Cloud Director Configure the Organization
The following steps document the minimum configuration needed when creating and configuring an Organization(tenant) for use with DKP. Refer to VMware’s VCD documentation for additional tenant Organization configuration information.
The two main sections of the VMware Cloud Director documentation are for system administration and the tenant configuration and access:
Service Provider Admin Portal - https://docs.vmware.com/en/VMware-Cloud-Director/10.3/VMware-Cloud-Director-Service-Provider-Admin-Portal-Guide/GUID-F8F4B534-49B2-43B2-AEEE-7BAEE8CE1844.html
Organization (tenant) Portal - https://docs.vmware.com/en/VMware-Cloud-Director/10.3/VMware-Cloud-Director-Tenant-Portal-Guide/GUID-120992A9-4FCB-4900-B19C-9AACFCB3F40B.html
Prerequisites to Create and Configure a Organization
Add a vCenter Server to VCD - Log in to the Cloud Director portal, select the Resources tab across the top menu - Infrastructure Resources - vCenter Server Instances and select <ADD> to begin the process of connecting your vCenter server by following the on screen instructions.
Create Organization (Tenant) - You create a new organization from the VMware Cloud Director Admin Portal.
Configuring the Organization
Create the Organization’s VDCs
Configure Edge Gateway
Create the Tenant Network
Configure Policies
After a tenant Organization is created, use the menus in the System Administrator portal to configure the following settings:
Under the Data Center tab - Virtual Data Center: this is the location in which to define CPU size, memory and storage.
Under the Data Center tab - Networking - Edges: select Configuration-External Networks and supply the publicly accessible IP address range under Subnet column.
Under the Libraries tab - Content Libraries in left menu: specify the vApp Templates to import the VM Templates from vCenter that you want to make available to the tenant. EX: KIB templates from vCenter
NOTE: The Service Provider(SP) can create a shared Catalog where items are placed to be automatically imported.Under the Networking tab - Networks: the tenant Organization Administrator will configure a network. Select the name of the network to be taken to its General properties such as Gateway CIDR address where all VMs will receive an IP address from the private IP space.
NOTE: The LoadBalancer (LB) will use the routable external network and is automatically created using the CAPVCD controller.Under the Resources tab - Edge Gateway - Services - NAT - External IP: the Specify the IP address that will be used to allow VMs to access external networks. You should either create a SNAT rule or provide Egresses to the VM’s.
Edge Gateway Firewall - Allow port access from outside the cluster for TCP 6443 to the control plane endpoint load balancers and TCP 443 to Kubernetes load balancers (e.g. to reach the DKP dashboard). Other ports must be allowed access among the machines in the cluster.
For more DKP Ports, refer to that section under Architecture DKP Ports .
The tenant is required to get one public IP to create an Edge Gateway. The Service Provider(SP) will allocate the pool of IPs from which the tenant pulls. After you have associated an external network though a gateway, the tenant can ask for IPs. Otherwise, if you have chosen an IP address, you can specify it.
Production Policies
After the tenant Organization is in production, various policies will need to be defined for storage and resources. The Configure Organization Policy Section of VMware documentation will provide more detail.