If you were at VMworld and caught the Day 1 General Session you may have heard Pat Gelsinger say “The rule of the cloud – Ruthlessly Automate Everything”. This should be a wakeup call for anyone who has not begun or has done very little with automation.
GSS has decided on a number of design considerations for their vRA implementation. GSS is currently using a consumption based model for their resource allocation. They don’t pre-reserve any amount of resources for specific groups within the organization. GSS feels their current consumption model allows them to more efficiently manage their resources. It also prevents them from having pockets of idol resources that may never get used. Based on this utilization model GSS will be implementing the following elements within vRA.
GSS considered having a business group for each environment (Dev, Test, Stage, and Production). To evaluate how they would like to proceed they asked to have 5 initial tenants created. One for each of their environments and one to evaluate a collapsed model of all environments in one group.
Business Groups
Development – All Developers across all groups within GSS
In my previous article The Road to automation with VMware vRA I discussed I would be published a company profile for my fictitious company GSS. In this article we will be digging into GSS to take a look at where it is today, its challenges, processes, systems, and automation use cases.
Company: (GSS) Gregarious Simulation Systems Profile: Successful Video Game Manufacturer Employees: 1200+ IT Staff: 80+ vSphere Sockets: 200+ Managed VMs: 3000+ Server Build Team: 12 Environments: Development, Test, Stage, Production
In my previous article about the SovLabs plugin I covered some pre-requisites and sent you over to the SovLabs documentation to finish the installation. Once you have installed the vRO plugin using the vRO Control Center you will go to your vRO Client and see a new folder that has all the Sovlabs vRO modules.
If you haven’t read Part 1 of this article you will want to go back and read it before you proceed. In part 2 we will build on the installation that we performed in part 1. Let’s just dig right in and get started.
How this integration works
Configuring the integration to use native vRA authentication requires the user to login to ServiceNow and vRA both. When the user logs into ServiceNow they are redirected to the vRA Login page and was logged in they are then redirected back to ServiceNow. This allows requests the user makes to be passed to vRA as that user. The main difference between this and the SAML (ADFS) integration is the user only need to login to vRA the very first time they use it and never again as the user is auto-magically logged in to vRA in the background using the SAML token. This is a great option for testing the integration without having to touch your Identity Management configuration.
It seems like everyone these days wants to use ServiceNow as their catalog for vRA. It use to be that everyone just wanted to create or update CI records. Before I get into the weeds on how to get vRA and ServiceNow talking together I wanted to take a few minutes to discuss the integration, the pros, the cons, and it’s limitation.
Many of you are looking to kick the tires on the SovLabs vRO plugins for vRA 7.3, but don’t know where to begin. If that’s you, then you are in luck. In this article I’m going to walk you through everything you need to know to install the plugin. Before we begin please make sure you have visited the SovLabs Trial registration site so you have the installation bits and a trial key.
Patching vRA 7.3
Before we just go an drop in the plugin we need to prepare vRA. To do this we must first apply two hotfixes. One for the vRA appliance and one for vRO.
I want to thank all of you that have downloaded and used this module. We never expected it to be as widely used as it has been. We decided to stop maintaining this because it was originally built as an example of how one could achieve this capability. Much to our surprise it has been deployed into countless production environments. As a result we have received countless requests for support which we cannot provide.
Their is good news however. Their is a commercially available supported product that is capable to doing much more than this module is capable of. For more information See article on SovLabs Hostname Module
Overview
One of the most frequent asks when using vRA is, “How do I deploy machines using my company’s hostnaming standards automatically using vRA?” Since the out-of-the box hostnaming only provides a way to do prefix-suffix, the answer to this question usually is that it will require customization.
This solution is intended to provide a way to implement this functionality by using a small, highly versatile custom extension which can handle 95% of use cases without writing custom code.
The rest of this article contains instructions on installing and configuring the vRA Custom Hostnaming Extension. This extension allows administrators to model very specific custom hostnaming schemes for their vRA virtual machines, Deployments, and vCloud Director vApps using vRA custom properties, with dynamic creation of stock machine prefixes and index tracking for each unique hostname combination.
This extension is proof-of-concept or demo grade. While it runs well and consistently, it has not been put through a formal quality assurance process, so please use with caution.
Have you ever tried to build a day 2 operation for use with Multi-Machine applications? Well if you have chances are you hit the same issue one of my colleagues Pontus ran in to when he first attempted. Pontus however didn’t give up when he discovered there is no Object type to tie the action to. Instead he dug deeper and deeper until he found a solution. If you find yourself needing this capability or have found yourself banging your head for hours trying to figure this out you should check out Pontus’s post on virtualviking.net. The post can be found at http://virtualviking.net/2015/11/13/day-two-operations-on-multi-machine-blueprints-in-vrealize-automation-6-2/
In this article I’m going to walk you through performing a minimal deployment of vRA7. Please keep in mind vRA7 is not GA as of the writing in this article and the GA version could have some differences. Once it is released and you have downloaded the vRA7 appliance follow the below steps for performing a “minimal deployment”.
Before you Begin
Before you start there are a few things you will need:
A server running a supported version of Windows. (I’m running WIndows Server 2012 R2).
Configure NTP Time sync on windows server. (Instructions inline below)
A Microsoft SQL server for the IaaS database.
Configure the MS SQL server with the proper MSDTC security settings. (Instructions inline below)
Deploy the Appliance
The first thing you are going to need to do is deploy the appliance to your vSphere environment. I’m not going to walk through the OVA deployment in this article. If you need information in regards to deploying the appliance you can refer to the following article:
Once there login as user “root” with the password you set during the appliance deployment. Once you login a new window will appear to start the guided installation. Select “Next” to begin.
2. Accept the agreement and select “Next”.
3. Select “Minimal Deployment” and select “Next”.
4. On this step you are presented with a file download. You will now need to download the agent installation and install the deployment agent on the Windows IaaS host. If you do not have a Windows IaaS host prepared you can deploy it now and simply install the agent once completed. I have deployed a Windows 2012 R2 host for this example.
vRA Management Agent Setup
If your server is not already setup to use NTP configure NTP time services on the server. Youc an do this using the following command from PowerSHell.
Launch the “vCAC-IaaSManagementAgent-Setup” file on your WIndows IaaS host and select “Next” to continue.
Accept the terms and select “Next”.
If needed change the path otherwise select “Next” to continue.
Input the GQDN of the vRA7 appliance in the format https://{vRA7VA_FQDN}:5480, then input the username for root and the password set during the vRA7 VA ovf deployment. Finally load the certificate, confirm it is correct and select “Next”.
Next specify the account username and password the service should run as. The account need to have admin privileges on the windows IaaS host and select “Next”.
Select “Install”
Once installation finished select “Finish” and then return to the vRA7 Installation wizard.
5. Once you return to the vRA7 Installation Wizard you will now see your IaaS host listed along with it’s Time Offset in seconds. If the time offset is more than 600 seconds the wizard will not let you continue until it is resolved. From what I can tell it looks like the wizard will update the Time Offset every 3 minutes. Select “Next” to continue.
6. Next select “Run” to run the pre-req checker on the IaaS host.
7. If you are like me I deployed a Windows server and did not complete any of the pre-reqs manually. In this case the prerequisite checker will come back with “SOme prerequisites are not met. If you want to review the failed prerequisites you can select “Show Details”. Select “Fix” to have the wizard complete the prerequisites for you.
8. Once the Wizard finished setting up the prerequisites the status will show “OK”. You can show the details if you like and then select “Next” to continue.
9. Next input or select Resolve Automatically the hsotname in FQDN format of the vRA7 appliance. Select “Next” to continue.
10. Next set the password for the single sign on admin account and select “Next” to continue.
11. Next we need to set the FQDN of the IaaS host as well as specific a windows domain account to use for the installation of the IaaS components. Then set an encryption passphrase for the IaaS database. Once set select “Next” to continue.
12. Now we need to specify the Microsoft SQL server to be utilized for the IaaS server., the database name and the authentication type to be used. Please also note that if you haven’t already you need to make sure that the MSDTC configuration on the SQL server is properly configured under Component Services –> Distributed Transaction Coordinator. When finished select “Next” to continue. (Note you can also use the validate button to validate the configuration at this point.)
13. Now we need to verify the DEM configuration. You can add additional DEM’s if you like, however this is not necessary for a minimal installation the defaults here should be fine.
14. Next we need to configure the agents to be installed. When the page loads there are defaults already populated for a vSphere agent. Please remember to note whatever you choose to use for the “Endpoint” as we will need this later. If you only need a vSphere agent then you don’t need to change anything. If you need to add additional agents you can select the green + sign to add additional agents. Select “Next” to continue when finished.
15. Now we can either Generate or import a certificate for the vRA7 Appliance. I’m going to generate a new certificate since I don’t have a certificate server up and running. If generating select “Generate Certificate, fill out the reqired info and select “Save Generated Certificate”. Once completed select “Next” to continue.
16. Next we need to do the same for a Web Certificate for the IaaS webserver. Select “Next” when finished.
17. And one last time for the Manager Service Certificate. You will notice that because the Manager Service and the IaaS webserver are on the same host it automagically uses the same certificate, however if we were to split them up in a distributed installation another certificate would be needed.
18. Next the wizard will validate everything we have told it. This process can take some time so select “Validate” and go refill your coffee.
Notice there are two DEM’s being validated. Both an orchestrator and manager DEM. The installation automagically accounts for the orchestrator because it knows it is required. You will also notice that I have two proxy agents and you may only have one. This is because I added a second agent to for another use.
19. Once validation is finished select “Next” to continue.
20. You now have the option to snapshot the the VM’s being used in case something goes wrong. Once you snapshots are finished select “Next” to continue.
21. Once you select “Next” above the installation will begin. Go to lunch for this one it may take up to 30 minutes or a little longer.
22. Once the installation finishes you can then input your license key. Select “Submit Key” and then select “Next” to continue.
23. Choose your customer experience settings and select “Next” when finished.
24. Congratulation, you have successfully installed vRA7.