vCloud Availability 3.0 – On-Premise Deployment & Configuration

This entry is part 4 of 6 in the series vCloud Availability 3.0

In the first 3 parts of this series I detailed the configuration and deployment of vCAv 3.0 into a service provider site. In this 4th part I show the deployment and configuration of vCAv into a tenant on-premise infrastructure. This allows appropriately configured tenants to protect on-premise VMs to a cloud provider as well as protect cloud-hosted VMs back to their own on-premise infrastructure.

In this configuration I will use the already-configured Christchurch lab cloud environment as the endpoint and configure vCAv into an on-premise infrastructure at my test ‘Tyrell’ tenant environment which is configured with its own small vSphere SDDC based on vCenter, ESXi and VSAN storage. Note that NSX networking is not required in the tenant site, and only outbound tcp/443 (https) connectivity is required between the tenant and cloud provider site which makes vCAv almost trivially easy for customers to deploy into their datacenters.

The VMware documentation page for deploying vCAv at a tenant/on-premise site is available here, the process below show the configuration of the vCAv tenant appliance and configuring the appliance once deployed to connect to a cloud provider site.

Download the OnPrem version of the vCAv appliance from, note that this is different from the image used to deploy a Cloud Provider site and is listed under the ‘Drivers & Tools’ tab in

Login to the on-premise vCenter and select the option to deploy an OVF Template, select the downloaded OnPrem appliance:

Specify the VM name to be assigned to the vCAv OnPrem appliance and select the datacenter where it will be deployed:

Next select the vSphere cluster where the vCAv appliance will run:

The next screen allows you to review the template details prior to deployment:

You must agree to the VMware EULA agreement before proceeding:

Chose the datastore and storage policy for the vCAv OnPrem appliance deployment (in this example I only have a single VSAN datastore to select from):

Select the network for the vCAv appliance to connect on and the IP assignment type:

Assign the initial ‘root’ user password (as with the Cloud appliance, this will be forced to change on first login to the appliance UI) and configure appropriate networking settings – IP address, subnet mask, default gateway, DNS servers, DNS domain and NTP server:

Review the summary screen and click ‘Finish’ to initiate the appliance deployment:

Once the appliance deployment has completed, you can power it on and access the configuration UI at https://<appliance-deployed-ip> to continue with configuration. Once you have logged in and changed the ‘root’ user password you will be shown the screen shown below:

Click to run the initial setup wizard and enter a name for the on-premise site:

Enter the Lookup service address and authentication details for the local (on-prem) vCenter/PSC infrastructure (in this example I’m once again using vCenter with an embedded PSC):

Next specify the URI for the public API endpoint for the cloud-provider instance of vCloud Availability (not the vCloud Director public endpoint) and provide login credentials to the tenant organization within that cloud environment, you will need to confirm the provided SSL certificate as the connection is made.

Note: If you select the ‘Allow Access from Cloud’ option, then administrators in the Cloud Provider will gain capability in the local vCenter/vSphere environment – here’s what the VMware documentation says on this:

“By selecting this option you allow the cloud provider and the organization administrators to execute the following operations from the¬†vCloud Availability Portal¬†without authenticating to the on-premises site.

  • Discover on-premises workloads and replicate them to the cloud.
  • Reverse existing replications to the on-premises site.
  • Replicate cloud workloads to the on-premises site.

By leaving this option deselected, only users authenticated to the on-premises vCloud Availability Portal can configure new replications and existing replications cannot be reversed from the vCloud Availability Portal.”

Make sure you understand the implications of selecting this option (or not selecting this option) when configuring the appliance and set it appropriately. In my lab environment I enabled the setting.

Confirm / deny participation in VMware CEIP in the next screen:

In the confirmation screen, you can use the slider to continue to the ‘Configure local placement’ dialogs on completion of the initial OnPrem appliance configuration. If you chose you can complete this process separately later, but in this example I chose to continue and configure local VM placement immediately:

The placement configuration allows you to select the environment that will be used by VMs replicated from the cloud to the OnPrem environment, in the first screen select the VM folder destination where the VMs will appear:

Next select the compute cluster where the VMs will be registered:

Next select the default network to which the replicated VMs will be attached:

Select the vSphere Datastore where the replicated VM disks will be stored:

Finally review the supplied details and complete the placement configuration:

The ‘Configuration’ tab in the appliance should now show the configured values as shown below:

Clicking the ‘System Monitoring’ tab should show connectivity to all services and to the remove Service Provider cloud:

Signing into the local vCenter environment should now display the banner (shown below) as the vCAv plugin is registered into the local vCenter:

Clicking the ‘Refresh Browser’ button and going to the ‘Home’ link in vCenter will now show a new menu entry for vCloud Availability:

vCloud Availability tab in vCenter HTML5 UI post-installation & Configuration of the OnPrem vCAv Appliance

Selecting the ‘vCloud Availability’ link in vCenter will open a new panel showing the vCloud Availability interface:

That completes the configuration of an on-premise connection to vCloud Availability – at this point we can now replicate VMs both to and from the Cloud Service Provider infrastructure to our own vSphere cluster. Although there are quite a few steps in the process, I hope you can see that the configuration of the OnPrem appliance is actually very straightforward and easy. A particular advantage compared to previous deployments with other products such as vCloud Availability and vCloud Extender is that no inbound firewall or NAT rules are required in the vCAv OnPrem configuration with v3.0.

This concludes the 4th part of this series looking at vCloud Availability 3.0, in the next part of the series now that we have both Cloud-to-Cloud (Parts 2 & 3) and OnPrem-to-Cloud (this part) configurations completed I’ll look at configuring VM replication protection and failover/migration of replicated VMs.

As always, corrections, comments and feedback welcome!


Series Navigation<< vCloud Availability 3.0 – Site Pairing & vCAv PoliciesvCloud Availability 3.0 – Protecting & Migrating VMs >>
Bookmark the permalink.

2 Responses to vCloud Availability 3.0 – On-Premise Deployment & Configuration

  1. Thanks for another magnificent post. The place else may just anybody get that type of info in such a perfect
    means of writing? I have a presentation next week, and I’m on the search for
    such information.

  2. Cathleen says:

    Depoxito is the best online gambling site in Indonesia, subsequent to Depoxito you will mood the sensation of playing new and ahead of its time online gambling.
    We always innovate as a result that every our members can air a sensation next playing at
    a real casino. Depoxito present you the best conscious
    casino feelings you can get with all the pretty
    and sexy dealers, or grand vip saloon private room for our VIP aficionado where you can play
    a role one upon one past our special Dealer all just for yourself.

    Luxurious site and VIP class benefits for you, a unprejudiced and easy-to-use site, kind
    and always friendly Customer utility to assist you.
    Depoxito is the right unorthodox for those
    of you who want to work online gambling without distressing that your winnings will not be paid, Depoxito guarantees that all
    bet you place and win is legal and will be paid without incurring any unwritten deductions.

    Depoxito as a site that is a partner of international huge bookmakers agreed will not disappoint you
    as a loyal fanatic of the Depoxito site and will continue to wish new updates and amend our security system therefore
    that it can prevent our faithful members from the threat of personal data leakage, scam or
    Depoxito is afterward a trusted online gambling dealer that
    provides the most final gambling games in Indonesia, such as sportsbook, slot games, alive casino, lottery and online poker that you can performance next just 1 Account.

    In addition to the unqualified VIP help game on our site,
    we will pamper you our faithful members because you don’t compulsion a lot of IDs
    to acquit yourself alternative gambling games. As a gambling site accredited by
    PAGCOR (Philippines Amusement and Gaming Corporation) Depoxito is
    as a consequence one of the number one gambling sites in Indonesia and has a fine reputation from
    all online gambling players in Indonesia.
    As we have said, we have a customer benefits that is always on standby to give support
    to all your needs while playing on our site, including for withdrawals and deposits that forlorn undertake
    less than 3 minutes, therefore we can be the best for zealot relieve also our customer minister to will standby 24 hour a morning and 7 days a week to facilitate our aficionada and VIPs.

    And the most special from our site compared to extra sites is the supplementary that we provide to our loyal members who continue to con on our site will acquire the best promos and bonuses that we will manage
    to pay for you, we always follow the publicize and trends that
    are viral now so the promos that we make are of course no less than any site.
    For VIP members we always pay for special promos that are not written hence that our
    members continue to do its stuff on our site depoxito.

Leave a Reply

Your email address will not be published. Required fields are marked *