Deploy vRealize Automation Software Components on Azure and AWS

Setup Azure and vRA Azure Endpoint

I followed the lead of these two comprehensive blogs

vRA7.2 DIG – Microsoft Azure Integration, Jad El-Zein
vRealize Automation 7.2 – Azure Integration, Michael Rudloff

and of course the official documentation

Create a Microsoft Azure Endpoint

in order to setup a working Azure account, vRA fabric and reservation.

Create a first VM as Template

I have looked up a suitable Azure template from Stock with the CLI:

az login

az vm image list --offer CentOS -o table --all

....
OpenLogic:CentOS:7.2:7.2.20170517
....

With this template I created a first blueprint to test the simplest use case:

 

The network tab I left unchanged. With this blueprint I could successfully provision a first VM.

Setup up VPC Connectivity

This VM I used in for setting up the port forwarding – and cloned it as a base for the template.

Configure Network-to-Azure VPC Connectivity

Some improvements for setting up a portforwarder host:

Add the RSA key and this file „.ssh/config“

Host <azure-public-domain>.westeurope.cloudapp.azure.com
User root
IdentityFile ~/.ssh/id_rsa
RemoteForward <azure-private-ip-portforwarder>:1442 <private vra-domain>:5480
RemoteForward <azure-private-ip-portforwarder>:1443 <private vra-domain>:443
RemoteForward <azure-private-ip-portforwarder>:1444 <private iaas-domain>:443
ServerAliveInterval 30
ServerAliveCountMax 40
TCPKeepAlive yes

In order to make this work you have to assign a public IP to the created VM in Azure („azure-public-domain“) and note the private IP for future reference. At this point I deployed a second VM on Azure to have a base for a vRA-enabled template.

Create your Azure vRA Template Image

You can test your setup by sshing in your Azure VM and trying to download the vRA preparation script (I modified it and set checkCertificate=false):

wget --no-check-certificate https://<azure-private-ip-portforwarder>:1443/software/download/prepare_vra_template.sh
chmod +x prepare_vra_template.sh
sudo ./prepare_vra_template.sh -a <azure-private-ip-portforwarder> -A 1443 -m <azure-private-ip-portforwarder> -M 1444 -c ec2 -t 300 -j true

This will download all necessary components and install them properly.

If you want to use these agents you will have to disable SELinux

sudo vi /etc/sysconfig/selinux

set

SELinux=disabled

Now you have the choice: you have to get the Azure setup scripts and place them accessible in your template: on

https://<private vra-domain>/software/

you will find two files (script.ps1 and script.sh) that you can put either on the local file system (i.e. /opt/vmware-appdirector/scripts/) or you can use the sophisticated approach and attach the Azure storage to the VM. Download the storage explorer and follow this manual. That’s how it looks like to get the necessary URL, url and password:

I added this to the fstab after having uploaded the files to the share /vrascripts:

sudo vi /etc/fstab

//vracloud.file.core.windows.net/vrascripts /opt/vmware-appdirector/vrascripts cifs vers=3.0,username=vra****,password=pAk17SpJTK********************qD4yA==,dir_mode=0777,file_mode=0777,serverino

Now you have to clean up the VM before you are turning it into a template (I followed this manual):

sudo waagent -deprovision+user -force
exit

Then switch back to the azure CLI and do the following sequence:

az vm deallocate --resource-group <yourRG> --name <yourVM>
az vm generalize --resource-group <yourRG> --name <yourVM>
az image create --resource-group <yourRG> --name <yourTemplateName> --source <yourVM>

If you have deployed the VM over vRA you will have an issue now: you should not delete the VM in vRA anymore.

With the last Azure CLI command you will get the URL of your template as a return value. With a simple „az image list“ you will get it once again, copy the „blobUri“ in order to use the template in the next tasks.

That’s what you have to set if you want to use your own private templates.

Adapt your Azure Reservation for Software Components

According to this official manual you have to set some custom properties in your reservation:

Attention: use „file://“ protocol for the script paths or you will get the „Malformed status file [000003] Invalid status/status: failed“ error from Azure.

Further readings for enabling Software Components on AWS

Adding an AWS endpoint to vRealize Automation 7, Sam McGeown
Deploying to AWS with Software Components on vRealize Automation 7, Sam McGeown

Preparing Your Amazon AWS Environment

In the official vRA documentation recommends the same port forwarding approach as I already explained above.

Test the Setup

You should be able to install any software component with scripts that are executable on the target VMs. If you are not used to author software components checkout the rainpole scenario:

Installing and Configuring vRealize Automation for the Rainpole Scenario

Have fun jumping over the clouds!