As a follow on to my previous article, HOWTO: Automate the installation of the External Platform Service Controller using PowerCLI & JSON – Part 1, I had a new customer requirement to deploy the Platform Service Controller as the identity solution for vRealize Automation 6.x, but this time directly onto a VMware vCenter Server rather than an VMware vSphere ESXi host.
I can hear you all screaming at the article about vRealize Automation 7, how it is much cooler and has its own highly available vIDM – but this project started when vRA7 had only just come out and the customer didn’t want to take the risk.
You will find the JSON templates on the VMware ISO for the VMware vCenter Server Appliance (VCSA) (within the
So along the same vain as the previous post way to update the JSON file programmatically is to import the Platform Service Controller on vCenter JSON (PSC_on_VC.json) template.
Now the JSON template for PSC_on_VC.json (on the ISO) has a missing key parameter for the installation into vCenter and that is the
vm.folder which assuming you are using VM folders will put the resultant PSC into the correct location within the hierarchy. I have updated the JSON template below to include this parameter as well as the
time.tools-sync parameters too (both of which hopefully are self explanatory – but the time.tools-sync gets ignored if you also have values in the ntp.servers field).
So, how did I find this out?
Well the Official VMware documentation is a little light so I went straight to the source and located the cli installer (
vcsa-deploy.exe) on the ISO (located at
iso:\D:\vcsa-cli-installer\win32 ) and from a command prompt typed
vcsa-deploy.exe --template-h and this will provide you with a full list of command line arguments that can be used (which can in turn be used in the JSON file) and more details about when to use them.
Now to me there is a fine line between silent automated installations that don’t require user input and having a script that is much faster than the standard wizard but does require some user input.
In this script I prompt for things like location of the necessary files (this assumes you have amended the default PSC_on_VC.JSON template to at least include the vm.folder attribute), usernames for vCenter and Passwords for SSO, PSC Root account and vCenter User. Afterall you don’t want passwords in clear text stored some place any Tom, Dick or Bob can access them.
However, if you are setting temporary passwords at build time and will plan to change them afterwards, you can of course amend the script to do that without prompting. Just remember to change them!
What the script does do is automatically delete generated configuration file, but it doesn’t delete the script (if you choose to amend it to not prompt for passwords!)
There was few things I took away from this experience:
- VMware’s documentation doesn’t cover all the options, so be prepared to spend some time and dig into things.
- What you think should be possible, normally is possible, but it may take some time to work out!
As always, I hope this is useful to someone!