This page explains how to create and manage virtual machines (VMs) and policies in your private cloud by using the vSphere client.
Before you begin
To create and manage VMs on your private cloud using the vSphere client, you must first be able to connect to your private cloud. This quickstart assumes that you have done the following:
- Created a Google Cloud VMware Engine private cloud. You can create one by completing the following quickstart: Creating your first private cloud.
Established a secure connection from your on-premises network to the private cloud using one of the following options:
Created a subnet on your private cloud. You can create one by completing the following quickstart: Creating your first subnet.
Access the vCenter client from the VMware Engine portal
- Access the VMware Engine portal.
- On the Home page under Common tasks, click Launch vSphere client.
- Select a private cloud and then click Launch vSphere client for the selected private cloud.
- To open the vSphere client, click the Launch button for the vSphere client type. For ISO upload, use the vSphere HTML5 client.
- When prompted, enter your sign-in credentials. As a reminder, you can retrieve generated credentials from the private cloud details page.
Upload an ISO or vSphere template
Provide installation media for your VM by uploading an ISO file or a vSphere template:
- Obtain the ISO or vSphere template that you want to upload to vCenter to create a VM and have it available on your local system.
- In vCenter, click the Storage icon and select vsanDatastore. Click Files > New Folder.
- Create a folder called ISOs and templates.
- In your new folder, click Upload files.
- Follow the on-screen instructions to upload the ISO.
Create a VM in the vCenter client
Create your new VM in vCenter, and attach it to a workload network segment:
- In vCenter, click the Hosts and clusters icon.
- Right-click Workload and select New virtual machine.
- Select Create new virtual machine and click Next.
- Name the machine, select the Workload VM's location, and click Next.
- Select the Workload compute resource and click Next.
- Select vsanDatastore and click Next.
- Keep the default ESXi compatibility selection and click Next.
- Select the guest OS of the ISO for the VM that you are creating and click Next.
- Select hard disk and network options.
- Under New CD/DVD Drive, select Datastore ISO file.
- Select the workload network segment that you created in NSX-T. This must not be the VMware Engine management appliances subnet.
- A selection window opens. Select the file you previously uploaded to the ISOs and templates folder and click OK.
- Review the settings and click OK to create the VM.
The VM is added to the workload compute resources and is ready for use. The basic setup is now complete. You can power on your VM and install the operating system. You can start using your private cloud similar to how you would use your on-premises VM infrastructure.
The following sections contain optional information about setting up DNS and DHCP servers for private cloud workloads and modifying the default networking configuration.
Create a DNS and DHCP server (optional)
Applications and workloads running in a private cloud environment require name resolution and DHCP services for lookup and IP address assignment. A proper DHCP and DNS infrastructure is required to provide these services. You can configure a VM in vCenter to provide these services in your private cloud environment.
- A distributed port group with VLAN configured.
- A route set up to on-premises or internet-based DNS servers.
- A VM template or ISO to create a VM.
The following links lead to pages outside of Google Cloud that provide guidance on setting up DHCP and DNS servers on Linux and Windows Server.
Linux-based DNS server setup
Linux offers various packages for setting up DNS servers. The following instructions step through setting up an open-source BIND DNS server:
Windows-based DNS server setup
The following Microsoft topics describe how to set up Windows Server as a DNS server and as a DHCP server:
Customize networking configuration (optional)
The network pages in the VMware Engine portal let you specify the configuration for firewall tables and public IP addresses for VMs.
Allocate a public IP address
- In the VMware Engine portal, go to Network > Public IPs.
- Click Allocate Public IP.
- Enter a name to identify the IP address entry.
- Keep the default location.
- Enter the local IP address for which you want to assign a public IP address. The local address must be accessible through your firewall.
- Click Done.
The task of allocating the public IP address begins. Check the status of the task on the Activity > Tasks page. When allocation is complete, the new entry is shown on the Public IPs page.
The local address that you specified must be added to the VM that uses the public IP address. The procedure to configure an IP address is specific to the VM operating system. For information about how to configure an IP address on your VM, see the documentation for your VM operating system.
Example for Ubuntu 16.04
You want to add the static method to the inet address family configuration in
/etc/network/interfaces and change the address, netmask, and gateway
This example uses the
eth0 interface, internal IP address
192.168.24.10, gateway address 192.168.24.1, and netmask 255.255.255.0.
posix-terminal sudo vi /etc/network/interfaces
Update the following section in the
auto eth0 iface eth0 inet static address 192.168.24.10 netmask 255.255.255.0 gateway 192.168.24.1 dns-nameservers 188.8.131.52 dns-domain acme.com dns-search acme.com
Disable the interface:
posix-terminal sudo ifdown eth0
Enable the interface again:
posix-terminal sudo ifup eth0
By default, all incoming traffic from the internet is denied. If you want to open any other port, create a firewall table.
After configuring an internal IP address as the static IP address, verify that you can reach the internet from within the VM:
posix-terminal ping 184.108.40.206
Verify that you can reach the VM from the internet by using the public IP address. Ensure that firewall (iptable) rules on the VM don't block port 80 inbound.
posix-terminal netstat -an | grep 80
Start an HTTP server that listens on port 80 by using one of the following commands:
posix-terminal python2.7 -m SimpleHTTPServer 80
posix-terminal python3 -m http.server 80
To browse the files on your VM, start a browser on your desktop and point it to port 80 for the public IP address.
Default firewall rules for public IP address allocation
The following default rules apply to public IP address allocation:
- VPN traffic: all traffic is allowed between (from/to) the VPN and all the workload networks and management network
- Private cloud internal traffic: all east-west traffic is allowed between (from/to) workload networks and the management network (shown above)
- All incoming traffic from the internet is denied to workload networks and the management network.
- All outgoing traffic to the internet is allowed from workload networks or the management network.
To modify any of these rules, see Firewall tables.
Configure other tools and products (optional)
You can further expand the capabilities of your private cloud environment by installing and configuring other tools and products such as VMware Site Recovery Manager (SRM). By doing so, you gain access to other methods of disaster recovery, replication, or other functions to protect your VM.
Some tools and products used with your private cloud might require a user to have administrative privileges in vSphere. In those cases, use one of the solution user accounts provided for you in your private cloud.
- Learn how to set up VPN gateways on the VMware Engine network.