This post is a follow up from my previous post about the introduction to the vCenter Orchestration and it’s architecture within the vCenter system infrastructure. The first part can be found at https://www.pascalswereld.nl/post/84118414428/introduction-to-automation-via-vcenter-orchestrator.
This part will handle the installation options and the initial configuration before starting to use the system.
For the installation of vCenter Orchestration we have the following options:
- Use the vCenter server installation to install vOrchestrator with your vCenter server. This is the default and simplest way.
- Use the installer on the vCenter installation media to install the vCenter Orchestrator separately from your vCenter server. This is especially for dedicated Orchestration servers or role separation. The installer can be found on the media in the directory vCenter-ServervCO and the application installer is vCenterOrchestrator.exe. This also minimize the hassle of the initial configuration as those are moved to the installed (;-)), just add the vCenter connection in the vSphere web client.
- Use the vCenter Orchestration Virtual Appliance to deploy as a OVF in your infrastructure.
I have installed vOrchestrator from the vCenter Server installer. This installs to the vCenter location as defined in the installer input. The directory within the infrastructure structure is called Orchestrator. The installer creates two services, namely the VMware vCenter Orchestrator configuration service for the web configuration, and VMware vCenter Orchestrator Server for the service (where the vCenter and web client connection will be to). These services open web service for port 8283 for the configuration and 8281 for the Orchestrator API. These services are installed in a stopped manual state.
For a small environment with testing or just a small amount of workflows the default vCenter or embedded database can be used. But for a production environment a specific database is highly recommended. I have setup a MSSQL 2008R2 database to be connected to from vCenter Orchestrator. This is an empty database with 1GB space and 10% growth. The databases will be created from the configuration.
For the initial installation we start up the VMware vCenter Orchestrator configuration service and set this to automatic. After the system starts up, we can connect a browser to https:<servername>:8283/
The initial username and password is, vmware with password vmware. The default password is changed upon connecting. The vmware user cannot be changed.
We see some greens (hooray) and some reds (boooo).
First up check the network settings. These should be okay. Next up import the SSL certificate of the vCenter server. Go to Network – SSL Trust Manager
Fill in the details of your vCenter server at Import from URL. I have installed this on the same host, so https://localhost is sufficient. This needs to be repeated from every vCenter you want to add (a maximum of 20 per Orchestrator).
Next up settings the authentication method. Orchestrator supports LDAP and SSO authentication. If we want Orchestrator to work from the web client we need SSO setup.
We have to import the SSO certificate in SSL Trust Manager. Import from URL and connect to the SSO on the server. https://localhost:7444 for example.
Next click on authentication and select SSO authentication from the mode drop-down menu.
Add the same URL as the SSL import. For admin and password use the SSO admin credentials. Either Administrator@vsphere.local or any other account you have selected as SSO admin. This account is only used on registering or removing. Click on register.
Next complete the SSO configuration by add a vCO Admin domain and group. Optionally use the filter to filter out the groups.
Click update to complete this step.
Next we are going to set up the database. Go to the database screen.
We select SQL Server, add the SQL username and password. Fill in the name and standard port (1433), database name and instance name. After we save this configuration, we are presented with an option to create the database tables. If you happen to use SSL on the SQL server, you will need to import the database server SSL certificate. We can do this in the SSL Trust Manager by connecting to the server URL and import. For this example I don’t need this step.
Click on the link to create the tables.
Click apply changes.
This changes the red triangle at database to a green circle.
Installing Orchestrator requires a certificate for orchestrator. Depending on how your certificates are managed you either create a signing request and a CA signed certificate or create a self signed.
Click on server certificate. Click create certificate database and self-signed certificate. Enter the relevant certificate details.
For the licenses use the vCenter Server License. Add this information if your not using a licensed vCenter or a pre 4.0 version. Add the host, portnumber 443 Path /sdk and a user that is allowed to connect. Apply changes.
Server availability let’s you set a standalone mode or clustered mode when having multiple Orchestrator servers. We leave it running in standalone mode. We are just introducing to system and are not yet at the moment we need clustering. When using Orchestration in your production environment and administrative processes, you might want to think about leveraging this option.
Start the Orchestration service and set it to automatic. You might want to head over to General – Export Configuration and export this configuration to a back-up location.
Setting up Orchestrator to work with vSphere Web Client.
Login to the vSphere Web client and in home select vCenter Orchestrator. In vCO home select manage Servers and edit configuration of vCenter server. Fill in the Fixed IP/Hostname of the Orchestrator server in format https://<fqdn server>:8281/vco/api/. Test connection and when all is okay click ok.
When the registration is successful you have access to some 394 workflow items, composed of the standard workflows and plugins.
To perform general administration or edit and create your on workflows you must log in to the client interface. You can start the client from programs-VMware-vCenter Orchestration client (or use the windows key on metro systems to browse your apps).
In the hostname fill in the IP as displayed in the Network tab in vOrchestrator configuration and log in with credentials as defined in the Authentication tab.
This is the most important tool in the set, well next to the Orchestrator interface in the vSphere Web client.
Want to install the client on it’s own, use the standalone installer from the vCenter install media and select client.
Great we have our system ready to use. From this two blog post we know we have it, how it works and how to install and configure the system. Next up is starting to use it. I will follow up with a blog post (maybe not the next, but I will) to actually start using it!