The vBond orchestrator is a software module that authenticates the vSmart controllers and the vEdge routers in the overlay network and coordinates connectivity between them. It must have a public IP address so that all Viptela devices in the network can connect to it (it is the only Viptela device that must have a public address). While the vBond orchestrator can be located anywhere in the network, it is strongly recommended that you place it in a DMZ. Assigning a public IP address to the orchestrator allows vSmart controllers and vEdge routers that are situated in private address spaces, secured behind different NAT gateways, to establish communication connections with each other. The vBond orchestrator runs as a VM on a network server.
A Viptela overlay network can have one or more vBond orchestrators.
To deploy vBond orchestrators:
- Create a vBond VM instance, either on an ESXi or a KVM hypervisor.
- Create a minimal configuration for the vBond orchestrator, to allow it to be accessible on the network. You do this by using SSH to open a CLI session to the vBond orchestrator and manually configuring the device.
- Add the vBond orchestrator to the overlay network so that the vManage NMS is aware of it.
- If you are hosting the Viptela zero-touch-provisioning (ZTP) vBond server in your enterprise, configure one vBond orchestrator to perform this role.
- Create a full configuration for the vBond orchestrator. You create the initial configuration by using SSH to open a CLI session to the vBond orchestrator. Then you create the full configuration by creating configuration templates on the vManage NMS and then attaching the templates to the vBond orchestrator. When you attach the configuration templates to the vBond orchestrator, the configuration parameters in the templates overwrite the initial configuration.