VMware vRealize Automation 7–vRA7–Performing a “Minimal deployment” Installation

In this article I’m going to walk you through performing a minimal deployment of vRA7.  Please keep in mind vRA7 is not GA as of the writing in this article and the GA version could have some differences.  Once it is released and you have downloaded the vRA7 appliance follow the below steps for performing a “minimal deployment”.

Before you Begin

Before you start there are a few things you will need:

  • A server running a supported version of Windows.  (I’m running WIndows Server 2012 R2).
  • Configure NTP Time sync on windows server. (Instructions inline below)
  • A Microsoft SQL server for the IaaS database.
  • Configure the MS SQL server with the proper MSDTC security settings. (Instructions inline below)

Deploy the Appliance

The first thing you are going to need to do is deploy the appliance to your vSphere environment.  I’m not going to walk through the OVA deployment in this article.  If you need information in regards to deploying the appliance you can refer to the following article:

Refer to the section “Importing the vCAC 6.0 Virtual Appliance OVA to vCenter” in article vCloud Automation Center – vCAC 6.0 – Installing the vCAC 6.0 IaaS Server

Performing the Installation

1. Navigate to https://{vra7VAIPAdddress}:5480

    1. Once there login as user “root” with the password you set during the appliance deployment.  Once you login a new window will appear to start the guided installation.  Select “Next” to begin.

image

 

2. Accept the agreement and select “Next”.

image

 

3. Select “Minimal Deployment” and select “Next”.

image

 

4. On this step you are presented with a file download.  You will now need to download the agent installation and install the deployment agent on the Windows IaaS host.  If you do not have a Windows IaaS host prepared you can deploy it now and simply install the agent once completed.  I have deployed a Windows 2012 R2 host for this example.

vRA Management Agent Setup

    1. If your server is not already setup to use NTP configure NTP time services on the server.  Youc an do this using the following command from PowerSHell.

w32tm /config /manualpeerlist:pool.ntp.org /syncfromflags:MANUAL
Stop-Service w32time
Start-Service w32time

  1. Launch the “vCAC-IaaSManagementAgent-Setup” file on your WIndows IaaS host and select “Next” to continue.
    image
  2. Accept the terms and select “Next”.
    image
  3. If needed change the path otherwise select “Next” to continue.
    image
  4. Input the GQDN of the vRA7 appliance in the format https://{vRA7VA_FQDN}:5480, then input the username for root and the password set during the vRA7 VA ovf deployment.  Finally load the certificate, confirm it is correct and select “Next”.
    image
  5. Next specify the account username and password the service should run as.  The account need to have admin privileges on the windows IaaS host and select “Next”.
    image
  6. Select “Install”
    image
  7. Once installation finished select “Finish” and then return to the vRA7 Installation wizard.
    image

5. Once you return to the vRA7 Installation Wizard you will now see your IaaS host listed along with it’s Time Offset in seconds.  If the time offset is more than 600 seconds the wizard will not let you continue until it is resolved.  From what I can tell it looks like the wizard will update the Time Offset every 3 minutes.  Select “Next” to continue.

image

 

6. Next select “Run” to run the pre-req checker on the IaaS host.

image

 

7.  If you are like me I deployed a Windows server and did not complete any of the pre-reqs manually.  In this case the prerequisite checker will come back with “SOme prerequisites are not met.  If you want to review the failed prerequisites you can select “Show Details”.  Select “Fix” to have the wizard complete the prerequisites for you.

image

image

image

 

8. Once the Wizard finished setting up the prerequisites the status will show “OK”.  You can show the details if you like and then select “Next” to continue.

image

image

 

9. Next input or select Resolve Automatically the hsotname in FQDN format of the vRA7 appliance.  Select “Next” to continue.

image

 

10. Next set the password for the single sign on admin account and select “Next” to continue.

image

 

11. Next we need to set the FQDN of the IaaS host as well as specific a windows domain account to use for the installation of the IaaS components.  Then set an encryption passphrase for the IaaS database.  Once set select “Next” to continue.

image

 

12. Now we need to specify the Microsoft SQL server to be utilized for the IaaS server., the database name and the authentication type to be used.  Please also note that if you haven’t already you need to make sure that the MSDTC configuration on the SQL server is properly configured under Component Services –> Distributed Transaction Coordinator.  When finished select “Next” to continue.  (Note you can also use the validate button to validate the configuration at this point.)

image        image

 

13. Now we need to verify the DEM configuration.  You can add additional DEM’s if you like, however this is not necessary for a minimal installation the defaults here should be fine.

image

 

14. Next we need to configure the agents to be installed.  When the page loads there are defaults already populated for a vSphere agent.  Please remember to note whatever you choose to use for the “Endpoint” as we will need this later.  If you only need a vSphere agent then you don’t need to change anything.  If you need to add additional agents you can select the green + sign to add additional agents.  Select “Next” to continue when finished.

image

 

15. Now we can either Generate or import a certificate for the vRA7 Appliance.  I’m going to generate a new certificate since I don’t have a certificate server up and running.   If generating select “Generate Certificate, fill out the reqired info and select “Save Generated Certificate”.  Once completed select “Next” to continue.

image

 

16. Next we need to do the same for a Web Certificate for the IaaS webserver.  Select “Next” when finished.

image

 

17.  And one last time for the Manager Service Certificate.  You will notice that because the Manager Service and the IaaS webserver are on the same host it automagically uses the same certificate, however if we were to split them up in a distributed installation another certificate would be needed.

image

 

18.  Next the wizard will validate everything we have told it.  This process can take some time so select “Validate” and go refill your coffee.

image

Notice there are two DEM’s being validated.  Both an orchestrator and manager DEM.  The installation automagically accounts for the orchestrator because it knows it is required.  You will also notice that I have two proxy agents and you may only have one.  This is because I added a second agent to for another use.

image

 

19. Once validation is finished select “Next” to continue.

image

 

20.  You now have the option to snapshot the the VM’s being used in case something goes wrong.  Once you snapshots are finished select “Next” to continue.

image

 

21. Once you select “Next” above the installation will begin.  Go to lunch for this one it may take up to 30 minutes or a little longer.

image

image

 

22. Once the installation finishes you can then input your license key.  Select “Submit Key”  and then select “Next” to continue.

image

 

23. Choose your customer experience settings and select “Next” when finished.

image

 

24. Congratulation, you have successfully installed vRA7.

image

Advertisements

vRealize Voice Automation – Amazon Echo and vRA

Last week we had our “TechSummit” and VMware and as part of the event their was a hackathon where team or individuals could sign-up and enter a cool integration into the competition.  In the true spirit of a hackathon Tom Bonanno and I decided to do something cool.  That something we named vRealize Voice Automation.

The goal:

To be able to utilize the Amazon Echo to create, destroy, power on, & off workloads in vRealize Automation

The Solution:

Using the Amazon Alexa skills API we were able to create a new Alexa skill with three intents:

  • Deploy Server
  • Destroy Server
  • Power Server

These intents combined with what Amazon calls Utterances allow us to take the speech input and determine variables within the speak for items like “blueprint” or “hostname”.  That we then could use.  The input taken from the Alexa API is then sent to some node.js code that is hosted on Amazon Lambda where we looked at the intent that was called and the variable values associated with and we then make a Rest API call to VMware vRealize Orchestrator invoke a workflow and pass the parameters to it as inputs.  From there vRO talks to vRA and success.

It is certainly a cool solution, but remember the Alexa doesn’t always hear what you want it to hear and that can be catastrophic if your performing a destroy operation as you will see in the following videos.

Below are two videos.  One is a commercial that was made for our hackathon entry and the other is a demonstration of the integration in action and a bit more on how we did it.

 
vRVA Commercial
 

 
vRVA Demo
 

vRealize Orchestrator – vRO 6.0.1 is now available!

vRealize Orchestrator 6.0.1 is now available.  This is exciting especially of your are running vRA 6.2 and would like to deploy an external vRO server.  That of course is just one of the benefits of the new vRO 6.0,1 release.  Below is additional new features with this release:

What’s new?

With this release vRealize Orchestrator introduces a more flexible content delivery mechanism due to increased workflow development efficiency and a new troubleshooting experience. Workflow developers benefit from a more programming-free design experience provided by the new control flow activities and error handling mechanism. Workflow execution and monitoring is easier when using the new administrative interface. vRealize Orchestrator 6.0.1 introduces better configuration options for vSphere 6.0, by using a unified page for configuring vCenter Single Sign-On authentication, licensing, and vCenter component registry. The stability of the vCenter Server plug-in has been improved by resolving major issues based on customer feedback.

vRealize Orchestrator 6.0.1 has an updated model for installing the vSphere Web Client plug-in for vRealize Orchestrator. vRealize Orchestrator 6.0.1 supports the vSphere Web Client integration and context execution of vRealize Orchestrator workflows as part of vSphere Web Client 6.0.

Continue reading “vRealize Orchestrator – vRO 6.0.1 is now available!”

vRealize Code Stream – vRCS 1.x – Installation and Configuration

For those of you who are fortunate enough to be able to get a trial for Code Stream this article will walk you through the installation and initial configuration of the product.  Code stream as the name suggest is part of the vRealize product line and shares the same identity appliance and virtual appliance as vRealize Automation.  Because of this I will be referring to articles I have already written for portions of the installation in an effort to not re-invent the wheel.

Installing vRealize Code Stream

1. For instructions on how to install the vRealize Code Stream Identity Appliance please see Installing the vCAC 6.0 Identity Server.

*Note – The instructions in the above referenced article may vary slightly from vRCS 6.0 identity appliance, however it should be close enough that you should not have any issues following along.

It is recommended that you configure the Active Directory settings in the Identity Applaince which is not covered in the above post, but is straight forward.

2. For instructions on how to install the vRealize Code Stream Virtual Appliance please see Installing the vCAC 6.0 Virtual Appliance.

*Note – The instructions in the above referenced article may vary slightly from the vRCS Virtual Appliance, however it should be close enough that you should not have any issues following along.

On step 21 input the Code Stream License Key instead of the vRA license key, or both if you like.

3. For instructions on how to setup Tenants in vRealize Code Stream please see Adding Tenants in vRealize Autoamtion 6.x.

On step 7 you will not be able to add a user to the “Infrastructure Administrator” role as that is a construct of vRealize Automation.  If you are running code stream and vRealize Automation on the same virtual appliance you can add users/groups to this role.

Continue reading “vRealize Code Stream – vRCS 1.x – Installation and Configuration”

vRealize Automation – vCAC 6.1 – Ultimate Multi-Machine Blueprint Extension v1.0.2 – Updated

Have you ever needed more control over what custom properties get assigned to specific component machines of a multi-machine blueprint, or want to use the same component blueprints for all component machine of a multi-machine blueprint?  The Ultimate Multi-Machine Blueprint Extension aims to help with that.

The Ultimate Multi-Machine Blueprint Extension allows you to utilize the same source component blueprint for multiple component machines while at the same time controlling which custom propertied get assigned to each of the components.  This allows you customize each of them differently during deployment.

This extension works well with the Custom Hostname and the Custom vCenter Folders extension to round out the use of Multi-Machine Blueprints.

Example Use Cases:

  1. Use a single machine blueprint for all components of a multi-tiered multi-machine blueprint and customize the name of each component.
  2. Use a single machine blueprint for all components of a multi-tiered multi-machine blueprint and customize the guest agent actions of each component machine.
  3. Use a single machine blueprint for all components of a multi-tiered multi-machine blueprint and override the template for each component to deploy from a different source vCenter template for each component.

The goal of this extension is to limit blueprint sprawl and leverage the multi-machine construct to customize the component machines and rely less on customizing the single machine blueprints making them more re-usable.

This extension was designed and built as a collective effort by Tom Bonanno and Sid Smith.  If you have any feedback please let us know.

Features

  • Define which component machines to apply custom properties to in a multi-machine blueprint.
  • Utilize a singular blueprint for all component machines in a multi-machine blueprint.

Change Log

v1.0.2

  • Fixed bug that caused properties with Multiple periods not to be processed properly.

v1.0.1

  • Initial Release

Remember we have performed a large amount of testing, but this is a v1.0 extension so please test and let us know if you find any issues.

Continue reading “vRealize Automation – vCAC 6.1 – Ultimate Multi-Machine Blueprint Extension v1.0.2 – Updated”

VMware vCenter Orchestrator 5.1.3 is released.

This release of vCenter Orchestrator fixes a number of issue from the previous release.  Mainly a maintenance release, so when you can find the time I would recommend getting it installed and putting some of these issues in the past.  If for no other reason you will want to get this installed to resolve the issue where nested workflow don’t resume properly when rebooting the vCO server. Issues resolved in this release:

 

Active Directory account gets locked when connecting to Microsoft SQL database
If you set up a connection to a Microsoft SQL database with a Windows Active Directory account, the account gets locked from the domain.

vCenter Server inventory disappears from the Orchestrator client
If there is an outage of the connectivity to vCenter Server, the vCenter Server inventory disappears from the Orchestrator client and cannot be accessed until you restart the vCenter Orchestrator server.

Purging operations might cause a Microsoft SQL database deadlock
Orchestrator’s purging operations for events might cause a deadlock in a Microsoft SQL database.

VcAuthorizationRole.roleId does not provide the correct role ID and always returns 0
When you use the vCenter Server plug-in VcAuthorizationRole.roleId attribute, the correct role ID is not provided. Instead, the role ID of every object is displayed as 0.

Nested workflows not resuming properly when rebooting
If there are nested workflows still running when you reboot an Orchestrator server, the nested workflows do not resume from the last workflow element that was running at the time of reboot. After the Orchestrator server starts again, the nested workflows resume from the begining.

Import Package dialog responding slowly
The Import Package dialog might respond slowly when importing a package with content that is already available in Orchestrator.

Problematic releasing of locks
If you create a lock with LockingSystem.lockAndWait(lockName,””) and try to release it by running the Release all locks workflow, the LockingSystem.unlockAll() method does not release all locks.

Release Notes can be found here.

Download can be found here.

vRealize Automation – vCAC 6.1 – Custom Property Toolkit for vCO

For those of you who have not seen this yet, it is a must have for anyone writing vCO workflows for vCAC.  VMware’s own Dan Linsey build a set of pre-built workflows to help aid you in your own development efforts.  The toolkit includes workflows for performing Create, Read, Update, & Delete Operations for vCAC custom properties for more than just virtual machine objects.  IT includes support for the following:

 

  • Blueprints
  • Build Profiles
  • Business Groups
  • Endpoints
  • Property Dictionary
  • Virtual Machines
  • and more

Top check out this incredibly useful toolkit head over to the VMware Communities and download it.

vRealize Automation – vCAC 6.1 – Building vCO workflows for Multi-Machine Blueprints

It seem that there is a bit of confusion around using vCO workflows with multi-machine blueprints.  Before I discuss how to build vCO workflows for multi-machine blueprints I want to discuss the differences between single machine and multi-machine blueprints and how they relate to each other.

Single Machine Blueprints

Single machine blueprints are pretty straight forward.  When a custom property is defined on a single machine blueprint it only affects that machine.  Makes sense right?  When we trigger a vCO workflow to run during a state transition of a single machine it interacts with only that machine.  It is important to be mind full of the vCO workflows that are assigned to single machine blueprints that may be used as a component machine of a multi-machine blueprint.

Multi-Machine Blueprints

Multi-Machine blueprints are extremely versatile allowing single machine blueprints to be grouped together for and requested in a single deployment.  They are so versatile that you can add single machine blueprints of different types that are possible deployed to different types of Endpoint and across geographies.  This however also makes them somewhat complex requiring you to be careful and thoughtful as to how you structure custom properties and the vCO workflows that you may choose to run on them.

Custom properties that are defined at the Multi-Machine blueprint are passed down to the component virtual machines that are a part of them.  This can be very useful, but can also be a bit dangerous.  Take the hostname property.  If we define a hostname using this property at the Multi-Machine level it will cause chaos during the deployment and cause the deployment to fail because all machine will inherit the property and the value and ultimately have the same name.

This is the case with any different properties when used at the multi-machine level.  You also need to be mindful of the effect of that property across different platform, provisioning types as well as geographies.  This becomes even more complicated when executing state transition workflows that run vCO workflows.  If you attach a workflow to the multi-machine it will in turn become attached to every component machine as well.  This can be very useful if you want to execute the workflow on every component machine, however if that workflow is utilizing an entity that doesn’t exists at the parent multi-machine level it will again cause chaos for your deployment.  The good news is it doesn’t have to as long as the vCO workflows are built to support the intended result.

In the following walk-through I will be using the Custom vCenter Folders Extension to demonstrate what you can do to account for the Multi-Machine and Single Machine aspects of vCO workflows.

Continue reading “vRealize Automation – vCAC 6.1 – Building vCO workflows for Multi-Machine Blueprints”

vRealize Automation – vCAC 6.1 – Custom vCenter Folder Extension

Overview

vCAC by default will place all provisioned machines into a vCenter folder named VRM.  You can override this using the custom property VMware.VirtualCenter.Folder to tell vCAC where to place the provisioned machine.  While this is great that you can tell vCAC where to place the provisioned machine it isn’t very flexible.  I built the Custom vCenter Folder Extension to fix that and make folder placement as flexible as you need it to be.  VM folder placement is just about organizing virtual machines.  It provides a way to control access to these machines through vCenter as well.  Many organizations control permissions to these environments using these folders and need to be able to place any machine where they need for these purposes.

Multi-Machine blueprints is another area where this extension adds value.  You can control placement of virtual machines by defining the VMware.VirtualCenter.Folder property on a Multi-Machine blueprint folder, but all VM’s for all Multi-Machine apps are placed in the same folder creating confusion as to which VM’s belong to which Multi-Machine application.  Now if you add NSX into the mix and you have Multi-Machine components spread all over the place with no way to easily determine which VM’s as well as NSX Edges go to which application.

When used with Multi-Machine blueprints the Custom vCEnter Folder Extension can place all component Virtual Machines as well as Deployed NSX Edge appliances in a folder named after the Multi-Machine application if you desire making it easy to identify related components of an application.  This also allows you to easily permission vCenter access to the components of the application if necessary.

Features

  • Dynamic Folder Names based on custom naming scheme
  • Multi-Machine folder placement including NSX Edge applince
  • Automatic Multi-Machine folder removal when Multi-Machine app is destroyed

Continue reading “vRealize Automation – vCAC 6.1 – Custom vCenter Folder Extension”

VMware NSX 6.1 & vCAC 6.1 – Connecting NSX to vCAC

Now that we have installed and configured NSX I think it’s time we connected it to vCAC.  In version 6.1 there are some changes to the integration with NSX and vCAC.  When I say changes I should say there are some great new changes.  The integration now utilizes a vCO Plug-in that handles all the interactions between NSX and vCAC.

Benefits of vCO plug-in for NSX to vCAC integration

The benefits of the vCO plug-in are huge.  These workflows that now exist in vCO are there for you to use in your own customization giving you the ability to interact with NSX in a custom way without having to code against it’s api.  Personally I await the day for all integrations to be this way.

As most of you know the vCAC appliance has vCO built in and the built in vCO server already has the NSX plug-in installed for.  If you want to use an external vCO you will have to deploy the plug-in to that appliance before trying to connect vCAC to NSX.

Continue reading “VMware NSX 6.1 & vCAC 6.1 – Connecting NSX to vCAC”