Administering VMware vCenter Orchestrator vCenter Orchestrator 4.2 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
Administering VMware vCenter Orchestrator You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2011 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws.
Contents Administering VMware vCenter Orchestrator 7 Updated Information 9 1 The Orchestrator Client 11 Log in to the Orchestrator Client 11 Access the Orchestrator API Explorer 12 User Preferences 13 My Orchestrator View 14 Configurations View 15 Packages View 15 Scheduler View 16 Workflows View 16 Components of the Workflows View 16 Actions View 17 Resources View 17 Inventory View 18 Web Views View 18 Weboperator Web View 18 Start the Weboperator Web View 18 Policies 19 2 Managing Workflows 21 Stan
Administering VMware vCenter Orchestrator 3 Creating Resource Elements 31 View a Resource Element 31 Import an External Object to Use as a Resource Element 32 Edit the Resource Element Information and Access Rights 32 Save a Resource Element to a File 33 Update a Resource Element 33 Add a Resource Element to a Workflow 33 Add a Resource Element to a Web View 34 4 Managing Actions 37 Create an Action 37 Duplicate an Action 38 Export an Action 38 Import an Action 39 Move an Action 39 Find Elements That Im
Contents Index 63 VMware, Inc.
Administering VMware vCenter Orchestrator 6 VMware, Inc.
Administering VMware vCenter Orchestrator Administering VMware vCenter Orchestrator provides information and instructions about using and maintaining ® VMware vCenter Orchestrator. It also describes how to manage workflows, plug-ins, packages, and inventory.
Administering VMware vCenter Orchestrator 8 VMware, Inc.
Updated Information Administering VMware vCenter Orchestrator is updated with each release of the product or when necessary. This table provides the update history of Administering VMware vCenter Orchestrator. Revision Description EN-000467-01 Removed a note regarding policy development from “Policies,” on page 19. Orchestrator 4.2 supports policy development. EN-000467-00 Initial release. VMware, Inc.
Administering VMware vCenter Orchestrator 10 VMware, Inc.
The Orchestrator Client 1 The Orchestrator client is an easy-to-use desktop application that allows you to perform daily administration tasks such as importing packages, running and scheduling workflows, and managing user permissions. The Orchestrator client also serves as an IDE for creating or customizing workflows.
Administering VMware vCenter Orchestrator Procedure 1 Log in as an administrator to the machine on which the Orchestrator client is installed. 2 Click Start > Programs > VMware > vCenter Orchestrator Client. 3 In the Host name field, type the IP address to which Orchestrator server is bound. To check the IP address, log in to the Orchestrator configuration interface and check the IP settings on the Network tab. 4 Log in by using the Orchestrator user name and password.
Chapter 1 The Orchestrator Client What to do next Use the API Explorer to write scripts for scriptable elements. User Preferences You can customize aspects of the Orchestrator client by using the User preferences tool. Your preferences are saved on the client side in the C:\Documents and Settings\Current_User\.vmware\vmware-vmo.cfg file. The .vmware folder is created when you first connect the client to a running Orchestrator server.
Administering VMware vCenter Orchestrator Table 1-2. Workflow Editor Customization Options (Continued) Option Description Check workflow termination Orchestrator checks if each terminal transition of a workflow with different possible outcomes is connected to an End Workflow schema element. Check unreachable items Orchestrator checks if all activities are reachable. Check unused workflow's parameters/attributes Orchestrator checks if all parameters and attributes of a workflow are used.
Chapter 1 The Orchestrator Client Configurations View The Configurations view in the Orchestrator client allows you to create configuration elements. Creating configuration elements allows you to define common attributes across an Orchestrator server. The Configurations view consists of a set of tabs that show information about a configuration element that you select. You can edit a configuration element by right-clicking the element and selecting Edit.
Administering VMware vCenter Orchestrator Scheduler View The Scheduler view in the Orchestrator client displays a list of all scheduled workflows in the system. The workflows are sorted by name or date, together with their status. You can use the Scheduler view to create, edit, suspend, resume, and cancel scheduled workflows. The Scheduler view consists of a set of tabs that show different types of information about scheduled workflow that you select.
Chapter 1 The Orchestrator Client Parameters Reference Shows all the input and output parameters in a single view. The tab also identifies the schema element that consumes or generates a parameter. You can optionally view the workflow attributes in this tab by clicking Show Attributes. When you right-click an attribute or a parameter and select Show in schema, the corresponding schema element is highlighted. Workflow Tokens Provides details about the different runs of the selected workflow.
Administering VMware vCenter Orchestrator Inventory View The Inventory view in the Orchestrator client interface displays the objects of the plugged-in applications that are enabled in Orchestrator. You can use the Inventory view to run workflows on an inventory object. If the Use contextual menu in inventory option is enabled, all of the workflows that you can run on the selected inventory object appear in a contextual menu.
Chapter 1 The Orchestrator Client 9 In the right pane, select whether to run the workflow now or at a later time. Option Action Run the workflow now a b Click Start Workflow to run the workflow. Provide the required input parameters and click Submit to run the workflow. Run the workflow at a later time a b Click Schedule Workflow to run the workflow at a later time. Provide the time, date, and recurrence information to set when and how often to run the workflow and click Next.
Administering VMware vCenter Orchestrator 20 VMware, Inc.
Managing Workflows 2 A workflow is a succession of actions and decisions that are run sequentially until they arrive at a specific result. Orchestrator provides a library of workflows that perform common management tasks according to best practices. Orchestrator also provides libraries of the individual actions that the workflows perform. Workflows combine actions, decisions, and results that, when performed in a particular order, complete a specific task or a specific process in a virtual environment.
Administering VMware vCenter Orchestrator The contents of the workflow library is accessible through the Workflows view in the Orchestrator client. The standard workflow library provides workflows in the following folders. JDBC Test the communication between a workflow and a database by using the JDBC (Java Database Connectivity) plug-in shipped with Orchestrator. Locking Demonstrates the locking mechanism for automated processes, that allows workflows to lock the resources they use.
Chapter 2 Managing Workflows Key Concepts of Workflows Workflows consist of actions, attributes, parameters, and schema. Orchestrator saves a workflow token every time a workflow runs, recording the details of that specific run of the workflow. n Workflow User Permissions on page 23 Orchestrator defines levels of permissions that you can apply to users or groups to allow or deny them access to workflows.
Administering VMware vCenter Orchestrator If you do not set any permissions on a workflow, the workflow inherits the permissions from the folder that contains it. If you do set permissions on a workflow, those permissions override the permissions of the folder that contains it, even if the permissions of the folder are more restrictive. Workflow Credentials Each workflow has a default running credential that the workflow starter issues.
Chapter 2 Managing Workflows Input parameters have the following properties: n name n type n description After you pass a value for an input parameter to a workflow, you cannot change the parameter's name, type, or description. Output Parameters A workflow's output parameters represent the result of running that workflow. Output parameters can change when a workflow or workflow element runs. While they run, workflows can receive the output parameters of other workflows as their input parameters.
Administering VMware vCenter Orchestrator Workflow Token Attributes Workflow token attributes are the specific parameters with which a workflow token runs. The workflow token attributes are an aggregation of the workflow's global attributes and the specific input and output parameters with which you run the workflow token. Workflow Token States Each time you run a workflow, a workflow token appears under that workflow as a new leaf node in the workflows hierarchical list.
Chapter 2 Managing Workflows Set User Permissions on a Workflow You set levels of permission on a workflow to limit the access that users or user groups can have to that workflow. You select the users and user groups for which to set permissions from the users and user groups in the Orchestrator LDAP server. Prerequisites Create a workflow, open it for editing in the workflow editor, and add to it the necessary elements. Procedure 1 Click the Permissions tab.
Administering VMware vCenter Orchestrator 4 Provide the following information into the Start workflow input parameters dialog box to create a virtual machine in a vCenter Server connected to Orchestrator. Option Action Virtual machine name Name the virtual machine orchestrator-test. Virtual machine folder a b Click Not set for the Virtual machine folder value. Select a virtual machine folder from the inventory.
Chapter 2 Managing Workflows Prerequisites Log in to the Orchestrator client. At least one workflow in Waiting for User Interaction state. Procedure 1 Click the My Orchestrator view in the Orchestrator client. 2 Click the Waiting for Input tab. The Waiting for Input tab lists the workflows that are waiting for user inputs that you or members of your user group have permission to provide. 3 Double-click a workflow that is waiting for input.
Administering VMware vCenter Orchestrator What to do next You can monitor the scheduled workflow and delete it from the Scheduler view when it is complete. Edit the Workflow Recurrence Pattern A recurrence pattern is used to specify the way in which a given workflow is scheduled. You can edit the recurrence pattern of a workflow from the Scheduler view. Prerequisites A recurrent workflow that is scheduled. Procedure 1 In the Orchestrator client, click the Scheduler view.
Creating Resource Elements 3 Workflows and Web views can require as attributes objects that you create independently of Orchestrator. To use external objects as attributes in workflows or Web views, you import them into the Orchestrator server as resource elements. Objects that workflows and Web views can use as resource elements include image files, scripts, XML templates, HTML files, and so on.
Administering VMware vCenter Orchestrator What to do next Import and edit a resource element. Import an External Object to Use as a Resource Element Workflows and Web views can require as attributes objects that you create independently of Orchestrator. To use external objects as attributes in workflows or Web views, you import them to the Orchestrator server as resource elements. Prerequisites An image file, script, XML template, HTML file, or other type of object to import.
Chapter 3 Creating Resource Elements What to do next Save the resource element to a file to update it, or add the resource element to a workflow or Web view. Save a Resource Element to a File You can save a resource element to a file on your local system. Saving the resource element as a file allows you to edit it. For example, if the resource element is an XML configuration file or a script, you must save it locally to modify it. You cannot edit a resource element in the Orchestrator client.
Administering VMware vCenter Orchestrator n A workflow that requires this resource element as an attribute. Procedure 1 Click the Workflows view in the Orchestrator client. 2 Expand the hierarchical tree viewer to navigate to the workflow that requires the resource element as an attribute. 3 Right-click the workflow and select Edit. 4 On the General tab, right-click in the attributes pane and select Add attribute. 5 Click the attribute name and type a new name for the attribute.
Chapter 3 Creating Resource Elements 8 In the Select a type dialog box, type resource in the Filter box to search for an object type. Option Action Define a single resource element as an attribute Select ResourceElement from the list. Define a folder that contains multiple resource elements as an attribute Select ResourceElementCategory from the list. 9 Click Value and type the name of the resource element or category of resource elements in the Filter text box.
Administering VMware vCenter Orchestrator 36 VMware, Inc.
Managing Actions 4 Actions represent individual functions that you use as building blocks in workflows, Web views, and scripts. Actions are JavaScript functions that take multiple input parameters and have a single return value. Actions can call on any object or method in the Orchestrator API, or on objects in any API that you import into Orchestrator by using a plug-in. When a workflow runs, an action takes its input parameters from the workflow's attributes.
Administering VMware vCenter Orchestrator 8 Add the action input parameters by clicking the arrow icon. 9 Write the action script. 10 Set the action permissions. 11 Click Save and close. You created a custom action and added the action input parameters. What to do next You can use the new custom action in a workflow. Duplicate an Action The predefined library of actions is read-only. To customize a standard action, you must create a duplicate of that action.
Chapter 4 Managing Actions What to do next You can import the action on a different Orchestrator server and use it in workflows and scripts. Import an Action You can import actions and use them as building blocks in workflows, Web views, and scripts. Procedure 1 In the Orchestrator client, click the Actions view. 2 Expand the root of the actions hierarchical list and navigate to the module in which you want to import the action. 3 Right-click the module and select Import action.
Administering VMware vCenter Orchestrator 2 Expand the nodes of the actions hierarchical list to navigate to a given action. 3 Right-click the action and select Find Elements that Use this Element. A dialog box shows all of the elements, such as workflows or packages, that implement this action. 4 Double-click an element in the list of results to show that element in the Orchestrator client. You located all of the elements that implement an action.
Using Packages 5 Packages are the vehicle for transporting content from one Orchestrator server to another. Packages can contain workflows, actions, policies, Web views, configurations, and resources. When you add an element to a package, Orchestrator checks for dependencies and adds any dependent elements to the package. For example, if you add a workflow that uses actions or other workflows, Orchestrator adds those actions and workflows to the package.
Administering VMware vCenter Orchestrator 3 Name the new package and click OK. The syntax for package names is domain.your_company.folder.package_name. For example, com.vmware.myfolder.mypackage. 4 Right-click the package and select Edit. The package editor opens. 5 Add a description for the package in the General tab. 6 Click the Workflows tab to add workflows to the package. 7 n Click Insert Workflows (list search) to search for and select workflows in a selection dialog box.
Chapter 5 Using Packages 6 Check the appropriate check boxes to set the level of permissions for this user and click OK. To allow a user to view the elements, inspect the schema and scripting, run and edit the elements, and change the permissions, you must check all check boxes. 7 Click Save and Close to exit the package editor. You created a package and set the appropriate user permissions. Export a Package You can export a package and reuse its content on another Orchestrator server.
Administering VMware vCenter Orchestrator Import a Package To reuse workflows, actions, policies, Web views, and configuration elements from one Orchestrator server on another server, you can import them as a package. IMPORTANT Packages that Orchestrator 3.2 generates are upwardly compatible with Orchestrator 4.x. You can import a package from an Orchestrator 3.2 server to an Orchestrator 4.x server. Packages from Orchestrator 4.x are not backwards compatible with Orchestrator 3.2.
Chapter 5 Using Packages 2 Right-click the package to synchronize and select Synchronize. 3 Log in to the remote server. The Orchestrator Synchronization dialog box opens. It displays the differences between the package elements. To view only elements that are different on the local and remote server, select Hide identical from the drop-down menu. 4 View the comparison between the local and remote package elements, click Synchronize and select an option.
Administering VMware vCenter Orchestrator 46 VMware, Inc.
Setting System Properties 6 You can set system properties to change the default Orchestrator behavior.
Administering VMware vCenter Orchestrator 3 Add the following line to the vmo.properties configuration file. #Disable Orchestrator client connection com.vmware.o11n.smart-client-disabled = true 4 Save the vmo.properties file. 5 Restart the Orchestrator server. You disabled access to the Orchestrator client to all users other than members of the Orchestrator administrator LDAP group.
Chapter 6 Setting System Properties n The read (r), write (w), and execute (x) levels of rights n The path on which to apply the rights Orchestrator resolves access rights in the order they appear in the js-io-rights.conf file. Each line can override the previous lines. The following code extract shows the default content of the js-io-rights.conf configuration file: -rwx c:/ +rwx c:/orchestrator +rx ../../configuration/jetty/logs/ +rx ../server/vmo/log/ +rx ../bin/ +rx ./boot.properties +rx ..
Administering VMware vCenter Orchestrator 3 Open the js-io-rights.conf configuration file in a text editor. The following code extract shows the default content of the js-io-rights.conf configuration file: -rwx c:/ +rwx c:/orchestrator +rx ../../configuration/jetty/logs/ +rx ../server/vmo/log/ +rx ../bin/ +rx ./boot.properties +rx ../server/vmo/conf/ +rx ../server/vmo/conf/plugins/ +rx ../server/vmo/deploy/vmo-server/vmo-ds.xml +rx ../../apps/ +r ../../version.
Chapter 6 Setting System Properties You granted permissions to Orchestrator applications to run local commands in the Orchestrator server host operating system. NOTE By setting the com.vmware.js.allow-local-process system property to true, you allow the Command scripting class to write anywhere in the file system. This property overrides any file system access permissions that you set in the js-io-rights.conf file for the Command scripting class only.
Administering VMware vCenter Orchestrator Set Custom Timeout Property When vCenter is overloaded, it takes more time to return the response to the Orchestrator server than the 20000 milliseconds set by default. To prevent this situation, you must modify the Orchestrator configuration file to increase the default timeout period. If the default timeout period expires before the completion of certain operations, the Orchestrator server log contains errors.
Chapter 6 Setting System Properties 2 Open the XML configuration file of the plug-in for which you want to change the number of search results. 3 Add the following line to the XML configuration file for the plug-in. 50 This line sets the number of search results to return to 50. 4 Save the XML configuration file. 5 (Optional) Repeat Step 2 through Step 4 for each plug-in to modify. 6 Restart the Orchestrator server.
Administering VMware vCenter Orchestrator 54 VMware, Inc.
Maintenance and Recovery 7 The Troubleshooting tab in the Orchestrator configuration interface allows you to perform several bulk operations related to workflows and tasks. You can use the Troubleshooting tab to globally reset the server and remove all traces of previous runs. NOTE Before you click a troubleshooting option, make sure that the Orchestrator server is stopped. Table 7-1.
Administering VMware vCenter Orchestrator Orchestrator Server Fails to Start The VMware vCenter Orchestrator Server service might fail to start when not enough RAM is available for the JVM to start the server. Problem The server status appears as Starting in the configuration interface and it is not updated when you refresh the page. When you select My Computer > Services and Applications > Services, the server fails to start and you receive a timeout error.
Chapter 7 Maintenance and Recovery 6 Restart the Orchestrator Configuration service. You can log in to the Orchestrator configuration interface with the default credentials. n User name: vmware n Password: vmware Change the Web View SSL Certificate Orchestrator provides an SSL certificate that controls user access to Web views. You can configure Orchestrator to use a different SSL certificate to control access to Web views.
Administering VMware vCenter Orchestrator Orchestrator Log Files VMware Technical Support routinely requests diagnostic information from you when a support request is handled. This diagnostic information contains product-specific logs and configuration files from the host on which the product is run. The information is gathered by using a specific script tool for each product. Table 7-2. Orchestrator Log Files Filename Location Description boot.log install_directory\appserver\server\vmo\log Provides d
Chapter 7 Maintenance and Recovery Table 7-2. Orchestrator Log Files (Continued) Filename Location Description yyyy-mm-dd.request.log install_directory\configuratio n\jetty\logs This log lists the elements that are needed to load and display the pages of the vCO configuration interface. It keeps a history of the actions that were taken during the configuration of vCO and the time when they were completed. Use this log to identify changes in the behavior of the vCO server after a restart.
Administering VMware vCenter Orchestrator Define the Server Log Level In the Orchestrator configuration interface, you can set the level of server log that you require. The default server log level is INFO. Changing the log level affects any new messages that the server writes to the server log and the number of active connections to the database. CAUTION Only set the log level to DEBUG or ALL to debug a problem.
Chapter 7 Maintenance and Recovery 2 Open the log4j.xml file in a text editor and locate the following code block: PAGE 62Administering VMware vCenter Orchestrator Loss of Server Logs You might experience loss of logs if you use the vmo.bat file to restart the Orchestrator server. Problem If you start the Orchestrator server as a service and you then restart the Orchestrator server by running the vmo.bat file directly, you can experience a potential loss of logs. Cause Logs can be lost if you start the Orchestrator server as a service and restart it by using the vmo.bat.
Index A L actions adding 37 creating 37 duplicating 38 encrypting 38 exporting 38 finding elements that implement 39 importing 39 moving 39 referencing 39 relocating 39 Actions view 17 API Explorer, accessing 12 attributes 23, 24 logs non-persistent logs 59 persistent logs 59 C Command scripting class 50 configuration elements 24 Configurations view 15 contextual menu in inventory 18 D M maximum concurrent workflows 53 maximum pending workflows 53 My Orchestrator view 11 O operating system commands,
Administering VMware vCenter Orchestrator resource elements adding to Web views 34 adding to workflows 33 editing 32 importing 32 save to file 33 updating 33 viewing 31 resource locking 26 S Scheduler view 16 scheduling 29 schema 23, 25 scripting access to Java classes 51 accessing operating system commands 50 shutter system property 51 server log exporting 60 log level 60 standard workflows 21 system properties 47, 51–53 workflow token 25 workflow token attributes 25 workflow token states 26 workflows i
