Move your VMware and KVM applications to the cloud without making any changes

  • November 5, 2015

How to install and configure vRealize Automation (vRA) and test your orchestration scripts - Part 1

Whether you are installing and configuring VMware’s vRealize Automation (vRA) for the first time or need a lab to test your automation and orchestration scripts, you will find this step by step guide useful. Instead of relying on spare hardware, I will be deploying this in a Ravello lab which runs on AWS/Google Cloud. Since I can install ESXi on Ravello, I’ll be treating it just like my data center - so the steps will be similar after that. On a side note, you might want to refer to our previous posts about setting up labs for VSAN, NSX or just vCenter on Ravello and see what the VMware community is saying about it.

You can use this guide to try out the vRA product, test drive upgrade scenarios, test new features or develop and test new customizations without requiring the resources of a physical environment.

vRealize Automation can be deployed in a multitude of ways, but for this setup we’ll try to keep the deployment as simple as possible, without any failover or redundancy capatibilities. After setting up the simple deployment of vRealize automation, configuring a highly available setup is left as an exercise to the reader.

For the deployment of vRealize automation we’ll need the following components:

  • Windows domain Controller or LDAP server.
  • Windows vRealize IAAS & SQL (Express) server.
  • vRealize virtual appliance.
  • Optional: vRealize identity appliance.
  • Optional: vRealize orchestrator appliance.
  • Optional: vCenter server – This can be either the vCenter appliance or the windows virtual machine, in which case you could use the machine already provisioned for active directory.
  • Optional: 1 or more ESXi hosts.

Currently, my vRealize lab in Ravello looks as follows. It contains the vRealize appliance, an identity appliance, an IAAS server, a domain controller and an orchestrator appliance. It also includes a windows vCenter server and two ESXi hosts to test the deployment of virtual machines. This however is completely optional and not required for the deployment of vRealize Automation.

vRealize automation can be used for a multitude of tasks. One of these is the deployment of virtual machines on vSphere, vCloud Director, Openstack, Amazon Web Services or a variety of other public or private cloud providers. For this you'll need some kind of cloud provider or virtualization platform. The other functionality is the provisioning of advanced services through a workflow engine called vRrealize Orchestrator. This allows you to provision miscellaneous services through tools such as Powershell, bash, REST API's or a multitude of plugins available for various products.

You can test both of these features in a Ravello Lab. Ravello nested virtualization with hardware acceleration capability enables you to run Openstack and ESXi environments on AWS and Google Cloud. Also, you can run Exchange and other Windows, Linux systems as VMs to test out vRA orchestration capabilities.


This deployment presumes that you already have a vCenter server running. If you are not using vCenter in this lab, you’ll have to deploy the identity appliance.

Pre-deployment notes

For all Linux based appliances we’ll need to change the compliance check to make sure the appliance boots automatically on Ravello. This can be done in the following way:

  • Login to the appliance using ssh or the console
  • Run vi /etc/init.d/boot.compliance
  • Change line 47 – (add “-q”)
    • From MSG=`/usr/bin/isCompliant`
    • To MSG=`/usr/bin/isCompliant -q`
  • Change line 48 – substitute (“0” instead of “$?”)
    • From CODE=$?
    • To CODE=0
  • Save the changes you made in /etc/init.d/boot.compliance.

In addition, all appliances and servers should be pointing to the same NTP time source. In virtual machines, this can be configured through the OS settings, in virtual appliances this can be configured through the port 5480 VAMI interface in admin -> time settings.

vRealize Identity appliance

To deploy the identity appliance, you’ll have to convert it from stream optimized to non stream optimized first before it can be uploaded to the Ravello content library. A detailed procedure on how to do this can be found on here.

After the appliance has been deployed, log in to the console with root and a blank password and change the password by running passwd. Then, run /opt/vmware/share/vami/vami_config_net to configure your network. Lastly, configure a service in ravello on the identity appliance to open port 5480. After doing this, you can log in to the vami interface through https://your-public-ip:5480 to configure the rest of the identity appliance.

Open the SSO tab and enter a domain and password.

Move on to the “Host Settings” and enter a SSO hostname here. Keep in mind that this name should be the same as the hostname registred in either Ravello DNS or your AD DNS.

Open the SSL Tab and either select “Generate a self-signed certificate” or “Import a PEM encoded certificate” if you have your own SSL certificate. Enter your certificate details and apply. After a short while the certificate will be generated. Of not here is that the common name should match the SSO Hostname you entered earlier.

Lastly, if you have active directory, open the Active Directory tab and enter your domain information. This is not a required step since you can configure AD authentication in vRealize automation afterwards.

vRealize Appliance

After your identity appliance is configured, move on to the vRealize Automation appliance. This can be downloaded from the VMware site as an OVA file. Rename the ova file’s extension to .zip and extract the OVF, which you can then upload to the Ravello content library.

After powering on the appliance, we’ll have to configure it. Log in to the console with root and a blank password and change the password by running passwd. Then, run /opt/vmware/share/vami/vami_config_net to configure your network. Lastly, configure a service in ravello on the identity appliance to open port 5480. After doing this, you can log in to the vami interface through https://your-public-ip:5480 to configure the rest of the vRA appliance.

Open the vRA settings tab and configure the host settings. Select the “Update host” option and enter the hostname. Personally, I prefer to set this to an external DNS name if you will be accessing your lab environment from outside. This can be either the DNS name ravello gave you (can be found in the summary of the virtual machine) or a CNAME record pointing to your ravello DNS name or IP.

Select “Generate Certificate” or “Import” depending on whether you have a presigned certificate or not. Keep in mind that the common name should exactly match the hostname you entered above.

The process to activate this can take a few minutes, so take a coffee break, and after the service is configured move on to the SSO tab.

Enter your SSO host here. Depending on whether or not you chose to use an identity appliance or not, this should be either your identity appliance’s hostname (the same as you configured in the appliance) or your vCenter hostname. Port should be 7444 for vCenter 5.5 or the identity appliance and 443 if you are running vCenter 6.

Enter your administrator user, default tenant (depending on what you configured in vCenter or the identity appliance, administrator and vsphere.local by default) and your password.

After waiting for a few minutes, SSO should return an OK status and will have been configured.

Move on to the licensing tab and enter your license code. This is required to even run vRealize automation, but you should be able to get a trial license.
Open the “IaaS install” page and download the IaaS installer to your vRealize automation server. Leave the rest of the settings default.

vRealize IAAS

This part presumes that you have installed SQL express or SQL server already. If you haven’t done so yet, install this service first before proceeding.
Start by downloading the vRealize automation prereq script. Run the script and follow the instructions, after which your server should be correctly configured to install vRealize automation in the easiest way possible.

After preparing the server, start the installer you downloaded from the vRA appliance earlier. Enter the credentials for your vRA appliance (the root/password you set earlier). Then, ensure that all the prerequisites are met. If the prerequisite checks complain about the windows firewall and you’ve ensured that the firewall is either off or the ports are opened correctly, select “ByPass” to ignore these checks.

Enter a password for your user account, a decryption key for the database, and your SQL server.

When configuring the DEM worker, select the “Install and configure vSphere agent” and note down the values of the vSphere agent name and the Endpoint name, since you’ll need those when adding a vSphere backend. I usually name my vSphere agent the same as the FQDN of my vCenter server, but you can call it anything you want, as long as the name of your endpoint configurd in vRealize Automation is the same.

On the component registry page, click load at the default tenant to load the tenant information. Download the certificate and select “Accept Certificate”. Enter your SSO credentials (default administrator@vsphere.local) and click Test. Then, enter the hostname of your IAAS server (this needs to be DNS resolvable) and click Test.

After all these steps have been performed, your installation starts and after about 10-15 minutes you should have a working vRealize automation setup. Starting the services initially can take quite a bit of time, so some patience is required, but after 10-15 minutes you should be able to log in to the vRealize Appliance interface on https://your-vra-hostname/vcac. If you’ve forwarded port 443 to the vRA appliance (not the IAAS server) the console will be accessible through https://your-vra-public-hostname/vcac.

This concludes the initial setup of vRealize Automation environment. In the next part we'll continue with the vRealize Automation configuration and deployment of virtual machines on various cloud platforms.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.