vCloud user's guide
Introduction
The VMware vCloud cloud computing service provides customers with virtual resources for creating virtual servers and other functional elements. Virtual resources are accessible via the Internet or a private virtual network from the customer's network;
The service platform is delivered using VMware software (http://www.vmware.com ).
Customers are provided with individual access to a self-service website where they can manage virtual resources, create virtual servers and other functional elements of their IT infrastructure: https://vcloud.lt/tenant/[vORG];
A customer is provided with a dedicated virtual organisation (vORG/tenant), where a single virtual data centre (vDC) is created with a standard virtual resource quota and network settings.
Self-Service Portal and Login
The login details for the vCloud platform's self-service portal are sent to the email address specified by the user as soon as the account is created. Upon receipt of the email, the user shall open the link to activate his/her vCloud account and change the user password.
To log in directly to the vCloud Director portal, the user must log in at https://vcloud.lt/tenant/[vORG];
vCloud Self-Service Portal Management
Menu
Once you're signed in to the vCloud platform, the following Menu items appear:
Data Centres. This section shows the virtual data centres (vDC).
Applications. This section displays virtual applications (vApp) and virtual machines (VM).
Networking. This section displays networks, Edge Gateways, Data Centre Groups, Security Tags.
Libraries. This section displays:
Content Libraries:
vApp Templates, VDC Templates, Directories and Media
Services:
Service Library
Custom Entity Definitions
Administration This section contains descriptions of users, groups, and roles. This section allows the management of authentication protocols (SAML, LDAP, OIDC) and certificates.
Monitor section allows you to monitor tasks and events
User Management
To log in to the vCloud Director portal, you must log in at https://vcloud.lt/tenant/[vORG], which you received from Telia. Logging in to the vCloud environment requires the username and password you received from Telia Support.
There are several types of vCloud users:
ReadOnly – vartotojas, a user able only to monitor virtual resources, servers, and other Virtual infrastructure
Tenant Administrator – a user able to create new servers and manage virtual resources
You can create a new user by selecting Administrator > Users > New.
In the opened window, create a username and password and choose a role.
Password Reset
If you have forgotten your login password, please contact Telia Support service. Short number for calls: 1816, e-mail: ITsupport@telia.lt
Virtual Data Centres (vDCs) and Their Management
You can view and manage the characteristics of a vDC by clicking on the desired vDC. You will see a menu of options on the left side:
Virtual Data Centre Resources
The allocated/used resources can be viewed by selecting General vDC from the options menu.
The number of virtual processors (CPUs) measured in GHz (1 vCPU = 3 GHz);
The size of Virtual Working Memory (Memory), measured in GB;
The size of Virtual Disk (Storage), measured in GB;
Virtual Data Centre Network Management
You can manage virtual data centre networks by selecting the Network item in the vDC options menu. To add a new network, select NEW.
vDC network types:
Using Virtual Resources
Creating a Virtual Machine
Creating a virtual machine is done by selecting the vDC > Virtual Machines > New > New vApp option.
Available options:
New vApp (a new empty virtual application is created)
Add vApp From OVF (a virtual machine is created from your provided OVF/OVA file)
Add vApp From Catalog (a virtual machine is created from the OS templates provided and recommended by Telia)
After selecting "Add vApp From Catalog", choose the desired OS template:
Enter the vApp name and description:
In the next step, enter the Virtual server name and select a Storage policy
The Storage Policy specifies the type of Disk to be used in the server.
In Compute policy step, Placement policy of the virtual machine is selected. Virtual resources RAM/CPU are allocated automatically according to the selected template. Click Next
The Placement Policy specifies which Cluster resources are used. The following options are available:
VMPP-T-VI-Z-01 – Žirmūnai Cluster
VMPP-T-VI-P-01 – Park Cluster
VMPP-T-VI-ZP-01 – Stretched Cluster
Customize Hardware - set the disk sizes
In the final step, the general information of the Virtual server is provided. By clicking Finish, the vApp and the Virtual server are created.
Network NICs are added after VM is created. Click on the new created virtual machine, select the NICs option from the menu and click Edit
In the opened window, click New, then select the network configuration.
Recommended selections:
Adapter Type - VMXNET3 should be selected
Network – the required network should be selected
IP mode – parentage Static – Manual
Login to the Server
Login to the Server OS using the Console
The virtual machine console allows you to view VM information, work with the operating system and perform actions at OS level.
Select the virtual machine and click three dots on the left side:
Select VM Console option.
Login to a Newly Created Server
The Guest OS Customization setting is used when creating new Servers from Telia templates.
The Case of Windows OS
When creating a new VM and enabling it for the first time, in the case of Windows OS, you will be prompted to create a new password, but you are not required to do that, as the Guest OS Customization setting will be triggered within 1 minute, the server will restart and you can then log in to the OS using the password generated by the platform.
The Case of Linux OS
After creating a new VM using the Linux OS template, you can log in as soon as the server starts. The login password is in the standard location.
OS Login Password
The login password can be found in VM settings -> Guest OS Customization -> Edit
Click on Edit, select "Allow local administrator password", "Auto generate password" and click on Save:
When the server is switched on and you click on Edit again, the password will be displayed:
Guest OS Customization function sets not only the password, but also the server name (Hostname) at OS level. It also configures IP settings at OS level, those that were set on the platform before the first activation of VM. If a functioning network is already configured and you have assigned it to an already activated VM, you can instantly connect to the server remotely (RDP) without using the console.
Also, on the OS side, additional virtual disks are automatically configured if you have assigned them before the first activation of VM.
IMPORTANT: After a successful login to the server, it is recommended to disable Guest OS Customization function:
Changing Virtual Machine Resources
If required, you can change CPU and RAM parameters of the virtual machine. We recommend that you do this on the switched off (Powered off) Virtual machine.
To change the size of the resources, click on VM and select Compute option from the menu.
On the menu that opens, select Edit under CPU or Memory tab, and select the desired values. Save your changes by clicking Save button.
Upon completion of the operation, the size of the virtual machine resources will be changed.
Virtual machine resource change using Hot Add
Hot Add enables to add virtual resources (CPU/RAM) to the virtual machine while it is powered on.
The main drawback of enabling Hot Add is a potential performance drop, as VMware recommends activating it only for resources where this functionality will be actively utilized. According to VMware, this can lead to a performance drop of up to 10%, but the extent of the impact largely depends on the application. Particularly, SQL VMs and other applications capable of leveraging NUMA CPU topology would be most affected. It's worth noting that Hot Add support depends on the operating system; while newer OS typically supports it, older ones may encounter issues, such as Kernel Panic. Additionally, Hot Add does not support Hot Remove, meaning that to reduce resources, VMs will still need to be turned off.
Hot Add function is enabled in Virtual Machine settings → Compute → Edit
Enable “Virtual CPU hot add” and “Memory hot add” and click Save
Switching On/Off of a Virtual Machine
Switching On/Off of a Virtual Machine
Select VDC.
Click on "Virtual Machines" on the left side.
Select a virtual machine and click on three dots on the left:
Selecting Power option will allow you to switch on, switch off, and restart VM.
Creating a Snapshot
Select a virtual machine and click on three dots on the left:
Upon selecting Snapshot, you will be presented with the option to create, restore or delete a snapshot.
Virtual Disks
Disk Management
Disk management is performed by selecting the virtual machine and the menu item Hard Disks.
Adding a New Disk / Replacing an Existing Disk
To create a new disk, you need to select the "Edit" action. The action is performed on a switched off (Powered off) virtual machine.
In the opened window we can modify the size of existing disks, change the storage policy and remove a disk. By selecting the Add option we can add additional disks.
The main disk types are as follows:
Standard SSD – this is an SSD disk in one Žirmūnai or Park Cluster;
Geo Redundand SSD – this is a disk with data redundancy function in Stretched Cluster;
Disk Limitations
Minimums disk size is 1 GB. Maximum disk size is 2 TB.
The created disk must be located in the same data centre (Placement Policy) as the virtual machine to which the disk will be connected.
Virtual Networks
Assigning an External (Public) IP to a Server
In order to redirect a Public IP address to a virtual server, the Edge Router needs to be configured at several levels: NAT, IPSet, and FW.
Configuration procedure:
For the server to be accessible from the Internet, DNAT rules must be created.
E.g., a rule is created to redirect all requests originating from all ports to 82.135.132.125 to the internal 10.48.5.241.
For the server to access the Internet itself (backward external communication), SNAT is required.
As a result we have 2 NAT Rules:
Security rules need to be created in the Edge Router FW configuration to define what is allowed and on which ports. The source / destination is selected from the IPSet objects, so you need to create them first, e.g. in this case we create a 10.48.5.241 IPSet for the server.
In order to limit the list of sources (IP addresses) from which the virtual server can be accessed via Public IP, we need to create another IPSet and add the allowed source IP addresses to it. If no such limitation is needed, the source IPSet does not need to be created and an ANY rule can be selected.
E.g.: we add one of the Public IPs from which we want to access the server:
6.We create a rule in the Firewall list that will bypass the IPSet just created:
It is also critical to consider the configuration of the firewall at the server OS level. This should be done by the administrators who perform the maintenance of the server OS.
Locating Server IP
The server IP can be viewed by clicking NICs option on VM.
The network is added to the virtual machine by moving on to VM, selecting NICs option from the menu and pressing Edit.
In the opened window we click New, then select the network configuration..