Hi, Thanks for your interest in using VCL! We're happy to help you get it installed and running.
1) vCenter is supported. However, I don't know that any of the more active contributors are using it. So, it's possible it could be a little buggy. I do know people are actively using ESXi as standalone hosts. 2) Each VM will need 2 NICs. When VCL was originally written, that was part of the setup. We'd like to move away from requiring 2 NICs, but we haven't fully gotten it coded out. One NIC is used for VCL to manage the VM, the other is used for users to connect to it. The ESXi hosts themselves would only need one NIC, but you would need two vswitches on them so that the VMs can still have 2 NICs. You don't actually have to have public IPs for the user connection side. You can set up one or more NAT hosts that have public IPs. Then, the VMs themselves can be on an internal network and then users connect through the NAT hosts. Once the NAT hosts are set up, VCL will manage the port forwarding through them to the reserved VMs. There are 3 software components to the VCL infrastructure - the web portal, the backend processing daemon (vcld), and a mysql/mariadb database. These can all be run on the same system or on different systems. If you run the web portal on its own system that you put in a DMZ, it would need access to the database, and the management node system running vcld would need to be able to access the web portal for a few API calls. If you run all 3 components on the same system in a DMZ, vcld would need ssh access to the ESXi hosts and to the VMs on them. 3) Your web portal system could be your NAT host which would allow you to only have one public IP. User connections would all be tunneled through that one host. Here is a simple configuration that could work for you using only one ESXi host. Create 3 vswitches on the host, I'll call them Control, Connection, and DMZ. Create 1 VM on it that will be your management node on which all 3 components of VCL will be installed. That VM will have 3 NICs, one on each vswitch. Configure the ESXi host so that vcld on the management node can ssh to it. Configure VCL to deploy VMs on the host, each having 2 NICs, one on Control, and one on Connection. Set up httpd on the management node to listen on the NIC on the DMZ vswitch, which would have a public IP address. Configure VCL to use the maangement node as the NAT host. VCL is very flexible in how it can be set up, which sometimes can make it seem more complicated to set up. Please feel free to ask further questions as you start working through the installation. Josh On Wednesday, April 22, 2020 2:44:12 PM EDT Vader 860 wrote: > Hello, > > We are looking into implementing VCL on premise and have a general question > regarding the architecture and network setup. > > 1) if using VMware ESXi, is the use of vCenter supported or do we need to > just have standalone ESXi hosts? > > 2) The documentation says there should be a public and private network and > that all components need to have two NICs, one for each segment. If we > wanted to isolate the VCL Web Portal in a DMZ and have the remaining > components in the internal network, what ports would be required from the > VCL Web Portal to the internal network? > > 3) If a setup as described above is supported, can we just have a public IP > on the Web Portal and just internal IPs in the backend? > > Thanks -- ------------------------------- Josh Thompson Systems Programmer Virtual Computing Lab (VCL) North Carolina State University my GPG/PGP key can be found at www.keyserver.net All electronic mail messages in connection with State business which are sent to or received by this account are subject to the NC Public Records Law and may be disclosed to third parties.
signature.asc
Description: This is a digitally signed message part.
