In this recipe, you will learn how to create, export, and generally work with packages. Packages are great for shipping complete Orchestrator solutions between Orchestrators to customers or for backup.
We need at least one workflow or action to work with in this recipe. Optimally, you have workflows and actions that depend on each other. You can test with the 04.03 Export-Package
example workflow; it contains an action and another workflow.
This recipe has several sections. As an overview, the following screenshot shows all the icons and their usages. To get to the correct section, follow these instructions:
The package will now be imported. Every element that is part of the package will be placed back in its folder or module as it was. This means that the import will also create folders and modules as required.
When right-clicking on a package, you will see there are two delete options:
Option |
Description |
Delete |
This will delete the package only but no content (workflows, actions, and so on) will be deleted. |
Delete element with content |
This not only deletes the package but also its content (workflows, actions, and so on) from Orchestrator. |
In this example, we will delete the package as well as the content:
This option lets you import a package that is stored on another Orchestrator installation:
8281
) of the remote Orchestrator, followed by a user ID and password.
Building packages makes it very easy to transport or publish Orchestrator solutions that have been developed. A package contains all the important elements such as Workflows, Actions, Policy Templates, Web Views, Configurations, Resources, and Plugins used.
Another typical usage for packages is to create a backup.
When your package contains workflows or actions from a plugin, such as vCenter, vCloud Director or such like, the plugins and their versions are displayed in the Used plugin tab of the package. Orchestrator doesn't display any warnings or messages when you import a package that depends on a certain plugin. It will just import all the elements of this plugin that are part of the package. However, because of the dependencies, you will not be able to execute workflows that depend on this plugin.
Please note that when you export a package that contains AMQP, SNMP, or other Orchestrator plugins, the resource element that contains the server configuration is exported as well. Before delivering this package to a customer, you might want to delete these elements.
The package that is created is zipped and contains all the files. When you export to a folder, the content of the package is more exposed, but it's not the same format as when extracting the package.
When exporting a package, you have several options that you can choose from. When you deselect an option, all elements in this package will inherit the settings:
Option |
Description |
Add target certificate |
We shall discuss this in the There's more... section of this recipe. |
View Contents |
This is not really as restrictive as one would expect.
When you deselect this option, you can still see all the normal tabs in the workflow. The only thing that won't work is that you can go to an element by double-clicking on it. For example, if the workflow contains an action, double-clicking on it won't open the action element. However, the action can be accessed normally and you can see the scripting content.
|
Add to package |
Deselecting this option will make it impossible for users to export a package that contains elements from this package. You can still create packages with elements that don't have the Add to package flag; however, you will get an error message when trying to export the package. |
Edit content |
Without this flag, users that import this package will not be able to edit the workflow. This flag is mostly set for all packages that are part of a plugin or to make sure that for support reasons changes are not possible. |
Export version history |
Deselecting this option will not export the full version history of each element. Instead, the element will be displayed in the latest version with the remark imported content from package. |
Export values of the configuration settings |
Deselecting this section will export the configuration and its attributes; however, it will not export their values. |
Export global tags |
This will export the global tag of the objects in the package. See the Working with Orchestrator tags recipe in Chapter 8, Better Workflows and Optimized Working. |
When importing a package, you can deselect the Import the values of the configuration settings option. This will import the configuration and its attributes, but not its values.
The function to switch off editing is extremely important when delivering an Orchestrator solution to a customer. You will want to lock down the customer's ability to edit workflows or actions in order to make it possible to support the solution.
The target server function comes in handy if you want to make sure that Orchestrator packages do not get into the wrong hands. Typical things to mention here are configuration items in Orchestrator that contain sensitive information.
Each package that is created is encrypted with this user certificate. You may have seen that when you imported the package onto a different Orchestrator installation. The certificate is the one we created in the Important Orchestrator settings recipe in Chapter 1, Installing and Configuring Orchestrator.
When you import a package, you can choose to trust this certificate. If you do so, it will be stored in the certificate store. You can manage the certificate store by clicking on Tools (this is in the top-right corner of Orchestrator Client) and then selecting Certificate manager...:
A popup will appear in which the upper part shows your user certificate and the lower part shows all known certificates (you might need to adjust the length of the window). See the following screenshot.
You are able to export your own certificate and also import others or remove others from the certificate store.
When you export a package, you can select the Add target certificate option to make sure that the package can only be read by a certain Orchestrator server. When you add a certificate to the package that is contained in your certificate store, you can make sure that only the Orchestrator server that is the owner of this certificate can import the package. If you try to import a package that is not intended for you, you will get an error message that says this package is not intended for you.
In the example package that comes with this book, I have placed a certificate in resources
that you can use to test this: