Adding a vCloud Director and vShield instance

There are three virtual elements that can be managed by VCM: vCenter, vShield, and vCloud. In the previous recipe, we added vCenter. In this one, we will continue with vShield and vCloud Director (vCD).

VMware vShield is a suite of virtual security appliances built for VMware vCenter Server integration. A vShield security group is a logical trust zone that you create and assign resources to for vShield protection.

By adding vCloud to VCM, you can use the vCloud Director properties to create machine groups and so on.

Getting ready

We will need the IP address of the vShield Manager and vCloud Director instances and a user account with administrative privileges.

Before adding vShield, you must collect data for your vCenter instance, as described in the next recipe.

How to do it...

We will split this recipe into two sections, as follows.

• Adding a vShield instance
• Adding a vCloud Director instance

Adding a vShield instance

This is a bit different than adding vCenter. After adding a vCenter instance and collecting data from it, VCM identifies the vShield VM and it makes it available on the VCM console for configuration, so we don't need to perform any additional steps as we did for vCenter; we just need to configure it, which we will do as follows:

1. Go to Administration | Machines Manager | Licensed Machines | Licensed Virtual Environments.
2. Select the vShield device identified by VCM, and click on Configure Settings.
   
3. Make sure the vShield instance is selected in the wizard launched.
4. Provide information as follows:
   • Managing Agent: Your Collector server
   • Port: 443
   • User ID: A user with administrative access to vShield
   • Password: The password for the user; enter it twice to confirm it
   • Ignore untrusted SSL Certificate: Yes
   • Provide the name of the vCenter Server instance this vShield instance is responsible for
   

   Note

   Note: The user must have a vShield Manager administrative role or an unrestricted read-only role.

5. Click on Finish to close the wizard.

Once again, you should see a green circle in front of the vShield instance you just configured.

If there isn't one, make sure you have provided the correct username and password.

Adding a vCloud Director instance

Log in to VCM server and follow these steps:

1. Go to Administration | Machines Manager | Licensed Machines | Licensed Virtual Environments.
2. Click on Add Machines.
3. Select Basic from the first page of the wizard.
4. Enter your hostname in Machine Name, select Domain from the dropdown that the machine belongs to, select DNS as Type and vCloud Director as Machine Type.
5. Click on Add, and then click on Next.
6. Click on Finish to end the wizard.

   Note

   With these steps, we added the vCloud instance to VCM, but we still need to configure it so that we can collect the details.

7. Now, select the vCloud Director instance we just added and click on Configure Settings.
8. In this wizard, select the vCloud Director machine.
9. Provide information as follows:
   • Managing Agent: Your Collector server
   • Port: 443
   • User ID: A user with administrative access to vCloud Director
   • Local user in the format user@System
   • Password: The password for the user; enter it again to confirm it
   • Ignore untrusted SSL Certificate: Yes
   
10. Click on Finish to close the wizard.
11. There should be a green circle in front of the vCloud Director instance's name on the VCM console.

How it works...

We make information available in the vShield instance, that is, security groups and its members exposed to VCM. The details are stored in the VCM database as well and can be used when required.

After adding and performing a collection, we have the following information from the vCloud Director database in the VCM console:

• vCloud Director Organizations
• vCloud Director virtual machines and vApps
• vCloud Director organization catalogs
• vCloud Director Virtual datacenters (vDCs) and networks
• vCloud Director Organizations Users
• vCloud Director Organizations Groups
• vCloud Director Organizations Settings

This information can be used to create machine groups based on vCloud organizations in order to manage them accordingly.