Prerequisites

The VMware VLA Service connects to the VMware vRealize Orchestrator Server. The VMware VLA Service uses VMware vRealize Orchestrator to execute commands such as Start, Stop, and Clone. You use the vla_credentials command to manage VMware vRealize Orchestrator connection(s), using flags to add, modify, remove, and test credentials entries.

When the vla_credentials command runs, it not only creates entries in the credentials database on the VLA server, but also performs several checks. When invoked for creating connections to VMware vRealize Orchestrator, this command checks the following:
  • That the credentials supplied with the command (described in the following procedure) work. It tests this by trying to authenticate to the VMware vRealize Orchestrator system with the supplied credentials.
  • That the VMware vRealize Orchestrator can reach each vCenter Server that has been registered to it.

You must run the vla_credentials command as an administrator on the VLA appliance. Since the VLA appliance does not have a root user enabled, you gain administrative access from your VLA login account using the sudo command with the –s flag.

If vRealize Orchestrator 8.0.0 or higher is used, basic authentication must be enabled. To enable basic authentication, add com.vmware.o11n.sso.basic-authentication.enabled property with the value true. The instruction how to add custom properties is in the Setting System Properties section of the vRealize Orchestrator documentation.

Since 8.0 vRealize Orchestrator uses 443 port by default for all services.

Procedure

  1. Go to the VLA console (or SSH) window and enter the following commands from the shell.
  2. Execute the sudo command to get administrative access.

    sudo -s

  3. Create a credentials for the VMware vRealize Orchestrator by entering the following command:
    1. For vRealize Orchestrator versions older than 8.0:

      vla_credentials -a -s vro -n <hostname> -u <vroUsername>

    2. For vRealize Orchestrator versions since 8.0:

      vla_credentials -a -s vro -n <hostname> -u <vroUsername> -P <scheme>:<port>

    where:
    • <hostname> is the FQDN of the VMware vRealize Orchestrator Server
    • <vroUsername> is the name of the user for VMware vRealize Orchestrator (see Section Create and Configure a User for vRealize Orchestrator), in the format user@domain.
    • <scheme> is the connection scheme
    • <port> is the listening port. For example:

      # vla_credentials -a -s vro -n vro.example.com -u user@vsphere.local

      or

      # vla_credentials -a -s vro -n vro.example.com -u user@vsphere.local -P https:443

  4. When prompted, enter the password for the user specified with the –u flag.
  5. If a failure message mentions a certificate checker error, you can override the certificate checker as discussed in the section Certificate Check Completes with Errors
  6. Refresh the VLA Server Dashboard browser window and look for the VMware vRealize Orchestrator Server in the dashboard tab vROs. You should see a vRO configuration similar to the following:
    Figure 1. Orchestrators tab in VLA Dashboard
  7. Type the following command to list the credentials currently configured. You should see an output similar to the following.
    Figure 2. Credentials Configured