VCP7-CMA – Objective 3.1

Disclaimer: These are my notes from taking the 2V0-731 exam. If something doesn’t make sense, please feel free to reach out.

The goal of this objective is to understand how to deploy vRA.

Objective 3.1 – Install a Minimal Deployment

  • Identify IaaS minimal deployment prerequisites
  • Validate environment readiness for a given design based on install type
  • Deploy and configure vRealize Automation Appliance OVF
  • Install using the installation wizard
  • Install manually, remediating IaaS prerequisites and install all IaaS components
  • Install Management Agent(s) at the appropriate time
  • Implement and manage CA signed certificates

References

These are the key inbound ports required for vRA, for more information check the documentation listed in the references.

Port Number(s) Usage
TCP 4369, 5671, 5672, 25672 RabbitMQ Messaging
TCP 5488, 5489 Internally used – vRA updates
TCP 8230, 8280, 8281, 8283 Internal vRO
TCP 8443 Identity Manager administration
TCP 8444 VMware Remote Console
TCP 8494 Internal service cluster sync
TCP 9300 – 9400 Identity Manager audting
TCP 40002, 40003 vIDM cluster sync

These are the key outbound ports required for vRA, for more information check the documentation listed in the references.

Port Number(s) Usage
TCP 443 IaaS Manager & infrastructure endpoint, vRA software service, Identity Manager server, View connection server
TCP 445 ThinApp repo for Identity Manager
TCP 902 ESXi network file copy and VMware Remote Console
TCP 8281 External vRO
TCP 8494 Container service cluster sync

Install the vRA appliance as a usual appliance deployment. Once deployed the IaaS installer files are available at https://vra.fqdn/installer. Also available on that page are:

  • IaaS Management Agent
  • IaaS Installer
  • DB Install Scripts
  • Agent Files (Windows & Linux)
  • PE Builder
  • VM Templates prep
  • vRealize Automation Designer

The Windows server pre-requisites are:

  • All on the same domain
  • Hardware:
    • 2 vCPUs
    • 8GB memory
    • 40GB free disk space
    • SQL might require more
  • Not supported on VMware Workstation
  • .NET framework 3.5 and 4.5.2
  • Appropriate version of Powershell
  • If installing multiple IaaS components – install them all in the same location
  • TLS is required. vRA 7.3 supports TLS 1.2
  • DTC service

Automated Installation

The installation wizard that is run from the vRA appliance runs a pre-requisite check which should validate all components. Time synchronisation is important, can use either NTP or host time to synchronise. If using host time, ensure host is using reliable NTP source.

The installation wizard from the vRA appliance takes you through the full installation. After it has run the pre-requisite check on the IaaS components you can attempt to ‘fix’ any gaps. I find this to actually be quite reliable but there is an option of a retry if it’s not successful. I typically manually fix anything the automated wizard fails on, then run the re-check.

Once the wizard is satisfied that all the pre-requisites are complete, it will move on to the full installation & configuration of vRA. Before starting this process it will prompt you to take snapshots of all servers involved.

Manual Installation

Make sure pre-requisites are installed on IaaS box(es):

  • IIS
  • WPA
  • .NET 3.5 and 4.5.2
  • Java 1.7+ (64 bit)
  • Configure Windows Authentication within IIS
    • This can be a pain, needs to be configured on the default site. If it already appears to be correct – unconfigure and re-configure.
  • Secondary logon service needs to be running for the duration of the installation
  • Disable authentication loopback check

These are the IIS installation options, essentially the default install plus ASP.NET 3.5 & ASP.NET 4.6.

And this is the required DTC Configuration:

DTC_Config

Then log on to the vRA appliance administrative page. Go through each tab and make changes as appropriate to your environment. Start with hostname, then certificate, I find it useful to wait a few minutes before completing the remaining configuration to allow services to restart.

One thought on “VCP7-CMA – Objective 3.1

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s