In the last post we deployed the vCloud Automation Center / vRealize Automation appliance, while its mostly a straight forward installation I will likely hold on to the horrors (…okay horror is a storng word) of my first deployment where I could not resolve typos from the OVF wizard - take your time deploying the OVF for a smooth experience. Now its time to configure the appliance before we move on the IaaS installation. If you have not already done so, make sure you can resolve the FQDN of your appliance, if like me you are running the appliance behind the VMware Workstation NAT network you will need to likely add a host file entry or use your lab domain controller as your DNS server - I went with the former.
- Navigate to https://vxprt-vcac01.vxprt.local:5480 (replace with your URL)
- Log in as root and the password you set during the OVF deployment
- You will now be in the appliance VAMI with no services showing, don't work that is expected
- Click on the System tab >> Time Zone; set your time zone appropriately and click Save Settings
- Click on the Admin tab >> Time Settings; change the Time Sync Mode pull down menu to use time server then set the time server to the IP address of your domain controller (or dedicated NTP server) and click Save Settings
- Verify that NTP Status is Enabled: Yes, NTP Started: Yes,
- Click on the vCAC Settings tab; click Resolve Host Name - it should fill in the FQDN of your host, click Save Settings
- Click the SSL tab, from the Chose Action pull down menu select Generate Self Signed Certificate. Fill in the Common Name with the FQDN and other fields as appropriate, here is what mine looks like:
- Click the Replace Certificate button; after a few moments you will see a message that the certificate was successfully replaced
- Click the SSO tab - you will see the SSO status is Not Connected, because we haven't connected it yet :) Enter your vCenter server FQDN with port 7444 appended to the end, for example I am using vxprt-vc01.vxprt.local:7444. Now enter the SSO administrator username which if you've not created any other users in vsphere.local would be email@example.com and the password. Of course for production deployments I'd make an additional user account specific for this; sso_bind_vcac or similar. Once everything is entered, click Save Settings. When prompted click OK to accept the certificate.
- Don't panic here, this part takes a few minutes to complete...tick tock tick tock...
And here we are - SSO configuration updated successfully
Errors are likely time sync related, which is why NTP is so important. Make sure your configured your hosts to sync to your domain controller, and that the offset was such that NTP was actually able to sync. Check the appliance date and time at Admin >> Time Settings to make sure your appliance time is also correct.
Just a few more steps and you’ll be ready to move on to the IaaS components.
- Click on the Licensing tab and enter the license information for vCloud Automation Center / vRealize Automation then click Save Settings (this also takes a while)
- Click on the Database tab, here you could change to point to an external appliance just running database services as suggested in VMware KB 2083563, though give our lab resources, the internal one will be fine
- The messaging and HA tabs are new for 6.1, Grant Orchard has a great video on how easy it is to setup HA for the vCloud Automation Center / vRealize Automation appliance on his blog. It appears you can also use an external RabbitMQ server as well, though curious if others are supported as well - I'll have to dig into that later
And with that, the vCloud Automation Center / vRealize Automation appliance configuration is done! You should now be able to browse https://vxprt-vcac01.vxprt.local and click the vCloud Automation Center / vRealize Automation Console, or go directly to https://vxprt-vcac01.vxprt.local/vcac
Because we are using vSphere SSO, your URL will redirect to the vCenter SSO URL, https://vxprt-vc01.vxprt.local:7444 for example - that is normal and as expected. While we can’t do much here yet without the IaaS components installed, log in as firstname.lastname@example.org to verify all is working. Note it may take some time for all services to fully start.
If you get the dreaded “Login failed. Please contact your System Administrator and report error code xxxxxxxxx.” check the time on your DC, VCSA and vCAC applaince. You can try to force it to sync using sntp –P no –r 192.168.6.5. Another handy article to troubleshoot NTP can be in the VMware KB 1005092.