A few weeks ago, using vCloud Director (vCD) 5.1.2, i tried to test the vCD quarantine function which is all about getting in control over the procedure of uploading files to your vCD. When it is enabled the end user uploaded files will not be available before they have been accepted by a system administrator. A use case might be that you want to run an antivirus scan of the file before making it available for the end user.
JMX Service
The quarantine function is a vCD JMX Service and managed in the vCD UI under the “vCD system settings -> Administration -> General” area. You specify the quarantine value in seconds and for my testing purpose i specified a 10 minutes timeout value.
According to the VMware documentation you can use e.g. the JMX client JConsole to access the JMX service and accept or reject the uploaded files. The JMX client makes it possible to view the available vCD MBeans.
Launch your JConsole client and connect to your vCD host (use port 8999)
The Overview section of the JConsole provides some basic monitoring values.
I uploaded the ESXi server image, ESXi 5.1 U1 to the catalog, Catalog-01, in Organization virtual datacenter (Org vDC) Org-vDC-vCD-Site-A-01.
Surprisingly the quarantine configuration didn’t seem to kick in, the file status was Stopped.
This means the file was immediately available for the end user when trying to “Insert CD/DVD from Catalog” to the vApp VM.
Just to verify that the uploaded ESXi 5.1 imaged worked i started the vApp and the VM used the iso file when booting.
Looking in the JConsole i can not even see the MBean, org.apache.activemq > uuid > Queue > com.vmware.vcloud.queues.transfer.server.QuarantineRequest >Operations, the VMware documentation refers to meaning i can not manage the quarantine function using the JMX service.
This made me think i did something wrong during the setup process and while investigating the vCD log files i also created a VMware support request.
I was a bit surprised when the excellent VMware vCloud Support Engineer Scott Harrison got back and told me he can reproduce the behavior since the JMX Service quarantine function has been deprecated in favor for API calls. The configuration option in the vCD UI and VMware documentation has not yet been removed unfortunately.
I removed the quarantine configuration in the vCD UI under the “vCD system settings -> Administration -> General” area.
API – Blocking Tasks
To use the quarantine function i needed to use the Blocking Task function in vCD and is managed in the vCD UI “vCD system settings -> Administration -> Extensibility”.
I configured the Blocking Task Settings and enable the actual media upload blocking task.
When uploading a file i can see that it gets another status (Pending processing) comparing to the previous uploaded file meaning it is not available to the end user.
The following vCD Event is registered.
Only the previously uploaded file is available for selection when trying to “Insert CD/DVD from Catalog” to the vApp VM.
After waiting the 10 minutes i specified as the “Default Blocking Task Timeout” i can see that the file was removed from the “Catalogs -> Media” view and the following actions were taken by the vCD.
If i change the default “Default Timeout Action” from “Abort” to “Resume” i got another behavior when the “Default Blocking Task Timeout” is reached.
I uploaded the ESXi 5.1 U1 once more, named it ESXi-5.1-U1-Test2, and after waiting the 10 minutes i specified as the quarantine timeout i can see the status has changed in the “Catalogs -> Media” view from “Pending processing” to “Stopped”.
2 pings