Automated Veeam Cloud Connect deployment: 3 – connect to VMware virtual environment

0 Flares Twitter 0 Facebook 0 LinkedIn 0 Email -- 0 Flares ×

In the previous posts (here and here) we completed the automatic configuration of the Veeam Cloud Connect environment. In this third post of this short series, we will add additional resources in order to offer replication services. In fact, all the Cloud Connect components are now successfully deployed, so Backup services can already be offered, but to offer also replication services we need to connect our environment to the virtualized platform. Historically, Veeam Cloud Connect supported VMware vSphere and Microsoft Hyper-V, but since the soon-to-come 9.5 Update 4 will also add support for VMware vCloud Director, we will see how to add both to the infrastructure.

VMware vSphere

Following the scenario of a service provider using Veeam Cloud Connect 9.5 Upgrade 3a, the supported platforms are VMware vSphere and Microsoft Hyper-V. I don’t have any Hyper-V host in my lab, so I will connect the vSphere environment.

First, we need a username and password to get authorization to connect to vSphere. Assuming a clean environment, we may use the usual administrator@vsphere.local account, but as I explained multiple times even in the Cloud Connect book, it’s better to have a dedicated account for Cloud Connect only. We can create the user using PowerCLI (note that I’m using Powershell 5.0 with its Gallery modules, so there’s no module loading at the beginning of the script):

$vCenter = “vcsa.cloudconnect.local”

Connect-VIServer -Server $vCenter -User administrator@vsphere.local -Password “********” -Force

$createscript = “/usr/lib/vmware-vmafd/bin/dir-cli user create –account cloudconnect –first-name cloudconnect –last-name vsphere.local –user-password ******** administrator@vsphere.local ********

$groupscript =  “/usr/lib/vmware-vmafd/bin/dir-cli group modify –name Administrators –add cloudconnect –login administrator@vsphere.local ********

Invoke-VMScript -vm vcsa -ScriptText $createscript -GuestUser ‘root’ -GuestPassword ******** -ScriptType bash

Invoke-VMScript -vm vcsa -ScriptText $groupscript -GuestUser ‘root’ -GuestPassword ******** -ScriptType bash

The script connects to vCenter server and by using Invoke-VMscript runs the two command lines directly into the GuestOS, first to create the user “cloudconnect” and then to add it to the “administrators” group:

Once the account has been created in vSphere with proper permissions, we can add the user also to Veeam Cloud Connect. Note that VMware accounts are managed as “windows” accounts:

$vCenterCredential = Add-VBRCredentials -Type Windows -User cloudconnect@vsphere.local -Password “********” -Description “vCenter Administrator”

Add-VBRvCenter -Name “vcsa.cloudconnect.local” -Description “vcsa vCenter Server” -Credentials $vCenterCredential

vCenter is connected to the Cloud Connect environment and ready to be consumed:

VMware vCloud Director

As explained at the beginning, Version 9.5 Update 4 will support also vCloud Director. So, if a provider runs it, it may be interested in offering replication services towards vCloud Director and not just vSphere. Let’s add it too.

$asci = [char[]]([char]33..[char]95) + ([char[]]([char]97..[char]126))

$vcc_pwd = (1..$(Get-Random -Minimum 9 -Maximum 14) | % {$asci | get-random}) -join “” 

I created a new system user manually in vCloud Director first, as I haven’t found any possible way for now to create it via powershell. But at least for the password, as you can see the code above here, I created a random one instead of applying one I commonly use; this is because my vCloud Director is exposed to Internet, so it’s better to have strong credentials.

Then, I registered as before these credentials into Veeam credential manager:

$vCloudCredential = Add-VBRCredentials -Type Windows -User cloudconnect -Password $vcc_pwd -Description “vCloud Administrator”

Then, I add vCloud Director to Veeam console:

$vcd = “vcloud.cloudconnect.local”

$vcd_url = “https://”+$vcd

Add-VBRvCloud -Name $vcd -Credentials $vCloudCredential -Url $vcd_url -Description “vCloud Director”

And, as you can expect, also vCloud Director is now connected to Cloud Connect:

One last step to be ready, you need to map vCloud Director with its underlying vCenter server(s). This can be done in this way:

$vc_server = Find-VBRvCloudEntity -Vc
$vcd_srv = Get-VBRServer -Type VcdSystem

Add-VBRvCloudVC -vCloudServer $vcd_srv -VCInfo $vc_server -Credentials $vCenterCredential

Good! Cloud Connect is ready, it’s only missing a new SSL Certificate, but this can be easily done using Let’s Encrypt and my previous scripts to automate the entire certificate creation and renewal, as you can read in the post Improved Powershell script for Let’s Encrypt certificate renewals.

In the next post, we will start to onboard our customers.