Book Image

VMware vRealize Orchestrator Cookbook

By : Daniel Langenhan
Book Image

VMware vRealize Orchestrator Cookbook

By: Daniel Langenhan

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
VMware vRealize Orchestrator Cookbook
Daniel Langenhan
Feb, 2015 | 382 pages
No titles found
Table of Contents (15 chapters)
VMware vRealize Orchestrator Cookbook
VMware vRealize Orchestrator Cookbook
Credits
Credits
Foreword
Foreword
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Installing and Configuring Orchestrator
Installing and Configuring Orchestrator
Introduction
Getting Orchestrator running in 5 minutes (or less)
Deploying the Orchestrator appliance
Installing Orchestrator on Windows
Two ways to configure Orchestrator
Important Orchestrator base configurations
Configuring Orchestrator with an external LDAP or Active Directory
Integrating Orchestrator into SSO and vSphere Web Client
Configuring an external database
2
Optimizing Orchestrator Configuration
Optimizing Orchestrator Configuration
Introduction
Plugin basics
Tuning the appliance
Tuning Java
Backup and recovery
Creating an Orchestrator cluster
Configuring the Orchestrator Service SSL certificate
Configuring e-mail
Redirecting Orchestrator Syslog to an external Syslog server
Configuring the Kerberos authentication
Configuring access to the local filesystem
Updating Orchestrator
3
Visual Programming
Visual Programming
Introduction
Workflow basics
Version control
Working with logs
Error handling in workflows
Resuming failed workflows
Using the workflow debugging function
Working with decisions
Working with loops
Working with presentations
Working with configurations
Working with actions
Linking actions in presentations
Waiting tasks
Sending and waiting for custom events
Using asynchronous workflows
Working with user interactions
Changing credentials
4
Working with Plugins
Working with Plugins
Introduction
Working with the API
Working with mails
File operations
Working with SSH
Working with XML
Working with SQL
Working with PowerShell
Working with SOAP
Working with REST
Working with Active Directory
Working with SNMP
Working with AMQP
5
Basic Orchestrator Operations
Basic Orchestrator Operations
Introduction
Basic Orchestrator operations for Orchestrator elements
Changing elements in a workflow
Undelete workflows and actions
Importing and exporting Orchestrator elements
Synchronize Orchestrator elements between Orchestrator servers
Working with packages
User management
User preferences
Scheduling workflows
Workflow auto documentation
Orchestrator and vSphere Web Client
6
Advanced Operations
Advanced Operations
Introduction
Accessing the Orchestrator API via REST
Working with resources
Working with tags
Working with locks
Language packs (localization)
Working with policies
Managing remote Orchestrator
7
Working with VMware Infrastructure
Working with VMware Infrastructure
Introduction
Unmounting all the CD-ROMs of all VMs in a cluster
Provisioning a VM from a template
An approval process for VM provisioning
Working with the vCenter API (to change a VM's HA settings)
Standard vSwitch and Distributed Switch ports
Executing a program inside a VM
Configuring a vRA instance in Orchestrator
Configuring an external Orchestrator in vRA
Adding an Orchestrator endpoint
Integrating Orchestrator workflows in vRA
Managing AD users with vRA
Index
Index

Integrating Orchestrator into SSO and vSphere Web Client

Integrating Orchestrator into the vCenter Web Client enables vCenter Server users to directly run Orchestrator workflows just by right-clicking vCenter objects. The vRA-integrated Orchestrator is already configured with the SSO that vRA uses.

Getting ready

vCO 5.5 (and higher) requires an SSO server 5.5, as it won't work with an SSO 5.1 server.

We need an up-and-running Orchestrator as well as access to vCenter Web Client.

Make sure that you set the Orchestrator Network configuration (see the Configuring the network section in the Important Orchestrator base configurations recipe)

You should be comfortable with using one of the methods described in the Two ways to configure Orchestrator recipe.

You should have an AD group for your vCOAdministrators with at least one user in it. You can use the precreated SSO group [email protected]. The account [email protected] is a member of this group.

How to do it...

Again both configuration methods are shown. Choose the one you're most comfortable with.

Registering Orchestrator with SSO

If you are using the Orchestrator installation that came with vCenter, you can skip this step.

Using the Orchestrator Configuration tool

  1. Open the Orchestrator Configuration tool.

  2. Click on the Network section and then on SSL Trust Manager.

  3. Enter [IP or FQDN of SSO server]:7444 as the URL and click on Import.

  4. Acknowledge the import by clicking on Import.

  5. Repeat steps 2 to 4 and register the SSL certificate for vCenter with port 443.

  6. Click on the Authentication section.

  7. Select the authentication mode as SSO Authentication.

  8. Enter the SSO server FQDN.

  9. Enter an SSO administrative user (for example, [email protected]).

  10. Click on Register Orchestrator.

  11. This registration registers a new application user in SSO.

  12. Select from the drop-down menu the group you would like to use for Orchestrator administrators.

  13. Click on Accept Orchestrator Configuration.

Using the workflow

  1. Open the Orchestrator Client.

  2. Navigate to Library | Configuration | SSL Trust Manager.

  3. Right-click on the Import a certificate from URL workflow and select Start Workflow.

  4. Enter [IP or FQDN of SSO server]:7444 as the URL.

  5. Select Yes to accept the SSL Certificate even if there are warnings and click on Submit.

  6. Wait till the workflow has successfully finished.

  7. Navigate to Library | Configuration | Authentication | SSO.

  8. Right-click on the workflow Configure SSO and select Start Workflow.

  9. Enter [IP or FQDN of SSO server]:7444 as the URL.

  10. Enter an SSO administrative user (for example, [email protected]).

  11. Enter the SSO Admin Group (ignore if it says domain/group). The existing SSO default group is called VCOAdministrators (case-sensitive).

  12. Click on Submit and wait until the workflow is completed successfully.

Configuring the vCenter Server plugin

The integration of Orchestrator with vCenter Web Client requires us to also configure the vCenter Server plugin.

Using the Orchestrator Configuration tool

  1. Open the Orchestrator Configuration tool.

  2. Click on the vCenter Server plugin.

  3. Click on New vCenter Server Host.

  4. Enter your vCenter FQDN.

  5. If you are using Windows, you can define a domain; the Linux appliance doesn't have this selection. You can leave it empty.

  6. Enter a vCenter Server administrative user and click on Apply changes.

Using the workflow

  1. Open Orchestrator Client.

  2. Navigate to Library | vCenter | Configuration.

  3. Right-click on the Add a vCenter Server instance workflow and select Start Workflow.

  4. Enter your vCenter FQDN.

  5. Select that you would like to orchestrate this instance as well and that you would like to accept SSL certificates even if they are self-signed.

  6. Click on Next.

  7. Enter a vCenter Server administrative user and the password.

  8. You can define a domain name, or leave it empty. Click on Submit.

Wait until the workflow is successfully finished.

Configuring the connection between vCenter Server and Orchestrator

In the Web Client only one Orchestrator Server can be paired to each vCenter Server. To configure the pairing, follow these steps:

  1. Open vSphere Web Client.

  2. Click on vCenter Orchestrator and then on Manage.

  3. Mark vCenter Server and click on Edit Configuration.

  4. The server that you have integrated should show up in the Registered as VC extension selection. If this is not the case, you can try to enter its FQDN or IP.

  5. Click on Test Connection and make sure it works. If it doesn't, this indicates that the integration hasn't worked correctly.

  6. Click on OK.

How it works...

Since vCenter Server 5.1, vSphere Web Client is (or better, should be) the main method for accessing vCenter. Orchestrator completely integrates with vSphere Web Client, making it possible for Orchestrator workflows to be executed directly from vSphere Web Client.

You can configure which workflows can be run from the vSphere Web Client. We will discuss this configuration in detail in the Orchestrator and vSphere Web Client recipe in Chapter 5, Basic Orchestrator Operations.

Using SSO for Orchestrator login requires that you log in into Orchestrator Client or vSphere Web Client using a user that is a member of the group you defined as vCOAdmins. If you used the [email protected] group, you can add other SSO and AD groups or users to this group via the SSO group membership configuration.

See also

To learn more about Orchestrator user management, see the User management recipe in Chapter 5, Basic Orchestrator Operations.

To configure Orchestrator workflows in vSphere Web Client, see the Orchestrator and vSphere Web Client recipe in Chapter 5, Basic Orchestrator Operations.

Previous Section
End of Section 9
Next Section