Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 80 Current »


This document describes how to add VMware Cloud Director into the multicloud platform.
It also describes the management model and how to use the vCloud features.
For details of how the platform supports VMware vCloud Director, see https://abiquo.atlassian.net/wiki/pages/resumedraft.action?draftId=311368804

Credentials models for VMware vCloud Director

You can create a public cloud region for use by many organizations with one vDC or one organization with multiple vDCs.

To enable many organizations to use the same public cloud region, with one organization virtual datacenter per tenant, enter administrator (system) credentials to register the provider virtual datacenter as the public cloud region.

To allow only one organization to use the public cloud region, enter the organization credentials. 

Abiquo and VCD entities



Add network privileges for organization administrators

In older versions of VCD, by default the Organization administrator had permissions to 'View provider networks'.

In newer versions, when an Organization administrator tries to onboard or synchronize a virtual datacenter, they may get an error like Cannot check if network urn vcloud network is external. This is because Abiquo needs to onboard or synchronize the external networks in the virtual datacenter.

To resolve this issue, add permissions to the Organization Admin role:

  1. Log in to VCD as the Administrator

  2. Go to Administration

  3. Go to Global Roles → edit Organization Admin → select 'NETWORKING - Provider Network - View'

  4. Save and Publish the changes

  5. Go to Rights Bundles → edit Default Rights Bundle → select 'NETWORKING - Provider Network - View'

  6. Save and Publish the changes

  7. Check the administrator of an existing organization to ensure they have the correct permissions.




Create a public cloud region for VMware vCloud Director

Before you begin, see features and configuration at vCloud Director

To create a public cloud region for VMware vCloud Director:

  1. Go to Infrastructure → Public → Create public cloud region

    1. Enter the Endpoint URL for VMware vCloud Director (e.g. https://myvclouddirector.example.com)

    2. Enter Identity and Credential for ONE of the following models:

      1. To add a provider VDC, enter Administrator credentials (user@System)

      2. To add an organization VDC, enter Organization administrator credentials (user@orgName). This region will be exclusive to the organization

    3. Click Retrieve regions and select the region

      Discover regions, which are VDCs
    4. Click Next and enter the details of the Remote services

To enable enterprises to work in the region:

  1. Edit each enterprise that will work in a VMware vCloud Director region (provider VDC or org VDC)

    1. Go to Datacenters and drag the provider or region/s to the Allowed datacenters column

      Allow tenant access to VCD
    2. Go to Credentials and select vCloud Director. Enter the organization administrator identity and credential.
      To associate the Org vDC with the Provider vDC in the platform, enter the VMware vCloud Director system user and password 

      Enter credentials for VCD and retrieve organization VDC


Activate hardware profiles

By default VMware vCloud Director works with CPU and RAM values. But administrators can activate Abiquo hardware profiles as in private cloud. See Hardware profiles .


Control onboard of VMs to VApps

When you onboard virtual resources from providers without virtual datacenters, by default, the platform will onboard each VM into its own VApp.

To onboard all VMs into a single virtual appliance, set the singlevapp enterprise property to true. If you wish to configure the name, set the singlevapp name enterprise property:

"sync.singlevapp":"true",
"sync.singlevapp.name":"sync vapp name"

For instructions on how to set an enterprise property, see Manage enterprise credentials and properties


Import templates

When searching for templates, to retrieve templates from the enterprise's vCD organization, select the private checkbox. To retrieve templates from other organizations, select the public checkbox.

Import VM templates from the VCD registry

The platform can manage templates that have multiple disks, but it will display one disk only with the total size of all disks. The user can deploy multi-disk templates, add and remove additional hard disks, and create instances.

Administrators can select hot-reconfigure options for their templates if the vCD operating system and template supports these options. They can also select the network driver, which by default is now VMXNET3.

 Configure VCD templates in the platform


Abiquo manages VDCs and networks

Abiquo onboards and synchronizes the virtual datacenters and networks of a vCD organization.

Users in Abiquo can work with VMware vCloud Director networks as follows:

  • Manage private networks

    • vApp networks, which may be isolated or have an external connection

  • Synchronize these external networks:

    • External networks outside the Org VDC but connected to the Edge, for use by load balancers but not VM vNICs

    • External networks outside the Org VDC with a direct connection to OrgVDC as OrgVDCNetwork

    • Isolated Org VDC networks, for use by VM vNICs but not load balancers

  • Synchronize and create and delete these external networks in the Virtual datacenters view

    • OrgVDC networks inside the OrgVDC and routed through the Edge

Administrators can create NAT networks for public cloud regions and users can manage NAT rules for their VMs.

The platform does not onboard or manage static routes for VMware vCloud Director networks.

The administrator can select a vCD virtual appliance to onboard as an Abiquo virtual datacenter.   

Onboard VCD virtual appliances as virtual datacenters in the multi-cloud platform

The user can create a private network in the VDC

VCD private networks


Users onboard firewalls

The user can onboard Edge firewalls as Abiquo classic firewalls. In VMware vCloud Director, classic firewalls can span vApps, so to access these firewalls in the platform, select All VDCs, then select the VMware vCloud Director region.

 Users can onboard classic firewalls from VCD

The classic firewalls support TCP and UDP protocols, and with a source or destination that can be an IP, a range of IPs, or “any”. See Manage classic firewalls

The integration manages firewalls on private and external networks.

NAT networks and rules

The administrator can create a NAT network using an external network that is connected to the orgVdc Edge gateway or a subnet of this network. Note that the platform does not detect NAT configurations in VMware vCloud Director so the administrator must provide appropriate values to prevent errors in the virtual datacenters.

 Add NAT networks defined in VCD

You can then obtain NAT IPs for your virtual datacenters and create NAT rules for your VMs. The platform will automatically create a firewall rule for each NAT rule. To display this rule, the user will need to synchronize the classic firewall. The platform does not create a default SNAT rule for the virtual datacenter as in the NSX NAT integration so users should create SNAT rules in their VMs.

 Add a nat rule for VCD


VM firewall policies

When the virtual datacenter (VMware vCloud Director vApp) has an external (fenced) connection through an Edge gateway, users can create firewall policies in their virtual datacenter and assign them to their VMs. 


Users onboard and create load balancers

The user can onboard and create load balancer policies. In VMware vCloud Director, load balancers can span vApps, so to access all load balancers in the platform, select All VDCs and then select the VMware vCloud Director region.

Manage load balancers in VCD

The integration creates load balancers on external networks. 

See vCloud Director load balancers table and Manage load balancers

For OrgVDC networks created using Abiquo, an initial limitation is that you can only use the gateway address for load balancers.

Onboard VMs into Abiquo

When you onboard VMs, the platform creates a placeholder template for each VM, but this template is unavailable, which means that the user cannot undeploy and deploy the VM again from it.

To create a standard VM template for the VM, before you undeploy, power off and create an instance template to clone the VM disks. The platform will automatically assign the VM to the new template, and the user can then undeploy and redeploy the VM.   

Users deploy VMs

Users can create VMs using VM templates registered in the platform from the VMware vCloud Director registry. 

Users can add IPs and select firewalls and load balancers for their VMs.

Users can create additional disks and attach and detach additional disks from their VMs, and for SCSI disks they can do this with hot reconfigure. Users can resize disks if their organization virtual datacenter is not using the fast provisioning. Users cannot change the boot sequence or the bus/unit number, but the platform will recognize changes made directly in vCD. Hard disks belong to one VM only and you cannot reuse them in another VM.

Notes about creating a VM from a template with multiple disks

  • The platform only displays one disk with the total size of all disks. When you add an additional disk and deploy, the platform will display two disks. After the deploy, the platform will synchronize the VM with the cloud and update the VM to display all disks

  • If you undeploy and remove a disk created from the template and then deploy again, the disk you removed will still be present (copied from the template), so you should remove it after the platform creates it.

Abiquo creates VMs within an Abiquo virtual datacenter and Abiquo virtual appliance. 

Abiquo can provide internet access or external access from private networks through an external network.

Users can create Abiquo instance templates from VM disks.

The user can request a remote console, by clicking the console button, and the platform will open it using WebMKS. See Branding WMKS.

Multicloud tags

Abiquo 6.0 introduces provider support for multicloud tags in VMware Cloud Director (VCD) (formerly VMware vCloud Director).  

As usual, to manage tags, edit a resource. For VMs, select Tags from the VM options menu.

 Select Tags from the options menu on the VM icon

Abiquo users can create tags to materialize in VCD on the following resources:

  • Virtual datacenter, which is a VCD virtualApp

     Add a tag to a virtual datacenter in VCD

  • VM, which is a VCD virtualMachine

     Edit resource tags for a VM in VCD

  • VM template (in own organization only, not shared/public templates in other organizations) 

     Edit tags for a template in VCD

In a VCD tag Key you cannot enter the characters:  "./" , "/." or ";", so Abiquo checks for these characters. Abiquo can create and update tags in string format. And Abiquo can onboard VCD metadata as tags in all formats including string, number, boolean, and date. 

Abiquo uses VCD metadata to store the tags in the provider. 

  • Abiquo uses the default VCD attributes to create fully accessible tags. Abiquo does not manage the hidden and read only attributes of VCD metadata. 

  • In VCD, the UI does not enable users to filter resources by metadata, but users can do this in the Abiquo UI, or with the VCD API.

Abiquo users can apply tag policies to multicloud tags across all providers, and they can also use tags on VMs and scaling groups to dynamically select groups of resources to apply automation with action plans.

As usual, to display tags, you can select the VM and go to Tags on the VM details panel. If Abiquo has created the tags in the provider, then the value of the Materialized attribute will be Yes.

VM details panel in VCD

To improve performance, Abiquo creates and updates multiple tags as a group.
So for troubleshooting purposes, it could be helpful to know that in the unlikely event that Abiquo was unable to create or update any of the tags, the task to create or update the group of tags would fail.



  • No labels