Simplifying VCD Load Balancing and Certificate Replacement

Posted on 02 Dec 2020


Replacing certificates in VCD is a fairly straight forward process and can be made significantly easier if you deviate from the procedure outlined in the official VMware documentation and instead use a simple load balancer and install the same certificate and key pairs on each node within the VCD cluster. Let me explain.


As a service designed for external public consumption, VCD uses two internet facing IP addresses for providing the key VCD services:

  • one is the http service
  • the other is the console proxy service

As the names suggest, http (port 443) is for web traffic such logging into the web portal and the console proxy (port 8443) is for providing the console sessions to the underlying virtual machines for things such as OS installation. Historically these services required different IP addresses, however with the VCD appliances these two services run on the same network adapter, eth0, leaving eth1 for other network traffic types. By running on two different ports the same network adapter can provide both services.
Note It is possible to change the port for the console proxy to say 443 however this is beyond the scope of this guide.

Tagged with: VCD

New VMware Cloud Director Service

Posted on 05 Jun 2020

BRAND NEW VMware Cloud Director Service (CDS) has just been launched for initial availability in US-West. Based on VMware Cloud Director (VCD) 10.1.0 in this initial build, this new micro-service powered (Kubernetes) SaaS offering from VMware will allow VMware Managed Service Providers to roll out a build version of their choice (VCD 10.1.0 or 10.1.1 or 10.1.beta or 10.whatever-comes-next!!).

Tagged with: VCD CDS

NSX-T Troubleshooting

Posted on 30 Apr 2020

NSX-T Troubleshooting

Check L2 before L3.

Check (L2)

  • MTU
  • VLAN
  • TEP
    • IP
    • MTU
  • CCP

N-VDS settings (L3)

  • MTU (L2)
  • Routing table (L4)
  • TEP
  • vTEP tables
  • MAC tables

Manager Troubleshooting

CorfuDB3 nodesQuorum must be up, at least 2 corfu servers required for quorumGroup Member Leader Election Server (GMLE) helps in detecting the fault with an NSX Manager node failure.  It also helps elect a new leader per group.Day  2 OperationsUse st en to enter engineering mode (root privileged mode)

Tagged with: NSX-T Command Line

About MΣ

1 of 18 Next