It’s been awhile since I have posted anything but I figured the new version of vCAC, 5.2, going GA was worthy of a post. As you all know, I have been knee-deep in implementing vCAC at my current employer and this new release is very exciting to me. There are several new features added, the ones I am most excited about are the Enhanced vCloud Director Integration and added support for vCNS. In the previous version of vCAC, 5.1, there was very limited support for vCD. You could clone vApps but there was no built-in functionality to customize VMs that were a part of the vApp during provisioning. The work around for this was, you could add vCenter Orchestrator instance as an Endpoint and call workflows to accomplish the customizations. In, 5.2, the concept of “vApp component blueprints”, is added. These allow you to customize the VMs within a vApp. This is a very welcome feature in my opinion. As far as vCNS goes a vCNS Manager can now be added as an Endpoint. This allows vCAC to discover network resources and now that the network resources are there they can tied to blueprints. Pay-as-You-Go- Allocation model and support for KVM were also added.
Ok, now that I have rambled on about the new features on to the meat of the post. I am going to cover the migration vCAC 4.5/5.1 to 5.2. Only these releases are supported in migrating to 5.2 so the first step is to verify your version. This can be done by browsing to the vCAC web portal at https://FQDN/DCAC . Once their click on the “About” in the upper right hand corner.
Next, make sure you have all the appropriate trusted SSL certs created and imported. vCAC uses SSL/443 for a lot of the communications between all the components by default. If you’re migrating, it’s almost a given you already have these in place, but if not you should. It uses IIS and there really isn’t anything special, but if you need some direction on this refer to the “vCloud Automation Center Installation Guide” SSL Configuration section for more details. You also need to make sure that there are no active machine provisioning /operations and that all data collections are completed.
Next you need to document the info on all the DEMs, Agents, and Endpoints. This is done because during the migration, all these components will need to be uninstalled. To gather info on your DEMs, from the web portal, click on vCAC Administrator==>Distributed Execution Status.
You will presented with a screen that lists all the DEMs. Document their Name, Host Name/Machine, Role, and Skills (if any).
Next document the agents. To do this RDP into the vCAC server and navigate to the agent installation location. This is usually %SystemDrive%\Program Files (x86)\DynamicOps\DCAC Agents. For each of the directory note the name. Then open a command prompt, navigate to the agent’s directory, and issue the following command: DynamicOps.Vrm.VRMencrypt.exe VRMAgent.exe.config get. Document the value of managmentEndPointName. Do this for all the agents listed in the directory.
Next record all service account user credentials. While on the Windows box go to Start -> Run -> Services.msc . Find the following services and notate the service account that is being used.
- Each VMware vCloud Automation Center Agent – agentname service (DynamicOps Cloud Automation Center Agent if upgrading from DCAC 4.5)
- Each VMware DEM-role – instancename service (DynamicOps Cloud Automation Center DEM if upgrading from DCAC 4.5)
- The VMware vCloud Automation Center service (DynamicOps Cloud Automation Center if upgrading from DCAC 4.5) — Manager Service host only
- Repeat these steps for any other host on which agents or DEMs may be installed.
You will need to also record the service accounts that are being used for the Application Pools in IIS. To do this go to Start–>Run–>inetmgr.exe. Click on the IIS Server name à then Application pools.
Off to the right hand side you will see Application Pools with an Identity associated with them. Document the Identity.
In my opinion, if you documented your install you should already have the info but it can’t hurt to verify. In my demo environment I have all the components on one box, if this were production these would be separated. For more info one were how to separate the services in a production environment reference the following doc: vCloud Automation Center Reference Architecture
If you used any customization via the vCAC extensibility toolkits, they will need to be uninstalled. For more details on this refer to the vCloud Automation Center Extensibility Guide.
Once all of the above is completed, RDP to the vCAC server and stop all the services. Again, in my demo environment I have all the components on one box, but in production you they would be separated. You should be able to look back at the info on the DEMs and see where they are installed and stop the services on those boxes.
Next it is suggested that you back up the following customization related files.
Application configuration files, including:
- ManagerService.exe.config, located in %SystemDrive%\Program Files (x86)\Dynami- cOps\DCAC Server
- DynamicOps.DEM.exe.config, located in %SystemDrive%\Program Files (x86)\Dynam- icOps\Distributed Execution Manager\instance_name
- VRMAgent.exe.config, located in %SystemDrive%\Program Files (x86)\Dynami- cOps\Agents\instance_name
Email templates located in %SystemDrive%\Program Files (x86)\DynamicOps\DCAC Server\Templates
Workflow configuration XML files located in %SystemDrive%\Program Files (x86)\Dynami- cOps\DCAC Server\ExternalWorkflow\xmldb
I just created a folder on another disk and copied them over. VMware also suggests that you take a backup or snapshot (if it’s virtual) of all the vCAC component hosts. In my case everything was on one host so I snapshotted the VM. They also recommend you backup the DB and AzMan store. To be honest with you at this point I was getting pretty concerned as they add you backing up so many things. Didn’t give me too much confidence in the migration to 5.2.
Ok, finally now on to actually updating vCAC to 5.2. The first part is to update the database. This is done through running DBUpgrade.exe. To get info on the arguments and switches that can be used with it, run it without any.
Since I was local to the box that had the DB on it and logged in with the vCAC service account I ran the following:
As you can see above, the first time I attempted to run the DBupgrade while specifying the I got an error message stating that:
There is no upgrade script to execute from release 22.214.171.124 to release 126.96.36.1999
There is no upgrade script that has its starting version matches the installed database version 188.8.131.52
So next I tried did a change directory to the location that DBUpgrade is located and ran the same command without any issue:
DBUpgrade.exe must look in the current directory for the script and not the path that is specified to run it.
Uninstall the following components DEMs, Agents, vCAC Designer, vCAC Self Service Portal, and WinPEBuilder. Make sure not to uninstall the Manger Service, this will cause you to have to do a fresh install of vCAC. So basically everything but the Manager Service and the default portal. Obviously this is done through Start à Control Panel à Programs and Features. In my demo environment I had DEMS, a vCenter Agent, the Self Service portal, and designer.
Next order of business is to make sure you install .Net 4.5 because it is required. Once this is complete its best to good ahead and install the vCAC Prerequisite Checker, its part of the vCAC 5.2 installation zip and is in the tools folder. Truth is that if you’re doing a migration you must likely have everything you need installed, but when I first installed the product I missed some pieces. Can’t hurt to do a sanity check before proceeding. Once you have installed it, open it up. In my test environment I have all the components on one server, if there were production you would install the vCAC Prerequisite Checker on all servers. As you see you have the ability to scan based on the installed components. Once you have selected all the needed components click Run Checker.
Next you will run the vCAC-Server-Setup.exe install from the vCAC 5.2 installation zip, its in the Setups folder. Make sure all the options but the Database are selected. Since the install detects a pervious install this should be the default.
Click Next, Install, and then Finish.
The vCAC Configuration Wizard will auto launch.
Next you will be prompted for license keys. Add the required keys and click next.
Then you will be prompted for the DB instance and DB name. If the currently logged in user has the appropriate permissions to DB then leave the box checked to use the currently logged in user. If not uncheck the box and provide a user with the appropriate permissions.
Then click next. Next you will be asked to provide a Security Passphrase.
Click Next. You will next have you will be presented with a screen to verify your IIS settings. You can click the Test Binding to verify that the port is available. You should already have a certificate set. Click Next.
You will then be prompted to provide the username and password that you documented previously that is being used for IIS Application Pools.
The next screen will be already populated and will have authorization store selected, Click Next.
The Model Manager Service configuration screen will already populated verify the settings and click next.
The Manager Service Screen will be already populated. Verify the settings and click next. If this were a failover host you would select the Disaster Recovery cold standby node.
The vCAC Web Configuration screen will already be populated, verify your settings and click next,
On the Ready to Configure screen, click Configure. Then click next and finish.
Once you are done with the configuration wizard, you need to run vcacMigrationCleanUp.exe. The executable is part of the install zip. It’s located in Installation\Database\DBUpgrade\vcacMigrationCleanUp. You need edit the configuration file before you run it. Edit the following 2 lines:
<add name=”DB” connectionString=”Integrated Security=SSPI;Data Source=localhost;Initial Catalog=DCAC”/>
<add key=”repositoryAddress” value=”https://localhost/repository/”/>
Change local host to the FQDN of the Model Manager host. For Data Source use the SQL instance, and for Initial Catalog us the DB name. Next run vcacMigrationCleanUp.exe à Select Migration Clean Up–>vSphere Agent. Click Yes, Yes, and then OK. Exit the migration clean up tool.
Next it’s time to reinstall the DEMs. I am going to start with the DEM Orchestrator. First launch the vcac-Dem-Setup.exe and click next. Accept the End user agreement and click next. On the DEM instance Configuration screen, from the documentation you gathered, provide the DEM Instance Name, DEM Description and select Orchestrator Role.
On the Custom Setup screen take the defaults and click next.
On the Manager Service and Model Manager Web Service Host configuration screen provide the FQDN for the Model Manager Service, Model Manager Web Services, Model Manager Username/password, and click next.
Next provide a username and a password for the DEM service.
Repeat the above steps form and DEM Workers you might have. In a production environment their could be several. Obviously select the Worker Role. Next you will reinstall the agents, in my case this was a vSphere Agent. Launch the vCAC-Agent-Setup.exe which is part of the vCAC installation zip in the Setups folder and click next.
Accept the End-User Agreement:
Next you will need to look back in your documentation and provide the Agent Name, FDN for the vCAC Server:port, and Model Manager Web Service Host:port.
Next you will be prompted to select the agent type. As you can see people there are quite a few. In my case I selected the vSphere Agent.
Again look back at your documentation and provide the service account info for the vSphere Agent.
Next provide the Model Manager Username and password. You should have documented this before the upgrade.
You should have documented the name of your vSphere Endpoint, provide that in the screen below. Endpoints provide the credentials for the agents so this is pretty important.
If you have any other agents that need to be reinstalled go through the process again, select the appropriate agent type, provider the agent name, credentials, and endpoint.
If you were using the Self Service portal which is part of the extensibility pack, it’s time to reinstall it. Download and extract the install bundle. Then run the vCAC-SelfService-Setup.exe and click next
Accept the License Agreement.
If you’re installing in the default location click next. If not change the location.
Click Finish and the vCAC Software Configuration wizard will launch. Click Next.
You will then be asked to provide the DB instance and DB Name. Then click next.
The configuration will detect your setting, click next.
On the screen below you need to provide credentials for a service account, the Model Manager FQDN:port, and credentials for the Model Manager.
Click Configure. Then click next.
If you uninstalled vCAC Designer or have a need for it run the installer. It is also a part of the vCAC 5.2 extensibility pack. It’s a pretty basic install wizard and I am not going to go through all the details here. You will need the Model Manager Web Service FQDN:port, username, and password. vCAC Designer is only needed if you are modifying or creating workflows.
VMworld: My session VCM5114 How the University of New Mexico Improved Service Delivery Times Using vCloud Automation Center0
Wow, its been a awesome few weeks for me. I was selected as a vExpert 2013, I did my first vBrownBag on vCloud Automation Center, and late last week I found out my session on how the University of New Mexico is using vCAC got selected. All of this has been quite humbling to me, I am just a guy who loves technology and wants to share the cool ways we are leveraging vCAC at my current employer. I have to admit I am pretty excited to have the opportunity to speak at VMworld this year. Below are the session details:
Session ID: VCM5114
Session Title: How the University of New Mexico Improved Service Delivery Times
Using vCloud Automation Center
Track: Virtualization and Cloud Management
Presenting at: US
“The University of New Mexico’s Central IT department is tasked with providing services to a very large diverse community. UNMs Central IT department, like many organizations, has been tasked with providing more services while IT budgets are shrinking. In response to this Central IT started reviewing its services and processes to see where it could improve. One of the services that Central IT provides is hosted VMs on its central infrastructure. While reviewing the service they found that there over 100 manual processes needed to take place and 6 Groups were involved in spinning up a VM for a customer. This meant that even though they had cut server provisioning times by moving to virtualization from physical machines it was still taking an average of 2 – 3 weeks to deliver a VM to customer. Central IT started looking to find ways to enable the automation of VM provisioning for its clients and settled on the vCloud Enterprise Suite from VMware. With the solution they have been able to reduce VM provisioning from weeks to hours. They also been able to empower there users to provision VMs themselves through a user friendly interface. This allows customers to get VMs in a timely manner so they can focus on their organizations goals.”
Hello again everyone and sorry that the posts are coming far and between. Been deep in the trenches at work getting lots of details ironed out at work around our self-service/IaaS initiative. That along with studying pretty heavily for the vCAP-DCD, which I am giving a go at real soon have been pretty consuming. So is the life of an IT geek, but that is what I love about my job, working with new technologies, digging into the details, and spreading the word about them to others. Ok, enough ranting for now and on to the details. In this post I am following up on an earlier post I had on vCAC Endpoints. In vCAC there are two things that need to be configured in order to scan and pull in the info from your vCenter . One, Endpoints that basically hold the credential /connection info and the proxy agents that use the Endpoints information to scan the vCenter . Below is a step by step on how to deploy and configure a vCenter Agent in vCAC. A vCAC server can have multiple vCenter agents associated with it and there are serveral other types of Proxy Agents that can be used for other purposes.
Download and run the DCAC-Agent-Setup.exe from the server that will be the proxy agent. In many cases this can and will be the vCloud Automation Center
Click install on the following screen and then next
I also wanted to cover an interesting error I ran into while deploying the agent. I understand that’s it’s probably because I tried to do something out of the norm, but it would be great if the error where a little more informative. On the following screen you are asked to provide the FQDN with port for the vCloud Automation Center and Model Manager Web Service. In the lab environment these roles where the same server and I created a CNAME for this the server in DNS. When I attempted to use the CNAME I got a very generic error.
On the following screen I provided a username/password for the vCloud Automation Center Agent service and clicked next.
Then I provided a username/password that had access to the model manager service and clicked next.
As you can see I got an access denied error relating to the Model Manager Web Service. I believe this stems from the fact that it is looking for the actual machines FQDN that was used during the install of the service. I just doesn’t like the CNAME.
One thing to note is in my lab I am installing the proxy agent on the box also, so if I used “localhost:80” or the FQDN that of where these services are run from i.e. FQDN.unm.edu:80. When I used either of these it worked just fine. You will notice in the lab environment I am using HTTP:80 and in production this would be done over HTTPS:443. Input this info along with and agent name then click next.
You will then be asked to provide name for a “vSphere Generic Endpoint”. In here you can enter the name you would like for the endpoint. I would like to note that this endpoint could have been pre-configured via the vCloud Automation Center and if it was you would want to provide the name you used for the Endpoint when you created it.
Click next and then install.
Click finish. Now when you look in services on you will see a service for the agent you created.
If you already have your Proxy Agent assigned to an Endpoint you do the following to make the Compute Resources from the vCenter available. The cool thing here is as you’re doing this you can bring existing machines in and assign them to provisioning groups.
Browse to https://vCACPortalURL/dcac and click on Discovery off the menu to the left.
You will then be presented with the “Infrastructure Organizer” wizard, click next.
There will be new compute resources listed that represent the available clusters within your vCenter. Select the ones that you would like to use with vCloud Automation Center and click next.
Click on the edit icon(a pencil) and assign any additional Enterprise Groups or a Cost Profile to the Compute Resource. Click the green check mark when you and done and then next.
Assign any existing VMs to a Provisioning Group by clicking on the edit icon(a pencil) and selecting the appropriate group. Click the green check mark when you are done, click next, finish, and then ok.
As I have pointed out before vCAC allows you to pool resources, both private and public, into a central location for your users to consume. The product obviously also gives you the ability to choose who has access to what resources and what they can consume. Today, I would like to talk about how to add Endpoints in vCAC.
So what is an Endpoint? In vCAC Endpoints are connections into management components that have sets of resources you want to make available for management or consumption by end users. They could be a vCenter, UCS Manager, Dell iDracs, HP iLO, Hyper-V (SCVMM), vCloud, vCO, etc. For example, a vCenter Endpoint would collect data from vCenter about its Host Clusters. With A vCloud Endpoint it would collect data on its ORG vDCs. Now that you know what an Endpoint is in vCAC on to how to configure one. I want to note that most Endpoint are assoicated with a Proxy Agent that actually collects the data. The Endpoint is more of a object that has the associated credentials to connect to the resource.
Browse to the URL of the vCAC server normally in the format of https://FQD/dcac. This will present you with the welcome screen like below.
Please not that when using vCAC with IEs default settings it does a Single Sign On. So make sure that you are logged in with a user that is a vCAC admin, run IE as another user, or reconfigure IE.
Next browse to vCAC Administrator and then Endpoints on the menu bar:
In the top right corner select New Point and the type of Endpoint. In this example I am going to add a vCenter.
You will then be present with the following screen. You will need the IP Address or DNS name for the Endpoint and credentials for it.
You will need to provide a Name for the Endpoint, the Address and then click in the Credentials field. This will bring up a screen that lists all the credentials for Endpoints that vCAC is aware of.
If the credentials needed are already available select them and click ok, if not click on New Credentials. Let’s assume we need new credentials. When you click on New Credentials you are asked to provide a Name, Description, Username, and Password.
When finished entering in your new credentials click the green check mark and then ok. You will notice a section below Credentials called Customer Properties. I am not going to get into the details around their use in this post because I am not really sure of a good case for using them with Endpoints. But I will go more detail around Custom Properties in a future posts related to Blueprints and Build Profiles. Click the OK button at the bottom of the New Endpoint Screen.
Now that the Endpoint has been added vCAC will launch a Data Collection. This will allow vCAC to gather information about the Host Cluster within the vCenter and the associated Compute resources. To view the Compute Resources, mouse over the arrow to the right of the Endpoint name and select View Compute Resources.
You will then be taken to a screen that shows all the Compute Resources available from that Endpoint, along with information as to how much compute is available from each.
You have now created an Endpoint in vCAC and have resources available to apply Reservations and Reservation Policies too. I will cover these in future posts.
i want to note that there is a vSphere Endpoint that is installed on the seperate box that acutally gathers the info and populates its in vCAC. I will follow up with another post on how to install these agents and add them to vCAC.
In my current role I have been spending a great deal of my time working on automating VM provisioning and IaaS. I think most organizations are facing the same issue that we are. Virtualization has enabled IT to be able to provide a virtual machine fairly quickly but all the internal business processes around the creating of a VM take it from being a 20 minute process to something that takes weeks. The solution to this is to automate as many of the those business process as you can. Honestly this is easier said then done, and the approach I am taking is automate what we currently do and then start adding in new functinality. Ultimately it boils down to the fact that we want to be able to provide a better service for our customers and make the turn around much quicker. The solution we selected to address this was the vCloud Enterprise Suite, which includes a new VMware product know as vCloud Automation Center or vCAC formally know as Dynamic Ops Cloud Autmation Center. The product allows you to broker services/resources to your end users from local resources i.e. vSphere/vCloud and public resources i.e. AWS, vCloud Public offerings via a central portal. The product has its own built in orchestration engine and also has the ablility to to leverage vCenter Orchestrator. The user interface makes provsioning of services fairly seamless for end users and your end users dont’t have to worry about the technology. All they have to worry about are what are the requirements and whats its going to cost them. I have to admit that I was a bit disappointed in the out of the box intergration with vCloud in the first version of the product under VMWare. I been told that this will improve in furture versions and looking forward to seeing this piece evolve. In the coming weeks I will be posting several more in-depth posts around the product. If your interested in anything in particular let me know and I will see what I can come up with around the subject.