Hi Josh, Sorry about that. We are using CentOS 8.1.1911. Not version 7. Is that the likely reason?
Thanks. On Fri, Apr 24, 2020 at 11:30 AM Josh Thompson <[email protected]> wrote: > Hi Vader, > > Please make sure to cc the [email protected] list so that other people > can > learn from the problems you work through. > > You do not need to use the VCL DHCP server. That's why the script asks if > you > want to configure it. The script can set it up for you, but if you > already > have DHCP provided, the script can skip that part. > > What version of CentOS are you using? I just ran the script on an updated > CentOS 7 system and was able to install all needed packages. > > Josh > > On Thursday, April 23, 2020 4:30:17 PM EDT you wrote: > > Hi, > > > > Thanks for this info, it really helps a lot. I tried just a test run of > > installing the VCL components on CentOS using the automated installation > > script and I have a question regarding the need for a DHCP server for the > > private network. We already have a DHCP server in our network and would > > like to know if the VCL based one is necessary. I'm concerned about > having > > potential conflicts between the two. > > > > The other question is an issue encountered using the installation script, > > it fails with > > > > "Warning: failed to install Linux package: perl-Expect" > > "Warning: failed to install Linux package: perl-Frontier-RPC" > > "Warning: failed to install Linux package: perl-Mo" > > "Warning: failed to install Linux package: perl-Net-Jabber" > > "Warning: failed to install Linux package: perl-RPC-XML" > > > > for perl-Expect for example it says > > > > Error: > > Problem: conflicting requests > > - nothing provides perl (IO::Tty) needed by > perl-Expect-1.35-10.el8.noarch > > - nothing provides perl (IO::Tty) >= 1.11 needed by > > perl-Expect-1.35-10.el8.noarch > > (try to add '--skip-broken' to skip uninstallable packages or '--nobest' > to > > use not only best candidate packages) > > > > Thanks > > > > On Thu, Apr 23, 2020 at 9:44 AM Josh Thompson <[email protected]> > > > > wrote: > > > Hi, > > > > > > Thanks for your interest in using VCL! We're happy to help you get it > > > installed and running. > > > > > > 1) vCenter is supported. However, I don't know that any of the more > > > active > > > contributors are using it. So, it's possible it could be a little > buggy. > > > I > > > do know people are actively using ESXi as standalone hosts. > > > > > > 2) Each VM will need 2 NICs. When VCL was originally written, that was > > > part > > > of the setup. We'd like to move away from requiring 2 NICs, but we > > > haven't > > > fully gotten it coded out. One NIC is used for VCL to manage the VM, > the > > > other is used for users to connect to it. The ESXi hosts themselves > would > > > only need one NIC, but you would need two vswitches on them so that the > > > VMs > > > can still have 2 NICs. You don't actually have to have public IPs for > the > > > user connection side. You can set up one or more NAT hosts that have > > > public > > > IPs. Then, the VMs themselves can be on an internal network and then > > > users > > > connect through the NAT hosts. Once the NAT hosts are set up, VCL will > > > manage > > > the port forwarding through them to the reserved VMs. > > > > > > There are 3 software components to the VCL infrastructure - the web > > > portal, > > > the backend processing daemon (vcld), and a mysql/mariadb database. > These > > > can > > > all be run on the same system or on different systems. If you run the > web > > > portal on its own system that you put in a DMZ, it would need access to > > > the > > > database, and the management node system running vcld would need to be > > > able to > > > access the web portal for a few API calls. If you run all 3 > components on > > > the > > > same system in a DMZ, vcld would need ssh access to the ESXi hosts and > to > > > the > > > VMs on them. > > > > > > 3) Your web portal system could be your NAT host which would allow you > to > > > only > > > have one public IP. User connections would all be tunneled through > that > > > one > > > host. > > > > > > Here is a simple configuration that could work for you using only one > ESXi > > > host. Create 3 vswitches on the host, I'll call them Control, > Connection, > > > and > > > DMZ. Create 1 VM on it that will be your management node on which all > 3 > > > components of VCL will be installed. That VM will have 3 NICs, one on > > > each > > > vswitch. Configure the ESXi host so that vcld on the management node > can > > > ssh > > > to it. Configure VCL to deploy VMs on the host, each having 2 NICs, > one > > > on > > > Control, and one on Connection. Set up httpd on the management node to > > > listen > > > on the NIC on the DMZ vswitch, which would have a public IP address. > > > Configure VCL to use the maangement node as the NAT host. > > > > > > VCL is very flexible in how it can be set up, which sometimes can make > it > > > seem > > > more complicated to set up. Please feel free to ask further questions > as > > > you > > > start working through the installation. > > > > > > Josh > > > > > > On Wednesday, April 22, 2020 2:44:12 PM EDT Vader 860 wrote: > > > > Hello, > > > > > > > > We are looking into implementing VCL on premise and have a general > > > > > > question > > > > > > > regarding the architecture and network setup. > > > > > > > > 1) if using VMware ESXi, is the use of vCenter supported or do we > need > > > > to > > > > just have standalone ESXi hosts? > > > > > > > > 2) The documentation says there should be a public and private > network > > > > > > and > > > > > > > that all components need to have two NICs, one for each segment. If > we > > > > wanted to isolate the VCL Web Portal in a DMZ and have the remaining > > > > components in the internal network, what ports would be required from > > > > the > > > > VCL Web Portal to the internal network? > > > > > > > > 3) If a setup as described above is supported, can we just have a > public > > > > > > IP > > > > > > > on the Web Portal and just internal IPs in the backend? > > > > > > > > Thanks > > > > > > -- > > > ------------------------------- > > > Josh Thompson > > > Systems Programmer > > > Virtual Computing Lab (VCL) > > > North Carolina State University > > > > > > my GPG/PGP key can be found at www.keyserver.net > > > > > > All electronic mail messages in connection with State business which > > > are sent to or received by this account are subject to the NC Public > > > Records Law and may be disclosed to third parties. > -- > ------------------------------- > Josh Thompson > Systems Programmer > Virtual Computing Lab (VCL) > North Carolina State University > > my GPG/PGP key can be found at www.keyserver.net > > All electronic mail messages in connection with State business which > are sent to or received by this account are subject to the NC Public > Records Law and may be disclosed to third parties.
