VCP-IaaS vs. VCP-Cloud: Cloud Exam Faceoff

Today VMware released the VCP-Cloud exam, which is in turn gives you the right to call yourself VCP-Cloud certified.

But there are two paths to the certification:

  1. If you have VCP-DV, you can take the VCP-IaaS exam and then be VCP-Cloud certified.
  2. If you complete one of the prerequisete courses you can take the VCP-Cloud exam and then be VCP-Cloud Certified.
    • The prerequisetes courses are vCloud Director: Install, Configure, Manage or VMware vCloud: Deploy and Manage the VMware vCloud (v 1.5).

As you can see we have a VCP-Cloud and a VCP-IaaS exam to acquire VCP-Cloud certification.

Comparison:

If we compare the two exams they are similar on some levels, but the amount of sections on each of them to process is HUGELY different. Lets the comparing begin.

Lets start with amount of questions and time you have to complete them:

  • VCP-IaaS: 85 Question and 90 minutes (plus non-english minutes for those applicable)
  • VCP-Cloud: 240 questions and 225 minutes ( note: the blueprint  (v. 2.21) does not state the non-english minutes, but I’m guessing they forgot to add it to the text)

Comment: There is a good reason for this huge difference in the exams, and that’s that VCP-Cloud has 7 extra sections to learn.

Next I want to compare the sections of each exam:

  • VCP-IaaS: 8 sections -> Install&Configure, Users&Roles, Chargeback, Networking, Organizations, Resources, Catalogs, Monitor.
  • VCP-Cloud: 15 sections -> Install&Configure vCenter/ESXi, vSphere Networking, vSphere Storage, Administer VM’s and vApps, Establish and Maintain Service Levels, Troubleshooting&Alarms, Monitor&Alarms, Install&Configure, Users&Roles, Chargeback, Networking, Organizations, Resources, Catalogs, Monitor.
    • The text in bold is all about Infrastructure, and the rest is the same as the IaaS exam.

Comment: As you can see VMware has put a mini VCP-DV exam into the VCP-Cloud exam, as well as the whole of IaaS exam. So you can safely say that its made for people who don’t have the VCP-DV certification.

What? Isn’t that 2 exams in one?

So if VCP-Cloud has a mini-VCP in it, why shouldn’t you just go for the VCP-DV? Let the comparing continue:

  • VCP-DV: Install&Configure vCenter/ESXi, vSphere Networking, vSphere Storage, Administer VM’s and vApps, Establish and Maintain Service Levels, Troubleshooting&Alarms, Monitor&Alarms
  • VCP-Cloud (Infrastructure sections): Install&Configure vCenter/ESXi, vSphere Networking, vSphere Storage, Administer VM’s and vApps, Establish and Maintain Service Levels, Troubleshooting&Alarms, Monitor&Alarms

They look exactly the same,  but when you look closer there are slight differences. Lets take a closer look (red are the same!!!!!):

VCP-DV (Blueprint v. 2.5) VCP-Cloud (Blueprint v. 2.3)
Section 1 – Plan, Install, Configure and Upgrade vCenter Server and VMware ESXi Section 1 – Plan, Install, Configure and Upgrade vCenter Server and VMware ESXi
Objective 1.1 — Install and Configure vCenter Server Objective 1.1 — Install and Configure vCenter Server
Knowledge Knowledge
• Identify available vCenter Server editions • Identify vCenter Server requirements
• Size the vCenter Server database • Identify vCenter Server database requirements
Install vCenter Server into a virtual machine • Install vCenter Server
Deploy the vCenter Appliance • Deploy the vCenter Appliance
• Install additional vCenter Server components • Identify VMware vSphere® Client requirements
• Install/Remove vSphere Client plug-ins • Install/Remove vSphere Client plug-ins
• Enable/Disable vSphere Client plug-ins • Enable/Disable vSphere Client plug-ins
• Determine use case for vSphere Client and Web Client • Determine use case for vSphere Client and Web Client
• Determine availability requirements for a vCenter Server in a given vSphere implementation  
• License vCenter Server  
Objective 1.2 – Install and Configure VMware ESXi Objective 1.2 – Install and Configure VMware ESXi
Knowledge Knowledge
• Perform an interactive installation of ESXi • Perform an interactive installation of ESXi using media or PXE
• Deploy an ESXi host using Auto Deploy • Identify ESXi host requirements
• Configure NTP on an ESXi Host • Configure NTP on an ESXi Host
• Configure DNS and Routing on an ESXi Host  
• Enable/Configure/Disable hyperthreading  
• Enable/Size/Disable memory compression cache  
• License an ESXi host  
Objective 1.3 – Plan and Perform Upgrades of vCenter Server and VMware ESXi Objective 1.3 – Plan and Perform Upgrades of vCenter Server and VMware ESXi
Knowledge Knowledge
• Identify upgrade requirements for ESXi hosts • Identify available vSphere editions and features
• Identify steps required to upgrade a vSphere implementation • Determine appropriate vSphere edition based on customer requirements
• Upgrade a vNetwork Distributed Switch  
• Upgrade from VMFS3 to VMFS5  
• Upgrade VMware Tools  
• Upgrade Virtual Machine hardware  
• Upgrade an ESXi Host using vCenter Update Manager  
• Determine whether an in-place upgrade is appropriate in a given upgrade scenario  
Objective 1.4 –Secure vCenter Server and ESXi
Knowledge
• Identify common vCenter Server privileges and roles
• Describe how permissions are applied and inherited in vCenter Server
• Configure and administer the ESXi firewall
• Enable/Configure/Disable services in the ESXi firewall
• Enable Lockdown Mode
• Configure network security policies
• View/Sort/Export user and group lists
• Add/Modify/Remove permissions for users and groups on vCenter Server inventory objects
• Create/Clone/Edit vCenter Server Roles
• Add an ESXi Host to a directory service
• Apply permissions to ESXi Hosts using Host Profiles
• Determine the appropriate set of privileges for common tasks in vCenter Server
Objective 1.5 – Identify vSphere Architecture and Solutions
Knowledge
• Identify available vSphere editions and features
• Identify the various datacenter solutions that interact with vSphere (View, SRM, Lab Manager, etc)
• Explain ESXi and vCenter Server architectures
• Explain Private/Public/Hybrid cloud concepts
• Determine appropriate vSphere edition based on customer requirements
Section 2 – Plan and Configure vSphere Networking Section 2 – Plan and Configure vSphere Networking
Objective 2.1 – Configure vNetwork Standard Switches Objective 2.1 – Configure vNetwork Standard Switches
Knowledge Knowledge
• Identify vNetwork Standard Switch (vSS) capabilities • Identify vNetwork Standard Switch capabilities
• Create/Delete a vNetwork Standard Switch • Create/Delete a vNetwork Standard Switch
• Add/Configure/Remove vmnics on a vNetwork Standard Switch • Add/Configure/Remove vmnics on a vNetwork Standard Switch
• Configure vmkernel ports for network services • Configure vmkernel ports for network services
• Add/Edit/Remove port groups on a vNetwork Standard Switch • Add/Edit/Remove port groups on a vNetwork Standard Switch
• Determine use case for a vNetwork Standard Switch • Determine use case for a vNetwork Standard Switch
Objective 2.2 – Configure vNetwork Distributed Switches Objective 2.2 – Configure vNetwork Standard and Distributed Switches
Knowledge Knowledge
• Identify vNetwork Distributed Switch (vDS) capabilities • Identify vNetwork Distributed Switch capabilities
• Create/Delete a vNetwork Distributed Switch • Create/Delete a vNetwork Distributed Switch
• Add/Remove ESXi hosts from a vNetwork Distributed Switch • Add/Remove ESXi hosts from a vNetwork Distributed Switch
• Add/Configure/Remove dvPort groups • Add/Configure/Remove dvPort groups
• Add/Remove uplink adapters to dvUplink groups • Add/Remove uplink adapters to dvUplink groups
• Create/Configure/Remove virtual adapters • Create/Configure/Remove virtual adapters
• Migrate virtual adapters to/from a vNetwork Standard Switch • Migrate virtual adapters to/from a vNetwork Standard Switch
• Migrate virtual machines to/from a vNetwork Distributed Switch • Migrate virtual machines to/from a vNetwork Distributed Switch
• Determine use case for a vNetwork Distributed Switch • Determine use case for a vNetwork Distributed Switch
  • Edit general vNetwork Distributed Switch settings
  • Configure dvPort settings
Objective 2.3 – Configure vSS and vDS Policies Objective 2.3 – Configure vSS and vDS Policies
Knowledge Knowledge
• Identify common vSS and vDS policies • Identify common vSS and vDS policies
• Configure dvPort group blocking policies  
• Configure load balancing and failover policies • Configure load balancing and failover policies
• Configure VLAN settings • Configure VLAN settings
• Configure traffic shaping policies  
• Enable TCP Segmentation Offload support for a virtual machine  
• Enable Jumbo Frames support on appropriate components • Enable Jumbo Frames (1600+ MTU) support on appropriate components
• Determine appropriate VLAN configuration for a vSphere implementation • Determine appropriate VLAN configuration for a vSphere implementation
Section 3 – Plan and Configure vSphere Storage Section 3 – Plan and Configure vSphere Storage
Objective 3.1 – Configure Shared Storage for vSphere Objective 3.1 – Configure Shared Storage for vSphere
Knowledge Knowledge
• Identify storage adapters and devices  
• Identify storage naming conventions  
• Identify hardware/dependent hardware/software iSCSI initiator requirements  
• Compare and contrast array thin provisioning and virtual disk thin provisioning  
• Describe zoning and LUN masking practices  
• Scan/Rescan storage • Scan/Rescan storage
• Identify use cases for FCoE  
• Create an NFS share for use with vSphere  
• Connect to a NAS device • Connect to a NAS and/or SAN device
• Enable/Configure/Disable vCenter Server storage filters  
• Configure/Edit hardware/dependent hardware initiators  
• Enable/Disable software iSCSI initiator  
• Configure/Edit software iSCSI initiator settings  
• Configure iSCSI port binding  
• Enable/Configure/Disable iSCSI CHAP  
• Determine use case for hardware/dependent hardware/software iSCSI initiator  
• Determine use case for and configure array thin provisioning  
Objective 3.2 – Create and Configure VMFS and NFS Datastores Objective 3.2 – Create and Configure VMFS and NFS Datastores
Knowledge Knowledge
• Identify VMFS and NFS Datastore properties • Identify VMFS and NFS Datastore properties
• Identify VMFS5 capabilities • Identify VMFS5 capabilities
• Create/Rename/Delete/Unmount a VMFS Datastore  
• Mount/Unmount an NFS Datastore  
• Extend/Expand VMFS Datastores • Extend/Expand VMFS Datastores
• Upgrade a VMFS3 Datastore to VMFS5  
• Place a VMFS Datastore in Maintenance Mode • Place a VMFS Datastore in Maintenance Mode
• Select the Preferred Path for a VMFS Datastore  
• Disable a path to a VMFS Datastore  
• Determine use case for multiple VMFS/NFS Datastores • Determine use case for multiple VMFS/NFS Datastores
• Determine appropriate Path Selection Policy for a given VMFS Datastore  
Section 4 – Deploy and Administer Virtual Machines and vApps Section 4 – Deploy and Administer Virtual Machines and vApps
Objective 4.1 – Create and Deploy Virtual Machines Objective 4.1 – Create and Deploy Virtual Machines
Knowledge Knowledge
• Identify capabilities of virtual machine hardware versions • Identify capabilities of virtual machine hardware versions
• Identify VMware Tools device drivers  
• Identify methods to access and use a virtual machine console • Identify methods to access and use a virtual machine console
• Identify virtual machine storage resources  
• Place virtual machines in selected ESXi hosts/Clusters/Resource Pools  
• Configure and deploy a Guest OS into a new virtual machine • Configure and deploy a Guest OS into a new virtual machine
• Configure/Modify disk controller for virtual disks • Configure/Modify disk controller for virtual disks
• Configure appropriate virtual disk type for a virtual machine  
• Create/Convert thin/thick provisioned virtual disks • Create/Convert thin/thick provisioned virtual disks
• Configure disk shares  
• Install/Upgrade/Update VMware Tools • Install/Upgrade/Update VMware Tools
• Configure virtual machine time synchronization • Configure virtual machine time synchronization
• Convert a physical machine using VMware Converter  
• Import a supported virtual machine source using VMware Converter  
• Modify virtual hardware settings using VMware Converter  
• Configure/Modify virtual CPU and Memory resources according to OS and application requirements • Configure/Modify virtual CPU and Memory resources according to OS and application requirements
• Configure/Modify virtual NIC adapter and connect virtual machines to appropriate network resources  
• Determine appropriate datastore locations for virtual machines based on application workloads • Determine appropriate datastore locations for virtual machines based on application workloads
Objective 4.2 – Create and Deploy vApps Objective 4.2 – Create and Deploy vSphere vApps
Knowledge Knowledge
• Identify vApp settings • Describe a vSphere vApp
• Create/Clone/Export a vApp  
• Add objects to an existing vApp  
• Edit vApp settings  
• Configure IP pools  
• Suspend/Resume a vApp  
• Determine when a tiered application should be deployed as a vApp  
Objective 4.3 – Manage Virtual Machine Clones and Templates Objective 4.3 – Manage Virtual Machine Clones and Templates
Knowledge Knowledge
• Identify the vCenter Server managed ESXi hosts and Virtual Machine maximums  
• Identify Cloning and Template options  
• Clone an existing virtual machine  
• Create a template from an existing virtual machine  
• Deploy a virtual machine from a template  
• Update existing virtual machine templates  
• Deploy virtual appliances and/or vApps from an OVF template  
• Import and/or Export an OVF template • Import and/or Export an OVF template
• Determine the appropriate deployment methodology for a given virtual machine application  
Objective 4.4 – Administer Virtual Machines and vApps Objective 4.4 – Administer Virtual Machines and vApps
Knowledge Knowledge
• Identify files used by virtual machines  
• Identify locations for virtual machine configuration files and virtual disks • Identify locations for virtual machine configuration files and virtual disks
• Identify common practices for securing virtual machines  
• Hot Extend a virtual disk • Hot Extend a virtual disk
• Configure virtual machine options  
• Configure virtual machine power settings  
• Configure virtual machine boot options  
• Configure virtual machine troubleshooting options  
• Assign a Storage Policy to a virtual machine • Assign a Storage Policy to a virtual machine
• Verify Storage Policy compliance for virtual machines • Verify Storage Policy compliance for virtual machines
• Determine when an advanced virtual machine parameter is required  
• Adjust virtual machine resources (shares, limits and reservations) based on virtual machine workloads  
Section 5 – Establish and Maintain Service Levels Section 5 – Establish and Maintain Service Levels
Objective 5.x – Create and Configure VMware Clusters Objective 5.1 – Create and Configure VMware Clusters
Knowledge Knowledge
• Describe DRS virtual machine entitlement • Describe DRS and Storage DRS
• Create/Delete a DRS/HA Cluster • Create/Delete a DRS/HA Cluster
• Add/Remove ESXi Hosts from a DRS/HA Cluster  
• Add/Remove virtual machines from a DRS/HA Cluster • Add/Remove ESXi Hosts from a DRS/HA Cluster
• Configure Storage DRS • Describe Enhanced vMotion Compatibility
• Configure Enhanced vMotion Compatibility  
• Monitor a DRS/HA Cluster • Monitor a DRS/HA Cluster
• Configure migration thresholds for DRS and virtual machines  
• Configure automation levels for DRS and virtual machines  
• Create VM-Host and VM-VM affinity rules  
• Enable/Disable Host Monitoring • Enable/Disable Host Monitoring
• Enable/Configure/Disable virtual machine and application monitoring • Enable/Configure/Disable virtual machine and application monitoring
• Configure admission control for HA and virtual machines • Configure admission control for HA and virtual machines
• Determine appropriate failover methodology and required resources for an HA implementation • Determine appropriate failover methodology and required resources for an HA implementation
Objective 5.2 – Plan and Implement VMware Fault Tolerance
Knowledge
• Identify VMware Fault Tolerance requirements
• Configure VMware Fault Tolerance networking
• Enable/Disable VMware Fault Tolerance on a virtual machine
• Test an FT configuration
• Determine use case for enabling VMware Fault Tolerance on a virtual machine
Objective 5.3 – Create and Administer Resource Pools
Knowledge
• Describe the Resource Pool hierarchy
• Define the Expandable Reservation parameter
• Create/Remove a Resource Pool
• Configure Resource Pool attributes
• Add/Remove virtual machines from a Resource Pool
• Determine Resource Pool requirements for a given vSphere implementation
• Evaluate appropriate shares, reservations and limits for a Resource Pool based on virtual machine workloads
• Clone a vApp
Objective 5.4 – Migrate Virtual Machines Objective 5.2 – Migrate Virtual Machines
Knowledge Knowledge
• Identify ESXi host and virtual machine requirements for vMotion and Storage vMotion • Identify ESXi host and virtual machine requirements for vMotion and Storage vMotion
• Identify Enhanced vMotion Compatibility CPU requirements • Identify Enhanced vMotion Compatibility CPU requirements
• Identify snapshot requirements for vMotion/Storage vMotion migration
• Migrate virtual machines using vMotion/Storage vMotion • Migrate virtual machines using vMotion/Storage vMotion
• Configure virtual machine swap file location  
• Migrate a powered-off or suspended virtual machine  
• Utilize Storage vMotion techniques (changing virtual disk type, renaming virtual machines, etc.)  
Objective 5.5 – Patch and Update ESXi and Virtual Machines
Knowledge
• Identify patching requirements for ESXi hosts and virtual machine hardware/tools
• Create/Edit/Remove a Host Profile from an ESXi host
• Attach/Apply a Host Profile to an ESXi host or cluster
• Perform compliance scanning and remediation of an ESXi host using Host Profiles
• Install and Configure vCenter Update Manager
• Configure patch download options
• Create/Edit/Delete an Update Manager baseline
• Attach an Update Manager baseline to an ESXi host or cluster
• Scan and remediate ESXi hosts and virtual machine hardware/tools using Update Manager
• Stage ESXi host updates
Section 6 – Perform Basic Troubleshooting Section 6 – Perform Basic Troubleshooting and Alarm Management
Objective 6.1 – Perform Basic Troubleshooting for ESXi Hosts Objective 6.1 – Perform Basic Troubleshooting for ESXi Hosts
Knowledge Knowledge
• Identify general ESXi host troubleshooting guidelines • Identify general ESXi host troubleshooting guidelines
• Troubleshoot common installation issues • Troubleshoot common installation issues
• Monitor ESXi system health • Monitor ESXi system health
• Export diagnostic information • Export diagnostic information
Objective 6.2 – Perform Basic vSphere Network Troubleshooting Objective 6.2 – Perform Basic vSphere Network Troubleshooting
Knowledge Knowledge
• Verify network configuration • Verify network configuration
• Verify a given virtual machine is configured with the correct network resources • Verify a given virtual machine is configured with the correct network resources
• Troubleshoot virtual switch and port group configuration issues • Troubleshoot virtual switch and port group configuration issues
• Troubleshoot physical network adapter configuration issues • Troubleshoot physical network adapter configuration issues
• Identify the root cause of a network issue based on troubleshooting information • Identify the root cause of a network issue based on troubleshooting information
Objective 6.3 – Perform Basic vSphere Storage Troubleshooting
Knowledge
• Verify storage configuration
• Troubleshoot storage contention issues
• Troubleshoot storage over-commitment issues
• Troubleshoot iSCSI software initiator configuration issues
• Troubleshoot Storage Reports and Storage Maps
• Identify the root cause of a storage issue based on troubleshooting information
Objective 6.4 – Perform Basic Troubleshooting for HA/DRS Clusters and vMotion/Storage vMotion
Knowledge
• Identify HA/DRS and vMotion requirements
• Verify vMotion/Storage vMotion configuration
• Verify HA network configuration
• Verify HA/DRS cluster configuration
• Troubleshoot HA capacity issues
• Troubleshoot HA redundancy issues
• Interpret the DRS Resource Distribution Graph and Target/Current Host Load Deviation
• Troubleshoot DRS load imbalance issues
• Troubleshoot vMotion/Storage vMotion migration issues
• Interpret vMotion Resource Maps
• Identify the root cause of a DRS/HA cluster or migration issue based on troubleshooting information
Section 7 – Monitor a vSphere Implementation and Manage vCenter Server Alarms Section 7 – Monitor a vSphere Implementation and Manage vCenter Server Alarms
Objective 7.1 – Monitor ESXi, vCenter Server and Virtual Machines Objective 7.1 – Monitor ESXi, vCenter Server and Virtual Machines
Knowledge Knowledge
• Describe how Tasks and Events are viewed in vCenter Server • Describe how Tasks and Events are viewed in vCenter Server
• Identify critical performance metrics • Identify critical performance metrics
• Explain common memory metrics • Explain common memory metrics
• Explain common CPU metrics • Explain common CPU metrics
• Explain common network metrics • Explain common network metrics
• Explain common storage metrics • Explain common storage metrics
• Compare and contrast Overview and Advanced Charts • Compare and contrast Overview and Advanced Charts
• Configure SNMP for vCenter Server • Configure SNMP for vCenter Server
• Configure Active Directory and SMTP settings for vCenter Server • Configure Active Directory and SMTP settings for vCenter Server
• Configure vCenter Server logging options • Configure vCenter Server logging options
• Create a log bundle • Create a log bundle
• Create/Edit/Delete a Scheduled Task • Create/Edit/Delete a Scheduled Task
• Configure/View/Print/Export resource maps • Configure/View/Print/Export resource maps
• Start/Stop/Verify vCenter Server service status • Start/Stop/Verify vCenter Server service status
• Start/Stop/Verify ESXi host agent status • Start/Stop/Verify ESXi host agent status
• Configure vCenter Server timeout settings • Configure vCenter Server timeout settings
• Monitor/Administer vCenter Server connections • Monitor/Administer vCenter Server connections
• Create an Advanced Chart • Create an Advanced Chart
• Determine host performance using resxtop and guest Perfmon • Determine host performance using resxtop and guest Perfmon
• Given performance data, identify the affected vSphere resource • Given performance data, identify the affected vSphere resource
Objective 7.2 – Create and Administer vCenter Server Alarms Objective 7.2 – Create and Administer vCenter Server Alarms
Knowledge Knowledge
• List vCenter default utilization alarms • List vCenter default utilization alarms
• List vCenter default connectivity alarms • List vCenter default connectivity alarms
• List possible actions for utilization and connectivity alarms • List possible actions for utilization and connectivity alarms
• Create a vCenter utilization alarm • Create a vCenter utilization alarm
• Create a vCenter connectivity alarm • Create a vCenter connectivity alarm
• Configure alarm triggers • Configure alarm triggers
• Configure alarm actions • Configure alarm actions
• For a given alarm, identify the affected resource in a vSphere implementation • For a given alarm, identify the affected resource in a vSphere implementation

If you managed to go through the whole list, you can see there are whole section missing in the VCP-Cloud, compared to VCP-DV. It seems you don’t need to know as much about hardware, upgrading, security, design, storage, VM’s, vSphere templates, FT, Resource pools, patching, troubleshooting storage&HA&DRS&vMotion.

For my part it seems as the VCP-Cloud exam is for a VMware admin that is yet to take the VCP-DV but has worked with vSphere environments and has some hands-on experience.

But if you already have the VCP-DV prerequisetes, I highly recommend going for the VCP-DV but, and there’s always a but, if you have the VCP-Cloud prerequisites and the experience you should go for the VCP-Cloud exam.

It’s the famous “It depends” conundrum, which seems to be the answer for most IT questions regarding designs. And a matter of fact I think it’s a great book title for a vSphere design book: “It depends – VMware Designs for the masses”. :)

To sum it all up:

VCP-IaaS + VCP-DV [VCP exam + course prerequisite] = VCP-Cloud certified.

VCP-Cloud [VCP-IaaS + mini VCP-DV] + course prerequisite = VCP-Cloud certified.

Please feel free to comment!

 

VCP-IaaS exam experience

On Tuesday I sat the VCP-IaaS exam and passed.

As you may have seen I’ve been going through the sections of the VCP-IaaS blueprint, creating some notes on procedures and hopefully a helpful summary of the blueprint.

I must say that going through the sections and making the notes really helped, but what really helped is my own experience with the product. I recommend creating a vCloud environment, with vCloud cells, vShield Manager, vCenter, Chargeback and Connector. Just having access to an environment to play with will make this test really manageable.

As far the exam goes, without going into much detail (not that I can),  I found myself struggling with any questions regarding Chargeback, mainly because its easy to install and not a system a VMware admin will have anything to do with after creating a vCloud environment. I recommend using the study notes and go through section 3 with Chargeback Manager open and just click away.

Also vCloud networking is a subject you will have to have figured out as this subject is something that is very important in any vCloud environment. Thankfully many bloggers have posted really helpful posts on this subject.  The vCloud Ultimate Resource Guide is a great list of resources that will help you pass the exam.

Other recommended reads are the vCloud Admin and User Guide (Most of the sections use these two guides). I recommend going through them at least once in case my notes missed anything.

I hope the Study Notes will help anyone studying for this exam and I will update the posts (or just create a new one)  when the Blueprint is upgraded to version 5.1 of vCloud which was released at VMworld USA.

VCP-IaaS Study Notes: Section 8.1

This is Section 8.1 in the VCP-IaaS blueprint Guide 1.2. The rest of the (completed) sections can be found here.

Identify vCloud Director interface components used for monitoring

  • Manage and Monitor tab is used for logging Networks and vSphere Resources.
  • Also all logs and tasks for the vCloud infrastructure is in the Manage and Monitor tab.
  • To see logs for individual organization open My Cloud in the organization and select Logs.

Identify the location of logs in vCloud Director

  • vCloud Director provides logging information for each cloud cell in the system. You can view the logs to monitor your cells and to troubleshoot issues.
    • You can find the logs for a cell at /opt/vmware/cloud-director/logs.

  • View Tasks and Events as an System Administrator
    • Procedure
      • Log in to the vCloud Director system as a system administrator.
      • Click the Manage & Monitor tab and click Logs in the left pane.
      • Click the Tasks tab.
        • vCloud Director displays information about each system-level task.
      • Double-click a task for more information.
  • View Organization Events
    • You can view the log for an organization to monitor organization-level events. Failed events and view events are listed by user.
    • You are an organization administrator.
    • Procedure
      • Click the My Cloud.
      • In the left pane, click Logs.
      • Click the Events tab.
        • vCloud Director displays information about each organization-level event.
      • Double-click an event for more information.
      • Only system administrators can view the details about most events.

Monitor CPU, Disk and Memory usage for a Provider vDC

  • Provider vDCs supply compute, memory, and storage resources to organization vDCs. You can monitor provider vDC resources and add more resources if necessary.
  • Procedure
    • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
    • Click the Monitor tab.
    • vCloud Director displays information about CPU, memory, and storage for each provider vDC.

Monitor CPU, Disk and Memory usage for an Organization

  • Organization vDCs supply compute, memory, and storage resources to organizations. You can monitor organization vDC resources and add more resources if necessary.
  • Procedure
    • Click the Manage & Monitor tab and click Organization vDCs in the left pane.
    • Click the Monitor tab.
    • vCloud Director displays information about CPU, memory, and storage for each organization vDC.

Monitor External Network, Organization Networks, and Network Pools

  • External Networks
    • Procedure
      • Click the Manage & Monitor tab and click External Networks
      • There you can see the status, VLAN, Default Gateway, IP allocation, corresponing vSphere Network and to which vCenter it is mapped.
  • Organization Networks
    • Procedure
      • Click the Manage & Monitor tab and click Organization Networks
      • There you can see the status, Default Gateway, Type, Connected to which External Network, What network pool is being used and what Organization owns it.
  • Network Pools
    • Procedure
      • Click the Manage & Monitor tab and click External Network Pools.
      • There you can see status, Type of Network pool, % of IP’s used, to which vDS its connected to and to which vCenter.

Monitor IP allocation utilization

  • External Networks
    • Procedure
      • Click the Manage & Monitor tab and click External Networks
      • Right click the network and select IP-allocation.
  • Organization Networks
    • You can view a list of IP addresses that are currently in use in an organization network IP pool.
    • Procedure
      • Click the Manage & Monitor tab and click Organization Networks in the left pane.
      • Right-click the organization network name and select IP Allocations.
  • Display the IP Allocations for Your vApp Network
    • You can review the IP allocations for the networks in your vApp.
    • Procedure
      • Click My Cloud.
      • In the left pane, selectvApps.
      • Select a vApp, right-click, and select Open.
      • On the Networking tab, select the Show networking detailscheck box.
      • Select a network, right-click, and select IP Allocations.
      • Review your allocations and click OK.

Review and interpret tasks and events in a vCloud

  • See bullet: Identify the location of logs in vCloud Director
  • View the system log to monitor system-level tasks that are in progress, to find and troubleshoot failed tasks, and to view tasks by owner.
  • The log can also include debug information, depending on your vCloud Director settings.
    • You can display debug info in the vCloud Director task log in the settings.
      • Procedure:
        • Click Administration
        • Select General for System Settings.
        • Click Display debug information
        • NOTE: Only System Administrator can view the debug information.

Troubleshoot common resource/event issues in a vCloud

  • First enable debug information in the System Settings
  • Your best chance is to Google the task detail if the error isn’t descriptive enough. Not kidding.

VCP-IaaS Study Notes: Section 7.2

This is Section 7.2 in the VCP-IaaS blueprint Guide 1.2. The rest of the (completed) sections can be found here.

Identify frequently used Catalog properties

  • Share
  • Change Owner
    • You can change the owner of a catalog. Before you can delete a user who owns a catalog, you must change the owner or delete the catalog.
    • You are an organization administrator.
    • Procedure
      • Click Catalogs > My Organization’s Catalogs.
      • On the Catalogs tab, right-click a catalog and select Change Owner.
      • Select a user from the list or search for one.
        • You can search for a user by full name or their user name.
      • Click OK.
  • Name

Explain how guest customization works in a vCloud implementation

  • When you customize your guest OS you can set up a virtual machine with the operating system that you want.
  • vCloud Director can customize the network settings of the guest operating system of a virtual machine created from a vApp template. When you customize your guest operating system, you can create and deploy multiple unique virtual machines based on the same vApp template without machine name or network conflicts.
  • I recommend reading the chapter about Guest Operating System Customization, begins at page 105 in the vCloud Director User’s Guide.

Deploy a vApp from a Catalog

  • You can add a vApp template as a vApp from your catalog to My Cloud.
  • You are at least a vApp author.
  • If the vApp template is based on an OVF file that includes OVF properties for customizing its virtual machines, those properties are passed to the vApp. If any of those properties are user-configurable, you can specify the values.
  • Prerequisites
    • A vApp template is available in a published or a locally shared catalog.
  • Procedure
    • Click Catalogs.
    • In the left pane, click on a catalog option.
      • My Organization’s Catalogs
    • Public Catalogs
      • You can access vApp templates in your organization’s shared catalogs or, if you are an organization administrator, from a public catalog.
    • On the vApp Templates tab, select a vApp template, right-click, and select Add to My Cloud.
    • Type a name and optional description for the vApp.
    • Select a runtime and storage lease and click Next.
    • Select a virtual datacenter, configure the virtual machines in the vApp, and click Next.
    • Configure the custom properties, if any, and click Next.
    • Configure the networking options for the vApp and click Next.
    • Review the vApp summary information and click Finish.
  • vCloud Director creates a vApp on the My Cloud > vApps page.

Configure a Catalog to be shared by users in an Organization

  • Share a catalog to make its contents available to users in your organization. Users with the proper rights and access level can use vApp templates and media from the shared catalog to create their own vApps.
  • You are at least a catalog author.
  • Procedure
    • Click Catalogs > My Organization’s Catalogs.
    • Select a catalog, right-click, and select Share.
    • Click Add Members.
    • Select the users and groups with whom you want to share the catalog.

    • Select an access level and click OK

    • The actual actions a user can perform on a catalog and its contents depends on the intersection of the rights of the user and their access level to the catalog. Sharing a catalog with full control does not grant a user rights that the user does not already have.
    • Click OK.

Copy vApp templates and media to/from a Catalog

  • Copy a vApp Template from a Public Catalog to an Organization Catalog
    • You can copy a vApp template from a public catalog to your organization catalog to make it available to users in your organization.
    • You are a vApp author or organization administrator.
    • Prerequisites
      • You have a catalog and vDC.
    • Procedure
      • Click Catalogs.
      • In the left pane, click Public Catalogs.
      • On the vApp Templates tab, select a vApp template, right-click, and select Copy To Catalog.
      • Type a name and optional description for the vApp.
      • Select a destination catalog and vDC.
        • Select a shared catalog to give organization users access to the template.
      • Click OK.
    • vCloud Director copies the vApp template to the organization catalog. The vApp appears on the vApp Templates tab in My Organization’s Catalogs.
  • Copy a vApp Template Between an Organization’s Catalogs
    • You can copy a vApp template from one catalog in your organization to another catalog in the same organization. This is useful if the catalogs are shared with different users and you want both groups of users to have access to the vApp template.
    • You are an organization administrator, catalog author, or vApp author.
    • Prerequisites
      • You must have access to at least two catalogs and a vDC with available space.
    • Procedure
      • Click Catalogs > My Organization’s Catalogs.
      • On the vApp Templates tab, right-click a vApp template and select Copy to Catalog.
      • Type a name and optional description for the vApp template.
      • Select the destination catalog and vDC.
        • If you select a published catalog, the vApp template will be available to all organizations in the vCloud Director installation.
      • Click OK.
  • Download a vApp Template
    • You can download a vApp template from a catalog locally as an OVF file.
      • You are at least a catalog author.
    • Prerequisites
      • The computer from which you are downloading must have Java Plug-in 1.6.0_10 or later installed.
    • Procedure
      • Click Catalogs.
      • In the left pane, click on a catalog option.
        • My Organization’s Catalogs
        • Public Catalogs
        • You can download vApp templates from your organization’s catalogs or, if you are an organization administrator, from a public catalog.
      • On the vApp Templates tab, select a vApp template, right-click, and select Download.
        • Navigate to the local folder where you want to save the OVF file and click Save.
      • You can click the Launch Uploads and Downloads Progress Window button from My Organization’s Catalogs to track the progress.
  • Upload Media Files
    • You can upload media files to a catalog. Users with access to the catalog can use the media files to install applications on their virtual machines.
    • You are at least a catalog author.
    • Prerequisites
      • The computer from which you are uploading must have Java Plug-in 1.6.0_10 or later installed.
    • Procedure
      • Click Catalogs > My Organization’s Catalogs.
      • On the Media tab, click the Upload button.
      • Type the path to the media file path or click Browse, locate the file, and click Upload.
      • Type a name and optional description for the media file.
        • This is the name that appears in vCloud Director.
      • Select the destination vDC and catalog.
      • Click Upload.
        • The media file is uploaded to the specified location. You can click the Launch Uploads and Downloads Progress Window button to track the progress.
  • Copy Media Files to a Catalog
    • You can copy media files to another catalog.
    • You are at least a catalog author.
    • Prerequisites
      • You have access to multiple vDCs.
    • Procedure
      • Click Catalogs.
      • On the Media tab, select a media file, right-click, and select Copy To Catalog.
      • Type a name and description.
      • Select the destination catalog and vDC.
      • Click OK.
    • The media file is copied to and stored in the selected catalog.

Configure Catalog properties

  • You can review and modify your catalog properties.
  • You are at least a catalog author.
  • Procedure
    • Click Catalogs.
    • In the left pane, click My Organization’s Catalogs.
    • Select a catalog, right-click, and select Properties.
    • Review the properties in the General, Sharing, and Publishing tabs.
    • Modify the relevant properties and click OK.

Given requirements, apply the appropriate properties to a Catalog

  • You can publish, share and change its name.

VCP-IaaS Study Notes: Section 7.1

This is Section 7.1 in the VCP-IaaS blueprint Guide 1.2. The rest of the (completed) sections can be found here.

Describe the function of vApp templates, media, and catalogs

  • A catalog is a container for vApp templates and media files in an organization.
  • Organization administrators and catalog authors can create catalogs in an organization. Catalog contents can be shared with other users in the organization and can also be published to all organizations in the vCloud Director installation.
  • There are two types of catalogs in vCloud Director; organization catalogs and public catalogs. Organization catalogs include vApp templates and media files that you can share with other users in the organization. If a system administrator enables catalog publishing for your organization, you can publish an organization catalog to create a public catalog.
  • There are two ways to add vApp templates to a catalog. You can upload an OVF package directly to a catalog or save a vApp as a vApp template.
  • You can upload media files directly to a catalog.

Identify the location of vApp templates, media and catalogs

  • Depending on your role in the organization, you can access catalogs in your organization and public catalogs that were published by other organizations.
    • To access a public catalog, you must be an organization administrator .
    • To access a catalog in your organization, you must be at least a vApp author.
  • Procedure
    • Click Catalogs.
    • In the left pane, click on a catalog option.
      • My Organization’s Catalogs
      • Public Catalogs
        • In the right pane, select a catalog, right-click, and select Open.

Identify the format in which vApp templates, media, and catalogs can be stored

  • vApp Templates:
    • You can upload an OVF package as a vApp template to make the template available to other users. vClou Director supports OVF 1.0 and OVF 1.1.
    • vCloud Director supports OVFs based on the Open Virtualization Format (OVF) Specification. If you upload an OVF that includes deployment options, those options are preserved in the vApp template.
    • You can quarantine files that users upload to vCloud Director so that you can process the files before you accept them
  • Media:
    • You can upload an ISO or FLP file to make the media available to other users..

Differentiate between vApp templates, media and catalogs

  • A catalog consists of a list of catalogs, vApp templates, and media files in your organization.
  • When you click the Catalogs button in the menu bar, these tabs appear.
    • Catalogs
    • vApp Templates
    • Media
  • A vApp template is a virtual machine image that is loaded with an operating system, applications, and data.
  • You can upload media files to a catalog. Users with access to the catalog can use the media files to install applications on their virtual machines.

Create/Update a vApp template

  • Create:
    • You can upload an OVF package from remote shares and your local directory to vCloud Director as a vApp template.
    • You are at least a catalog creator.
    • vCloud Director supports OVFs based on the Open Virtualization Format (OVF) Specification. If you upload an OVF file that includes OVF properties for customizing its virtual machines, those properties are preserved in the vApp template.
    • Prerequisites
      • The computer from which you are uploading must have Java Plug-in 1.6.0_10 or later installed.
      • vCloud Director does not support uploading compressed OVF files.
    • Procedure
      • Click Catalogs > My Organization’s Catalogs.
      • On the vApp Templates tab, click the Upload button.
      • Type the name and path of the OVF file to upload, or click Browse, select the OVF file, and click Upload.
      • Type a name and optional description for the vApp template.
      • Select a destination vDC and catalog.
      • Click Upload.
    • You can click the Launch Uploads and Downloads Progress Window button to track the progress.
  • Update:
    • You can modify some basic properties of a vApp template. To make more advanced changes to a vApp template, add it to My Cloud, make the changes, then add it back to the catalog as a new vApp template.
    • You are an organization administrator.
    • Procedure
      • Click Catalogs > My Organization’s Catalogs.
      • On the vApp Templates tab, right-click a vApp template and select Properties.
      • On the General tab, modify the vApp template name and description.
      • Select a vApp creation option.
        • This option applies when creating a vApp based on this template. It is ignored when building a vApp using individual virtual machines from this template.

        • Choose whether or not to mark the vApp template as a Gold Master in the catalog.
        • If you mark a vApp template as a Gold Master, this information appears in the list of vApp templates.
      • To reset the vApp template storage lease, select the Reset lease check box and select a new storage lease.
      • Click OK.

Create/Delete a Catalog

  • Create:
    • You can create catalogs to group your vApp templates and media files.
    • You are at least a catalog author.
    • Procedure
      • Click Catalogs > My Organization’s Catalogs.
      • On the Catalogs tab, click the Add Catalog button.
      • Type a catalog name and optional description and click Next.
      • (Optional) To share the catalog with members of the organization, click Add Members, select users and groups, select an access level, click OK, and click Next.
      • Select a catalog publishing option and click Next..

      • Review the summary and click Finish.
  • Delete:
    • You can delete a catalog from your organization.
    • You are at least a catalog author.
    • Prerequisites
      • The catalog must not contain any vApp templates or media files. You can move these items to a different catalog or delete them.
    • Procedure
      • Click Catalogs.
      • In the left pane, click My Organization’s Catalogs.
      • Select a catalog, right-click, and select Delete.
      • Click Yes.

Publish a catalog to different Organizations

  • You can publish a catalog to make its vApp templates and media files available to all organizations in the installation.
  • Prerequisites
    • Verify that the organization that contains the catalog allows catalog publishing.
  • Procedure
    • Click the Manage & Monitor tab and click Organizations in the left pane.
    • Right-click the organization name and select Open.
    • Click Catalogs and select My Organization’s Catalogs in the left pane.
    • On the Catalogs tab, right-click the catalog name and select Publish.
    • On the Publishing tab, select Publish to all organizations and click OK.
  • The catalog and all of its contents appear under Public Catalogs for all organizations in the vCloud Director installation.

VCP-IaaS Study Notes: Section 6.1

This is Section 6.1 in the VCP-IaaS blueprint Guide 1.2. The rest of the (completed) sections can be found here.

Identify where in the hierarchy a provider VDC resides

  • It right after the vSphere resources (vCenter,ESXi, Datastores and Networks)

Identify where an Provider VDC gets its resources

  • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
  • Click on the Provider vDC.
  • See the list of Organization vDC, Hosts, Datastores, External Networks and Resource pools.

Differentiate Provider and Organization VDCs

  • A provider virtual datacenter (vDC) combines the compute and memory resources of a single vCenter Server resource pool with the storage resources of one or more datastores connected to that resource pool.
  • A provider vDC is the source for organization vDCs.

Explain the concept of a Provider VDC

  • A provider virtual datacenter (vDC) combines the compute and memory resources of a single vCenter Server resource pool with the storage resources of one or more datastores connected to that resource pool.

Explain when and how to Enable/Disable a Provider VDC

  • You can disable a provider vDC to prevent the creation of organization vDCs that use the provider vDC resources.
  • When you disable a provider vDC, vCloud Director also disables the organization vDCs that use its resources. Running vApps and powered on virtual machines continue to run, but you cannot create or start additional vApps or virtual machines.
  • Procedure
    • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
    • Right-click the provider vDC name and select Enable or Disable.

Create/Delete a Provider VDC

  • Create:
    • You can create a provider vDC to register vSphere compute, memory, and storage resources for vCloud Director to use. You can create multiple provider vDCs for users in different geographic locations or business units, or for users with different performance requirements.
    • A provider vDC can only include a single resource pool from a single vCenter Server.
    • If you plan to add a resource pool that is part of a cluster that uses vSphere HA, make sure you are familiar with how vSphere HA calculates slot size. For more information about slot sizes and customizing vSphere HA behavior, see the VMware vSphere Availability Guide.
    • Prerequisites
      • Verify that at least one vCenter Server is attached with an available resource pool to vCloud Director. The resource pool must be in a vCenter cluster that is configured to use automated DRS. The vCenter Server must have the vShield for VMware vCloud Director license key.
    • Procedure
      • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
      • Click New Provider vDC.
      • Type a name and optional description.
        • You can use the name and description fields to indicate the vSphere functions available to the provider vDC, for example, vSphere HA.
      • Select the latest supported hardware version and click Next.
        • This selection determines the latest supported hardware version for virtual machines in organization vDCs based on this provider vDC. Hardware Version 8 requires ESX/ESXi 5.0 hosts. If this provider vDC will use a resource pool that contains ESX/Esxi 5.0 and ESX/ESXi 4.x hosts, select Hardware Version 7.
      • Select a vCenter Server and resource pool and click Next.
        • If the vCenter Server has no available resource pools, no resource pools appear in the list.
      • Select one or more datastores, click Add, and click Next.
        • vCloud Director does not support the use of read-only datastores with provider vDCs. In most cases, readonly datastores do not appear in the list, but some read-only NFS datastores might appear. Do not add these datastores to your provider vDC. Use only shared storage because vSphere DRS cannot migrate virtual machines on local storage.
      • Type the root user name and password for the ESX/ESXi hosts and click Next.
      • Click Finish to create the provider vDC.
  • Delete:
    • You can delete a provider vDC to remove its compute, memory, and storage resources from vCloud Director.
    • The resources remain unaffected in vSphere.
    • Prerequisites
      • Disable the provider vDC.
      • Disable and delete all organization vDCs and organization networks that use the provider vDC.
      • Procedure
        • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
        • Right-click the provider vDC name and select Delete.
        • Click Yes.

Select Resource Pools and Datastores for a Provider VDC

  • Add Storage Capacity to a Provider vDC
    • You can add storage capacity to a provider vDC by adding one or more datastores.
    • Procedure
      • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
      • Right-click the provider vDC name and select Open.
        • Click the Datastores tab.
      • Click Add/Remove.
      • Select a datastore from the list, click Add, and click OK.
        • vCloud Director does not support the use of read-only datastores with provider vDCs. In most cases, readonly datastores do not appear in the list, but some read-only NFS datastores might appear. Do not add these datastores to your provider vDC.
        • Use only shared storage because vSphere DRS cannot migrate virtual machines on local storage.
  • Add a Resource Pool to a Provider vDC
    • You can add additional resource pools to a provider vDC so that pay-as-you-go organization vDCs that the provider vDC provides can expand.
    • When compute resources are backed by multiple resource pools, they can expand as needed to accommodate more virtual machines.
    • Prerequisites
      • Verify that There is one or more available resource pool exists in the same vCenter datacenter as the provider vDC’s primary resource pool.
    • Procedure
      • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
      • Right-click the provider vDC name and select Open.
      • Click the Resource Pools tab.
      • Click Add Resource Pool.
      • Select the resource pool to add and click Finish.
    • vCloud Director adds a resource pool for the provider vDC to use, making all pay-as-you-go organization vDCs backed by the provider vDC elastic.

Explain when and how to Enable/Disable a Provider VDC Host

  • You can disable a host to prevent vApps from starting up on the host. Virtual machines that are already running on the host are not affected.
  • To perform maintenance on a host, migrate all vApps off of the host or stop all vApps and then disable the host.
  • Procedure
    • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
    • Right-click the provider vDC name and select Open.
    • Click the Hosts tab.
    • Right-click the host name and select Enable Host or Disable Host.
    • vCloud Director enables or disables the host for all provider vDCs that use its resources.

Prepare/Unprepare a Provider VDC Host

  • When you add an ESX/ESXi host to a vSphere cluster that vCloud Director uses, you must prepare the host before a provider vDC can use its resources. You can unprepare a host to remove it from the vCloud Director environment.
  • You cannot prepare a host that is in lockdown mode. After you prepare a host, you can enable lockdown mode.
  • Prerequisites
    • Before you can unprepare a host, you must disable it and ensure that no virtual machines are running on the host.
  • Procedure
    • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
    • Right-click the provider vDC name and select Open.
    • Click the Hosts tab.
    • Right-click the host name and select Prepare Host or Unprepare Host.
    • vCloud Director prepares or unprepares the host for all provider vDCs that use its resources.

Upgrade/Repair a Provider VDC Host agent

  • Upgrade:
    • vCloud Director installs agent software on each ESX/ESXi host in the installation. If you upgrade your ESX/ESXi hosts, you also need to upgrade your ESX/ESXi host agents.
    • Procedure
      • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
      • Right-click the provider vDC name and select Open.
      • Click the Hosts tab.
      • Right-click the host name and select Upgrade Host.
      • vCloud Director upgrades the host agent. This upgrade affects all provider vDCs that use the host.
  • Repair
    • If the vCloud Director agent on an ESX/ESXi host cannot be contacted, try to repair the host.
    • Procedure
      • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
      • Right-click the provider vDC name and select Open.
      • Click the Hosts tab.
      • Right-click the host name and select Repair Host.
      • vCloud Director repairs the host. This operation affects all provider vDCs that use the host.

Explain when and how to Enable/Disable a Provider Datastore

  • You can enable or disable a datastore that has been added to a provider vDC. You must disable a datastore before you can remove it from vCloud Director.
  • When you disable a datastore, you cannot start vApps that are associated with the datastore or create vApps on the datastore.
  • Procedure
    • Click the Manage & Monitor tab and click Datastores in the left pane.
    • Right-click the datastore name and select Enable or Disable.
      • vCloud Director enables or disables the datastore for all provider vDCs that use its resources.+

Configure Low Disk Space Warnings

  • You can configure low disk space warnings on a datastore to receive an email from vCloud Director when the datastore reaches a specific threshold of available capacity. These warnings alert you to a low disk situation before it becomes a problem.
  • Procedure
    • Click the Manage & Monitor tab and click Provider vDCs in the left pane.
    • Right-click the provider vDC name and select Open.
    • Click the Datastores tab.
    • Right-click the datastore name and select Properties.
    • Select the disk space thresholds for the datastore.
      • You can set two thresholds, yellow and red. When vCloud Director sends an email alert, the message indicates which threshold was crossed.
    • Click OK.

VCP-IaaS Study Notes: Section 5.2

This is Section 5.2 in the VCP-IaaS blueprint Guide 1.2. The rest of the (completed) sections can be found here.

List operations that can be performed on an Organization

  • See Section 5.1 for modify Organization.

List the vCloud constructs that make up an Organization

  • Organizations provide resources to a group of users and set policies that determine how users can consume those resources. Create an organization for each group of users that requires its own resources, policies, or both.
  • Policies
    • Runtime and storage leases for controlling computing and storage resources
  • Resources
    • vDC with allocation models and Provider specified tier.

Given a tier of server determine the appropriate Organization vDC

  • If your vCloud will have diffirent tiers, eg. Gold, Silver, and Bornze.
    • Gold will have the fastest hardware, SSD disks + SAS disks, or/and other services like Backup.
    • Silver has SAS disks.
    • Bronze has SATA disks.
  • Most of the time the storage layer will change between vDC tiers.
  • Plan the placement of the workload according to its recommendations for performance.

Edit leases/quotas/limits applied to an Organization

  • Leases, quotas, and limits constrain the ability of organization users to consume storage and processing resources. You can modify these settings to prevent users from depleting or monopolizing an organization’s resources.
  • Procedure
    • Click the Manage & Monitor tab and click Organizations in the left pane.
    • Right-click the organization name and select Properties.
    • Click the Policies tab.
    • Select the lease options for vApps and vApp templates.
      • Leases provide a level of control over an organization’s storage and compute resources by specifying the maximum amount of time that vApps can be running and that vApps and vApp templates can be stored. You can also specify what happens to vApps and vApp templates when their storage lease expires.
    • Select the quotas for running and stored virtual machines.
      • Quotas determine how many virtual machines each user in the organization can store and power on in the organization’s virtual datacenters. The quota you specify acts as a default for all new users added to the organization.
    • Select the limits for resource intensive operations.
      • Certain vCloud Director operations, for example copy and move, are more resource intensive than others. Limits prevent resource intensive operations from affecting all the users in an organization and also provide a defense against denial-of-service attacks.
    • Select the number of simultaneous connections for each virtual machine and click OK.

Revise Catalog(s) attached to an Organization

  • Share A Catalog
    • Share a catalog to make its contents available to users in your organization. Users with the proper rights and access level can use vApp templates and media from the shared catalog to create their own vApps.
    • You are at least a catalog author.
    • Procedure
      • Click Catalogs > My Organization’s Catalogs.
      • Select a catalog, right-click, and select Share.
      • Click Add Members.
      • Select the users and groups with whom you want to share the catalog.

      • Select an access level and click OK.

      • The actual actions a user can perform on a catalog and its contents depends on the intersection of the rights of the user and their access level to the catalog. Sharing a catalog with full control does not grant a user rights that the user do not already have.
      • Click OK.
  • Modify the Properties of Your Catalog
    • You can review and modify your catalog properties.
    • You are at least a catalog author.
    • Procedure
      • Click Catalogs.
      • In the left pane, click My Organization’s Catalogs
      • Select a catalog, right-click, and select Properties.
      • Review the properties in the General, Sharing, and Publishing tabs.
      • Modify the relevant properties and click OK.

Add/Remove users and groups

  • Add Users
    • Add a Local User
      • Adding local users allows organization administrators to provide access to users who do not exist on an LDAP server. You can also add local users if you do not plan to use an LDAP server.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Users.
        • Click the New User button.
        • Type the user name and password.
        • Select a role.
          • To create a custom role, contact your system administrator.
        • (Optional) Type the contact information.
        • Select the stored and running virtual machine quota limits for this user.
        • Click OK.
          • The new user appears on the Users page.
    • Import an LDAP User
      • Organization administrators can import users from an LDAP server.
      • Contact a system administrator to configure LDAP settings for your organization.
      • Prerequisites
        • The LDAP settings for the organization must be set up and working.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Users.
        • Click the Import Users from LDAP button.
        • Type the full or partial user name and click Search.
        • Select a user and click Add.
        • Select a role for the imported user.
        • Click OK.
  • Remove Users
    • Delete a User
      • If a user leaves the company or moves to another organization, an organization administrator can delete a user from the organization.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Users .
        • Select a user, right-click, and select Disable Account.
        • Reselect this user, right-click, and select Delete.
        • Click OK .
    • Disable or Enable User Accounts
      • An organization administrator can disable a user account to log the user out of the Web console and prevent the user from logging in again. You can enable a user to allow them to log in.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Users.
        • Select a user, right-click, and select Disable Account or Enable Account.
  • Add Groups
    • Import a Group
      • An organization administrator can import LDAP groups into an organization.
      • Contact a system administrator to configure LDAP settings for your organization.
      • Prerequisites
        • The LDAP settings for the organization must be set up and working.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Groups.
        • Click the Import Groups from LDAP button.
        • Type the full or partial group name and click Search.
        • Select a group and click Add.
        • Select a role for the group.
          • All the users in the group will be assigned this role.
        • Click OK.
  • Remove Groups
    • Delete a Group
      • An organization administrator can delete a group to remove it from the organization.
      • Deleting a group from an organization affects users who are members of the organization based solely on their membership in the deleted group. These users will not be able to log in to the organization. When you delete a group from an organization the group still exists in LDAP.
      • Procedure
        • Click Administration.
        • In the left pane, select Members > Groups.
        • Select a group, right-click, and select Delete.
        • Click Yes.

Configure/Edit Organization settings

  • After receive the URL of your organization from the system administrator you can set it up on the vCloud Director Home page by clicking Set up this organization
    • Change the Organization Full Name
    • Import LDAP Users and Groups
    • Add local Users to the Organization
    • Configure email pereferences
    • Configure Organization Lease, Quota and Limit Settings
    • All these procedures can be found in Section 5.1.
  • Modify Email Settings
    • You can review and modify the default email settings that were set when the system administrator created your organization.
    • You are an organization administrator.
    • Procedure
      • Click Administration.
      • In the left pane, select Settings > Email.
      • Select an SMTP server option.

      • Select a notification settings option.

      • (Optional) Type a destination email address and click Test Email Settings to verify that all SMTP server settings are configured as expected.
      • Click Apply.
  • Modify Your Organization’s Policies
    • You can review and modify the default policies that were set by the system administrator when your organization was created
      • Click Administration.
      • In the left pane, select Settings > Policies.
      • Select the lease options for vApps and vApp templates.
      • Select the quotas for running and stored virtual machines.
      • Select the limits for resource intensive operations.
      • Select the number of simultaneous VMware Remote Console connections for each virtual machine.
      • (Optional) Select the Account lockout enabled check box, select the number of invalid logins to accept      before locking a user account, and select the lockout interval.
      • Click Apply.
  • Set Default Domain for Organization Virtual Machines
    • You can set a default domain which virtual machines created in your organization can join. Virtual machines can always join a domain for which they have credentials, regardless of whether or not you specify a default domain.
    • Procedure
      • Click Administration.
      • In the left pane, select Settings > Guest Personalization.
      • Select the Enable domain join for virtual machines in this organization.
      • Type the domain name, domain user name, domain password.
        • These credentials apply to a regular domain user, not a domain administrator.
      • Click Apply.

Allocate resources to an Organization

  • You allocate resources to an organization by creating an organization vDC that is partitioned from a provider vDC. A single organization can have multiple organization vDCs.
  • Open the Allocate Resources Wizard
    • Open the Allocate Resources wizard to start the process of creating an organization vDC for an organization.
    • Procedure
      • Click the Manage & Monitor tab and click Organizations in the left pane.
      • Right-click the organization name and select Allocate Resources from the menu.
      • The Allocate Resources wizard starts.
  • Select a Provider vDC
    • An organization vDC obtains its compute and storage resources from a provider vDC. The organization vDC provides these resources to vApps and virtual machines in the organization.
    • Procedure
      • Select a provider vDC.
        • The provider vDC list displays information about available resources and the networks list displays information about networks available to the selected provider vDC.
      • Click Next.
  • Select an Allocation Model
    • The allocation model determines how and when the provider vDC compute and memory resources that you allocate are committed to the organization vDC.
    • Procedure
      • Select an allocation model.

      • Click Next.
  • Configure the Allocation Model
    • Configure the allocation model to specify the amount of provider vDC resources to allocate to the organization vDC.
    • Procedure
      • Not all of the models include all of the options.

      • Click Next.
  • Allocate Storage
    • An organization vDC requires storage space for vApps and vApp templates. You can allocate storage from the space available on provider vDC datastores.
    • Thin provisioning can help avoid over-allocating storage and save storage space. For a virtual machine with a thin virtual disk, ESX/ESXi provisions the entire space required for the disk’s current and future activities.
    • ESX/ESXi commits only as much storage space as the disk needs for its initial operations.
    • Fast provisioning saves time by using vSphere linked clones for certain operations.
      • IMPORTANT Fast provisioning requires vCenter Server 5.0 and ESXi 5.0 hosts. If the provider vDC on which the organization vDC is based contains any ESX/ESXi 4.x hosts, you must disable fast provisioning. If the provider vDC on which the organization vDC is based contains any VMFS datastores connected to more than 8 hosts, powering on virtual machines may fail. Make sure that datastores are connected to a maximum of 8 hosts. NOTE changed in vCloud 5.1. Max is now 32 hosts.
    • Procedure
      • Enter the amount of storage  to allocate.
      • (Optional) Select the Enable  thin provisioning check box to enable thin provisioning for virtual machines in the organization vDC.
      • (Optional) Deselect the  Enable fast provisioning check box to disable fast provisioning for virtual machines in the organization vDC.
      • Click Next.
  • Select Network Pool
    • A network pool is a group of undifferentiated networks that is used to create vApp networks and NAT-routed or internal organization networks.
    • Procedure
      • Select a network pool or select None.
      • If you select None, you can  add a network pool later.
      • Enter the maximum number of networks that the organization can provision from the network pool.
      • Click Next.
  • Name the Organization vDC
    • You can provide a descriptive name and an optional description to indicate the vSphere functions available for your new organization vDC.
    • Procedure
      • Type a name and optional      description.
      • Click Next.
  • Confirm Settings and Create the Organization vDC
    • Before you create the organization vDC, review the settings you entered.
    • Procedure
      • Review the settings for the organization vDC.
      • (Optional) Click Back to modify the settings.
      • Click Finish to accept the settings and create the organization vDC.
  • When you create an organization vDC, vCloud Director creates a resource pool in vSphere to provide CPU and memory resources.

Explain the purpose and use case for storage options

  • Thin-provisioning
    • Thin provisioning can help avoid over-allocating storage and save storage space. For a virtual machine with a thin virtual disk, ESX/ESXi provisions the entire space required for the disk’s current and future activities.
    • ESX/ESXi commits only as much storage space as the disk needs for its initial operations.
    • Use cases are, to name a few,  development environments, storage-static workloads, Use of VAAI UNMAP thin-provisioning feature at maintenance windows etc.
  • Fast-provisioning
    • Fast provisioning saves time by using linked clones for virtual machine provisioning operations.
    • A linked clone is a duplicate of a virtual machine that uses the same base disk as the original, with a chain of delta disks to track the differences between the original and the clone. If fast provisioning is disabled, all provisioning operations result in full clones.
    • A linked clone cannot exist on a different vCenter datacenter or datastore than the original virtual machine.
    • vCloud Director creates shadow virtual machines to support linked clone creation across vCenter datacenters and datastores for virtual machines associated with a vApp template. A shadow virtual machine is an exact copy of the original virtual machine. The shadow virtual machine is created on the datacenter and datastore where the linked clone is created.
    • Fast provisioning is enabled by default on organization vDCs. Fast provisioning requires vCenter 5.0 and ESXi 5.0 hosts. If the provider vDC on which the organization vDC is based contains ESX/ESXi 4.x hosts, you must disable fast provisioning.
    • Use cases include fast-provisioning dev environments etc.

Configure storage provision options

  • View Shadow Virtual Machines Associated With a Virtual Machine
    • Shadow virtual machines support linked clones of virtual machines that are associated with vApp templates across vCenter datacenters and datastores.
    • A shadow virtual machine is an exact copy of the original virtual machine that vCloud Director creates on the datacenter and datastore where a linked clone is created.
    • Procedure
      • Click the Manage & Monitor tab and click Organizations in the left pane.
      • Right-click the organization name and select Open.
      • Click the My Cloud tab and click VMs in the left pane.
      • Right-click the virtual machine and select Properties.
      • Click the Shadow VMs tab.
        • This tab appears only for virtual machines that have associated shadow virtual machines.
      • vCloud Director shows a list of shadow virtual machines associated with the virtual machine. This list includes the name in vCenter of each shadow virtual machine, the datastore that each shadow virtual machine exists on, and the vCenter server that the shadow virtual machine belongs to.
  • Configure options
    • See Allocate Storage bullet in the Allocate resources to an Organization bullet.

VCP-IaaS Study Notes: Section 6.2

This is Section 6.2 in the VCP-IaaS blueprint Guide 1.2. The rest of the (completed) sections can be found here.

List Allocation Models

Explain the concept of an Organization VDC

    • Create an organization vDC to allocate resources to an organization. An organization vDC is partitioned from a provider vDC. A single organization can have multiple organization vDCs.
    • An organization vDC obtains its compute and storage resources from a provider vDC. The organization vDC provides these resources to vApps and virtual machines in the organization.

Create/Modify/Delete an Organization VDC

  • Create
    • You allocate resources to an organization by creating an organization vDC that is partitioned from a provider vDC. A single organization can have multiple organization vDCs.
    • Open the Allocate Resources Wizard
      • Open the Allocate Resources wizard to start the process of creating an organization vDC for an organization.
      • Procedure
        • Click the Manage & Monitor tab and click Organizations in the left pane.
        • Right-click the organization name and select Allocate Resources from the menu.
        • The Allocate Resources wizard starts.
        • Select a Provider vDC
        • An organization vDC obtains its compute and storage resources from a provider vDC. The organization vDC provides these resources to vApps and virtual machines in the organization.
        • Procedure
          • Select a provider vDC.
            • The provider vDC list displays information about available resources and the networks list displays information about networks available to the selected provider vDC.
          • Click Next.
    • Select an Allocation Model
      • The allocation model determines how and when the provider vDC compute and memory resources that you allocate are committed to the organization vDC.
      • Procedure
        • Select an allocation model.
        • Click Next.
    • Configure the Allocation Model
      • Configure the allocation model to specify the amount of provider vDC resources to allocate to the organization vDC.
      • Procedure
        • Select the allocation model options.
          • Not all of the models include all of the options

        • Click Next.
    • Allocate Storage
      • An organization vDC requires storage space for vApps and vApp templates. You can allocate storage from the space available on provider vDC datastores.
      • Thin provisioning can help avoid over-allocating storage and save storage space. For a virtual machine with a thin virtual disk, ESX/ESXi provisions the entire space required for the disk’s current and future activities.
      • ESX/ESXi commits only as much storage space as the disk needs for its initial operations.
      • Fast provisioning saves time by using vSphere linked clones for certain operations.
      • IMPORTANT Fast provisioning requires vCenter Server 5.0 and ESXi 5.0 hosts. If the provider vDC on which the organization vDC is based contains any ESX/ESXi 4.x hosts, you must disable fast provisioning. If the provider vDC on which the organization vDC is based contains any VMFS datastores connected to more than 8 hosts, powering on virtual machines may fail. Make sure that datastores are connected to a maximum of 8 hosts. NOTE changed in vCloud 5.1. Max is now 32 hosts.
      • Procedure
        • Enter the amount of storage to allocate.
        • (Optional) Select the Enable thin provisioning check box to enable thin provisioning for virtual machines in the organization vDC.
        • (Optional) Deselect the Enable fast provisioning check box to disable fast provisioning for virtual machines in the organization vDC.
        • Click Next.
    • Select Network Pool
      • A network pool is a group of undifferentiated networks that is used to create vApp networks and NAT-routed or internal organization networks.
      • Procedure
        • Select a network pool or select None.
          • If you select None, you can add a network pool later.
        • Enter the maximum number of networks that the organization can provision from the network pool.
        • Click Next.
    • Name the Organization vDC
      • You can provide a descriptive name and an optional description to indicate the vSphere functions available for your new organization vDC.
      • Procedure
        • Type a name and optional description.
        • Click Next.
    • Confirm Settings and Create the Organization vDC
      • Before you create the organization vDC, review the settings you entered.
      • Procedure
        • Review the settings for the organization vDC.
        • (Optional) Click Back to modify the settings.
        • Click Finish to accept the settings and create the organization vDC.
    • When you create an organization vDC, vCloud Director creates a resource pool in vSphere to provide CPU and memory resources.
  • Modify
    • Modify an Organization vDC Name and Description
      • As your vCloud Director installation grows, you might want to assign a more meaningful name or description to an existing organization vDC.
      • Procedure
        • Click the Manage & Monitor tab and click Organization vDCs in the left pane
        • Right-click the organization vDC name and select Properties
        • On the General tab, type a new name and description and click OK.
        • You can use the name and description fields to indicate the vSphere functions available to the organization vDC, for example, vSphere HA.
    • Edit Organization vDC Allocation Model Settings
      • You cannot change the allocation model for an organization vDC, but you can change some of the settings of the allocation model that you specified when you created the organization vDC.
      • Procedure
        • Click the Manage & Monitor tab and click Organization vDCs in the left pane
        • Right-click the organization vDC name and select Properties
        • On the Allocation tab, enter the new allocation model settings and click OK
          • These settings only affect vApps that you start from this point on. vApps that are already running are not affected. The usage information that vCloud Director reports for this organization vDC will not reflect the new settings until all running vApps are stopped and started again.
    • Edit Organization vDC Storage Settings
      • After you create and use an organization vDC, you might decide to provide it with more storage resources from its source provider vDC. You can also enable or disable thin provisioning and fast provisioning for the organization vDC.
      • Procedure
        • Click the Manage & Monitor tab and click Organization vDCs in the left pane
        • Right-click the organization vDC name and select Properties
        • On the Storage tab, enter the new storage settings and click OK
          • IMPORTANT Fast provisioning requires vCenter Server 5.0 and ESXi 5.0 hosts. If the provider vDC on which the organization vDC is based contains and ESX/ESXi 4.x hosts, you must disable fast provisioning.
    • Edit Organization vDC Network Settings
      • You can change the maximum number of provisioned networks in an organization vDC and the network pool from which the networks are provisioned.
      • Procedure
        • Click the Manage & Monitor tab and click Organization vDCs in the left pane
        • Right-click the organization vDC name and select Properties
        • On the Network Pool tab, enter the new network settings and click OK.
  • Delete
    • You can delete an organization vDC to remove its compute, memory, and storage resources from the organization. The resources remain unaffected in the source provider vDC.
    • Prerequisites
      • Disable the organization vDC and move or delete all of its vApps, vApp templates, and media.
    • Procedure
      • Click the Manage & Monitor tab and click Organization vDCs in the left pane.
      • Right-click the organization vDC name and select Delete.
      • Click Yes.

Enable/Disable an Organization VDC

  • You can disable an organization vDC to prevent the use of its compute and storage resources by other vApps and virtual machines. Running vApps and powered on virtual machines continue to run, but you cannot create or start additional vApps or virtual machines.
  • Procedure
    • Click the Manage & Monitor tab and click Organization vDCs in the left pane.
    • Right-click the organization vDC name and select Enable or Disable.

Select Organization VDC components

  • Im just guessing what the blueprint is trying to tell me here, select components… Could mean a lot of things.
  • Allocation Model
    • Selected when creating a new Org vDC. Cannot modify after creation.
  • Network Pool
    • Selected when creating a new Org vDC. Can modify after creation.
  • Provider vDC
    • Selected when creating a new Org vDC. Cannot modify after creation.

Select/Edit Organization VDC resources

  • Allocation
    • See Modify Org vCD in the bullet: Create/Modify/Delete an Organization VDC
  • Storage
    • See Modify Org vCD in the bullet: Create/Modify/Delete an Organization VDC
  • Network Pool
    • See Modify Org vCD in the bullet: Create/Modify/Delete an Organization VDC

Configure Allocation Model settings

  • See Modify Allocation Settings in bullet: Create/Modify/Delete an Organization VDC
  • Example
    • Allocation Pool

    • Pay-as-you-Go

      • Resource pools created to support Pay-As-You-Go organization vDCs will always have no reservations or limits. Pay-As-You-Go settings only affect overcommitment. A 100% guarantee means no overcommitment is possible. The lower the percentage, the more overcommitment is possible.
    • Reservation Pool

Determine the appropriate network pool for a given Organization vDC network

  • VLAN Backed Pool
  • Port group Backed Pool
  • Cloud Isolated Pool
  • Please refer to Secton 4.2, bullet: Determine appropriate backing for a given Network Pool

VCP-IaaS Study Notes: Section 5.1

This is Section 5.1 in the VCP-IaaS blueprint Guide 1.2. The rest of the (completed) sections can be found here.

Identify the URL name of a newly created Organization

Create/Modify/Delete vCloud Organizations

  • Create
    • Open the New Organization Wizard
      • Open the New Organization wizard to start the process of creating an organization.
      • Procedure
        • Click the Manage & Monitor tab and then click Organizations in the left pane.
        • Click the New Organization button.
        • The New Organization wizard starts.
      • Name the Organization
        • Provide a descriptive name and an optional description for your new organization.
        • Procedure
          • Type an organization name.
            • This name provides a unique identifier that appears as part of the URL that members of the organization use to log in to the organization.
          • Type a display name for the organization.
            • This name appears in the browser header when an organization member uses the unique URL to log in to vCloud Director. An administrator or organization administrator can change this name later.
          • (Optional) Type a description of the organization.
          • Click Next.
      • Specify the Organization LDAP Options
        • You can use an LDAP service to provide a directory of users and groups for the organization. If you do not specify an LDAP service, you must create a user account for each user in the organization. LDAP options can only be set by a system administrator and cannot be modified by an organization administrator.
        • Procedure
          • Select the source for organization users.

          • Provide any additional information that your selection requires.

      • Add Local Users to the Organization
        • Every organization should have at least one local, non-LDAP, organization administrator account, so that users can log in even if the LDAP service is unavailable.
        • Procedure
          • Click Add.
          • Type a user name and password.
          • Assign a role to the user.
          • (Optional) Type the contact information for the user.
          • Select Unlimited or type a user quota for stored and running virtual machines and click OK.
            • These quotas limit the user’s ability to consume storage and compute resources in the organization.
          • Click Next.
      • Set the Organization Catalog Publishing Policy
        • A catalog provides organization users with a library of vApp templates and media that they can use to create vApps and install applications on virtual machines.
        • Generally, catalogs should only be available to users in a single organization, but a system administrator can allow the organization administrator to publish their catalogs to all organizations in the vCloud Director installation.
        • Procedure
          • Select a catalog publishing option.
            • Cannot publish catalogs – Org administrator cannot publish catalogs to users outside of the organization.
            • Allow publishing catalogs to all organizations – Can publish catalogs to all users in all organizations.
      • Configure Email Preferences
        • vCloud Director requires an SMTP server to send user notification and system alert emails. An organization can use the system email settings or use its own email settings.
        • Procedure
          • Select an SMTP server option.
            • Use system default SMTP server -  The organization uses the system SMTP server.
            • Set organization SMTP server The organization uses its own SMTP server. Type the DNS host name or IP address and port number of the SMTP server.
          • Select a notification settings option.
            • Use system default notification settings – The organization uses the system notification settings.
            • Set organization notification settings – The organization uses its own notification settings. Type an email address that appears as the sender for organization emails, type text to use as the subject prefix for organization emails, and select the recipients for organization emails.
      • Configure Organization Lease, Quota, and Limit Settings
        • Leases, quotas, and limits constrain the ability of organization users to consume storage and processing resources. Use these settings to prevent users from depleting or monopolizing an organization’s resources.
        • Procedure
          • Select the lease options for vApps and vApp templates.
            • Leases provide a level of control over an organization’s storage and compute resources by specifying the maximum amount of time that vApps can run and that vApps and vApp templates can be stored. You can also specify what happens to vApps and vApp templates when their storage lease expires.
          • Select the quotas for running and stored virtual machines.
            • Quotas determine how many virtual machines each user in the organization can store and power on in the organization’s virtual datacenters. The quotas that you specify act as the default for all new users added to the organization.
          • Select the limits for resource intensive operations.
            • Certain vCloud Director operations, for example copy and move, are more resource intensive than others. Limits prevent resource intensive operations from affecting all the users in an organization and also provide a defense against denial-of-service attacks.
          • Select the number of simultaneous VMware Remote Console connections for each virtual machine.
            • You might want to limit the number of simultaneous connections for performance or security reasons.
          • NOTE This setting does not affect Virtual Network Computing (VNC) or Remote Desktop Protocol (RDP)connections.
          • (Optional) Select the Account lockout enabled check box, select the number of invalid logins to accept before locking a user account, and select the lockout interval.
          • Click Next.
      • Confirm Settings and Create the Organization
        • Before you create the organization, review the settings you entered.
        • Procedure
          • Review the settings for the organization.
          • (Optional) Click Back to modify the settings.
          • Click Finish to accept the settings and create the organization.
    • Modify
      • NOTE: In almost every case you can change the same thing as when creating a new organization so I will just post where you need to click to modify the setting.
      • Name
        • You must disable the organization before you can rename it.
        • Procedure
          • Click the Manage & Monitor tab and click Organizations in the left pane.
          • Right-click the organization name and select Properties
          • On the General tab, type a new organization name and click OK
        • The internal organization URL changes to reflect the new name
      • Full Name and Description
        •  Click the Manage & Monitor tab and click Organizations in the left pane.
        • Right-click the organization name and select Properties
        • On the General tab, type a new full name or description and click OK.
      • LDAP Options
        • Click the Manage & Monitor tab and click Organizations in the left pane.
        • Right-click the organization name and select Properties
        • Click the LDAP options tab.
        • System administrators and organization administrators who are currently logged in cannot import users and groups using the modified LDAP options until the cache for their current session expires or they log out and log in again.
      • Catalog Publishing Policy
        • Click the Manage & Monitor tab and click Organizations in the left pane.
        • Right- click the organization name and select Properties
        • Click the Catalog Publishing tab.
        • For users who are currently logged in to the organization, changes to the catalog publishing
          policy do not take effect until the cache for their current session expires or
          they log out and log in again.
      • Email Preferences
        • Click the Manage & Monitor tab and click Organizations in the left pane.
        •  Right-click the organization name and select Properties
        • Click the Email Preferences tab.
        • You can Test the email setting with Test Email Settings button.
      • Lease, Quota and Limit Settings
        • Click the Manage & Monitor tab and click Organizations in the left pane.
        • Right-click the organization name and select Properties
        • Click the Policies tab.
    • Delete
      • Prerequisites
        • Before you can delete an organization, you must disable it and delete or change ownership of
          all objects that the organization users own.
      • Procedure
        • Click the Manage & Monitor tab and click Organizations in the left pane
        • Right-click the organization name and select Delete
        • Click Yes.

Configure VM lease times

  • The goal of a runtime lease is to prevent inactive vApps from consuming compute resources. For example, if a user starts a vApp and goes on vacation without stopping it, the vApp continues to consume resources.
  • A runtime lease begins when a user starts a vApp. When a runtime lease expires, vCloud Director stops the vApp.
  • How to configure see button 2:  Configure Organization Lease, Quota, and Limit Settings

Configure Storage lease times

  • The goal of a storage lease is to prevent unused vApps and vApp templates from consuming storage resources.
  • A vApp storage lease begins when a user stops the vApp. Storage leases do not affect running vApps. A vApp template storage lease begins when a user adds the vApp template to a vApp, adds the vApp template to a workspace, downloads, copies, or moves the vApp template.
  • When a storage lease expires, vCloud Director marks the vApp or vApp template as expired, or deletes the vApp or vApp template, depending on the organization policy you set.
  • How to configure see button 2:  Configure Organization Lease, Quota, and Limit Settings

Configure SMTP server information

  • vCloud Director requires an SMTP server to send user notification and system alert emails. You can modify the settings you specified when you created the organization.
  • Procedure
    • Click the Manage & Monitor tab and click Organizations in the left pane.
    • Right-click the organization name and select Properties.
    • Click the Email Preferences tab.
    • Select an SMTP server option.

    • Select a notification settings option.

    • (Optional) Type a destination email address and click Test Email Settings to verify that all SMTP serve settings are configured as expected.
  • Click OK.

Configure notification settings

  • vCloud Director sends system alert emails when it has important information to report. For example, vCloud Director sends an alert when a datastore is running out of space. You can configure vCloud Director to send email alerts to all system administrators or to a specified list of email addresses.
  • Organizations can use the system notification settings, or use custom notification settings.
  • Prerequisites
    • A valid connection to an SMTP server.
  • Procedure
    • Click the Administration tab and click Email in the left pane.
    • Select the recipients of system alert emails and click Apply.

Apply policies to a vCloud Organization

  • Password policy – Account lockout policy: When creating a Org.
  • Catalog publishing policy: Creating and modifying a Org.
  • Storage lease policy: Creating and modifying a Org.
  • These policies are mentioned in the notes above.

VCP-IaaS Study Notes: Section 4.4

This is Section 4.4 in the VCP-IaaS blueprint Guide 1.2. The rest of the (completed) sections can be found here.

Identify available vShield Edge network services

  • DHCP
  • Firewall
  • NAT
  • VPN

Configure DHCP/NAT/VPN services

  • DHCP
    • You can configure certain organization networks to provide DHCP services to virtual machines in the organization.
    • When you enable DHCP for an organization network, connect a NIC on virtual machine in the organization to that network, and select DHCP as the IP mode for that NIC, vCloud Director assigns a DHCP IP address to the virtual machine when you power it on.
    • Both system administrators and organization administrators can configure DHCP.
      • Click the Manage & Monitor tab and click Organization Networks in the left pane.
      • Right-click the organization network name and select Configure Services.
      • Click the DHCP tab and select Enable DHCP.
      • Type a range of IP addresses or use the default range.
        • vCloud Director uses these addresses to satisfy DHCP requests. The range of DHCP IP addresses cannot overlap with the static IP pool for the organization network.
        • Set the default lease time and maximum lease time or use the default values.
        • Click OK.
  • NAT: First add IP then NAT mapping(Port Forwarding or IP translation)
    • Add External IP Addresses to an Organization Network
      • Before you can configure NAT mapping for an organization network, you must add one or more external IP addresses.
      • Only a system administrator can add external IP addresses to an organization network.
      • Prerequisites
        • An external NAT-routed organization network.
        • Procedure
          • Click the Manage & Monitor tab and click Organization Networks in the left pane.
          • Right-click the organization network name and select Configure Services.
          • Click the NAT – External IPs tab.
          • Type an IP address and click Add.
            • The IP address must be routable on the external network and unique across internal networks.
          • Click OK.
      • Configure Port Forwarding for an Organization Network
        • You can configure certain organization networks to provide port forwarding. Port forwarding provides external access to services running on virtual machines on the organization network.
        • When you configure port forwarding, vCloud Director maps an external IP address and a port to a service running on a port on a virtual machine for inbound traffic.
        • When you add a new port forwarding rule to an organization network, it appears at the bottom of the NAT mapping rule list.
          • Click the Manage & Monitor tab and click Organization Networks in the left pane.
          • Right-click the organization network name and select Configure Services.
          • Click the NAT Mapping tab and click Add.
          • Select Port Forwarding and configure the port forwarding rule.
            • Select an external IP address.
            • Select an external port.
            • Type the IP address of the destination virtual machine.
            • If the virtual machine is fenced, type its external IP address.
            • If the virtual machine is not fenced, type its internal IP address.
            • Select an internal port.
            • Select a protocol for the type of traffic to forward.
            • Click OK.
          • Click OK.
      • Configure IP Translation for an Organization Network
        • You can configure certain organization networks to provide IP tanslation.
        • When you add a new IP translation rule to an organization network, it appears at the bottom of the NAT mapping rule list.
        • Procedure
          • Click the Manage & Monitor tab and click Organization Networks in the left pane.
          • Right-click the organization network name and select Configure Services.
          • Click the NAT Mapping tab and click Add.
          • Select IP Translation and configure the rule.
            • Select an external IP address.
            • Type the IP address of the destination virtual machine.
              • If the virtual machine is fenced, type its external IP address.
              • If the virtual machine is not fenced, type its IP address.
              • Click OK.
          • Click OK.
      • Enable IP Masquerading for an Organization Network
        • You can configure certain organization networks to provide IP masquerade services. You can use IP masquerading on an organization network to hide the internal IP addresses of virtual machines from the external network.
        • When you enable IP masquerade, vCloud Director translates a virtual machine’s private, internal IP address to a public IP address for outbound traffic.
        • Both system administrators and organization administrators can enable IP masquerade.
        • Prerequisites
          • Verify that you have an external NAT-routed organization network.
        • Procedure
          • Click the Manage & Monitor tab and click Organization Networks in the left pane.
          • Right-click the organization network name and select Configure Services.
          • Click the NAT Mapping tab and select Enable IP Masquerade.
          • Click OK.
  • VPN:
    • Enable Site-to-Site VPN for an Organization Network
      • You can enable site-to-site VPN for an organization network and then create a secure tunnel to another network.
      • vCloud Director supports site-to-site VPN between organization networks in the same organization, organization networks in different organizations (including organization networks in different instances of vCloud Director), and remote networks.
      • Both system administrators and organization administrators can enable site-to-site VPN.
      • Prerequisites
        • An external NAT-routed organization network.
        • vShield Manager 5.0.
        • Procedure
          • Click the Manage & Monitor tab and click Organization Networks in the left pane.
          • Right-click the organization network name and select Configure Services.
          • Click the Site-to-Site VPN tab and select Enable site-to-site VPN.
          • (Optional) Type a public IP address.
            • If the external network to which the organization network is routed is behind a NAT device, you must provide a publicly accessible IP address that faces the Internet.
          • Click OK.
      • Create a VPN Tunnel Within an Organization
        • You can create a VPN tunnel between two organizations networks in the same organization.
        • Both system administrators and organization administrators can create VPN tunnels.
        • If there is a firewall between the tunnel endpoints, you must configure it to allow the following IP protocols and UDP ports:
          • IP Protocol ID 50 (ESP)
          • IP Protocol ID 51 (AH)
          • UDP Port 500 (IKE)
          • UDP Port 4500
        • Prerequisites
          • At least two external NAT-routed organization networks with non-overlapping IP subnets and site-to-site VPN enabled on both networks.
          • vShield Manager 5.0.
        • Procedure
          • Click the Manage & Monitor tab and click Organization Networks in the left pane.
          • Right-click the organization network name and select Configure Services.
          • Click the Site-to-Site VPN tab and click Add.
          • Type a name and optional description.
          • Select a network in this organization from the drop-down menu and select a peer network.
          • Review the tunnel settings and click OK.
      • Create a VPN Tunnel Between Organizations
        • You can create a VPN tunnel between two organizations networks in different organizations. The organizations can be part of the same vCloud Director installation or a different installation.
        • Both system administrators and organization administrators can create VPN tunnels.
        • If there is a firewall between the tunnel endpoints, you must configure it to allow the following IP protocols and UDP ports:
          • IP Protocol ID 50 (ESP)
          • IP Protocol ID 51 (AH)
          • UDP Port 500 (IKE)
          • UDP Port 4500
        • Prerequisites
          • An external NAT-routed organization network in each of the organizations. The organization networks must have non-overlapping IP subnets and site-to-site VPN enabled.
          • vShield Manager 5.0.
        • Procedure
          • Click the Manage & Monitor tab and click Organization Networks in the left pane.
          • Right-click the organization network name and select Configure Services.
          • Click the Site-to-Site VPN tab and click Add.
          • Type a name and optional description.
          • Select a network in another organization from the drop-down menu.
          • Click Connect to another organization, type the login information for the peer organization, and click Continue

          • Select a peer network.
          • Review the tunnel settings and click Connect.
      • Create a VPN Tunnel to a Remote Network
        • You can create a VPN tunnel between an organization network and a remote network.
        • Both system administrators and organization administrators can create VPN tunnels.
        • If there is a firewall between the tunnel endpoints, you must configure it to allow the following IP protocols and UDP ports:
          • IP Protocol ID 50 (ESP)
          • IP Protocol ID 51 (AH)
          • UDP Port 500 (IKE)
          • UDP Port 4500
        • Prerequisites
          • An external NAT-routed organization network and a routed remote network that uses IPSec.
          • vShield Manager 5.0.
        • Procedure
          • Click the Manage & Monitor tab and click Organization Networks in the left pane.
          • Right-click the organization network name and select Configure Services.
          • Click the Site-to-Site VPN tab and click Add.
          • Type a name and optional description.
          • Select a remote network from the drop-down menu.
          • Type the peer settings.
          • Review the tunnel settings and click OK.

Add a SNAT/DNAT rule

  • When you create an IP translation rule for a network, vCloud Director adds a DNAT and SNAT rule to the vShield Edge associated with the network’s port group. The DNAT rule translates an external IP address to an internal IP address for inbound traffic. The SNAT rule translates an internal IP address to an external IP address for outbound traffic. If the network is also using IP masquerade, the SNAT rule takes precedence.
  • The vShield Admin Guide states how to config SNAT and DNAT rules (page 40&41) in the vSphere client but this happens automatically when configuring IP translation in the vCloud GUI.

Add a DHCP IP pool

  • When configuring the DHCP pool to be used the range of DHCP IP addresses cannot overlap with the static IP pool for the network.
    • Click the Manage & Monitor tab and click Organization Networks in the left pane.
    • Right-click the organization network name and select Configure Services.
    • Type a range of IP addresses or use the default range.
    • Set the default lease time and maximum lease time or use the default values.
    • Click OK.
  • The vShield Admin Guide states how to config a new IP pool (page 41&42) in the vSphere client but this happens automatically when configuring the DHCP range in the vCloud GUI.

Add DHCP static binding

  • You can enable static binding to bind an IP address to the MAC address of a virtual machine.
  • Procedure
    • In the vSphere Client, go to Inventory > Networking.
    • Select an internal port group that is protected by a vShield Edge.
    • Click the vShield Edge tab.
    • Click the DHCP link.
    • Under DHCP Bindings, click Add Binding.
    • Select the VM Name that you want to bind.
    • Select the Interface for which you want to create the binding.
    • Type the IP Address to which you want to bind the MAC address of the selected virtual machine.
    • Type the Domain Name.
    • Type the Primary Nameserver and Secondary Nameserver, which refer to the DNS service. You must enter the IP address of a DNS server for hostname-to-IP address resolution.
    • Type the Default Gateway address.
    • For Lease Time, select whether you want to lease the address to the client for the default time (1 day) or specify a value in seconds.
    • Click OK.

Configure the VPN service

  • For some reason it seems as the Blueprint wants you to know how to configure VPN services on a vShield Edge device in the vSphere client as well even though this is supposed to be done in the vCloud GUI.
    • You must configure an external IP address on the vShield Edge to provide VPN service.
    • Procedure
      • In the vSphere Client, go to Inventory > Networking.
      • Select an internal port group that is protected by a vShield Edge.
      • Click the vShield Edge tab.
      • Click the VPN link.
      • Under Global Configuration, click Enable VPN.
        • The Add VPN Configuration dialog box opens.
        • Type the IP address of the vShield Edge instance in Local Service IP Address.
        • Type the pre-shared key in PSK for Sites with any Peer IP if anonymous sites are to connect to the VPN service.
        • Type a name for the VPN connection in VPN Gateway ID.
        • Select Log to log VPN activity.
        • Click OK.

Configure Syslog

  • Apply Syslog Server Settings to an Organization Network
    • You can apply syslog server settings to a routed organization network to enable firewall rule logging.
    • Apply syslog server settings to any organization network that was created before the initial creation of those settings. Apply the syslog server settings to an organization network any time the settings are changed.
    • If you are unsure whether an organization network’s syslog settings are up-to-date, you can view the organization network’s syslog settings.
    • Prerequisites
      • Verify that you have an external NAT-routed organization network.
      • Procedure
        • Click the Manage & Monitor tab and click Organization Networks in the left pane.
        • Select an organization network, right-click, and select Synchronize syslog server settings.
        • Click Yes.
  • View Syslog Server Settings for an Organization Network
    • You can view the syslog server settings for a routed organization network.
    • vCloud Director supports logging events related to firewall rules to a syslog server that a system administrator specifies.
    • If an organization network lacks syslog server settings and you think that it should have them, or if the settings are not what you expected, synchronize the network with the most current syslog server settings.
    • Prerequisites
      • Verify that you have an external NAT-routed organization network.
      • Verify that you are an organization administrator.
      • Procedure
        • Click the Manage & Monitor tab and click Organization Networks in the left pane.
        • Select an organization network, right-click, and select Properties.
        • Click the Syslog Server Settings tab.
  • You can Select Log network traffic for firewall rule check box when configuring a firewall rule.

Use logs to troubleshoot common network service issues

  • The system event message logged in the syslog has the following structure.

syslog header (timestamp + hostname + sysmgr/)

Timestamp (from the service)

Name/value pairs

Name and value separated by delimiter ‘::’ (double colons)

Each name/value pair separated by delimiter ‘;;’ (double semi-colons)

  • The fields and types of the system event contain the following information.

Event ID :: 32 bit unsigned integer

Timestamp :: 32 bit unsigned integer

Application Name :: string

Application Submodule :: string

Application Profile :: string

Event Code :: integer (possible values: 10007 10016 10043 20019)

Severity :: string (possible values: INFORMATION LOW MEDIUM HIGH CRITICAL)

Message ::

Follow

Get every new post delivered to your Inbox.

Join 258 other followers