Pivotal Cloud Foundry v1.7

Configuring Ops Manager Director for vCloud Air and vCloud

Page last updated:

Note: Pivotal Cloud Foundry (PCF) for vCloud Air and vCloud Director is deprecated and availability is restricted to existing customers. Contact Support for more information.

This topic describes how to configure the Ops Manager Director for VMWare vCloud Air and vCloud.

Before you begin this procedure, ensure that you have successfully completed all steps in the Deploying Operations Manager to vCloud Air and vCloud topic. After you complete this procedure, follow the instructions in the Configuring Elastic Runtime for vSphere, vCloud, and vCloud Air topic.

Step 1: Set Up Ops Manager

  1. Navigate to the fully qualified domain of your Ops Manager in a web browser.

  2. The first time you start Ops Manager, you must choose one of the following:

Select authentication

Use an Identity Provider

  1. Log in to your IdP console and download the IdP metadata XML. Optionally, if your IdP supports metadata URL, you can copy the metadata URL instead of the XML.

  2. Copy the IdP metadata XML or URL to the Ops Manager Use an Identity Provider log in page. Meta om

    Note: The same IdP metadata URL or XML is applied for the BOSH Director. If you are using a separate IdP for BOSH, copy the metadata XML or URL from that IdP and enter it into the BOSH IdP Metadata text box in the Ops Manager log in page.

  3. Enter your Decryption passphrase. Read the End User License Agreement, and select the checkbox to accept the terms.

  4. Your Ops Manager log in page appears. Enter your username and password. Click Login.

  5. Download your SAML Service Provider metadata (SAML Relying Party metadata) by navigating to the following urls:

    • 5a. Ops Manager SAML service provider metadata: https://OPS-MAN-FQDN:443/uaa/saml/metadata
    • 5b. BOSH Director SAML service provider metadata: https://BOSH-IP-ADDRESS:8443/saml/metadata.

    Note: To retrieve your BOSH-IP-ADDRESS, navigate to the Ops Manager Director tile > Status tab. Record the Ops Manager Director IP address.

  6. Configure your IdP with your SAML Service Provider metadata. Import the Ops Manager SAML provider metadata from Step 5a above to your IdP. If your IdP does not support importing, provide the values below:

    • Single sign on URL: https://OPS-MAN-FQDN:443/uaa/saml/SSO/alias/OPS-MAN-FQDN
    • Audience URI (SP Entity ID): https://OP-MAN-FQDN:443/uaa
    • Name ID is Email Address
    • SAML authentication requests are always signed
  7. Import the BOSH Director SAML provider metadata from Step 5b to your IdP. If the IdP does not support an import, provide the values below.

    • Single sign on URL: https://BOSH-IP:8443/saml/SSO/alias/BOSH-IP
    • Audience URI (SP Entity ID): https://BOSH-IP:8443
    • Name ID is Email Address
    • SAML authentication requests are always signed
  8. Return to the Ops Manager Director tile, and continue with the configuration steps below.

Internal Authentication

  1. When redirected to the Internal Authentication page, you must complete the following steps:

    • Enter a Username, Password, and Password confirmation to create an Admin user.
    • Enter a Decryption passphrase and the Decryption passphrase confirmation. This passphrase encrypts the Ops Manager datastore, and is not recoverable.
    • If you are using an Http proxy or Https proxy, follow the PCF Director Proxy Settings instructions.
    • Read the End User License Agreement, and select the checkbox to accept the terms.

    Om login

Step 2: vCloud Config Page

  1. Log in to Ops Manager with the Admin username and password you created in the previous step.

    Cf login

  2. Click the Ops Manager Director tile.

    Vcair tile

  3. Select vCloud Config.

    Vcloud configuration

  4. Enter the following information.

    • vCloud API URL: The URL of the vCloud Director.
    • Organization name: The name of your organization.

      Note: vCloud Air and vCloud Director use case-sensitive organization names. The name that you supply in the Ops Manager Organization name field must match the vCD organization name exactly.

    • Username: The username for a user who has create and delete privileges for virtual machines (VMs) and folders.
    • Password: The password for the user provided in the previous step.
    • Virtual Datacenter name. The name of the virtual datacenter as it appears in vCloud Director. The name is an alphanumeric string with a VDC prefix. For example, VDC-M903513742-9043.
    • Storage Profile name: The name of the storage profile as it appears in vCloud Director.
  5. Click Save.

Step 3: Director Config Page

  1. Select Director Config. Vcloud director config

  2. In the NTP Servers (comma delimited) field, enter your NTP server addresses.

  3. If you have installed and configured the JMX Bridge product, enter your Metrics IP Address.

  4. Select the Enable VM Resurrector Plugin to enable Ops Manager Resurrector functionality and increase Elastic Runtime availability. For more information, see the Using Ops Manager Resurrector on VMware vSphere topic.

  5. Select Recreate all VMs to force BOSH to recreate all VMs on the next deploy. This process does not destroy any persistent disk data.

  6. Select HM Pager Duty Plugin to enable Health Monitor integration with PagerDuty.

    • Service Key: Enter your API service key from PagerDuty.
    • HTTP Proxy: Enter an HTTP proxy for use with PagerDuty.
  7. Select HM Email Plugin to enable Health Monitor integration with email.

    • Host: Enter your email hostname.
    • Port: Enter your email port number.
    • Domain: Enter your domain.
    • From: Enter the address for the sender.
    • Recipients: Enter comma-separated addresses of intended recipients.
    • Username: Enter the username for your email server.
    • Password: Enter the password for your email server.
    • Enable TLS: Select this checkbox to enable Transport Layer Security.
  8. For Blobstore Location, Pivotal recommends that you select Internal. However, if you select S3 Compatible Blobstore, complete the S3 Endpoint, Bucket Name, Access Key, Secret Key, V2 Signature/V4 Signature, and Region with information from your blobstore provider.

  9. By default, Pivotal Cloud Foundry (PCF) deploys and manages an Internal database for you. If you choose to use an External MySQL Database, complete the associated fields with information obtained from your external MySQL Database provider: Host, Port, Username, Password, and Database.

  10. Max Threads sets the maximum number of threads that the Ops Manager Director can run simultaneously. For vCloud, the default value is 4. Leave the field blank to use this default value. Pivotal recommends that you use the default value unless doing so results in rate limiting or errors on your IaaS.

  11. Click Save.

Note: After your initial deployment, you will not be able to edit the Blobstore and Database locations.

Step 4: Create Networks Page

  1. Select Create Networks. Vcloud create networks
  2. Select Enable ICMP checks to enable ICMP on your networks. Ops Manager uses ICMP checks to confirm that components within your network are reachable.
  3. Use the following steps to create one or more Ops Manager networks:
    • Click Add Network.
    • Enter a unique Name for the network.
    • Click Add Subnet to create one or more subnets for the network.
    • Enter the vCloud Network Name as it appears in vCloud Director.
    • For CIDR, enter a valid CIDR block in which to deploy VMs. For example, enter
    • For Reserved IP Ranges, enter any IP addresses from the CIDR that you want to blacklist from the installation. Ops Manager will not deploy VMs to any address in this range.
    • Enter your DNS and Gateway IP addresses.
  4. Click Save.

Step 5: Assign Networks Page

  1. Select Assign Networks. Vcloud assign networks
  2. Use the drop-down menu to select the network that acts as the infrastructure and deployment network for Ops Manager. You can configure the Ops Manager Director to have an IP address on one network.

Step 6: Security Page

  1. Select Security.

    Vcloud om security

  2. In Trusted Certificates, enter a custom certificate authority (CA) certificate to insert into your organization’s certificate trust chain. This feature enables all BOSH-deployed components in your deployment to trust a custom root certificate. If you want to use Docker Trusted Registries for running app instances in Docker containers, use this field to enter your certificate for your private Docker Trusted Registry. See the Using Docker Trusted Registries topic for more information.

  3. Choose Generate passwords or Use default BOSH password. Pivotal recommends that you use the Generate passwords option for greater security.

  4. Click Save. To view your saved Director password, click the Credentials tab.

Step 7: Resource Config Page

  1. Select Resource Config. Vcloud resources
  2. Adjust any values as necessary for your deployment, such as increasing the persistent disk size. Select Automatic from the drop-down menu to provision the amount of persistent disk predefined by the job. If the persistent disk field reads None, the job does not require persistent disk space.

    Note: If you set a field to Automatic and the recommended resource allocation changes in a future version, Ops Manager automatically uses the updated recommended allocation.

  3. Click Save.

Step 8: Complete the Ops Manager Director Installation

  1. Click the Installation Dashboard link to return to the Installation Dashboard.
  2. Click Apply Changes.
  3. After you complete this procedure, follow the instructions in the Configuring Elastic Runtime for vSphere and vCloud topic.
Create a pull request or raise an issue on the source for this page in GitHub