Tag Archives: vRealize

VMware vRealize Business for Cloud Install

VMware vRealize Business for Cloud provides automated cost analysis and consumption metering; allowing administrators to make workload placement decisions between private and pulic clouds based on cost and available services. Furthermore infrastructure stakeholders have full visibility of virtual machine provisioning costs and are able to accurately manage capital expenditure and operating expenditure. For more information see the vRealize Business product page, you can try vRealize Business for Cloud using the Hands on Labs available here.

This post will walk through the installation of vRealize Business for Cloud 7.3; we’ll be provisioning to a vSphere environment running vRealize Automation 7.3. Each vRealize Business instance scales up to 20,000 virtual machines and 10 vCenter Servers, remote data collectors can be deployed to distributed geographical sites. vRealize Business is deployed in OVA format as a virtual appliance, you should ensure this appliance is backed up appropriately. There is no built in HA or DR functionality within vRealize Business, but you can take advantage of VMware components such as High Availability, Fault Tolerance, or Site Recovery Manager. Logs can be output to a syslog server such as vRealize Log Insight.

vRB_Launchpad

Requirements

  • vRealize Business for Cloud must be deployed to an ESXi host, and can be used to mange vCenter Server, vCloud Director, vCloud Air, vRealize Automation, and vRealize Operations Manager.
  • vRB 7.3 is compatible with vCenter and ESXi versions 5.5 through to 6.5, and vRealize Automation verisons 6.2.4 through to 7.3 (latest versions at the time of writing).
  • For compatibilty with other VMware products see the VMware Product Interoperability Matrix.
  • The vRB appliance requires 8 GB memory, 4 vCPU and 50 GB disk (thick provisioned).
  • If you use any remote data collectors the memory on these appliances can be reduced to 2 GB.
  • vRealize Business for Cloud is licensed as part of the vRealize suite, per CPU, or in packs of 25-OSI.
  • There are 2 available editions; standard and advanced. Features such as public cloud costing require the advanced version, for more information see the feature comparison section of the product page.
  • The web UI can be accessed from IE 10 or later, Chrome 36.x or later, and Firefox 31.x and later.
  • Time synchronization and name resolution should be in place across all VMware components.
  • For a full list of pre-requisites including port requirements see here.

Before beginning review the following VMware links:

Installing vRB

Download the VMware vRealize Business for Cloud 7.3 OVA file here. Log into the vSphere web client and right click the datastore, cluster, or host where you want to deploy the virtual appliance. Select Deploy OVF Template and browse to the location of the OVA file.

  • Enter a name for the virtual appliance and select the deployment location, click Next.
  • Confirm the compute resource and click Next.
  • Review the details of the OVF template and click Next.
  • Accept the end user license agreement and click Next.
  • Select the storage for the virtual appliance, ensure the virtual disk format is set to Thick provision eager zeroed, and click Next.
  • Select the network to attach to the virtual appliance and click Next.
  • Set the Currency, note that at this time the currency cannot be changed after deployment. Ensure Enable Server is checked, select or de-select SSH and the customer experience improvement program based on your own preferences. Configure a Root user password for the virtual appliance and enter the network settings for the virtual appliance in the Networking Properties fields.
  • Click Next and review the summary page. Click Finish to deploy the virtual appliance.

Once the virtual appliance has been deployed and powered on open a web browser to https://vRB:5480, where vRB is the IP address or FQDN of the appliance. Log in with the root account configured during setup.

vRB_Mgmt

Verify the settings under AdministrationTime Settings, and Network. At this stage the appliance is ready to be registered with a cloud solution. In this example I will be using vRealize Automation, for other products or further information see the install guide referenced above. Return to the Registration tab and ensure vRA is selected.

vRB_Register

Enter the host name or IP address of the vRA appliance or load balancer. Enter the name of the vRA default tenant and the default tenant administrator username and password. Select Accept vRealize Automation certificate and click Register.

Accessing vRB

vRealize Business for Cloud can be integrated into vRealize Automation, or you can enable stand-alone access. To access vRB after integrating with vRA log into the vRA portal. First open the Administration tab, select Directory Users and Computers, search for a user or group and assign the relevant business management roles. A user with a business management role has access to the Business Management tab in vRA.

vRB_Roles

Optional: to enable stand-alone access first enable SSH from the Administration tab. Use a client such as Putty to open an SSH connection to the virtual appliance, log in with the root account. Enter cd /usr/ITFM-Cloud/va-tools/bin to change directory, enter sh manage-local-user.sh and select the operation, in this case 5 to enable local authentication.

ssh

If you want to create new local users user option 1 and enter the username and password, when prompted for permissions VCBM_ALL provides administrator access and VCBM_VIEW read-only. You can also log in to the web UI with the root account, although it would be better practice to create a separate account.

Disable SSH from the Administration tab if required. Wait a few minutes for the services to restart and then browse to https://IP/itfm-cloud/login.html, where IP is the IP address of your appliance. If you try to access this URL without enabling stand-alone access you will receive a HTTP Status 401 – Authentication required error message.

vRB Configuration

We will continue with the configuration in the vRA portal, open the Administration tab and click Business Management.

vRB_Connections

Expand License Information, enter a license key and click Save. Expand Manage Private Cloud Connections, configure the required connections. In this example I have added multiple vCenter Server endpoints. Open the Business Management tab, the Launchpad will load.

vRB_Launchpad

Select Expenses, Private Cloud (vSphere) and click Edit Expenses. At this stage you will need the figures associated with hardware, storage, and licensing for the environment. You can also add costs for maintenance, labour, network, facilities, and any other additional costs.

vRB_Expenses_vSphere

Once vRB is populated with the new infrastructure costs utilisation and projected pricing will start to be updated. Consumption showback, what-if analysis, and public cloud comparisons can all be accessed from the navigation menu on the left hand side. For further guidance on getting the most out of vRB see the vRealize Business for Cloud User Guide.

vRB_Operational

Add a User Defined Windows Administrator to a vRA Blueprint

This post will walk through implementing a process allowing a vRA portal user to specify a user account to be added to the local administrators group on a Windows server provisioned by vRA. There are plenty of posts out there, including a kb article, on adding the virtual machine requester (owner) to the administrators group if that is what you need to do. Before beginning I am assuming you have a fully working vRA installation (I’m using v7.2), and Windows templates with the vRealize Automation Guest Agent installed. Some blueprints would also be handy, but you can create those after.

We’ll need a script on the template Windows machine, in this example I’ve created a Scripts sub-folder within the VRMGuestAgent folder, and a new text file which I’ve saved as AdminUser.cmd. The full path therefore is C:\VRMGuestAgent\Scripts\AdminUser.cmd.

Location

Copy and paste the following line into the batch file: Net localgroup administrators /add %1.

Script

Log in to the vRA portal, for example https://*loadbalancer*/vcac/org/*tenant*. Open the Administration tab and select Property Dictionary. We need to provide the user with a field in the virtual machine request process for them to specify an account to be added as a local administrator. Click Property Definitions and New.

  • Enter a name, it is best practice to use the tenant name, a dot, and then the name of the proeprty definition, for example YourTenant.AdminUser.
  • Enter a useful description, this text will be displayed when the user points to the help symbol next to the field we’re adding in the virtual machine request.
  • Change the Data type to String, and select whether you want the field to be mandatory.
  • From the Display as drop-down menu select Textbox. Click Ok to save.

Admin1

Next click Property Groups. If your blueprints are using an existing property group then click the property group.  If you need to create a new property group click New and enter a name. The following lines need adding to the property group that is used, or will be used, by a blueprint.

  • Name:   VirtualMachine.Software0.Name
  • Value:   AdminUser
    • Replace the value with an appropriate name for the property, I have used the same name as the script but it doesn’t have to match up.
  • Name:   VirtualMachine.Software0.ScriptPath
  • Value:   C:\VRMGuestAgent\Scripts\AdminUser.cmd {YourTenant.AdminUser}
    • Replace the value with the location of the script on the template OS and include the squiggly brackets; with the name of the property definition we created earlier inside.
  • Name:   YourTenant.AdminUser
  • Value:
  • Show in Request:   Yes
    • Enter the name of the property definition we created earlier and leave the value blank (this will be entered by the user). Ensure Show in Request is ticked.

If you are already using VirtualMachine.Software0 for something else, such as adding the virtual machine owner to the local administrators group, then you can amend to VirtualMachine.Software1 and so on. When you’re done the entries should look something like this, click Ok.

Properties

If you haven’t yet assigned a property group to your blueprint then click the Design tab and Blueprints. Click the blueprint to edit, select the vSphere_Machine and click the Properties tab, from the Property Groups tab click Add.

CustomProperty

Select the property group we recently created or changed and click Ok. Click Save and Finish. The values in the property group will now be applied to any virtual machines deployed from this blueprint, repeat as required for any other vSphere_Machines or blueprints.

Assuming your blueprint is published and has the necessary entitlements; click the Catalog tab. Locate the catalog item linked to the blueprint and click Request. Select the vSphere_Machine component and you’ll see the new field for the requester to enter the domain\user or user@domain account to be added to the Windows local Administrator group. If you opted to make data input mandatory you’ll see an asterisk next to the new field.

Request

VMware vRealize Network Insight Overview

This post will walk through the installation and configuration of VMware vRealize Network Insight (vRNI). The latest version is currently v3.5.0, you can see what’s new in v3.5.0 in this VMware blog post. Network Insight integrates with NSX to deliver intelligent operations for software defined networking. The key features and use cases of vRNI include 360 degree visibility and end-to-end troubleshooting across converged infrastructure and physical and virtual networks, performance optimization and topology mapping, physical switch vendor integration, advanced monitoring to ensure health and availability of NSX, rich traffic analytics, change tracking, planning and monitoring of micro-segmentation, and best practice compliance checking. The VMware graphic below shows where vRNI sits in the Software Defined Data Center.

vrni1

Resources

Requirements

  • At least v5.5 of vCenter Server is required, Network Insight versions 3.3.0 and above support vCenter Server 6.5 and 6.5 U1.
    • HTTPS connectivity to vCenter is required to fetch virtual environment information.
  • Distributed switches must be vDS v5.5 or above. The configuration of NetFlow is a requirement but this can be done automatically when adding vCenter as a data source.
  • The screenshot below shows the compatible versions of NSX with Network Insight v3.3.0 through to v3.5.0. For the latest version of NSX (v6.3.3) Network Insight v3.5.0 is needed.
    • HTTPS connectivity to NSX Manager, SSH connectivity to NSX Controller(s), and SSH or Central CLI connectiity to NSX Edge(s) is also required.

NSX_NetworkInsight

Installation

The installation consists of deploying the vRealize Network Insight Platform OVA; preconfigured with 8 vCPU, 32 GB RAM, and 750 GB HDD. Plus the vRealize Network Insight Proxy OVA; preconfigured with 4 vCPU, 10 GB RAM, and 150 GB HDD. Disks can be thin provisioned. A memory and CPU reservation at 50% of the specifications listed is recommended for production environments. The deployment can also be automated using PowerCLI, covered in this blog post by William Lam.

  • Using the download links referenced above, download the vRealize Network Insight – Platform OVA file and the vRealize Network Insight – Proxy OVA file.
  • Manually add DNS entries for the host names and planned IP addresses of the appliances.
  • In the vSphere web client right click the datacenter, cluster, or host to deploy the appliance to, and select Deploy OVF Template. Browse to the downloaded platform OVA file.
  • Follow the standard OVF deployment wizard, selecting the compute, storage, and network configuration to use. Ensure DNS and time settings are configured.
  • Before clicking Finish select Power on after deployment.

When the appliance has deployed navigate to the IP address or FQDN in a web browser. Enter your license key and click Validate, then Activate. On the setup proxy virtual appliance page click Generate to generate a shared secret. Copy the shared secret, you will need this for the proxy deployment, leave the web browser open.

  • In the vSphere web client right click the datacenter, cluster, or host to deploy the appliance to, and select Deploy OVF Template. Browse to the downloaded proxy OVA file.
  • Follow the standard OVF deployment wizard, selecting the compute, storage, and network configuration to use. Ensure DNS and time settings are configured.
  • During the template customization, in the Shared Secret for vRealize Network Insight Proxy field, enter the shared secret generated earlier.
  • Before clicking Finish select Power on after deployment.

Go back to the web browser, after the proxy appliance has powered on it will automatically detect the platform appliance. When this happens the web page will show a proxy detected message, click Finish, you are redirected to the login page. If the deployed proxy is not detected within 5 minutes follow the validation steps outlined in the FAQ document referenced above.

login

Configuration

Log into Network Insight using the default username admin@local and default password password. Select the settings icon in the far right hand corner and click Settings. The Install and Support tab lists the health of the appliances, additional nodes can also be added here.

Settings1

The password of the logged in user, in this case admin@local, can be changed under My Profile.

Click Data Sources and Add new source. This is where we will add the data sources for Network Insight to monitor, first we’ll add vCenter so select VMware vCenter from the drop-down Source Type list.

Settings2

Enter the vCenter IP address or FQDN and credentials with distributed switch and dvPort group modify permissions, click Validate. Enter a friendly name and click Submit to add the data source. In the vSphere client tasks pane you will see NetFlow being configured on the distributed switches. Repeat the process to add the NSX Manager; selecting VMware NSX Manager from the drop-down Source Type list and entering the NSX Manager credentials. You can add multiple vCenter Servers and NSX Managers.

If applicable add any converged infrastructure and physical networking hardware, accounts with read access are required. Once a data source is added information will start trickling in within a few minutes, however the first full data collection can take up to 2 hours. You should also wait at least 24 hours before generating reports.

Examples

When logged in to the web UI, the home page displays a dashboard of problems and events you should be aware of, as well as quick links to plan, operate, and troubleshoot the environment. Return to the home page at any time by clicking the VM icon in the top left hand corner.

Home

Move the mouse cursor over the left hand navigation pane to expand the menu. Navigate through the different options to view path topologies, port and network metrics, and events.

VMPathsHostVLANs

Nearly all components can be selected for deep dive views or path mappings. We can analyse services and flows and troubleshoot problems from within the same interface.

NSXNSXGroupsPlan

Events and Entities allow us to drill down more, when viewing an event, problem, or change click the alarm bell symbol to create a notification for that item. You can also use the search bar which auto-prompts as you type, visible in the screenshot below. Save a search term using the pin icon, saved searches can be accessed in the left hand navigation window at any time. For further use cases consult the user guides referenced above.

Search