This is part of a series of posts that will look at the deployment VMware vRealize product suite, commencing with vRealize Orchestrator.
VMware vRealize Orchestrator
VMware vRealize Orchestrator is a development and process-automation platform that provides a library of extensible workflows to allow you to create and run automated, configurable processes to manage VMware products as well as other third-party technologies. vRealize Orchestrator automates management and operational tasks of both VMware and third-party applications such as service desks, change management systems, and IT asset management systems.
Orchestrator is composed of three distinct layers:
- An orchestration platform that provides the common features required for an orchestration tool
- A plug-in architecture to integrate control of subsystems
- A library of workflows
Orchestrator is an open platform that can be extended with new plug-ins and libraries, and can be integrated into larger architectures through a REST API.
A standard set of plugins are provided, however 3rd party extensible plug-ins can also be used.
The Orchestrator database comes preconfigued with a PostrgreSQL database and is suitable for small to medium scale environments. External databases are also supported (Review the VMware Product Interoperability Matrix for list of externally supported DBs).
vRO Appliance Components:
- SUSE Linux Enterprise Server 11 Update 3 for VMware 64-bit edition
- Embedded PostgreSQL
- In-Process ApacheDS LDAP (only recommended for Dev/Test purposes)
- Orchestrator/Process automation engine
After the appliance has been deployed we can setup the authentication provider to use directory services or vSphere authentication. However, according to the documentation LDAP authentication is deprecated. The default authentication mechanism uses ApacheDS LDAP, which is fine for testing purposes. For production you could change this to vCenter SSO authentication. VMware recommend using localised authentication providers to avoid long LDAP response times. Similarly narrowing the LDAP search path to a specific OU – should also help.
PortgreSQL comes baked into to the deployment, this is suitable for small and medium scaled production purposes. An external database is recommended for large scale deployments. Orchestrator supports external database deployments of Oracle, Microsoft SQL server and PostgreSQL. For this implementation I will just be using the embedded db, but should you want to use an external db you will need to setup this up as a separate workflow.
Once vRealize Orchestrator has been deployed connectivity is established via the vRO control centre a web-UI (https://ipOfvROappliance:8283). From the control centre we will perform some basic configuration and then connect using the vRealize Orchestrator Workflow Designer tool. This will allow us to connect the vRO instance to vCenter. Once connected to vCenter as an extension we can create and manage workflows from the vSphere Web Client.
Deploying the vRealise Orchestrator Appliance
- VMware vCenter Server deployed and running
- Enough compute and storage resources to support the vRO appliance.
- If using the vSphere Web-UI – Install the Client Integration plug-in as this is required to deploy the appliance.
Deployment: Follow the deployment procedure found on page 26 of the install and configuration guide (note this references v6 documentation but is essentially the same for v7.x).
The password for the root account of the Orchestrator Appliance expires after 365 days. You can increase the expiry time for an account by logging in to the Orchestrator Appliance as root, and running passwd -x number_of_days name_of_account. If you want to increase the Orchestrator Appliance root password to infinity, run passwd -x 99999 root.
Here we want to set the authentication mode to vSphere (as we are adopting the simple deployment). Configure the database to use PostgreSQL (embedded).
1a. Open your browser to https://ipOfvROapplaince:8281/vco
1b. Under Configure the Orchestrator Server select ‘Orchestrator Control Center’.
2. Login to the vRO Control Center.
3. Welcome to the vRO Control Center.
4. Select Configure Authentication Provider, for this deployment we will use vSphere (PSC SSO domain).
4a. Set the host address to your vCenter server and accept the certification warnings.
4b. Restart the services when prompted.
5. Configure the Database. I will be using the embedded PostgreSQL db in this deployment.
6. Restart the services
7. Next we want to navigate back to the vCO start page https://ipofvROapplaince:8281/vco
7a. Download and install the Orchestrator Client.
8. Open the Client and login with your vCenter Admin SSO user (firstname.lastname@example.org)
9. First up we want to connect this instance of vRO to an endpoint such as vCenter. To do this we need to create our first workflow.
10. Select ‘Workflows’ icon (blueprint) and expand Library -> vCenter -> Configuration.
10a. Select ‘Add a vCenter Server instance’.
10b. Select ‘Start workflow’ (green play button).
10c. Enter your vCenter server hostname/IP address as well as the HTTPS port (443). The location should be set to /sdk. As I am not using any CA signed certificates I will select ‘yes’ to ignore any warnings.
10d. Enter the vCenter admin user/password and select submit.
11. Once the workflow has processed you should be able to view the vCenter server endpoint and resources from the inventory object.
12. The next task (optional) is to register the vRO instance with vCenter as an extension. This will allow us to the vSphere web client to manage and create workflows.
12a. Select ‘Workflows’ -> ‘vCenter’ -> ‘Register vCenter Orchestrator as a vCenter server extension’.
12b. Start the workflow to register vRO with the vCenter server instance.
12c. Set the vCenter instance as: https://FQDNofVC:443/sdk. Select submit to complete the task.
13. To confirm that task has completed login the vSphere web client then select vRealize Orchestrator.
14. There you have it, vRealize Orchestrator deployed. In future blog posts we will cover some basics around creating workflows before moving onto the deployment of vRealize Automation.