In a previous article I documented steps required to install the latest VMware vRealize Orchestrator 8.1. After vRO deployment, you have to go through the initial configuration of the application. In this article I will show you how to configure a standalone vRealize Orchestrator 8.1 with vSphere authentication.
By default the password expiry of the root account of the vRealize Orchestrator Appliance is set to 365 days. If you choose to extend the expiration period, you can do that opening a SSH connection to the vRO appliance and running this command:
passwd -x number_of_days_to_expire root
While you are connected to the SSH, you can also run a check for proper DNS resolution, forward and reverse:
nslookup vro_FQDN
nslookup vro_IP_address
Configure vRealize Orchestrator 8.1
Open a browser and access the Control Center URL: https://vro_FQDN/vco-controlcenter. If you only see a “Bad Gateway” message, most likely vRO did not started yet, it may take a fair amount of time to be up. Try again later till you see the login form, then use the root credentials configured at deployment time to login.
After a successful login, you will see the Control Center dashboard. Click on “Configure Authentication Provider”.
From the “Authentication mode” drop down choose vSphere. Enter your vCenter FQDN in the “Host address” text box. Click “Connect”.
You will receive a warning about the self-signed certificate for vCenter Server. Check the certificate details and click “Accept Certificate”.
You need to enter authentication details for vCenter Server. Enter user name, password and the default tenant, then click “Register”.
The next step is to grant vRO administrator permissions to a vCenter group. Enter part of the group name into the “Admin group” text box and click “Search”.
The form will load the corresponding groups from vCenter Server. Choose the one you want to grant administrative permissions on vRO.
Check if everything looks correct and then click on “Save Changes” button.
Go back to the vRO Control Center homepage and click on “Validate Configuration”. Most likely you will see 2 errors: “A server restart is required because of a configuration change that is not yet applied” and “The Orchestrator cluster is in an inconsistent state”. Both errors are expected. After you changed the vRO authentication configuration, a restart of the service is required. This is done automatically in about 2-3 minutes. Take a cup of coffee or tea and after few minutes click “Refresh”.
If you had enough patience for the service restart to be completed, you should see everything in green.
Configure vRealize Orchestrator – Add a vCenter Server Instance
The last configuration for the day is to add a vCenter Server instance to the managed inventory of vRO. Go to the Orchestrator Client URL (https://vro_fqdn/orchestration-ui) and login with the administrator user. Click on “Workflows” under “Library” category in the left menu.
Here you can filter the workflows searching for “Add a vCenter Server Instance” workflow. Alternatively you can use the returned tree view of hierarchical folders (click on the “tree” icon in the top right of the workflows page and then navigate to Library -> vCenter -> Configuration -> Add a vCenter Server Instance).
For other new features of vRO 8.1 you can check this article: VMware vRealize Orchestrator 8.1.
Click “RUN” link next to the workflow name.
You need to enter the vCenter FQDN and change the HTTPS port (if needed). Check both “Will you orchestrate this instance?” and “Do you want to ignore certificare warnings” checkboxes. Click on “Set the connection properties”.
Keep “Do you want to use a session per user…” checkbox checked, then enter the details of the vCenter username that will be used to connect vRO. All future vRO workflows that connect to vCenter will run on vCenter authenticated as this user. Click “Run”.
After a brief wait period, you will hopefully see the green completed workflow. If you get an error, run again the workflow and check every details that you provided.
You can check the result of the run by going to the the “Inventory” link from “Administration” category in the left page menu. Expand “vSphere vCenter Plug-in” and you will see the tree of all the objects from the vCenter inventory. If you are a beginner in vRealize Orchestrator it is a good exercise to drill-down into the vCenter objects, click on them and see the properties available to use in workflows. If you are familiar with “Managed Object Browser” or MOB from vCenter, this is a very similar view of your vCenter instance.
With this you can consider the initial configuration of vRealize Orchestrator 8.1 finished. Enjoy the vRO scripting 🙂