VMware vRealize Automation 7.1 went GA last week. There are many improvements in this new version of vRA. The release notes summarizes all these updates and can be found here. Jad El-Zein has written a very good post on these features and enhancements. One of the key feature is that vRA now ships with a silent installer for both minimal and distributed setup.
In the previous version (7.0), a new way of installation was introduced. This was the automated wizard that pops up when you deploy the vRA appliance and login into the VAMI for the first time. This made the installation process way easier than it was in the previous versions where a setup had to be run on every single IaaS/XaaS nodes. In the 7.1 version this gets better. Now, there is a streamlined silent installer that is shipped with the vRA appliance which can be used to deploy both Minimal and Distributed setup.
This blog post covers how to deploy the entire vRA distributed stack using the silent installer. The installer leverages the vra-command command line that is also introduced newly. The command line can do tasks like pre-req check and apply fixes to the IaaS machines to name a few and I will need another blog post to cover all the awesomeness it brings to the installation process. Note that there is no change in requirements or the architecture of vRA. This is a new way of installation where everything is silently executed from one of the nodes of vRA server.
In the setup I have: 2 vRA 7.1 Appliances
2 IaaS Web servers (Windows 2012 R2)
2 IaaS Manager servers (Windows 2012 R2)
1 IaaS Agent + DEM-W (Windows 2012 R2)
1 IaaS DB Server (Windows 2012 R2 + MSSQL)
1 Kemp Load Balancer server
vRA appliances have to be deployed with the required network details and powered on. Create the IaaS machines and run the pre-reqs on them so they are ready to be used for the deployment of the vRA services. I will not go through the whole process of prepping the machines but I have captured some screenshots which I will use here and there.
Generate the certificates for the VIPs using the SAN attributes and get them signed by a signing authority (Inter or external). There is a very good article for creating the certs which can be found here. Below are the certs that I have generated for my environment before I started off with the setup (This has to be done for all three certs : VRA-LB, WEB-LB and MGR-LB. We will need the PEM and Key file later.
Once the machines are prepared with all the per-requisites, I go ahead and install the vRA Management agent which will be used by the silent installer to talk to the IaaS machines. Once this is done, the machines will show up under the cluster tab of the vRA appliance server.
The load balancer has to be configured with the required settings to kick off the installation. Remember to turn off the health monitors and disable the secondary nodes so the LB doesn’t try to do funny things to the setup even before it is up.
I connect to the first appliance via putty and establish a SSH session. Now I browse to the location “/usr/lib/vcac/tools/install/” where all the deployment scripts are present.
The file ha.properties will hold all the inputs that the silent installer will use to install the components as part of the distributed setup. I have my sample file below with all the inputs.
The complete details of the environment has to be input into the ha.properties file. The IaaS servers’ names, the account that will run the service and all the other things that you can see in my screenshots above. Make sure the details are input in the right format or the validation/installation will fail midway and you wouldn’t want to run into that. I have been there and it’s not fun to see the installer go through all the hundred odd steps just coz you forgot something.
Note that under certificate, the whole PEM file has to be pasted and under the key, the whole RSA encrypted key should be pasted. This is something that has to be improved in the coming versions where the input can be the path to the certs which are copied somewhere on to the vRA server. Be extra careful when you are pasting the cert details. The cert details for vra-va, iaas-web and iaas-mgr should be input into the ha.properties file.
I first run the “config-primary-va-node.sh“. This configures the first vRA appliance for the installation.
Once all the details are updated, the installer script “iaas-install-distributed.sh” can to be triggered. Note that this script first validates all the nodes for the pre-requisites and then triggers the installation. During the validation it also reboots the machines as it tries applying the fixes if the pre-reqs aren’t met. Below are the screenshots of the pre-req check on all the nodes.
After the pre-req check is done, the validation starts. Wait till you see the message that says validation is complete. If the validation fails, see what led to the failure and fix it and run the script again. I had to re-run it more than 5 times.
Then all the certificates are installed into the nodes and the installation kicks off.
Once the script completes you can either manually join the second node to the primary node or you can run another script “config-secondary-va-node.sh“.
I did it the manual way as for some reason my script was failing.
After the installation completes, it’s time to enable the second leg components and health monitors on the load balancer
This completes the distributed setup using the silent installer. Even though the post looks long, if you get the pre-reqs right, all of it will be seamlessly done by the script and you can sit back and relax till the whole thing completes.
Now point the browser to the vra-vip and you should be able to start off with the configuration.
Drop a comment if you have any questions or feedback to provide.