Pivotal Cloud Foundry v1.9

Installing Pivotal Cloud Foundry on vSphere

Page last updated:

This guide describes how to install Pivotal Cloud Foundry (PCF) on vSphere.

If you experience a problem while following the steps below, refer to the Known Issues topics or to the Pivotal Cloud Foundry Troubleshooting Guide.

Note: If you are performing an upgrade to PCF 1.8, see Upgrading Pivotal Cloud Foundry for critical upgrade information.


General Requirements

The following are general requirements for deploying and managing a PCF deployment with Ops Manager and Elastic Runtime:

  • (Recommended) Ability to create a wildcard DNS record to point to your router or load balancer. Alternatively, you can use a service such as For example,

    Elastic Runtime gives each application its own hostname in your app domain. With a wildcard DNS record, every hostname in your domain resolves to the IP address of your router or load balancer, and you do not need to configure an A record for each app hostname. For example, if you create a DNS record * pointing to your router, every application deployed to the domain resolves to the IP address of your router.

  • (Recommended) A network without DHCP available for deploying the Elastic Runtime VMs

    Note: If you have DHCP, refer to the Troubleshooting Guide to avoid issues with your installation.

  • Sufficient IP allocation:

    • One IP address for each VM instance
    • An additional IP address for each instance that requires static IPs
    • An additional IP address for each errand
    • An additional IP address for each compilation worker: IPs needed = VM instances + static IPs + errands + compilation workers

      Note: BOSH requires that you allocate a sufficient number of additional dynamic IP addresses when configuring a reserved IP range during installation. BOSH uses these IPs during installation to compile and deploy VMs, install Elastic Runtime, and connect to services. We recommend that you allocate at least 36 dynamic IP addresses when deploying Ops Manager and Elastic Runtime.

  • The most recent version of the Cloud Foundry Command Line Interface (cf CLI)

  • One or more NTP servers if not already provided by your IaaS

vSphere Requirements

Note: If you are using the Cisco Nexus 1000v Switch, refer to the Using the Cisco Nexus 1000v Switch with Ops Manager topic for more information.

Note: When installing Ops Manager on a vSphere environment with multiple ESXi hosts, you must use network-attached or shared storage devices. Local storage devices do not support sharing across multiple ESXi hosts.

The following are the minimum resource requirements for maintaining a Pivotal Cloud Foundry (PCF) deployment with Ops Manager and Elastic Runtime on vSphere:

  • vSphere 6.5, 6.0, 5.5, or 5.1
  • Disk space: 2TB recommended
  • Memory: 120GB
  • Two public IP addresses: One for Elastic Runtime and one for Ops Manager
  • vCPU cores: 80
  • Overall CPU: 28 GHz
  • vSphere editions: standard and above
  • Ops Manager must have HTTPS access to vCenter and ESX hosts on TCP port 443.
  • A configured vSphere cluster:
    • If you enable vSphere DRS (Distributed Resource Scheduler) for the cluster, you must set the Automation level to Partially automated or Fully automated. If you set the Automation level to Manual, the BOSH automated installation will fail with a power_on_vm error when BOSH attempts to create virtual machines (VMs).
    • Turn hardware virtualization off if your vSphere hosts do not support VT-X/EPT. If you are unsure whether the VM hosts support VT-x/EPT, then you can turn this setting off. If you leave this setting on and the VM hosts do not support VT-x/EPT, then each VM requires manual intervention in vCenter to continue powering on without the Intel virtualized VT-x/EPT. Refer to the vCenter help topic at Configuring Virtual Machines > Setting Virtual Processors and Memory > Set Advanced Processor Options for more information.
  • Ops Manager requires read/write permissions to the datacenter level of the vSphere Inventory Hierarchy to successfully install. Pivotal recommends using the default VMware Administrator System Role to achieve the appropriate permission level, or a custom role that has all privileges for all objects in the datacenter, including propagating privileges to children. For a complete list of required vSphere privileges, see the BOSH documentation.

Note: For information about how IaaS user roles are configured, refer to the Pivotal Cloud Foundry IaaS User Role Guidelines topic.

Note: If you are deploying PCF behind a firewall, see the Preparing Your Firewall for Deploying Pivotal Cloud Foundry topic.

Step 1: Install Ops Manager

Complete the following procedures to install Ops Manager on vSphere:

  1. Deploying Operations Manager to vSphere
  2. Configuring Ops Manager Director for VMware vSphere

Step 2: Install Elastic Runtime

To install Elastic Runtime on vSphere, perform the procedures in the Configuring Elastic Runtime for vSphere topic.

(Optional) Step 3: Install the IPsec Add-on

The PCF IPsec add-on secures network traffic within a PCF deployment and provides internal system protection if a malicious actor breaches your firewall. See the Securing Data in Transit with the IPsec Add-on topic for installation instructions.

Note: You must install the PCF IPsec add-on before installing any other tiles to enable the IPsec functionality. Pivotal recommends installing IPsec immediately after Ops Manager, and before installing the Elastic Runtime tile.

Step 4: Create New User Accounts

Once you have successfully deployed PCF, add users to your account. Refer to the Creating New Elastic Runtime User Accounts topic for more information.

Step 5: Target Your Deployment

Use the cf Command Line Interface (CLI) to target your deployment. Make sure that you have installed the cf CLI tool. Refer to the PCF documentation for more information about using the cf command line tool.

Note: In Ops Manager, refer to Elastic Runtime > Credentials for the UAA admin name and password. You can also use the user that you created in Apps Manager, or create another user with the create-user command.

Additional Configuration

See the following topics for additional configuration information:

Create a pull request or raise an issue on the source for this page in GitHub