In this guide i will go over the steps of getting an existing 8.x vRSLCM appliance upgraded to the latest 8.12 release. The release notes can be found here
The first step is to log in to vRealize Suite Lifecycle Manager under the Lifecycle Operations section
Go to settings -> System Upgrade
Click on Check for Upgrade
We can see that the check found a new version available for 8.12
Click on Upgrade
Verify that a snapshot or backup exists in case the process fails. Check the check mark for I took a snapshot of the vRealize Suite Lifecycle Manager before I performed this operation. Click Next
Click on Run Precheck
Verify that all check have passed and click on upgrade
This will fire up the upgrade process and start upgrading packages. The system will automatically reboot on 8.12 once completed. We can check the version by going to Settings -> System Details
If you get the below error clear the browser cache and try again
In this post i will go over upgrading my 8.x SSC appliance to 8.12.1. As a pre requirement we do need to have VMware Aria Suite Lifecycle upgraded to 8.12. Instructions can be found here. The upgrade does not include the latest PSPACK that contains the 8.12.1 SaltStack Config release. Instructions to get the PSPACK can be found on my other blog post here.
To get started we can go to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> Binary Mapping. (If you haven’t added your My VMware credentials you will need to do that first by going to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> My VMware)
Click on Add Binaries under Product Binaries
Select My VMware and click on Discover
We can see a list of binaries that have been discovered. We can select what we need and click on Add
This will create a request and start downloading the package. To view the progress we can click on the Click Here hyperlink
Click on the in Progress button to view the details
We now have to wait for the download to complete
After the download is complete we can go to Environments -> View Details on the environment that includes SSC
Click on Upgrade
An Inventory sync is recommended if the environment has changed since LCM performed the last sync. We trigger the sync from the UI or click on Proceed to continue
Select product Version 8.12.1 and click Next. We can also review the compatibility matrix to make sure the environment is compatible.
We can automatically create and delete a snapshot part of the upgrade process
Run the Precheck to make sure there are no errors
Once the check is complete, click on Next. Review the upgrade details and click on Next. We are taken to the progress screen where we can follow the progress.
The system will get rebooted and once its back up we will be on 8.12.1
Here are a few additional blogs that might be useful post upgrade:
In this guide i will go over the steps of getting an existing 8.x VMware Aria Suite Lifecycle (formerly vRSLCM vRealize Lifecycle Manager) appliance to support the latest product releases available. Here is a great blog that goes in to the details about what the Product Support Pack is https://blogs.vmware.com/management/2019/01/vrslcm-pspak.html. Typically the newer Product Support Pack is included part of the upgrade for LCM, however sometimes there are product releases in between releases where product support packs come in handy.
The first step is to log in to vRealize Suite Lifecycle Manager under the Lifecycle Operations section
Go to settings -> Product Support Pack
We can see that i recently upgraded to 8.12.0.0 however a new update is available 8.12.0.3. Based on what we can see in the details the new support pack adds support for vRA 8.12.1. If an update is not available click on the Check Support Packs Online button and refresh the screen within a few minutes
Click on Apply Version
Verify that a snapshot or a backup exists and click Submit
We can view the progress by clicking on the Click Here link after submitting the request
Once the process is complete the system will most likely reboot. To check the status we can go back to settings -> Product Support Pack. As we can see we are now at the updated patch level
If you get the below error clear the browser cache and try again
As i was installing\upgrading my lab environment to ESXi 7.0 i received an error that the CPU was unsupported. As per the release notes vSphere 8.0 release notes my CPU is no longer on the compatibility list.
Since this is a lab environment i wanted to continue using my current hardware. It goes without saying that this method should not be used in a production environment.
To allow the legacy CPU all I had to do is boot up from the ISO, on the boot Menu I pressed TAB or Shift + O and added allowLegacyCPU=True option as seen in the screenshot below
I recently ran in to a problem where i wanted to perform a clean configuration of one of my ESXi hosts from an NSX perspective, however i ran in to a problem where NSX was reporting that the packages are already installed. To fix the issue i had to run the following to list the packages installed:
esxcli software vib list | grep -i nsx
Once i had the list all i had to do is uninstall them using:
I needed to create a few additional accounts in NSX-T for outside sources. Instead of creating individual accounts i wanted to use the existing ones from AD.
To get started we need to get the certificate from the vIDM server. Log on to the vIDM server as root and run the following:
Next we need to create the OAuth client ID in vIDM. Log in to the vIDM UI using the url <FQDN of vIDM host>SAAS/admin/app/page#!/dashboard as admin and Navigate to Catalog -> Settings
Navigate to Remote App Access -> Clients -> Create Client
In the Access Type chose Service Client Token, Client ID can be anything. Under Advanced click on Generate Shared Secret (take a note of this because we need it on the NSX side)
Next, log in to the NSX-T cluster and go to System -> Users and Roles -> VMWARE IDENTITY MANAGER -> Edit
Next fill in all the required fields with the existing data that we generated in the previous steps
Next we can see the integration as enabled and the connection as up
Next we can go to USERS click on ADD -> Role Assignment for VIDM
As you type in a user the system will try to auto complete it
Once the users and groups are defined all is left is to test out the authentication and validate that everything works
In this post i will go over upgrading my 8.x SSC appliance to 8.11.1. As a pre requirement we do need to have vRSLCM (vRealize Lifecycle Manager) upgraded to 8.11.1. Instructions can be found here. The upgrade does not include the latest PSPACK that contains the 8.11.1 SaltStack Config release. Instructions to get the PSPACK can be found on my other blog post here.
To get started we can go to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> Binary Mapping. (If you haven’t added your My VMware credentials you will need to do that first by going to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> My VMware)
Click on Add Binaries under Product Binaries
Select My VMware and click on Discover
We can see a list of binaries that have been discovered. We can select what we need and click on Add
This will create a request and start downloading the package. To view the progress we can click on the Click Here hyperlink
Click on the in Progress button to view the details
We now have to wait for the download to complete
After the download is complete we can go to Environments -> View Details on the environment that includes SSC
Click on Upgrade
An Inventory sync is recommended if the environment has changed since LCM performed the last sync. We trigger the sync from the UI or click on Proceed to continue
Select product Version 8.11.1 and click Next. We can also review the compatibility matrix to make sure the environment is compatible.
We can automatically create and delete a snapshot part of the upgrade process
Run the Precheck to make sure there are no errors
Once the check is complete, click on Next. Review the upgrade details and click on Next. We are taken to the progress screen where we can follow the progress.
The system will get rebooted and once its back up we will be on 8.11
Here are a few additional blogs that might be useful post upgrade:
In this post i will go over upgrading my 3.3.6 vIDM appliance to 3.3.7 using vRSLCM (vRealize Suite Lifecycle Manager). If you want to upgrade to LCM 8.10 instructions can be found here. The upgrade does not include the latest PSPACK that contains the 3.3.7 vIDM release. Instructions to get the PSPACK can be found on my other blog post here.
To get started we can go to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> Binary Mapping. (If you haven’t added your My VMware credentials you will need to do that first by going to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> My VMware)
Click on Add Binaries under Product Binaries
Select My VMware and click on Discover
We can see a list of binaries that have been discovered. Make sure we select the upgrade package not the install package. We can select what we need and click on Add
This will create a request and start downloading the package. To view the progress we can click on the Click Here hyperlink
Click on the in Progress button to view the details
We now have to wait for the download to complete
After the download is complete we can go to Environments -> View Details on the environment that includes vIDM
Click on Upgrade
An Inventory sync is required when performing vIDM upgrades. We trigger the sync from the UI and click on Proceed once completed to continue
Select product Version 3.3.7 and click Next. We can also review the compatibility matrix to make sure the environment is compatible.
A new feature that was added was the capability to automatically create a snapshot prior to the upgrade and remove it after the upgrade. On this screen we also have the ability to chose if we want to keep the snapshots post upgrade for validation testing for example. Click next
Run the Precheck to make sure there are no errors or issues.
There`s a list of Manual Validations. Once verified click on I took care of the manual steps above and am ready to proceed check box and click on Run Precheck
Once the check is complete we can review the checks that were performed and we can continue by clicking Next.
Review the upgrade details and click on Submit. We are then taken to the progress screen where we can follow the progress.
The system will get rebooted and once its back up we will be on 3.3.7
Since we are doing a major upgrade i strongly recommend to clean the cache before using the new vIDM version.
In this guide i will go over the deployment of vRA 8.11 using the Easy Installer. The reason i like the Easy Installer is because it deploys everything that i need. vIDM, Lifecycle Manager as well as vRA.
To get started we need to download the installer from here.
Once downloaded mount the iso as a drive using your favorite tool or extract it as a archive using something like 7-zip
Once mounted go to the CDROM in the vrlcm-ui-installer\Mac directory if on mac or vrlcm-ui-installer\win32 if you are on windows. In here run the installer file
We will be presented with the following window:
The migration option allows us to migrate from from vRSLCM 2.1 to 8.x, it can migrate Datacenter and vCenters, all existing environments, DNS, SNMP, NTP, My VMware, proxy details, migration of vIDM installation as well as Blackstone Content endpoints. For the purpose of this guide we will process with the Install option
Once we click Install we will be presented with an Introduction of what components will be included part on the installation. In my case i can see vRealize Automation 8.11, Lifecycle Manager 8.10, Identity Manager 3.3.6.
Click Next, Review, accept the agreement and click next
Provide the vCenter details and click next. In my case i used the administrator account. A detailed list of permissions needed for deployment can be found here
Sections 4, 5, 6 and 7 are straight forward so i will skip them
In section 8 select a password that will be used across all products for the local usernames. ex for LCM root and local admin, vIDM admin, sshuser, root etc
Select a VM name for the Lifecycle Manager appliance and its ip credentials. If you are expecting a large repository in lifecycle manager we can add additional disk under the Increase Disk Size in GB section.
The FIPS Mode compliance option enforces FIPS compliance, however keep in mind that with the FIPS mode enabled there are limitation on what the product can do. This can be disabled later and re enabled as needed.
Complete the fields and click next
The next portion is vIDM. In case there is an existing vIDM appliance in the environment we can also import and existing vIDM appliance. In my case i will deploy a new one.
One important option under vIDM is the Sync Group Members to the Directory When Adding Group. When enabled, members of the groups are synced when groups are added from Active Directory. When this is disabled, group names are synced to the directory, but members of the group are not synced until the group is entitled to an application or the group name is added to an access policy. Note: Post deployment this value cannot be changed from vRealize Suite Lifecycle Manager. To update this field post deployment, navigate to VMware Identity Manager
My configuration page looks like this:
The next section is the vRA Configuration. In here we have a couple of options. We can perform a standard 1 node deployment or a cluster deployment which includes 3 appliances. The FIPS Compliance mode enables FIPS compliance. Unlike LCM this mode cannot be disabled after the deployment. This disables a number of options in vRA from an LCM perspective. Please make sure that its only enabled if required.
The advanced configuration at the bottom of the page includes the option to change the internal Kubernetes cluster and Service ip range. This is useful if the default range is already in use on the internal network. We want to make sure we pick an ip range thats not used somewhere else in order to avoid routing issues. Once complete click next
The next page gives us a summary of our deployment and we can click submit to start the deployment.
Next we are presented with the installation process. We can follow it along, in my environment the full deployment took about 1.5 hrs
After the install is complete we are presented to links for the different services
Next i would recommend LCM certificate management found here
