VMware vCenter Orchestrator - 4.1, vCenter Orchestrator - 4.1.2 User Manual
vCenter Orchestrator Installation and
Configuration Guide
vCenter Orchestrator 4.1
This document supports the version of each product listed and
supports all subsequent versions until the document is replaced
by a new edition. To check for more recent editions of this
document, see http://www.vmware.com/support/pubs.
EN-000321-02
vCenter Orchestrator Installation and Configuration Guide
You can find the most up-to-date technical documentation on the VMware Web site at:
http://www.vmware.com/support/
The VMware Web site also provides the latest product updates.
If you have comments about this documentation, submit your feedback to:
docfeedback@vmware.com
Copyright © 2008–2010 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and
intellectual property laws. VMware products are covered by one or more patents listed at
http://www.vmware.com/go/patents.
VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks
and names mentioned herein may be trademarks of their respective companies.
VMware, Inc.
3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com
2 VMware, Inc.
Contents
Updated Information 5
About This Book 7
Introduction to VMware vCenter Orchestrator 9
1
Key Features of the Orchestrator Platform 9
Orchestrator User Roles and Related Tasks 10
Orchestrator Architecture 11
Deprecated Features in Orchestrator 4.1 12
Orchestrator System Requirements 13
2
Hardware Requirements for Orchestrator 13
Operating Systems Supported by Orchestrator 13
Supported Directory Services 13
Browsers Supported by Orchestrator 14
Orchestrator Database Requirements 14
Level of Internationalization (i18n) Support 14
Orchestrator Components Setup Guidelines 17
3
Orchestrator Configuration Maximums 17
vCenter Server Setup 17
Directory Services Setup 18
Orchestrator Database Setup 18
Installing and Upgrading Orchestrator 19
4
Install vCenter Server and Orchestrator 19
Install Orchestrator Standalone 21
Install the Orchestrator Client on a 32-Bit Machine 23
VMware, Inc.
Upgrading to Orchestrator 4.1 and Migrating the Orchestrator Data 25
5
Upgrading an Orchestrator Instance Running on a 32-Bit Machine 25
Back Up the Orchestrator Configuration Data 26
Back Up Modified and Custom Orchestrator Elements 27
Install Orchestrator with vCenter Server on a 64-Bit Machine and Import the Configuration
Data 27
Upgrading an Orchestrator Instance Running on a 64-Bit Machine 29
Uninstall Orchestrator 31
6
Configuring Orchestrator 33
7
Start the Orchestrator Configuration Service 34
3
vCenter Orchestrator Installation and Configuration Guide
Log In to the Orchestrator Configuration Interface 34
Change the Default Password 35
Revert to the Default Password for Orchestrator Configuration 35
Configure the Network Connection 36
Orchestrator Network Ports 36
Change the Default Configuration Ports on the Orchestrator Client Side 38
Import the vCenter Server SSL Certificate 39
Configuring LDAP Settings 39
Generate the LDAP Connection URL 40
Import the LDAP Server SSL Certificate 41
Specify the Browsing Credentials 42
Define the LDAP User and Group Lookup Paths 42
Define the LDAP Search Options 44
Common Active Directory LDAP Errors 44
Password Encryption and Hashing Mechanism 45
Configure the Database Connection 45
Database Connection Parameters 46
Identify the SQL Server Authentication Type 46
Configure SQL Server Express to Use with Orchestrator 47
Server Certificate 47
Import a Server Certificate 48
Create a Self-Signed Server Certificate 48
Obtain a Server Certificate Signed by a Certificate Authority 49
Export a Server Certificate 49
Change a Self-Signed Server Certificate 50
Configure the Default Plug-Ins 50
Define the Default SMTP Connection 51
Configure the SSH Plug-In 52
Configure the vCenter Server Plug-In 52
Remove a Plug-In 53
Access Rights to Orchestrator Server 54
Import the vCenter Server License 54
Start the Orchestrator Server 55
Activate the Service Watchdog Utility 56
Unwanted Server Restarts 56
Export the Orchestrator Configuration 57
Orchestrator Configuration Files 57
Import the Orchestrator Configuration 58
Configure the Maximum Number of Events and Runs 59
Install an Application 59
Import the Plug-In Licenses 60
Change the Web View SSL Certificate 60
Define the Server Log Level 61
Where to Go From Here 63
8
Index 65
4 VMware, Inc.
Updated Information
The vCenter Orchestrator Installation and Configuration Guide is updated with each release of the product or when
necessary.
This table provides the update history of the vCenter Orchestrator Installation and Configuration Guide.
Revision Description
EN-000321-03
EN-000321-02
EN-000321-01
EN-000321-00 Initial release of Orchestrator 4.1.
n
Removed the information related to the experimental support of OpenLDAP, PostgreSQL and MySQL.
n
Updated the instructions in “Generate the LDAP Connection URL,” on page 40.
n
Updated the instructions in “Specify the Browsing Credentials,” on page 42.
n
Updated the instructions in “Define the LDAP User and Group Lookup Paths,” on page 42.
n
Updated Step 5 in “Configure the Database Connection,” on page 45.
n
Updated the instructions in “Configure SQL Server Express to Use with Orchestrator,” on page 47.
n
Updated Step 4 in “Import the Plug-In Licenses,” on page 60.
n
Minor revisions
n
Added reference to VMware Product Interoperability Matrix in “vCenter Server Setup,” on page 17.
n
Updated Step 1 in “Log In to the Orchestrator Configuration Interface,” on page 34.
n
Updated prerequisites and note in “Configure the Database Connection,” on page 45.
n
Updated the instructions in “Configure the Maximum Number of Events and Runs,” on page 59.
n
Added instructions about using Microsoft SQL Express with Orchestrator in “Configure SQL Server
Express to Use with Orchestrator,” on page 47.
n
Removed Web views from “Deprecated Features in Orchestrator 4.1,” on page 12.
n
Added information about log level ALL in “Define the Server Log Level,” on page 61.
n
Removed cross-references before tables and figures.
VMware, Inc. 5
vCenter Orchestrator Installation and Configuration Guide
6 VMware, Inc.
About This Book
The VMware vCenter Orchestrator Installation and Configuration Guide provides information and instructions
about installing, upgrading and configuring VMware® vCenter Orchestrator.
Intended Audience
This book is intended for advanced vCenter administrators and experienced system administrators who are
familiar with virtual machine technology and datacenter operations.
VMWare Technical Publications Glossary
VMware Technical Publications provides a glossary of terms that might be unfamiliar to you. For definitions
of terms as they are used in VMware technical documentation, go to http://www.vmware.com/support/pubs.
Document Feedback
VMware welcomes your suggestions for improving our documentation. If you have comments, send your
feedback to docfeedback@vmware.com.
Technical Support and Education Resources
The following technical support resources are available to you. To access the current version of this book and
other books, go to http://www.vmware.com/support/pubs.
Online and Telephone
Support
Support Offerings
VMware Professional
Services
VMware, Inc. 7
To use online support to submit technical support requests, view your product
and contract information, and register your products, go to
http://www.vmware.com/support.
Customers with appropriate support contracts should use telephone support
for the fastest response on priority 1 issues. Go to
http://www.vmware.com/support/phone_support.html.
To find out how VMware support offerings can help meet your business needs,
go to http://www.vmware.com/support/services.
VMware Education Services courses offer extensive hands-on labs, case study
examples, and course materials designed to be used as on-the-job reference
tools. Courses are available onsite, in the classroom, and live online. For onsite
pilot programs and implementation best practices, VMware Consulting
vCenter Orchestrator Installation and Configuration Guide
Services provides offerings to help you assess, plan, build, and manage your
virtual environment. To access information about education classes,
certification programs, and consulting services, go to
http://www.vmware.com/services.
8 VMware, Inc.
Introduction to VMware vCenter
Orchestrator 1
VMware vCenter Orchestrator is a development and process-automation platform that provides a library of
extensible workflows to allow you to create and run automated, configurable processes to manage the VMware
vCenter infrastructure as well as other VMware and third-party technologies.
Orchestrator exposes every operation in the vCenter Server API, allowing you to integrate all of these
operations into your automated processes. Orchestrator also allows you to integrate with other management
and administration solutions through its open plug-in architecture.
This chapter includes the following topics:
n
“Key Features of the Orchestrator Platform,” on page 9
n
“Orchestrator User Roles and Related Tasks,” on page 10
n
“Orchestrator Architecture,” on page 11
n
“Deprecated Features in Orchestrator 4.1,” on page 12
Key Features of the Orchestrator Platform
Orchestrator is composed of three distinct layers: an orchestration platform that provides the common features
required for an orchestration tool, a plug-in architecture to integrate control of subsystems, and a library of
workflows. Orchestrator is an open platform that can be extended with new plug-ins and libraries, and can be
integrated into larger architectures through a SOAP API.
The following list presents the key Orchestrator features.
Persistence
Central management
Check-pointing
Versioning
Production grade external databases are used to store relevant information,
such as processes, workflow states, and configuration information.
Orchestrator provides a central way to manage your processes. The application
server-based platform, with full version history, allows you to have scripts and
process-related primitives in one place. This way, you can avoid scripts without
versioning and proper change control spread on your servers.
Every step of a workflow is saved in the database, which allows you to restart
the server without losing state and context. This feature is especially useful for
long-running processes.
All Orchestrator Platform objects have an associated version history. This
feature allows basic change management when distributing processes to
different project stages or locations.
VMware, Inc. 9
vCenter Orchestrator Installation and Configuration Guide
Scripting engine
Workflow engine
Policy engine
Web 2.0 front end
The Mozilla Rhino JavaScript engine provides a way to create new building
blocks for Orchestrator Platform. The scripting engine is enhanced with basic
version control, variable type checking, name space management and
exception handling. It can be used in the following building blocks:
n
Actions
n
Workflows
n
Policies
The workflow engine allows you to capture business processes. It uses the
following objects to create a step-by-step process automation in workflows:
n
Workflows and actions that Orchestrator provides.
n
Custom building blocks created by the customer
n
Objects that plug-ins add to Orchestrator
Users, other workflows, a schedule, or a policy can start workflows.
The policy engine allows monitoring and event generation to react to changing
conditions in the Orchestrator server or plugged-in technology. Policies can
aggregate events from the platform or any of the plug-ins, which allows you
to handle changing conditions on any of the integrated technologies.
The Web 2.0 front end allows you to integrate Orchestrator functions into Webbased interfaces, using Web views. For example, you can create Web views that
add buttons to start workflows from a page in your company's Intranet. It
provides a library of user customizable components to access vCO orchestrated
objects and uses Ajax technology to dynamically update content without
reloading complete pages.
Security
Orchestrator provides the following advanced security functions:
n
Public Key Infrastructure (PKI) to sign and encrypt content imported and
exported between servers
n
Digital Rights Management (DRM) to control how exported content might
be viewed, edited and redistributed
n
Secure Sockets Layer (SSL) encrypted communications between the
desktop client and the server and HTTPS access to the Web front end.
n
Advanced access rights management to provide control over access to
processes and the objects manipulated by these processes.
Orchestrator User Roles and Related Tasks
vCenter Orchestrator provides different tools and interfaces based on the specific responsibilities of the two
global user roles: Administrators and End Users.
Administrators
This role has full access to all of the Orchestrator platform capabilities. Basic
administrative tasks include the following items:
n
Installing and configuring Orchestrator
n
Managing access rights for Orchestrator and applications
n
Importing and exporting packages
n
Enabling and disabling Web views
10 VMware, Inc.
Orchestrator
database
vCenter
Orchestrator
Client application
vCenter
Server
browser access web service
workflow library
vCenter VI3 WMI XML SSH JDBC SMTP
3rd-party
plug-in
directory
services
workflow engine
Chapter 1 Introduction to VMware vCenter Orchestrator
n
Running workflows and scheduling tasks
n
Managing version control of imported elements
n
Creating new workflows and plug-ins
Developers
This role has full access to all of the Orchestrator platform capabilities.
Developers are granted access to the Orchestrator client interface and have the
following responsibilities:
n
n
n
End Users
Users in this role are granted access to only the Web front end. They can run
and schedule workflows and policies that you make available in a browser by
using Web views.
Orchestrator Architecture
Orchestrator contains a workflow library and workflow engine to allow you to create and run workflows that
automate orchestration processes. You run workflows on the objects of different technologies that Orchestrator
accesses through a series of plug-ins.
Orchestrator provides a standard set of plug-ins, including a plug-in to VMware vCenter Server, to allow you
to orchestrate tasks in the different environments that the plug-ins expose.
Orchestrator also presents an open architecture to allow you to plug in external third-party applications to the
orchestration platform. You can run workflows on the objects of the plugged-in technologies that you define
yourself. Orchestrator connects to a directory services server to manage user accounts, and to a database to
store information from the workflows that it runs. You can access Orchestrator and the workflows and objects
it exposes through the Orchestrator client interface, through a Web browser, or through Web services.
Creating applications to extend the Orchestrator platform functionality
Automating processes by customizing existing workflows and creating
new workflows and plug-ins
Customizing Web front ends for these processes, using Web 2.0
Figure 1-1 shows the architecture of Orchestrator.
Figure 1-1. VMware vCenter Orchestrator Architecture
NOTE The VMware Infrastructure 3 and Microsoft plug-ins are not installed by default.
VMware, Inc. 11
vCenter Orchestrator Installation and Configuration Guide
Deprecated Features in Orchestrator 4.1
The following features are deprecated as of Orchestrator 4.1. Development of these features is not supported
in releases of Orchestrator later than 4.1.
n
Authorizations
n
OGNL expressions in workflow presentations
n
Policies
12 VMware, Inc.
Orchestrator System Requirements 2
Your system must meet the technical requirements that are necessary to install and configure VMware vCenter
Orchestrator.
This chapter includes the following topics:
n
“Hardware Requirements for Orchestrator,” on page 13
n
“Operating Systems Supported by Orchestrator,” on page 13
n
“Supported Directory Services,” on page 13
n
“Browsers Supported by Orchestrator,” on page 14
n
“Orchestrator Database Requirements,” on page 14
n
“Level of Internationalization (i18n) Support,” on page 14
Hardware Requirements for Orchestrator
Verify that your system meets the minimum hardware requirements before you install Orchestrator.
n
2.0GHz or faster Intel or AMD x86 processor. At least two CPUs are recommended. Processor requirements
might differ if your database runs on the same hardware.
n
4GB RAM. You might need more RAM if your database runs on the same hardware.
n
2GB disk space. You might need more storage if your database runs on the same hardware.
n
A free static IP address.
Operating Systems Supported by Orchestrator
For a list of the operating systems supported by Orchestrator, see the VMware vSphere Compatibility Matrixes
guide.
Supported Directory Services
Orchestrator requires a working LDAP server on your infrastructure.
Orchestrator supports these directory service types.
n
Windows Server 2003 Active Directory
n
Windows Server 2008 Active Directory
n
Novell eDirectory Server 8.8.3
n
Sun Java Directory Server Version 6.3
VMware, Inc.
13
vCenter Orchestrator Installation and Configuration Guide
Browsers Supported by Orchestrator
The Orchestrator configuration and Web view interfaces require a Web browser.
You must have one of the following browsers to connect to the Orchestrator configuration interface and Web
views.
n
Microsoft Internet Explorer 7.0
n
Mozilla Firefox 3.0 (build 3.0.6 or later)
n
Mozilla Firefox 3.5
Orchestrator Database Requirements
Orchestrator requires you to have a database that is separate from the standard vCenter database. For small
deployments and proof-of-concept purposes, you can use the SQL Server Express database that is bundled
with vCenter Server.
NOTE Because of CPU and memory use, you should consider hosting the Orchestrator database and the
Orchestrator server on different machines from the same datacenter. Verify that at least 1GB of free disk space
is available on each machine.
For a list of the databases supported by Orchestrator, see the VMware vSphere Compatibility Matrixes guide.
Level of Internationalization (i18n) Support
Orchestrator is compliant with i18n level 1. Although Orchestrator is not localized, it can run on a non-English
operating system and handle non-English text.
Non-ASCII Character Support in Orchestrator
Table 2-1 displays the level of internationalization compliance and limitations in Orchestrator GUI data entries.
Table 2-1. Non-ASCII Character Support
Support for Non-ASCII Characters
Item
Action Yes No No No
Folder Yes Yes - -
Configuration element Yes Yes - No
Package Yes Yes - -
Policy Yes Yes - -
Policy template Yes Yes - -
Resource element Yes Yes - -
Web view Yes Yes - No
Workflow Yes Yes No No
Workflow presentation display group
and input step
Description
Field Name Field
Yes Yes - -
Input and
Output
Parameters Attributes
14 VMware, Inc.
Chapter 2 Orchestrator System Requirements
Non-ASCII Character Support for Oracle Databases
To store characters in the correct format in an Oracle database, set the NLS_CHARACTER_SET parameter to
AL32UTF8 before configuring the database connection and building the table structure for Orchestrator. This
setting is crucial for an internationalized environment.
VMware, Inc. 15
vCenter Orchestrator Installation and Configuration Guide
16 VMware, Inc.
Orchestrator Components Setup
Guidelines 3
To enhance the availability and scalability of your Orchestrator setup, install Orchestrator on a server different
from the server on which vCenter Server runs. Separating Orchestrator from vCenter Server makes it possible
to adjust the operating system to meet the specific recommendations for each service.
This chapter includes the following topics:
n
“Orchestrator Configuration Maximums,” on page 17
n
“vCenter Server Setup,” on page 17
n
“Directory Services Setup,” on page 18
n
“Orchestrator Database Setup,” on page 18
Orchestrator Configuration Maximums
When you configure Orchestrator, verify that you stay at or below the supported maximums.
Table 3-1. Orchestrator Configuration Maximums
Item Maximum
Connected vCenter Server systems 10
Connected ESX/ESXi servers 300
Connected virtual machines spread over vCenter Server systems 15000
Concurrent running workflows 300
vCenter Server Setup
Increasing the number of vCenter Server instances in your Orchestrator setup causes Orchestrator to manage
more sessions. Each active session results in activity on the corresponding vCenter Server, and too many active
sessions can cause Orchestrator to experience timeouts when more than 10 vCenter Server connections occur.
For a list of the supported versions of vCenter Server, see VMware Product Interoperability Matrix.
NOTE You can run multiple vCenter Server instances on different virtual machines in your Orchestrator setup
if your network has sufficient bandwidth and latency. If you are using LAN to improve the communication
between Orchestrator and vCenter Server, a 100Mb line is mandatory.
VMware, Inc.
17
vCenter Orchestrator Installation and Configuration Guide
Directory Services Setup
Orchestrator requires a connection to an LDAP server.
Orchestrator supports the following directory service types: Active Directory, eDirectory, and Sun Java System
Directory Server.
Connect your system to the LDAP server that is physically closest to your Orchestrator server, and avoid
connections to remote LDAP servers. Long response times for LDAP queries can lead to slower performance
of the whole system.
To improve the performance of the LDAP queries, keep the user and group lookup base as narrow as possible.
Limit the users to targeted groups that need access, rather than to whole organizations with many users who
do not need access. Depending on the combination of database and directory service you choose, the resources
you need can vary. For recommendations, see the documentation for your LDAP server.
Orchestrator Database Setup
Orchestrator requires a database to store workflows and actions.
Orchestrator server supports Oracle and Microsoft SQL Server databases. Orchestrator can work with
Microsoft SQL Server Express in small-scale environments consisting of up to 5 hosts and 50 virtual machines.
For details about using SQL Server Express with Orchestrator, see “Configure SQL Server Express to Use with
Orchestrator,” on page 47.
The way in which your database is set up can affect Orchestrator performance. Install the database on a machine
other than the one on which the Orchestrator server is installed. This method avoids the JVM and DB server
having to share CPU, RAM, and I/Os.
Storing your database plug-ins in a database separate from the one that Orchestrator uses results in more
modularity when upgrading the system. A dedicated database instance allows you to perform upgrades and
maintenance without impacting other products.
The location of the database is important because almost every activity on the Orchestrator server triggers
operations on the database. To avoid latency in the database connection, connect to the database server that is
closest to your Orchestrator server and that is on the network with the highest bandwidth.
The size of the Orchestrator database varies depending on the setup and how workflow tokens are handled.
Allow for approximately 50KB per vCenter Server object and 4KB per workflow run.
CAUTION Verify that at least 1GB of free disk space is available on the machine where the Orchestrator database
is installed and on the machine where the Orchestrator server is installed.
Insufficient disk storage space might result in unwanted behavior of the Orchestrator server and client.
18 VMware, Inc.
Installing and Upgrading Orchestrator 4
Orchestrator consists of a server component and a client component. You can install the Orchestrator
components on the machine where vCenter Server is installed or on a separate machine. To improve
performance, install the Orchestrator server component on a separate machine.
You can install the Orchestrator configuration server on 64-bit Windows machines only. The Orchestrator client
can run on both 32-bit and 64-bit Windows machines.
To install Orchestrator, you must be either a local Administrator or a domain user that is a member of the
Administrators group.
This chapter includes the following topics:
n
“Install vCenter Server and Orchestrator,” on page 19
n
“Install Orchestrator Standalone,” on page 21
n
“Install the Orchestrator Client on a 32-Bit Machine,” on page 23
Install vCenter Server and Orchestrator
When you install VMware vCenter Server, Orchestrator is silently installed on your system as an additional
component.
VMware, Inc.
You can install vCenter Server 4.1 only on a 64-bit operating system platform. If you run the installer in a 32bit environment, the installation quits with a message stating that the installation package is not supported by
the processor type.
NOTE To install the vCenter Server on a drive other than C:, verify that the C:\WINDOWS\Installer folder is
large enough to install the Microsoft Windows Installer .msi file. If the folder is not large enough, your
vCenter Server installation might fail.
For a list of required ports, see the ESX and vCenter Server Installation Guide.
Prerequisites
See vCenter Server installation prerequisites in the ESX and vCenter Server Installation Guide.
19
vCenter Orchestrator Installation and Configuration Guide
Procedure
1 Download the vCenter Server installation package from the VMware Web site.
Option Description
Use ISO image
Use ZIP archive
2 Extract the files from the archive and in the C:\
autorun.exe file.
3 When the vCenter Server Installer appears, click vCenter Server.
4 Select a language for the installer and click OK.
5 When the Welcome page appears, click Next.
6 Select I agree to the terms in the license agreement and click Next.
7 Type your user name, organization, and vCenter Server license key, and click Next.
The filename is VMware-VIMSetup-xx-4.
major and minor version, xx is the two-character language code, and yyyy is
the build number.
The filename is VMware-VIMSetup-xx-4.
major and minor version, xx is the two-character language code, and yyyy is
the build number.
install_directory
\ directory, double-click the
a.b-yyyy
a.b-yyyy
.iso, where a and b are
.zip, where a and b are
8 Select the type of database to use.
Option Action
To use the bundled database
To use an existing database
Click Install SQL Server 2005 Express instance (for small-scale
deployments).
This database is suitable for deployments of up to 5 hosts and 50 virtual
machines.
Click Use an existing supported database and select your database from the
list. Type the user name and password for the DSN and click Next.
If your database is a local SQL Server database using Windows NT
authentication, leave the user name and password fields blank.
If you specify a remote SQL Server database that uses Windows NT
authentication, the database user and the logged-in user on the
vCenter Server machine must be the same.
A dialog box might appear, warning you that the DSN points to an older version of a repository that must
be upgraded. If you click Yes, the installer upgrades the database schema, making the database irreversibly
incompatible with previous vCenter versions.
9 Specify the account for the vCenter Service to run in.
n
Click Next to use the SYSTEM account. You cannot use the SYSTEM account if you are using Windows
authentication for SQL Server.
n
Deselect Use SYSTEM Account, accept the default Administrator account name and password, and
click Next.
n
Deselect Use SYSTEM Account and enter a different Administrator account name and password.
10 Either accept the default destination folders or click Change to select another location, and click Next.
The installation path cannot have commas (,) or periods (.).
20 VMware, Inc.
Loading...