You can use a vRealize Automation Extensibility proxy to manage data centers from a single vRealize Automation instance.
Use a vRealize Automation Extensibility proxy when vCenter servers are in geographically dispersed data centers, or in data centers that are not networked together. You can manage data centers from a single vRealize Automation instance instead of deploying a dedicated vRealize Automation instance for each vCenter server. The vRealize Automation Extensibility proxy is also referred to as the vREX proxy.
You can create or convert a vCenter cloud account in vRealize Automation to access the remote vSphere agent, for example in separate data centers that are not directly networked together. Instead of deploying an entire independent vRealize Automation deployment to a remote data center, you can use a vSphere agent within a specified vRealize Automation Extensibility proxy to act as a vCenter server proxy. In this scenario, using a vRealize Automation Extensibility proxy can improve network reliability and optimize vSphere provisioning and enumeration across data centers that may not be otherwise connected.
The remote vSphere agent is a software component that resides within the vRealize Automation Extensibility proxy. The vRealize Automation Extensibility proxy is the virtual appliance that you deploy and configure. The vSphere agent running in the properly configured vRealize Automation Extensibility proxy acts as a communications intermediary between vRealize Automation and vSphere. When you deploy the vRealize Automation Extensibility proxy virtual appliance, the vSphere agent is configured automatically.
Note that the vRealize Automation Extensibility proxy must be able to connect to port 443 of the remote vRealize Automation machine over HTTPS. You can enable this access by configuring and maintaining an HTTP proxy. That proxy must allow HTTPS traffic on port 443 to and from the FQDN of the remote vRealize Automation machine or the corresponding load balancer in case of an HA setup. If working in a multi-tenant environment, traffic must be allowed to and from the FQDN of the tenant that the vRealize Automation Extensibility proxy VA should access.
To set up and use the vRealize Automation Extensibility proxy, perform the following sequential steps.
- Deploy a vRealize Automation Extensibility proxy to one or more vCenter servers in one or more data centers.
- Configure vRealize Automation settings that support remote vSphere servers by using an vRealize Automation Extensibility proxy.
- Join the vRealize Automation Extensibility proxy to the remote vRealize Automation instance.
- Create or edit a vCenter cloud account in vRealize Automation and associate it to the vRealize Automation Extensibility proxy in the specified data center to access the remote site vCenter server.
Step 1 - Deploy a vRealize Automation Extensibility proxy to one or more vCenter servers in one or more data centers.
To deploy the needed vRealize Automation Extensibility proxy OVA, use the following procedure.
- Open the vRealize Automation Download Product page in Customer Connect, search for your vRealize Automation product version, and then open the downloads page.
- Download the version-specific vRealize Automation Extensibility proxy OVA to the target vCenter server in the remote data center.
The OVA appears as VMware vRealize Extensibility version virtual appliance on the downloads page.
The OVA is available for vRealize Automation 8.8.1 and greater.
- To deploy the OVA as a vRealize Automation Extensibility proxy, select Extend vRA on premises.
- To facilitate network isolation between vRealize Automation and the target data center, configure an HTTP proxy.
The HTTP proxy allows services that are running in the remote data center to contact vRealize Automation. For example, this is important in network isolation scenarios where you have configured a single HTTP proxy as the only way to reach remote network locations (such as the vRealize Automation instance), from within the data center.
Step 2 - Configure vRealize Automation to support remote vSphere servers by using a vRealize Automation Extensibility proxy
As a cloud admin user, enable the remote vSphere agent capability in vRealize Automation by using the vracli
command line.
This step involves opening the vCenter server where the vRealize Automation instance is deployed and using the vSphere client user interface to power down all nodes of the vRealize Automation cluster.
Once the nodes are powered down, you can open each node in the cluster and add an additional 6 GB of memory. The default memory is typically 42 GB. Add at least 6 GB more memory to each node to accommodate the extra services needed to support the remote vSphere agent.
After you add the additional memory to each node in the cluster, you again use the vSphere client user interface to power all of the nodes that are associated to the vRealize Automation instance back on.
- Power down the nodes. Use SSH to open the host environment and stop the vRealize Automation services by using the following command:
/opt/scripts/deploy.sh --shutdown
- Add memory, at least 6 GB, to each vRealize Automation node in the vCenter server by using the vSphere host client.
For information about working in the vSphere client to add memory to a node, see topics such as Virtual Memory Configuration in vSphere product documentation.
- Power on the nodes.
- Wait for the vRealize Automation VA to recover after the restart. Use the following command to wait for up to 10 minutes (600 seconds) for the restart check to pass:
vracli status first-boot --wait 600
If the command returns a
First boot complete
message, you can then proceed to the configuration step. - In the host environment command line, run the following
vracli
command to enable remote agent (proxy) support:vracli capabilities remote-proxy --enable
This feature toggle is not enabled by default.
- Restart vRealize Automation services by using the following command:
/opt/scripts/deploy.sh
Step 3 - Join the vRealize Automation Extensibility proxy to the remote vRealize Automation instance
As a cloud admin user, configure the vRealize Automation Extensibility proxy on the target vCenter server in the designated data center by using the following procedure.
- Open the host environment command line by using SSH and use a
vracli
join command to connect the vRealize Automation instance with a particular organization, namely the organization for which the specified cloud administrator user is an administrator.Note: This is the command line of the vRealize Automation Extensibility proxy, not the vRealize Automation command line that we used in the Step 1 procedure above.With this action, the vRealize Automation Extensibility proxy (from where you run the
join
command) is joined to the vRealize Automation instance. The vRealize Automation Extensibility proxy is thus connected to vRealize Automation and associated with a specific vRealize Automation organization.A command line example for both a default tenant and a named tenant are provided below:
- Default tenant (single tenant environment)
In this example, the FQDN of the vRealize Automation load balancer is passed to associate the vRealize Automation Extensibility proxy with the default tenant of vRealize Automation.
vracli vra join vra.my-company.com -u admin_user@org_domain
- Named tenant (multi-tenant environment)
In this example, the FQDN of specific tenant (organization) is passed to associate the vRealize Automation Extensibility proxy with the named organization.
vracli vra join my-tenant.vra.my-company.com -u admin_user@org_domain
If you are using a multi-tenant environment, you must create an integration for each tenant. Specifically, you must deploy a separate vRealize Automation Extensibility proxy for each tenant (organization). A vRealize Automation Extensibility proxy can only be associated with one vRealize Automation organization at a time.
- Default tenant (single tenant environment)
- The above
join
command returns a certificate for the remote vRealize Automation instance. If you are prompted to trust the certificate, enteryes
as prompted. - Allow 5 minutes or so for the vRealize Automation Extensibility proxy to deploy the necessary software components before proceeding.
Step 4 - Create or edit a vCenter cloud account in vRealize Automation to connect to a remote vCenter server account by using a vRealize Automation Extensibility proxy
To create a vCenter cloud account in vRealize Automation, see Create a vCenter cloud account in vRealize Automation.
To convert an existing vCenter cloud account, see Convert a traditional vCenter cloud account to one based on a vRealize Automation extensibility (vREx) proxy.
Upgrading a vRealize Automation Extensibility (vREx) proxy virtual appliance
The vRealize Automation Extensibility proxy was introduced with vRealize Automation 8.8.1.
Upgrade binaries are available for download at VMware Customer Connect. Search for and open your specific vRealize Automation product version. The upgrade binaries appear as VMware vRealize Automation Extensibility Appliance on the product version page. The download may be specific to a particular vRealize Automation version forward, for example vRealize Automation 8.9.1.
- Navigate to VMware Customer Connect Downloads page and search on your product name and version. Click Download Now in the VMware vRealize Automation Extensibility <version> virtual appliance section to download the needed VMware vRealize Extensibility <version> virtual appliance OVA. For related information, see KB 80305.
- Connect the CD-ROM drive of the vRealize Automation Extensibility proxy virtual machine in vSphere. See vSphere Virtual Machine Administration product documentation.
Note: After connecting the CD-ROM drive, navigate to your vRealize Automation Extensibility proxy VM settings page and verify that the Connect At Power On option is enabled.
- Mount the ISO image to the CD-ROM drive of the vRealize Automation Extensibility proxy virtual machine in vSphere. See vSphere Virtual Machine Administration product documentation.
Procedure
- Log in to the vRealize Automation Extensibility proxy command line as root.
- Run the blkid command, and note the device name for the vRealize Automation Extensibility proxy CD-ROM drive.
- Mount the CD-ROM drive by using the following procedure.
mount /dev/xxx /mnt/cdrom
- Back up your vRealize Automation Extensibility proxy by taking a virtual machine (VM) snapshot. See Take a Snapshot of a Virtual Machine.
The vRealize Automation Extensibility proxy does not support memory snapshots. Before taking the snapshot, verify that the Snapshot the virtual machine’s memory option is deactivated.
- To initiate the upgrade, run the following command, based on which version you are upgrading from.
If you are upgrading from vRealize Automation 8.8.1 or 8.8.2, run the following command.
vracli upgrade exec -y --repo cdrom://
If you are upgrading from vRealize Automation 8.9.0 or later, run the following command.vracli upgrade exec -y --profile lcm --repo cdrom://
During the upgrade process, you are automatically logged out because the vRealize Automation Extensibility proxy reboots.
- Log in to the vRealize Automation Extensibility proxy command line as root and run the following command.
vracli upgrade status --follow
Results
You have successfully upgraded your vRealize Automation Extensibility proxy to the latest version.
What to do next
Validate that the vRealize Automation Extensibility proxy virtual appliance upgrade was successful by running the vracli version
command in the command line of the appliance. By running this command, you can validate the product version and build number of the vRealize Automation Extensibility proxy virtual appliance.