vCenter Content Lifecycle Management with vRealize Suite Lifecycle Manager 2.0

Content lifecycle management in vRealize Suite Lifecycle Manager provides a way for release managers and content developers to manage software-defined data center (SDDC) content, including capturing, testing, and release to various environments, and source control capabilities through GitLab integration. Content Developers are not allowed to set Release policy on end-points only Release Managers can set policies.

You can use content lifecycle management to dispense with the time-consuming and error-prone manual processes required to manage software-defined content. Supported content includes entities from

  • vRealize Automation 7.2 and later

  • vRealize Orchestrator 7.x and later

  • VMware vSphere 6.0 and later.

  • vRealize Operations Manager 6.6.1+ and later.

  • Source Control server: All latest versions of Gitlab Community Edition and Enterprise Edition.

Content lifecycle management in vRealize Suite Lifecycle Manager is similar to content lifecycle management with the vRealize Code Stream Management Pack for DevOps where VMware announced its end of availability as of April 12th, 2018KB53222 ), but with the following differences:

  • Content lifecycle management is deployed as part of vRealize Suite Lifecycle Manager on a single appliance. It has a new user interface and is tightly integrated with vRealize Suite Lifecycle Manager core services.

  • vRealize Orchestrator is embedded on the appliance to run only content workflows.

  • Updated vRealize Code Stream Pipeline services.

Our focus in this blog is the vSphere Content Endpoint and the type of content we support which is :

vSphere Content Endpoint

Type

Value

Description

vSphere-CustomSpecification

vSphere vCenter 6.0+

Captures guest operating system settings saved in a specification that you can apply when cloning virtual machines or deploying from templates.

vSphere-Template

vSphere vCenter 6.0 +

Captures template to deploy virtual machines in the vCenter Server inventory.

Using vRSLCM 2.0 we will see how we can capture a vSphere Template ( W2K12R2STD64 ) from the VMware vCenter ( vcs-l-01a ) at the BRAMPTON development Data-Center to both VMware vCenters ( mgmt-vcs-01 & mgmt-vcs-02 ) at the TORONTO and OTTAWA production Data-Centers respectively.

Blog Project 1

Prerequisites

  • A pre-created template ready to be captured at the Brampton vCenter.
  • A Content Library Created and Published at the Brampton vCenter.
  • A Content Library Created by subscribing to the Brampton Content Library for both Toronto and Ottawa vCenters.
  • You have your Data Centers and its associated vCenter Server already setup in vRSLCM 2.0
Blog Project 2

Brampton vCenter

Blog Project 3

Toronto and Ottawa vCenters (Linked Mode)

Once you complete the prerequisites we will setup everything in vRSLCM 2.0

Step 1: Configuring vSphere Template Repository

This template repostory is used to store all vSphere template versions captured in the vCenter Content Library Provided that we created and published. The content library, which we set to ‘published’ in vCenter will be displayed and selected here based on the selected vCenter instance.

A best practice is to have this vCenter instance close to where the templates would typically be captured, and that is the BRAMPTON development vCenter in our scenario and its published Brampton Content Library.

Select Content Management -> Content Settings -> vSphere Template Repository and fill all the required fields.

Blog Project 4

Step 2: Creating the vCenters Content Endpoints

Here we are going to add a content endpoint to an environment to capture, test, deploy, or check-in a content package but before you can do that you should at least have added an environment vCenter endpoint when you first setup vRSLCM.

For example in our VMwareLab we have 3 environment vCenter endpoints added under the Data Centers  -> Mange vCenter Servers. as you can see we have 3 Data Centres ( Toronto, Ottawa and Brampton ) and each of those data centres have there own vCenter managing the vSphere Environment.

Blog Project 5

Blog Project 6

Blog Project 7

Now lets go ahead and create our vCenters Content endpoints.

  • Under Content Management, click Endpoints.
  • Click NEW ENDPOINT.
  • Select vCenter.
  • Enter the information for the vCenter content endpoint.
    1. In the Name text box, enter a unique name for the endpoint.
    2. In the Tags text box, enter tags associated with the endpoint ( Optional )

      Using tags allow you to deploy a content to multiple endpoints at the same time. When you deploy a content, you can select a tag instead of individual content endpoint names, and the content deploys to all endpoints that have that tag. To add multiple tags, press Enter after you enter each tag.

  • In the Server FQDN/IP text box, enter the fully qualified server name, IP address, or host name for the content endpoint server.
  • To access the endpoint, enter the User name and Password.
  • Click Test Connection and click Next.

Blog Project 8

We will be doing these same steps for the 3 vCenter Content Endpoint we are adding but when we hit next we need to set the appropriate polices for the content endpoint we are adding.

So for the BRAMPTON vCenter Content Endpoint (vcs-l-01a) will need to set the policy to Allow the content to be captured from this endpoint the click NEXT to review the summary and SUBMIT

Blog Project 9

As for the TORONTO vCenter Content Endpoint (mgmt-vcs-01) and OTTAWA vCenter Content Endpoint (mgmt-vcs-02), since these are the destination endpoints where the content/Template will be copied to, we will need to set the policy to Mark as Production Endpoint i.e. Release Endpoint and Enable vCenter Template Support to configure where the template is deployed to, in each vCenter Server.

Repeat this when the adding the vCenter Content Endpoint respectively for both TORONTO and OTTAWA vCenter Servers / Data Centres

Blog Project 10

vCenter Server settings can be added to an LCM data center, once vCenter data collection is competed this endpoint is seen when importing from LCM and reduces the time to fill in the form as all the properties have been collected.  use the drop down menus to select your vCenter Settings to determine again where the template will be stored when copied.

Blog Project 11

Once the endpoint is created, it validates if the configuration is correct. It can connect through API and that the configuration of the local subscriber details is setup to point to the publisher as defined in Content Settings/vSphere Template Repository. If there is a problem, then the endpoint is disabled and an error is displayed when you cover of the warning.

We can see now all 3 vCenter Content Endpoints with the appropriate policies where we will be capturing content from BRAMPTON vCenter ( vcs-l-01a ) and releasing to TORONTO vCenter (mgmt-vcs-01) and OTTAWA vCenter (mgmt-vcs-02).

 

Blog Project 12

in our lab we didn’t choose any testing destination but we could have selected one of the destination vCenters as a testing Endpoint where we can test the content before releasing it to production. All we had to do is select the Allow unit tests to be run on this endpoint Policy  under the Policy settings when we added the vCenter Content Endpoint.

Step 3: Adding / Releasing Content in vRSLCM 2.0

Content is a collection of files that contains definitions that represent software defined services.

After you add a content endpoint to one or more environments, you can manage the software-defined content that each environment contains. You can use vRealize Suite Lifecycle Manager to perform the following operations on content:

  • Capture content from an endpoint

  • Deploy to test and run unit tests

  • Check-in content

  • Release content to production

For example, a YAML file for a vRealize Automation blueprint or an XML file for a vRealize Orchestrator workflow. Content is linked together so that when you capture a vRealize Automation blueprint, all dependencies are also displayed in the content catalog, and they can each have their own versions. vRealize Suite Lifecycle Manager displays dependency information within each content version.

We have mentioned in this blog that will be applying the capture and release content operations on the vCenter Template (W2K12R2STD64) so we can copy it from the BRAMPTON Development Data-Center to TORONTO AND OTTAWA Production Data-Centres.

so Lets get started now but Navigating to Content Management -> Content and clicking on ADD CONTENT

Blog Project 13

In the next window we can select which content operation/action we want to select. Lets make sure we select both Capture and Deploy then click PROCEED

Blog Project 14

In the Capture Details Window will fill all the mandatory fields :

  • Select the Capture Endpoint from the drop down menu. this is going to be our BRAMPTON vCenter (vcs-l-01a.vmwarelab.local)
  • Select the Content type as vSphere-Template
  • Select the content Template you need to capture, in our scenario its the W2K12R2STD64
  • Enter a comment as The Template is ready to released to Production vCenters 

Blog Project 15

Click NEXT  to select which endpoints you want to release the content to

  • Select All Endpoints which in our case it will the TORONTO (mgmt-vcs-01) and OTTAWA (mgmt-vcs-02) production vCenters and the order of the release where I made sure the release start with the TORONTO vCenter first.
  • Enter a release comment such as Releasing W2K12R2STD64 to Production vCenters

Blog Project 16

click NEXT and review the Summary. When ready click SUBMIT

Once you submit this form you can take a  look at the Content Pipelines > Executions where you can monitor the progress of the request. Also please note that the request will be queued in the system for processing and may not show immediately.

Blog Project 17

You can click on the Content Pipeline Name or from the ACTIONS menu select View Execution to get more detailed informations like who executed the Content Pipeline and the elapsed Duration so fat or take ACTIONS like canceling or Pausing the  Content Pipeline. You will need to REFRESH the page from time to time to see the progress if  you stay on the Execution Page.

You can also see each of the Capture, Test or Release stages in action and monitor each stage.

Blog Project 18

Step 4: Behind The Scenes

If you are wondering whats happening behind the scenes I made a list of the steps that vRSLCM takes when it executes the Content Pipeline for the Captured vSphere template.

Capture Stage

  1. vRSLCM will Export the selected template as OVF from the BRAMPTON Development vCenter. 
  2. vRSLCM will Create a Library Item in the Brampton Content Library and Upload the Files to the Library item.  This is the same Content library that we configured in vRSLCM as the vSphere Template Repository which is used to store all vSphere template versions captured.

Blog Project 20

Now that the vSphere template is uploaded fully to the vSphere Template Repository if we look back at the Pipeline we see that Capture and Test ( The Fact its not selected ) are completed and we move on to the final stage and that is the Release Stage.

Blog Project 19

Release Stage

  1. vRSLCM will Sync the Toronto Content Library first and Sync the Library template item as W2K12R2STD64-v1 and then deploy the OVF package from the content Library to the Toronto Cluster Resource Pool by transferring the image Virtual Machine Template files to one of the Toronto cluster hosts then marking the Virtual Machine as a Template.
  2. Once completed vRSLCM will repeat the process but this time it will Sync the Ottawa Content Library and deploy the OVF package to the Ottawa Cluster Resource Pool by transferring the image Virtual Machine Template files to one of the Ottawa cluster hosts then marking the Virtual Machine as a Template.

Blog Project 21

if you go back to VRSLCM and look at the Pipeline execution we find it was completed Successfully and managed to do that in 1h 30m considering I don’t have the fastest storage in my Home Lab.

Blog Project 22

now we can always go back to the captured content (vSphere-Template) and Capture newer version of the template or re-deploy a specific version that we captured perviously to existing or newer production vCenters.

Blog Project 23

If you made it this far in the blog, I hope you found it informative and helpful.

Please remember that this is just one type of content were we can manage its content lifecycle, as vRSLCM like we mentioned at the beginning supports different types of content across the vRealize Product Suite.

The End Eh!

vRealize Suite Lifecycle Manager

Deploying and Upgrading vRealize Automation with vRealize Suite LifeCycle Manager 2.0 – Part 1

Wow the title is such a mouthful and so is this blog, so get your popcorn ready and get cosy friends cause we are going to try and capture everything we need to do, so we can use vRSLCM 2.0 to :

  1. Deploy vRA 7.4 and then
  2. Upgrade it to vRA 7.5

Just like that! how awesome is that ? So lets get started Eh!

Lab Overview

Deploying vRA 7.4 will consist of the vRA appliance ( mgmt-vra-02 ) and the IAAS windows machine ( mgmt-iaas-02 ) that will be running the vRA windows services and other important components. these two components does not exist yet.

In the lab we will be running vSphere 6.7 , SQL 2016 and vRSLCM 2.0 that were already configured.

Blog Project

Prerequisites

Please be aware that this what I did in my lab, so some of the items can be done in different ways if available.

  1. DNS A Records for both ( mgmt-vra-02 ) and ( mgmt-iaas-02 )
  2. AD Service account ( administrator@vmwarelab.org )
  3. Downloading the required software from VMware website to an NFS share that you can access from vRSLCM Appliance :
    1. VMware vRealize Automation 7.4.0 OVA file.
    2. VMware vRealize Automation 7.5.0 OVA file.
    3. VMware vRealize Automation 7.5.0 Update Repository.
  4. Microsoft SQL 2016 Server ( mgmt-sql-01 ).
  5. Microsoft Active Directory and DNS ( mgmt-dc-01 ).
  6. vRealize Suite Lifecycle manager 2.0 ( mgmt-lcm-01 ).
  7. vSphere 6.x vCenter ( mgmt-vcs-01 ).
  8. A quite and cosy place to work.

Step 1 : Adding Binaries

We have to add the binaries that we downloaded to the NFS share to vRSLCM. Once you are logged to vRSLCM , Select Settings -> Product Binaries -> ADD BINARIES. In my case my location is based on NFS so select NFS and enter the base location ( Case Sensitive ). Once completed hit DISCOVER to get the product binaries . Will select the product we downloaded and click ADD Selected product binaries are automatically mapped to product versions.

Blog Project1

Once completed you should see them listed under Product Binaries

Blog Project2

Another thing we need to do while we are here is copy a Windows ISO to vRSLCM via WinSCP for example to a folder I created under /data/iso. In may case I already copied Windows 2016 ISO to /data/iso  so in vRSLCM i will select ADD BINARIE again but this time I select Windows ISO and point it to the Base Location where I copied it to then I hit DISCOVER.

Select the ISO image name that are pre-populated after a successful discovery from base location, and fill the rest of the required fields as outlined below and click SUBMIT

One Important Note here is that Windows ISO has to be a Standard Edition for any of the following supported Windows editions :

  • Windows Server 2008 R2
  • Windows Server 2012 and 2012 R2
  • Windows Server 2016

Blog Project16

Once completed again you should see it listed under the ISO Binaries.

Blog Project17

Step 2 : Adding A Subject Alternative Names (SAN) Certificate

We will need to generate a certificate that we will reference later when you select to install vRA 7.4 , so lets go to Settings -> Certificate -> ADD CERTIFICATE and fill it similar to what I did in the figure below, then click GENERATE

Blog Project3

Make sure the certificate is generated successfully and its listed in the certificates table. You can create a certificate for each of the vRealize Suite products Or you can use the same certificate for all products as long you make sure you enter all the HostName/Domain Names in the Domain Name section and there respective IP addresses in the IP Address section of the certificate.

Blog Project4

If you are looking to how to deploy vRSLCM and Creating a SAN ( Subject Alternative Names ) Certificate using your CA Enterprise Server, Check out my colleague Steve Tilkens Blog  Here

Step 3 : Creating an Environment To Install vRealize Automation 7.4

We will be creating an environment in vRSLCM where we will be installing vRA 7.4, assuming you have your Data Center and its associated vCenter Server already setup in vRSLCM.

login to vRSLCM and click on + Create Environment from the left pane. Select your Data Centre and Fill the required fields and click NEXT

Blog Project5

Under Products, Select vRealize Automation by checking the box -> New Install -> 7.4 -> Small Deployment and Click NEXT

Blog Project6

Accept the terms and conditions of the end user agreement to proceed with the installation by scrolling all the way down and checking the box. after that click NEXT

Blog Project7

Enter the vRealize Suite license 2017 since we are deploying vRA 7.4 and click NEXT

Blog Project8

Using the drop down menus select all the applicable Infrastructure associated with the data centre you selected intialy when you created the environment, then click NEXT

Blog Project9

Fill all the network detail and click Next

Blog Project10

Select the Certificate we created in Step 1 for vRealize Automation and click NEXT

Blog Project11

In the Products Details Section and under Product Properties enter the domain accout and password as (Domain\user) of the service account that have administrative rights on the IaaS windows server and can be used across all the IaaS Components and Services.

Select / ADD the NTP servers

Select No to configure Cluster Virtual IPs since this is a minimal install that will be using 1 vRA appliance.

Select Yes to Configure a Windows Box the will run the IaaS Components and services

Blog Project12

Under the Windows Box section since we answer Yes. Select ISO then Select the ISO file Name we uploaded in Step 1.

Select Existing Spec for Customization Specification. I have one that I already created in vCenter Server for Windows 2016 Virtual Machine deployment that will join the provisioned windows machine to the domain.

Blog Project13

Scroll down to configure all the Components that will be running on the Iaas Server

A clarification here for some of the fields . when it says Hostname that is the FQDN of the Machine and when it says VM Name, that is simply the name of the VM in vCenter.

Click NEXT when your done.

Blog Project14

in next section will be doing a PreCheck before we can submit the request. Will start first with VALIDATE & DEPLOY.  You will be presented with Prerequisites for the IaaS Component Deployment Precheck Checks.  Since we are not using a template will simply ignore it for now but will perform the same operation once the VM is deployed. Click VALIDATE & DEPLOY to deploy the IaaS Windows Box.

Blog Project15

That will upload the windows iso image first to the vCenter Content Libraries under the LCM-LOCAL-ISO-LIB which will take some time and you can monitor it in vCenter. Once its done then it will deploy the Windows ISO image as a Virtual Machine.

Blog Project18

vRSLCM will make sure the build is completed and customized with all the required settings like the name of the machine / DNS , IP address and Domain membership, including installing the VMware Tools. All again based on the configuration that was submitted in previous steps. The IaaS machine is configured with 4 CPU, 16 GB and 40 GB Disk.

Blog Project19

Once the vRealize Automation Windows IAAS Deployment Validation in vRSLCM is successful and before I click on RUN PRECHECK . I made sure to login to the IAAS Machine and :

  • Turn off Windows Firewall for Domain, Private and Public Network which was already set.Blog Project20
  • Update the PowerShell execution policy to allow scripts to run by running command line and confirm by entering the letter Y  
  1. Set-ExecutionPolicy Unrestricted                
  • Disable UAC as mentioned in the Prerequisites for the IaaS Component Deployment Precheck Checks using the default Powershell running the following command as an administrator on the IAAS machine
Set-ItemProperty -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System" -Name "EnableLUA" -Value "0"
  • Upgrade the VMware Tools if there is an Upgrade available based on how recent your vSphere environment compared the VMware Tools that was installed (Optional)
  • Allow remote connections for Remote Desktop under Windows System Properties
  • Disable IPv6 on the IAAS Machine
  • Finally I Changed the configuration of the IAAS machine to 8 GB of Memory since this is only a Lab Testing Environment (Optional)

Now we are ready to click on RUN PRECHECK  to execute all the prerequisites needed on the IAAS Machine which we usually automatically fix using the installation Wizard when doing the vRA deployment manually, also this allow us to see if any errors or warnings appears that we need to deal with.

We will be presented again with a Prerequisite check list which we did most of it just make sure you touch on the rest like the SQL Server Privileges and User Rights Assignment. Once your ready to do click on RUN PRECHECK and monitor its progress or you can save and exit and come back later to view the status of PreCheck.

Blog Project23

We need to verify that we don’t have any issues and everything is green across Data, Infrastructure and vRealize Automation Validations, every type of validation have tons of checks that it performs and if there is an issue, you will quickly see the reason behind it and the recommendation on how to fix it.

When fixing any issues or warnings, Keep clicking on RE – RUN PRECHECK until everything is green across the three validation type I mentioned.

Blog Project24

click NEXT 

At the top right corner you have the option to run the Pre check again when you Submit the request, in my case just for the fact that we just ran it there is no reason to run it again cause it will just save us some time, there for I turned it off.

You will also see that your presented with a summary for the all the settings you entered and an option to download it as a json file that you can use anytime if you needed to redeploy the same settings again or modified to deploy additional environment somewhere else.

Blog Project25

One you are ready click SUBMIT and watch the Magic Happens!

Monitor your request as it goes through visually step by step by navigating to Requests and clicking on the Request States IN PROGRESS

Blog Project26

Once its completed successfully, you have a running vRA 7.4 Environment that you can start to configure and use in your organization, also manage and monitor going forward using vRSLCM 2.0.

now that all the steps were successful, we can try hitting the vRA Appliance URL at https://mgmt-vra-02.vmwarelab.org/

Blog Project27

Access the vRealize Automation Console and login with the local user Configurationadmin which has both the Infrastructure and Tenant Admin Roles.

Blog Project28

In the next part of this blog we will look at how easy it is to upgrade the vRA 7.4 instance we just deployed to vRA 7.5 using vRSLCM 2.0

The End of Part 1 Eh!

 

vRealize Automation vRealize Suite Lifecycle Manager