To manage IaaS nodes and to meet the prerequisites for deploying vRealize Automation in Cloud Foundation, you must prepare an IaaS template VM for the vRealize Automation Windows VM.

Creating this OVA template is one of the prerequisites for deploying vRealize Automation in your Cloud Foundation system, as described in Deploy vRealize Automation in Cloud Foundation.

Prerequisites

  • Verify that you have available a Windows VM with the following configuration:

    Attribute

    Value

    Operating System

    Microsoft Windows Server 2012 R2 or Windows Server 2016 Standard Edition.

    Virtual CPU

    Two

    Memory

    8 GB

    Disk

    50 GB LSI

    Network

    VMXNET3

    Other

    Browser

    In Internet Explorer, disable the Enhanced Security Configuration feature.

    Remote Desktop

    Enable remote desktop connections.

    This VM will serve as the Windows system for vRealize Automation IaaS nodes.

  • Verify that this server is not joined to Active Directory.

  • Verify that you can access and download Java Runtime Environment (JRE) executable: jre-8u171-windows-x64.exe or later version.

  • Verify that you can access and download the IaaS-Prerequisites.zip and mstdc-installer.bat files from http://ftpsite.vmware.com/download/rlspsrl/ISBU-Toolkit/deployment-prerequisites/IaaS-prerequisites.zip.

Procedure

  1. On the Windows VM, start and log in to the Powershell console as administrator.
    1. Set the execution policy.
      Set-ExecutionPolicy Unrestricted
    2. Disable User Account Control (UAC).
      Set-ItemProperty -Path ‘HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System’ /
           -Name ‘EnableLUA’ 0
    3. Disable IPv6.
      Set-ItemProperty -Path‘HKLM:\System\CurrentControlSet\Services\TCPIP6\Parameters’ /
           -Name 'DisabledComponents' -Value 0xff
  2. Download and install JRE version 1.8 or later on the Windows VM.
    Note:

    The Window VM in this deployment was tested with JRE jre-8u171-windows-x64.exe. Use this or a later version.

  3. Configure JAVA_HOME on the Windows VM.
    1. Click Start and enter sysdm.cpl to open the System Properties dialog box.
    2. Select the Advanced tab and click Environment Variables.
    3. Under System Variables, click New and configure the following:
      • For variable name, specify JAVA_HOME.

      • For variable value, specify C:\Program Files\Java\jre1.8.0_171 (depending on your JRE version).

    4. Click OK.
  4. While still in the System Properties dialog box, add the new JRE installation folder to the path environment variable.
    1. Under System Variables, locate the Path variable and click Edit.
    2. Append the following to the path: C:\Program Files\Java\jre1.8.0_171\bin and click OK.
    3. Click OK until you exit the System Properties dialog box.
  5. Validate the JRE version by running the following command in a command prompt.
    java.exe -version
  6. Install the vRealize Automation IaaS prerequisites checker.
    1. Obtain and copy the IaaS-Prerequisites.zip file to the Windows VM.
    2. Extract the contents of the IaaS-Prerequisites.zip to the C:\prerequisites directory.
    3. In a command prompt, go to the C:\prerequisites\IaaS-prerequisites folder and run the IaaS prerequisites script:
      cd C:\prerequisites\IaaS-prerequisites
      IaaS-prerequisites.bat
  7. Obtain and prepare the mstdc-installer.bat file.
    1. Copy the mstdc-installer.bat file from the Cloud Foundation bundle to the C:\prerequisites directory on the Windows VM.
    2. In text editor, open and edit the mstdc-installer.bat file.
    3. Add the following line to the end of the file:
      net localgroup administrators <rainpole>\<svc-vra> /add

      where <rainpole> and <svc-vra> match the service account used in your Cloud Foundation deployment.

    4. Save and close the mstdc-installer.bat file.
  8. On the Windows VM, enable secondary log-in with an automatic start-up type.
    1. Open the Services panel in Windows (Start > Services) and right-click Secondary Logon and select Properties.
    2. Change the Startup type setting to Automatic.
    3. Click OK to exit the Properties dialog box.
  9. Reboot the Windows VM.
  10. Disable the Microsoft Distributed Transaction Coordinator (MSDTC) service.
    1. In a command prompt, run dcomcnfg.
    2. From the left panel of the resulting dialog box, right-click Local DTC and select Properties.
    3. Deselect the Enable MSDTC check box.
    4. Click OK and exit from the dialog box.
  11. Verify that the vRealize Automation IaaS prerequisites checker is working correctly.
    1. Open the C:\prerequisites\IaaS-prerequisites folder you created earlier and double-click the PrereqChecker.exe file.
    2. When the application opens, deselect the Database option and click Run Checker.
    3. If the check is working correctly, it will return the following:
      • WCF Activation shows an Error icon.

      • MSDTC shows a Warning icon.

      • SeBatchLogonRight shows an Error icon.

    4. If you do not receive the correct results, follow the instructions in the checker to correct them.
  12. Using the previously established svc-vra user account, join the newly configured Windows VM to the Active Directory domain.
  13. After joining, verify that there are no Active Directory group policies that will change the UAC or firewall configuration.
    Note:

    The newly joined VM should remain with UAC and firewall disabled. If not, you must disable the group policy that enforces a firewall or UAC enforcement on the domain network when a new VM joins the Active Directory.

  14. Add the vRealize Automation Service Account to the Local Administrators group (set as svc-vra in previous examples).
  15. Log in using the vRealize Automation Service Account.
  16. Verify the proxy server configuration.

    If the configuration is enabled, VMs from the vRealize network must be able to access the proxy server. As an alternative, you can configure direct communication in Control Panel > Internet Settings and configure no proxy.

    Caution:

    Do not activate the Windows operating system on the VM or run sysprep or generalise on it before making it a template.

  17. Shut down the VM and export as OVA file.
    ovftool --noSSLVerify 
    vi://'administrator@vsphere.local':'<VC_Password>'@<VC_IP_or_FQDN>/<datacenter_name>/vm/<VM_name> \
    <IAAS_template_Name>.ova