Observations
a) The vRA Load Balancers will be created automatically as part of the deployment process.
b) All the IaaS components are deployed in a Large Deployment profile.
c) All IaaS components must be entered in the Wizard i.e. 3 vRA Appliances, 2 Web Servers, 2 Manager Service Servers, 2 DEM Worker Servers and 2 Proxy Agent Servers.
d) 6 Instances of the DEM Workers are installed. i.e. 3 per DEM Worker server.
e) The vSphere Proxy Agents are NOT
installed. They have to be installed manually as a post installation step.
f) Both the Manager Services are running and the vRA Appliance monitors which one is Active and which one is Passive.
g) All the vRA components are added to Log Insight.
h) The vRA PostgreSQL database is set to Synchronous replication.
I) vRealize Automation environment added to vRealize Suite Lifecycle Manager.
j) When an Active Directory is configured then the 2nd and 3rd connectors will need to be added manually post deployment to the Identity provider and the idP Hostname set to the VIP Address of the Appliances.
14) vRealize Automation 7.6 Pre-requisites when installing with vRealize Suite Lifecycle Manager 2.1
Posted: 29th Nov 2019.
One of my recent projects was to install vRealize Automation 7.6 in a Large deployment profile using vRealize Suite Lifecycle Manager 2.1. Once again I found that the pre-requisites were very important for a successful deployment.
In this deployment the Windows IaaS Servers had been pre-built and therefore had to make sure that all the pre-requisites had been installed before initiating the vRA deployment with vRSLCM.
I have created a pre-requisites checklist which I am sharing below that enabled a successful deployment:
Task
1. Configure the vRealize Automation load balancers for Virtual Appliances, IaaS Web and IaaS Manager.
2. Disable the second/third member of each pool in the vRealize Automation load balancers. These members can be re- enabled after installation is complete.
3. Add all Windows IaaS machines to the domain.
4. The Windows SQL database server and Windows IaaS machines meet all vRealize Automation version and resource requirements.
5. Add the domain vRA service account as part of User Rights Assignment under Local Security Policies for Log on as a Service
and Log on as a batch job
on all Windows IaaS machines.
6. Join the IaaS SQL server to the domain.
7. Add the domain vRA service account as part of the SQL server user Logins list with the sysadmin privilege.
8. Install latest JRE (Java 1.8 or later) and create a JAVA_HOME environment variable on all Windows IaaS machines.
9. Install Microsoft .NET Framework 3.5 on all Windows IaaS machines.
10. Install Microsoft .NET Framework 4.5.2 or later on all Windows IaaS machines.
11. Install Microsoft Internet Information Services on the Windows IaaS Web Servers and IaaS Manager Service Servers and configured with the relevant roles and features.
12. Enable MSDTC on both the Windows IaaS Servers and the SQL Database Server. See VMware Knowledge Base article 2038943.
12. Set User Access Control settings to Never Notify
on all Windows IaaS and SQL database server virtual machines.
13. On all of the windows IaaS machines used in vRealize Automation deployment, log in to windows machine at least once as the domain vRA service account.
14. Ensure that the Windows IaaS machines do not have any vRealize Automation components already installed.
15. Update the registry key below on both Windows IaaS and SQL database server virtual machines:
a. Use the default PowerShell and run the following command as administrator on all
Windows IaaS and database server virtual machines:
Set-ItemProperty -Path "HKLM:\Software\Microsoft
\Windows\CurrentVersion\Policies\System" -Name "EnableLUA" -Value "0"
b. Reboot the Windows IaaS virtual machine.
16. Verify that the TLS 1.0 values are not present in the IaaS windows machines registry path below:
HKLM SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols.
17. Verify that TLS 1.1 and 1.2 are enabled as per https://docs.vmware.com/en/vRealize-Automation/7.6/com.vmware.vra.install.upgrade.doc/GUID-CFCCC0C1-A8EB-4C9F-B68D-14249D292496.html.
18. Take a snapshot of the IaaS SQL database machine and all Windows IaaS machines after configuration and before triggering the deployment in vRealize Suite Lifecycle Manager.
Observations
a) 2 Instances of the DEM Workers are installed i.e. 1 per DEM Worker server.
b) 2 vSphere Proxy Agents are installed i.e. 1 per Proxy server.
c) Only the Primary Manager Service is running and the Secondary one is set to manual and stopped.
d) The vRA PostgreSQL database is set to Asynchronous replication. If 3 appliances are used then this will need to be set to Synchronous replication post deployment.
e) vRealize Automation environment is added to vRealize Suite Lifecycle Manager.
f) When an Active Directory is configured then the 2nd and 3rd connectors will need to be added manually post deployment to the Identity provider and the idP Hostname set to the VIP Address of the Appliances.