In the last chapter, we installed and configured Orchestrator with SSO authentication and an external database. Now, we will integrate Orchestrator into vCenter and ultimately with other VMware or third-party tools. This will place Orchestrator in a central position for all your automation purposes and needs.
You can add a vCenter 5.5 or 5.1 to Orchestrator 6 without any problems. However, please be aware that, if you construct workflows in Orchestrator 6 intended for a vCenter 5.x, you might experience problems. A typical problem is SSO, which underwent some major changes in 5.1, 5.5, and 6.0, and it will make a vSphere Web Client integration hard, if not impossible. If you need to stay compatible, you should use Orchestrator 5.5.x with vSphere 5.5.x.
In this chapter, we will look at the following topics:
- Integrating Orchestrator with vCenter
- Installing additional plug-ins
- Configuring the vCenter plug-in
Your first task is to link Orchestrator to vCenter. This will allow you to not only automate vCenter tasks with Orchestrator, but also run, schedule, and monitor workflows by using the Web Client.
For Orchestrator to access vCenter, we need these ports open between Orchestrator and vCenter: TCP 443 and 7444.
If you would like to integrate Orchestrator into the vSphere Web Client, you need to have port TCP 443 open between vCenter and Orchestrator.
To get started, we need to make sure that we have access to vCenter. Therefore, we will now assign the new AD group (vroAdmins) that we created in the last chapter to the vCenter Administrators role. You can use your existing Administrator user, such as [email protected], for this. However, for tracking and logging purposes, it's recommended that you use a dedicated user.
- Open the vSphere Web Client and log in with the vCenter administrator rights.
- Add the group (vroAdmin) that you created in the last chapter to your vCenter with the Administrator role.
- Log out of the vSphere Web Client.
Now, we will add vCenter to Orchestrator, as follows:
- Open the Orchestrator Client and log in.
- Browse to Library | vCenter | Configuration.
- Right-click on the workflow, click on Add a vCenter Server instance, and select Start workflow.
- Enter the FQDN of your vCenter.
- Select that you would like to orchestrate this vCenter instance. This means that Orchestrator will save all the vCenter login data.
- If you are using a self-signed certificate in your vSphere environment, you should make sure that you ignore the certificate warnings. Click on Next.
- The question about a session per user is quite important. If you select Yes, Orchestrator will use the logged-in user's credentials to execute tasks on vCenter. If you select No, all the vCenter tasks will be started using the credentials entered in step 8.
- Enter a vCenter Administrator user so that Orchestrator can add access to the vCenter API.
- If you chose Yes in step 7, this step defines the AD domain that users need to be a part of in order to execute workflows on vCenter.
- Click on Submit and wait until the workflow has successfully completed.
- The next steps are only needed if you wish to run the Orchestrator workflows from the vSphere Web Client.
- Browse to Library | vCenter | Configuration and start the workflow Register vCenter Orchestrator as a vCenter Server extension.
- Select the vCenter instance that you added and click on Submit.
- Wait until the workflow has completed successfully.
So, that's it. We added a vCenter to Orchestrator. You can add multiple vCenters to one Orchestrator (don't forget to add their SSL certificate first). This allows you to have a central Orchestrator instance that controls vCenters in several environments, such as development and production.
Now that vCenter has been added to Orchestrator, we can see its contents in Orchestrator. Let's explore this:
-
In the Orchestrator Client, click on the Inventory icon
.
- Find the vCenter Server section and expand it. It might require a bit for it to open, as Orchestrator is now querying vCenter for its inventory.
- Dig deeper and explore what you can see.
If you see the vCenter Server inventory, you know that vCenter has been successfully added to Orchestrator. We will run and work with vCenter workflows in the next chapter.
After seeing that vCenter appears in Orchestrator, let's move on to see how we can make Orchestrator work in the vSphere Web Client:
- Open the vSphere Web Client with a member of the Orchestrator Administrator group, such as vroAdmin.
- Select the vRealize Orchestrator entry or the icon from the menu, as seen in the following screenshot:
- Click on vRO Home. This will show you the vCenter instance as well as the Orchestrator that is registered with it. Remember that you can have multiple vCenters in the Web Client.
When you see the Orchestrator instance in the vSphere Web Client, you know that Orchestrator was successfully registered as an extension to vCenter. This now allows you to use the vSphere Web Client to run the Orchestrator workflow directly.
In the next chapter, we will use the vSphere Web Client to run and schedule a workflow.