vRA – Deployment Highlights

Chan Leave a comment

This article aim to provide key deployment highlights during a typical deployment of VMware vRealize Automation, also known as vRA / vCAC for quick reference. Note that this is NOT an in depth, step by step guide but only a summary of key points to remember, in a hierarchical format based on the order of deployment.

  1. Deploy the SSO appliance that ships with vRA or use the existing vCenter SSO server (as long as the version is =>5.5)
    • I’d prefer to use the existing SSO server from vCenter, especially if its already deployed in a scaled out deployment model (dedicated SSO server / cluster that is separate from vCenter server itself) which is more scalable and provide single SSO infrastructure which I believe is better and neater than having multiple SSO servers everywhere.
    • There are arguments for deploying the vCAC SSO also, especially since its release cycle is the same as vCAC appliance itself where as vCenter SSO is on a different release cycle which can cause feature mismatches…etc
  2. Deploy the vRA/vCAC appliance itself
    1. Once deployed go to the administrative page (https://<fqdn of the vRA appliance>:5480) and configure the settings
    2. If using vCenter SSO, note the below during the vRA configuration (SSO tab within the vCAC settings tab of the vRA configuration page)
      1. SSO Host & Port: SSO server name should have the same case as what’s been registered in the vCenter SSO (if unsure, browse to https://ssoserver:7444/websso/SAML2/Metadata/vsphere.local and save the vsphere.download file when prompted. Open the vsphere.download file in notepad or some text editor. Locate the entityID attribute of the EntityDescriptor element. That is the name and case you need to use here)******** This will save you lot of troubleshooting time*********
      2. SSO Port: 7444 for the vCenter SSO
  3. Deploy the IAAS server component
    1. Pre-requisites:
      1. Ensure that the IAAS server has the W2k8R2 SP1 applied…..!!
      2. Download the latest pre-req automation script “vCAC61-PreReq-Automation.ps1” on to the IAAS server host (Windows). (vRA 6.2 version of the script here)
      3. Run the above powershell script on the IAAS host. When run, this will download all the missing pre-requisite components including DontNet 4.5.1 & JRE 7 on to the IAAS server automatically.
    2. Install IAAS components:
      1. Download the IAAS install components specific to your vCAC deployment from the vCAC appliance deployed in step and install (from https://<vRA Apliance FQDN>:5480/#iaas)
      2. Run the installation of IAAS components
        • Accept the EULA

1

        • Provide the vRA/vCAC username to connect to vRA appliance

2

        • Select complete / custom install – for this example, I’m selecting the complete install assuming that this is the first IAAS server being installed.

3

        • Select Database and click bypass in the below screen (Installer will provide the option to enter DB server details afterwards)

4

        • Provide the DB server details as follows – This is where you can provide the SQL server details for a separate, resilient / clustered SQL server instance. (recommended). Note the points below
          • Don’t type the SQL server instance name (if you have one). Use just the DB server name.
          • If using Windows authentication, the vRA service account (i.e. domain\svc_vcac) needs to be a sysadmin on the SQL box during the installation phase (sysadmin role can later be revoked). There will be no need to pre create an empty SQL database files on the server or even a prepolated DB using the DBCreate script provided with the installer (used to be the case before 6.1). vRA IAAS database will automatically be created during the installation using the specified service account. Note that the domain service account need to be mapped to SQL instance as shown below (MSDB as the default database & with sysadmin rights. These are required only during the installation and can be revoked afterwards)

5

6

Without the red highlight below, the DB setup script will fail. (Just assigning the sysadmin rights alone is NOT enough)

7

If not using windows authentication (i.e. using SQL authentication), the SQL DB can be pre-created by SQL / sys admin using the install scripts (install guide page 63) and an SQL account with DBO permission granted to the database need to be manually created. Installer can create the DB – Need Sysadmin privileges for the SQL account credentials specified in the below screen

Now proceed with the IAAS install

8

Provide the names for the 1st DEM orchestrator and worker. Note that while multiple DEM orchestrator deployment is recommended for a resilient deployment, only 1 DEM orchestrator can ever be active at one time. Note that when creating the end point (as the Inf-admin later on during the post deployment configuration), the name of the end point provided SHOULD match the endpoint name defined in this screen. (make a note of the endpoint name)

9

Test the credentials and make sure they pass for the installation to proceed.

10

Click install to begin the 1st IAAS server installation

11

 

 

Chan

Technologist, lucky enough to be working for a very technical company. Views are my own and not those of my employer..!

More Posts Twitter LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked *