Create a Deployment Environment – Application Services Series Part 2

In my last post we created the Cloud Provider, now we need to setup a Deployment Environment.  We are really setting up logical constructs here to map to to services and resources we already have.  So far we mapped a Cloud Provider to vRealize Automation Center and to our business group.  Now we are going to create a deployment environment for Application Services that maps to the cloud provider we created, that maps to vRealize resources… If you are not already, log in as Luke and perform the following.

  • Click on the Cloud Provider pull down menu in the top right corner (short aside, that menu name will change to show the context you are currently working in so if you logged out this may be different) and select Deployment Environments
  • Click the Create A Deployment Environment button
  • Provide a name
  • Select a Cloud Provider from the pull down menu
  • Click the Select button to select a reservation policy; click OK then Save

You screen should look similar to what is pictured below.  Since Application Services is now part of vRealize Automation, most of the work we are doing here will map to what has already been configured in vRealize Automation.  Next we need to create a logical template.

VMware Application Services Create Cloud Provider

VMware Application Services Create Cloud Provider

Create a New Cloud Provider – Application Services Series Part 1

VMware Application Services (formerly Application Director) is now deployed, but we need to do a bit more integration with vRealize Automation / vCloud Automation Center so we can publish Application Services blueprints to the vRealize Automation catalog.  First we need to define a cloud provider;

  • While logged in as Luke, the user we gave all of the Application Services roles to, click on the Applications pull down menu and select Cloud Providers
  • Click the Create Cloud Provider button/box
  • Click the Cloud Provider Type pull down and notice what options are available – vCloud 5.x, vCAC and EC2.  What about vCloud Air – can we use that?  If you said yes you are correct because vCloud Air is based on vCloud Director.
  • Enter the information like so (note some of the boxes appear “greyed out” – they are not, just a poor choice for background colors) and click the Validate Connection button
VMware vCloud Automation Center / vRealize Application Serivces validate cloud provider

VMware vCloud Automation Center / vRealize Application Serivces validate cloud provider

  • Notice that you have to use an upper case domain, I’m curious as to why but in any case its the only way that worked for me
  • Next in the lower half of the screen (not pictured above) in the templates section, click the green plus icon
  • You should see the CentOS-Template catalog item we previously published in the vRealize Automation catalog; click the check mark next to the desired template and click OK
  • Click the Save button in the upper right hand corner

We now have the first step in setting up Application Services complete, up next we will create a Deployment Enviornment

Creating Entitlements – vRealize Automation Series Part 15

Home stretch, 15 posts and we are about to see our first catalog item published!  Lets get going and create the entitlement which is how we define what can be done in vRealize Automation / vCloud Automation Center

  • Log in as tenantadmin
  • Click Administration >> Catalog Management >> Entitlements
  • Click the Add button and fill in the information as follows

vra-entitlement

  • Click the Next button
  • Click the plus sign next to Entitled Services, select Clone Linux Template and click OK
  • Click the plus sign next to Entitled Catalog items, select CentOS template and click OK
  • Click the plus sign next to Entitled Actions, Select Machine from the pull down and chose all of the items, Select Virtual Machine from the pull down and select Destroy; click OK
  • Click the Add button

Log out as tenantadmin and log back in as luke, you should now see your vSphere template, which is now a vRealize Automation / vCloud Automation Center blueprint published!

hooray

Adding Blueprints from vSphere Templates – vRealize Automation Series Part 14

We’ve got our reservations done, but so far we haven’t created any catalog items for our Georgia and Alderaan employees to actually request.  One of the simplest things to publish in the vRealize Automation / vCloud Automation Center catalog are virtual machine blueprints; which are created from vSphere templates.  With our virtual machine converted to a template in vCenter, we should be ready to go.

  • Log into vRealize Automation as iaasadmin
  • Click on Infrastructure >> Blueprints >> Machine Prefixes
  • Create a Prefix like we did for our business groups, call this one nix
  • Click on Infrastructure >> Compute Resources >> Compute Resources
  • Hover over cl01 >> Data Collection
  • Wait a few moments and click the Refresh button at the bottom of the screen; status should be Succeeded
  • Under Inventory, click Request Now
  • Log out and log back in as tenantadmin
  • Click on Infrastructure >> Blueprints >> Blueprints
  • Hover over New Blueprint >> Virtual >> vSphere (vCenter)
  • Fill in the build information similar to below
VMware vRealize Automation / vCloud Automation Center new Blueprint

VMware vRealize Automation / vCloud Automation Center new Blueprint

  • Click the Build Information Tab
  • Change Action to Clone
  • Click the ellipse next to Clone From and select your linux template and click the OK button
  • For testing in the lab, leave everything else as is and click the OK button at the bottom of the page
  • Hover over the new Blueprint, click on Publish then click OK
  • Navigate to Administration >> Catalog Management >>Services
  • Click the Add button, name it Clone Linux Template, set it to Active, and click the Add button
  • Highlight the new service and click the Manage Catalog Items button
  • Click the green + icon, select CentOS-Template and click Add
  • Click Close

Almost there I promise, now that the blueprint, service and catalog item is created, we just need to provide entitlements so our users can see it!

Preparing vSphere Templates – vRealize Automation Series Part 13

In order to use vSphere templates in vRealize Automation / vCloud Automation Center and Application Services / Application Director there is a bit of preparation you need to do, especially if you want to use Application Services.  There are guest agents for both vRealize Automation and Application Services so lets get started.  A quick assumption here, you already have a linux virtual machine installed with VMware Tools.  I am going to cheat a bit here and use the e1000 NIC, if you want to use the VMXNET3 adapter see my post on how to install VMware Tools…which needs Perl…which needs network access…which needs Perl!  Let’s get started with the specifics on configuring your Linux VM; I have a CentOS virtual machine called vxprt-centos-tmp that is powered on and ready to configure.  Log in via the VMRC or SSH to get started:

Note that as of Application Services 6.1, you cannot use CentOS7 – at the very least the guest agent will not install, I have not tested beyond the agent installation so certain functionality may work.  The support matrix has more details on supported operating systems.

  • For linux, this is bundled into an installer
  • Logged in as root run wget http://192.168.6.22/tools/preparevCACTemplate.sh – replace with your server name as necessary (I’ve not configured all network settings for this VM)
    • If wget is not installed, run yum install wget
  • Type ls – notice preparevCACTemplate.sh is grey
  • Now run chmod +x ./preparevCACTemplate.sh
  • Type ls again, notice now its green; +x added execute permission on the script
  • Now run the script;  ./preparevCACTemplate.sh – the vCloud Automation Center Agent Installer will start
VMware vCloud Automation Center / vRealize Automation Application Services linux agent installer

VMware vCloud Automation Center / vRealize Automation Application Services linux agent installer

  • Enter the following information in the wizard:
    • vCloud Automation Center Manager Service Server:  192.168.6.20
    • vCloud Automation Center IaaS Server:  192.168.6.21
    • Application Services Server:  192.168.6.22
    • Check certificates:  n
    • Download timeout:  Just press enter
    • Download and install Java:  y
    • When prompted click Y to install

The installer will download all of the necessary components and place them in the correct location; a nice step forward from vCloud Automation Center and Application Director 6.0.   You should receive a message that the Installation Complete Successfully and Ready to capture as a template… however there is still one more step we actually need to do – remove the 70-persistent-net.rules file.  This file keeps track of MAC addresses and it will change every time we clone the template.  By removing it, it will recreate the file on first boot.

  • Type cd /etc/udev/rules.d
  • Type rm 70-persistent-net.rules
  • Type y
  • Type shutdown now -h to shutdown the virtual machine
  • Return to the vSphere Web Client
  • Right click on the powered off virtual machine and select All vCenter Actions >> Convert to Template

We should now be ready to add the vSphere template as a Blueprint in vRealize Automation Center

Deploying Application Services – vRealize Automation Series Part 12

One of my goals in the #vDM30in30 challenge was to expand my comfort level with vRealize Automation / vCloud Automation Center and Application Services / Application Director.  To that end, it’s time to deploy the AppS appliance.  In vRealize Automation 6.1, Application Services (formerly Application Director) became a “component” of vRa.  I guess what the marketing department meant by “component” was that it is a completely separate virtual appliance with its own management UI and integration with vRealize Automation :)

In 6.0, like the vCloud Automation Center appliance, the initial OVF import was important.  While there are documented ways to manage the network settings that “should” allow you to make changes, I found that the changes were not always persistent so again I am careful here and probably carrying with me some bad memories.  Log into the vSphere Web Client, if you are running your VMs on the VMware Workstation NAT’d network, do so from your DC.

  • Click on vCenter >> Hosts and Clusters
  • Right click on your cluster and select Deploy OVF Template, if prompted click allow
  • Browse for the location to your Application Services OVF and click Next
  • Click Next, Accept, and Next
  • Name your appliance, I’ll be keeping with my convention and use vxprt-apps01, and select the datacenter or folder you want to deploy to
  • Select the datastore, then ensure you have selected Thin Provision
  • Connect to the appropriate port, change the IP allocation pull down to Static and fill in the DNS, Gateway and Netmask fields;  click Next
  • Enter the IP address for the appliance and click Finish
  • While the appliance is being deploy, open DNS manager and create an A record in both the forward and reverse lookup zones.
  • If, like me you are limited to lab resources, change the amount of memory for the virtual machine to 3 or 4GB.  I changed mine to 3GB and it seems to be working fine.
  • Once the deployment finishes, power on the virtual machine and open the VMRC; you will see a prompt to enter the serial number for Application Services:
vRealize Automation / vCloud Automation Center Application Services Serial Number via Console

vRealize Automation / vCloud Automation Center Application Services Serial Number via Console

  • Enter your serial number and press the enter key on your keyboard
  • Enter the new OS root password when prompted (you can ignore the errors about weak passwords…not that mine is weak … :)
  • Enter the OS darwin_user account password
  • The appliance will configure its initial configuration process – now would be a good time to also update your host file if necessary on your workstation.  Services can take awhile to start since I dropped the memory of the system
  • You will be asked if you want to use this instance for a migration from 6.0.1, in our case the answer is N
  • Next, provide your vRealize Automation / vCloud Automation Center Server URL; in my case https://vxprt-vcac01.vxprt.local
vRealize Automation / vCloud Autoamtion Center Application Services registration

vRealize Automation / vCloud Autoamtion Center Application Services registration

  • Enter [email protected] when prompted for the administrator username
  • After a few moments you should get a prompt saying Registration is successful
  • You will now be asked if you want to setup Out-Of-Box sample content; I am selecting Yes
  • Next, provide the Tenant Name – in my case vsphere.local as I am using the default tenant for my lab
  • Here, we need to switch back to the vRealize Automation web console for a moment as we need to give a user the appropriate roles to import content.
  • Log in as tenantadmin, click on Administration >> Users; search for one of your Business Group admins, in my case either Rick or Luke, type in their name in the search box and click on the user when it appears
  • Give the user the top 4 roles Application Architect, Catalog Administrator, Cloud Administrator, and Publisher/Deployer (probably don’t need all, but can’t decipher what specifically it needs from the documentation)
Assing Application Services permissions in vRealize Automation / vCloud Automation Center

Assing Application Services permissions in vRealize Automation / vCloud Automation Center

  • Click Update; the user luke now has all Application Services related roles
  • Switch back to the VMRC; enter luke as the username and then the password password
  • Enter the business group that should have access to the sample content, in my case StarWars
VMware Application Services importing out of box content for business group

VMware Application Services importing out of box content for business group

  • Once complete you should see that you can also import out of box content for other tenants again by running /home/darwin/tools/import_oob_content.sh
  • Press any key to continue
  • Enter the new password for the Application Services admin account (I know a lot of accounts huh)
  • Setup will finish boot until you see the typical VMware appliance console
  • Open a web browser and navigate to https://vxprt-apps01.vxprt.local:8443/darwin/org/vsphere.local
  • You can log in as any tenant user that you configured; for example try luke
VMware vRealize Automation / vCloud Automation Center Application Sevices web console

VMware vRealize Automation / vCloud Automation Center Application Sevices web console

That is the basic deployment of VMware vRealize Automation / vCloud Automation Center Application Services – up next we have a bit more configuration to do to make the Application Services Available as a catalog item in the vRealize Automation / vCloud Automaton Center catalog.

 

Creating Reservations – vRealize Automation Series Part 11

So far we are doing pretty well, but we aren’t quite ready to turn vRealize Automation / vCloud Automation Center lose yet, next we will create reservations so users can’t consume all of our resources.  Wait wait wait….why would we create a reservation to do that you fool – reservations “reserve” something for us – haven’t you ever read Jonathan Frappier’s book VMware vSphere Resource Management Essentials?  Why yes, I have its a lovely book but a reservation in vSphere is not the same as a reservation in vRealize Automation / vCloud Automation Center – in fact they are generally used for opposite reasons (can you tell I’m working overnights in some of these posts :) ? )

In vSphere a reservation does what I would expect a reservation to do, it “reserves” resources for me.  If I reserve a certain amount of memory for a virtual machine, I am guaranteeing that amount of memory for it.  In vRealize Automation / vCloud Automation center a reservation is “reserving” a certain amount of my resources for my tenant – but generally this is a subset of the resources available – essentially I am limiting what they can consume.  Now I could set my reservation to have all available resources in the cluster, but in a self service model I would advise against this unless you are dedicating physical resources to a specific business group; but then are you really sharing resources?  Remember the point here is to be efficient.

If you are not already, log into vRealize Automation / vCloud Automation Center as the iaasadmin user we created or if you have your own set of users, someone who has the fabric admin role for your tenant.

  • Click on the Infrastructure tab >> Reservations >> Reservation Policies
  • Click New Reservation Policy
  • I am going to match my reservation policy names to my business groups; so WalkingDead and StarWars (Don’t forget to click the green circle / check mark to save each entry)
  • Click New Storage Reservation Policy
  • Naming convention will match the above with a -Storage at the end so WalkingDead-Storage etc…
  • Click on Reservations in the left navigation menu
  • Hover over New Reservation >> Virtual and click on vSphere (vCenter)
  • Select the cluster from the Compute pull down menu
  • The name field will fill in automatically; I am going to edit this slightly to include my business group game so cl01-Res-StarWars and cl01-Res-WalkingDead
  • Select the matching business group from the Business Group pull down
  • Select the matching reservation policy
  • The quota field is optional and can be used to limit the number of virtual machines the business group user can provision.  For fun lets set WalkingDead to 10 and leave it blank (unlimited) for StarWars
  • Set the priority to 1.  The priority field is used if you are going to create multiple reservations for the same reservation policy.  For example if we had two, the second one we create would have a priority of 2.  When a user tries to provision a virtual machine from the catalog it will use the lowest priority unless it is not available any longer then move to alternate resources, for example maybe vCloud Air.  Below is an example from my system
vRealize Automation / vCloud Automation Center Reservation

vRealize Automation / vCloud Automation Center Reservation

  • Click on the Resources tab
  • Here you can limit the amount of memory that could be consumed, notice the “reserved” column is currently 0 (zero) – set the reserved amount to 6
  • Click on one (or more) of the datastores you want to be available; enter the amount to reserve and the priority.  Don’t forget to click the green circle / check mark.  For example:
vRealize Automation / vCloud Automation Center Storage Reservation

vRealize Automation / vCloud Automation Center Storage Reservation

  • Look at the various datastores; you can edit and make only certain datastores available to certain reservations by disabling the ones you do not want to be included
  • Click on the Network tab; here you select which networks the virtual machines will attach to.  I am selecting vm which is the port group on my VDS for virtual machine traffic
  • Click the OK button
  • Repeat for other business groups

Notice anything different in the Reserved Memory column this time?  You got it, we reserved memory in the first reservation we created.  You can over commit your reservations, but be careful as you would with any overcommitment.  Now that we have reservations setup, time to create some templates and blueprints.

Adding Business Groups – vRealize Automation Series Part 10

We are cruising right along here in our vRealize Automation / vCloud Automation Center setup.  So far we have everything installed, permissions assigned, a vCenter endpoint added and fabric group created with the cluster from our vCenter server.  Now its time to setup business groups.  Business groups are just a logical group of users, this may be done per department, per project or per external customer.  We can publish catalog items to business groups, so when planning your business groups think of the things certain groups may or may not need.  For example you may want a business group for your QA department that only has access to builds that are currently being tested so they do not chose the wrong version to deploy, or not want finance see HRs catalog items.   Consider helpdesk users, you may want to publish certain catalog items for them to do certain tasks like create AD users and groups through vCenter Orchestrator workflows or PowerShell scripts – the possibilities are seemingly endless.

Remember when I said installing it was the easy part – wasn’t kidding – all the work for vRealize Autoamtion / vCloud Automation Center comes in the application configuration.

A couple of things before we get started with business groups however; lets create some users in our AD to mimic end users and if you recall from my last post we also need to create a machine prefix as it is a required field to create the business group – no defined prefix, no savie business group.

  • Log into your DC and create several users; as a Walking Dead fan I used Rick, Carl, Tyreese and Daryl as my users.  All of these users were added to a group called vraGeorgia which will be assigned to my business group.  Create a 2nd group and set of users; in my case I went Star Wars related.

The fabric administrator creates machine, in the last post I assigned this role to the iaasadmin user, if you are still logged in from the last post you will need to log out and back in again to have the new permissions assigned.  Once logged in click on the Infrastructure tab >> Blueprints.  Recall from a previous post that the user with the IaaS admin role only had an menu item under Blueprints called Instance Types, now there are several – take a moment to look at each, when you are ready click on Machine Prefixes.

vRealize Automation / vCloud Automation Center Fabic Admin Blueprint menu

vRealize Automation / vCloud Automation Center Fabic Admin Blueprint menu

  • Click on New Machine Prefix
  • Fill in the prefix name, number of digits and next number.  For example Dead, 2, 1 would create the first prefix as dead01 because my prefix is dead, I’ve added 2 digits to that and set the next number to 1.  If, for example, I set it to zombie, 3 and 75 my next prefix created would be zombie075.
  • When finished, click the green circle with the check mark.  I have created two prefixes, dead for my vraGeorgia group and boom for vraAlderaan
vRealize Automation / vCloud Automation Center New Machine Prefix

vRealize Automation / vCloud Automation Center New Machine Prefix

  • Now that both machine prefixes are saved, log out of vRealize Automation / vCloud Automation Center and log in as tenantadmin
  • To create a business group, click on the Infrastructure tab >> Groups >> Business Groups (I feel like it would make more sense for this to be under administration, but its not so..)
  • Click on New Business Group and fill in the information, if you are using the same names as me, this is what it should look like when finished.  Use the ellipse to select the machine prefixes we just created and the magnifying glass icon to search for the names and groups.
  • In vCloud Automation Center 6, there was a bug that would not allow you to search for AD groups, I am sad to see this is still present in 6.1; according to the documentation groups should be accepted here.  Type the group name in below the search box, its not very obvious but will work

 

vRealize Automation / vCloud Automation Center Create Business Group

vRealize Automation / vCloud Automation Center Create Business Group

  • When finished, click the OK button and repeat for your second group

Here we are – business groups and prefixes created, next up – creating reservations for our business groups.

Configure Fabric Groups – vRealize Automation Series Part 9

Time for Fabric Groups, and no a fabric group is not what Grandma does on Saturday afternoons at the senior center.  Fabric groups in the vRealize Automation / vCloud Automation Center world is a collection of resources, this tends to send folks who have been storage focused for a long time down a different path as they start thinking about zoning and switches.

There can be multiple fabric groups with different purposes, for example you may assign clusters to different business groups to ensure performance, or at least that one group does not “hog” all of the resources available (though as we’ll see later there are other ways to control that).

As this is a resource being configured, we again log in with someone that as the Infrastructure admin role, in our case the iaasadmin user :

  • Click on the Infrastructure tab >>  Groups >> Fabric Groups
  • Click on New Fabric Group
  • Provide a name for your fabric group, in my case I’ll use vxprt
  • Assign a user to as a fabric administrator – remember we may have different groups using different fabrics and you may want to have someone in engineering manage their resources and a separate person in QA to manage the resources in their fabric group.  Or you could have a single fabric group that is assigned to various users.  The choice is yours.  In my case I am going to assign the iaasadmin user as the fabric administrator.  Start typing the name in, click the magnifying glass icon then click on the user
  • In compute resources, you will see the cluster from the vCenter server you added when you added the vSphere endpoint, had you not followed the last blog post you would have no endpoint, thus no resources – unless you already knew to do that on your own of course!  Select your cluster and click the OK button

For fun, click on New Fabric group again – did you think your cluster assigned to your previous admin group would still be available?  Logic might suggests that once I assign a cluster to a fabric group I should not be able to reuse it, however fabric groups are not how we control resource consumption, they are used for administration by other users.

That’s it, pretty easy.  If you like you can create multiple fabric groups to mimic what you might do in a production environment or play around with adding different clusters if you have those kinds of resources.  In my next post we will setup machine prefixes and business groups – which have to be done in that order, you can’t create a business group without a machine prefix (seems out of order to me but hey I’m not a programmer).

Add vCenter Endpoint – vRealize Automation Series Part 8

With administrative users setup so we can actually configure various options in vRealize Automation / vCloud Automation Center – its now time to add some compute resource, so we can actually deploy things!  Endpoints in vRealize Automation / vCloud Automation Center can be several things:

  • Hypervisor management platforms such as vCenter, vCenter Orchestrator, and SCVMM
  • Cloud providers such as vCloud Air (formerly vCloud Hybrid Service), vCloud Director providers including vCloud Air, OpenStack using RHEV 3.1
  • Physical hardware from Cisco, HP, and Dell

If you recall from the IaaS installation post, one of the options asked us to name the vCenter endpoint, now we are going to log in and configure our vCenter server as an endpoint so we can use it to deploy virtual machines through the catalog.

  • Log into your vRealize Automation / vCloud Automation Center appliance (in my case https://vxprt-vcac01.vxprt.local/vcac) as…. do you recall from the last post who to log in as?  That’s right iaasadmin as that user was assigned the infrastructure administrator role which can manage endpoints
  • Once logged in, click on the infrastructure tab >> Monitoring >> Log
  • Notice here the errors related to the VRM agent occurring every minute, that is because we have not added our vCenter server yet
  • Click Back to infrastructure, then click on Endpoints >> Endpoints
  • Hover over New Endpoint >> Virtual and click on vSphere (vCenter)
vRealize Automation / vCloud Automation Center add vSphere (vCenter) Endpoint

vRealize Automation / vCloud Automation Center add vSphere (vCenter) Endpoint

  • We will need to name the endpoint, the URL to the vCenter SDK and credentials.  Since we have not already, I would create a user account in AD called svc_vra_vcbind and add it to the vcAdmins group (assuming you followed along on the home lab build, or give it admin permission directly to your vCenter)
  • Fill in the following information:
    • Name:  vCenter (Do you recall why we are naming it vCenter?)
    • Address:  vcenterurl/sdk (in my case https://vxprt-vc01.vxprt.local/sdk)
    • Credentials:  Click the ellipse, then New Credentials and add a user account with permission to vCenter and click the green circle with the checkmark
  • With all the information filled in, click the OK button
  • Once vCenter has been added, return to the log view, you should notice that the VRM Agent errors are no longer occurring

Now you’ve added resources vRealize Automation / vCloud Automation Center can use to fulfill requests, however we still need to assign those compute resources to a fabric group, which will be next in my vRealize series!