vRealize Orchestrator 8 (Stand alone) First steps

Sometimes you don’t want to deploy the whole vRA solution, and the vRealize Orchestrator is enough in a stand alone mode. I wanted to just cover a bit on the setup and initial configuration steps in case this is where you find yourself. Over the years it has been a good playground for picking up skills on automation. So the deployment of the appliance is the usual bunch of steps. Supply an IP, host-name, domain search and DNS servers plus setting a password for the root user. The root user is what you will use initially to configure the appliance and connect it up to your environment, so keep it safe. As usual it is a good idea to get a DNS record setup before deploying the appliance.

Once the appliance is installed and booted you can go to the appliance by using the IP or the FQDN on either port 443 or /vco.

vro-logon-screen

ON this page you have some options to go either to the orchestrator client or the control center. You want to go to the control center. This is where you setup the connections you require. If you go the orchestrator client you can not do much until the connection has been made. In fact it will tell you that much.

oc-pre-setup

So lets get the initial steps done.

If you go to the Control center and log in with root/password (that you set initially when deploying the appliance) you get to an overview of configurable items.

cc-initial-screen

Here you find various options to click on and configure, I will not go too much into details now. I just want this post to show how you get vRO connected to the vCenter so that you can start using the Orchestrator to manage your environment. For this part we will use the Manage section almost exclusively. The first step is to configure an Authentication provider (Second icon from the Manage section above).

vSphere-auth

For Authentication you have the choices of LDAP, vSphere, and vRealize Automation. You should go with either vSphere authentication or vRealize Automation. LDAP is in the process of being phased out. Since I do not have a vRealize Automation installation running currently, I will for that reason be using the the vSphere authentication.

This also makes the next step quite simple. You need a vSphere host address and then you can connect. (It is by the way very similar to what you need for a vRealize Automation authentication also. Only the server is different. Once you enter the vCenter server you get requested to accept the certificate.

vSphere-auth-cert

After that you need to add a username and password. This user should be the administrator of the vSphere SSO domain.

vSphere-auth-user

Press register and wait for this to complete. Next you will be asked for a group to add for administrators of vRO. I created a new group called vRO-Admins and added a user called vROadmin to the group. The user in question as administrative rights to the environment.

vsphere-auth-group

The second kind of user is the Workflow Designer. This user as the name indicates, can run/edit/delete their own content to use They do not have access to the troubleshooting features or other admin rights.

More about this later.

This completes the authentication provider, how from the main page of your vRO server <Ip/FQND/vco> when you click to open the orchestrator agent you are taken to the vCenter login page. Notice that Windows authentication is not available.

orch-client-login

Log in with the vroadmin@sso domain user and you get into the orchestrator client, which is no longer this java client that you launch. It is a nice new html5 layout.

orch-client-main-page

That is pretty much it for now. I will dive into some other points regarding the administration and workflows later.