Hello,
I am reading the new "Installing and Configuring vCloud Connector 2.5" and I have a doubt about network design. vCloud Connector uses the following ports:
| Port Number | Use |
|---|---|
| 443 | Used when SSL is enabled. This port is used for communication between the vCloud Connector server and vCloud Connector nodes and between nodes. |
| 80 | Used when SSL is disabled.
This port is used for communication between the vCloud Connector server and vCloud Connector nodes and between nodes. |
| 8190 | Required on the destination node for UDT-based data transfer. |
| 5480 | This port is used for communication with the vCC server and vCC node Admin
Web consoles. |
vCloud Connector manages the transfer of content using a separate component, the vCloud Connector node. This flow affects the way a request moves through the system and how network connectivity must be set up.
The image attached shows the path a vCloud Connector request takes in transferring data from a vSphere
to a vCloud Director (VCD) cloud.
1.- Customer requests transfer using vCloud Connector UI.
2.- vCloud Connector server tells vCloud Connector node to transfer vApp.
3.- Node tells vCenter Server to export using VIM API.
4.- Export begins and the following tasks happen in parallel because data is streamed.
Content is moved from datastores to source node cache.
Content is transferred from source to destination node.
Destination node calls the VCD API to import.
Content transfers from destination node cache to VCD transfer server storage.
5.- VCD sends the command for the appropriate vCenter import.
6.- Content transfers from VCD transfer server storage to destination datastore network and is made available through the VCD catalog.
My question is about steps 5 and 6:
vCloud Director copy data connecting directly to the ESX hosts (step 6)? Isn't it?
I think it is recommended to have a firewall between vCloud Director and vCenter/ESXs hosts. But some colleagues does not think the same. Any recommendation would be apreciated.
Best regards.