Installing vRealize Automation 12 April 2018 vRealize Automation 7.
Installing vRealize Automation You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation, submit your feedback to docfeedback@vmware.com VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com Copyright © 2014–2018 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc.
Contents vRealize Automation Installation 7 1 vRealize Automation Installation Overview 8 About vRealize Automation Installation 8 New in this vRealize Automation Installation 8 vRealize Automation Installation Components The vRealize Automation Appliance Infrastructure as a Service Deployment Type 9 9 10 12 Minimal vRealize Automation Deployments 12 Distributed vRealize Automation Deployments Choosing Your Installation Method 13 16 2 Preparing for vRealize Automation Installation 17 General
Installing vRealize Automation 4 Installing vRealize Automation with the Installation Wizard 41 Using the Installation Wizard for Minimal Deployments 41 Start the Installation Wizard for a Minimal Deployment Install the vRealize Automation Management Agent Completing the Installation Wizard 41 42 44 Using the Installation Wizard for Enterprise Deployments 44 Start the Installation Wizard for an Enterprise Deployment Install the vRealize Automation Management Agent Completing the Installation Wizard
Installing vRealize Automation The vRealize Automation Installation Command Line 127 vRealize Automation Installation Command-Line Basics vRealize Automation Installation Command Names The vRealize Automation Installation API 127 128 129 Convert Between vRealize Automation Silent Properties and JSON 130 7 vRealize Automation Post-Installation Tasks 132 Configure Federal Information Processing Standard Compliant Encryption Enable Automatic Manager Service Failover 132 133 About Automatic Manager
Installing vRealize Automation Cannot Establish Trust Relationship for the SSL/TLS Secure Channel Connect to the Network Through a Proxy Server Console Steps for Initial Content Configuration 157 158 Cannot Downgrade vRealize Automation Licenses Troubleshooting the vRealize Automation Appliance Installers Fail to Download 156 159 159 159 Encryption.
vRealize Automation Installation This vRealize Automation Installation guide contains wizard, manual, and silent installation instructions for VMware vRealize ™ Automation. Note Not all features and capabilities of vRealize Automation are available in all editions. For a comparison of feature sets in each edition, see https://www.vmware.com/products/vrealize-automation/.
vRealize Automation Installation Overview 1 You can install vRealize Automation to support minimal, proof of concept environments, or in different sizes of distributed, enterprise configurations that are capable of handling production workloads. Installation can be interactive or silent. After installation, you start using vRealize Automation by customizing your setup and configuring tenants, which provides users with access to self-service provisioning and life-cycle management of cloud services.
Installing vRealize Automation n In this release, the vRealize Automation appliance uses TLS 1.2 by default. The administration interface includes an option to temporarily enable TLS 1.0 and 1.1, which is needed for updating existing agents to this release. n The vRealize Automation appliance administration interface now includes a page for installing and managing patches. See Access Patch Management. n This release describes how to change the default proxy port for VMware Remote Console.
Installing vRealize Automation Infrastructure as a Service vRealize Automation IaaS consists of one or more Windows servers that work together to model and provision systems in private, public, or hybrid cloud infrastructures. You install vRealize Automation IaaS components on one or more virtual or physical Windows servers. After installation, IaaS operations appear under the Infrastructure tab in the product interface.
Installing vRealize Automation Distributed Execution Manager The IaaS DEM component runs the business logic of custom models, interacting with the IaaS SQL Server database, and with external databases and systems. A common approach is to install DEMs on the IaaS Windows server that hosts the active Manager Service, but it is not required. Each DEM instance acts as a worker or orchestrator. The roles can be installed on the same or separate servers.
Installing vRealize Automation n Is installed separately and has its own configuration file. Most vRealize Automation deployments install the vSphere proxy agent. You might install other proxy agents depending on the virtualization resources in use at your site. Virtual Desktop Integration Agents Virtual desktop integration (VDI) PowerShell agents allow vRealize Automation to integrate with external virtual desktop systems. VDI agents require administrator privileges on the external systems.
Installing vRealize Automation Figure 1‑1. Minimal vRealize Automation Deployment Users vRealize Automation Appliance vRealize Orchestrator Appliance Postgres DB IIS vRealize Automation Infrastructure as a Service (IaaS) IaaS SQL Server Database • Web Server • Model Manager Host • Manager Service Host • Distributed Execution Manager (DEM) • Agent Virtualization Resources You cannot convert a minimal deployment to an enterprise deployment.
Installing vRealize Automation Figure 1‑2. Distributed vRealize Automation Deployment Users vRealize Automation Appliance vRealize Orchestrator Appliance Postgres DB vRealize Automation Infrastructure as a Service (IaaS) IIS IaaS Web Server and Model Manager Host IaaS SQL Server Database IaaS Manager Service Host IaaS DEM(s) IaaS Agent(s) Virtualization Resources Many production deployments go even further, with redundant appliances, redundant servers, and load balancing for even more capacity.
Installing vRealize Automation Figure 1‑3.
Installing vRealize Automation Choosing Your Installation Method The consolidated vRealize Automation Installation Wizard is your primary tool for new vRealize Automation installations. Alternatively, you might want to perform the manual, separate installation processes or a silent installation. n The Installation Wizard provides a simple and fast way to install, from minimal deployments to distributed enterprise deployments with or without load balancers. Most users run the Installation Wizard.
Preparing for vRealize Automation Installation 2 You install vRealize Automation into existing virtualization infrastructure. Before you begin an installation, you need to address certain environmental and system requirements.
Installing vRealize Automation Third Party Software All third-party software should have the latest vendor patches. Third party software includes Microsoft Windows and SQL Server. Time Synchronization All vRealize Automation appliances and IaaS Windows servers must synchronize to the same time source. You may use only one of the following sources. Do not mix time sources.
Installing vRealize Automation IIS Application Pool Identity The account you use as the IIS application pool identity for the Model Manager Web service must have Log on as batch job permission. IaaS Database Credentials You can let the vRealize Automation installer create the database, or you can create it separately using SQL Server. When the vRealize Automation installer creates the database, the following requirements apply.
Installing vRealize Automation The vRealize Automation administrator password cannot contain a trailing equals ( = ) character. The password is accepted when you create it but results in errors later, when you perform operations such as saving endpoints. Host Names and IP Addresses vRealize Automation requires that you name the hosts in your installation according to certain requirements.
Installing vRealize Automation n IaaS Model Manager host n IaaS Manager Service host n IaaS SQL Server database n IaaS DEM Orchestrator The following component might work at a higher latency site, but the practice is not recommended. IaaS DEM Worker n You may install the following component at the site of the endpoint with which it communicates. IaaS Proxy Agent n vRealize Automation Appliance Most vRealize Automation appliance requirements are preconfigured in the OVF or OVA that you deploy.
Installing vRealize Automation Table 2‑2. Incoming Ports (Continued) Port Protocol Comments Access for machines to download the guest agent and software bootstrap agent. Access for load balancer, browser. 4369, 5671, 5672, 25672 TCP RabbitMQ messaging. 5480 TCP Access to the virtual appliance management interface. Used by the Management Agent. 5488, 5489 TCP Internally used by the vRealize Automation appliance for updates. 8230, 8280, 8281, 8283 TCP Internal vRealize Orchestrator instance.
Installing vRealize Automation Table 2‑3. Outgoing Ports (Continued) Port Protocol Comments 5500 TCP RSA SecurID system. Default port shown, but is configurable. 8281 TCP Optional. For communicating with an external vRealize Orchestrator instance. 9300–9400 TCP Access for Identity Manager audits. 54328 UDP Other ports might be required by specific vRealize Orchestrator plug-ins that communicate with external systems. See the documentation for the vRealize Orchestrator plug-in.
Installing vRealize Automation n Enable the Distributed Transaction Coordinator (DTC) service. IaaS uses DTC for database transactions and actions such as workflow creation. Note If you clone a machine to make an IaaS Windows server, install DTC on the clone after cloning. If you clone a machine that already has DTC, its unique identifier is copied to the clone, which causes communication to fail. See Error in Manager Service Communication.
Installing vRealize Automation Table 2‑5.
Installing vRealize Automation You need IIS 7.5 for Windows 2008 variants, IIS 8 for Windows 2012, and IIS 8.5 for Windows 2012 R2. In addition to the configuration settings, avoid hosting additional Web sites in IIS. vRealize Automation sets the binding on its communication port to all unassigned IP addresses, making no additional bindings possible. The default vRealize Automation communication port is 443. Table 2‑6.
Installing vRealize Automation n Configure Internet Information Services (IIS) according to the following table. You need IIS 7.5 for Windows 2008 variants, IIS 8 for Windows 2012, and IIS 8.5 for Windows 2012 R2. In addition to the configuration settings, avoid hosting additional Web sites in IIS. vRealize Automation sets the binding on its communication port to all unassigned IP addresses, making no additional bindings possible. The default vRealize Automation communication port is 443. Table 2‑7.
Installing vRealize Automation Your SQL Server can reside on one of your IaaS Windows servers, or on a separate host. When hosted together with IaaS components, these requirements are in addition to those for all IaaS Windows servers. n This release of vRealize Automation does not support the default SQL Server 2016 130 compatibility mode. If you separately create an empty SQL Server 2016 database for use with IaaS, use 100 or 120 compatibility mode.
Installing vRealize Automation n If the DEM Worker is behind a firewall, HTTPS traffic must be allowed to and from aws.amazon.com as well as the URLs for EC2 regions that your AWS accounts have access to, such as ec2.useast-1.amazonaws.com for the US East region. Each URL resolves to a range of IP addresses, so you might need to use a tool, such as the one available from the Network Solutions Web site, to list and configure these IP addresses.
Installing vRealize Automation n The credentials used to manage the endpoint representing an RHEV environment must have administrator privileges on the RHEV environment. When you use RHEV for provisioning, the DEM Worker communicates with and collects data from that account. n The credentials must also have enough privileges to create objects on the hosts within the environment.
Installing vRealize Automation n The credentials used to manage the endpoint representing an SCVMM instance must have administrator privileges on the SCVMM server. The credentials must also have administrator privileges on the Hyper-V servers within the instance. n To provision machines on an SCVMM resource, the vRealize Automation user who is requesting the catalog item must have the administrator role within the SCVMM instance.
Installing vRealize Automation Table 2‑9. Certificate Implementations Component Minimal Deployment (nonproduction) Distributed Deployment (production-ready) vRealize Automation Appliance Generate a self-signed certificate during appliance configuration. For each appliance cluster, you can use a certificate from an internal or external certificate authority. Multi-use and wildcard certificates are supported.
Installing vRealize Automation Certificate Property Requirements Hash Algorithm SHA1, SHA2, (256, 584, 512) Signature Algorithm RSASSA-PKCS1_V!_5 Key Length 2084, 4096 Note The RSASSA-PSS signature is not supported for vRealize Automation deployments. This signature is the default for a Microsoft CA on Windows 2012 R2. The signature is a configurable parameter, so you must ensure that it is set appropriately when using a Microsoft CA.
Installing vRealize Automation Table 2‑10. Sample Certificate Values and Commands (openssl) Certificate Authority Provides Command Virtual Appliance Entries RSA Private Key openssl pkcs12 -in path _to_.pfx certificate_file -nocerts -out key.pem RSA Private Key PEM File openssl pkcs12 -in path _to_.pfx certificate_file -clcerts -nokeys -out cert.pem Certificate Chain (Optional) Pass Phrase n/a Pass Phrase VMware, Inc.
Deploying the vRealize Automation Appliance 3 The vRealize Automation appliance is delivered as an open virtualization file that you deploy on existing virtualized infrastructure.
Installing vRealize Automation Procedure 1 Select the vSphere Deploy OVF Template option. 2 Enter the path to the vRealize Automation appliance .ovf or .ova file. 3 Review the template details. 4 Read and accept the end-user license agreement. 5 Enter an appliance name and inventory location. When you deploy appliances, use a different name for each one, and do not include nonalphanumeric characters such as underscores ( _ ) in names.
Installing vRealize Automation c For Hostname, enter the appliance FQDN. For best results, enter the FQDN even if using DHCP. Note vRealize Automation supports DHCP, but static IP addresses are recommended for production deployments. d In Network Properties, when using static IP addresses, enter the values for gateway, netmask, and DNS servers. You must also enter the IP address, FQDN, and domain for the appliance itself, as shown in the following example. Figure 3‑1.
Installing vRealize Automation c n n Wait for the virtual machine to start, which might take up to 5 minutes. If you deployed to vSphere, and Power on after deployment is not available on the Ready to Complete page, take the following steps. a After the file finishes deploying into vCenter Server, click Close. b Power on the vRealize Automation appliance. c Wait for the virtual machine to start, which might take up to 5 minutes.
Installing vRealize Automation If you need multiple NICs to be in place before running the vRealize Automation installation wizard, add them after deploying in vCenter but before starting the wizard. Reasons that you might want additional NICs in place early include the following examples: n You want separate user and infrastructure networks. n You need an additional NIC so that IaaS servers can join an Active Directory domain.
Installing vRealize Automation 6 If you are using Split-Brain DNS, verify that all vRealize Automation nodes and VIPs have the same FQDN in DNS for each node IP and VIP. 7 In vCenter, add NICs to IaaS Windows servers. 8 a Right click the IaaS server and select Edit Settings. b Add NICs to the IaaS server virtual machine. In Windows, configure the added IaaS server NICs and their IP addresses. See the Microsoft documentation if necessary.
Installing vRealize Automation with the Installation Wizard 4 The vRealize Automation Installation Wizard provides a simple and fast way to install minimal or enterprise deployments. Before you launch the wizard, you deploy a vRealize Automation appliance and configure IaaS Windows servers to meet prerequisites. The Installation Wizard appears the first time you log in to the newly deployed vRealize Automation appliance. n To stop the wizard and return later, click Logout.
Installing vRealize Automation Procedure 1 Log in as root to the vRealize Automation appliance administration interface. https://vrealize-automation-appliance-FQDN:5480 2 When the Installation Wizard appears, click Next. 3 Accept the license agreement and click Next. 4 On the Deployment Type page, select Minimal deployment and Install Infrastructure as a Service, and click Next.
Installing vRealize Automation 5 Open a Web browser to the vRealize Automation appliance installer URL. https://vrealize-automation-appliance-FQDN:5480/installer 6 Click Management Agent installer, and save and run the .msi file. 7 Read the welcome. 8 Accept the end user license agreement. 9 Accept or change the installation folder. Program Files (x86)\VMware\vCAC\Management Agent 10 Enter vRealize Automation appliance details: a Enter the appliance HTTPS address, including FQDN and :5480 port n
Installing vRealize Automation Completing the Installation Wizard After installing the Management Agent, return to the wizard and follow the prompts. If you need additional instructions about settings, click the Help link at the upper right of the wizard. n When you finish the wizard, the last page displays the path and name to a properties file. You can edit the file and use it to perform a silent vRealize Automation installation with the same or similar settings from your wizard session.
Installing vRealize Automation 3 Accept the End User License Agreement and click Next. 4 On the Deployment Type page, select Enterprise deployment and Install Infrastructure as a Service. 5 On the Installation Prerequisites page, you pause to log in to your IaaS Windows servers and install the Management Agent. The Management Agent allows the vRealize Automation appliance to discover and connect to those IaaS servers. What to do next Install the Management Agent on your IaaS Windows servers.
Installing vRealize Automation 8 Accept the end user license agreement. 9 Accept or change the installation folder. Program Files (x86)\VMware\vCAC\Management Agent 10 Enter vRealize Automation appliance details: a Enter the appliance HTTPS address, including FQDN and :5480 port number. b Enter the appliance root account credentials. c Click Load, and confirm that the fingerprint matches the one you copied earlier. Ignore colons.
Installing vRealize Automation n When you finish the wizard, the last page displays the path and name to a properties file. You can edit the file and use it to perform a silent vRealize Automation installation with the same or similar settings from your wizard session. See Chapter 6 Silent vRealize Automation Installation. n If you created initial content, you can log in to the default tenant as the configurationadmin user and request the catalog items.
The Standard vRealize Automation Installation Interfaces 5 After running the Installation Wizard, you might need or want to perform certain installation tasks manually, through the standard interfaces. The Installation Wizard described in Chapter 4 Installing vRealize Automation with the Installation Wizard is your primary tool for new vRealize Automation installations. However, after you run the wizard, some operations still require the older, manual installation process.
Installing vRealize Automation Minimal Deployment Checklist You install vRealize Automation in a minimal configuration for proof of concept or development work. Minimal deployments require fewer steps to install but lack the production capacity of an enterprise deployment. Complete the high-level tasks in the following order. Table 5‑1. Minimal Deployment Checklist Task Details Plan the environment and address installation prerequisites.
Installing vRealize Automation 3 Select Admin > Time Settings, and set the time synchronization source. Option Description Host Time Synchronize to the vRealize Automation appliance ESXi host. Time Server Synchronize to one external Network Time Protocol (NTP) server. Enter the FQDN or IP address of the NTP server. You must synchronize vRealize Automation appliances and IaaS Windows servers to the same time source. Do not mix time sources within a vRealize Automation deployment.
Installing vRealize Automation If you want to generate a CSR request for a new certificate that you can submit to a certificate authority, select Generate Signing Request. A CSR helps your CA create a certificate with the correct values for you to import.
Installing vRealize Automation 8 Click Messaging. The configuration settings and status of messaging for your appliance is displayed. Do not change these settings. 9 Click the Telemetry tab to choose whether to join the VMware Customer Experience Improvement Program (CEIP). Details regarding the data collected through CEIP and the purposes for which it is used by VMware are set forth at the Trust & Assurance Center at http://www.vmware.com/trustvmware/ceip.html.
Installing vRealize Automation You have finished the deployment and configuration of your vRealize Automation appliance. If the appliance does not function correctly after configuration, redeploy and reconfigure the appliance. Do not make changes to the existing appliance. What to do next See Install the Infrastructure Components. Installing IaaS Components The administrator installs a complete set of infrastructure (IaaS) components on a Windows machine (physical or virtual).
Installing vRealize Automation Install the Infrastructure Components The system administrator logs into the Windows machine and uses the installation wizard to install the IaaS services on the Windows virtual or physical machine. Prerequisites n Verify that the server meets the requirements in IaaS Windows Servers. n Enable Time Synchronization on the Windows Server.
Installing vRealize Automation Prerequisites n Review the IaaS Windows server requirements. See IaaS Windows Servers. n If you are using Internet Explorer for the download, verify that Enhanced Security Configuration is not enabled. Navigate to res://iesetup.dll/SoftAdmin.htm on the Windows server. Procedure 1 Log in to the IaaS Windows server using an account that has administrator rights. 2 Open a Web browser directly to the vRealize Automation appliance installer URL.
Installing vRealize Automation 7 Select Complete Install on the Installation Type page if you are creating a minimal deployment and click Next. Check Prerequisites The Prerequisite Checker verifies that your machine meets IaaS installation requirements. Prerequisites Select the Installation Type. Procedure 1 2 Complete the Prerequisite Check. Option Description No errors Click Next. Noncritical errors Click Bypass. Critical errors Bypassing critical errors causes the installation to fail.
Installing vRealize Automation 4 Accept the default in the Database name text box, or enter the appropriate name if applicable. 5 Select the authentication method. u Select Use Windows authentication if you want to create the database using the Windows credentials of the current user. The user must have SQL sys_admin privileges. u Deselect Use Windows authentication if you want to create the database using SQL authentication.
Installing vRealize Automation Procedure 1 Accept the default Server value, which is populated with the fully qualified domain name of the vRealize Automation appliance server from which you downloaded the installer. Verify that a fully qualified domain name is used to identify the server and not an IP address. If you have multiple virtual appliances and are using a load balancer, enter the load balancer virtual appliance path. 2 Click Load to populate the value of SSO Default Tenant (vsphere.local).
Installing vRealize Automation What to do next Verify IaaS Services. Using the Standard Interfaces for Distributed Deployments Enterprise deployments are designed for greater vRealize Automation capacity in production and require that you distribute components across multiple machines. Enterprise deployments also might include redundant systems behind load balancers.
Installing vRealize Automation vRealize Orchestrator The vRealize Automation appliance includes an embedded version of vRealize Orchestrator that is now recommended for use with new installations. In older deployments or special cases, however, users might connect vRealize Automation to a separate, external vRealize Orchestrator. See https://www.vmware.com/products/vrealize-orchestrator.html.
Installing vRealize Automation In a distributed, or clustered, deployment, vRealize Automation certificate organization largely conforms to the three tiered architectural structure of vRealize Automation. The three tiers are vRealize Automation appliance, IaaS Website components, and Manager Service components. In a distributed system, each hardware machine in a particular tier shares a certificate.
Installing vRealize Automation Configure Web Component, Manager Service and DEM Host Certificate Trust Customers who use a thumb print with pre installed PFX files to support user authentication must configure thumb print trust on the web host, manager service, and DEM Orchestrator and Worker host machines. Customers who import PEM files or use self-signed certificates can ignore this procedure. Prerequisites Valid web.pfx and ms.pfx available for thumb print authentication. Procedure 1 Import the web.
Installing vRealize Automation Table 5‑4. vRealize Automation Appliance Variable My Value Example Primary vRealize Automation appliance FQDN automation.mycompany.com Primary vRealize Automation appliance IP address 123.234.1.105 For reference only; do not enter IP addresses Additional vRealize Automation appliance FQDN automation2.mycompany.com Additional vRealize Automation appliance IP address 123.234.1.
Installing vRealize Automation Table 5‑5. IaaS Windows Servers (Continued) Variable My Value IaaS Web Server load balancer IP address Example 123.234.1.202 For reference only; do not enter IP addresses Active IaaS Manager Service host FQDN mgr-svc.mycompany.com Active IaaS Manager Service host IP address 123.234.1.109 For reference only; do not enter IP addresses Passive IaaS Manager Service host FQDN mgr-svc2.mycompany.com Passive IaaS Manager Service host IP address 123.234.1.
Installing vRealize Automation Table 5‑7. IaaS Distributed Execution Managers (Continued) Variable My Value DEM host IP address Example 123.234.1.
Installing vRealize Automation Configuring Appliances for vRealize Automation After deploying your appliances and configuring load balancing, you configure the appliances for vRealize Automation. Configure the First vRealize Automation Appliance in a Cluster The vRealize Automation appliance is a partially configured virtual machine that hosts the vRealize Automation server and user web portal.
Installing vRealize Automation 4 Select vRA Settings > Host Settings. Option Action Resolve Automatically Select Resolve Automatically to specify the name of the current host for the vRealize Automation appliance. Update Host For new hosts, select Update Host. Enter the fully qualified domain name of the vRealize Automation appliance, vra-hostname.domain.name, in the Host Name text box. For distributed deployments that use load balancers, select Update Host.
Installing vRealize Automation Option Generate Signing Request Import Action a Select Generate Signing Request. b Review the entries in the Organization, Organization Unit, Country Code, and Common Name text boxes. These entries are populated from the existing certificate. You can edit these entries if needed.
Installing vRealize Automation 9 Click Services. All services must be running before you can install a license or log in to the console. They usually start in about 10 minutes. Note You can also log in to the appliance and run tail -f /var/log/vcac/catalina.out to monitor service startup. 10 Enter your license information. a Click vRA Settings > Licensing. b Click Licensing.
Installing vRealize Automation Configuring Additional Instances of the vRealize Automation Appliance The system administrator can deploy multiple instances of the vRealize Automation appliance to ensure redundancy in a high-availability environment. For each vRealize Automation appliance, you must enable time synchronization and add the appliance to a cluster.
Installing vRealize Automation 4 Select vRA Settings > Cluster. 5 Enter the FQDN of a previously configured vRealize Automation appliance in the Leading Cluster Node text box. You can use the FQDN of the primary vRealize Automation appliance, or any vRealize Automation appliance that is already joined to the cluster. 6 Type the root password in the Password text box. 7 Click Join Cluster. 8 Continue past any certificate warnings. Services for the cluster are restarted.
Installing vRealize Automation Install the IaaS Components in a Distributed Configuration The system administrator installs the IaaS components after the appliances are deployed and fully configured. The IaaS components provide access to vRealize Automation Infrastructure features. All components must run under the same service account user, which must be a domain account that has privileges on each distributed IaaS server. Do not use local system accounts.
Installing vRealize Automation 7 Install a Backup Manager Service Component The backup Manager Service provides redundancy and high availability, and may be started manually if the active service stops. 8 Installing Distributed Execution Managers You install the Distributed Execution Manager as one of two roles: DEM Orchestrator or DEM Worker. You must install at least one DEM instance for each role, and you can install additional DEM instances to support failover and high-availability.
Installing vRealize Automation 6 Click on the imported certificate and select View. 7 Verify that the certificate and its chain is trusted. If the certificate is untrusted, you see the message, This CA root certificate is not trusted. Note You must resolve the trust issue before proceeding with the installation. If you continue, your deployment fails. 8 Restart IIS or open an elevated command prompt window and type iisreset. What to do next Download the vRealize Automation IaaS Installer.
Installing vRealize Automation 5 Save setup__vrealize-automation-appliance-FQDN@5480 to the Windows server. Do not change the installer file name. It is used to connect the installation to the vRealize Automation appliance. 6 Download the installer file to each IaaS Windows server on which you are installing components. What to do next Install an IaaS database, see Choosing an IaaS Database Scenario.
Installing vRealize Automation n Open a Web browser to the vRealize Automation appliance installer URL, and download the IaaS database installation scripts. https://vrealize-automation-appliance-FQDN:5480/installer Procedure 1 Navigate to the Database subdirectory in the directory where you extracted the installation zip archive. 2 Extract the DBInstall.zip archive to a local directory.
Installing vRealize Automation What to do next Install the IaaS Components in a Distributed Configuration. Prepare an Empty Database A vRealize Automation system administrator can install the IaaS schema on an empty database. This installation method provides maximum control over database security. Prerequisites n Verify the database installation prerequisites. See IaaS SQL Server Host.
Installing vRealize Automation 9 Paste the entire modified contents of CreateDatabase.sql into the query pane. 10 Below the CreateDatabase.sql content, paste the entire modified contents of SetDatabaseSettings.sql. 11 Click Execute. The script runs and creates the database. What to do next Install the IaaS Components in a Distributed Configuration.
Installing vRealize Automation 7 Select IaaS Server under Component Selection on the Installation Type page. 8 Accept the root install location or click Change and select an installation path. Even in a distributed deployment, you might sometimes install more than one IaaS component on the same Windows server. If you install more than one IaaS component, always install them to the same path. 9 Click Next. 10 On the IaaS Server Custom Install page, select Database.
Installing vRealize Automation 17 Complete the Prerequisite Check. Option Description No errors Click Next. Noncritical errors Click Bypass. Critical errors Bypassing critical errors causes the installation to fail. If warnings appear, select the warning in the left pane and follow the instructions on the right. Address all critical errors and click Check Again to verify. 18 Click Install. 19 When the success message appears, deselect Guide me through initial configuration and click Next.
Installing vRealize Automation You can install multiple IaaS Web servers, but only the first one includes Model Manager Data. Prerequisites n Create the IaaS Database Using the Installation Wizard. n Verify that the server meets the requirements in IaaS Windows Servers. n If you already installed other IaaS components, know the database passphrase that you created. n If you are using load balancers in your environment, verify that they meet the configuration requirements.
Installing vRealize Automation 11 Select Website and ModelManagerData on the IaaS Server Custom Install page. 12 Select a Web site from available Web sites or accept the default Web site on the Administration & Model Manager Web Site tab. 13 Type an available port number in the Port number text box, or accept the default port 443. 14 Click Test Binding to confirm that the port number is available for use. 15 Select the certificate for this component.
Installing vRealize Automation 4 Click Download to import the certificate from the virtual appliance. It might take several minutes to download the certificate. 5 (Optional) Click View Certificate, view the certificate, and click OK to close the information window. 6 Click Accept Certificate. 7 Enter administrator@vsphere.local in the User name text box and enter the password you created when you configured the SSO in the Password and Confirm text boxes.
Installing vRealize Automation 14 Provide the passphrase used to generate the encryption key that protects the database. Option Description If you have already installed components in this environment Type the passphrase you created previously in the Passphrase and Confirm text boxes. If this is the first installation Type a passphrase in the Passphrase and Confirm text boxes. You must use this passphrase every time you install a new component. Keep this passphrase in a secure place for later use.
Installing vRealize Automation 3 Click Next. 4 Accept the license agreement and click Next. 5 On the Log in page, supply administrator credentials for the vRealize Automation appliance and verify the SSL Certificate. a Type the user name, which is root, and the password. The password is the password that you specified when you deployed the vRealize Automation appliance. b Select Accept Certificate. c Click View Certificate.
Installing vRealize Automation 16 (Optional) Click View Certificate, view the certificate, and click OK to close the information window. 17 (Optional) Select Suppress certificate mismatch to suppress certificate errors. The installation ignores certificate name mismatch errors as well as any remote certificate-revocation list match errors. This is a less secure option. 18 In the IaaS Server text box, identify the first IaaS Web server component.
Installing vRealize Automation 24 Specify the IaaS database server, database name, and authentication method for the database server in the Microsoft SQL Database Installation Information text box. This is the IaaS database server, name, and authentication information that you created previously. 25 Click Next. 26 Click Install. 27 When the installation finishes, deselect Guide me through the initial configuration and click Next. What to do next Install the Active Manager Service.
Installing vRealize Automation 4 On the Log in page, supply administrator credentials for the vRealize Automation appliance and verify the SSL Certificate. a Type the user name, which is root, and the password. The password is the password that you specified when you deployed the vRealize Automation appliance. b Select Accept Certificate. c Click View Certificate. Compare the certificate thumbprint with the thumbprint set for the vRealize Automation appliance.
Installing vRealize Automation 16 Select the certificate for this component. a If you imported a certificate after you began the installation, click Refresh to update the list. b Select the certificate to use from Available certificates. c If you imported a certificate that does not have a friendly name and it does not appear in the list, deselect Display certificates using friendly names and click Refresh.
Installing vRealize Automation n You can install another instance of the Manager Service component as a passive backup that you can start manually if the active instance fails. See Install a Backup Manager Service Component. n A system administrator can change the authentication method used to access the SQL database during run time (after the installation is complete). See Configuring Windows Service to Access the IaaS Database.
Installing vRealize Automation 5 On the Log in page, supply administrator credentials for the vRealize Automation appliance and verify the SSL Certificate. a Type the user name, which is root, and the password. The password is the password that you specified when you deployed the vRealize Automation appliance. b Select Accept Certificate. c Click View Certificate. Compare the certificate thumbprint with the thumbprint set for the vRealize Automation appliance.
Installing vRealize Automation 17 Select the certificate for this component. a If you imported a certificate after you began the installation, click Refresh to update the list. b Select the certificate to use from Available certificates. c If you imported a certificate that does not have a friendly name and it does not appear in the list, deselect Display certificates using friendly names and click Refresh.
Installing vRealize Automation n A system administrator can change the authentication method used to access the SQL database during run time (after the installation is complete). See Configuring Windows Service to Access the IaaS Database. Installing Distributed Execution Managers You install the Distributed Execution Manager as one of two roles: DEM Orchestrator or DEM Worker.
Installing vRealize Automation 4 On the Log in page, supply administrator credentials for the vRealize Automation appliance and verify the SSL Certificate. a Type the user name, which is root, and the password. The password is the password that you specified when you deployed the vRealize Automation appliance. b Select Accept Certificate. c Click View Certificate. Compare the certificate thumbprint with the thumbprint set for the vRealize Automation appliance.
Installing vRealize Automation 15 (Optional) Enter a description of this instance in DEM description. 16 Enter the host names and ports in the Manager Service Host name and Model Manager Web Service Host name text boxes. Option Description With a load balancer Enter the fully qualified domain name and port number of the load balancers for the Manager Service component and the Web server that hosts Model Manager, mgr-svc-load-balancer.mycompany.com:443 and web-loadbalancer.mycompany.com:443.
Installing vRealize Automation Procedure 1 Stop the DEM Worker service. 2 Open the following file in a text editor. Program Files (x86)\VMware\vCAC\Distributed Execution Manager\instancename\DynamicOps.DEM.exe.config 3 Locate the section. 4 Update each path, using the following example as a guideline. PAGE 97Installing vRealize Automation Procedure 1 Navigate to the Database subdirectory within the directory where you extracted the installation zip archive. 2 Extract the DBInstall.zip archive to a local directory. 3 Log in to the database host as a user with the sysadmin role in the SQL Server instance. 4 Edit VMPSOpsUser.sql and replace all instances of $(Service User) with user (from Step 3) under which the Manager Service will run.
Installing vRealize Automation 5 Replace Integrated Security=True; with User Id=database-username;Password=database-password; 6 Save and close the files. ManagerService.exe.config Web.config 7 Start the VMware vCloud Automation Center service. 8 Use the iisreset command to restart IIS. Verify IaaS Services After installation, the system administrator verifies that the IaaS services are running. If the services are running, the installation is a success.
Installing vRealize Automation For high-availability, you can install multiple agents for a single endpoint. Install each redundant agent on a separate server, but name and configure them identically. Redundant agents provide some fault tolerance, but do not provide failover. For example, if you install two vSphere agents, one on server A and one on server B, and server A becomes unavailable, the agent installed on server B continues to process work items.
Installing vRealize Automation Table 5‑11. Choosing an Agent Scenario Integration Scenario Agent Requirements and Procedures Provision cloud machines by integrating with a cloud environment such as Amazon Web Services or Red Hat Enterprise Linux OpenStack Platform. You do not need to install an agent. Provision virtual machines by integrating with a vSphere environment.
Installing vRealize Automation Credentials When creating an endpoint representing the vCenter Server instance to be managed by a vSphere agent, the agent can use the credentials that the service is running under to interact with the vCenter Server or specify separate endpoint credentials. The following table lists the permissions that the vSphere endpoint credentials must have to manage a vCenter Server instance.
Installing vRealize Automation Table 5‑12. Permissions Required for vSphere Agent to Manage vCenter Server Instance (Continued) Attribute Value Permission Remove Disk Advanced Change CPU Count Change Resource Extend Virtual Disk Disk Change Tracking Memory Modify Device Settings Rename Set Annotation (version 5.
Installing vRealize Automation n If you already created a vSphere endpoint for use with this agent, make a note of the endpoint name. n Download the vRealize Automation IaaS Installer. Procedure 1 Right-click the setup__vrealize-automation-appliance-FQDN@5480.exe setup file and select Run as administrator. 2 Click Next. 3 Accept the license agreement and click Next. 4 On the Log in page, supply administrator credentials for the vRealize Automation appliance and verify the SSL Certificate.
Installing vRealize Automation 12 Enter an identifier for this agent in the Agent name text box. Maintain a record of the agent name, credentials, endpoint name, and platform instance for each agent. You need this information to configure endpoints and to add hosts in the future. Important For high availability, you may add redundant agents and configure them identically. Otherwise, keep agents unique. Option Description Redundant agent Install redundant agents on different servers.
Installing vRealize Automation 20 Click Next. 21 Click Finish. 22 Verify that the installation is successful. 23 (Optional) Add multiple agents with different configurations and an endpoint on the same system. What to do next Configure the vSphere Agent. Configure the vSphere Agent Configure the vSphere agent in preparation for creating and using vSphere endpoints within vRealize Automation blueprints.
Installing vRealize Automation 5 (Optional) To configure the virtual machine deletion policy, use the following command. set doDeletes For example: DynamicOps.Vrm.VRMencrypt.exe VRMAgent.exe.config set doDeletes false Option Description true (Default) Delete virtual machines destroyed in vRealize Automation from vCenter Server. false Move virtual machines destroyed in vRealize Automation to the VRMDeleted directory in vCenter Server.
Installing vRealize Automation Prerequisites n Install IaaS, including the Web server and Manager Service host. n Download the vRealize Automation IaaS Installer. n Verify that Hyper-V Hypervisor proxy agents have system administrator credentials. n Verify that the credentials under which to run the agent service have administrative access to the installation host. n Verify that all XenServer or Hyper-V instances on the hosts to be managed by the agent have administrator-level credentials.
Installing vRealize Automation 7 Accept the root install location or click Change and select an installation path. Even in a distributed deployment, you might sometimes install more than one IaaS component on the same Windows server. If you install more than one IaaS component, always install them to the same path. 8 Click Next. 9 Log in with administrator privileges for the Windows services on the installation machine. The service must run on the same installation machine. 10 Click Next.
Installing vRealize Automation 15 Configure a connection to the IaaS Web server. Option Description With a load balancer Enter the fully qualified domain name and port number of the load balancer for the Web server component, web-load-balancer.mycompany.com:443. Do not enter IP addresses. Without a load balancer Enter the fully qualified domain name and port number of the machine where you installed the Web server component, web.mycompany.com:443. Do not enter IP addresses. The default port is 443.
Installing vRealize Automation 2 View the current configuration settings. Enter DynamicOps.Vrm.VRMencrypt.exe VRMAgent.exe.config get The following is an example of the output of the command: Username: XSadmin 3 Enter the set command to change a property, where property is one of the options shown in the table. Dynamic0ps.Vrm.VRMencrypt.exe VRMAgent.exe.config set property value If you omit value, the utility prompts you for a new value.
Installing vRealize Automation You can install a general VDI agent to interact with multiple servers. If you are installing one dedicated agent per server for load balancing or authorization reasons, you must provide the name of the XenDesktop DDC server when installing the agent. A dedicated agent can handle only registration requests directed to the server specified in its configuration.
Installing vRealize Automation Procedure 1 In Citrix XenCenter, select your XenPool or standalone XenServer and click the General tab. Record the UUID. 2 When you add your XenServer Pool or standalone host to XenDesktop, type the UUID that was recorded in the previous step as the Connection name. Install the XenDesktop Agent Virtual desktop integration (VDI) PowerShell agents integrate with external virtual desktop system, such as XenDesktop and Citrix.
Installing vRealize Automation 8 Accept the root install location or click Change and select an installation path. Even in a distributed deployment, you might sometimes install more than one IaaS component on the same Windows server. If you install more than one IaaS component, always install them to the same path. 9 Click Next. 10 Log in with administrator privileges for the Windows services on the installation machine. The service must run on the same installation machine. 11 Click Next.
Installing vRealize Automation 16 Click Test to verify connectivity to each host. 17 Select the VDI version. 18 Enter the fully qualified domain name of the managed server in the VDI Server text box. 19 Click Add. 20 Click Next. 21 Click Install to begin the installation. After several minutes a success message appears. 22 Click Next. 23 Click Finish. 24 Verify that the installation is successful. 25 (Optional) Add multiple agents with different configurations and an endpoint on the same system.
Installing vRealize Automation Citrix Agent Host Requirements PowerShell and Citrix Provisioning Services SDK must be installed on the installation host prior to agent installation. Consult the vRealize Automation Support Matrix on the VMware Web site for details. Verify that Microsoft PowerShell is installed on the installation host before agent installation. The version required depends on the operating system of the installation host. See Microsoft Help and Support.
Installing vRealize Automation 5 Select Custom Install on the Installation Type page. 6 Select Component Selection on the Installation Type page. 7 Accept the root install location or click Change and select an installation path. Even in a distributed deployment, you might sometimes install more than one IaaS component on the same Windows server. If you install more than one IaaS component, always install them to the same path. 8 Click Next.
Installing vRealize Automation 14 Configure a connection to the IaaS Web server. Option Description With a load balancer Enter the fully qualified domain name and port number of the load balancer for the Web server component, web-load-balancer.mycompany.com:443. Do not enter IP addresses. Without a load balancer Enter the fully qualified domain name and port number of the machine where you installed the Web server component, web.mycompany.com:443. Do not enter IP addresses. The default port is 443.
Installing vRealize Automation When executing a script, the EPI agent passes all machine custom properties as arguments to the script. To return updated property values, you must place these properties in a dictionary and call a vRealize Automation function. A sample script is included in the scripts subdirectory of the EPI agent installation directory.
Installing vRealize Automation Procedure 1 Right-click the setup__vrealize-automation-appliance-FQDN@5480.exe setup file and select Run as administrator. 2 Click Next. 3 Accept the license agreement and click Next. 4 On the Log in page, supply administrator credentials for the vRealize Automation appliance and verify the SSL Certificate. a Type the user name, which is root, and the password. The password is the password that you specified when you deployed the vRealize Automation appliance.
Installing vRealize Automation 12 Enter an identifier for this agent in the Agent name text box. Maintain a record of the agent name, credentials, endpoint name, and platform instance for each agent. You need this information to configure endpoints and to add hosts in the future. Important For high availability, you may add redundant agents and configure them identically. Otherwise, keep agents unique. Option Description Redundant agent Install redundant agents on different servers.
Installing vRealize Automation 22 Click Finish. 23 Verify that the installation is successful. 24 (Optional) Add multiple agents with different configurations and an endpoint on the same system. Installing the WMI Agent for Remote WMI Requests A system administrator enables the Windows Management Instrumentation (WMI) protocol and installs the WMI agent on all managed Windows machines to enable management of data and operations.
Installing vRealize Automation 4 On the Log in page, supply administrator credentials for the vRealize Automation appliance and verify the SSL Certificate. a Type the user name, which is root, and the password. The password is the password that you specified when you deployed the vRealize Automation appliance. b Select Accept Certificate. c Click View Certificate. Compare the certificate thumbprint with the thumbprint set for the vRealize Automation appliance.
Installing vRealize Automation 13 Configure a connection to the IaaS Manager Service host. Option Description With a load balancer Enter the fully qualified domain name and port number of the load balancer for the Manager Service component, mgr-svc-load-balancer.mycompany.com:443. Do not enter IP addresses. Without a load balancer Enter the fully qualified domain name and port number of the machine where you installed the Manager Service component, mgr-svc.mycompany.com:443. Do not enter IP addresses.
Silent vRealize Automation Installation 6 vRealize Automation includes options for scripted, silent installation from the command line, and APIbased silent installation. Both approaches require that you prepare, in advance, the values that you would normally enter by hand during a conventional installation.
Installing vRealize Automation Prerequisites n Create an unconfigured appliance. See Deploy the vRealize Automation Appliance. n Create or identify your IaaS Windows servers, and configure their prerequisites. n Install the Management Agent on your IaaS Windows servers. You may install the Management Agent using the traditional .msi file download or the silent process described in Perform a Silent vRealize Automation Management Agent Installation.
Installing vRealize Automation Procedure 1 Log in to the IaaS Windows server using an account that has administrator rights. 2 Open a Web browser to the vRealize Automation appliance installer URL. https://vrealize-automation-appliance-FQDN:5480/installer 3 Right-click the link to the InstallManagementAgent.ps1 PowerShell script file, and save it to the desktop or a folder on the IaaS Windows server. 4 Open InstallManagementAgent.ps1 in a text editor.
Installing vRealize Automation n Load balancer FQDNs n SQL Server database parameters n Proxy agent parameters to connect to virtualization resources n Whether the silent installer should attempt to correct missing IaaS Windows server prerequisites The silent installer can correct many missing Windows prerequisites. However, some configuration problems, such as not enough CPU, cannot be changed by the silent installer. To save time, you can reuse and modify an ha.
Installing vRealize Automation Run Commands Most command-line functions involve running a command against a node in the vRealize Automation cluster. To run a command, use the following syntax. vra-command execute --node node-ID command-name --parameter-name parameter-value As shown in the preceding syntax, many commands require parameters, and parameter values, selected by the user. Display Command Status Some commands take a few moments or even longer to finish.
Installing vRealize Automation The long list of command names and parameters is not reproduced in separate documentation. To use the list effectively, identify a command of interest, and narrow your focus by entering the following command. vra-command help command-name The vRealize Automation Installation API The vRealize Automation REST API for installation gives you the ability to create purely softwarecontrolled installations for vRealize Automation.
Installing vRealize Automation Installation can take a long time depending on the deployment size. Again, locate the command ID, and use the aggregated status GET command to obtain installation progress. The GET response might resemble the following example. "progress": "78%", "counts": {"failed": 0, "completed": 14, "total": 18, "queued": 3, "processing": 1}, "failed-commands": 0 n If something goes wrong with the installation, you can trigger log collection for all nodes using the following command.
Installing vRealize Automation You can also display help for the script. /usr/lib/vcac/tools/install/convert-properties –-help VMware, Inc.
vRealize Automation PostInstallation Tasks 7 After you install vRealize Automation, there are post-installation tasks that might need your attention.
Installing vRealize Automation 2 Click vRA Settings > Host Settings. 3 Near the upper right, click the button to enable or disable FIPS. When enabled, inbound and outbound vRealize Automation appliance network traffic on port 443 uses FIPS 140–2 compliant encryption. Regardless of the FIPS setting, vRealize Automation uses AES–256 compliant algorithms to protect secured data stored on the vRealize Automation appliance.
Installing vRealize Automation Starting in vRealize Automation 7.3, you no longer have to manually start or stop the Manager Service on each Windows server, to control which serves as primary or backup. Automatic Manager Service failover is enabled by default in the following cases. n When you install vRealize Automation silently or with the Installation Wizard. n When you upgrade IaaS through the administration interface or with the automatic upgrade script.
Installing vRealize Automation 4 If manualFailoverNeeded is true, perform a manual failover. For information about performing a manual failover, see Managing vRealize Automation. Replacing Self-Signed Certificates with Certificates Provided by an Authority If you installed vRealize Automation with self-signed certificates, you might want to replace them with certificates provided by a certificate authority before deploying to production.
Installing vRealize Automation When you specify a certificate file, the renaming command also imports the certificate and returns the certificate ID. A certificate file must be in the same format as the text output of the /config/ssl/generatecertificate API command and contain the new DNS name in its SAN field. 5 Wait up to 15 minutes or more for the renaming process to finish. The command actions take a few minutes, followed by several additional minutes for service re-registration.
Installing vRealize Automation 4 Expand OVF Settings, and enable the ISO image option. Figure 7‑1. OVF Environment and ISO Image Options 5 Click OK. 6 Start the vRealize Automation appliance that you are changing. 7 Log in as root to the vRealize Automation appliance management interface. https://vrealize-automation-appliance-FQDN:5480 8 Click the Network tab. 9 Below the tabs, click Address. 10 Update the IP address. 11 At the upper right, click Save Settings.
Installing vRealize Automation 16 Start vRealize Automation services on IaaS servers. 17 Log in as root to the vRealize Automation appliance management interface. https://vrealize-automation-appliance-FQDN:5480 18 Verify vRealize Automation appliance status in the following areas.
Installing vRealize Automation 2 In Windows, change the IP address. Look for the IP address in the Windows network adapter settings, under Internet Protocol properties. 3 Refresh your local DNS with the changes. Refreshing DNS ensures that the IaaS Windows servers can find each other and that you can reconnect to a Windows server if you are disconnected. 4 On the Manager Service host, inspect the following file in a text editor. install-folder\vCAC\Server\ManagerService.exe.
Installing vRealize Automation 2 On the IaaS server, use IIS Manager to stop the vRealize Automation application pools: Repository, VMware vRealize Automation, and Wapi. 3 On the IaaS server, use Administrative Tools > Services to stop all vRealize Automation services, agents, and DEMs. 4 In DNS, create an additional record with the new host name. Do not remove the existing DNS record with the old host name yet. 5 Wait for DNS replication and zone distribution to occur.
Installing vRealize Automation Table 7‑1. Files to Update When Changing a Web Node Host Name (Continued) IaaS Server Path File Agent nodes install-folder\Agents\agent-name RepoUtil.exe.config install-folder\Agents\agent-name VRMAgent.exe.config Table 7‑2. Files to Update When Changing a Manager Service Node Host Name IaaS Server Path File DEM Orchestrator nodes install-folder\Distributed Execution Manager\DEM-name DynamicOps.DEM.exe.config DEM Worker nodes install-folder\Distributed Executio
Installing vRealize Automation 2 Install vRealize Automation, entering the appliance or load balancer name as usual. During installation, import the customized certificate. 3 After installing, in DNS, create a CNAME alias of Common Name, and point it to the appliance or load balancer VIP address. 4 Log in to the vRealize Automation appliance administrator interface as root.
Installing vRealize Automation 5 Restart the vRealize Automation appliance. In an HA environment, make the same change to all vRealize Automation appliances. Change a vRealize Automation Appliance FQDN Back to the Original FQDN In some cases, a vRealize Automation appliance FQDN might change when you do not want it to. For example, the FQDN changes if you create an Integrated Windows Authentication (IWA) directory for a domain other than the domain that the appliance is on.
Installing vRealize Automation To: c 5 Save and close VMware.IaaS.Management.Agent.exe.Config. Log in as root to the vRealize Automation appliance management interface. https://vrealize-automation-appliance-FQDN:5480 6 Go to vRA settings > Messaging and click Reset RabbitMQ Cluster.
Installing vRealize Automation Prerequisites Completely install vRealize Automation to your vCenter environment. Procedure 1 2 In vCenter, add NICs to each vRealize Automation appliance. a Right click the appliance and select Edit Settings. b Add VMXNETn NICs. c If it is powered on, restart the appliance. Log in to the vRealize Automation appliance management interface as root. https://vrealize-automation-appliance-FQDN:5480 3 Select Network, and verify that multiple NICs are available.
Installing vRealize Automation Prerequisites Add multiple NICs to vRealize Automation appliances or IaaS Windows servers. Procedure 1 Log in to the vRealize Automation appliance command line as root. 2 Open the routes file in a text editor. /etc/sysconfig/network/routes 3 Locate the default line for the default gateway, but do not modify it. Note In cases where the default gateway needs to change, use the vRealize Automation management interface instead.
Installing vRealize Automation n Verify that all nodes in your vRealize Automation installation are up and running. If you attempt to install or remove a patch without all nodes running, the vRealize Automation appliance management interface might become unresponsive. If that happens, contact technical support. Do not attempt to manage patches through other means or use vRealize Automation until you resolve the issue.
Installing vRealize Automation 2 Click Upload Patch. 3 Find and select the patch file. 4 After the patch uploads, review the patch details. 5 If you have the wrong patch, cancel by clicking Remove. Otherwise, click Install. 6 Verify that you followed the prerequisites, and click Install. It might take several minutes to install the patch. 7 Click Done. If patch installation fails, you can click Retry to try again, or Remove to cancel.
Installing vRealize Automation Configure Access to the Default Tenant You must grant your team access rights to the default tenant before they can begin configuring vRealize Automation. The default tenant is automatically created when you configure single sign-on in the installation wizard. You cannot edit the tenant details, such as the name or URL token, but you can create new local users and appoint additional tenant or IaaS administrators at any time.
Installing vRealize Automation What to do next Provide your team with the access URL and log in information for the user accounts you created so they can begin configuring vRealize Automation. n Your tenant administrators configure settings such as user authentication, including configuring Directories Management for high availability. See Configuring vRealize Automation. n Your IaaS administrators prepare external resources for provisioning. See Configuring vRealize Automation.
Troubleshooting a vRealize Automation Installation 8 vRealize Automation troubleshooting provides procedures for resolving issues you might encounter when installing or configuring vRealize Automation.
Installing vRealize Automation Log Default Location Installation Logs C:\Program Files (x86)\vCAC\InstallLogs C:\Program Files (x86)\VMware\vCAC\Server\ConfigTool\Log WAPI Installation Logs C:\Program Files (x86)\VMware\vCAC\Web API\ConfigTool\Logfilename WapiConfiguration IaaS Logs IaaS logs are in the following locations. Log Default Location Website Logs C:\Program Files (x86)\VMware\vCAC\Server\Website\Logs Repository Log C:\Program Files (x86)\VMware\vCAC\Server\Model Manager Web\Logs
Installing vRealize Automation Roll Back a Minimal Installation A system administrator must manually remove some files and revert the database to completely uninstall a failed vRealize Automation IaaS installation. Procedure 1 If the following components are present, uninstall them with the Windows uninstaller.
Installing vRealize Automation n vRealize Automation WAPI Note If you see the following message, restart the machine and then follow this procedure: Error opening installation log file. Verify that the specified log file location exists and it is writable. Note If the Windows system has been reverted or you have uninstalled IaaS, you must run the iisreset command before you reinstall vRealize Automation IaaS. 2 Revert your database to the state it was in before the installation was started.
Installing vRealize Automation To see which log files were collected, unzip the support bundle and open the Environment.html file in a Web browser. Without connectivity, IaaS components might appear in red in the Nodes table. Another reason that the IaaS logs are missing might be that the vRealize Automation management agent service has stopped on IaaS Windows servers that appear in red.
Installing vRealize Automation b n Select Admin > Time Settings, and set the time synchronization source. Option Description Host Time Synchronize to the vRealize Automation appliance ESXi host. Time Server Synchronize to one external Network Time Protocol (NTP) server. Enter the FQDN or IP address of the NTP server. For IaaS Windows servers, see Enable Time Synchronization on the Windows Server.
Installing vRealize Automation Problem If a certificate issue occurs with vcac-config.exe when upgrading a security certificate, you might see the following message: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel You can find more information about the cause of the issue by using the following procedure. Solution 1 Open vcac-config.exe.
Installing vRealize Automation 5 Click Save Settings. What to do next Configuring to use a proxy might affect VMware Identity Manager user access. To correct the issue, see Proxy Prevents VMware Identity Manager User Log In. Console Steps for Initial Content Configuration There is an alternative to using the vRealize Automation installation interface to create the configuration administrator account and initial content.
Installing vRealize Automation 5 Execute the workflow to configure initial content: /usr/bin/python /opt/vmware/share/htdocs/service/wizard/initialcontent/workfl owexecutor.py --host $CURRENT_VA_HOSTNAME --username $SSO_ADMIN_USERNAME -password $SSO_ADMIN_PASSWORD --workflowid ef00fce2-80ef-4b48-96b5fdee36981770 --configurationAdminPassword $CONFIGURATIONADMIN_PASSWORD Cannot Downgrade vRealize Automation Licenses An error occurs when you submit the license key of a lower product edition.
Installing vRealize Automation 2 Check the other vRealize Automation appliance troubleshooting topics. 3 Download the setup file and reconnect to the vRealize Automation appliance. Encryption.key File has Incorrect Permissions A system error can result when incorrect permissions are assigned to the Encryption.key file for a virtual appliance. Problem You log in to vRealize Automation appliance and the Tenants page is displayed. After the page has begun loading, you see the message System Error.
Installing vRealize Automation Problem The horizon-workspace service cannot start due an error similar to the following: Error creating bean with name 'liquibase' defined in class path resource [spring/datastore-wireup.xml]: Invocation of init method failed; nested exception is liquibase.exception.LockException: Could not acquire change log lock.
Installing vRealize Automation 10 Close the Postgres shell. exit 11 Start the horizon-workspace service. #service horizon-workspace start Incorrect Appliance Role Assignments After Failover After a failover occurs, master and replica vRealize Automation appliance nodes might not have the correct role assignment, which affects all services that require database write access.
Installing vRealize Automation Problem The master node runs out of disk space. You log in to its management interface Database page, and promote a replica node with enough space to become the new master. Promotion appears to succeed when you refresh the management interface page, even though an error message occurred. Later, on the node that was the old master, you free up the disk space. After you promote the node back to master, however, provisioning operations fail by being stuck IN_PROGRESS.
Installing vRealize Automation 3 Click Services. 4 In the list of services, look for a service that is not in the correct state or has other problems. 5 If a faulty service is the iaas-service, go to the next step. Otherwise, to have vRealize Automation re-register the service, log in to a console session on the vRealize Automation appliance as root, and restart vRealize Automation by entering the following command.
Installing vRealize Automation C:\Program Files (x86)\VMware\vCAC\Server\Model Manager Web\Web.config The SQL user must have DBO privileges on the database. f Register the endpoints by running the following commands: "C:\Program Files (x86)\VMware\vCAC\Server\Model Manager Data\Cafe\Vcac-Config.exe" RegisterEndpoint --EndpointAddress https://IaaS-Web-server-or-load-balancer-IP-or-FQDN /vcac -Endpoint ui -v "C:\Program Files (x86)\VMware\vCAC\Server\Model Manager Data\Cafe\Vcac-Config.
Installing vRealize Automation Cause Starting in version 7.3, the vRealize Automation appliance can support dual NICs. However, the engineering template on which the appliance is based prevents the management interface from working properly until you apply the solution. Solution After adding an additional NIC, restart the vRealize Automation appliance.
Installing vRealize Automation 2 Open the following file in a text editor. /usr/local/horizon/conf/runtime-config.properties 3 Increase the analytics.maxQueryDays property. 4 Save and close runtime-config.properties. 5 Restart the identity manager and elastic search services.
Installing vRealize Automation 2 Stop the RabbitMQ service. service rabbitmq-server stop 3 Open the following file in a text editor. /etc/rabbitmq/rabbitmq-env.conf 4 Set the following property to true. USE_LONGNAME=true 5 Save and close rabbitmq-env.conf. 6 Reset RabbitMQ. vcac-vami rabbitmq-cluster-config reset-rabbitmq-node 7 On just one vRealize Automation appliance node, run the following script.
Installing vRealize Automation 4 After adding .NET Framework 3.5, rerun the vRealize Automation Prerequisite Checker. Validating Server Certificates for IaaS You can use the vcac-Config.exe command to verify that an IaaS server accepts vRealize Automation appliance and SSO appliance certificates. Problem You see authorization errors when using IaaS features. Cause Authorization errors can occur when IaaS does not recognize security certificates from other components.
Installing vRealize Automation Save Settings Warning Appears During IaaS Installation Message appears during IaaS Installation. Warning: Could not save settings to the virtual appliance during IaaS installation. Problem An inaccurate error message indicating that user settings have not been saved appears during IaaS installation. Cause Communication or network problems can cause this message to appear erroneously. Solution Ignore the error message and proceed with the installation.
Installing vRealize Automation Solution 1 Clear the Windows authentication check box. 2 Click Save. 3 Select the Windows authentication check box. 4 Click Save. 5 Rerun the Prerequisite Checker. Failed to Install Model Manager Data and Web Components Your vRealize Automation installation can fail if the IaaS installer is unable to save the Model Manager Data component and Web component.
Installing vRealize Automation n From a Web browser, check the status of the MetaModel service and verify that no certificate errors appear: https://FQDN-or-IP/repository/data/MetaModel.svc n Certificate Name Mismatch This error can occur when the certificate is issued to a particular name and a different name or IP address is used. You can suppress the certificate name mismatch error during installation by selecting Suppress certificate mismatch.
Installing vRealize Automation Cause vRealize Automation IaaS is built on Microsoft Windows Communication Foundation (WCF), which does not support FIPS. Solution On the IaaS Windows server, disable the FIPS policy. 1 Go to Start > Control Panel > Administrative tools > Local Security Policy. 2 In the Group Policy dialog, under Local Policies, select Security Options. 3 Find and disable the following entry. System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing.
Installing vRealize Automation Cause This can occur if Windows Installer Logging is enabled, but the Windows Installer engine cannot properly write the uninstallation log file. For more information, see Microsoft Knowledge Base article 2564571. Solution 1 Restart your machine or restart explorer.exe from the Task Manager. 2 Uninstall the agent.
Installing vRealize Automation 9 Click OK. 10 Remove machines that are stuck in the Clone Workflow state. a Log in to the vRealize Automation product interface. https://vrealize-automation-appliance-FQDN/vcac/tenant-name b Navigate to Infrastructure > Managed Machines. c Right click the target machine. d Select Delete to remove the machine.
Installing vRealize Automation Solution You can use the following XSLT templates: n ArchivePeriodExpired n EpiRegister n EpiUnregister n LeaseAboutToExpire n LeaseExpired n LeaseExpiredPowerOff n ManagerLeaseAboutToExpire n ManagerLeaseExpired n ManagerReclamationExpiredLeaseModified n ManagerReclamationForcedLeaseModified n ReclamationExpiredLeaseModified n ReclamationForcedLeaseModified n VdiRegister n VdiUnregister Email templates are located in the \Templates directory unde
Installing vRealize Automation Cause The UPN entered must adhere to a yourname.admin@yourdomain format, for example if you log in using jsmith.admin@sqa.local as the user name but the UPN in the Active Directory is only set as jsmith.admin, the login fails. Solution To correct the problem change the userPrincipalName value to include the needed @yourdomain content and retry login. In this example the UPN name should be jsmith.admin@sqa.local.
Installing vRealize Automation Proxy Prevents VMware Identity Manager User Log In Configuring to use a proxy might prevent VMware Identity Manager users from logging in. Problem You configure vRealize Automation to access the network through a proxy server, and VMware Identity Manager users see the following error when they attempt to log in. Error Unable to get metadata Solution Prerequisites Configure vRealize Automation to access the network through a proxy server.
