vIDM 3.3.5 HA

In this guide we will go over the vIDM 3.3.5 HA configuration. The official documentation can be found here

Im going to assume that the load balancer configuration is already completed, the vIDM appliance has a the required certificate in the LCM inventory. Please read the official documentation for the full requirements.

We will be using the scale out feature in Lifecycle Manager. To do so we can navigate to Lifecycle Operations -> Environments -> globalenvironment -> View Details -> Click on Add Components

It is recommended that an inventory sync is performed prior to starting the process. It can be triggered by pressing on Trigger Inventory sync button. In my case i don`t need one as i did it earlier so ill just click Proceed

Network configuration should be populated. Verify the config and click next

Towards the bottom of the Components page there will be a components section. Click on the Plus sign next to it and select VMware Identity Manager Secondary Node. Perform this task task 2 times so we can have 3 vidm nodes.

Complete the required fields Like network configuration and Cluster Virtual IP

On the next page run the precheck in order to execute the data validation

Verify the Manual Validation as described in the Pop Up Window and click on Run Precheck

Once all the check are complete click on next, Verify the Summary and click on Submit

This will take us to the Request Details Page where we can follow the steps taken

Once the additional nodes are installed validate that everything is working as expected.

Upgrading vRSLCM (vRealize Lifecycle Manager) to 8.6.1

In this guide i will go over the steps of getting an existing 8.x vRSLCM appliance upgraded to the latest 8.6.1 release. The release notes can be found here

The first step is to lo in to vRealize Suite Lifecycle Manager under the Lifecycle Operations section

Go to settings -> System Upgrade

Click on Check for Upgrade

We can see that the check found a new version available for 8.6.1.5

Click on Upgrade

Verify that a snapshot or backup exists in case the process fails. Check the check mark for I took a snapshot of the vRealize Suite Lifecycle Manager before I performed this operation. Click Next

Click on Run Precheck

Verify that all check have passed and click on upgrade

This will fire up the upgrade process and start upgrading packages. The system will automatically reboot on 8.6.1.5 once completed. We can check the version by going to Settings -> System Details

If you get the below error clear the browser cache and try again

vRSLCM (vRealize Lifecycle Manager) Product Support Pack

In this guide i will go over the steps of getting an existing 8.x vRSLCM appliance to support the latest product releases available. Here is a great blog that goes in to the details about what the Product Support Pack is https://blogs.vmware.com/management/2019/01/vrslcm-pspak.html. Typically the newer Product Support Pack is included part of the upgrade for LCM, however sometimes there are product releases in between releases where product support packs come in handy.

The first step is to log in to vRealize Suite Lifecycle Manager under the Lifecycle Operations section

Go to settings -> Product Support Pack

We can see that i recently upgraded to 8.6 however a new update is available 8.6.0.1. Based on what we can see in the details the new support pack adds support for vRA 8.6.1. If an update is not available click on the Check Support Packs Online button and refresh the screen within a few minutes

Click on Apply Version

Verify that a snapshot or a backup exists and click Submit

We can view the progress by clicking on the Click Here link after submitting the request

Once the process is complete the system will most likely reboot. To check the status we can go back to settings -> Product Support Pack. As we can see we are now at the updated patch level

If you get the below error clear the browser cache and try again

Deploying vRA 8.6.1 using the Easy Installer

In this guide i will go over the deployment of vRA 8.6.1 using the Easy Installer. The reason i like the Easy Installer is because it deploys everything that i need. vIDM, Lifecycle Manager as well as vRA.

To get started we need to download the installer from here.

Once downloaded mount the iso as a drive using your favorite tool or extract it as a archive using something like 7-zip

Once mounted go to the CDROM in the mac directory if on mac or win32 if you are on windows. In here run the installer file

We will be presented with the following window:

The migration option allows us to migrate from from vRSLCM 2.1 to 8.x, it can migrate Datacenter and vCenters, all existing environments, DNS, SNMP, NTP, My VMware, proxy details, migration of vIDM installation as well as Blackstone Content endpoints. For the purpose of this guide we will process with the Install option

Once we click Install we will be presented with an Introduction of what components will be included part on the installation. In my case i can see vRealize Automation 8.6.1, Lifecycle Manager 8.6, Identity Manager 3.3.5.

Click Next, Review, accept the agreement and click next

Provide the vCenter details and click next. In my case i used the administrator account. A detailed list of permissions needed for deployment can be found here

Sections 4, 5, 6 and 7 are straight forward so i will skip them

In section 8 select a password that will be used across all products for the local usernames. ex for LCM root and local admin, vIDM admin, sshuser, root etc

Select a VM name for the Lifecycle Manager appliance and its ip credentials. If you are expecting a large repository in lifecycle manager we can add additional disk under the Increase Disk Size in GB section.

The FIPS Mode compliance option enforces FIPS compliance, however keep in mind that with the FIPS mode enabled there are limitation on what the product can do. This can be disabled later and re enabled as needed.

Complete the fields and click next

The next portion is vIDM. In case there is an existing vIDM appliance in the environment we can also import and existing vIDM appliance. In my case i will deploy a new one.

One important option under vIDM is the Sync Group Members to the Directory When Adding Group. When enabled, members of the groups are synced when groups are added from Active Directory. When this is disabled, group names are synced to the directory, but members of the group are not synced until the group is entitled to an application or the group name is added to an access policy. Note: Post deployment this value cannot be changed from vRealize Suite Lifecycle Manager. To update this field post deployment, navigate to VMware Identity Manager

My configuration page looks like this:

The next section is the vRA Configuration. In here we have a couple of options. We can perform a standard 1 node deployment or a cluster deployment which includes 3 appliances. The FIPS Compliance mode enables FIPS compliance. Unlike LCM this mode cannot be disabled after the deployment. This disables a number of options in vRA from an LCM perspective. Please make sure that its only enabled if required.

The advanced configuration at the bottom of the page includes the option to change the internal Kubernetes cluster and Service ip range. This is useful if the default range is already in use on the internal network. We want to make sure we pick an ip range thats not used somewhere else in order to avoid routing issues. Once complete click next

The next page gives us a summary of our deployment and we can click submit to start the deployment.

Next we are presented with the installation process. We can follow it along, in my environment the full deployment took about 1.5 hrs

After the install is complete we are presented to links for the different services

Next i would recommend LCM certificate management found here

Creating a Credential (MongoDB) (TVS)

In this guide we will go over Creating a Credential for MongoDB in vROPS for the True Visibility Management pack. The original documentation was posted here however it hasn’t yet been updated to vROPS 8.6 and the new vROPS cloud.

Procedure

  1. From the Left navigation bar, select Data Sources -> Integrations -> Credentials

Click the Add button on the top left. In the Manage Credential window that appears, select whether or not authentication is required for your MongoDB environment, then enter the information indicated below:

If authentication is required we would just select Authentication required under Credential Kind

vROPS 8.6 Administration – Where is it now?

During VMworld 2021 we announced vRealize Operations 8.6 which now provides allot of new features and capabilities. You can see an Whats New overview here as well as a feature walk through here.

I this blog we will be focusing specifically on the Administration menu and how it maps to the new 8.6 release. I covered the UI Navigation on my blog other here.

As you might be aware the Administration has now been redesigned to make it easier to navigate and find items. Lets jump in to it.

The first item on the list is Data Sources. To make it easier to get started the Data Sources can now be found on the home page as we get started. The accounts are now grouped together by account type ex: vCenter servers, AWS, Azure and so on. The Other Accounts sub-menu has been consolidated under the same menu. Because we combined the Cloud Accounts with Other Accounts we renamed the menu as Integrations.

The repository is now another tab under the Data Sources -> Integrations -> Repository

The Inventory menu has been moved under the Environment -> Inventory

The Policies have been moved to Configure -> Policies

The Access Control and Authentication Sources can now be found under the Administration menu

Custom Profiles has been renamed to Custom VM Profiles and it can be found under Configure -> Custom VM Profile

End Point Operations functionality is now included part of the telegraf agent via the cloud proxy and this menu item has been retired as its no longer in use.

The Group Types can now be found with the Custom Groups under Environment -> Custom Groups -> Group Types

Icons is considered an Administration item and it can be found under Administration -> Icons

Maintenance Schedules are considered a Non Administration Option that an non vROPS admin should be able to configure so its been relocated to the Configure sub menu

Configuration Files are locate under Configure -> Configuration Files

The object Relationships has been removed from the UI however it can be accessed by going directly to https://vrops_instance/ui/index.action#configure/object-relationships. The URL is the same for the SaaS as well as on premise

Optimizations Schedules has been moved under the Workload Optimization. It can be found by navigating to Optimize -> Workload Placement -> Optimization Schedules

Super Metrics are under Configure -> Super Metrics

Cost Settings are found under Configure -> Cost Settings

As described earlier in this post the Integrations have been combined with Other accounts and Other Accounts under Data Sources -> Integrations

Certificates, Cluster Management, Collector Groups and Collection Status have all been moved under Administration

The credentials have been consolidated under Data Sources -> Integrations -> Credentials

Global Settings, Licensing, Log Forwarding, Content Management can all be found under Administration

Outbound Settings are found now under Configure -> Alerts -> Outbound Settings

The rest of the items like Audit, Recent Tasks, Dynamic Thresholds, Logs, Redescribe, Cost Reference Database and Support Bundles can all be found under the administration menu

For more information visit us at https://www.vmware.com/products/vrealize-operations.html

vROPS 8.6 UI Navigation – Where is it now?

During VMworld 2021 we announced vRealize Operations 8.6 which provides a lot of new features and capabilities. You can see an Whats New overview here as well as a feature walk through here.

With the new UI release some of the content might not be where were used to find it in the previous versions. In this post we will navigate through some of the changes and point to “Where is it now”. I also covered the UI overview on my blog here

Lets jump in to it. As shown in the screenshot below in the old UI we used to have navigation items up top as well as on the side. Many of the menu options across the top were duplicated in the left-hand navigation menu and were consolidated in this release.

As we can see in the new UI we still have the 4 pillars that were used too however the top menu bar was removed in order to be more consistent with the rest of the products in our SaaS platform. The sidebar is also collapsible allowing us to use the space for other purposes.

The Home button can be easily be found as the first item in the menu

The Dashboards are now conveniently located under the Visualize menu. This allows us now to go directly to dashboards, views as well as reports.

The Alerts tab has been relocated under Troubleshooting. We can now easily navigate between different troubleshooting options like Alerts, the troubleshooting Workbench and log analysis all under the same menu.

The environment tab can be easily be spotted on the side menu. Once we click on it we will notice a number of additional items like the new Object Browser which allows us to navigate through the environment more easily as well as the older Inventory browser. Some of the other options that are included are the new Business Applications, the previously Applications, Custom Groups, Custom Datacenters as well as Cloud Zones

Lastly the Administration menu. The administration menu has been broken into 2 different menus. The first one is under Configure where we can make configuration changes for our monitoring options things like defining Policies, Alerts configuration, Super Metrics, Application Discovery, Application Monitoring, Cost Settings, Custom VM Profiles, Configuration Files as well as Maintenance Schedules

The second administration menu goes specifically in to overall product administration like Access Control, Certificates, Licensing, Collector Groups, Content Management, Orphaned Content, Global Settings, Icons, Audit, Recent Tasks, Dynamic Thresholds and Cost Calculation

Now that we have the top menu out of the way lets take a look at where the side Menu items are in the new UI.

The quick Start menu item is now our default Home page

The operations overview is now conveniently placed as another tab on the home screen

Workload optimization is now conveniently placed with other optimization items under the optimize menu and it has been renamed to Workload Placement

From a rightsizing perspective we can see that rightsizing is right under Workload Placement in the Optimize sub menu and it has been renamed to Rightsize

The Recommended Actions menu item has been deprecated however i did create the menu item as a dashboard and it can be downloaded from the Sample Exchange on code.vmware.com or by clicking here

The Optimize Capacity Overview page can be found under Capacity in the Optimize Menu

The Reclaim menu can be found under the Optimize Menu

What-If Analysis has been renamed as Capacity and it can be found under the Plan Menu

We can find the Troubleshooting Workbench under the Troubleshoot menu

The Virtual Machine menu was pointing to the VM Contention Dashboard which can now be found under Visualize -> All -> Performance -> Consumer -> VM Contention. The Dashboard can also be found by performing a search in the dashboard menu

The vSAN menu was pointing to the vSAN Contention Dashboard which can now be found under Visualize -> All -> Performance -> Provider -> vSAN Contention. The Dashboard can also be found by performing a search in the dashboard menu

Using Logs can now be found under Troubleshoot -> Log Analysis

The compliance menu has been moved under Optimize -> Compliance

Discover Services has been renamed to Application Discovery and it can be found under Configure -> Application Discovery

Monitor Applications was renamed to Application Monitoring and it can be found under the Configure menu

Automation Central can still be found as a separate item on the side menu

For more information visit us at https://www.vmware.com/products/vrealize-operations.html

Upgrading vRNI (vRealize Network Insight) to 6.4.0 via vRSLCM

In this post i will go over upgrading my 6.x vRNI appliance to 6.4.0 using vRSLCM (vRealize Suite Lifecycle Manager). As a pre requirement we do need to have vRSLCM (vRealize Lifecycle Manager) upgraded to 8.6. Instructions can be found here. The upgrade already includes the latest Product Support Pack so an update to the Product Support Pack is not required.

To get started we can go to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> Binary Mapping. (If you haven’t added your My VMware credentials you will need to do that first by going to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> My VMware)

Click on Add Binaries under Product Binaries

Select My VMware and click on Discover

We can see a list of binaries that have been discovered. Make sure we select the upgrade package not the install package. We can select what we need and click on Add

This will create a request and start downloading the package. To view the progress we can click on the Click Here hyperlink

Click on the in Progress button to view the details

We now have to wait for the download to complete

After the download is complete we can go to Environments -> View Details on the environment that includes vRLI

Click on Upgrade

An Inventory sync is recommended if the environment has changed since LCM performed the last sync. We trigger the sync from the UI or click on Proceed to continue

Select product Version 6.4.0 and click Next. We can also review the compatibility matrix to make sure the environment is compatible.

A new feature that was added was the capability to automatically create a snapshot prior to the upgrade and remove it after the upgrade. On this screen we also have the ability to chose if we want to keep the snapshots post upgrade for validation testing for example. Click next

Run the Precheck to make sure there are no errors or issues.

Once the check is complete we can review the checks that were performed and we can continue by clicking Next.

Review the upgrade details and click on Next. We are taken to the progress screen where we can follow the progress.

The system will get rebooted and once its back up we will be on 6.4

Since we are doing a major upgrade i strongly recommend to clean the cache before using the new vRNI version.

Upgrading vIDM (VMware Identity Manager ) to 3.3.5 via vRSLCM

In this post i will go over upgrading my 3.3.3 vIDM appliance to 3.3.5 using vRSLCM (vRealize Suite Lifecycle Manager). If you want to upgrade to LCM 8.6 instructions can be found here. The upgrade already includes the latest Product Support Pack so an update to the Product Support Pack is not required.

To get started we can go to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> Binary Mapping. (If you haven’t added your My VMware credentials you will need to do that first by going to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> My VMware)

Click on Add Binaries under Product Binaries

Select My VMware and click on Discover

We can see a list of binaries that have been discovered. Make sure we select the upgrade package not the install package. We can select what we need and click on Add

This will create a request and start downloading the package. To view the progress we can click on the Click Here hyperlink

Click on the in Progress button to view the details

We now have to wait for the download to complete

After the download is complete we can go to Environments -> View Details on the environment that includes vIDM

Click on Upgrade

An Inventory sync is required when performing vIDM upgrades. We trigger the sync from the UI and click on Proceed once completed to continue

Select product Version 3.3.5 and click Next. We can also review the compatibility matrix to make sure the environment is compatible.

A new feature that was added was the capability to automatically create a snapshot prior to the upgrade and remove it after the upgrade. On this screen we also have the ability to chose if we want to keep the snapshots post upgrade for validation testing for example. Click next

Run the Precheck to make sure there are no errors or issues.

There`s a list of Manual Validations. Once verified click on I took care of the manual steps above and am ready to proceed check box and click on Run Precheck

Once the check is complete we can review the checks that were performed and we can continue by clicking Next.

Review the upgrade details and click on Next. We are taken to the progress screen where we can follow the progress.

The system will get rebooted and once its back up we will be on 3.3.5

Since we are doing a major upgrade i strongly recommend to clean the cache before using the new vIDM version.

Upgrading vRLI (vRealize Log Insight) to 8.6 via vRSLCM

In this post i will go over upgrading my 8.x vRLI appliance to 8.6 using vRSLCM (vRealize Suite Lifecycle Manager). As a pre requirement we do need to have vRSLCM (vRealize Lifecycle Manager) upgraded to 8.6. Instructions can be found here. The upgrade already includes the latest Product Support Pack so an update to the Product Support Pack is not required.

To get started we can go to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> Binary Mapping. (If you haven’t added your My VMware credentials you will need to do that first by going to vRealize Lifecycle Manager -> Lifecycle Operations -> Settings -> My VMware)

Click on Add Binaries under Product Binaries

Select My VMware and click on Discover

We can see a list of binaries that have been discovered. Make sure we select the upgrade package not the install package. We can select what we need and click on Add

This will create a request and start downloading the package. To view the progress we can click on the Click Here hyperlink

Click on the in Progress button to view the details

We now have to wait for the download to complete

After the download is complete we can go to Environments -> View Details on the environment that includes vRLI

Click on Upgrade

An Inventory sync is recommended if the environment has changed since LCM performed the last sync. We trigger the sync from the UI or click on Proceed to continue

Select product Version 8.6.0 and click Next. We can also review the compatibility matrix to make sure the environment is compatible.

A new feature that was added was the capability to automatically create a snapshot prior to the upgrade and remove it after the upgrade. On this screen we also have the ability to chose if we want to keep the snapshots post upgrade for validation testing for example. Click next

Run the Precheck to make sure there are no errors or issues.

Once the check is complete we can review the checks that were performed and we can continue by clicking Next.

Review the upgrade details and click on Next. We are taken to the progress screen where we can follow the progress.

The system will get rebooted and once its back up we will be on 8.6

Since we are doing a major upgrade i strongly recommend to clean the cache before using the new vRLI version.