Posts Tagged vCAC Self Service Portal

New- vCloud Automation Center 6.1 Reference Architecture and High Availability Guides

vcacref

Scalability, availability and performance are three attributes that are critical to any IT management solution.  The default configurations for most enterprise software products are designed for rapid initial deployment and not intended to handle the needs of every customer.  In this regard, vCloud Automation Center is no different than other software products. 

These NEW deployment Guides provide you with guidance and best practices required to configure vCloud Automation Center 6.1 to meet your specific scalability and availability needs.

 These documents looks at the components in the standard configuration and documents how the default parameters can be configured and components scaled to meet the needs of configurations with 1,000, 10,000 and 50,000+ machines under management.  In addition high availability considerations are also discussed.  This information is designed to augment information provided in the Install and configuration manual.

Advertisements

, , , , , ,

1 Comment

Prompting the IaaS Portal User To Say “Yes/No” to VM Backup with EMC Avamar during Machine Request

In previous blog posts I have explained how to “intercept” vRealize Automation (previously known as vCAC) IaaS machine provisioning at its different machine provisioning steps to integrate with 3rd party systems (E.G. F5). In this example I would like to show how to prompt the user for input (E.G. Yes/No) in the request form, and then based on the user selection, get vCenter Orchestrator (vCO) to add the provisioned machine to a pre-defined Avamar backup group.

First we need to identify how to integrate with EMC Avamar. In this example we have selected to SSH to the Avamar server and run some MCCLI commands. For example:

1. mccli client add

2. mccli group add-client

3. mccli group remove-client

So the vCO Workflow will look like this:

vco1

In vCO, the first step will be to get the value from the property in vRealize Automation relevant blueprint which is capturing the user input (Yes/No). We use a vCO scriptable task for this which includes the following code:

var clientName = virtualMachineEntity.getProperty(“VirtualMachineName”);
var vmProps = virtualMachineEntity.getLink(vcacHost,”VirtualMachineProperties”);

for each (var prop in vmProps) {
var propertyName = prop.getProperty(“PropertyName”);
var propertyValue = prop.getProperty(“PropertyValue”);
if (propertyName == “avamar”) {
if (propertyValue == “Yes”) {
avamar_input = true; }
}
}

Note: “virtualMachineEntity” is input parameter of type “vCAC:Entity” coming dynamically from vRealize Automation during provisioning. “vcacHost” on the other hand is a vCO attribute we set in advance to point to our vRealize Automation server (previously known as vCAC). “avamar_input” will be defined as a boolean Output Parameter of the first scriptable task since we are going to use its value in the “Decision” object whether or not to perform the backup based on the user selection.

As you can see from the code “avamar” will be the property we are going to use in vRealize Automation blueprint to prompt the user and then based on that selection we can then use a vCO “Decision” object to perform the backup action or not.

To make the property selection more presentable we can use vRealize Automation Property dictionary. First let’s add the “avamar” property to the relevant blueprint and make sure that “Prompt User” is set to “Yes”:

vco2

Then create a Property dictionary with the same name (“avamar”) of type “DropDownList” and make sure that “Required” is set to “Yes”:

vco3

Make sure you click on “Edit” and type the value you want the user to choose from (Yes/No):

vco4

Now back to your vCO workflow, here is a table of the Attributes one needs to set before running the workflow:

Name Type Value Description
vcacHost vCAC:VCACHost Insert you vCAC Server here Your vCAC Server
hostNameOrIP String Hostname or IP address of the SSH host Hostname or IP address of the SSH host
username String SSH Root User SSH Root User
password SecureString Root User Password Root User Password
path Path /etc/vco/app-server/vco_key Path to private key (most probably /etc/vco/app-server/vco_key)
avamarGroup String Insert your group name/td> backupGroup on Avamar system
vcDomain String Insert your VC FQDN vCenter Server FQDN
virtualDC String Insert the Virtual DC the VM is deployed in Virtual DC the VM is deployed in
vmFolder String Insert the VC Folder the VM resides in< VC Folder the VM resides in

Now we need to associate these 2 workflows with a vCAC external Stub. More information about vCAC external stubs and how they can be associated with vCO workflows and triggered at runtime can be found here in Chris Alleaume’s excellent blog: Chris’s Blog

Make sure you associate your “a Add Client to Avamar” workflow with MachineProvisioned stub and  “Remove Client from Avamar Group” workflow with MachineDisposing stub as described in Chris’s blog.

Job Done.

We are now ready to request a machine. Note how the user is given a choice for the backup (Yes/No) at request time:

vco5

Then in VCO based on the user selection we should see the backup taking place or not:

vco6

For your convenience the two vCO workflows mentioned above can be downloaded from here:

http://tinyurl.com/lhp6dsc

, , , , , ,

Leave a comment

Add/remove vCAC IaaS VMs to/from DNS

Add/remove vCAC IaaS VMs to/from DNS server use-case:

A use case which is often required and which I finally found the time to wrap together and do it without the need for any Powershell connection.

How? Well I took Christophe Decanini great “Guest Script Manager” package from this Communities post. More specifically the run dnscmd.exe example from this link but then repackaged it so that it now works when called from vCAC external Stubs MachineProvisioned and MachineDisposing. The only object these two workflows take as input parameter is vCAC:Entity, which comes dynamically from IaaS and nothing else. All other required attributes are pre-set in the workflow and so need to be edited and filled with the relevant information when ported from one environment to the next.

The dnscmd command needs to run on a Windows VM which resides in a vCenter Server which is both connected to vCO via the vCenter plugin (so can be pointed at as VC:VirtualMachine) and that has dnscmd.exe installed.

Here is a screenshot of the Attributes one needs to set before running the workflow:

dns

And here they are in the table below:

Name Type Value Description
vcacHost vCAC:VCACHost Insert you vCAC Server here Your vCAC Server
vm VC:VirtualMachine Insert Windows VM with dnscmd installed Windows VM with dnscmd installed
vmUsername String Insert DNS admin username DNS admin username
vmPassword SecureString Insert DNS admin password DNS admin password
dnsServerFqdn String Insert your DNS Server FQDN DNS Server FQDN
zoneNameFqdn String Insert your domain Domain Name
recordType String A Example: A
createPtr Boolean Set Yes or No Optional PTR Yes or No

Now we need to associate these 2 workflows with a vCAC external Stub. More information about vCAC external stubs and how they can be associated with vCO workflows and triggered at runtime can be found here in Chris Alleaume’s excellent blog: Chris’s Blog

Make sure you associate your “add to DNS…” workflow with MachineProvisioned stub and  “Delete record from DNS…” workflow with MachineDisposing stub as described in Chris’s blog.

Job Done.

For your convenience the two vCO workflows mentioned above can be downloaded from here:

http://tinyurl.com/o3xymhp

Note: if you are facing an issue with UAC on 2012 and getting and error that it is unable to access file c:\Windows\system32\cmdANSI.exe (Workflow: Copy file from vCO to guest / Scriptable task (item1)#11), know that disabling UAC from the control panel might not be enough as you may also need to modify the registry and reboot as described here: http://social.technet.microsoft.com/wiki/contents/articles/13953.windows-server-2012-deactivating-uac.aspx

Thanks!

Yuval T

, , , , ,

13 Comments

Part 2 – Integrating vCAC with F5 BIG-IP LTM- Day Two Operations

In Part 1 of this blog series we have looked at an IaaS use-case where as part of the user requesting a machine from the vCAC Self Service Portal or disposing it the machine is dynamically added to an F5 Pool or removed from it. See here: Part 1 

In Part 2 we are going to explore the 2nd identified use-case which is all around machines day two activities- So the machine is already deployed and running but maybe now we need to add or remove it from an F5 Pool for example.

This use-case will be achieved using the new Advanced Service Designer (ASD) which is a new capability in vCAC 6.*

Requirements:

BIG-IP LTM 11.* and above.
vCAC 6.0 or 6.0.1
vCO 5.1 and above (I am using the embedded vCO 5.5.1 which is part of vCAC 6.0.1)
F5 vCO plugin version 2. I got it from here: https://devcentral.f5.com/d/f5-management-plug-in-for-vmware-vcenter-orchestrator-v200?download=true but best thing is to send an email vco@f5.com and they will supply you with the latest version, free of charge as far as I know.

Steps:

1. If not already installed then go ahead and install the F5 vCO plugin as explaind here: Install F5 vCO Plugin

2. Next you need to run the Attach LTM workflow in vCO if you haven’t done so already. Have a look for Part 1 of this blog series for some tips around that.

3. Build a vCO workflow to add VM to an F5 Pool. This workflow will be different than the one we have created in Part 1 of this blog series because Advanced Service Designer (ASD) is expecting a VC:VirtualMachine object as input parameter otherwise you will not be able to associate the Resource Action we intend to create with a VM day 2 operation. (As a side note I will say that I intend to write a separate blog post in the future to explain the differences between the types of input parameters vCO can receive from vCAC or vCenter and what are the benefit and use cases to use each type and more importantly when to use it.)

The workflow will look identical to the one we have used in Part 1 of this blog series only difference is that the the 1st scriptable task will use the VC:VirtualMachine inout parameter to get the IP of the VM we need to add as member to the F5 Pool. The (very simple 1 line) script will look like this:

ip = vCenterVm.guest.ipAddress;

Where vCenterVm is mapped to VC:VirtualMachine input parameter. Two other input parameters are required here: memberPort and PortName but they will be prompting the user at request time.

4. Build a vCO workflow to remove a member from an F5 Pool. In contrast to the workflow we have created in Part 1 of this blog series, this one will not delete Virtual Server or the Pool but simply remove the specific member from the Pool. This is because the Pool may still include other members so we don’t want to delete it just remove a specific member.

The workflow will look like this:

asd remove

Note: Two input parameters in this one. PoolName will come from vCAC ASD so the user who initiates the action will be prompted for the Pool Name. The 2nd input param VC:VirtualMachine will come dynamically from vCAC ASD.

5. Log into vCAC tenant where you wish to add this functionality (https://vCAC_FQDN/shell-ui-app/org/your_tenant_name)

6. Providing you have a user with the appropriate permission go to Advanced Services tab>Resource Actions and click on the “+” sign.

7.  Select your vCO workflow and pay attention to the input parameters the workflow expects. Note how VC:VirtualMachine is defined as input parameter as well as memberPort and PoolName, last two will be prompting the user for input:

ASD2

8. Set Resource Type to be IaaS VC VirtualMachine (OOTB parameter) and Input Parameter as the one you have mapped to VC:VirtualMachine in your vCO workflow previously (in my case I have called it vCenterVm):

asd3

9. Next name the action.

10. Now (optionally) edit the form to the make the PoolName field a Drop-down or a list with some pre-defined values (E.G. web, app etc..)

asd4

11. Leave memberPort as a Decimal Field but set the default value to the constant “80” to make it easier for the requester:

constant

12. Publish the action:

publish

13. (Optional but nice touch) Go to Administration>Catalog Management>Actions and configure your action to have a nice F5 icon:

icon

14. Go to Administration>Catalog Management>Entitlements and entitle your newly created action:

entitle

15. Now do the exact same thing for the “Remove Member from F5 Pool…” workflow.

You are basically done. So now look at the “Items” tab in vCAC for your already requested and running VM’s, you will notice they now have some new options for the user to take:

result

If the user selects to add the VM to an F5 Pool the form will look like this:

this

Job Done.

For your convenience the two vCO workflows mentioned above can be downloaded from here:

http://tinyurl.com/q8z6mhr

Thanks!

Yuval T

, , , ,

Leave a comment

Part 1 – Integrating vCAC with F5 BIG-IP LTM- IaaS Use Case

VMware vCloud Automation Center (vCAC) can be easily integrated with 3rd party solutions to cater for various use cases. I was recently involved in a project where there was a need to integrate with F5.
There are maybe 3 integration points where F5 touches vCAC:
1. As part of IaaS – so as part of the user requesting a machine from the vCAC Self Service Portal or disposing it, then that machine is dynamically added to an F5 Pool or removed from it.
2. As part of a day two activity- the machine is already deployed and running but maybe now we need to add or remove it from an F5 Pool.
3. “F5 as a Service” or “LB as a Service”- so now we don’t talk about machines anymore. We now want to offer in the Self-Service Portal different items like for example “Create Pool”, “Create Virtual Server” etc…

Use-Case 1 will be achieved and covered by the IaaS capabilities of vCAC.
Use-Cases 2 and 3 will be achieved using the new Advanced Service Designer (ASD) which is a new capability in vCAC 6.*

This 3-part blog series will cover all 3 integration points staring with the first one: IaaS.

Requirements:

BIG-IP LTM 11.* and above.
vCAC 6.0 or 6.0.1
vCO 5.1 and above (I am using the embedded vCO 5.5.1 which is part of vCAC 6.0.1)
F5 vCO plugin version 2. I got it from here: https://devcentral.f5.com/d/f5-management-plug-in-for-vmware-vcenter-orchestrator-v200?download=true but best thing is to send an email vco@f5.com and they will supply you with the latest version, free of charge as far as I know.

Steps:

1. Install the F5 vCO plugin as explain here: https://devcentral.f5.com/articles/automating-application-delivery-with-big-ip-and-vmware-vcenter-orchestrator#.Uy2G-q1_sRE

2. Next you need to run the Attach LTM workflow in vCO. Most likely the Attach LTM workflow will appear to work OK, but when you try to run other workflows afterwards it says your device is disconnected. This is caused by an SSL certificate issue. Ensure your self-signed cert on the BIG-IP matches the name with which you are connecting to it, and also import that certificate into vCO using the vCO configuration user interface (https://your_vco_ip:8283) and restart vCO server.

When you run the “Attach LTM” workflow make sure the “use Rest API” is set to “no” as it is still in Early-Access mode so better use Soap (see below):

attach

3. Build a vCO workflow to add VM to an F5 Pool. My workflow looks like this:

w1

First scriptable task step will be to get the IP from the VM vCAC is dynamically provisioning. Next scriptable task step will be to find if the Pool name we have set as custom property at the blueprint level in vCAC exist or if we need to create it. If it exists then we just add the VM IP to the existing F5 Pool. If not then we create the Pool, then generate a random IP (192.168.110.*) to assign to the F5 Virtual Server (this customer didn’t have an IPAM solution but if they did then this is where I would call out to an IPAM system like Infoblox for example to get an IP), create the F5 Virtual Server, add an icmp monitor to the pool and then eventually add the VM IP as a pool member.

Input parameters will look like this:

1

Note: the two input parameters memberPort and PoolName will come from vCAC IaaS blueprint so needs to be defined at the blueprint level. the 3rd parameter vCAC:Entity will come dynamically from vCAC IaaS.

4. Build a vCO workflow to delete the Virtual Server, remove all VM’s from an F5 Pool and then delete the pool. My workflow looks like this:

w2

First scriptable task step will be to get all Pools from LTM then find the specific Pool we are after. Next scriptable task step will delete the Virtual Server, then remove all IP members from the Pool and finally delete the Pool itself.

You can alternatively write a workflow that doesn’t delete the Virtual Server or the Pool but just remove the specific member from the Pool. In fact I will show that use case in part 2 of this blog series.

5. Now we need to associate these 2 workflows with a vCAC external Stub. More information about vCAC external stubs and how they can be associated with vCO workflows and triggered at runtime can be found here in Chris Alleaume’s excellent blog: http://www.virtualnebula.com/blog/2014/1/24/running-vco-workflows-from-vcac-during-the-provisioning-of-a-virtual-machine

Make sure you associate your “add member to pool…” workflow with MachineProvisioned stub and your “remove member from pool…” workflow with MachineDisposing stub as described in Chris’s blog.

Make sure that these 3 properties are populated with values in your blueprint:

ExternalWFStubs.MachineProvisioned.memberPort >> for example ’80’

ExternalWFStubs.MachineProvisioned.PoolName >> for example ‘Web’

That’s it you are ready to rock!

You can request machines from the vCAC Self Service Portal and it will be automatically added to the F5 Pool of your choice and removed from it when the machine is disposed.

Here is how it will look like in LTM if the process has been successful (Pool is created and monitored and includes 1 member):

f5

For your convenience the two vCO workflows mentioned above can be downloaded from here:

http://tinyurl.com/mjzjf9m

Thanks!

Yuval T

, , , , , ,

Leave a comment