vCenter Orchestrator Setup

Prerequisites:

  • Licensed vCenter Server – This can be an evaluation license
  • Service Account to perform LDAP Lookups (vco-service is used below)
  • Active Directory Security Group for vCenter Orchestrator Admins (vCOAdmins is used below)
  • Microsoft SQL Database (vco is used below)
  • Credentials for an account with access to above Microsoft SQL Database
  • Service Account that is a member of the vCenter Orchestrator Admins Group (vCOAdmins group, vco-service is used below) – yes this can be the same account as your LDAP lookup account

Installation Guide:

  1. Start Service
  2. Navigate to IP:8282
  3. Login with user vmware password vmware
  4. Select Network on the left
    1. Select IP address to bind to
    2. Confirm rest of settings on page (adjust ports if any conflict with other software on the orchestrator host)
    3. Click Apply changes at the bottom right
    4. Network should now have a green bubble next to it, proceed
  5. Select LDAP on the left
    1. Select Active Directory from the dropdown if it’s not already selected
    2. Enter your primary & secondary LDAP hosts (domain controllers) note: secondary is optional
    3. Enter your LDAP root path, if your domain is requeny.lan enter: dc=requeny,dc=lan
    4. For username enter user@domain ex: vco-service@requeny.lan
    5. Password- this should be obvious
    6. Enter your User lookup base path: (where all your users are located, ex: cn=Users,dc=requeny,dc=lan (this would point to the Users OU in active directory)
    7. Enter your Group lookup base path: (where all your groups are located, ex: cn=Users,dc=requeny,dc=lan (this would point to the Users OU in active directory)
    8. Enter the path to your vCO Admins Group, ex: cn=vCOAdmins,cn=Users,dc=requeny,dc=lan
    9. Hit apply changes, if all your settings are correct LDAP should now have a green bubble next to it, but before continuing click the Test Login tab at the top and attempt to login with a user in the vCOAdmins group
    10. If that test login worked, proceed on
  6. Select Database on the left
    1. Select SQLServer from the dropdown
    2. Enter the username for SQL database (note, don’t prefix with domain, or use use@domain format here, just the username)
    3. Password – this should be obvious
    4. Database host IP address or DNS name – hostname of SQL server ex: sql01
    5. Port: 1433 – MSSQL default, change it if your SQL server isn’t listening on the default port
    6. Database name: this is the name of the database that has been created on your SQL server ex: vco
    7. Instance name: whatever your instance name is, ex: sqlexpress
    8. Domain: your AD domain here, use the NetBIOS name here, ex: requeny
    9. Hit apply changes, if all your settings are correct you will get an error under Validation results that says: Database connection successful.  No schema found.  Please initialize database.  What this means is your connection worked, however there are no tables in the database.
    10. At the top you should see a new link Install the database, click that (this should only take a couple of seconds)
    11. You should now have a green bubble next to Database, proceed on
  7. Select Server Certificate
    1. If you don’t have a certificate CA, select Create certificate database and self-signed server certificate
      1. Enter what your info in the next few boxes, examples below:
      2. Common name: orchestrator
      3. Organization: requeny
      4. Organizational Unit: basement
      5. Country: US
      6. Click Create at the bottom right
      7. Server Certificate on the left should now have a green bubble next to it, proceed onto step 8 below
    2. If you do have a certificate CA, you can follow my other post on what to do if you use Microsoft Active Directory: Certificate Services
      1. Once server certificate has a green bubble next to it, proceed onto step 8 below
  8. Select Licenses
    1. You can either enter a vCenter Server license manually, or Orchestrator can connect to your vCenter Server and read the license on it’s own.
    2. To connect to a vCenter Server and read the license:
      1. Check the use vCenter Server license radio button
      2. Enter the hostname of your vCenter Server
      3. Enter the port of your vCenter Server Web Services (443 by default)
      4. Path: leave default
      5. Enter username & password of an account that can read license data from vcenter
      6. Click submit
      7. If you receive an error about ‘SSL certificate is missing for this host read my other post on fixing this SSL error
      8. Licenses should now have a green bubble next to it, proceed
    3. To manually enter a vCenter Server license
      1. Check the Add vCenter Server license manually radio button
      2. Enter your vCenter Server serial number (remember you must enter a standard edition serial, foundation doesn’t include Orchestrator)
      3. Enter the name of your License owner
      4. Click apply changes on the bottom right
      5. Licenses should now have a green bubble next to it, proceed
  9. Select Plug-ins (yes we skip Startup Options for now)
    1. Enter credentials for a user in the vCO Admin group
    2. Username ex: vco-service
    3. Password – this should be obvious
    4. Click Apply changes at the bottom right
    5. Plug-ins should have a green bubble next to it, as well as Startup Options at this point
    6. Check the plugins you want to enable/install.  Leave the defaults and ensure vCO WebOperator & vCenter Server are checked, then hit apply changes again
    7. You’ll notice the status next to many of the plugins is: Will perform installation at next server startup.
  10. Select Startup Options
    1. Click Install vCO server as service (This will install the Windows Service for vCenter Orchestrator)
    2. Now click on Start Service to startup vCenter Orchestrator (vCenter Orchestrator typically takes upwards of 30 seconds to start, you can use the refresh link to check the status)
    3. If you have any problems starting the service, click on Log on the left, and set the logging drop down to All then click Apply changes on the bottom right, go back and start the service again and then check the log for any errors
  11. Open the vCenter Orchestrator Client from the Start-Menu and login!
    1. Don’t forget to use your domain login DOMAIN\username
    2. Don’t forget to be a member of the VCOAdmins group so you can login.
    3. If you want to install the client elsewhere use the installer in the vCenter Server ISO @ vCenter-Server\vCO\vCenterOrchestrator.exe

Related posts:

  1. vCenter Orchestrator Trouble: SSL exception, ‘SSL certificate is missing for this host’
  2. vCenter Orchestrator Import Signed Certificate
  3. vCenter Orchestrator Trouble: SQL Server Connection refused: connect
  4. vCenter Orchestrator Trouble: Server service fails to start – service terminated with service-specific error Incorrect function
  5. vCenter Orchestrator Plugin Updates!
Posted in Orchestrator, VMware | No Comments »

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.