In this post we will learn how to leverage vRealize Suite Life Cycle Manager (vRSLCM) API to automated deployment & configuration.
With release of vRSLCM 8.x, VMware introduced simple installer (similar to vCSA) for deployment of vRSLCM. Below is screenshot of how the simple installer looks like.
As of now we don’t have any API which can be leveraged to automate appliance deployment, so we will perform this task via ovftool.
Deploying vRSLCM via ovftool
1 |
ovftool --name=vrslcm2.mgmt.vmw --X:injectOvfEnv --X:logFile=ovftool.log --allowExtraConfig --noSSLVerify --datastore=vsanDatastore --network=VM_MGMT --acceptAllEulas --diskMode=thin --powerOn --prop:vami.hostname=vrslcm2.mgmt.vmw --prop:varoot-password=XXXXX --prop:va-ssh-enabled=True --prop:va-firstboot-enabled=True --prop:va-telemetry-enabled=True --prop:va-ntp-servers=x.x.x.x --prop:vami.gateway.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=x.x.x.x --prop:vami.domain.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=mgmt.vmw --prop:vami.searchpath.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=mgmt.vmw --prop:vami.DNS.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=x.x.x.x --prop:vami.ip0.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=x.x.x.x --prop:vami.netmask0.VMware_vRealize_Suite_Life_Cycle_Manager_Appliance=255.255.255.0 C:UsersAdministratorDownloadsvra-lcm-installer-14878991vrlcmVMware-vLCM-Appliance-8.0.0.16-14878959_OVF10.ova vi://root@esxmb4.mgmt.vmw/ |
1: Changing vRSLCM Appliance Initial Password via API
Once vRSLCM appliance is deployed and boots up, default login credentials for admin user is admin/vmware and you are prompted to change password on first login. To perform the same via API, see below example:
1 2 3 4 5 6 7 8 9 10 11 12 |
Method: PUT URL: https://<vrslcm-fqdn>/lcm/authzn/api/firstboot/updatepassword Auth: Basic: admin@local/vmware Request Body: { "username":"admin@local", "password":"New Password" } |
Sample Response: If the call is successful, you will see below response
1 2 3 4 5 |
{ "status":"SUCCESS", "statusCode":"OK", "message":"Admin password updated sucessfully" } |
2: Login to vRSLCM: Before we can execute vRSLCM configuration API, we need to authenticate against appliance first. Please use below sample call for the same:
POST https://<vrslcm-fqdn>/lcm/authzn/api/login
Auth: Basic: admin@local/New password
If you are using postman for executing API, then you see a cookie called JSESSIONID created. This cookie is replicated automatically to all the new tabs which you are gonna open in postman.
3: Expand vRSLCM LVM: By default all products binaries that are downloaded from myvmware portal or uploaded offline to vRSLCM appliance, sits in /data partition which is just 20 GB big. Since 20 GB is not big enough to accommodate all binaries. we need to expand this partition. This can be done via below API call:
1 2 3 4 5 6 7 8 9 10 11 12 |
Method: POST URL: https://<vrslcm-fqdn>/lcm/lcops/api/settings/lcmvadiskexpand Request Body: { "vCenterHost":"vcenter.mgmt.vmw", "vcUsername":"sysAdmin", "vcPassword":"locker:password:863b35fb-598d-4e8b-840f-db5176ad8764:defaultConfigPAssword", "diskSizeInGb":"60" } |
Where vcPassword can be fetched via below API Call and grepping for vmid associated with “alias”: “defaultConfigPAssword” from response output.
GET https://<vrslcm-fqdn>/lcm/locker/api/passwords
4: Configure System NTP Settings: Here we are configuring NTP server to be used by vRSLCM appliance.
1 2 3 4 5 6 7 8 9 10 11 12 13 |
Method: POST URL: https://<vrslcm-fqdn>/lcm/lcops/api/settings/ntpsetting Request Body: { "dateTime":"null", "syncWithHost":"false", "ntpServerEnabled":"true", "ntpServers":"x.x.x.x", "ntpServerStarted":"false" } |
5: Configure product NTP Settings: Here we are configuring NTP server to be used by all vRealize products that will be deployed via vRSLCM.
1 2 3 4 5 6 7 8 9 10 |
Method: POST URL: https://vrslcm.mgmt.vmw/lcm/lcops/api/settings/productntpsetting Request Body: { "name": "Prod-NTP", "hostName": "x.x.x.x" } |
6: Configure Product DNS Setting: Here we are configuring DNS server to be used by all vRealize products that will be deployed via vRSLCM.
1 2 3 4 5 6 7 8 9 10 |
Method: POST URL: https://vrslcm.mgmt.vmw/lcm/lcops/api/settings/productdnssetting Request Body: { "name": "Prod-DNS", "hostName": "x.x.x.x" } |
7: Configure vRSLCM Product Repo: Before we can install any vRealize product, we need to download product binaries either from myvmware portal or upload the offline installer ova’s to vRSLCM local storage (inside /data). To keep things simple I will be using offline upload method.
For configuring offline repo, first we need to create a directory inside /data in vRSLCM appliance. Once this directory is created, we need to upload ova’s in this directory.
Set vRSLCM Repo to Local: Lets assume /data/repo is the directory which will hold all the OVA’s. Below API call will set the repo to /data/repo
1 2 3 4 5 6 7 8 9 10 |
Method: PATCH URL: https://vrslcm2.mgmt.vmw/lcm/lcops/api/settings/sourcelocationsetting Request Body: { "sourceType":"Local", "sourceLocation":"/data/repo" } |
Map Product Binaries: Let’s assume you have uploaded below ova’s in /data/repo
- VMware-vRealize-Log-Insight-8.0.0.0-14870409_OVF10.ova
- vRealize-Operations-Manager-Appliance-8.0.0.14857692_OVF10.ova
Below API call will map the uploaded ova’s to the /data/repo and then you will be able to install both vRLI and vROPS via vRSLCM.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
Method: POST URL: https://<vrslcm-fqdn>/lcm/lcops/api/settings/sourcelocationsetting Request Body: [ { "name":"VMware-vRealize-Log-Insight-8.0.0.0-14870409_OVF10.ova", "filePath":"/data/repo/VMware-vRealize-Log-Insight-8.0.0.0-14870409_OVF10.ova", "type":"install" }, { "name":"vRealize-Operations-Manager-Appliance-8.0.0.14857692_OVF10.ova", "filePath":"/data/repo/vRealize-Operations-Manager-Appliance-8.0.0.14857692_OVF10.ova", "type":"install" } ] |
8: Create Datacenter
1 2 3 4 5 6 7 8 9 10 11 |
Method: POST URL: https://<vrslcm-fqdn>/lcm/lcops/api/datacenters Request Body: { "dataCenterName":"MaaS-SDDC", "multiSite":false, "primaryLocation":"Bangalore;Karnataka;IN;12.97194;77.59369" } |
9: Create Region
1 2 3 4 5 6 7 8 9 10 |
Method: POST URL: https://<vrslcm-fqdn>/lcm/lcops/api/datacenters/MaaS-SDDC/regions Request Body: { "location":"Karnataka", "regionName":"Bangalore" } |
10: Create Zones
1 2 3 4 5 6 7 8 9 10 |
Method: POST URL: https://<vrslcm-fqdn>/lcm/lcops/api/datacenters/MaaS-SDDC/regions/Bangalore/zones Request Body: { "location":"Karnataka", "zoneName":"Bangalore" } |
11: Add vCenter Server
1 2 3 4 5 6 7 8 9 10 11 12 13 |
Method: POST URL: https://<vrslcm-fqdn>/lcm/lcops/api/datacenters/MaaS-SDDC/regions/Bangalore/zones/Bangalore/vCenters Request Body: { "vCenterHost":"vcenter.mgmt.vmw", "vCenterName":"vcenter.mgmt.vmw", "vcPassword":"VMware123!", "vcUsername":"administrator@vsphere.local", "vcUsedAs":"MANAGEMENT" } |
12: Create Certificate: We need to create self-signed certificate using vRSLCM before we can create any environment. We can use same certificate for all the vRealize products that will be deployed via vRSLCM or we can create certificates for individual products as well.
In this example I have created a certificate that will be used by all the products that will be deployed later.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
Method: PUT URL: https://<vrslcm-fqdn>/lcm/locker/api/certificates/{cert-alias} Request Body: { "cN":"*.mgmt.vmw", "host":[ "<vrslcm-fqdn>", "vidm.mgmt.vmw", "vrli.mgmt.vmw", "vrops.mgmt.vmw", "vrni-platform.mgmt.vmw", "vrni-collector.mgmt.vmw" ], "ip":[ "x.x.x.x", "x.x.x.x", "x.x.x.x", "x.x.x.x", "x.x.x.x", "x.x.x.x" ], "o":"VMware", "oU":"Eng-MaaS", "c":"IN", "sT":"Karnataka", "l":"Bangalore", "size":2048, "validity":1825 } |
13: Add Licenses: We need to add product specific licenses in vRSLCM.
1 2 3 4 5 6 7 8 9 10 11 |
Method: POST URL: https://<vrslcm-fqdn>/lcm/locker/api/license/validateAndAdd Request Body: { "alias":"vRNI", "description":"vRealize Network Insight", "serialKey":"xxxxx-xxxxx-xxxxx-xxxxx-xxxxx" } |
14: Create Global Environment: The very first environment that is created in vRSLCM is globalenvironment. vIDM is also deployed as part of global environment creation.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 |
Method: POST URL: https://<vrslcm-fqdn>/lcm/lcops/api/environments/create Request Body: { "environmentId":"globalenvironment", "environmentName":"globalenvironment", "infrastructure":{ "properties":{ "dataCenterName":"MaaS-SDDC", "regionName":"Bangalore", "zoneName":"Bangalore", "vCenterName":"vcenter.mgmt.vmw", "vCenterHost":"vcenter.mgmt.vmw", "vcUsername":"administrator@vsphere.local", "vcPassword":"locker:password:7bbf55e8-6427-461f-aede-08961c88b619:VC-Password", "acceptEULA":"true", "enableTelemetry":"false", "adminEmail":"xyz@vmware.com", "defaultPassword":"locker:password:970effee-9b18-4791-a6d1-e6d377343299:Default", "certificate":"locker:certificate:a967743e-1532-4a44-ba74-e5aaf5dc171c:vRealize-Certs", "cluster":"MGMT_DC#MGMT_CLU", "storage":"vsanDatastore", "folderName":"group-v50(MGMT_VMs)", "resourcePool":"resgroup-43(MGMT-ResourcePool)", "diskMode":"thin", "network":"VM_MGMT", "masterVidmEnabled":"false", "dns":"x.x.x.x", "domain":"mgmt.vmw", "gateway":"x.x.x.x", "netmask":"x.x.x.x", "searchpath":"mgmt.vmw", "timeSyncMode":"ntp", "ntp":"x.x.x.x", "isDhcp":"false", "_selectedProducts":"[{"id":"vidm","type":"new","selected":true,"sizes":{"3.3.1":["standard","cluster"]},"selectedVersion":"3.3.1","selectedDeploymentType":"standard"}]", "_isRedeploy":"false", "_isResume":"false" } }, "products":[ { "id":"vidm", "version":"3.3.1", "properties":{ "vidmAdminPassword":"locker:password:970effee-9b18-4791-a6d1-e6d377343299:Default", "syncGroupMembers":false, "defaultConfigurationUsername":"cloudadmin", "defaultConfigurationPassword":"locker:password:970effee-9b18-4791-a6d1-e6d377343299:Default", "certificate":"locker:certificate:a967743e-1532-4a44-ba74-e5aaf5dc171c:vRealize-Certs" }, "clusterVIP":{ "clusterVips":[ ] }, "nodes":[ { "type":"vidm-primary", "properties":{ "vmName":"vidm2.mgmt.vmw", "hostName":"vidm2.mgmt.vmw", "ip":"x.x.x.x" } } ] } ] } |
15: Check Environment Creation Status: First we will do a GET call to get all request and search for “requestType”: “CREATE_ENVIRONMENT” and vmName field and find associated vmid. This vmid is the request id which will be used to track status of environment creation
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
Method: GET URL: https://vrslcm2.mgmt.vmw/lcm/request/api/requests/ Sample Output: { "vmid":"459b1f4f-dacc-4c4f-b482-2db8b1699f0d", "transactionId":null, "requestName":"createenvironment", "requestReason":"vRLI - Create Environment Request", "requestType":"CREATE_ENVIRONMENT", "requestSource":null, "requestSourceType":"user", "state":"INPROGRESS", "executionId":"92bbafe5-9086-4331-aba0-c84f26f1ac75" } |
To track status, use below API and look for “state”: “COMPLETED”
GET https://vrslcm2.mgmt.vmw/lcm/request/api/requests/<req-id>
And that’s it for this post. In next post of this series i will demonstrate how to deploy vRealize Products via API.
I hope you enjoyed reading this post. Feel free to share this on social media if it is worth sharing