Introduction to Automation via vCenter Orchestrator – Part 2 Installation and initial configuration

This post is a follow up from my previous post about the introduction to the vCenter Orchestration and it’s architecture within the vCenter system infrastructure. The first part can be found at

This part will handle the installation options and the initial configuration before starting to use the system.


For the installation of vCenter Orchestration we have the following options:

  • Use the vCenter server installation to install vOrchestrator with your vCenter server. This is the default and simplest way.
  • Use the installer on the vCenter installation media to install the vCenter Orchestrator separately from your vCenter server. This is especially for dedicated Orchestration servers or role separation. The installer can be found on the media in the directory vCenter-ServervCO and the application installer is vCenterOrchestrator.exe. This also minimize the hassle of the initial configuration as those are moved to the installed (;-)), just add the vCenter connection in the vSphere web client.
  • Use the vCenter Orchestration Virtual Appliance to deploy as a OVF in your infrastructure.

I have installed vOrchestrator from the vCenter Server installer.  This installs to the vCenter location as defined in the installer input. The directory within the infrastructure structure is called Orchestrator. The installer creates two services, namely the VMware vCenter Orchestrator configuration service for the web configuration, and VMware vCenter Orchestrator Server for the service (where the vCenter and web client connection will be to). These services open web service for port 8283 for the configuration and 8281 for the Orchestrator API. These services are installed in a stopped manual state.

For a small environment with testing or just a small amount of workflows the default vCenter or embedded database can be used. But for a production environment a specific database is highly recommended. I have setup a MSSQL 2008R2 database to be connected to from vCenter Orchestrator. This is an empty database with 1GB space and 10% growth. The databases will be created from the configuration.

Initial Installation

For the initial installation we start up the VMware vCenter Orchestrator configuration service and set this to automatic. After the system starts up, we can connect a browser to https:<servername>:8283/

The initial username and password is, vmware with password vmware. The default password is changed upon connecting. The vmware user cannot be changed.

We see some greens (hooray) and some reds (boooo).

First up check the network settings. These should be okay. Next up import the SSL certificate of the vCenter server. Go to Network – SSL Trust Manager

Fill in the details of your vCenter server at Import from URL. I have installed this on the same host, so https://localhost is sufficient. This needs to be repeated from every vCenter you want to add (a maximum of 20 per Orchestrator).

Next up settings the authentication method. Orchestrator supports LDAP and SSO authentication.  If we want Orchestrator to work from the web client we need SSO setup.

We have to import the SSO certificate in SSL Trust Manager. Import from URL and connect to the SSO on the server. https://localhost:7444 for example.

Next click on authentication and select SSO authentication from the mode drop-down menu.

Add the same URL as the SSL import. For admin and password use the SSO admin credentials. Either [email protected] or any other account you have selected as SSO admin. This account is only used on registering or removing. Click on register.

Next complete the SSO configuration by add a vCO Admin domain and group. Optionally use the filter to filter out the groups.

Click update to complete this step.

Next we are going to set up the database. Go to the database screen.

We select SQL Server, add the SQL username and password. Fill in the name and standard port (1433), database name and instance name. After we save this configuration, we are presented with an option to create the database tables. If you happen to use SSL on the SQL server, you will need to import the database server SSL certificate. We can do this in the SSL Trust Manager by connecting to the server URL and import. For this example I don’t need this step.

Click on the link to create the tables.

Click apply changes.

This changes the red triangle at database to a green circle.

Installing Orchestrator requires a certificate for orchestrator. Depending on how your certificates are managed you either create a signing request and a CA signed certificate or create a self signed.

Click on server certificate. Click create certificate database and self-signed certificate. Enter the relevant certificate details.

For the licenses use the vCenter Server License. Add this information if your not using a licensed vCenter or a pre 4.0 version. Add the host, portnumber 443 Path /sdk and a user that is allowed to connect. Apply changes.

Server availability let’s you set a standalone mode or clustered mode when having multiple Orchestrator servers. We leave it running in standalone mode. We are just introducing to system and are not yet at the moment we need clustering. When using Orchestration in your production environment and administrative processes, you might want to think about leveraging this option.

Start the Orchestration service and set it to automatic. You might want to head over to General – Export Configuration and export this configuration to a back-up location.

Setting up Orchestrator to work with vSphere Web Client.

Login to the vSphere Web client and in home select vCenter Orchestrator.  In vCO home select manage Servers and edit configuration of vCenter server. Fill in the Fixed IP/Hostname of the Orchestrator server in format https://<fqdn server>:8281/vco/api/. Test connection and when all is okay click ok.


When the registration is successful you have access to some 394 workflow items, composed of the standard workflows and plugins.

vOrchestrator Client

To perform general administration or edit and create your on workflows you must log in to the client interface. You can start the client from programs-VMware-vCenter Orchestration client (or use the windows key on metro systems to browse your apps).

In the hostname fill in the IP as displayed in the Network tab in vOrchestrator configuration and log in with credentials as defined in the Authentication tab.

This is the most important tool in the set, well next to the Orchestrator interface in the vSphere Web client.

Want to install the client on it’s own, use the standalone installer from the vCenter install media and select client.



Great we have our system ready to use. From this two blog post we know we have it, how it works and how to install and configure the system. Next up is starting to use it. I will follow up with a blog post (maybe not the next, but I will) to actually start using it!


Introduction to Automation via vCenter Orchestrator – Yes you can!


Automation is something that was started in the industrial revolution. It introduces processes to automate repeating tasks so that quality is maintained or even better (by designing, testing and debugging the process), and minimal or nil human intervention is needed. If you can repeat it, automate it. Well not all, don’t repeat failures, issues and such ;-).
This creates efficient infrastructures, and more important efficient IT departments that can focus on other tasks then repeating that same boring task list all day long.

Automation in the VMware product suites can be done with several products, like vCenter Automation Center for cloud, puppet, scripts, third parties products and the like; but with your vCenter infrastructure there is already a component you can leverage vCenter Orchestrator or vCO for short. With vCO, the VMware administrator can create, using a drag and drop interface, a workflow to for example provision new servers. With steps like deploying a template, customizing the system and installing applications. With plugins additional tasks as creating an Active Directory object, or adding a change request to the IT management system to create the storage needed for you VM’s can be added as well. The prebuild workflows library already has hundreds of out-of-the-box workflows to start using immediately

And the best part, when you installed a licensed vCenter server system, you already have it. Start using it!


vCenter Orchestrator can be installed next to vCenter on a Windows system via the vCenter installer (it will by default), or via the vCenter Orchestrator appliance. With the vCenter Server Appliance you don’t have vCO components, you will have to add vCO on a Windows server or add the vCO appliance next to the VCSA. When installing on a Window system use the vCenter server installer to install orchestrator as a component, or do it on a complete separate system. But then prepare your environment by installing a SQL database and starting the vCenterOrchestrator.exe from the vCenter-Server/vCO directory on the install media. Installing the orchestrator appliance is downloading and deploying the OVF. When receiving an IP address the rest of the configuration can be done via a supported web browser.

Orchestrator is composed of three distinct layers: an orchestration platform that provides the common features required for an orchestration tool, a plug-in architecture to integrate control of subsystems, and a library of workflows accessed from the client application (addon to vSphere web client). Other components are the directory services or SSO, the database, and web services for browser access and REST/SOAP API.


Orchestrator is an open platform that can be extended with new plug-ins and libraries, and can be integrated into larger architectures through a SOAP or REST API. In my opinion this is the strength of automation tools to leverage the ability to integrate in the infrastructure architecture and not having the orchestration focus on the primary product architecture. With the plugins architecture automation via vCO is reaching beyond the VMware infrastructure, with plugins for AWS, SQL, Active Directory or leveraging SOAP/REST and such.

Release / License

With the release of vSphere 5.5, vCO is at 5.5 as well (well 5.5.1 for the appliance). You can download the integrated installer or the appliance from your MyVMware vSphere 5.5 entitlements.

Orchestration is licensed from the vCenter license. vCO will run either in Player mode: allowing you to run but not edit workflows. Or in Server mode; allows you to run and edit workflows.
Player mode comes with the vCenter Essential and vCenter Foundation licenses, and server mode is leveraged with the standard and higher licenses.


The plug-in architecture, you can automate tasks across both VMware and third-party applications.

Plugins can be developed specifically for your needs, by partners. You can find already created plug ins at VMware Solution Exchange. Just log in and search for vCO.



Going further?

Yes, definitely. But I will follow up in more blog posts.