External Applications

External applications are groups of user account credentials that allow external access to the virtual manager, compute nodes, and storage controller of the system.

Configuring access for external applications enables the following functions:

You can manage virtual machine deployments in a separate Virtual Manager cloud group. These virtual machines are created and deployed directly with VMware vCenter.
Use the Cloud Pak System console to add and remove resources (compute nodes, Virtual Machine File System (VMFS) LUNs, and VLANs) to and from the cloud group.
Use VMware vCenter for monitoring.
Set up disaster recovery through replication of VMware VMFS storage and block storage between systems.
Exposing VMware vCenter to IBM® Endpoint Manager shared service.
To enable access to the VMware vCenter from the Red Hat® Satellite Shared Service and the Red Hat Satellite Server 6.x Virtual system pattern.

Access is provided to the VMware vCenter server and optionally to ESXi hosts on the compute nodes. Host access is recommended for transferring data to VMFS data stores and for accessing virtual machine consoles.

To allow access for these components, each one of them must be made available outside of the system with an external IP address (IP address that is not provided by Cloud Pak System).

Virtual Manager: For details about configuring access for the virtual manager, see Configuring the virtual manager external IP address.

Compute Nodes: To provide access for compute nodes, you must set up an IP Group for compute nodes. For details, see the "About this task" section of Adding IP groups.
Storage Controller: For details about configuring access for the storage controller, see Monitoring storage devices.

For steps to create an external application, see Configuring external application access.

Note: External applications cannot be modified. You must create a new external application if you want to change the settings.

Setup steps

Set up an external IP address for VMware vCenter.
To access the VMware vCenter web client, you must provide an externally accessible IPv4 address. For details on configuring this IP address, see Configuring the virtual manager external IP address. It is recommended that you configure a Virtual Manager FQDN (fully-qualified domain name) for easier access to the vCenter web client.
If you have not configured a Virtual Manager FQDN, special setup is required to use the default FQDN purevc. Modify the local operating system hosts file.
Due to the way that the VMware vCenter web client works, you must modify the local operating system hosts file to resolve the VMware vCenter host name purevc to the IP addresses that you provided in step 1. For example, 172.21.136.250 purevc.
Create a cloud group with the type Virtual Manager. For details on configuring this cloud group, see Adding cloud groups.
Note: If you do not plan to deploy virtual machines directly to VMware, creating a Virtual Manager cloud group is not required.
Create an IP group with Used for option, Compute Nodes. Add an IP addresses for each compute node that you want to externally access. Attach the IP addresses to the compute nodes. For details, see section, About this task in Adding IP groups.
This IP group is used to provide the compute nodes with an externally accessible IPv4 IP address.
Create the external application access credentials to VMware vCenter and optionally enable host access.
- For details about creating these credentials, see Configuring external application access.
- To view or regenerate the passwords for these credentials, see Viewing and regenerating passwords for external applications.
To access the VMware vCenter web client, go to https://purevc/vsphere-client/ and use the credentials from step 5. Note that https://purevc/vsphere-client/ is only valid if you use the default values in place in Step 1. If you set up the Virtual Manager FQDN, then your URL will be http://<Virtual Manager FQDN>/vsphere-client, where <Virtual Manager FQDN> is replaced by the fully-qualified domain name that you configured.

Attention: In some cases, after logging in to the web client, a banner may appear at the top of the interface with message Your password will expire in N days. This message appears in error. It is a known VMware issue. The passwords for users created with the External Applications feature will not expire.

Deploying virtual machines

Add a compute node to the Virtual Manager cloud group.
In the VMware vCenter web client, you see that a host was added to the cluster.
Select the volume and locate the Datastore name in the details section. This name begins with p_ followed by a unique identifier. You can find the data store by that name in VMware vCenter.
You can also add Block storage volumes if you want to use Raw Device Mapping storage on your virtual machines. Select the volume and locate the LUN identifier in the details section.

For details on creating volumes, see Adding volumes.
Complete these steps to upload files to a particular data store:
- Locate the datastore in the vSphere Web Client and upload files to it. This requires the following prerequisites:
  - Client Integration Plug-in must be installed. For install instructions, see procedures in VMware Docs.
  - A Virtual Manager FQDN that resolves to the Virtual Manager IP address by DNS has been configured.
  - The compute nodes in the cloud group have been assigned IPv4 addresses that are on a subnet that the Virtual Manager IPv4 address can access.
  If any of the prerequisites are not met, or you have large amounts of data that would be better transferred via SCP, you can use a compute node to directly transfer the files. View the details of the external application access that you created in section, Setup steps, step 5. and select any compute node from that list that is powered on. Make note of the IP address and credentials. Then, you can either use the ESXi host web client or SCP to upload files:
  ESXi host web client
  - From a web browser, go to https://<IP address>/ui.
  - Log in with the credentials from the external application access details.
  - Browse to the data store and upload files.
  SCP
  - Use your SCP client to connect to <IP address> and log in with the credentials from the external application access details.
  - Change directories to /vmfs/volumes/<datastore name>.
  - Upload the files.
After all files that are needed to create virtual machines are uploaded, you can create virtual machines as you normally would in a VMware environment. For details on these steps, see the VMware documentation.

Accessing a virtual machine by using the stand-alone remote console

Complete the following steps to connect to a virtual machine by using the stand-alone remote console: -Install the VMware stand-alone remote console from this page: http://www.vmware.com/go/download-vmrc -View the virtual machine Summary tab in the vSphere Web Client -Click Launch Remote Console, which starts the VMware stand-alone remote console.

Complete the following steps to connect to a virtual machine by using the stand-alone remote console:

Install the VMware stand-alone remote console from this page: http://www.vmware.com/go/download-vmrc.
View virtual machine > Summary in the vSphere Client.
Click Launch Remote Console, which starts the VMware stand-alone remote console.
Note: The HTML5 based remote console from the VMware vCenter web client can also be used, but the mouse does not work properly, as documented by this VMware article: The mouse pointer does not function properly in the VMware vSphere Web Client HTML5 virtual machine console (2116851).