Using the VMware vCenter Orchestrator
Client
vCenter Orchestrator 5.1
This document supports the version of each product listed and
supports all subsequent versions until the document is replaced
by a new edition. To check for more recent editions of this
document, see http://www.vmware.com/support/pubs.
EN-000808-00
Using the VMware vCenter Orchestrator Client
You can find the most up-to-date technical documentation on the VMware Web site at:
http://www.vmware.com/support/
The VMware Web site also provides the latest product updates.
If you have comments about this documentation, submit your feedback to:
docfeedback@vmware.com
Copyright © 2008 – 2012 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and
intellectual property laws. VMware products are covered by one or more patents listed at
http://www.vmware.com/go/patents.
VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks
and names mentioned herein may be trademarks of their respective companies.
VMware, Inc.
3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com
2 VMware, Inc.
Contents
Using the VMware vCenter Orchestrator Client 5
The Orchestrator Client 7
1
Log in to the Orchestrator Client 7
Orchestrator Client Perspectives 8
Orchestrator Views in the Run Perspective 8
Orchestrator Views in the Design Perspective 9
Orchestrator Views in the Administer Perspective 9
User Preferences 10
Access the Orchestrator API Explorer 11
Managing Workflows 13
2
Key Concepts of Workflows 14
Workflow User Permissions 14
Workflow Parameters 14
Workflow Attributes 15
Workflow Schema 15
Workflow Presentation 15
Workflow Tokens 15
Workflow Version History 15
Standard Workflows in the Workflow Library 16
Set User Permissions on a Workflow 16
Run a Workflow 17
Respond to a Request for a User Interaction 18
Scheduling Workflows 19
Schedule a Workflow 19
Edit the Workflow Recurrence Pattern 20
Use Workflow Version History 20
Restore Deleted Workflows 21
Export a Workflow 21
Import a Workflow 21
VMware, Inc.
Managing Policies 23
3
Create a Policy 23
Apply a Policy 24
Using Packages 25
4
Create a Package 25
Set User Permissions on a Package 26
Export a Package 27
Import a Package 28
3
Using the VMware vCenter Orchestrator Client
Get a Remote Package 28
Synchronize a Remote Package 29
Remove a Package 30
Using Authorizations 31
5
Create an Authorization Element 31
Configure an Authorization Element 31
Index 33
4 VMware, Inc.
Using the VMware vCenter Orchestrator Client
Using the VMware vCenter Orchestrator Client provides information and instructions about performing tasks in
the VMware® vCenter Orchestrator client.
Intended Audience
This information is intended for advanced vSphere administrators and experienced system administrators
who are familiar with virtual machine technology and datacenter operations.
VMware, Inc. 5
Using the VMware vCenter Orchestrator Client
6 VMware, Inc.
The Orchestrator Client 1
The Orchestrator client is an easy-to-use desktop application. By using the Orchestrator client you can import
packages, run and schedule workflows, and manage user permissions.
In addition, by using the Orchestrator client you can also develop workflows and actions as well as create
packages and resource elements. For more information, see Developing with VMware vCenter Orchestrator.
This chapter includes the following topics:
n
“Log in to the Orchestrator Client,” on page 7
n
“Orchestrator Client Perspectives,” on page 8
n
“User Preferences,” on page 10
n
“Access the Orchestrator API Explorer,” on page 11
Log in to the Orchestrator Client
To perform general administration tasks or to edit and create workflows, you must log in to the Orchestrator
client interface.
The Orchestrator client interface is designed for developers with administrative rights who want to develop
workflows, actions, and other custom elements.
VMware, Inc.
IMPORTANT Ensure that the clocks of the Orchestrator server machine and the Orchestrator client machine are
synchronized.
Prerequisites
All components of the Orchestrator server must be configured and the Orchestrator server service must be
running.
Procedure
1 Log in as an administrator to the machine on which the Orchestrator client is installed.
2 Click Start > Programs > VMware > vCenter Orchestrator Client.
3 In the Host name field, type the IP address to which Orchestrator server is bound.
To check the IP address, log in to the Orchestrator configuration interface and check the IP settings on the
Network tab.
4 Log in by using the Orchestrator user name and password.
To check the credentials, log in to the Orchestrator configuration interface and check the credentials on
the Authentication tab.
7
Using the VMware vCenter Orchestrator Client
5 In the Security Warning window select an option to handle the certificate warning.
The Orchestrator client communicates with the Orchestrator server by using an SSL certificate. A trusted
CA does not sign the certificate during installation. Because of this, you receive a certificate warning each
time you connect to the Orchestrator server.
Option Description
Ignore
Cancel
Install this certificate and do not
display any security warnings for it
anymore.
You can change the default SSL certificate with a certificate signed by CA. For more information about
changing SSL certificates, see Installing and Configuring VMware vCenter Orchestrator.
The My Orchestrator view appears. This view summarizes the recent activities on the server, shows pending
and running workflows, running policies, scheduled tasks, completed workflows, and elements you recently
edited.
Click Ignore to continue using the current SSL certificate.
The warning message appears again when you reconnect to the same
Orchestrator server, or when you try to synchronize a workflow with a
remote Orchestrator server.
Click Cancel to close the window and stop the login process.
Select this check box and click Ignore to install the certificate and stop
receiving security warnings.
What to do next
You can import a package, start a workflow, or set root access rights on the system.
Orchestrator Client Perspectives
You can access different views in the Orchestrator client by selecting one of three perspectives. Each perspective
offers specific functionality.
You can select a perspective by using the drop-down list on the main menu in the Orchestrator client. The
default view is Run.
Perspective Description
Run You can schedule tasks, manage policies, run workflows, access the inventory, and manage permissions from
the My Orchestrator view. This perspective also gives you an overview of recent activities.
Design You can create and modify workflows and actions. You can also manage resources, configuration elements,
and policy templates.
Administer You can access the inventory and manage authorizations, Web views, and packages.
Orchestrator Views in the Run Perspective
From the Run perspective in the Orchestrator client, you can schedule tasks, manage policies, run workflows,
access the inventory, and manage permissions.
View Description
My Orchestrator Summarizes the most recent activities on the Orchestrator server, such as recently modified elements,
pending and running workflows, running policies, completed workflows, and workflows that are
waiting for user interaction.
You can use the My Orchestrator view to perform common administrative tasks, such as running a
workflow, importing a package, and setting root access rights.
Scheduler Displays a list of all scheduled workflows in the system. The workflows are sorted by name or date,
together with their status.
You can use the Scheduler view to create, edit, suspend, resume, and cancel scheduled workflows.
8 VMware, Inc.
Chapter 1 The Orchestrator Client
View Description
Policies Displays existing policies.
You can use the Policies view to create and apply policies.
Workflows Provides access to the Orchestrator workflow library.
You can use the Workflows view to view information about each workflow, create, edit, and run
workflows, as well as to interact with the workflows.
Inventory Displays the objects of the plug-ins that are enabled in Orchestrator.
You can use the Inventory view to run workflows on an inventory object.
Orchestrator Views in the Design Perspective
From the Design perspective in the Orchestrator client, you can create and modify workflows and actions. You
can also manage resources, configuration elements, and policy templates.
View Description
Workflows Provides access to the Orchestrator workflow library.
You can use the Workflows view to view information about each workflow, create, edit, and run
workflows, as well as to interact with the workflows.
Actions Provides access to the libraries of predefined actions.
You can use the Actions view to duplicate actions, export them to a file, or move them to a different
module in the actions hierarchical list.
Resources Provides access to the list of resource elements.
You can use the Resources view to import external objects such as images, sysprep files, HTML templates,
XML templates, and custom scripts, and use them as resource elements in workflows and Web views.
Configurations Provides access to the available configuration elements.
You can use the Actions view to create configuration elements to define common attributes across an
Orchestrator server.
Packages Displays a list of the available packages and where a selected package is used.
You can use the Packages view to add, import, export, and synchronize packages.
Inventory Displays the objects of the plug-ins that are enabled in Orchestrator.
You can use the Inventory view to run workflows on an inventory object.
Orchestrator Views in the Administer Perspective
From the Administer perspective in the Orchestrator client, you can access the inventory and manage
authorizations, Web views, and packages.
View Description
Inventory Displays the objects of the plug-ins that are enabled in Orchestrator.
You can use the Inventory view to run workflows on an inventory object.
Policy Templates Displays a list of the available master policies.
You can use the Policy Templates view to create policy templates.
Authorizations Displays a list of the available authorization elements.
You can use the Authorizations view to create and edit authorization elements.
Web views Displays a list of the available Web views.
You can use the Web views view to create, publish, and export Web views to a working folder. You
can either modify exported Web views or use them as templates from which to create other Web views.
You can also use Web views to access Orchestrator functions from a Web browser.
Packages Displays a list of the available packages and where a selected package is used.
You can use the Packages view to add, import, export, and synchronize packages.
VMware, Inc. 9
Using the VMware vCenter Orchestrator Client
User Preferences
You can customize the options displayed to users of the Orchestrator client by using the User preferences tool.
Your preferences are saved on the client side in the vmware-vmo.cfg file.
To set preferences, select Tools > User preferences in the Orchestrator client toolbar.
From the User preferences tool you can change the following preferences.
General Preferences
Table 1-1. Orchestrator Client Customization Options
Option Description
Auto-edit new inserted The new elements that you add open in an editor.
Script compilation delay [ms] The frequency of the background task that compiles the scripts and reports
Show decision scripts The option enables you to see the decision script of the implemented
Delete non empty folder permitted The option enables you to delete a folder together with its subfolders and
Size of run logs (number of lines) The maximum number of lines in the system log that Orchestrator displays
Server log fetch limit The maximum number of lines in the server logs that Orchestrator fetches
Finder maximum size The maximum number of results that the searches return when you search
Check usage when deleting an element (slow) Orchestrator checks whether the element you are trying to delete is
Check OGNL expression Orchestrator validates the OGNL expressions in the workflow
errors in edit mode in milliseconds.
decision functions.
contents.
when you select a workflow run in the Orchestrator client and click
Logs on the Schema tab.
The value must be greater than 0.
from the database and displays when you click any of the Events tabs in
the Orchestrator client.
The value must be greater than 0.
for elements such as actions or workflows.
The value must be greater than 0.
referenced by other elements. If the element is used by another workflow,
policy, or action, a warning message appears.
presentations.
NOTE The use of OGNL expressions in workflow presentations is
deprecated as of Orchestrator 4.1. Using OGNL expressions in workflow
presentations is not supported in Orchestrator 4.1 and later.
Workflows Preferences
Table 1-2. Workflow Editor Customization Options
Option Description
Check task/decision IN/OUT parameters Orchestrator checks whether the input and output parameters of an
activity are correctly bound to the corresponding input or output attribute
of the workflow.
Check error in task's scripts Orchestrator validates the script in scriptable task elements.
Check workflow termination Orchestrator checks whether each terminal transition of a workflow with
different possible outcomes is connected to an End Workflow schema
element.
10 VMware, Inc.
Chapter 1 The Orchestrator Client
Table 1-2. Workflow Editor Customization Options (Continued)
Option Description
Check unreachable items Orchestrator checks whether all activities are reachable.
Check unused workflow's
parameters/attributes
Check for unknown types within plug-ins Orchestrator checks whether all parameters and attributes of a workflow
Check for legacy actions scripting calls Orchestrator detects legacy actions calls and displays a warning message.
Use direct lines as workflow diagram links The connector tool uses direct lines to link the workflow schema elements.
Display workflows in a tree view The workflow selector displays a hierarchical tree viewer instead of the
Edit workflow items in a pop-up window Orchestrator opens a pop-up window in which you can edit the workflow
Display grid in the schema editor Orchestrator displays a grid in the schema editor.
Validate a workflow before running it Orchestrator validates each workflow before running it.
Validate a workflow before saving it Orchestrator validates each workflow before saving it.
Increase the workflow version when clicking
save and close
Pop up a workflow user interaction form Orchestrator pops up a workflow user interaction form.
Orchestrator checks whether all parameters and attributes of a workflow
are used.
are of a known type.
default list panel.
items.
Orchestrator increases the workflow version when clicking save and close.
Inventory Preferences
You can select the Use contextual menu in inventory option to display the workflows that are available for
an inventory object. After the option is enabled, when you right-click an object in the Orchestrator inventory,
all workflows applicable to the selected object type are displayed.
Script Editor Preferences
You can customize the scripting engine. For example, you can disable automatic completion of lines, highlight
selected lines and brackets, and change the options for default color code formatting.
Access the Orchestrator API Explorer
Orchestrator provides an API Explorer that you can use to search the Orchestrator API and see the
documentation for JavaScript objects that you can use in scripted elements.
You can consult an online version of the Scripting API for the vCenter Server plug-in on the Orchestrator
documentation home page.
Procedure
1 Log in to the Orchestrator client and select Design or Run from the drop-down menu in the left upper
corner.
2 Select Tools > API Explorer.
The API Explorer appears. You can use it to search all the objects and functions of the Orchestrator API.
What to do next
Use the API Explorer to write scripts for scriptable elements.
VMware, Inc. 11
Using the VMware vCenter Orchestrator Client
12 VMware, Inc.
Managing Workflows 2
A workflow is a series of actions and decisions that you run sequentially. Orchestrator provides a library of
workflows that perform common management tasks according to best practices. Orchestrator also provides
libraries of the individual actions that the workflows perform.
Workflows combine actions, decisions, and results that, when performed in a particular order, complete a
specific task or a specific process in a virtual environment. Workflows perform tasks such as provisioning
virtual machines, backing up, performing regular maintenance, sending emails, performing SSH operations,
managing the physical infrastructure, and other general utility operations. Workflows accept inputs according
to their function. You can create workflows that run according to defined schedules, or that run if certain
anticipated events occur. Information can be provided by you, by other users, by another workflow or action,
or by an external process such as a Web service call from an application. Workflows perform some validation
and filtering of information before they run.
Workflows can call upon other workflows. For example, you can reuse in several different workflows a
workflow that starts a virtual machine.
You create workflows by using the Orchestrator client interface’s integrated development environment (IDE),
that provides access to the workflow library and the ability to run workflows on the workflow engine. The
workflow engine can also take objects from external libraries that you plug in to Orchestrator. This ability
allows you to customize processes or implement functions that third-party applications provide.
VMware, Inc.
This chapter includes the following topics:
n
“Key Concepts of Workflows,” on page 14
n
“Standard Workflows in the Workflow Library,” on page 16
n
“Set User Permissions on a Workflow,” on page 16
n
“Run a Workflow,” on page 17
n
“Respond to a Request for a User Interaction,” on page 18
n
“Scheduling Workflows,” on page 19
n
“Use Workflow Version History,” on page 20
n
“Restore Deleted Workflows,” on page 21
n
“Export a Workflow,” on page 21
n
“Import a Workflow,” on page 21
13
Using the VMware vCenter Orchestrator Client
Key Concepts of Workflows
Workflows consist of a schema, attributes, and parameters. The workflow schema is the main component of a
workflow as it defines all the workflow elements and the logical connections between them. The workflow
attributes and parameters are the variables that workflows use to transfer data. Orchestrator saves a workflow
token every time a workflow runs, recording the details of that specific run of the workflow.
Workflow User Permissions
Orchestrator defines levels of permissions that you can apply to users or groups to allow or deny them access
to workflows.
View
Inspect
Execute
Edit
Admin
The Admin permission includes the View, Inspect, Edit, and Execute permissions. All the permissions require
the View permission.
If you do not set any permissions on a workflow, the workflow inherits the permissions from the folder that
contains it. If you do set permissions on a workflow, those permissions override the permissions of the folder
that contains it, even if the permissions of the folder are more restrictive.
The user can view the elements in the workflow, but cannot view the schema
or scripting.
The user can view the elements in the workflow, including the schema and
scripting.
The user can run the workflow.
The user can edit the workflow.
The user can set permissions on the workflow and has all other permissions.
Workflow Parameters
Workflows receive input parameters and generate output parameters when they run.
Input Parameters
Most workflows require a certain set of input parameters to run. An input parameter is an argument that the
workflow processes when it starts. The user, an application, another workflow, or an action passes input
parameters to a workflow for the workflow to process when it starts.
For example, if a workflow resets a virtual machine, the workflow requires as an input parameter the name of
the virtual machine.
Output Parameters
A workflow's output parameters represent the result from the workflow run. Output parameters can change
when a workflow or a workflow element runs. While workflows run, they can receive the output parameters
of other workflows as input parameters.
For example, if a workflow creates a snapshot of a virtual machine, the output parameter for the workflow is
the resulting snapshot.
14 VMware, Inc.
Chapter 2 Managing Workflows
Workflow Attributes
Workflow elements process data that they receive as input parameters, and set the resulting data as workflow
attributes or output parameters.
Read-only workflow attributes act as global constants for a workflow. Writable attributes act as a workflow’s
global variables.
You can use attributes to transfer data between the elements of a workflow. You can obtain attributes in the
following ways:
n
Define attributes when you create a workflow
n
Set the output parameter of a workflow element as a workflow attribute
n
Inherit attributes from a configuration element
Workflow Schema
A workflow schema is a graphical representation that shows the workflow as a flow diagram of interconnected
workflow elements. The workflow schema is the most important element of a workflow as it determines its
logic.
Workflow Presentation
When users run a workflow, they provide the values for the input parameters of the workflow in the workflow
presentation. When you organize the workflow presentation, consider the type and number of input
parameters of the workflow.
Workflow Tokens
A workflow token represents a workflow that is running or has run.
A workflow is an abstract description of a process that defines a generic sequence of steps and a generic set of
required input parameters. When you run a workflow with a set of real input parameters, you receive an
instance of this abstract workflow that behaves according to the specific input parameters you give it. This
specific instance of a completed or a running workflow is called a workflow token.
Workflow Token Attributes
Workflow token attributes are the specific parameters with which a workflow token runs. The workflow token
attributes are an aggregation of the workflow's global attributes and the specific input and output parameters
with which you run the workflow token.
Workflow Version History
Orchestrator keeps the version history for each workflow, irrespective of whether it is included in the default
workflow library or whether the workflow is newly developed. By keeping the version history in the database,
you can compare different workflow versions and to revert to a previous workflow version.
Orchestrator creates a new version history item for each workflow when you increase and save the workflow
version. Subsequent changes to the workflow do not change the current saved version. The version history is
kept in the database along with the workflow itself.
When you delete a workflow or an action, Orchestrator marks the element as deleted in the database without
deleting the version history of the element from the database. This way, you can restore deleted workflows
and actions.
VMware, Inc. 15
Using the VMware vCenter Orchestrator Client
Standard Workflows in the Workflow Library
Orchestrator provides a standard library of workflows that you can use to automate operations in the virtual
infrastructure. The workflows in the standard library are locked in the read-only state. To customize a standard
workflow, you must create a duplicate of that workflow. Duplicate workflows or custom workflows that you
create are fully editable.
For information about the different access rights that you can have when you work with the Orchestrator server
depending on the type of vCenter Server license, see Installing and Configuring VMware vCenter Orchestrator.
The contents of the workflow library is accessible through the Workflows view in the Orchestrator client. The
standard workflow library provides workflows in the following folders.
JDBC
Locking
Mail
Orchestrator
SQL
SSH
Troubleshooting
vCenter Server
Workflow
documentation
XML
Test the communication between a workflow and a database by using the SQL
plug-in shipped with Orchestrator.
Demonstrates the locking mechanism for automated processes, that allows
workflows to lock the resources they use.
Send and receive emails from workflows.
Automate certain common Orchestrator operations.
Manage databases and database tables, as well as run SQL operations.
Implement the Secure Shell v2 (SSH-2) protocol. These workflows allow you
to run remote command and file transfer sessions with password and public
key-based authentication. The SSH configuration allows you to specify paths
to objects to expose in the Orchestrator inventory through secure connections.
Export application settings and log files to a ZIP archive that you can send to
VMware support for troubleshooting.
Access the functions of the vCenter Server API, so that you can incorporate all
of the vCenter Server functions into the management processes that you
automate by using Orchestrator.
Export information about workflows or workflow categories as PDF files.
A Document Object Model (DOM) XML parser that you can use to process XML
files in workflows.
Set User Permissions on a Workflow
You set levels of permission on a workflow to limit the access that users or user groups can have to that
workflow.
You can select the users and user groups for which to set permissions from the Orchestrator LDAP server.
Prerequisites
n
Create a workflow.
n
Open the workflow for editing in the workflow editor.
n
Add some elements to the workflow schema.
Procedure
1 Click the Permissions tab.
16 VMware, Inc.
2 Click the Add access rights link to define permissions for a new user or user group.
3 Search for a user or user group.
The search results contain all the users and user groups from the Orchestrator LDAP server that match
the search.
4 Select a user or user group and select the appropriate check boxes to set the level of permissions for this
user or user group.
To allow a user to view the workflow, inspect the schema and scripting, run and edit the workflow, and
change the permissions, you must select all check boxes.
5 Click Select.
The user or user group appears in the permissions list.
6 Click Save and close to exit the editor.
Run a Workflow
You can perform automated operations in vCenter Server by running workflows from the standard library or
workflows that you create.
For example, you can create a virtual machine by running the Create simple virtual machine workflow.
Chapter 2 Managing Workflows
Prerequisites
Verify that you have configured the vCenter Server plug-in. For details, see Installing and Configuring VMware
vCenter Orchestrator.
Procedure
1 From the drop-down menu in the Orchestrator client, select Run.
2 Click the Workflows view.
3 In the workflows hierarchical list, open Library > vCenter > Virtual machine management > Basic to
navigate to the Create simple virtual machine workflow.
4 Right-click the Create simple virtual machine workflow and select Start workflow.
5 Provide the general parameters and click Next.
Option Action
Virtual machine name
Virtual machine folder
Size of the new disk in GB
Memory size in MB
Number of virtual CPUs
Virtual machine guest OS
Make the disk thin provisioned
Name the virtual machine orchestrator-test.
a Click Not set for the Virtual machine folder value.
b Select a virtual machine folder from the inventory.
The Select button is inactive until you select an object of the correct type,
in this case, VC:VmFolder.
Type an appropriate numeric value.
Type an appropriate numeric value.
Select an appropriate number of CPUs from the Number of virtual CPUs
drop-down menu.
Click the Not set link and select a guest operating system from the list.
Select whether to make the disc thin or thick provisioned.
VMware, Inc. 17
Using the VMware vCenter Orchestrator Client
6 Provide the infrastructure parameters.
Option Description
Host on which to create the virtual
machine
Resource pool
The network to connect to
Datastore in which to store the
virtual machine files
7 Click Submit to run the workflow.
A workflow token appears under the Create simple virtual machine workflow, showing the workflow
running icon.
8 Click the workflow token to view the status of the workflow as it runs.
9 Click the Events tab in the workflow token view to follow the progress of the workflow token until it
completes.
Click Not set for the Host on which to create the virtual machine value and
navigate through the vCenter Server infrastructure hierarchy to a host
machine.
Click Not set for the Resource pool value and navigate through the vCenter
Server infrastructure hierarchy to a resource pool.
Click Not set for the The network to connect to value and select a network.
Press Enter in the Filter text box to see all the available networks.
Click Not set for the Datastore in which to store the virtual machine value
and navigate through the vCenter Server infrastructure hierarchy to a
datastore.
10 Click the Inventory view.
11 Navigate through the vCenter Server infrastructure hierarchy to the resource pool you defined.
If the virtual machine does not appear in the list, click the refresh button to reload the inventory.
The orchestrator-test virtual machine is present in the resource pool.
12 (Optional) Right-click the orchestrator-test virtual machine in the Inventory view to see a contextual
list of the workflows that you can run on the orchestrator-test virtual machine.
The Create simple virtual machine workflow ran successfully.
What to do next
You can log in vSphere Client and manage the new virtual machine.
Respond to a Request for a User Interaction
Workflows that require interactions from users during their run suspend their run either until the user provides
the required information or until the workflow times out.
Workflows that require user interactions define which users can provide the required information and direct
the requests for interaction.
Prerequisites
Verify that at least one workflow is in the Waiting for User Interaction state.
Procedure
1 From the drop-down menu in the Orchestrator client, select Run.
2 Click the My Orchestrator view in the Orchestrator client.
3 Click the Waiting for Input tab.
The Waiting for Input tab lists the workflows that are waiting for user inputs from you or from members
of your user group that have permission.
18 VMware, Inc.
4 Double-click a workflow that is waiting for input.
The workflow token that is waiting for input appears in the Workflows hierarchical list with the following
symbol: .
5 Right-click the workflow token and select Answer.
6 Follow the instructions in the input parameters dialog box to provide the information that the workflow
requires.
You provided information to a workflow that was waiting for user input during its run.
Scheduling Workflows
You can schedule a workflow to run once, or multiple times using a recurrence pattern.
Schedule a Workflow
You can schedule a workflow from the Orchestrator client Scheduler or Workflows views. The user credential
that starts the workflow is the same as the credential you use to schedule it.
Prerequisites
Chapter 2 Managing Workflows
You must have the Execute privilege to schedule a workflow.
Procedure
1 From the drop-down menu in the Orchestrator client, select Run.
2 Click the Scheduler view.
3 Right-click within the left pane and select Schedule task.
4 (Optional) Select Schedule task as to use another user's credentials to schedule a workflow.
5 Search for the workflow to schedule by typing the name of the workflow, select it, and click Select.
6 Set the start date and time for the workflow.
7 (Optional) Select whether to start the workflow if the scheduled time is in the past.
Option Description
Yes
No
The workflow starts immediately.
The workflow starts at the next set recurrence.
8 (Optional) Select a workflow recurrence pattern.
a From the Recurrence drop-down menu, select the workflow recurrence pattern.
b If you set the workflow to recur, specify an end time and date for the workflow.
9 If the workflow requires input parameters, click Next and provide the necessary information.
10 Click Submit to schedule the workflow.
The scheduled workflow is listed in the Scheduler view. An R appears next to the scheduled workflow to
denote that recurrence is set.
What to do next
You can monitor the workflow run and delete the scheduled task from the Scheduler view.
VMware, Inc. 19
Using the VMware vCenter Orchestrator Client
Edit the Workflow Recurrence Pattern
A recurrence pattern is used to specify the way in which a given workflow is scheduled. You can edit the
recurrence pattern of a workflow from the Scheduler view.
Prerequisites
A recurrent workflow that is scheduled.
Procedure
1 From the drop-down menu in the Orchestrator client, select Run.
2 Click the Scheduler view.
3 Right-click the scheduled workflow whose recurrence pattern you want to edit and select Edit.
4 Click the Recurrence tab.
5 From the drop-down menu, select the recurrence pattern.
You can add an unlimited number of entries to the pattern. You can edit each entry.
The display changes according to the selected pattern.
6 Click Save and close to exit the editor.
The new recurrence pattern for the scheduled workflow appears on the Recurrence tab.
What to do next
You can view details about the different runs of the scheduled workflow on the Workflow Runs tab.
Use Workflow Version History
You can use version history to revert a workflow to a previously saved state. You can revert the workflow state
to an earlier or a later workflow version. You can also compare the differences between the current state of the
workflow and a saved version of the workflow.
Orchestrator creates a new version history item for each workflow when you increase and save the workflow
version. Subsequent changes to the workflow do not change the current saved version. For example, when
you create a workflow version 1.0.0 and save it, the state of the workflow is stored in the version history. If
you make any changes to the workflow, you can save the workflow state in the Orchestrator client, but you
cannot apply the changes to workflow version 1.0.0. To store the changes in the version history, you must
create a subsequent workflow version and save it. The version history is kept in the database along with the
workflow itself.
When you delete a workflow, Orchestrator marks the element as deleted in the database without deleting the
version history of the element from the database. This way, you can restore deleted workflows. See “Restore
Deleted Workflows,” on page 21.
Prerequisites
Open a workflow for editing in the workflow editor.
Procedure
1 Click the General tab in the workflow editor and click Show version history.
2 Select a workflow version and click Diff Against Current to compare the differences.
A window displays the differences between the current workflow version and the selected workflow
version.
20 VMware, Inc.
3 Select a workflow version and click Revert to restore the state of the workflow.
CAUTION If you have not saved the current workflow version, it is deleted from the version history and
you cannot revert back to the current version.
The workflow state is reverted to the state of the selected version.
Restore Deleted Workflows
You can restore workflows that have been deleted from the workflow library.
Procedure
1 From the drop-down menu in the Orchestrator client, select Run or Design.
2 Click the Workflows view.
3 Navigate to the workflow folder in which you want to restore deleted workflows.
4 Right-click the folder and select Restore deleted workflows.
5 Select the workflow or workflows that you want to restore and click Restore.
The restored workflows appear in the selected folder.
Chapter 2 Managing Workflows
Export a Workflow
You can export workflows to use them in another Orchestrator server instance.
Procedure
1 From the drop-down menu in the Orchestrator client, select Run.
2 Click the Workflows view.
3 Browse to the workflow you want to export and right-click that workflow.
4 Select Export workflow.
5 Browse to locate the folder in which you want to save the workflow, and click Save.
The workflow is saved on your system as a .workflow file.
Import a Workflow
If you have exported a workflow from one Orchestrator server system you can import it to another Orchestrator
server system.
Procedure
1 From the drop-down menu in the Orchestrator client, select Run.
2 Click the Workflows view.
3 Browse to the workflow folder in which you want to import the workflow and right-click it.
4 Select Import workflow.
5 Browse to locate the workflow you want to import, and click Open.
If the workflow already exists in your workflow library, a dialog box with version information appears.
NOTE You cannot import a workflow with an earlier version number than the version number of the
existing workflow.
VMware, Inc. 21
Using the VMware vCenter Orchestrator Client
The imported workflow appears in the workflow folder that you selected.
22 VMware, Inc.
Managing Policies 3
Policies are event triggers that monitor the activity of the system. Policies respond to predefined events issued
by changes in the status or performance of certain defined objects.
Policies are a series of rules, gauges, thresholds and event filters that run certain workflows or scripts when
specific predefined events occur in Orchestrator or in the technologies that Orchestrator accesses through plugins. Orchestrator constantly evaluates the policy rules as long as the policy is running. For instance, you can
implement policy gauges and thresholds that monitor the behavior of vCenter Server objects of the
VC:HostSystem and VC:VirtualMachine types.
Orchestrator defines the following types of policy:
Policy Templates
Policies
You can organize policy templates into folders, for easier navigation.
This chapter includes the following topics:
n
“Create a Policy,” on page 23
n
“Apply a Policy,” on page 24
Create a Policy
You can create a policy to monitor the activity of the system for specific events.
Procedure
1 From the drop-down menu in the Orchestrator client, select Run.
2 Click the Policies view.
3 Right-click within the left pane and select Create new policy.
Master policies. Policy templates are not linked to real objects. They are abstract
sets of rules that define the behavior to implement if a certain abstract event
occurs. You can see existing policy templates and create templates in the Policy
Templates view in the Orchestrator client.
Policies are instances of a template or standalone event triggers that are linked
to real objects, and that are triggered by real-life events. You can see existing
policies and create policies in the Policies view in the Orchestrator client.
VMware, Inc.
4 Type a name for the policy and click Ok.
The policy appears in the list of policies.
5 Right-click the policy and select Edit.
The policy editor opens.
23
Using the VMware vCenter Orchestrator Client
6 On the General tab, edit the startup settings, priority, startup user, and description of the policy.
7 On the Scripting tab, add and remove policy elements, periodic tasks, and trigger events, as well as
manage attributes.
8 On the Events and Logs tabs, view information about the policy.
9 On the Permissions tab, add and remove access rights for users or user groups.
10 Click Save and close to exit the editor.
11 In the Policies view, right-click the policy that you created and select Start policy.
Apply a Policy
You can apply a policy from an existing policy template.
Prerequisites
Verify that you have created a policy template.
Procedure
1 From the drop-down menu in the Orchestrator client, select Run.
2 Click the Policies view.
3 Right-click within the left pane and select Apply Policy.
4 In the Filter text box type the name of the policy template.
5 Select the policy template and click Select.
6 Provide the required policy information and click Submit.
The policy appears in the list of policies.
7 In the Policies view, right-click the policy that you created and select Start policy.
24 VMware, Inc.
Using Packages 4
You can use packages to transport content from one Orchestrator server to another. Packages can contain
workflows, actions, policies, Web views, configurations, and resources.
When you add an element to a package, Orchestrator checks for dependencies and adds any dependent
elements to the package. For example, if you add a workflow that uses actions or other workflows, Orchestrator
adds those actions and workflows to the package.
When you import a package, the server compares the versions of the different elements of its content to
matching local elements. The comparison shows the differences in versions between the local and imported
elements. The administrator can decide whether to import the whole package, or choose specific elements to
import.
Packages feature digital rights management to control how the receiving server can use the content of the
package. Orchestrator signs packages and encrypts the packages for data protection. Packages use X509
certificates to monitor which users export and redistribute elements.
This chapter includes the following topics:
n
“Create a Package,” on page 25
n
“Set User Permissions on a Package,” on page 26
n
“Export a Package,” on page 27
n
“Import a Package,” on page 28
n
“Get a Remote Package,” on page 28
n
“Synchronize a Remote Package,” on page 29
n
“Remove a Package,” on page 30
Create a Package
You can export workflows, policies, actions, plug-in references, resources, Web views, and configuration
elements in packages. All elements that an element in a package implements are added to the package
automatically, to ensure compatibility between versions. If you do not want to add the referenced elements,
you can delete them in the package editor.
Prerequisites
Verify that the Orchestrator server contains elements such as workflows, actions, and policies that you can add
to a package.
Procedure
1 From the drop-down menu in the Orchestrator client, select Administer.
VMware, Inc.
25
Using the VMware vCenter Orchestrator Client
2 Click the Packages view.
3 Right-click in the left pane and select Add package.
4 Type the name of the new package and click Ok.
The syntax for package names is
domain.your_company.folder.package_name
.
For example, com.vmware.myfolder.mypackage.
5 Right-click the package and select Edit.
The package editor opens.
6 On the General tab, add a description for the package.
7 On the Workflows tab, add workflows to the package.
n
Click Insert Workflows (list search) to search for and select workflows in a selection dialog box.
n
Click Insert Workflows (tree browsing) to browse and select folders of workflows from the
hierarchical list.
8 On the Policy Templates, Actions, Web View, Configurations, Resources, and Used Plug-Ins tabs, add
policy templates, actions, Web views, configuration elements, resource elements, and plug-ins to the
package.
9 Click Save and close to exit the editor.
You created a package and added elements to it.
What to do next
Set user permissions for this package.
Set User Permissions on a Package
You set different levels of permission on a package to limit the access that different users or user groups can
have to the contents of that package.
You can select the different users and user groups for which to set permissions from the users and user groups
in the Orchestrator LDAP or vCenter Single Sign On server. Orchestrator defines levels of permissions that
you can apply to users or groups.
View
Inspect
Edit
Admin
Prerequisites
Create a package, open it for editing in the package editor, and add the necessary elements to the package.
Procedure
1 Click the Permissions tab in the package editor.
2 Click Add access rights to define permissions for a new user or user group.
The user can view the elements in the package, but cannot view the schemas
or scripting.
The user can view the elements in the package, including the schemas and
scripting.
The user can edit the elements in the package.
The user can set permissions on the elements in the package.
26 VMware, Inc.
3 Search for a user or user group.
The search results show all of the users and user groups that match the search.
4 Select a user or user group.
5 Check the appropriate check boxes to set the level of permissions for this user and click Select.
To allow a user to view the elements, inspect the schema and scripting, run and edit the elements, and
change the permissions, you must check all check boxes.
6 Click Save and close to exit the editor.
You created a package and set the appropriate user permissions.
Export a Package
You can export a package and reuse its contents on another Orchestrator server. The system adds the certificates
for all of the contents of the exported package. When the package is imported into another server, these
certificates are also imported.
Prerequisites
Create a package and add the necessary elements to it.
Chapter 4 Using Packages
Procedure
1 From the drop-down menu in the Orchestrator client, select Administer.
2 Click the Packages view.
3 Right-click the package to export and select Export package.
4 Browse to select a location to save the package.
5 (Optional) Sign the package.
a Click Add target Certificate to sign the package.
b In the list of certificates, select the certificate to use for the exported package.
c Click Select.
6 (Optional) To apply restrictions for the exported package, deselect any of the following options.
Option Description
View contents
Add to package
Edit contents
The importer of the package is allowed to view the JavaScript of the elements
contained in the package.
The importer of the package is allowed to redistribute the elements contained
in the package.
The importer of the package is allowed to modify the elements contained in
the package.
7 (Optional) Deselect the Export version history check box if you do not want to export the version history
of the package.
8 Click Save.
You exported the package.
What to do next
You can use all of the workflows, actions, policies, and Web views from the exported package on another
Orchestrator server.
VMware, Inc. 27
Using the VMware vCenter Orchestrator Client
Import a Package
To reuse workflows, actions, policies, Web views, and configuration elements from one Orchestrator server
on another server, you can import them as a package.
IMPORTANT Packages that Orchestrator 3.2 generates are upwardly compatible with Orchestrator 4.x and 5.1.
You can import a package from an Orchestrator 3.2 server to an Orchestrator 4.x or 5.1 server. Packages from
Orchestrator 4.x and 5.1 are not backward compatible with Orchestrator 3.2. You cannot import to an
Orchestrator 3.2 server a package that an Orchestrator 4.x or 5.1 server generates.
Prerequisites
n
Back up any standard Orchestrator elements that you have modified. If the imported package contains
elements whose version number is later than the version number of the elements stored in the Orchestrator
database, your changes might be lost.
n
On the remote server, create a package and add the necessary elements to it.
Procedure
1 From the drop-down menu in the Orchestrator client, select Administer.
2 Click the Packages view.
3 Right-click within the left pane and select Import package.
4 Browse to select the package that you want to import and click Open.
Certificate information about the exporter appears.
5 Review the package import details and select Import or Import and trust provider.
The Import package view appears. If the version of the imported package element is later than the version
on the server, the system selects the element for import.
6 (Optional) Deselect the elements that you do not want to import.
For example, deselect custom elements for which later versions exist.
7 Click Import selected elements.
The imported package appears in the list of packages.
What to do next
You can use all the workflows, actions, policies, Web views, and configuration elements from the imported
package as new building blocks on your Orchestrator server.
Get a Remote Package
You can retrieve a package from a remote Orchestrator server.
Procedure
1 From the drop-down menu in the Orchestrator client, select Administer.
2 Click the Packages view.
3 Right-click within the left pane and select Get remote package.
28 VMware, Inc.
4 Log in to the remote server.
The Orchestrator Synchronization dialog box opens. It displays the differences between the package
elements. To view only elements that are different on the local and remote server, select Hide identical
from the drop-down menu.
5 Select the package that you want and click Import.
6 View the remote package elements and select an option.
Option Description
None
Update
Does not import the element.
The element is imported from the remote server to the local server.
NOTE If the remote server does not recognize your certificate, you cannot commit and overwrite the
elements.
7 Click Synchronize.
Synchronize a Remote Package
The Packages view provides a way to synchronize a package on one Orchestrator server with an existing
package on another server.
Chapter 4 Using Packages
Synchronizing packages is the only way to obtain all the elements from the remote server. If you synchronize
individual elements, Orchestrator only synchronizes elements that already exist on the local server. To obtain
any new elements from the remote server, you must synchronize the package that contains those elements.
Procedure
1 From the drop-down menu in the Orchestrator client, select Administer.
2 Click the Packages view.
3 Right-click the package that you want to synchronize and select Synchronize.
4 Log in to the remote server.
The Orchestrator Synchronization dialog box opens. It displays the differences between the package
elements. To view only elements that are different on the local and remote server, select Hide identical
from the drop-down menu.
5 View the comparison between the local and remote package elements and select an option.
Option Description
None
Commit
Update
Merge
The local and remote elements have the same version number. No
synchronization is required.
The version of the local element is later. The remote element is overwritten.
The version of the remote element is later. The local element is updated. If
an element does not exist locally, it is imported from the remote server to the
local server.
The local and remote packages are overwritten with a merged list of
references. The referenced elements remain unchanged.
NOTE If the remote server does not recognize your certificate, you cannot commit elements.
6 Click Synchronize.
The synchronized package is reloaded.
VMware, Inc. 29
Using the VMware vCenter Orchestrator Client
What to do next
You can use the updated package content in workflows, actions, policies, and Web views.
Remove a Package
Workflows and actions, as well as other resources, can be reused in many packages. This is why, before you
remove a package, you must decide whether to delete the workflows, actions, policies and other resources
contained in the package.
Procedure
1 From the drop-down menu in the Orchestrator client, select Administer.
2 Click the Packages view.
3 Right-click the package to delete and select one of the deletion options.
Option Description
Delete
Delete element with content
Removes the package only from the Packages view.
Removes all workflows, actions, policies, Web views, configurations, plugin settings or resources that the package contains. Does not remove read-only
elements and the plug-in .dar archive.
CAUTION This action might delete elements that are referenced by other
packages too. To avoid deleting an element that another package needs,
remove any dependencies that you added to the package. To view a list of
all the packages, workflows and policies that reference an element, use the
Find elements that use this element function.
30 VMware, Inc.
Using Authorizations 5
With authorizations you can manage the permissions of users and user groups over elements of specific types.
This chapter includes the following topics:
n
“Create an Authorization Element,” on page 31
n
“Configure an Authorization Element,” on page 31
Create an Authorization Element
You can create an authorization element to provide different permissions to users or user groups over elements
or specific type.
Procedure
1 From the drop-down menu in the Orchestrator client, select Administer.
2 Click the Authorizations view.
3 Right-click within the left pane and select Create Authorization.
4 In the Name text box, type a name for the element.
5 Click Not set and search for an LDAP user group.
6 (Optional) In the Description text box, type a description of the element.
7 Click Submit to create the element.
The authorization element appears in the list of authorizations.
What to do next
Edit the configuration of the authorization element.
Configure an Authorization Element
You can configure references and permissions for an authorization element.
Prerequisites
Verify that you have created an authorization element.
Procedure
1 From the drop-down menu in the Orchestrator client, select Administer.
2 Click the Authorizations view.
VMware, Inc.
31
Using the VMware vCenter Orchestrator Client
3 Right-click the authorization element that you want to modify and select Edit.
The authorization element editor opens.
4 (Optional) On the General tab, edit the description of the element.
5 On the References tab, create references to available element types from the tree.
6 On the Permissions tab, set the level of permissions for a user or user group.
7 Click Save and close to exit the editor.
32 VMware, Inc.
Index
A
action, version 15
actions 14
Actions view 9
Administer perspective 9
API Explorer, accessing 11
attributes 14, 15
audience 5
authorization element
configuration 31
creation 31
authorization elements 31
authorizations 31
Authorizations view 9
C
configuration elements 15
Configurations view 9
D
Design perspective 9
E
export workflow 21
exporting 27
getting 28
importing 28
permissions 26
removing 30
restricting reuse 27
signature 25
signing 27
synchronizing 29
Packages view 9
parameters 14
perspectives 8
policies 23
Policies view 8
policy, applying 24
policy creation 23
policy management 23
policy templates 23
Policy Templates view 9
R
recurrent workflows 20
Resources view 9
Run perspective 8
I
import workflow 21
input parameters 14
Inventory view 8, 9
M
My Orchestrator view 7, 8
O
Orchestrator client
credentials 7
customizing 10
login 7
perspectives 8
output parameters 14
P
packages
create 25
deleting 30
digital rights management 25
VMware, Inc. 33
S
Scheduler view 8
scheduling 19
schema 14, 15
standard workflows 16
T
token 14
U
user interactions, responding 18
V
version history 15
W
Web views 9
workflow
export 21
Using the VMware vCenter Orchestrator Client
import 21
version 15
workflow attributes 15
workflow parameters 14
workflow presentation 15
workflow token 15
workflow token attributes 15
workflows
library 16
permissions 14, 16
recurrence 20
restoring deleted 21
running 17
scheduling 19
standard 16
version history 20
Workflows view 8, 9
34 VMware, Inc.
Loading...