Usage Report for vRealize Cloud Licenses

In this post i will go over the Usage Report for vRealize Cloud Licenses. I will cover the online method which does the reporting automatically as well as the offline method that requires us to upload the usage manually. The documentation for the Usage Report can be found here. The vRealize Cloud Universal service description EULA and requirements can be found here.

As described the EULA our responsibilities include:

  • Deploy the latest version of vRealize Suite Lifecycle Manager in your on-premiseenvironment, and establish a connection between vRealize Suite Lifecycle Manager and your VMware customer account.
  • Use vRealize Suite Lifecycle Manager to apply the vRealize Cloud Universal license key to on-premise components of the Service Offering and activate these components.
  • Connect vRealize Suite Lifecycle Manager to vRealize Cloud Subscription Manager to enable usage reporting to VMware. If the on-premise environment is offline and unable to connect to vRealize Cloud Subscription Manager, you are responsible for periodically exporting a license report from vRealize Suite Lifecycle Manager and uploading the report to vRealize Cloud Subscription Manager, but no less than once per VMware fiscal quarter.

We will be spending most of our time in vRealize® Suite Lifecycle Manager. Log in and go to the locker page either from the welcome screen

Or the menu on the top right:

Once in locker we can go to Licenses and search for our subscription license. The license will show up as vRealizeFlex under the license type

If there are no licenses showing up you probably don’t have the my VMware account logged on. You can follow the instructions in my other post here to add the my VMware account.

Now if we click on the 3 dots to right we get to see a menu for things like Usage report, view usage and so on

The online sync option is very straight forward. All we need to do is click on Connect License and provide an API token.

The API token generation instructions can be found in the official documentation here. The next step is to match the license key with a subscription and then setup the reporting frequency. Unfortunately i dont have an cloud subscription that i have permissions to match my key with.

The next option is the offline usage report. Keep in mind that the report will need to be updated multiple times a year as required by the EULA. To create the report we can go to Usage Report in the dropdown menu

Select vRealize Cloud Subscription Manager Billing

Click on download. Once the download is completed you can upload the file in the subscription manager.

vRealize Lifeycycle Manager (vRSLCM) enable product and licensing downloads

In order to enable product and licensing downloads in lifecycle manager we need to go to Lifecycle Operations

Settings -> My vmware

Add my vmware account. Make sure the account added has a proper entitlement to perform downloads and patches.

With the releases of 8.x and above we now have a password vault that we need to add the passwords to. When presented with the add my VMware Account Detail screen press on Click here to add a new password

Type in the details for your password and press add

Click on Select Credential and add the new password you created, add the username, click validate and then add

After the process is complete the product will automatically start downloading the licensing information from the my vmware portal and it will also allow us to download binaries from the add binaries page

Upgrading vRA (vRealize Automation) to 8.5

In this post i will go over upgrading my 8.x vRA appliance to 8.5. As a pre requirement we do need to have vRSLCM (vRealize Lifecycle Manager) upgraded to 8.4.1. Instructions can be found here. You will also need to apply the latest Product Support Pack (version 8.4.1.4). The instructions can be found here.

To get started we can go to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> Binary Mapping. (If you havent added your My VMware credentials you will need to do that first by going to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> My VMware)

Click on Add Binaries under Product Binaries

Select My VMware and click on Discover

We can see a list of binaries that have been discovered. We can select what we need and click on Add

This will create a request and start downloading the package. To view the progress we can click on the Click Here hyperlink

Click on the in Progress button to view the details

We now have to wait for the download to complete

After the download is complete we can go to Environments -> View Details on the environment that includes vRA

Click on Upgrade

An Inventory sync is recommended if the environment has changed since LCM performed the last sync. We trigger the sync from the UI or click on Proceed to continue

Select product Version 8.4.0 and click Next. We can also review the compatibility matrix to make sure the environment is compatible.

Since we already checked the sizing while the download was occurring we can check the check box for I took care of the manual steps above and am ready to proceed and click on run precheck

Run the Precheck to make sure there are no errors

Once the check is complete, click on Next. Review the upgrade details and click on Next. We are taken to the progress screen where we can follow the progress.

The system will get rebooted and once its back up we will be on 8.5

vRSLCM (vRealize Lifecycle Manager) Product Support Pack

In this guide i will go over the steps of getting an existing 8.x vRSLCM appliance to support the latest product releases available. Here is a great blog that goes in to the details about what the Product Support Pack is https://blogs.vmware.com/management/2019/01/vrslcm-pspak.html. Typically the newer Product Support Pack is included part of the upgrade for LCM, however sometimes there are product releases in between releases where product support packs come in handy.

The first step is to log in to vRealize Suite Lifecycle Manager under the Lifecycle Operations section

Go to settings -> Product Support Pack

We can see that i recently upgraded to 8.4.1.2 however a new update is available 8.4.1.3. Based on what we can see in the details the new support pack adds support for network insight 6.3.0.

Click on Apply Version

Verify that a snapshot or a backup exists and click Submit

We can view the progress by clicking on the Click Here link after submitting the request

Once the process is complete the system will most likely reboot. To check the status we can go back to settings -> Product Support Pack. As we can see we are now at the updated patch level

If you get the below error clear the browser cache and try again

Patching vRSLCM (vRealize Lifecycle Manager) to 8.4.1.1 Patch 1

In this guide i will go over the steps of getting an existing 8.x vRSLCM appliance upgraded to the latest 8.4.1 Patch 1 release. The release notes can be found here

The first step is to lo in to vRealize Suite Lifecycle Manager under the Lifecycle Operations section

Go to settings -> Binary Mapping

Click on Patch Binaries up top and click on Check Patches Online

We can see that the check found a new patch

Click on download button under Action. We can follow the process by clicking on Click here to check request status

Wait till the download is complete and go back to settings

Go to Settings -> System Patches

Click on New patch on the right side of the screen

Select the newly downloaded patch and click Next

Review the details and click Install

This will fire up the patch process and start the patching.

The system will automatically reboot on 8.4.1.1 Patch 1 once completed. We can check the version by going to Settings -> System Details

If you get the below error clear the browser cache and try again

Configure NSX-T to use vIDM as authentication

I needed to create a few additional accounts in NSX-T for outside sources. Instead of creating individual accounts i wanted to use the existing ones from AD.

To get started we need to get the certificate from the vIDM server. Log on to the vIDM server as root and run the following:

openssl1 s_client -connect <FQDN of vIDM host>:443 < /dev/null 2> /dev/null | openssl x509 -sha256 -fingerprint -noout -in /dev/stdin

Next we need to create the OAuth client ID in vIDM. Log in to the vIDM UI using the url <FQDN of vIDM host>SAAS/admin/app/page#!/dashboard as admin and Navigate to Catalog -> Settings

Navigate to Remote App Access -> Clients -> Create Client

In the Access Type chose Service Client Token, Client ID can be anything. Under Advanced click on Generate Shared Secret (take a note of this because we need it on the NSX side)

Next, log in to the NSX-T cluster and go to System -> Users and Roles -> VMWARE IDENTITY MANAGER -> Edit

Next fill in all the required fields with the existing data that we generated in the previous steps

Next we can see the integration as enabled and the connection as up

Next we can go to USERS click on ADD -> Role Assignment for VIDM

As you type in a user the system will try to auto complete it

Once the users and groups are defined all is left is to test out the authentication and validate that everything works

vROps cloud API getting started

I wanted to keep track of what needs to be done prior to actually being able to query API on vROps cloud. Ive been having a hard time finding the documentation i needed in the past

First step is to get an API token for the specific username. We can do this by going to My account under User Settings in vROps Cloud

Go to API Tokens and click on Generate a new API token

Give it a name and select what it will have access to and click on Generate

Once we have the api token generated we can use it to generate an access token by running 

curl -k -X POST "https://console.cloud.vmware.com/csp/gateway/am/api/auth/api-tokens/authorize" -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -d "refresh_token=token_generated_earlier"

Now we can use the output from “access_token”. vROps Swagger API can be found here

Here is an example to get the current logged on user

 curl -k https://www.mgmt.cloud.vmware.com/vrops-cloud/suite-api/api/auth/currentuser?_no_links=true  "Content-Type: application/json" -H "Accept: application/json" -H "Authorization: CSPToken <access_token from previous step>"

Full guide from VMware available here

Upgrading vRSLCM (vRealize Lifecycle Manager) to 8.4.1.1

In this guide i will go over the steps of getting an existing 8.x vRSLCM appliance upgraded to the latest 8.4 release. The release notes can be found here

The first step is to lo in to vRealize Suite Lifecycle Manager under the Lifecycle Operations section

Go to settings -> System Upgrade

Click on Check for Upgrade

We can see that the check found a new version available for 8.4.1.1

Click on Upgrade

This will fire up the upgrade process and start upgrading packages. The system will automatically reboot on 8.4.1.1 once completed. We can check the version by going to Settings -> System Details

If you get the below error clear the browser cache and try again

Changing passwords for the vRealize suite via vRSLCM (vRealize Suite Lifecycle Manager)

In this guide i will go over one of the Locker feature in vRealize Lifecycle Manager specifically the password management.

As a reminder vRSLCM can manage the following:

Type of Password ChangevRealize Product Name
Admin Password ChangevRealize Automation, vRealize Operations Manager, vRealize Network Insight, vRealize Log Insight, VMware Identity Manager
Root Password ChangevRealize Automation, vRealize Operations Manager, vRealize Network Insight, vRealize Log Insight, VMware Identity Manager
Support Password ChangevRealize Network Insight
Console User Password ChangevRealize Network Insight
SSH User Password ChangeVMware Identity Manager

The first step is to create a new password. We can do so by going to Locker from the welcome screen or the menu on top right

Once in Locker, we can check to see where a specific password might be used. In my case i had just deployed most of the vRealize products and i used in the InstallerPassword reference

Once we clicked on InstallerPassword we can see some details about the password. Click on References to see where the password is used

Next we can go back a level by clicking on password and click add to add a new password to the inventory

Complete the required fields and click add

Now that we have the password created we can go to the Lifecycle Operations service to update the password for the vRealize products. Click on the Menu on the top right and select lifecycle operations

Go to environments and click on view details on the environment where we want to update the password. In my case i will update my vRealize environment

Im going to update my vROPS instance. On the menu under the product select the node on the left side and click on change password towards the right

On the next screen we need to pick the current password for the environment and the new password that were changing to

Lifecycle manager went though and updated the password and its associations

Trying to log in using the root user confirms that the password has been changed

Upgrading vRA (vRealize Automation) to 8.4

In this post i will go over upgrading my 8.x vRA appliance to 8.4. As a pre requirement we do need to have vRSLCM (vRealize Lifecycle Manager) upgraded to 8.4. Instructions can be found here

To get started we can go to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> Binary Mapping. (If you havent added your My VMware credentials you will need to do that first by going to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> My VMware)

Click on Add Binaries under Product Binaries

Select My VMware and click on Discover

We can see a list of binaries that have been discovered. We can select what we need and click on Add

This will create a request and start downloading the package. To view the progress we can click on the Click Here hyperlink

Click on the in Progress button to view the details

We now have to wait for the download to complete

While the download is going check hardware requirements for vRealize Automation 8.4.0 here. If the VMware Identity Manager hardware needs to be resized refer to the documentation: Re-Size Hardware Resources for VMware Identity Manager

After the download is complete we can go to Environments -> View Details on the environment that includes vRA

Click on Upgrade

An Inventory sync is recommended if the environment has changed since LCM performed the last sync. We trigger the sync from the UI or click on Proceed to continue

Select product Version 8.4.0 and click Next. We can also review the compatibility matrix to make sure the environment is compatible.

Since we already checked the sizing while the download was occurring we can check the check box for I took care of the manual steps above and am ready to proceed and click on run precheck

Run the Precheck to make sure there are no errors

Once the check is complete, click on Next. Review the upgrade details and click on Next. We are taken to the progress screen where we can follow the progress.

The system will get rebooted and once its back up we will be on 8.4