IaaS server is installed separately on a Windows server and is a key part of a vRealize Automation deployment. IaaS is the part within vRA that enables the rapid modelling and provisioning of servers & desktops across virtual and physical, private and public or Hybrid cloud infrastructures. Without the IaaS components, a vRA deployment is pretty none existent and in my view, pretty useless.
IaaS Component Architecture
IaaS components included within the vRA are as follows
- IaaS Web site:
- The IaaS Web site component provides the infrastructure administration and service authoring capabilities to the vCloud Automation Center console
- Gets the updates from the Model manager for DEM, Proxy agents and the SQL database
- Model Manager:
- Provides updates from the DEM, proxy agents, and database to the IaaS web site.
- The Model Manager holds the core of the business logic for vRA.
- This business logic contains all the information required for connecting to external systems like VMware vSphere, Microsoft System Center Virtual Machine Manager, and Cisco UCS Manager…etc.
- The Model Manager Web service component can have multiple instances and communicates with a Microsoft SQL database.
- Manager Service
- The Manager service coordinates communication between DEMS, agents, and the database.
- The Manager Service communicates with the console Web site through the Model Manager. This service requires administrative privileges to run on the IaaS server
- Distributed Execution Managers (DEMs)
- DEMs execute the business logic of a vCloud Automation Center model, interacts with external systems, and manages virtual, cloud, and physical machine resources
- DEMs are used for provisioning and managing machines on vCloud Director, vCloud Air Service, Red Hat Enterprise Virtualization Manager, Microsoft System Center Virtual Machine Manager, Amazon Web Services, Physical Server Management Interfaces for Dell, HP, and Cisco.
- Runs as a Windows Service (1 service for DEM Orchestrator and another for DEM Worker
- SQL Database
- The IaaS component of vRealize Automation uses a Microsoft SQL Server database to maintain information about the machines it manages and its own elements and policies
- A system administrator need to manually create the database during installation
- Hypervisor proxy agents: Provisioning and managing machines and services on vSphere, Citrix, XenServer, Hyper-V. They send commands to and collect data from vSphere ESX Server, XenServer, and Hyper-V virtualization hosts and the virtual machines provisioned on them
- EPI Agents: External provisioning infrastructure PowerShell agents
- VDI Agents: Virtual Desktop Infrastructures PowerShell agents for XenDesktop Delivery Controller and VMware View Horizon enabling the XenDesktop web interface access through vRA
- WMI Agents: Windows Management Instrumentation agents enhances the ability to monitor and control system information and allows you to manage remote servers from a central location. It enables the collection of data from Windows machines that vRealize Automation manages.
- Management Agents: Management Agents collect support and telemetry information and registers IaaS nodes. A Management Agent is installed automatically on each IaaS node.
- Each agent runs as a Windows service
One thing I’ve noticed on most of the VMware documentation is a lack of clarity in the form of a diagram of how these components interact. I’ve therefore attempted to document this as below.
IaaS Server Deployment
The deployment of the IaaS component is not the easiest of the tasks and is somewhat unlike the typical user friendly deployment style we are used to with other VMware products (guessing this was because it came from the Dynamic Ops acquisition rather than being developed in house by VMware). It could be a quite a tedious task to ensure that all the various pre-requisites are in place on the IaaS Windows server manually and then having to run the setup (which is also a little cumbersome). Fortunately, a VMware TME (Brian Graf) has put together a really handy PowerShell script to automate the pre-requisite setup which I’ve used few times in the past and it has saved me lots of time. We’d be using that here.
Here are the steps involved in deploying the IaaS server components, starting from the Pre-requisites
- Ensure the Pre-requisites are in place on the IaaS server
- Build a Windows 2008 R2 / Windows 2012 / Windows 2012 R2 server
- Create a Domain account as the vRA service account. Lets call it <DomainName>\svc_vRA.
- Login to the Windows server (VM) and ensure that the vRA service account is a member of the local Administrators group
- Download the vRA 6.2 pre-req checker PowerShell script from GitHub and copy locally.
- Login as the vRA service account Run the “vRA 6.2 PreReq Automation Script.PS1” and follow the guided install wizard to add / download the additional components as required and install them automatically.
- Ensure the pre-requisites are in place on the SQL server
- Verify the Pre-Requisites are correctly installed & configured on the IaaS server
- login to the IaaS server as the vRA service account.
- Download the IaaS installer specific to your vRA deployment by logging in to the https://<FQDN of the vRA Appliance>:5480 (login using root)
- Login to the installer using root and password specified during the deployment of the vRA appliance
- As this is the first IaaS server, I will be installing all the roles on this server (Will add a secondary DEM Orchestrator and DEM worker to another server later). Therefore select Complete Install and click next
- The built-in Pre-Requisite checker will now verify that you’ve got all the pre-requisites and confirm.
- If there are warnings against the Windows Firewall (even if its disabled), ensure that the Distributed Transaction Coordinator is allowed through the firewall and once verified, select the Firewall related warnings and click bypass.
- Move on to the next step
- Install the IaaS components
- From the Step 3.7 above, click next to proceed with the installation
- Provide the followings to the installer
- vRA service account username
- vRA service account password
- Passphrase (is a series of words that generates the encryption key used to secure database data and would required if the DB is to be restored)
- SQL server name (DO NOT type the instance name if there’s only a singly instance on the server. Just use the SQL server FQDN)
- vRA Database name & Click Next
- Provide the DEM and Agent names and click next
- Under the Component Registry,
- Provide the FQDN of the vRA appliance
- Load the default Tenant
- Download the certificate using the button & accept using the check box
- Provide the default SSO Administrator credentials (Administrator@sphere.local if using the vCenter SSO) & click test to verify. Verify the IaaS server name & Click next
- Click Install to begin the installation. Install log would be at “C:\Program Files (x86)\VMware\vCAC\InstallLogs\” folder.
- Once the installation complete (can take around 20 mins), click next & finish
- Verify the IaaS installation & Service registration
- Now login to the https://<FQDN of the vRA Appliance>:5480 as root and ensure the IaaS-service has a status as REGISTERED
- Also verify that you can see the Infrastructure Administrators section being enabled within the Login to vRA UI for the default tenant (URL “https://<FQDN of the vRA Appliance>/shell-ui-app) when you login with the default SSO administrator credentials (Administrator@vsphere.local). Note that this was previously disabled pending the installation of the IaaS components.
- Revoke the temporary SQL permissions
That is it. The vRA IaaS server components have now been set up successfully. Next, we’ll look at deploying & configuring the latest version of vRO (vRealize Orchestrator – 6.0.1) which is a critical part of a useable vRA deployment.