VMware Cloud Community
sylekta
Contributor
Contributor
‎07-29-2013 06:50 PM

VSE Config on vApp in VCD

Hi all

First time administrator of vCD here and have a small issue. Basically we have a bunch of vApps that are used as dev environments, several servers with full AD etc

They are cloned and deployed multiple times and internally they have the same IP/hostname so they have an edge on their vApp network and then to a directly connected external network using NAT/ip-masq

I have also some custom firewall rules and have configured the SSL VPN-Plus service on each edge via the vShield Manager and that's how my dev's access their environments.

Now the problem is if they wish to clone their vApp into the catalog I have to shut the vApp down and this gets rid of the edge, when I power back on it doesnt keep the VPN/firewall config.

I am looking at a network redesign where I have multiple ORG VDC networks, 1 for each vApp and that way the edge would stay on if I power off the vApp but until I can implement that is there anyway I can backup my edge config and restore it after it comes back?

0 Kudos
1 Reply
IamTHEvilONE
Immortal
Immortal
‎07-30-2013 06:16 AM

For anything to persist in vCloud Director, you must configure it in vCloud Director.  Otherwise, when you clone a vApp ... the settings for the VPN/Firewall will not transfer from the source configuration to the destination.  All of these sorts of settings are stored in the vCloud Director database and pushed down to the vSE when the vApp is powered on (vSE is created). 

This is a known side affect of not doing things in the vCloud GUI.

In vCloud Director 1.0, there wasn't even a VPN option in the vCloud GUI.  Some customers then chose to configure VPN for users.  These VPN settings would not persist over a Network Reset or vApp Power Off/On cycle.

Even if you did do it as Org vDC networks, there is nothing stopping people from hopping onto a different network and causing conflicts ... even if it was human error and not by choice.

Optimally, you want to do everything in the vCloud Director GUI ... otherwise, you would need some sort of automation to handle this ... but that requires coding on top of what you are doing already.