Using vRealize Suite LifeCycle Manager to deploy an Enterprise Distributed vRealize Automation environment.

vRealize Suite LifeCycle Manager (vRSLM) has now been around for a while and if you are a vRealize or vCloud Suite license holder this is definitely a product that should be part of our VMware portfolio. I am a bit backward because in my last post is showed how to upgrade your vRA environment using vRSLM and only now will I show how to actually install vRA which actually just comes out of necessity because one of my colleagues accidentally delete all my lab servers ūüôā

For this post, I am using the latest vRSLM 1.3 and will be deploying a distributed vRA 7.4.

  • jvra01 – vRA appliance with embedded vRO (recommended design to use embedded instead of external vRO since 7.3)
  • jvra02 – vRA appliance with embedded vRO
  • jvraweb01 – vRA IaaS Web
  • jvraweb02 –¬†vRA IaaS Web
  • jvramgr01 – vRA IaaS Manager
  • jvramgr02-¬†vRA IaaS Manager

Since vSSLM automates and simplifies the deployment of your VMware SDDC stack, most of your time will be spent on prerequisites, so let’s start with that.

vRA prerequisites:

  • Manually deploy 4 x vRA Iaas Windows Servers in your vCenter Server environment.
    • Make sure they are added to the domain and DNS and NTP is working.
    • Disable UAC on all Windows servers. Make sure to reboot if you have to disable this.
    • Make sure that IPv6 is disabled on all Windows servers
    • Add the windows service account as part of User Rights Assignment under Local Security Policies for Log on as a Service and Log on as a batch job on all windows machines.
    • Verify the minimum resource requirements is set on all Windows servers.¬† Set to at least 8GB.
  • SQL Database
    • Make sure the domain user has added the SQL server to the domain
    • Make sure the domain user is added as part of the SQL DB user Logins list with the sysadmin privilege
  • ¬†Load Balancer
    • Make sure that the second member of each pool in the vRealize Automation load balancer is disabled.

There are also some scripts available to download to verify the prerequisites when you run the precheck for the creation of the vRA environment so this can be done later as well.

vRSLM prerequisites:

  • Ensure that the vRSLCM appliance has correct FQDN configured
    • Command for correcting the hostname is “/opt/vmware/share/vami/vami_set_hostname <hostname>”
    • After setting the correct hostname, verify by using the command “hostname -f” or from 1.3 version of LCM, we can also verify from the settings page.
  • Under vRSLM settings:
    • Register with My VMware to access licenses, download Product Binaries, and consume Marketplace content.
    • Download the vRealize Automation 7.4.0 product
      • If you already have the OVA downloaded then you can import it under the Product binaries tab.
    • Verify that you have vRealize Automation binaries status as completed.
    • If you using a self-signed certificated in your environment (not recommended), then create a self-signed wildcard certificate for vRealize Suite product deployments.
      • Best is to generate a single SAN certificate with all the product or management virtual host names or a wildcard certificate and provide this certificate when you create the environment for the first time. This ensures support for post provisioning actions such as Add Products and Scale Out.
    • Configure NTP Servers for deploying products in environments
  • Under Data Centers
    • Create a Data Center with an associated location.
    • Add the vCenter Server where the vRA environment will be deployed to.
      • Make sure the data collection is successful.

vRealize Automation deployment steps:

  • First off, we need to create an environment for vRA
  • Login to vRSLM
  • Screen Shot 2018-08-03 at 2.31.55 PM.png
  • On the Getting started page select Create Environment
  • Screen Shot 2018-08-03 at 2.34.53 PM.png
    • Select Data Center
    • Select Environment Type
    • Enter an Environment name
    • Enter the Administrator email address
    • Enter a default password which is for both root on the appliance and admin account if applicable on the product being deployed
    • Verify the entered password
    • Disable CEIP if you want
    • Click Next
  • Screen Shot 2018-08-03 at 2.38.42 PM.png
    • In the vRealize Automation Product window, check the selection box in top right-hand corner.
    • Make sure it is set to New install
    • Verify version is 7.4.0
    • Under deployment, select your deployment size¬†with HA
    • Screen Shot 2018-08-06 at 5.20.03 PM.png
      • If you pick Tiny with HA, it will not automatically add your secondary components, and you have to do so manually.¬† Best is to pick Medium with HA.
    • Select Next
  • Scroll to the bottom and accept EULA
  • Click Next
  • License Details
  • Screen Shot 2018-08-03 at 2.44.31 PM.png
    • Enter your license key for vRA, if you are using vRSLM you probably have a vRealize or vCloud Suite license to add.
    • Click Next
  • Infrastructure Details
  • Screen Shot 2018-08-03 at 2.52.27 PM.png
    • Select the vCenter Server enter in the vRSLM data center
    • Select the cluster
    • Select the Network where appliances will be deployed on
    • Select the Datastore¬†where appliances will be deployed on
    • Select disk format
    • Select Applicable Time sync mode with recommendation NTP servers.
      • Select the NTP servers created in settings
    • Click Next
  • Network details
  • Screen Shot 2018-08-03 at 3.00.02 PM.png
    • Enter the default gateway
    • Enter the domain name
    • Enter the domain search path
    • Enter the domain name servers, with comma separated
    • Enter netmask
    • Click Next
  • Certificate details
  • Screen Shot 2018-08-03 at 3.02.38 PM.png
    • Under Manage Certificate select Import Certificate
    • Enter the Passphrase for your wildcard certificate
    • Enter the Private key
    • Enter the Certificate chain
      • This should include the certificate, intermediate and root
  • Product details
  • Screen Shot 2018-08-06 at 5.22.43 PM.png
    • Under Product Properties
      • Enter the Windows service account which will be used for installation and has administrator access on the server.
      • Enter the Windows service account password
      • Select NTP servers
      • Select Yes for Configure Cluster Virtual IPs
      • Select Cluster Virtual IPs
      • Screen Shot 2018-08-03 at 3.36.15 PM.png
        • Enter vRA appliance hostname and IP address
        • Enter IaaS web hostname and IP address
        • Enter Iaas Manager hostname and IP address
    • Under Components
      • Select Primary vRealize Automation Server
        • Enter the Primary vRA VM name
        • Enter the vRA Hostname
        • Enter the vRA IP address
        • If you have some custom configuration for vRA then select the Advanced settings button.
      • Select vRealize Automation Secondary Server
        • Enter the Primary vRA VM name
        • Enter the vRA Hostname
        • Enter the vRA IP address
        • If you have some custom configuration for vRA then select the Advanced settings button.
      • Select Database
        • Enter hostname
        • Enter IP address
        • If you require custom configuration for the database then select the Advanced settings button
      • Select IaaS Web
        • Enter Web hostname
        • Enter IP address
        • If you have some custom configuration for vRA then select the Advanced settings button
      • Select IaaS Manager Active
        • Enter Manager hostname
        • Enter DEM Orchestrator name
        • Enter IP address
        • If you have some custom configuration for vRA then select the Advanced settings button.
      • Select IaaS Manager Passive
        • Enter Manager hostname
        • Enter DEM Orchestrator name
        • Enter IP address
        • If you have some custom configuration for vRA then select the Advanced settings button.
      • Select IaaS Dem Worker
        • Enter Web hostname
        • Enter IP address
        • If you have some custom configuration for vRA then select the Advanced settings button
      • Select vSphere Proxy Agent
        • Enter Web hostname
        • Enter IP address
        • Select Advanced configuration
          • Change the Agent name to be something more descriptive that you will remember because you have to enter the same name when you define the endpoint in vRA
      • If you want to add additional components you can do so at the top of the Product Details.
        • Screen Shot 2018-08-06 at 5.24.50 PM.png
    • Click Next
  • ¬†PreCheck Details
  • Screen Shot 2018-08-03 at 4.07.05 PM.png
    • Click Run PreCheck
    • If error or warning appears, follow the instructions from the required actions. Run the pre-check again to verify fixes.¬† I have performed the installation with the older releases and since v1.3 the preCheck has been greatly improved.
    • Screen Shot 2018-08-06 at 11.27.03 AM.png
    • If the precheck validation comes back successful, Click Next
    • Request Summary:
      • Before clicking submit
        • Create Snapshots of your Windows IaaS servers.
        • Review your configuration and scroll all the way to the bottom.
        • Click on Download Configuration.
          • This will save your configuration settings, which are very useful if for some or other reason you have to reinstall.
    • Click Submit
  • Installation Status
    • Click on requests
    • Screen Shot 2018-08-06 at 10.33.48 AM.png
    • Click on the status “In Progress”
    • Screen Shot 2018-08-06 at 10.36.54 AM.png
    • Here you can follow the process
    • Screen Shot 2018-08-06 at 10.37.43 AM.png
    • If you want to know what the current workflow is that is running, then you can click on the blue dot.
  • Once successfully completed, and this can take up to 2 hours, you can view vRA deployment under Environments
    • Screen Shot 2018-08-06 at 4.55.35 PM.png
    • Click View Details
    • Screen Shot 2018-08-06 at 4.55.51 PM.png
    • Click View Details again
    • Here you will find all the details regarding your existing environment.
  • Now to really make full use of vRSLM, and complete you full SDDC stack environment, you can add additional products to your environment like:
    • vRBC
    • vROPS
    • vRLI (since 1.3)
    • vRNI

Step by Step upgrade of distributed vRealize Automation 7.2 with external vRO to 7.4

As with most of my other blog posts, I am just providing a step by step guide for quick reference.  Please refer to the documentation here for detailed information and please read the vRealize Automation 7.4 Release Notes known issues section which is updated regularly and helps you to be better prepare for the upgrade.

My environment consists of a distributed vRealize Automation running version 7.2 with an¬†external clustered vRealize Orchestrator,¬†which I am upgrading and not migrating to 7.4 Build 8182598.¬† This will be a similar process if you have vRA 7.1 and greater.¬† If you have an older version, refer to VMware’s documentation here.

The in-place upgrade process for the distributed vRA environment happens in 3 stages in the following order:

  1. vRealize Automation appliances
  2. IaaS Web server
  3. vRealize Orchestrator

Pre-requisites before we start:

  1. Make sure all VMware products are compatible with vRA’s current and new release by consulting the Product Interoperability Matrix.
  2. Verify enough storage space on servers
    • At least 5GB on IaaS, SQL and Model Manager
    • At least 5 GB on the root partition of vRA¬†appliance

    • 5 GB on the /storage/db partition for the master vRA appliance

    • 5 GB on the root partition for each replica virtual appliance

  3. Verify that MSDTC is enabled on all vRA and associated SQL servers.
    • Check that the service “Distributed Transaction Coordinator” is running.
  4. The primary IaaS Website node (Model Manager data is installed) must have JAVA SE Runtime Environment 8, 64 bits, update 161 or later installed, and also verify JAVA_HOME environment variable is set correctly after the upgrade.
  5. If using embedded Postgres DB in a distributed vRA environment
    • On master vRA node, navigate to¬†/var/vmware/vpostgres/current/pgdata/
    • Close any opened files in the pgdata directory and remove any files with a .swp suffix
    • Verify the correct ownership of all files in this directories: postgres:users
  6. In a distributed vRA environment, change Postgres synchronous replication to async.
    • Click vRA Settings > Database.
    • Click Async Mode and wait until the action completes.
    • Verify that all nodes in the Sync State column display Async status
    • I have only a master and replica so I am already async but just FYI
  7. In vRA tenants verify the following
    • Make sure that no custom properties have spaces in the names.
    • All saved and in-progress requests have finished successfully

Additional requirements before we start:

Continue reading