I’ve started to play around with the idea of Orchestration and Automation a bit more in the past few weeks. The recent Melbourne VMUG rekindled my interest in the area once again so I’m trying to find the time to play around with a few different applications and see what fits. One of the most versatile and capable products out there for VMware orchestration is VMware vCenter Orchestrator (now called vRealize Orchestrator) and the fact that it’s free with your vCenter server license means there’s really little to no excuse for not learning the product and adding another skill to your virtualization armour.
You can download vCenter Orchestrator appliance from the myVMware website. You’ll need a VMware login to get access to download. Make sure to download the OVA file as it just makes deployment easier. Once you have have downloaded the OVA, you can then deploy the template.
Browse to your downloaded OVA file and once selected click Next.
Accept the license and click Next.
Select the Resource pool within your Prod cluster that you want and click Next.
Select the required datastore to deploy to and click Next
Select Thin Provision for the disk format and click Next
Select the Production Network so vCO can communicate with your vCenter Server. Click Next
Enter the admin password, hostname and machine properties. Click Next
Verify the settings of the OVA are as you would like them to be. Once you’re happy that everything is ok click Finish
The template will begin to deploy and you can open a console session to the appliance to see it booting from the bootstrap
Once the appliance setup in completed you will see a screen similar to below
http://<vCO-hostname> – vCenter Orchestrator Appliance Home Page
http://<vCO-hostname>:8283 – vCenter Orchestrator Configuration
http://<vCO-hostname>:8281 – vCenter Orchestrator Web Operator
http://<vCO-hostname>:5480 – vCenter Orchestrator Appliance Configuration
Once the appliance has been deployed you will need to go to vCO Configuration site and log in with the username of vmware and the password you entered as part of the appliance deployment. Click Login to continue.
The first tab you’ll enter is the general tab. From here you can select Change Password or Export Configuration if you want save the config. It also shows the build version and current server status in the Information field.
Next click on Network in the menu and in the Network tab enter the IP address and DNS name for your environment and for the vCO server and click Save. Now your vCO appliance IP address is configured.
vCO will need to have SSL trust to vCenter and to SSO in order for domain logins to work and for vCO to be able to carry out requests to vCenter. Click on the Network tab in the menu and in the Import from URL field enter the URL of your vCenter server and do it a second time but add the port number for SSO to the URL. It’s really important that you add the SSL certs for both otherwise you’ll run into problems later.
vCenter – https://vcenter.domainFQDN
SSO – https://vcenter.domainFQDN:7444
When prompted for with the license information select Import.
This will then bring you to the below screen where you can see the entry for SSL certificates. This will mean you’ll have approx 3 SSL certificates added to the SSL Trust Manager afterwards.
Next we need to set up the Authentication to vCO. You can choose LDAP or SSO. In this instance I’ve selected SSO and I’m using the Admin SSO account to authenticate. You can also use a normal domain account that has SSO admin access. Once the details are entered select Register Orchestrator.
Once SSO Authentication has been registered you’ll see a notification to advise that it’s all completed. Next you can select a group that can have access to vCO as admins.
From the drop down select a User Group that will have access to vCO. Authentication for users in these groups will be handled through SSO. Once completed click Accept Orchestrator Configuration
A new notification will appear to advise that orchestrator authentication has been configured
Next you’ll need to edit the settings for vCenter Server. Select that tab from the menu. Enter the hostname of your vCenter server, leave /sdk as the path and enter the credentials for an admin user to vCenter Server. At this point you can click Connection Test to verify the account authenticates correctly. Once happy click Accept
vCenter will then show that it has been configured to access the SDK. If you click SSL certificates it will bring you back to the SSL Trust Manager under the Network menu.
The next part to complete is to add the license. You can utilize your vCenter license to activate the license for vCO. Enter the vCenter Host name, port 443, path as /sdk and then a username and password that has admin access to vCenter. You can use the same account that was used in Step 17. N.B. Ignore the ESX Host text in below screenshot, it should say vCenter server. Click Activate to complete the license.
Once the license has been activated you’ll receive a notification that it is now complete
Next you can click on Plug-Ins to get a view of what is going to be installed as part of vCO. Enter the credentials of an SSO admin user and click Apply Changes. You can also choose to upload and install new plug-ins from here also.
Click Restart Service once the above steps are complete. Now you can log into vSphere Web Client and access vCO.
Log into vSphere Web Client and select vCenter Orchestrator.
Expand out Workflows under Inventory Trees or under Inventory Lists to see the full scale of workflows that are available built-in as part of vCO.
I won’t go into creating workflows or the full scope of what can be done in vCO. That would take a couple of years. vCO has the potential to be huge and I do find it strange that it hasn’t been used more by VMware admins in the past, myself included. I would definitely recommend spending some time reviewing and playing with Orchestrator. I’m only starting the journey myself so as I come across good resources I may put up a post with them included.