Tag Archive for vro

Deploying Orchestrator 6.0.3 into vSphere 6

vRARobot2

Deploying Orchestrator 6.0.3 into vSphere 6

Software versions in my lab environment

  • vCenter v6.0.0, 3018524
  • vSphere Hosts v6.0.0, 3029758
  • VMware-vCO-Appliance-6.0.3.0-3000579_OVF10.ovf

and

screen-shot-2016-11-23-at-11-01-06

Instructions

  • Download and deploy VMware-vCO-Appliance-6.0.3.0-3000579_OVF10.ovf into vCenter – File > Deploy ovf template

screen-shot-2016-11-22-at-20-26-33 screen-shot-2016-11-22-at-20-26-47 screen-shot-2016-11-22-at-20-28-11 screen-shot-2016-11-22-at-20-28-35 screen-shot-2016-11-22-at-20-29-07 screen-shot-2016-11-22-at-20-29-36 screen-shot-2016-11-22-at-20-29-59 screen-shot-2016-11-22-at-20-30-47 screen-shot-2016-11-22-at-20-31-58 screen-shot-2016-11-22-at-20-35-35 screen-shot-2016-11-22-at-20-37-18

  • Power on the VM
  • Log into a web browser using the Orchestrator appliance web address. In my case https://192.168.1.123:5480

screen-shot-2016-11-22-at-20-52-23

  • Change the time zone to Europe/London or whichever your timezone is and click Save Settings

screen-shot-2016-11-22-at-20-53-03

  • Click the Network tab and check the settings on the 3 tabs

screen-shot-2016-11-22-at-20-54-10 screen-shot-2016-11-22-at-20-56-20 screen-shot-2016-11-22-at-20-57-02

  • Click the Admin tab and click Time Settings are correct. I have Use Host Time but you can use Time Server

screen-shot-2016-11-22-at-20-57-49 screen-shot-2016-11-22-at-20-58-59

  • Click Save Settings

NEXT

  • Log into a web browser using the Orchestrator web address. In my case https://192.168.1.123:8283
  • Use the vmware username and the password you set up in the OVF deployment

screen-shot-2016-11-22-at-21-01-17

  • You will reach the below screen

screen-shot-2016-11-22-at-21-02-27

  • Click on the Network tab on the left hand side and select your IP Address and check all other details are correct. Click Apply Changes at the bottom right of the screen

screen-shot-2016-11-22-at-21-03-40

  • Click on Authentication and scroll down the screen until you see a link for SSL Certificates. Click on this link

screen-shot-2016-11-22-at-21-05-05

  • Put in your vCenter server in the following format – techlabvcs001.techlab.local:7444 and click Import

screen-shot-2016-11-22-at-21-08-01 screen-shot-2016-11-22-at-21-21-36

  • Put in your Single Sign On/PSC server in the following format – techlapsc001.techlab.local:7444 and click Import

screen-shot-2016-11-22-at-21-12-04 screen-shot-2016-11-22-at-21-14-28

  • Go back to the Authentication tab
  • Put in your Single Sign On server and click Advanced
  • put in your Admin username and password
  • Click Register Orchestrator

screen-shot-2016-11-22-at-21-23-15

  • It should look like the below with further configuration to do

screen-shot-2016-11-22-at-21-24-52

  • Choose your SSO Domain which can be the local domain, LAN domain or the vsphere.local domain.
  • In my case I chose my main domain techlab.local where I have set up a group called vro-group which contains user accounts I want to use as Admins

screen-shot-2016-11-22-at-21-26-22

  • Click Accept Orchestrator Configuration

screen-shot-2016-11-22-at-21-28-40

  • Click Test login and try one of your users

screen-shot-2016-11-22-at-21-30-20

  • Check your license

screen-shot-2016-11-22-at-21-33-50

  • Check the Plugins are all ok

screen-shot-2016-11-22-at-21-34-50

  • Click Startup options and restart both services
  • Log back in and check everything is green

screen-shot-2016-11-22-at-21-36-17 screen-shot-2016-11-22-at-21-37-48 NEXT

  • Open a web page and navigate to your Orchestrator configuration page which in my case is https://techlaborc001.techlab.local:8281
  • Click on Start Orchestrator Client

screen-shot-2016-11-22-at-23-17-55

  • Click on the drop down to Design
  • Navigate to Library > Microsoft > Active Directory > Configuration > Add an Active Directory server
  • Add in the relevant details for your AD server and add others as necessary

screen-shot-2016-11-22-at-23-19-53 screen-shot-2016-11-22-at-23-17-19

  • Next navigate to Library > vCenter > Configuration > Add a vCenter Instance

screen-shot-2016-11-22-at-23-23-34

  • Click Next and fill in the next screen

screen-shot-2016-11-22-at-23-24-27

  • Next we need to run the workflow Register vCenter Orchestrator as a vCenter extension

screen-shot-2016-11-22-at-23-27-40

  • Next type in the external address to advertise this Orchestrator
  • this needs to be for example https://techlaborc001.techlab.local:8281

screen-shot-2016-11-22-at-23-30-38

  • It should say it has been registered as per below

screen-shot-2016-11-22-at-23-32-04

  • We can check it has been registered by opening a web browser and putting in the vCenter server address as per below
  • https://techlabvcs001.techlab.local/mob
  • Click on Content

screen-shot-2016-11-22-at-23-34-17

  • Click on ExtensionManager

screen-shot-2016-11-22-at-23-34-51

  • Look for extensionList[“com.vmware.vco”] which should only exist when the workflow has run correctly.

screen-shot-2016-11-22-at-23-35-44

  • Click on Client

screen-shot-2016-11-22-at-23-37-23

  • You should see the below in url string. This will also appear in the Web Client which we’ll see further on in the instructions
  • You can put this link into a web browser and it should try and download the zip

screen-shot-2016-11-22-at-23-38-00

  • If you need to remove an extension, follow this useful blog below

Removing extensions link http://blog.mwpreston.net/2014/05/02/to-the-point-removing-stranded-vcenter-orchestrator-servers-from-vcenter

  • You now need to restart the web client
  • When the Web Client has restarted and come up again, Go to the Home screen and select the Orchestrator icon

screen-shot-2016-11-22-at-23-53-49

  • You should now see the vCenter and the Orchestrator server listed and you’ll see the information which we saw in the mob web page

screen-shot-2016-11-22-at-23-56-07

  • If you click on Workflows under Inventory trees, you will see the whole library of workflows

screen-shot-2016-11-22-at-23-57-45

  • You can then use the inbuilt workflows or create your own in Orchestrator
  • If you run the List the vCenter Orchestrator extensions of vCenter server, you will see it will pop up in the Recent Tasks list at the bottom of vCenter

screen-shot-2016-11-22-at-23-59-13

  • Pretty funky stuff 🙂

Next

  • In the vSphere Web Client > Click Home > Orchestrator, click on the Workflow icon and expand vCenter > Virtual Machine Management > Basic

screen-shot-2016-11-28-at-14-24-30

screen-shot-2016-11-28-at-14-25-38

  • Right click “Create simple virtual machine”, here is where you can run a workflow directly from within vSphere Web Client.

screen-shot-2016-11-28-at-14-27-55

 

VMware vRealize Automation 6.2.2 Monitoring and Reclamation Part 7

magnifying glass

Monitoring and Reclamation

In vRA we need to know what to do when we need to identify and reclaim unused or underused resources and put in an automated solution to manage these.

Reclamation stages

  • Identify

Through endpoint discovery and data collection, vRA creates  list of machines and their characteristics. Using filtering capabilities, administrators can identify machines for reclamation which could be machines which have been powered off, machines that average low usage and machines where the users have left or been disabled in AD

  • Verify

After machines are identified, they are validated before being reclaimed. vRA use workflows to assist customers with the process along with approval processes

  • Reclaim

Once machines are identified for reclamation, vRA goes through the process of reclaiming. Some machines may need to be archived before being removed completely.

  • Improve

Reclamation is designed to improve efficiency and use. Reporting and cost savings are used to manage machines in order to track and monitor environments

Where is Reclamation in vRA?

Tenant Administrators perform reclamation tasks

  • Go to Administration > Tenant Machines > Reclamations
  • The below page appears

vRA218

  • The tenant administrator can search for underused machines by CPU, memory, disk, network use or idle machines  (Idle meaning a machine which is powered on but with no statistics)

Thresholds

vRA219

Reclamation Requests and Notifications

The tenant administrator submits a reclamation request specifying the lease length and reason for the request which can then be monitored

  • Go to Administration > Tenant Machines > Reclamations
  • Select the machine you want to use
  • Click Reclaim Virtual machines

vRA220

  • The next screen has 3 options
  • New lease length (A new amount of lease time is assigned to the machine where if the owner does not respond to the lease request, the machine is powered off an destroyed, if no archive period was set in the blueprint)
  • Wait before forcing lease (days) (This is the time within which the owner of a machine must respond to prevent a new lease from being applied to the machine)
  • Reason for request

vRA221

  • If an archive period was set, the machine is expired and cannot be powered on until the lease is reset
  • If the lease is not reset at the end of the archive period, the machine is destroyed and the resources are reclaimed
  • Go to the Inbox of the owner. As this is me, I just click Home > My Inbox and I can see the reclamation request which has come in to me

vRA227

  • Click on this request and select an option
  • One of 3 actions can be taken on a reclamation request
  • The machine owner can select Release for reclamation where the machine is reclaimed and immediately destroyed if no archival period was specified in the blueprint
  • The machine can select item in use. No action is taken and the administrator is notified that the machine should still be used
  • The machine owner can take no action. In this case the machine is assigned a new lease based on the reclamation request. If the owner does not respond, it is powered off and destroyed if no archival period was set. During the archival period, the machine cannot be powered on until the lease is reset

vRA228

There are 3 states of reclamation requests

  • Pending (Request submitted to the machine owner)
  • Approved (The machine owner has released the machine for reclamation)
  • Rejected (The machine owner has responded that the machine is still in use)

Machine Leases

These are the time periods given to a machine which determine how long they should be active for. Machine leases are used by tenant admins and business group managers

  • Leases can be assigned to blueprints
  • Leases can be assigned to a machine after it is provisioned
  • Leases can be changed after a machine is provisioned
  • if a lease is not assigned then the machine does not have an expiration date
  • Multimachines have one lease date which is applied to all machines in the service

Home Page Portlets

Tenant Administrators can monitor and report reclamation savings by adding portlets to the home page

  • Log into https://vRA_Apppliance.FQDN/shell-ui-app
  • Click Home and at the right side of the screen, click the pencil icon and select Add Portlets

vRA223

  • Choose the portlets you want
  • They can then be dragged and re-arranged on your home page

vRA224

  • Users can add portlets but if they don’t have permissions then no data will appear

vRA225

  • You can also export data as a .csv file

vRA226

 

VMware vRealize Automation 6.2.2 Extensibility, Orchestrator and ASD Part 6

vRARobot2

Extensibility

There are several challenges involved with automating self service provisioning to enforce governance, minimise user input and provide audit and accounting functionality. vRA can be transformed by using extensibility products such as Advanced Service Designer and VMware vCenter Orchestrator

vCenter Orchestrator

  • Library of workflows and plug-ins which include VMware and partner developed solutions which facilitate integration with existing tools and infrastructure
  • Orchestrator comes built in with vRA or an external Orchestrator server can be used in place of the built in server
  • Blueprints can be created from vCenter Orchestrator workflows and published as catalog items
  • Includes an API which allows an external ecosystem of partners to develop reusuable plugins.
  • Using cluster mode configuration, a collection of Orchestrator nodes can work together and share a common database
  • The extended REST API allows automatic configuration and installation of the necessary vCenter Orchestrator nodes
  • The extended REST API also provides dynamic scale up and scale down of the orchestration capacity when Orchestrator is used with an external load balancer
  • Fully equipped with a workflow debugger

Advanced Service Designer

  • Service Architects can create and publish advanced services to the service catalog. Using the capabilities of ASD, custom resources can be created and mapped to vCenter Orchestrator types and defined as items to be provisioned and managed.
  • Allows administrators to add custom logic to any of the 10 built in IAAS customisable workflows
  • IAAS workflows are created using MS Windows Workflow Foundation which is a part of .NET Framework 4
  • vRA also contains 6 state change workflow templates that can be edited to contain custom logic. These can call out to vRA for bidirectional integration with external management systems
  • You can create up to 4 custom menus
  • Provides a visual workflow editor for customising IAAS workflows

Use cases for extensibility

  • Leverage existing infrastructure and future infrastructure (Multivendor and Multicloud)
  • Configure personalised business relevant services by using custom properties or metadata tags
  • Integration with 3rd party management systems (CMDB, iPAM, Load Balancers and Service Desk apps)
  • ASD is a new feature in vRA 6. Administrators can leverage vCenter Orchestrator workflows and plugins and create new Day 2 operations as custom services
  • vRA provides a RESTful API which can be used to call vRA application and infrastructure services from third party or custom applications

Plugins

Available plugins can be found at http://solutionexchange.vmware.com

Custom Services

The following are examples of what can be done

  • New employee onboarding
  • E-mail box setup
  • Storage and networking services
  • Backup and recovery
  • Security and compliance
  • Software install/update
  • Password management

Cloud Util

CloudUtil is a command line interface to Model Manager. It enables admins to install, configure and update entities in the Model Manager. It also

  • Creates and manages skills
  • Stores and manages files
  • Installs custom machine operations

With a vRA Development Kit License, additional functionalities are available such as

  • Installing and managing custom workflows and models created in MS Visual Studio
  • Install custom models and supporting assemblies
  • Generate client classes for a custom model
  • Install custom events and schedules used to trigger workflows
  • Install new workflows

The ASD Console

The Toolbox pane

The Toolbox pane provides access to the vRA workflow activity library where activities for using PowerShell and vCenter Orchestrator integrate vRA with external systems. Common activities used in workflows include

  • InvokeRepositoryWorkflow = Executes a workflow installed in Model Manager
  • GetMachineName = Gets a machine’s name
  • GetMachineOwner = Gets a machine’s owner
  • GetMachineProperties = Gets the list of custom properties associated with a machine
  • GetScriptFromName = Get’s contents of the script stored in the Model Manager under the specified name
  • InvokePowerShell = Executes a PowerShell command
  • InvokeSshCommand = Executes an SSH command
  • LogMachineEvent = Logs a machine event to the user log that is visible to the machine owner
  • RunProcess = Exceutes a process on the same machine as the DEM that executes this activity
  • SendEmail = Sends an email to the given set of addresses
  • SetMachineProperty = Creates or updates a custom property on the machine
  • InvokeVcoWorkflow = Calls a vCenter Orchestrator workflow and blocks further execution of its parent vRA workflow until the vCenter Orchestrator workflow completes
  • InvokeVcoWorkflowAsync = Calls a vCenter Orchestrator workflow and continues to execute activities in vRA without waiting for the vCenter Orchestrator workflow to complete

Extending built in Workflows using Workflow templates

Using ASD, the 10 out of the box workflow templates can be modified to implement custom logic. 6 of these are State change templates and 4 are menu operation workflow templates

The 6 State Change Templates

Each of these 6 state change templates ma to a specific state of the machine lifecycle. They can be modified and then referenced against a blueprint so the customisation can be applied to a machine derived from that template. As an example all machines might require a custom name derived from a naming convention. Using the WFStubBuildingMachine workflow template could meet this criteria

The 4 Menu Operation Workflow Templates

These 4 templates can be used to implement 4 custom menus with their own functionality. Menu operation workflows are implemented when a user selects a menu from the vRA console. An example could be a menu that enables a user to backup a machine

Defining variables

Defining variables is a critical step in the extensibility process. Information must be defined that is required for the workflow and is the source of that information.

For example. The MyScriptText variable is a string and is used to identify the custom code to be loaded from the PowerShell script which is loaded into Model Manager

Adding State Change Workflow Template to a Blueprint

  • Go to Infrastructure > Blueprints > Blueprints > Edit your Blueprint
  • Select Properties
  • Select New Property

vRA115

Workflow Versioning

You can always revert back to previous versions of a workflow stub by loading the version you want and sending it back. You don’t overwrite the existing version as it created a more recent version which becomes the default version. The Model Manager might store and display multiple versions of a workflow but the DEMs always execute the most recent version of a workflow and not earlier versions

Working with a vCenter Orchestrator Workflow

Workflows can be called synchronously or asynchronously. Some workflows require user interaction and the prompt appears in the vCenter Orchestrator client rather than vRA. To avoid this don’t use workflows which require user interaction from vRA

  • Synchronous

The InvokeVcoWorkflow calls a vCenter Orchestrator workflow and blocks further execution of it’s parent vRA workflow until the vCenter Orchestrator workflow completes

  • Asynchronous

The InvokeVcoWorkflowAsync calls a The InvokeVcoWorkflow workflow and continues to execute activities in the vRA workflow without waiting for the vCenter Orchestrator workflow to complete

vCenter Orchestrator as an endpoint

vRA must be defined as an endpoint to use vCenter Orchestrator

Workflows are built mainly by using existing building blocks

  • Workflows
  • Actions
  • Resource Elements
  • Predefined scriptable tasks

There are more than 200 ready to use workflows included with vCenter Orchestrator

vCenter Orchestrator integration techniques

  • Create a vCenter Orchestrator endpoint in vRA

Using an endpoint, vRA can invoke vCenter Orchestrator workflows

At least one vCenter Orchestrator endpoint is required

Each endpoint must have a unique priority

  • Install vRA plug-in into vCenter Orchestrator

Using a plug-in, vCenter Orchestrator can manage vRA entities

A plug-in automates the configuration of vRA IAAS workflows

A plug-in includes many predefined workflows

Configure an embedded vCenter Orchestrator

vRA includes a built in version of Orchestrator which can be used for running workflows in additional to separate external Orchestrator services

  • Putty into the vRA appliance (where the embedded Orchestrator is)
  • First start the vco-server service
  • Type service vco-server start

vco1

  • Next start the vco-configurator service by logging into the vRA appliance via Putty and typing service vco-configurator start

vRA326

  • Navigate to https://your-VA-appliance:8281/vco

vROConfig

  • If you have an issue accessing the Orchestrator webpages, you can check in vRA whether then Orchestrator service is connected by clicking Test Connection

vco3

  • If you experience connection issues you can also type vcac-vami vco-service-reconfigure in the vRA appliance putty page
  • If you encounter a Diffie Hellman error please google for fixes
  • Type https://your-vRA-appliance:8281
  • You should see this page. Click Start Orchestrator client

vRAConfig38

  • You should see a few prompts such as below from Java

vRA330

  • Log in

vRA229

  • You should now see the Orchestrator application

vRA230

  • In order to configure Orchestrator type in https://your-vRA-server:8283/vco-config/ to access the appliance configuration

vRA327

  • The default username and password is vmware and vmware
  • You will be prompted to change it
  • Password must have an uppercase letter and a special character

vRA328

  • You should now be logged into Orchestrator configuration webpage
  • Have a click through the configuration options
  • I clicked on Network and changed the IP address from 0.0.0.0 to my vRA appliance address

vco2

  • You need to add the vCenter certificate in to the SSL Trust Manager. You will also need to add the Platform Services Controller if you use this with vSphere 6

vco1

  • You need to add your IAAS Server with the FQDN and add the vRA appliance if this is not here but mine already was. (if it is embedded and not external)

vRA148

  • You should see your certificates

vRA149

  • Next go back and log into your vRA appliance https://vRA_Appliance.FQDN/shell-ui-app
  • Go to Infrastructure > Endpoints > Credentials > Add new credentials

vRA150

  • Put in vCO as the Name
  • Put in administrator@vsphere.local as the username
  • Put in the password

vRA151

  • Go to Endpoints > New Endpoint > Orchestration > vCenter Orchestrator

vRA152

  • Fill in the details

vRA153

Install the vSphere Orchestrator Client

  • Go to https://vRA_Appliance.FQDN:8281/vco
  • Click Start Orchestrator client

vRA154

  • I got an error saying Windows cannot open .jnlp files so I had to select open with then navigate to my java folder and choose javaws
  • Whatever you do don’t update from version 1.7 to 1.8 or things will break
  • You should then see the below 2 screens

vRA155

vRA156

  • You should then see the logon screen for vCO appear

vRA157

  • A certificate warning will appear

vRA158

  • vCenter Orchestrator will now open

vRA159

  • Click Administer

vRA160

  • Expand VCAC and Active Directory in the Inventory section. You should see these are empty although there may already be something in vCloud Automation Center

vRA161

  • Select Run
  • Go to Workflows
  • Go to Library > Microsoft > Active Directory > Configuration > Configure Active Directory

vRA162

  • Click Start Workflow
  • Put in the following details

vRA163

  • Click Use a Shared Session
  • Put in your credentials

vRA164

  • Next in the same Workflow screen, navigate to Library > vCloud Automation Center > Configuration > Add the IAAS host of a vCAC host

vRA175

  • Right click on Add the IaaS host of a vCAC host and select Start Workflow

vRA176

  • Click Next

vRA177

  • Click Next

vRA178

  • Click Next

vRA179

  • Click Submit
  • You should see a green tick and confirmation in the events screen on the right that everything has started

vRA180

Configuring the vRA workflows templates from vCenter Orchestrator

  • In Orchestrator, navigate to the below menu in Workflow view

vRA171

  • Right click Install vCO customization and select Start Workflow
  • In the Install vCO customization dialog box choose Not Set and select your vRA server

vRA172

  • Click Next

vRA173

  • Click Next

vRA174

  • Click Submit

vRA181

  • If you now go back to the ASD and click Load, you will see the new versions of the state change templates (Note you may need to install ASD first, in which case there are instructions further down this post)

vRA182

Configuring a state change workflow from vCenter Orchestrator

  • Go to https://vRA_Appliance.FQDN/shell-ui-app
  • Go to Infrastructure > Blueprints > Blueprints > Edit your Blueprint
  • If any custom properties are attached to the blueprint then remove them
  • Next log into vCenter Orchestrator > Library > vCloud Automation Center > Infrastructure Administration > Extensibility

vRA183

  • Right click Assign a state change workflow to a blueprint and select Start Workflow
  • Click Not set and chose the VRA server

vRA184

vRA193

  • Click the Array field

vRA186

  • Click Insert Value

vRA187

  • Expand down until you can see your Blueprint

vRA188

  • Click Add
  • Click Select

vRA189

  • Click Accept > Next
  • Click on Workflow template

vRA190

  • Type Tools into filter > Select Mount tools installer

vRA191

  • Click Select
  • Select Submit

vRA192

  • Go to https://vRA_Appliance.FQDN/shell-ui-app
  • Click Infrastructure > Blueprints > Blueprints and edit your blueprint
  • Click Properties
  • Review the settings. You can see that Orchestrator added the new required custom property

vRA194

  • You can then go through the process of requesting a VM and seeing if it has indeed mounted the CD Drive

Installing the ASD

  • Go to https://vRA_Appliance.FQDN:5480/installer
  • Click vRealize Automation Designer

vRA117

  • On the Welcome Page click Next

vRA118

  • Accept the License agreement

vRA119

  • Check the location for the install is correct and click Next

vRA120

  • Put in the IAAS server FQDN. In my case it is dacvtst003.dacmt.local
  • Put in a username and password

vRA121

  • Click Install

vRA122

Configuring ASD Endpoints for VMware vCenter Server

  • Log into https://VRA_Appliance.FQDN/shell-ui-app
  • Go to Administration > Users and Groups > Custom Groups
  • Add an AD group and add to Service Architects

vRA195

  • Click Next

vRA196

  • Next go to Administration > Orchestrator Configuration > Endpoints
  • Click Add

vRA197

  • Choose Active Directory from the drop down menu

vRA198

  • Type a name. I’ve just called mine Active Directory

vRA199

  • Type in the details

vRA200

  • Next add an endpoint for vCenter

vRA201

  • Put in a name

vRA202

  • Fill in all details

vRA203

  • Add a user and password

vRA204

  • You should now see your 2 endpoints

vRA205

  • Log out of vRA and you may need to log out of the server and back in again. As you can see below this will add the Advanced Service Designer tab to vRA

vRA206

vRA207

Create and publish a service to change an AD Users password

  • Log into https://VRA_Appliance.FQDN/shell-ui-app
  • Click the Advanced Services tab
  • Select Service Blueprints
  • Click the + sign next to Service Blueprints

vRA208

  • Expand Library > Microsoft > Active Directory > User
  • Click Next

vRA209

  • Click Next

vRA210

  • Click the pencil icon to bring up the edit box and change the name to user and the type to search

vRA211

  • Click Submit
  • Click Next

vRA212

  • Click Add
  • In the list of Service Blueprints select Action > Publish

vRA213

  • Go to Administration > Catalog Management > Services

vRA214

  • Add a name for the password service and set to active

vRA215

  • Select Catalog Items
  • Select your service and select Configure

vRA216

  • On the Service drop down, select User Password Support or whatever you have named your service

vRA217

  • Click Update
  • Now select Entitlements from the left hand menu and click Add

vRA218

  • Put in a name and set to active and add the relevant users and groups

vRA219

  • Click Next
  • Click Entitled Services and add your service

vRA220

  • Log out and in again and check that when you click on the catalog tab that you see the Change a user password service

vRA221

Looking further into Advanced Service Designer

  • On the desktop, click vRealize Automation Designer
  • On the vRA Automation Designer ribbon, click Load

vRA124

  • You will get the following box

vRA125

  • Select the WFStubBuildingMachine workflow stub. If multiple versions exist, select the revision 0 version

vRA126

  • You should see the below screen

vRA127

  • In the Try area, double click the Building Machine activity

vRA128

  • Double click the Custom Code activity as highlighted above

vRA129

  • At the bottom of the design surface in the middle pane, click Variables and click Create Variable

vRA130

  • Add the following variables
  • Name = HelloMsg
  • Variable Type = String
  • Scope = Custom Code
  • Default = “Hello User”

vRA131

  • In the Toolbox pane on the left hand side, drag the SetMachineProperty activity to the design surface underneath Start
  • Connect Start to SetMachineProperty by pointing to the bottom of Start and dragging a connecting Line between them

vRA132

  • Select the SetMachineProperty activity and set the following properties in the Properties pane on the right panel

vRA133

  • Click Send on the top menu
  • Click ok to the message Send Workflow to Model Manager

vRA134

  • In the success dialog box, click OK

vRA135

Assign the Building Machine Workflow to a blueprint

  • Log into https://vRA_Appliance.FQDN/shell-ui-app
  • Go to Infrastructure > Blueprints > Blueprints
  • Edit your Blueprint
  • Click Properties > New Property
  • Add 2 custom properties to the blueprint
  • Click the green tick when complete and click OK

vRA136

  • Logout and log in again
  • Go to Catalog and request your VM
  • Monitor the build in Requests
  • Once built go to Items select your machine and click the View Details tab

vRA137

  • Click the Properties tab and check the value

vRA138

n

 

 

VMware vRealize Automation 6.2.2 Configuration and Management Part 5

vRARobot

Cost Profiles

Fabric administrators can associate compute resources and physical machines with cost profiles to enable calculation of a machine’s cost. The cost is displayed to machine owners, requesters, approvers, and administrators at various points in the request and provisioning life cycle.

A cost profile includes the following values for daily cost:

Cost per GB of memory capacity specified in the virtual blueprint or installed in the physical machine

Cost per CPU specified in the virtual blueprint or installed in the physical machine

Cost per GB of storage capacity as specified in the virtual blueprint (not used for physical machines, because storage attached to physical machines is not discovered or tracked)

For finer definition of storage cost for virtual machines, you can also associate each known datastore on a compute resource with a storage cost profile. A storage cost profile contains only a daily cost per GB of storage. If you assign a storage cost profile to a datastore, this storage cost overrides the storage cost in the cost profile assigned to the compute resource.

For virtual machines, the machine cost is calculated from the cost profile and storage cost profile on the compute resource, the resources it consumes, and the daily blueprint cost. You can use the blueprint cost to represent a markup for using the machine in addition to the resources that the machine consumes, for example to account for the cost of specific software deployed with that blueprint.

For physical machines, the machine cost is calculated from the cost profile on the machine, the CPU and memory on the machine, and the daily blueprint cost. You can use the blueprint cost to represent such factors as storage cost or additional costs for using the machine.

You cannot apply cost profiles to machines provisioned on Amazon Web Services or Red Hat OpenStack. For machines provisioned on these cloud platforms, the only cost factor is the daily cost in the blueprint from which it was provisioned. The cost for vCloud Director vApps includes any cost profile and storage cost profile on the virtual datacenter and the blueprint cost.

Create a Cost Profile 

Fabric administrators can create cost profiles and associate them with compute resources to enable calculation of a machine’s cost.

  • Select Infrastructure > Compute Resources > Cost Profiles.

vRA70

  • Click New Cost Profile
  • Type new values in for each resource

vRA71

  • You can also add a Storage Cost Profile for storage of different performance capabilities such as High, Medium and Low cost storage

Using Custom Properties on Blueprints

You can modify a machine using custom properties throughout the lifecycle of the machine

  • Request
  • Provision
  • Manage
  • Retire

As an example they can modify the following

  • Specify the WIM image or PE environment image to use for install
  • Define the number of cores per socket
  • Place the machine in an OU
  • Place the machine in an inventory folder in vCenter
  • Change the network a machine is attached to
  • Update a CMDB

Custom properties can be defined for the following objects

  • Business Groups
  • Compute Resource
  • Build Profiles
  • Reservations
  • Endpoints
  • Blueprints
  • Storage

Useful Link

http://www.vmware.com/support/pubs/vcac-pubs.html

Set up Custom Properties

As an example I want to add a custom property to a blueprint which puts my machine in a specific folder in vCenter

  • Go to Infrastructure > Blueprints > Select your blueprint and click Edit
  • Click on the Properties tab

vRA77

  • Add in VMware.VirtualCenter.Folder and type in a name for the inventory folder in vCenter that you want to use which provisioned machines will go into. In my case I have called it vRA.
  • Next go to Infrastructure > Groups > Business Groups > Click edit on your business group

vRA78

  • Click New Property
  • Type in the name and value of your custom property.
  • Name = VMware.Virtual.Center.Folder
  • Value = vRA

vRA79

  • Go to Catalog and request a Virtual Machine again
  • Once deployed, check vCenter has deployed the machine to the vRA folder and not the vRM folder

vRA80

Add Location Information

  • Go to c:\Program Files (x86)\Vmware\vCAC\Server\Website\XmlData
  • Right click DataCenterLocations and click Edit
  • Copy the line with Boston in it and paste it underneath

vRA81

  • Change all instances of Bolton with a new location

vRA82

  • Save the file
  • Go back to your vRA webpage and go to Infrastructure > Blueprints > Blueprints
  • Click Edit on your Blueprint
  • Click the Display Location on request

vRA83

  • Click OK and logout
  • Log back in and go to Infrastructure > Compute Resources > Compute Resources
  • Click Edit
  • From the location menu click the location you want

vRA84

Other Custom Property Options

  • Hostname

This can be used to prompt a user to put in a hostname other than the ne defined by the machine prefix on the blueprint

  • VirtualMachine.Admin.ThinProvision

This option forces a new machine to be thin provisioned on the storage device

vRA85

Build Profiles

A build profile is a set of properties to be applied to a machine when it is provisioned. It can be used for the following

  • Determining the spec of a machine
  • Determine how the machine is provisioned
  • Determine the operations to be performed after the machine is provisioned
  • Manage information about the machine

Build Profiles are attached to Blueprints and the spec of the build profile is available to business group users who have access to the blueprints

Build Profiles are constructed from default property sets or custom properties. Default sets include

  • ActiveDirectoryCleanupPlugin
  • CitrixDesktopProperties
  • PxeProvisioningProperties
  • SysprepProperties
  • VmwareXXXXXProperties

Creating a Build Profile

  • Go to Infrastructure > Blueprints > Build Profiles

vRA86

  • Click New Build Profile
  • Add a name and description
  • From the Add from property set drop down list, select ActiveDirectoryCleanUpPlugin

vRA87

  • In the Plugin.AdMachineCleanup.UserName, click Edit and add the username of a domain admin. In my case dacmt\administrator
  • In the Plugin.AdMachineCleanup.Password, click Edit and add the password of a domain admin
  • Make sure you click the green tick to confirm the changes
  • Logout
  • Login again
  • Click Infrastructure > Blueprints > Blueprints
  • Click Edit on your Blueprint
  • Click the Properties tab
  • Select the Remove from AD Build build profile

vRA88

The Property Dictionary

The Property Dictionary can be used with custom properties to create a customised interface. You can statically or dynamically define the interface with the following data specification options

  • Data validation
  • Defined constraints on data values
  • Tooltip
  • Optional data
  • Ordered user control layouts

Using the Property Dictionary helps stop mistakes which occur when the data value of a custom property is passed into extensibility tools like Orchestrator and Powershell

When users request new machines they are prompted for these custom properties in the form of a required text box, drop down menu or buttons and more

  • Go to Infrastructure > Blueprints > Property Dictionary
  • On the Property Dictionary page, click New Property Definition

vRA89

  • Fill in the required details
  • Click required and then click the green arrow

vRA90

  • Click Edit under Property Attribute

vRA91

  • Click New Property Attribute

vRA92

  • Add in the below values

vRA93

  • Log off
  • Log on again and go to Infrastructure > Blueprints > Blueprints and edit your blueprint and select the Properties tab
  • Select New Property

vRA94

  • Type Custom.StorageTier in to the name an leave the value blank with Prompt user selected

vRA96

  • Click OK
  • Go to Catalog > Request your machine
  • Look at the new option you have on the interface for Storage Tier

vRA95

  • Note: vRA does not directly use storage tiering. You have to use custom properties and workflow modification with vSphere PowerCLI or Orchestrator

Approval Policies

Any catalog item or entitled action can be subject to an approval. The Approval Policies must first be defined by either a tenant administrator or a business group user and set as active before they appear in an entitlement

There can be multi levels of approvals with all different Boolean conditions as to how the policy can be approved across these levels.

Active and Linked approvals can only be cloned not edited

Creating an Approval Policy

  • Click the Administration tab > Users and Groups > Custom Groups
  • Search for the user or group you want to add as an approver

vRA98

  • Click Next
  • Add in the users who you want to be Appprovers

vRA99

  • Next go to Administration > Approval Policies

vRA101

  • Click Add

vRA102

  • Click OK
  • I am going to create a vCPU approval policy
  • Put in the name and set to Active

vRA103

  • Click the green plus sign next to Levels
  • Fill in the required information

vRA106

  • Click Add and Add again
  • Log out
  • Log in again
  • Click Administration > Catalog Management > Entitlements
  • Highlight your Blueprint and click Edit

vRA107

  • Click Items and Approvals
  • Click Entitled Catalog Items and Modify Policy

vRA108

  • Click the drop down menu and select your policy. Note apologies I had to recreate mine as CPU > 2

vRA109

  • Click on Catalog > Request and select your VM
  • Change the vCPUs to 4

vRA110

  • Click Submit
  • Now look at the Request tab where we should see the request sitting in the pending approval status

vRA111

  • If you click on the request and select view details, it will show you who is the approver

vRA112

  • Click on Inbox > Approvals as I am already logged in as myself as the approver

vRA113

  • Click View Details and select whether to Approve or Reject

vRA114

  • This concludes the configuration and management Part 5
  • Part 6 will go into more of the extensibility options like Advanced Service Designer and Orchestrator