Stuff about vCloud Automation Center [6.0] (1/5)
This series of posts will be a overview of vCAC in note style. There will be hints and tips besides to design considerations and basic information about the product itself. If you don’t know vCAC at all, you will still have to read manuals and guides!
vCAC enables IT to provide a self-service portal for users or just for IT department itself. With vCAC a company gets the tool to implement predefined workflows or build and develop own workflows to automate common tasks or provision a whole infrastructure for software development department or just well defined VMs.
- vCloud Director is not necessary for vCAC
- SQL Server is necessary; Express edition is supported
- vCAC Appliance is Linux based; IaaS Components are installed on Windows platform
- You need a license key for installation, at least a trial key
Important components of vCAC 6.0
For authentication vCAC can use:
- Identity Appliance (can’t communicate with other Identity Appliances)
- SSO (vSphere 5.5 U1 and later)
- Linux based
- includes vCenter Orchestrator [vCO] (new name is vRealize Orchestrator [vRO])
- includes PostgreSQL
- Runs on Windows
- Components of IaaS
- Web site. Provides a part of the front-end for users.
- Distributed Execution Manager (DEM)
Used for provisioning and managing machines
- vCD, vCHS
- physical servers (HP, Dell, Cisco)
- DEM Orchestrator
Preprocesses and schedules workflows; also monitors DEM Worker
- DEM Worker
- Executing workflows; should be as near as possible to the infrastructure it execute tasks
- Communicates with DEM Orchestrator and external resources. Sends its status and resources it manages to DEM Orchestrator. The Orchestrator submits tasks suitable Workers.
- A Worker can talk to just one endpoint. Use more Worker to talk to the same endpoint to provide redundancy.
- Hypervisor (Hyper-v, vSphere, Citrix, XenServer) as proxy agent
- External provisioning infrastructure (EPI)
- Model Manager
- Manager Service
coordinates communicates between AD, Agents and SQL
Advanced Service Designer
- With Advanced Service Designer you can build a front-end for Service Portal out of every vCO workflow
- The workflow can return a object
e.g. a workflow for creating a user returns the new user, so another workflow can reset the password of that user
Application Director can help software development departments. Developer can use Application Director to deploy the software into the infrastructure available for development. For testing, the software can be deploy into the infrastructure available for testing by using the abstracted workflows of Application Director. So the development cycle can use different platforms (AWS, Hyper-V, vSphere, …) to step further from development to production.
Types of deployment
Minimal Deployment Architecture (for PoC or small environments)
Not suitable for lager environment because it is difficult to scale respectively to upgrade to distributed architecture. Installation contains:
- vCAC Appliance
- SQL Server
These components are not redundantly installed. All components of IaaS are installed in one VM.
Distributed Deployment Architecture (no SOPF)
- vCAC Load Balancer
- redundant vCAC Appliance
- PostgreSQL Cluster
- SQL Cluster
- IaaS Web Load Balancer
- IaaS Manager Service Load Balancer
- Agents, DEM Workers
- Here is a prerequisite verification script available
- If hardware workflows are planed (for HP, Dell, Cisco), check hardware requirements
- DNS (forward, reserve)
- Time synchronization is very important (time have to be in sync with just seconds in difference)
- DB Server (PostgreSQL or SQL); there are scripts to create the DB
- IaaS requirements (DB, ports)
- Network ports according to installation guide
- Compute Requirements (check in documentation according to the size of the environment)
- IaaS Manager Service Requirements
- .NET 4.5 (do not use 4.5.1!)
- PowerShell 2.0 for Windows 2008 respectively 3.0 for 2012
- User accounts (vCenter service account, for IaaS installation, IaaS DB and service user)
Check privileges in installation guide; do not use local administrator account
Self signed certificates will be created, check installation guide to deploy CA certificates to use SAN or wildcard certificates
Tips for OVF-Deployment
- Settings entered in deployment wizard are implemented during installation using virtual CD-Rom. So do not remote CD-Rom from appliance! If you have already remove the drive, you will have the option to run a script within the appliance to deploy the settings manually. Therefore open the console of the appliance, you will see the absolute path to the script.
- During basic configuration of the appliance using the browser at port 5480, wait until “Requesting Information” is finished. Do not enter information or change tabs before “Requesting Information” is done.
- Before generating self signed SSL certificate, check all entries for correctness! Use FQDN of vCAC Appliance for Common Name.
- Saving SSO Settings can take up to 15 minutes. When there is no activity after 20 minutes, close the browser and try it again.
Tips for IaaS Installation
- Use Links for software download during Installation (https://VCAC_Server_FQDN:5480/installer) for setup.exe, .NET 4.5
- Do not rename setup-files!
- root-user for vCAC Appliance is just for downloading files, it is not used for constant connection
- For single-installation use complete-installation
- SQL Server Express could have problems using FQDN, use just the hostname instead
- to keep it simple, use default naming. If you want to change the defaults, note naming in your documentation!
- Default tenant is vsphere.local
- firstname.lastname@example.org should just be used to manage tenants
- It is OK to use just the default tenant. If you create additional tenants, you can not merge them afterwards.
- SSO is just used by default tenant. Additional tenants uses AD/LDAP/other Directory-Connections.
- Link for tenants:
- default: https://VCAC_Server_FQDN/shell-ui-app
- additional tenent: https://VCAC_Server_FQDN/shell-ui-app/org/tenant_URL
Endpoints are infrastructure components like vCenter, vCO, vCD, physical machines, OpenStack, … vCAC communicates with endpoints by using DEMs and agents.
- vCAC does not talk directly to Hyper-V, SCVMM is needed
- For PoC you can use AWS to show compatibility to 3rd Party products
- check VMware videos for HowTo
- simple to configure
- a AWS test account is for free
- Storage Endpoints: just NetApp (FlexClone technology)
- vSphere Endpoint
- For Address use “/sdk” at the end!
- The entries are not checked at this time. Look at logs to check for errors.
TIPS for endpoints:
- You can perform a Data Collection on endpoints manually. So you don’t have to wait until the data is refresh a the schedule
- Create the endpoints before installing the agents
- You organize credentials for endpoint access