When configuring VMware Data Services Manager, a vSphere administrator sets up vSphere resources for databases, providing DSM administrators and users with access to these resources. During this configuration, the vSphere administrator creates infrastructure policies that establish limits, or guardrails, on the quality and quantity of resources DSM users can consume from vSphere clusters.
When creating databases, DSM users can rely on predefined infrastructure policies and availability and performance standards they provide. DSM users do not need to have in-depth understanding of the underlying hardware details of the infrastructure.
At the same time, the vSphere administrators have visibility into the usage of the infrastructure, and can view and monitor the database workloads running in their infrastructure.
Use the vSphere Client to configure VMware Data Services Manager.
Step 1: Satisfy the Prerequisites
Step 2: Configure IP pools
Step 3: Create VM classes
Step 4: Choose the user identity source, and assign a user role
Step 5: Configure infrastructure policies
The procedures in this topic are performed by a vSphere administrator.
Before you begin configuring VMware Data Services Manager, ensure that:
You perform these tasks using the vSphere Client.
IP pools are a collection of available IP addresses used for dynamic IP assignment for databases. They facilitate efficient distribution and management of IP resources. A vSphere administrator is responsible for regulating database IP assignment.
As an vSphere administrator, use the vSphere Client to create IP pools.
In the vSphere Client, navigate to vCenter server, click the Configure tab, and click IP Pools under VMware Data Services Manager.
This action displays the IP Pools view that you use to create and manage the IP pools.
Click Create.
The Create IP Pool form opens.
Enter appropriate parameters.
Property Name | Value |
---|---|
IP Pool Name | The name of the IP Pool. |
IP Ranges | Comma separated IP ranges and addresses. IP addresses can be specified as individual IPs (10.10.10.10, 10.10.10.11, 10.10.10.12) or a range (10.10.10.10-10.10.10.12). Note: You cannot add a range of IP addresses that use a different gateway or subnet mask. |
Subnet Prefix | CIDR prefix for this IP Pool. |
Gateway | Gateway address for this IP Pool. |
Click Create.
The new IP pool appears on the list of available IP pools. You can see its details by expanding it.
You can later edit or delete an IP pool. When editing or deleting the IP pool, follow these guidelines:
You can edit or delete the IP pool that is not associated with any infrastructure policies.
If the IP pool is associated with the infrastructure policy, but is not used by a database, you can edit the IP pool, but you cannot delete it.
When the IP pool is associated with the infrastructure policy and is used by the database, you can only add new IP ranges to the pool, but you cannot change any other parameters. You cannot delete this type of IP pool.
A VM class specifies the compute and memory resources allotted to a provisioned database VM. Default VM classes are available, but you can also configure custom VM classes.
When you configure a VM class, you provide a name, a number of vCPUs, and a memory amount in GiBs.
Perform the following procedure to define a new VM class:
In the vSphere Client, navigate to vCenter server, click the Configure tab, and click VM Classes under VMware Data Services Manager.
This action displays the VM Classes view. You can view and manage available default VM classes or create new.
To create a new VM class, click Create.
This action opens the Create VM Class form.
Set the appropriate resource configuration properties:
Property Name | Value |
---|---|
VM Class Name | The name of the VM class. |
vCPU | The number of vCPU cores to assign to a provisioned database VM. |
Memory | The amount of memory (in Gi) to allocate to a provisioned database VM. |
Click Create.
The new VM class is added to the table.
You can later edit or delete a VM class. When editing or deleting the VM class, follow these guidelines:
A vSphere administrator assigns DSM Admin and DSM User roles to users so that they can access Data Services Manager (DSM).
VMware Data Services Manager user accounts can originate from two different identity sources: the DSM local database (Local user) and a configured LDAP server (LDAP user). VMware Data Services Manager manages Local users and LDAP users independently and differently.
You can choose to use one, or both, identity sources in your VMware Data Services Manager installation.
As a vSphere administrator, use the vSphere Client to create a local user, specifying the user's role, email address, and password.
In the vSphere Client, navigate to vCenter server, click the Configure tab, and click Permissions under VMware Data Services Manager.
This action displays the Permissions view that you use to create and manage the users.
Click LOCAL DSM USERS.
This action displays a table that lists the configured users.
Click Create.
The Create Permission form opens.
Set the following properties for this new Local DSM user:
Property Name | Value |
---|---|
Role | The user's role in the organization. You can select one of the following options:
|
The email address of the user. This is the user's login username in the VMware Data Services Manager console. | |
Password | The password for the user. For the password, use minimum 8 and Maximum 20 characters, at least one uppercase letter, one lowercase letter, one number and one special character(?!@#$%^&*).This is the user's login password in the VMware Data Services Manager console. |
Click CREATE
The new Local user is added to the table.
You can later edit users and change their role assignments, or delete a user.
You can integrate VMware Data Services Manager with an external identity provider. The integration with Lightweight Directory Access Protocol (LDAP) enables you to use an existing LDAP service as a user source for VMware Data Services Manager.
To take advantage of this LDAP integration, the vSphere administrator must first configure an LDAP server for the VMware Data Services Manager installation. This server becomes the single LDAP user source for VMware Data Services Manager.
Before you configure an LDAP server, ensure that you can identify the server host address, domain, and the user name and password of a read-only service user.
The LDAP endpoint must be resolvable by the DNS server specified at the time of VMware Data Services Manager deployment.
As a vSphere administrator, perform the following procedure to configure an LDAP server:
In the vSphere Client, navigate to vCenter server, click the Configure tab, and click LDAP Settings under VMware Data Services Manager.
This action displays the LDAP Settings view that you use to configure and manage LDAP.
Click CONFIGURE LDAP.
This action displays the Configure LDAP form.
Set the LDAP properties:
Property Name | Value | Required? |
---|---|---|
Host Address | The hostname or IP address of the LDAP server. | Required |
Port | The port number on which the LDAP server is listening. For LDAP, the default port number is 389. For LDAPS, the default port number is 636. | |
Username | The ID of a read-only user in the domain. | Required |
Password | The password of the user who is specified by Username. | Required |
Domain | The FQDN of the domain. | Required |
Base Dn | The base distinguished name identifies the location in the LDAP directory from which to start user searches. The default behaviour is for search to start from the root DN. | |
Search Filter | The filter that defines the criteria to restrict access. The default value is (&(&(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))(userPrincipalName=$username)) to filter from enabled users. |
|
Login Attribute | The LDAP attribute to map to the VMware Data Services Manager Email Id. The default value is userPrincipalName . |
|
CA Certificate PEM Format | The file with the .pem extension to upload. | |
Enable TLS | Switch this toggle if your server is using LDAPS. | Required |
Click CONFIGURE or UPDATE to apply the LDAP settings.
You can import users from a previously-configured LDAP identity provider and assign them the DSM Admin and DSM User roles in VMware Data Services Manager.
Perform the following procedure to import users from LDAP and assign them an appropriate role:
In the vSphere Client, navigate to vCenter server, click the Configure tab, and click Permissions under VMware Data Services Manager.
This action displays the Permissions view that you use to create and manage the users.
Click LDAP GROUPS.
This action displays a table that lists the configured users.
Click Create.
The Create Permission form opens.
Specify the LDAP group to the role mapping:
Property Name | Value |
---|---|
Role | The user's role in the organization. You can select one of the following options:
|
LDAP Group | The LDAP groups whose users you want VMware Data Services Manager to assign the specified role. |
Click CREATE
The LDAP user group is added to the table.
You can later change the role assignment for the user group, or delete the group.
When you define infrastructure policies, you create guardrails that restrict the quality and quantity of resources the DSM users can consume from vSphere clusters, while having full visibility into how this infrastructure is getting used.
Compute Resources. You must create or use existing clusters or resource pools on which the database VMs will be created. Clusters or resource pools must have one or more storage policies in common.
Storage Policies. You must create or use existing storage policies for the compute resources that will determine the datastore placement of the database VMs.
Network Port Groups. You must create or use existing network port groups for the compute resources on which the database VMs will be created. DSM supports vSphere Distributed Switch (VDS). DSM also works with NSX virtual switches.
IP Pools. You create these data IP pools specifically for Data Services Manager. You can create IP pools while defining infrastructure policies or create them in advance. See Configure IP Pools.
VM Folders. Optionally create or use existing VM folders.
VM Classes. You create these VM classes specifically for Data Services Manager. The system provides default VM classes, but you can create more while defining infrastructure policies or create them separately in advance. See Create VM Classes.
In the vSphere Client, navigate to vCenter server, click the Configure tab, and click Infrastructure Policies under VMware Data Services Manager.
This action displays the Infrastructure Policies view that you use to create and manage the policies.
Click Create.
The Create Infrastructure Policy form opens.
On the Policy Details pane, enter a name and the description of the infrastructure policy.
You cannot change the policy name once the policy is created.
Enable the policy to make it available for consumption in DSM, and click NEXT.
Only enabled infrastructure policies will be availalbe for the database consumption. You might keep the policy disabled if it's not yet ready to be used by the database.
On the Compute Resources pane, select one of the following, and then click NEXT.
The compute resources you select must share the same storage policies.
Property Name | Value |
---|---|
SELECT CLUSTERS | Select the vSphere cluster for the database VMs. |
SELECT RESOURCE POOLS (Optional) | Select the resource pool for the database VMs. |
On the Storage Policies pane, select one or more storage policies for the database VMs, and then click NEXT.
The Storage Policies pane lists only those storage policies that are compatible with the compute resource you specified.
On the Network Port Groups pane, select one or more network port groups for each compute resource in this policy, and click NEXT.
On the IP Pools pane, select one or more IP pools for each network port group in this policy, and click NEXT.
If you haven't configured IP pools, you can create them now.
For each compute resource in this policy, select the VM folder from the drop-down list, and click NEXT.
This step is optional.
On the VM Classes pane, select one or more preconfigured VM classes, and click NEXT.
If needed, create a new VM class.
Review your infrastructure policy, and click CREATE POLICY.
The policy appears on the list of infrastructure policies.
If you need to edit or delete the infrastructure policy, follow these guidelines:
If the policy is not used by a database, you can later change any policy settings.
If the policy is used, you cannot change exiting settings, but you can add a new compute resource and specify corresponding parameters for this compute resource.
You can delete only the policy that is not used by the database.
If you disable an infrastructure policy, you cannot delete database clusters that use this policy. Delete the database clusters before disabling the infrastructure policy.
You have completed the required minimal configuration of the DSM. Next:
Provide the following information to the DSM users:
For information about the tasks that the DSM administrator performs, see Administering VMware Data Services Manager.
If you created a DSM user role for yourself, you can log in to VMware Data Services Manager and access the DSM console to begin monitoring and managing the environment.