Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

Cloud Management setup guide for VMware

Log in to subscribe to topics and get notified when content changes.

Cloud Management setup guide for VMware

To set up Cloud Management for the very first time, you perform the procedures in this "Day 1" setup guide. Be sure to perform the procedures in order. After you have performed "day 1" setup, you can perform optional "day 2" setup and configuration procedures as needed and in any order. Detailed instructions for each procedure follow this overview.

Subscribe to Cloud Management and request plugin activation

The Cloud Management application is available as a separate subscription and requires the Cloud Management plugin ( See Subscribe to Cloud Management and request plugin activation.

Roles required to set up Cloud Management

  • Operations in the VMware Console require the VMware administrator role.
  • Operations in Cloud Management require the sn_cmp.cloud_admin role.

About terms that Cloud Management uses

Cloud providers often use proprietary names for account and credential settings. Because the Cloud Management application supports several cloud providers, Cloud Management uses general-purpose names for the settings.

Quick overview of the setup process

Your setup process includes these tasks:
  • If needed: Subscribe to Cloud Management and request plugin activation.
  • Assign appropriate roles to cloud users.
  • Set up the MID Servers that will handle secure communications with the provider API endpoints.
  • On the provider portal, collect your account settings and the credentials that the Discovery process will use (through a MID Server) to programatically access your provider accounts. Securely associate the account settings and credentials with a service account in Cloud Management.
  • Set up a cloud account to represent your entire managed cloud infrastructure and set up a service account that works with one of your provider accounts. You specify which datacenters in the service account should be included in the cloud account. (Later, on "Day 2", you can set up additional cloud accounts and service accounts from the same or other providers.)
  • Cloud Management uses CMDB data to help users request and manage cloud resources and to help you manage your cloud infrastructure. To populate the CMDB with resource data for all datacenters, you manually run the Discovery process on each datacenter in the service account. Then, to ensure that the data continues to be updated, you configure Discovery to run on a regular schedule. Your cloud account might look like this:
    Structure of a cloud account on Day 1
  • Providers offer services that can auto-update the CMDB whenever a create/modify/terminate life cycle change or configuration update occurs to a resource. You can configure the AWS Config, Azure Alert, Google Cloud Messaging, IBM Cloud Update, and VMware Events services to integrate directly with Cloud Management.

What you will do to integrate Cloud Management with your VMware cloud accounts

Detailed instructions for each procedure follow this overview.

1. Assign roles to Cloud Management users
You assign Cloud Management roles to user groups and to individual users based on user activities and responsibilities.
2. Set up MID Servers to connect Cloud Management to a VMware service account
To ensure secure and reliable communications, the Discovery process communicates with your cloud provider accounts and cloud resources through one or more MID Servers. You can set up the MID Servers on your network or in one of your cloud networks.
Note: Data is encrypted to the MID Server and between the MID Server and the API endpoint. To ensure high performance and security, you should configure one or more MID Servers for each datacenter under management. Configure the MID Servers even if you have already configured other MID Servers while setting up Cloud Management for another cloud provider.
3. Create the credential and service account that will access your VMware data
To securely access data on your provider account, the Discovery process must present appropriate credentials.To make the credentials available to Discovery, you first create an account in the VMware Console. You then securely store the credentials in a service account in your instance. A service account includes provider datacenters and holds the credential and account information for your provider account. Discovery uses the information to access your provider account to obtain information on each datacenter in the service account.
Discover all datacenters in a service account on-demand
After you set up a service account, run Discovery to populate the datacenters in the account.Discovery uses the information in the service account to identify all logical datacenters associated with the provider account.
5. Set up a cloud account for VMware
A cloud account is the logical representation in Cloud Management of all or part of your managed cloud infrastructure. A cloud account can include multiple service accounts — even service accounts from different providers. For each service account, you specify which datacenters to include in the cloud account.
Set capacity limits on user requests for resources
Capacity limits place restrictions on the attributes of cloud resources for a datacenter such as the number of virtual machines, virtual CPUs, or aggregate storage. You can set limits on resources separately for each logical datacenter in a cloud account.
7. Configure the VMware Events service to auto-update the CMDB
The VMware Events service can auto-update the CMDB whenever a VMware resource on a vCenter experiences a configuration change or a change in life cycle state. As a result, the CMDB is updated between Discovery runs.

VMware prerequisites

  • Enterprise or Enterprise Plus Edition 5.5 or newer.
  • Enable the vSphere environment for Distributed Resource Scheduling (DRS).
  • Place datastores under Storage DRS.
When provisioning Windows virtual machines, read and modify the named customization specifications.
ESXi hosts
If the IP address of a virtual machine is set manually using a script or post-init scripts run on the VM, then you must allow HTTPS traffic between the MID Server and the ESXi host for the VM.
Enable NTP time sync. Enable the NTP client for the hypervisor on the vSphere web client. See the vSphere documentation for more information.
vCenter server requirements
vCenter 5.5 or 6.0 Standard or Foundation edition.
vCenter access requirements
Minimum permissions for the user that connects to vSphere through the instance:
  • Datastore: All
  • Datastore Cluster: All
  • Folder: Create, Delete
  • Global: Cancel task, License
  • Host > Local operations: Create/Delete/Reconfigure virtual machines
  • Profile-driven storage: All
  • Network: Assign network
  • Resource: Apply recommendation; Create/Modify/Assign/Remove virtual machines.
  • Virtual machines: All
vCenter credentials

Next steps

When you have finished all Day 1 and Day 2 procedures in this setup guide, see the Cloud Management administration guide for information on using the Cloud Management application in your organization.