane.

    This actions displays the Settings view, Information pane.

  2. Select the LDAP Settings tab to view and configure/update the LDAP settings.

  3. Set the LDAP properties:

    Property Name Value Required?
    Host Address The hostname or IP address of the LDAP server. Required
    Port The port number on which the LDAP server is listening. For LDAP, the default port number is 389. For LDAPS, the default port number is 636.
    Username The ID of a read-only user in the domain. Required
    Password The password of the user who is specified by Username. Required
    Domain The FQDN of the domain. Required
    Base Dn The base distinguished name identifies the location in the LDAP directory from which to start user searches. The default behaviour is for search to start from the root DN.
    Search Filter The filter that defines the criteria to restrict access. The default value is (&(&(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))(userPrincipalName=$username)) to filter from enabled users.
    Login Attribute The LDAP attribute to map to the VMware Data Services Manager Email Id. The default value is userPrincipalName.
    Firstname Attribute The LDAP attribute to map to the VMware Data Services Manager First Name.
    Lastname Attribute The LDAP attribute to map to the VMware Data Services Manager Last Name.
    TLS Enabled Check this box if your server is using LDAPS. Required
  4. Click SAVE or UPDATE to apply the LDAP settings.

  5. In the Trust LDAP Certificate dialog box, click CONTINUE.

    VMware Data Services Manager validates the LDAP settings that you provide, and returns an error if validation fails.

    Note: It may take a few minutes for VMware Data Services Manager to synchronize with LDAP.

Importing Provider Administrators from LDAP

You can import users from a previously-configured LDAP identity provider and assign them the Provider Administrator role in VMware Data Services Manager. You can configure the LDAP group-to-role mapping after Provider organization creation as described in the procedure below.

Procedure

Perform the following procedure to import users from LDAP and assign them the Provider Administrator role:

  1. Select Organizations from the left navigation pane.

    This action displays the Organizations view, a table that lists the configured organizations.

  2. Click in the row of the organization into which you want to import LDAP users.

    The Details tab appears.

  3. Click EDIT in the Organization Information section of the Details tab.

    The Update Organization dialog box appears.

  4. Specify the LDAP group to VMware Data Services Manager role mapping:

    Property Name Value
    Provider Groups The LDAP groups whose users you want VMware Data Services Manager to assign the Provider Administrator role.
  5. Click UPDATE.

    VMware Data Services Manager associates the LDAP users in the specified groups to the Provider Administrator roles in the organization.. These users can now log in to the VMware Data Services Manager console using their LDAP credentials.

Importing Organization Users from LDAP

You can import users from a previously-configured LDAP identity provider and assign them the Organization Administrator role in a VMware Data Services Manager Agent organization. You can configure the LDAP group-to-role mapping after Agent organization creation as described in the procedure below.

Procedure

Perform the following procedure to import users from LDAP and assign them the Organization Administrator role:

  1. Select Organizations from the left navigation pane.

    This action displays the Organizations view, a table that lists the configured organizations.

  2. Click in the row of the organization into which you want to import LDAP users.

    The Details tab appears.

  3. Click EDIT in the Organization Information section of the Details tab.

    The Update Organization dialog box appears.

  4. Specify the LDAP group to VMware Data Services Manager role mapping:

    Property Name Value
    Admin Groups The LDAP groups whose users you want VMware Data Services Manager to assign the Organization Administrator role in the organization.
    User Groups The LDAP groups whose users you want VMware Data Services Manager to assign the Organization User role in the organization.
  5. Click UPDATE.

    VMware Data Services Manager associates the LDAP users in the specified groups to the Organization Administrator and Organization User roles in the organization.. These users can now log in to the VMware Data Services Manager console using their LDAP credentials.

Step 5: Configuring Access to Database Templates and Software Updates

VMware releases certified VMware Data Services Manager database templates and software updates to Tanzu Network.

The Provider requires access to an S3-compatible object store and Tanzu Network to automatically obtain and locally store database templates and software updates:

Setting Name Description
Provider Repo S3-compatible object store that VMware Data Services Manager uses to store local copies of available database templates and software updates.
Tanzu Net Token Tanzu Network UAA API TOKEN that you generate from a Tanzu Network account.

VMware Data Services Manager saves a local copy of each database template and software update that it downloads from Tanzu Network to the Provider Repo.

After you configure both the Provider Repo and Tanzu Net Token, it may take about ten minutes for available database templates to propagate to the Provider.

Note: If you are deploying VMware Data Services Manager in an air-gapped environment (an environment with no internet connectivity), refer to Manually Populating Database Templates and Updates for the information required to manually populate these objects in the Provider Repo.

Procedure

Perform the following procedure to configure the Provider object storage repository and the Tanzu Network refresh token:

  1. Select Settings from the left navigation pane.

    This action displays the Settings view, which includes tabs for Information, Storage Settings, SMTP Settings, and LDAP Settings.

  2. Locate and select the Storage Settings tab.

  3. Examine the External Storage table, click the three vertical dots in the Actions column of the Provider Repo Url row, and then click Configure.

    This action opens the Configure Settings form.

  4. Set the following properties for the Provider repository:

    Property Name Value
    Setting Type The name of the object store setting - Provider Repo Url. (Read-only)
    Storage Type Select the type of storage from the drop-down list. You can choose S3_COMPATIBLE_STORAGE or AWS.
    AWS Region If you selected the AWS storage type, specify the AWS region for the object store.
    Storage URL1 The URL to the object store. If you do not specify the protocol, VMware Data Services Manager assumes it to be https.
    Access Key The access key for the object store.
    Secret Key The secret key for the object store.
    Bucket Name The name of the bucket.

    1 If you selected the AWS Storage Type, refer to the Amazon Simple Storage Service documentation describing the URL endpoints for specific regions.

    1. Click SAVE to save the Provider Repo object storage settings.
  5. Click the Information tab.

  6. Locate the Tanzu Net Token pane, click on the ACTIONS drop-down, and then select Add or Update from the pop-up menu.

    The Add Refresh Token or Update Refresh Token dialog box appears.

    Note: You can generate the Tanzu Net Token from the **Profile** section of Tanzu Net account page.
  7. Enter your Tanzu Network UAA API TOKEN in the field provided, and then click SAVE.

    Note: VMware Data Services Manager begins to download the database templates and software updates. The time that the downloads take to complete is dependent upon the number of objects and the network latency between the Provider VM and Tanzu Network. You can check the status from **Operations** pane of the VMware Data Services Manager UI.

Step 6: Configuring Other Settings

While these tasks are not required for deployment, you may choose to configure other settings for your VMware Data Services Manager installation at this time:

Step 7: Defining a VM Plan

A VM plan is a named, pre-defined combination of compute and memory resources. When you configure a VM plan, you provide a name, a number vCPUs, and a memory amount in GBs.

If you chose Plans Mode when you configured the Organization, you must define one or more VM plans that a user can choose from to specify the resources allotted to a provisioned database VM.

Note: This configuration step is not required for Organizations that you configured to use the Free Mode service of VM Configuration Mode.

Procedure

Perform the following procedure to define a new VM plan:

  1. Select VM Plans from the left navigation pane.

    This action displays the VM Plans view, a table that lists the configured VM plans.

  2. Click ADD NEW VM PLAN in the upper right corner of the view.

    This action opens the Add VM Plan form.

  3. Set the desired resource configuration properties:

    Property Name Value
    Plan name The name of the VM plan.
    vCPU The number of vCPU cores to assign to a provisioned database VM.
    Memory The amount of memory (in GBs) to allocate to a provisioned database VM.
  4. Click ADD.

    The new VM plan is added to the table.

Step 8: Publishing a Database Template

Configuring the Provider Repo and Tanzu Net Token in Step 4: Configuring Access to Database Templates and Updates prompts VMware Data Services Manager to automatically pull VMware-certified database templates and make them available to the installation.

Publishing a database template makes a specific version of a service available for provisioning. For example, a database template may exist for PostgreSQL version 11.8.

You must publish at least one database template before users can provision a database, and any database template that you publish becomes available to all users in all organizations.

Procedure

Perform the following procedure to publish a database template:

  1. Select Database Templates from the left navigation pane.

    This action displays the Database Templates view.

  2. Examine the database templates listed in the table, identify the database template that you wish to publish, and navigate to that table row.

  3. Click on the Action column value, and select Publish from the pop-up menu.

    The Publish Template dialog box appears.

  4. Click CONFIRM.

    Note: Publishing a database template may take some time.
  5. Monitor the status of the publish operation.

    If the operation completes successfully, the database template's Status in the table changes to PUBLISHED.

Step 9: Validating Provider Readiness for Onboarding

The version of a Agent onboarded with VMware Data Services Manager must be compatible with the version of the Provider. At initial deployment, VMware Data Services Manager cannot determine this compatibility until after database templates are downloaded to the Provider Repo.

You can validate Provider readiness for onboarding by viewing the Provider Status. The Provider Status located in the Environments view displays the following information:

  • The Agent Min Version identifies the minimum Agent version number supported by the Provider.
  • The Agent Max Version identifies the maximum Agent version number supported by the Provider.
  • The Provider Status identifies the status of Provider readiness for onboarding.

A Ready to onboard Provider Status indicates that the Provider is ready and prepared to accept onboarding requests for new Agents (whose version is within the specified mininum-maximum range).

Also ensure that you perform the following validation steps:

  1. From the left navigation pane, select System Audit.

  2. Set System Audit Events per page (at the bottom of the table) as 100.

  3. For the DSM RELEASE Component, ensure that the Event Type is DSM LOAD RELEASES and the Event Details is DSM Release N.N.N processed successfully, where N.N.N represents the current release of VMware Data Services Manager.

    Note: You can click the column headers to arrange the rows in alphabetic order.

Next Steps

You have completed the required minimal configuration of the Provider. Next:

  • Provide the following information to the Organization Administrator user:

    • The VMware Data Services Manager URL (i.e. the Provider VM IP address).
    • The Local user's login credentials to the VMware Data Services Manager console, or instruct the user to log in with their LDAP creds.
  • You may choose to log in to VMware Data Services Manager and access the provider console to begin monitoring and managing the environment.

check-circle-line exclamation-circle-line close-line
Scroll to top icon