Tag : VRealize Automation

Written by Christopher Lewis on January 10, 2017 .

This post is a part of a series of posts for preparation for the VCAP6-CMA Deploy exam. For the full exam prep resources check here .

Prerequisites

Configuration Overview

The high level configuration steps for this appliance are:

  1. Connect to the Identity Appliance VAMI
  2. Configure the Time/NTP settings
  3. Confirm the Network Settings
  4. Configure the SSO Administrator Password
  5. Configure the SSO Hostname
  6. Configure the SSL Certificate
  7. Join the Identity Appliance to Active Directory

Step by Step Instructions

Connect to the Identity Appliance VAMI

  1. Using a web browser, navigate to VAMI of the Identity Appliance https://identity-appliance.fqdn:5480.
  1. Click Advanced and then click Proceed to identity-appliance.fqdn (unsafe).
  1. Enter root into the User name text field and the password for the root account into the Password text field. Click Login.

Configure the Time / NTP Settings

  1. Click the Admin Tab and then the Time Settings Tab.
  1. Select Use Time Server from the Time Sync. Mode dropdown and enter the time server(s) in the text field(s) and click Save Settings.

Confirm the Network Settings

  1. Click the Network Tab to confirm the network settings of the Identity Appliance are correct.

Note:
If the settings are incorrect, click the Address Tab, update the relevant settings, click Save Settings and then reboot the appliance.

VMware vRealize Automation VCAP6 VCAP6-CMA

Written by Christopher Lewis on January 9, 2017 .

This post is a part of a series of posts for preparation for the VCAP6-CMA Deploy exam. For the full exam prep resources check here .

Step by Step Instructions

Deploying the VMware vRealize Automation Appliance

Within the VMware vSphere Web Client, right click and select Deploy OVF Template.

Click Browse, navigate to the location of the vRealize Automation OVA, select it and then click Open.

Click Next.

Enter the vRealize Automation Appliance name into the the Name text field and then select the Datacentre or folder location to deploy the Appliance.

VMware vRealize Automation VCAP6 VCAP6-CMA

Written by Christopher Lewis on December 22, 2016 .

Objective Overview

Objective 3.2 - Deploy and Manage Certificates and Access Control

  • Create/add/modify users and groups for specific roles.
  • Assign new administrative users to different Business Groups.
  • Create custom groups that grant users/groups multiple roles.
  • Assign a user to specific Custom Groups and Business Groups.
  • Configure user access to Identity Store Groups, Custom Groups, Business Groups, and Entitled Items according to a deployment plan.
  • Generate new certificate requests.
  • Deploy and Update certificates for multiple vRealize appliances.
  • Replace self-signed certificates with signed certificates.

Note: I have moved the above items around to better group the items in this Objective.

VMware vRealize Automation VCAP6 VCAP6-CMA

Written by Christopher Lewis on November 22, 2016 .

At last! As announced at VMworld Europe, VMware vRealize Automation 7.2 has finally arrived!

The key updates/features for this release are:

  • Native integration for Microsoft Azure adding to the already supported endpoints of vSphere, KVM, Hyper-V, AWS, OpenStack, vCD and vCloudAir)
  • Native integration with** ServiceNow** and their Service Catalog
  • Container Management!

This makes this version of VMware vRealize Automation the first one that could be called a true broker of Hybrid Clouds.

VMware vRealize Automation

Written by Christopher Lewis on November 15, 2016 .

The task of deploying VMware vRealize Automation 7.x is now mainly completed by the Deployment Wizard (unless you actually like pain) but before you can run the deployment wizard you need to install the VMware vRealize Automation Management Agent onto the IaaS Servers that you will be using within your deployment.

So I can hear you asking:

  • What happens when you want to deploy new IaaS components into you vRealize Automation environment?
  • What happens when you want to scale you DEMs horizontally (onto new servers) rather than vertically (deploying more DEMs per server)?
  • What happens if you want to add another vCenter Proxy Agent for High Availability or a new vCenter Instance?

Well, I’m glad you asked!

VMware vRealize Automation

Written by Christopher Lewis on November 5, 2016 .

The Series

  1. Configuring SSL certificates for vRA 7.x (inc vRO)
  2. Replacing the Appliance Management Site Certificate for vRealize Automation
  3. Replacing the Control Center Certificate on an embedded vRO instance
  4. Replacing the Package Signing Certificate in vRO 7

Replacing the Certificate

This is the final post in a series tackling the extra certificates you may want to replace once you have deployed vRealize Automation.

This is relatively straightforward to accomplish, but @SpasKaloferov covers this well in his article http://kaloferov.com/blog/how-to-change-the-ssl-certificate-of-a-vro-appliance-7-x/ so there is no point me re-inventing the wheel.

VMware vRealize Automation vRealize Orchestrator Certificates

Written by Christopher Lewis on November 5, 2016 .

The Series

  1. Configuring SSL certificates for vRA 7.x (inc vRO)
  2. Replacing the Appliance Management Site Certificate for vRealize Automation
  3. Replacing the Control Center Certificate on an embedded vRO instance
  4. Replacing the Package Signing Certificate in vRO 7

Replacing the Certificate

This is the third post in a series tackling the extra certificates you may want to replace once you have deployed vRealize Automation.

There are plenty of articles on changing the SSL certificate for this website https://vra-fqdn:8283/vco-vcoconfigurator on an External instance of vRealize Orchestrator, most notably is @SpasKaloferov ’s post http://kaloferov.com/blog/how-to-change-the-ssl-certificate-of-a-vro-appliance-7-x/

VMware vRealize Automation vRealize Orchestrator Certificates

Written by Christopher Lewis on November 5, 2016 .

The Series

  1. Configuring SSL certificates for vRA 7.x (inc vRO)
  2. Replacing the Appliance Management Site Certificate for vRealize Automation
  3. Replacing the Control Center Certificate on an embedded vRO instance
  4. Replacing the Package Signing Certificate in vRO 7

Replacing the Certificate

This is the second post in a series tackling the extra certificates you may want to replace once you have deployed vRealize Automation.

After a quick look around the VMware Documentation Center and I found the article for replacing the VAMI certificate ( https://vra.fqdn:5480 ). The VAMI certificate can be replaced using the same SAN certificate used for the vRA Virtual Appliance during the installation wizard, but it will need to be converted to Privacy Enhanced Mail (PEM) format to do so.

VMware vRealize vRealize Automation Certificates

Written by Christopher Lewis on November 5, 2016 .

So when deploying vRealize Automation, I can be bit OCD when it comes to certificates and websites. Where possible/plausible, I like to make sure all of the sites in the deployment have trusted certificates especially if there is a root CA in play (after all they’re free certificates right?).

After deploying the VMware vRealize Automation 7.x appliance from the OVA (that’s the easy bit) and successfully (normally on the second/third attempt) running through the deployment wizard to deploy a Medium distributed environment. We end up with certificates for the following components:

vRealize vRealize Automation vRealize Orchestrator Certificates

Written by Christopher Lewis on November 5, 2016 .

So we all know that generating SSL certificates are something out of the Dark Arts and unforgivable spells akin to the wizarding world of Harry Potter.

So the following is a quick post on how to take the certificate (.cer or .crt file) from the Certificate Authority CA, combine it with the RSA Private Key (.key file) and the Root CA Chain (another .cer/.crt file) to firstly create the intermediate Personal Exchange Format (PFX) file and finally create the Privacy Enhanced Mail (PEM) File.

SSL Certificates VMware vRealize Automation vRealize Orchestrator