Administering View Cloud Pod Architecture
Table Of Contents
- Administering View Cloud Pod Architecture
- Contents
- Administering View Cloud Pod Architecture
- Introduction to Cloud Pod Architecture
- Designing a Cloud Pod Architecture Topology
- Creating Cloud Pod Architecture Sites
- Entitling Users and Groups in the Pod Federation
- Finding and Allocating Desktops and Applications in the Pod Federation
- Global Entitlement Example
- Cloud Pod Architecture Topology Limits
- Cloud Pod Architecture Port Requirements
- Security Considerations for Cloud Pod Architecture Topologies
- Setting Up a Cloud Pod Architecture Environment
- Managing a Cloud Pod Architecture Environment
- View a Cloud Pod Architecture Configuration
- View Pod Federation Health in View Administrator
- View Desktop and Application Sessions in the Pod Federation
- Determine the Effective Home Site for a User
- Add a Pod to a Site
- Modifying Global Entitlements
- Remove a Home Site Association
- Remove a Pod From the Pod Federation
- Uninitialize the Cloud Pod Architecture Feature
- lmvutil Command Reference
- lmvutil Command Use
- Initializing the Cloud Pod Architecture Feature
- Disabling the Cloud Pod Architecture Feature
- Managing Pod Federations
- Managing Sites
- Managing Global Entitlements
- Managing Home Sites
- Viewing a Cloud Pod Architecture Configuration
- Listing Global Entitlements
- Listing the Pools in a Global Entitlement
- Listing the Users or Groups in a Global Entitlement
- Listing the Home Sites for a User or Group
- Listing the Effective Home Site for a User
- Listing Dedicated Desktop Pool Assignments
- Listing the Pods or Sites in a Cloud Pod Architecture Topology
- Managing SSL Certificates
- Index
Cloud Pod Architecture Port Requirements
Certain network ports must be opened on the Windows firewall for the Cloud Pod Architecture feature to
work. When you install View Connection Server, the installation program can optionally configure the
required firewall rules for you. These rules open the ports that are used by default. If you change the default
ports after installation, or if your network has other firewalls, you must manually configure the Windows
firewall.
Table 2‑2. Ports Opened During View Connection Server Installation
TCP Port Description
22389 The Global Data Layer LDAP instance runs on this port. Shared data is replicated on every View
Connection Server instance in a pod federation. Each View Connection Server instance in a pod
federation runs a second LDAP instance to store shared data.
8472 The View Interpod API (VIPA) communication channel runs on this port. View Connection Server
instances use the VIPA communication channel to launch new desktops and applications, find
existing desktops, and share health status data and other information.
Security Considerations for Cloud Pod Architecture Topologies
To use View Administrator or the lmvutil command to configure and manage a Cloud Pod Architecture
environment, you must have the Administrators role. Users who have the Administrators role on the root
access group are super users.
When a View Connection Server instance is part of a replicated group of View Connection Server instances,
the rights of super users are extended to other View Connection Server instances in the pod. Similarly, when
a pod is joined to a pod federation, the rights of super users are extended to all of the View Connection
Server instances in all of the pods in the pod federation. These rights are necessary to modify global
entitlements and perform other operations on the Global Data Layer.
If you do not want certain super users to be able to perform operations on the Global Data Layer, you can
remove the Administrators role assignment and assign the Local Administrators role instead. Users who
have the Local Administrators role have super user rights only on their local View Connection Server
instance and on any instances in a replicated group.
For information about assigning roles in View Administrator, see the View Administration document.
Chapter 2 Designing a Cloud Pod Architecture Topology
VMware, Inc. 13