Adding Custom Resource Actions for vRA 7.x

This post will walk through adding a resource action for vRealize Automation 7.x, mapped to a custom vRO workflow. The steps below assume that the vRO instance has been integrated with vRA.

Log into the vRealize Automation portal as a user with service architect permissions. From the Design tab select XaaS and Resource Actions. Any existing resource actions are listed. Click New.

vra1

Map the resource action to the relevant vRO workflow. In this example I am using a workflow that adds a virtual machine to a backup job. You can use any workflow that has been configured to accept an input parameter from a vRA item. For this particular case we are using the VC:VirtualMachine parameter which passes the virtual machine provisioned by vRA.

vra2

If not already populated select the relevant input mappings. In this case the resource type is IaaS VC Virtual Machine, the input parameter matches up with the parameter configured in the vRO workflow (whatever you have named it, vmObj here), and this maps to the VC:VirtualMachine orchestrator type.

If your vRO parameter does not have a corresponding mapping already in vRA or ready to be imported into vRA then you can create a new / custom resource mapping in the Resource Mappings page.

vra3

Enter a name and description for the resource action. Configure the remaining settings as appropriate, you have the option to set a provisioning or disposal type (leave blank if neither) and have the action always available or only when a certain criteria is met.

If you un-select the hide catalog request information page the user is prompted for a description and reason for requesting the resource action.

vra11

Once you have completed the details page click Next.

vra4

Edit the form to represent how you want the action to be displayed to users. Most of this configuration should be obtained from the vRO workflow so you may not need to make changes here. Click Finish.

vra5

The new resource action is now listed as a draft. To start using the action select it and click Publish.

vra6

Now select the Administration tab and Catalog Management. Open the Actions page, the new resource action we created should now be displayed.

If you want to change the icon of the resource action you can do so by selection the action and clicking Configure. There are a number of useful vRA icons available here, including sample icons for day 2 actions. In my example I am unable to update the icon which seems to be an issue with custom actions created in vRA 7.2; resolved in 7.3 as per this KB article.

vra7

The next step is to assign our custom action to an entitlement. Open the Entitlements page and select the relevant entitlement. Click the Items & Approvals tab, under Entitled Actions click the green plus symbol. Locate the new resource action and select the check box to add it to the entitled actions. Click Ok and Finish.

vra8

To confirm the configuration has worked browse to the Items tab and select Machines. Any virtual machines that have the custom resource action added to the entitlement will show the new action in the drop-down Actions menu.

vra9

When I select the new action I am presented with the action form as per the design canvas we saw earlier. In this example I select the backup job from the drop-down list of jobs that my vRO workflow has pulled from the backup server, and click Submit. The VC:VirtualMachine parameter is then passed through to the next stage of the workflow, which adds machine to the selected backup job.

vra10

VMware vRealize Business for Cloud Install

VMware vRealize Business (vRB) for Cloud was removed from GA back in 2019, with general support expiring 11 April 2022. The functionality included in vRB, fine-grain cost analytics and public cloud cost comparison, is available within vRealize Operations Advanced from v8.2 onwards. You can see how to install vRealize Operations here.

VMware vRealize Business for Cloud provides automated cost analysis and consumption metering; allowing administrators to make workload placement decisions between private and pulic clouds based on cost and available services. Furthermore infrastructure stakeholders have full visibility of virtual machine provisioning costs and are able to accurately manage capital expenditure and operating expenditure. For more information see the vRealize Business product page, you can try vRealize Business for Cloud using the Hands on Labs available here.

This post will walk through the installation of vRealize Business for Cloud 7.3; we’ll be provisioning to a vSphere environment running vRealize Automation 7.3. Each vRealize Business instance scales up to 20,000 virtual machines and 10 vCenter Servers, remote data collectors can be deployed to distributed geographical sites. vRealize Business is deployed in OVA format as a virtual appliance, you should ensure this appliance is backed up appropriately. There is no built in HA or DR functionality within vRealize Business, but you can take advantage of VMware components such as High Availability, Fault Tolerance, or Site Recovery Manager. Logs can be output to a syslog server such as vRealize Log Insight.

vRB_Launchpad

Requirements

  • vRealize Business for Cloud must be deployed to an ESXi host, and can be used to mange vCenter Server, vCloud Director, vCloud Air, vRealize Automation, and vRealize Operations Manager.
  • vRB 7.3 is compatible with vCenter and ESXi versions 5.5 through to 6.5, and vRealize Automation verisons 6.2.4 through to 7.3 (latest versions at the time of writing).
  • For compatibilty with other VMware products see the VMware Product Interoperability Matrix.
  • The vRB appliance requires 8 GB memory, 4 vCPU and 50 GB disk (thick provisioned).
  • If you use any remote data collectors the memory on these appliances can be reduced to 2 GB.
  • vRealize Business for Cloud is licensed as part of the vRealize suite, per CPU, or in packs of 25-OSI.
  • There are 2 available editions; standard and advanced. Features such as public cloud costing require the advanced version, for more information see the feature comparison section of the product page.
  • The web UI can be accessed from IE 10 or later, Chrome 36.x or later, and Firefox 31.x and later.
  • Time synchronization and name resolution should be in place across all VMware components.
  • For a full list of pre-requisites including port requirements see here.

Before beginning review the following VMware links:

Installing vRB

Download the VMware vRealize Business for Cloud 7.3 OVA file here. Log into the vSphere web client and right click the datastore, cluster, or host where you want to deploy the virtual appliance. Select Deploy OVF Template and browse to the location of the OVA file.

  • Enter a name for the virtual appliance and select the deployment location, click Next.
  • Confirm the compute resource and click Next.
  • Review the details of the OVF template and click Next.
  • Accept the end user license agreement and click Next.
  • Select the storage for the virtual appliance, ensure the virtual disk format is set to Thick provision eager zeroed, and click Next.
  • Select the network to attach to the virtual appliance and click Next.
  • Set the Currency, note that at this time the currency cannot be changed after deployment. Ensure Enable Server is checked, select or de-select SSH and the customer experience improvement program based on your own preferences. Configure a Root user password for the virtual appliance and enter the network settings for the virtual appliance in the Networking Properties fields.
  • Click Next and review the summary page. Click Finish to deploy the virtual appliance.

Once the virtual appliance has been deployed and powered on open a web browser to https://vRB:5480, where vRB is the IP address or FQDN of the appliance. Log in with the root account configured during setup.

vRB_Mgmt

Verify the settings under AdministrationTime Settings, and Network. At this stage the appliance is ready to be registered with a cloud solution. In this example I will be using vRealize Automation, for other products or further information see the install guide referenced above. Return to the Registration tab and ensure vRA is selected.

vRB_Register

Enter the host name or IP address of the vRA appliance or load balancer. Enter the name of the vRA default tenant and the default tenant administrator username and password. Select Accept vRealize Automation certificate and click Register.

Accessing vRB

vRealize Business for Cloud can be integrated into vRealize Automation, or you can enable stand-alone access. To access vRB after integrating with vRA log into the vRA portal. First open the Administration tab, select Directory Users and Computers, search for a user or group and assign the relevant business management roles. A user with a business management role has access to the Business Management tab in vRA.

vRB_Roles

Optional: to enable stand-alone access first enable SSH from the Administration tab. Use a client such as Putty to open an SSH connection to the virtual appliance, log in with the root account. Enter cd /usr/ITFM-Cloud/va-tools/bin to change directory, enter sh manage-local-user.sh and select the operation, in this case 5 to enable local authentication.

ssh

If you want to create new local users user option 1 and enter the username and password, when prompted for permissions VCBM_ALL provides administrator access and VCBM_VIEW read-only. You can also log in to the web UI with the root account, although it would be better practice to create a separate account.

Disable SSH from the Administration tab if required. Wait a few minutes for the services to restart and then browse to https://IP/itfm-cloud/login.html, where IP is the IP address of your appliance. If you try to access this URL without enabling stand-alone access you will receive a HTTP Status 401 – Authentication required error message.

vRB Configuration

We will continue with the configuration in the vRA portal, open the Administration tab and click Business Management.

vRB_Connections

Expand License Information, enter a license key and click Save. Expand Manage Private Cloud Connections, configure the required connections. In this example I have added multiple vCenter Server endpoints. Open the Business Management tab, the Launchpad will load.

vRB_Launchpad

Select Expenses, Private Cloud (vSphere) and click Edit Expenses. At this stage you will need the figures associated with hardware, storage, and licensing for the environment. You can also add costs for maintenance, labour, network, facilities, and any other additional costs.

vRB_Expenses_vSphere

Once vRB is populated with the new infrastructure costs utilisation and projected pricing will start to be updated. Consumption showback, what-if analysis, and public cloud comparisons can all be accessed from the navigation menu on the left hand side. For further guidance on getting the most out of vRB see the vRealize Business for Cloud User Guide.

vRB_Operational

Add a User Defined Windows Administrator to a vRA Blueprint

This post will walk through implementing a process allowing a vRA portal user to specify a user account to be added to the local administrators group on a Windows server provisioned by vRA. There are plenty of posts out there, including a kb article, on adding the virtual machine requester (owner) to the administrators group if that is what you need to do. Before beginning I am assuming you have a fully working vRA installation (I’m using v7.2), and Windows templates with the vRealize Automation Guest Agent installed. Some blueprints would also be handy, but you can create those after.

We’ll need a script on the template Windows machine, in this example I’ve created a Scripts sub-folder within the VRMGuestAgent folder, and a new text file which I’ve saved as AdminUser.cmd. The full path therefore is C:\VRMGuestAgent\Scripts\AdminUser.cmd.

Location

Copy and paste the following line into the batch file: Net localgroup administrators /add %1.

Script

Log in to the vRA portal, for example https://*loadbalancer*/vcac/org/*tenant*. Open the Administration tab and select Property Dictionary. We need to provide the user with a field in the virtual machine request process for them to specify an account to be added as a local administrator. Click Property Definitions and New.

  • Enter a name, it is best practice to use the tenant name, a dot, and then the name of the proeprty definition, for example YourTenant.AdminUser.
  • Enter a useful description, this text will be displayed when the user points to the help symbol next to the field we’re adding in the virtual machine request.
  • Change the Data type to String, and select whether you want the field to be mandatory.
  • From the Display as drop-down menu select Textbox. Click Ok to save.

Admin1

Next click Property Groups. If your blueprints are using an existing property group then click the property group.  If you need to create a new property group click New and enter a name. The following lines need adding to the property group that is used, or will be used, by a blueprint.

  • Name:   VirtualMachine.Software0.Name
  • Value:   AdminUser
    • Replace the value with an appropriate name for the property, I have used the same name as the script but it doesn’t have to match up.
  • Name:   VirtualMachine.Software0.ScriptPath
  • Value:   C:\VRMGuestAgent\Scripts\AdminUser.cmd {YourTenant.AdminUser}
    • Replace the value with the location of the script on the template OS and include the squiggly brackets; with the name of the property definition we created earlier inside.
  • Name:   YourTenant.AdminUser
  • Value:
  • Show in Request:   Yes
    • Enter the name of the property definition we created earlier and leave the value blank (this will be entered by the user). Ensure Show in Request is ticked.

If you are already using VirtualMachine.Software0 for something else, such as adding the virtual machine owner to the local administrators group, then you can amend to VirtualMachine.Software1 and so on. When you’re done the entries should look something like this, click Ok.

Properties

If you haven’t yet assigned a property group to your blueprint then click the Design tab and Blueprints. Click the blueprint to edit, select the vSphere_Machine and click the Properties tab, from the Property Groups tab click Add.

CustomProperty

Select the property group we recently created or changed and click Ok. Click Save and Finish. The values in the property group will now be applied to any virtual machines deployed from this blueprint, repeat as required for any other vSphere_Machines or blueprints.

Assuming your blueprint is published and has the necessary entitlements; click the Catalog tab. Locate the catalog item linked to the blueprint and click Request. Select the vSphere_Machine component and you’ll see the new field for the requester to enter the domain\user or user@domain account to be added to the Windows local Administrator group. If you opted to make data input mandatory you’ll see an asterisk next to the new field.

Request