After a long holiday season it’s officially time to get back at it and I thought no better time than the present. So here we go into Part 2 which will focus on configuring the connections between vCO and some useful components. If you haven’t reviewed Part 1 feel free to follow the link below.
Part 1: vCAC and vCO – Configuration
Part 2: vCO -> Powershell, vCenter, and AD
Part 3: Automating a state change
Part 4: Automating a menu action
The process in this post will start with the Powershell host, then vCenter, and finally Active Directory. Once these are configured you will be able to associate actions or state changes from vCAC in Part 3 and 4.
Let’s jump right in!
Before we log into the vCO client there are a few steps you will need to execute on your vCAC Appliance and whatever host you plan to use as your Powershell host. I personally use the vCAC IaaS (windows) host as the Powershell host.
**Important note pointed out by a couple of my fellow team members there is a chance that the powershell/winrm setup may fail if the firewall on your host is disabled. See these two kb articles
http://support.microsoft.com/kb/2004640
First log into your Window Powershell host and download this script.
set-executionpolicy unrestricted
cd to the directory where you downloaded the script above and run .winrm.ps1
Now test that the commands opened up the winrm access to the host.
winrm id -r:hostname.fqdn -a:Kerberos -u:userid@fqdn -p:password
Which will give you these results if successful.
Next you need to log into the vCAC appliance either via console or through SSH with root. Edit the krb5.conf file by executing the following. Click here for a link to download a generic example.
vi /etc/krb5.conf
THIS SCREEN IS AN EXAMPLE, CASE IS VERY IMPORTANT!!!
Launch the vCO client
Login in when prompted with administrator@vsphere.local account. You will then be greeted with the vCO home page. Make sure to select Run in the drop down and expand the tree until you get to “Add a Powershell host” -> Right click and Run or click the green run arrow. Add vCAC host workflow
You will now be prompted with a workflow to configure the connectivity to the Powershell host. This workflow will prompt you for the following details
Step 1:
- Name – This is simply what you want to call the Powershell host
- Hostname – %hostname.FQDN%
- Port – Leave blank
Step 2:
- Remote Host Type – WinRM
- Protocol – HTTP
- Authentication – Kerberos
Step 3:
- User – Should be user@FQDN
- Password –
Step 1
Step 2
Step 3
This process will take a few moment, after which you will see the green check mark next to the workflow.
Now expand the tree until you get to “Add a vCenter” -> Right click and Run or click the green run arrow. Add vCAC host workflow
You will now be prompted with a workflow to configure the connectivity to the vCenter Server. This workflow will prompt you for the following details
Step 1:
- vCenter Instance – This should be the host.fqdn of your vCenter Instance (you can add multiple)
- Port – Should be 443
- Location of sdk – /sdk
Step 2:
- HTTP Port – Leave Blank
- User – Username with administrative access
- Password –
Step 1
Step 2
This process will take a few moment, after which you will see the green check mark next to the workflow.
Now expand the tree until you get to “Configure Active Directory” -> Right click and Run or click the green run arrow. Add vCAC host workflow
You will now be prompted with a workflow to configure the connectivity to the vCenter Server. This workflow will prompt you for the following details
Step 1:
- AD controller – This should be the host.fqdn of your vCenter Instance (you can add multiple)
- Port – Should be 389
- Root – This should be in LDAP format
- SSL – No unless required which will change the port above
- Default Domain – FQDN
Step 2:
- User – Username with administrative access should be in user@domain
- Password –
Step 1
Step 2
This process will take a few moment, after which you will see the green check mark next to the workflow.
Congrats you are now capable of orchestrating any of these items. If you venture into the workflows you will see that there is almost nothing you can’t automate through orchestration. Stay tuned for Part 3 and 4 to see how we take that orchestration to the next level and offer it as a menu item or tie it directly to a provisioning stub.
2 comments
The link to download the winrm script is no longer valid. Please assist in providing a good link.
Thanks.
Sorry about that https://www.dropbox.com/s/r1lyujguqvqv6a3/winrm.ps1?dl=0