Update 4/25/2022: This configuration no longer works with VMware Cloud Director 10.3.x.
Update 9/6/2022: This configuration works again in VMware Cloud Director 10.4 and 10.3.3.3.
VMware Cloud Director cells are usually deployed in the management cluster and their access to Internet might be limited due to security considerations. This can be a problem because certain features do require outgoing access to external (Internet) resources:
- Catalog subscription: the cell will need access to the published catalog URL
- Multisite: if you associate multiple Organizations together, some API calls are fan-out by the cell to the respective associated API endpoints, therefore the cell needs to be able to access them (even its own external API endpoint)
- Cell Appliance VAMI repository for patches or upgrades
The latest VCD release 10.2.1 now does support internet proxy which means there is no need to have full internet access to the management environment.
On the VCD Appliance the proxy can be configured by editing /etc/sysconfig/proxy file:
root@vcloud1 [ ~ ]# cat /etc/sysconfig/proxy # Enable a generation of the proxy settings to the profile. # This setting allows to turn the proxy on and off while # preserving the particular proxy setup. # PROXY_ENABLED="yes" # Some programs (e.g. wget) support proxies, if set in # the environment. # Example: HTTP_PROXY="http://proxy.provider.de:3128/" HTTP_PROXY="http://proxy.fojta.com:3128" # Example: HTTPS_PROXY="https://proxy.provider.de:3128/" HTTPS_PROXY="http://proxy.fojta.com:3128"
You need to restart vmware-vcd service to apply the configuration.