Orchestrator and Hytrust

Similar Questions

• Orchestrator and vCD

  If Orchestrator is currently your orchestration and integration platform, and you want to implement vCD, how are Orchestrator and vCD?  Is orchestrator tool to use for integration, if you use vCD for virtual machines from a portal providing web front end?

  Technically, you can integrate with vCD API using REST, SDK, Orchestrator and PowerCLI.

  For the integration of band South (blocking tasks, notification, extensibility API) any iterfacing client with rabbitMQ would work but the mechanism of this integration is available in this package: tasks of vCloud Director 5.1/5.5 and notification using AMQP package locking

• Orchestrator and multi-tenant

  I use Orchestrator in a multi-tenancy environment.  What I try to do is:

  Set up a master orchestrator instance where I can centralize workflow execution.

  Implemented the slave instances in environments different tenant I can call with the plugin multiple nodes.

  The problem is that the environments are separate and accessible only via a vpn tunnel.

  How should I configure master orchestrator and the slave to connect via vpn?

  I must:

  1. use a "plugin of VPN connection' if there is one, to establish a connection via vpn?
  2. use the plug-in of HTTP-rest and give the two VCOs, one IP address public and some time to public web interface, if it can be done safely, perhaps to paste the slave vCO in the DMZ?

  3 another way?

  Thanks for the input!

  If you have an always on the VPN connection to the remote/slave instances then just opening the firewall ports to allow the master to connect to the instance of remote/slave.

  Ports are listed on page 38 & 39:

  http://pubs.VMware.com/vSphere-55/topic/com.VMware.ICbase/PDF/vCenter-Orchestrator-552-install-config-Guide.PDF

  Documentation of the plugin of several nodes:

  http://pubs.VMware.com/Orchestrator-plugins/topic/com.VMware.ICbase/PDF/using-multi-node-plugin-10-Guide.PDF

  From what I can tell, you would need the following ports open between the master (source) and remote/slave (destination):

  • TCP - 8230 - the main port to communicate with the server Orchestrator (JNDI port).
  • Trust TCP - 8250 - for SSL (multi-noeuds plugin documentation - "Activate Orchestrator for the remote execution Workflow")

• Integration Orchestrator and VIPR

  Looking at integration with vRO and VIPR and a few questions:

  I use vrealize automation, so that pretty much defines vRO as the engine of orchestration in terms of sizing the virtual machine and vCloud. When should I take the EMC storage associated aspects I must orchestrate and use VRO to them directly and when should I stand up VIPR and have vRO make calls to VIPR?

  Hello

  I think that the two strategies are valid and possible. I would contact EMC for the ViPR plugin and information on its roadmap.

  If the plugin provides on the workflows of box for the tasks you want to automate, while probably will allow you to create your solution with much less effort.

  Also, if EMC maintains the ViPR plugin in the future, you will not be worrying a lot of back-end storage systems updates, ViPR and the ViPR plugin because (hopefully) the details of the version and maintains the compatible plugin.

  On the other side, if you now (and for the foreseeable future) only have a little small (aka easy to implement) tasks of automation to the storage system that you need for your global sourcing of VM / life cycle process, then adding ViPR is perhaps an overdose (and introduce more complexity in the overall architecture as necessary).

  So as usual, the answer is: it depends on :-)

  I hope this helps!

  Joerg

• Orchestrator and plugin development

  I need orchestrator to talk to a number of third-party systems for which no plugin has been developed yet.  It's all part of a single process of provisioning of Vm.  Should I create a plugin for each system for which no plugin exists, or should I create a plugin "Vm provisioning" giant who can talk to multiple systems?

  It depends; both options have advantages and disadvantages.

  I would go for a plugin by approach because it is more flexible (for example. If a new system appears in the future, you will only need to write a plug-in for it and add it to the photo instead of updating the giant's fits-them-all plug-ins).

  You can also consider using the existing plug-in dynamic Types. Initially, you could make a rapid prototyping with him and later when you become more familiar/feel more comfortable with a 3rd party data API system, to implement a 'good' plugin for it.

• Orchestrator and integration

  I need to talk to a number of products of third party such as a CMDB, IPAM and DHCP product backup during the procurement process the orchestrator.  What is the best programming language to use? Assuming that I am uncomfortable or having people on my team fluent in java, python, vb.net, javascript and ruby, which is the best language?

  I wouldn't say THAT REST is necessarily "better", it's just that we prefer to use when possible. The plugin makes it pretty easy to use, and it's usually QUICK. When we moved to run external scripts using REST, we literally went from 3-5 minutes per call within 5 seconds in some cases.

  Our usual order will:

  1 REST (vCO plugin)

  2 SOAP (also vCO plugin, but a bit more difficult to use than the REST plugin)

  3 Powershell / shell scripts

  An API which gave us a specific disorder through vCO is XML - RPC. While it is a web API, we could not get that to work without running shell scripts, which kind of defeats the purpose.

  One of the most important factors: sometimes a single API will not expose the same functionality as other API. We have had cases where the REST API didn't expose as much as the SOAP API, even if both were available for the same product. Make sure you according to API you choose offers all the features you need, or you'll find yourself your integrations of rewriting later.

• vCO / Orchestrator and PowerShell version 3.0

  Does anyone know if vCO officially supports PowerShell 3.0?

  isn't 3, and 4.

• Orchestrator and VIX Workflow Plugin

  Hi guys

  I will have two streams of work:

  • Clone and sysprep
    
  • Copy files, run a Script, the Delete Directory, restart
    

  So when I run the first workflow (Clone and Sysprep) ended successfully

  When I run (copy files, run a Script, remove the directory, Reboot) it has also successfully completed

  But when I add workflows (copy files, run a Script, remove the directory, restart) the workflow (Clone and sysprep) he has still failed on the beginning of the workflow (copy files, run a Script, remove the directory, restart)

  Error message is the virtual machine must be turned on.: 3006

  Screenshots of workflow:

  Clone and Sysprep

  

  Copy files, run a Script, the Delete Directory, restart

  

  Any ideas?

  Hello!

  If I see on the right, you have bound the bad VcVirtualMachine to the copy of the files...-Workflow:

  You don't need the flow of job-input-parameter "vm", but the result of the task of cloning: tempNewVM

  When you bind this stream of work-attribute of the workflow element copy files, it should work.

  Kind regards

  Joerg

• Orchestrator how Automatic Add the computer to the specific ORGANIZATIONAL unit and edit the Description of the computer

  Hello

  We use VMware Orchestrator to clone sysprep VM templates, and join the virtual machine to the domain.

  The problem is that we cannot find a function in Orchestrator to join VM to the specific ORGANIZATIONAL unit and edit the description of the computer.

  Our workflow built sysprep on the fly so that we can not add a command in sysprep to join the specific ORGANIZATIONAL unit

  Plugin installed:

  • VIX
    
  • Active Directory
    

  Example workflow:

  Any ideas how to set up our requirements in the workflow

  Hello

  Over the past two months, I learned Orchestrator and built a large workflow highly customized for the automation of windows and linux deployments of models.  We are also in two different datacenters which each have their own ORGANIZATIONAL unit in AD.  The solution I use is "dsadd computer" (http://technet.microsoft.com/en-us/library/cc754539 (WS.10) .aspx) and then then I execute 'netdom' on Windows OS which adds the server to the domain and reboot.

  I use sysprep for the IP configuration, etc., but don't not to join the server to the domain.  Once sysprep is finished I execute the following code to add the computer object to the specific ORGANIZATIONAL unit:

  var cmdText = "cmd/c";
  "var = cmdLine" dsadd computer------"" + att_AD_OUPath + "------"-desc------"" + arg_in_AD_ComputerDescription + "\" - u "+ att_domainUser + '-p' + att_domainPass;

  order = new order (cmdText + cmdLine);
  returnCode = command.execute (true);

  If (returnCode == 0)
  {
  System.log ("computer" "+ arg_in_serverName +" has been added to the domain");
  }
  on the other
  {
  throw "error adding computer '" + arg_in_serverName + "' to the field."
  System.Error ("error adding computer '" + arg_in_serverName + "' field.");
  }

  Installation program:

  • Standalone Orchestrator installed on Server 2008
  • Active Directory Domain Services role installed on the server Orchestrator

  I hope this helps!

  Post edited by: robrtb12

• Purpose code and sample Orchestrator?

  I read on Orchestrator that I can get information - and I've read the manuals provided with vSphere.  Unfortunately, there are not a lot of meat in it.  I think it would help to see some examples of what can do Orchestrator, or what VMware wants it to do.

  Customers are constantly asking since VMware is he pitching as a big novelty in vSphere, but I can't explain to them why they should attend this topic without some sort of example. The slides shown by the guys in sales at launch of vSphere events are unnecessary: essentially an image containing boxes of the flowchart and arrows and the word, "Orchestration" on everything.

  I am familiar with LCM and the Orchestrator backend. There were rumors of "many examples included with vCenter 4.0." I was envisioning hooks between Orchestrator and currently anemic "Scheduled tasks" function of vCenter, but I did have the time to go spelunking in the C:\Program Files\VMware directory.

  As I mentioned, we ship nearly 300 actions and workflow of the default product.  Personally, when I need examples, this is where to look.  There are a lot of workflow that serve as good examples.

  We aim the admins and the workflow designers.

  • -For admins, there are workflows in the library that I don't know that they find useful immediately.  Plus, we ship other workflows with each version of update.  For example, in U1, we will probably release workflows that help you find VMDK orphans in all stores of data that VC is unaware.  Here's the workflow that an admin can run out of the box which is very useful right now.

  • -For the creators of workflow, vCO has been used to create data center automated incrediblly that automate all storage and network, commissioning to pupolating CMDB and report on virtual infrastructure.

  If your goal is to create complex workflows, I agree that it is a tool where you need to spend time, do some investments before you can begin to see returns. But the typical VI admin should have no trouble to run workflows out of the box.

  However, creating a workflow, for example, create a VM and email you settings, should be something that is not too difficult to accomplish because the two workflow is included in the library and you only need to create and link a bunch of variables.

  Descriptions of each workflow is actually a part of the workflow.  If you are interested, I certainly encourage you to open the client of vCO and watch a workflow or both.  Separately, we are working on a catalogue of workflows that are not the customer, so people can look through them without the client.

  SIA

• Conductor with virtual TP and CUCM

  Hi all

  I deployed a telepresence system with:

  -CUCM 02.

  -Telepresence 01 conductor.

  -01 telepresence virtual server.

  Through this guide, I have configured:

  -SIP Trunk of CUCM TP driver (Rendezvous) and model of routing to make call.

  -Bridge Conference and conference bridge pools, Conference

  -Models Conference and conference alias.

  -L' user to connect.

  -Add TP CUCM license; touch, call session for conductor; STM license screen.

  My test scenario:

  -01 camera SX10 call to conference by routing model 6188 list road bridge room is 'Rendezvous_Trunk'.

  -In the conductor, make "Rendezvous meeting" of the alias(6) @.*'-'\1.rendezvous_mtg'withHD Servicemodels.

  "HD Service" have Conference bridge "To_VTS".

  State of the link/trunk:

  -Trunk of CUCM TP Condutor:Time up: 0 days 1 hour 29 minutes.

  -Bridge Conference in TP driver: permits and status: active.

  But the call cannot be successful with the message 'your call cannot be completed as composed. Please check your phone book and call again, or ask your operator for assistance.'

  I see that it connects VTS:

  280 Conference APP Info '6188.rendezvous_mtg' 08:23:13.256: deleted via API (not of participants)
  279 08:22:21.505 Conference APP Info '6188.rendezvous_mtg' created

  And the TP driver has 3 alarms:

  - Conference bridge is missing the function of encryption key: one or more conference bridges lacks the function of encryption key. This is required for all driver telepresence B2BUA links.
  - Warning of telepresence Server license resources: use of the licenses of individual server of telepresence is close or has reached its full capacity
  - Resource server telepresence pool license warning: license server of telepresence pool use is close or has reached its full capacity

  I miss encryption license, time in the head of the Orchestra and STM even not (because the STM using GMT time and cannot change his).

  Any help is appreciated.

  Thank you and best regards,

  Thanhduytran

  Hello

  Driver Telepresence Unified CM deployment guide x.24

  on page 17, you can find concerning the encryption key

  Task 8:
  Installation of an encryption key
  The telepresence server has the ability to use a secure communications connection. These security features are enabled with the option of encryption. You must install the option key so that this deployment to work.

  This is related to the mechanism how conductor and TP server communicate with each other. He can't speak SIP secure (TLS).

  We tested it in our lab, without encryption key, that it did not work.

  If you can ask cisco, let them meet and share their response

  HTH

  Anas

  don't forget to note the useful messages

• Creation of OAM authentication Plugins, plans and policy responses by command line

  Hi all

  I was plenty around, search the internet and MOS but did not find anything so far.

  In OAM (11.1.2.2.4) I am trying to create a PlugIn for authentication, specify the step, the config params, orchestration, and so on. It works pretty well through the GUI. However, as I have a lot of different situations to deal with, I would like to automate this, using a command line tool (wlst.sh I think).

  Does anyone know how I could do?

  Side, I would also seek the same for patterns of authentication and responses, but I hope that as soon as I know how to do it on the plugin from I can derive from those others here.

  It is doable but completely undocumented. What you need to do is wlst write scripts that access the mbean OAM, who is responsible for the update of oam - config.xml to add the required parameters.

  What I do is to capture the current settings (IE make a backup of oam-config. (XML), and then perform the configuration via oamconsole. Then, compare the oam - current config.xml with the backup and note the differences. Using wlst and OAM mbean to add these entries. This wil you require to understand how to upgrade the config.XML of oam - via the mbean and involves a bit of understanding of jython to do the job.

  For policy responses and enforcement strategies, you can use the OAM REST interface which you can drive from curl or anything that can handle http requests. It is much easier to use than rreg.

• Orchestrator 7.01 no record with vCenter 6 u2 device

  Hi all

  I try to get Orchestrator 7.01 working with our 6 vCenter u2 aircraft. The workflow on 'Add a vCenter server instance' and 'Register vCenter Orchestrator as a vCenter Server extension' said they successfully completes. The instance of vCenter appears in Orchestrator after the workflow Add. In the web client to vCenter, I go to the House/vRealize Orchestrator and I don't see the getting started page. For some reason, I don't know, Orchestrator is not enrolls as an extension in vCenter. I checked http://vcenter/mob. Has anyone seen this / know what's the problem?

  I activated the TLS 1 unit Orchestrator to try to eliminate this as a problem.

  Any help would be greatly appreciated.

  Thank you

  Brian

  OK, it seems that this error occurs when you provide a wrong value for the second parameter of the workflow of entry "Insert Orchestrator as vCenter Server extension" (the setting labelled 'External to announce this Orchestrator address').

  If you provide the address in a format such as sample.domain.com or 10.20.22.23, the workflow completes successfully but extension is not registered, and the error will appear in the newspapers.

  The correct format would be something like https://sample.domain.com:8281 or https://10.20.22.23:8281 (i.e., a full URL specifying system/ip address and port).

  Another option would be to try the second empty parameter, in which case the workflow will try to record multiple URLS for each network interface on your machine to entrance on the left, but that could be problematic in some cases, especially with the IPv6 interfaces.

• Impossible to connect to new vRealize Orchestrator install

  Hey all, I installed vRealize Orchestrator and has not been able to enter the correct credentials. I tried using the root login and password during installation, I created and I tried to use my credentials for vCenter (format username@domain both user domain\username) but no joy. I get the "" connection failed: incompatibility of the username/password or account temporarily blocked after too many failed attempts "error message." I think I've tried four times; How many times are too many failed attempts?  I checked in vCenter and my vCenter admin account was listed under > manage > permissions for vRealize. I was skeptical that I had incorrectly entered the root password but I thought I would give it another try so I did a nuke and repopulate and tried again. No, I still can't with the credentials that I created or my credentials for vCenter. "Installation and Configuration Guide" is not much help here.

  I'm trying to install VMware-vRealizeOrchestrator-Unit - 6.0.4.0 - 3619080_OVF10.ova in VMware vCenter 6 Standard. Am I missing a step somewhere that will help me to access and configure my vRealize Orchestrator?

  Thank you

  Joe B

  Hey Joe,

  Where exactly you are trying to connect with the root account? Client Java vRO, or in the vRO Web Configurator, or elsewhere?

  By default, vRO is configured with LDAP authentication, integrated, to connect with the vRO Java client, you will need to use some of the embedded LDAP user accounts (IE. ( vcoadmin). For the Web Configurator, I think the default user name is vmware. The root account is if you want the SSH connection at the vRO device.

• vRealize Orchestrator - cannot add to vSphere Web Client

  Hello

  I configured the device vRealize Orchestrator and added the vCenter Server to the server via the customer to vRO Orchestrator--> library and can successfully run workflows against objects in vCenter. Then vRO works.

  BUT

  The problem I have is that I can't seem to add the server vRO to vSphere Web Client. I do not see the plugin if and when I go to the Orchestrator plugin I see the vCenter Server in the "House of vCO' tab but"N/A"under"Managed by vCenter Orchestrator Server"." Under the "Lists" section it says "vCO servers: 0".» What Miss me?

  I tried to add the new server to vRO (device) by changing the vCenter object and enter the server IP new vRO. But "Test connection" fails every time.

  In addition, vCO has been installed with vCenter initially but never used and not yet used. But I don't think it would make a difference.

  I don't see the vCenter plugin tab in the left menu when connecting to vRO with the customer and com.vmware.vco isn't showing in /mob .

  Versions:

  vCenter: 5.5u2

  vRO: 6.0.3.0 build 3000579

  Thank you!

  Hello

  I'm a bit confused. It seems you are trying to use the two vCO 5.5.2 and vRO with VC 5.5.2 6.0.3, but plug-ins are different (they have different deployment mechanism, different extensions in MOB, etc.). I recommend you stick to the version of the vCO you got installed with VC - in this case, 5.5.2.

  Then, check the following:

  • Check that the vCO is configured with the SSO authentication, and it is the same instance used by VC/Web Client SSO
  • Check that this instance of vCenter is added as properly to vCO and there is an extension of 5.5.x - style into the CROWD. His name is com.vmware.orchestrator. [some-guid]
  • Check that the extension of the server property contains a record with URL property pointing to the server fine vCO - https:[vco-ip]:8281
  • Make sure that the user you are using to connect to the Web Client has a permission; for example. You should be able to connect to vCO Client Java with this user

  If the foregoing is valid, check the Web Client (vsphere_client_virgo.log) log file for any errors of loading of the vCO and connection at the vRO server plugin.