Working with vCenter Orchestrator and getting "Error: Not published webview error The webview 'weboperator' is not published." when you try to approve a user interaction in your workflow?
Navigate to Web Views and right click weboperator and ensure it's published!
These updates were posted on the vCenter Orchestrator forums recently, if you aren't keeping tabs over there you should be.
- vCO-Powershell-Plug-in -1.0.1 - kerberos support added
- vCO-SQL-Plug-in -1.1.0 - two related plugins combined with auto-generation as well as advanced SQL scripts. A few important issues fixed.
- vCO-vCenter-Plug-in - 188.8.131.52 - Critical update. Fixes a major issue with performance and losing attributes value. Update should be performed!
- vCO-VUM-Plug-in - 5.0. - The new version of the plugin that supports the VUM 5.0 version of the product.
- vCO-SNMP-Plug-in - 1.0.1 - Minor fix in relation to vCO policies listening for SNMP traps.
Links for each plugins release notes can be found on the thread @ http://communities.vmware.com/thread/405928?tstart=0
vCenter Orchestrator Trouble: Server service fails to start – service terminated with service-specific error Incorrect function
I was setting up a new instance of Orchestrator inside my lab and came across this issue. the Orchestrator Server service would not start, andi nside the vCenter Orchestrator Configuration webpage, we don't have any output in the log--so we investigate the Windows logs...
In the system log all you see is Error: The VMware vCenter Orchestrator Server service terminated with service-specific error Incorrect function..
Poking around we come across a log file @ C:\Program Files\VMware\Infrastructure\Orchestrator\app-server\bin\wrapper.log which sheds some light on the problem:
STATUS | wrapper | 2011/11/26 18:02:35 | --> Wrapper Started as Console
STATUS | wrapper | 2011/11/26 18:02:35 | Java Service Wrapper Professional Edition 64-bit 3.3.9
STATUS | wrapper | 2011/11/26 18:02:35 | Copyright (C) 1999-2009 Tanuki Software, Ltd. All Rights Reserved.
STATUS | wrapper | 2011/11/26 18:02:35 | http://wrapper.tanukisoftware.org
STATUS | wrapper | 2011/11/26 18:02:35 | Licensed to VMware Global, Inc. for VMware vCenter Orchestrator
STATUS | wrapper | 2011/11/26 18:02:35 |
STATUS | wrapper | 2011/11/26 18:02:35 | Launching a JVM...
INFO | jvm 1 | 2011/11/26 18:02:35 | Error occurred during initialization of VM
INFO | jvm 1 | 2011/11/26 18:02:35 | Could not reserve enough space for object heap
ERROR | wrapper | 2011/11/26 18:02:35 | JVM exited while loading the application.
STATUS | wrapper | 2011/11/26 18:02:40 | Launching a JVM...
INFO | jvm 2 | 2011/11/26 18:02:40 | Error occurred during initialization of VM
INFO | jvm 2 | 2011/11/26 18:02:40 | Could not reserve enough space for object heap
ERROR | wrapper | 2011/11/26 18:02:40 | JVM exited while loading the application.
STATUS | wrapper | 2011/11/26 18:02:45 | Launching a JVM...
INFO | jvm 3 | 2011/11/26 18:02:45 | Error occurred during initialization of VM
INFO | jvm 3 | 2011/11/26 18:02:45 | Could not reserve enough space for object heap
ERROR | wrapper | 2011/11/26 18:02:45 | JVM exited while loading the application.
STATUS | wrapper | 2011/11/26 18:02:50 | Launching a JVM...
INFO | jvm 4 | 2011/11/26 18:02:57 | Error occurred during initialization of VM
INFO | jvm 4 | 2011/11/26 18:02:57 | Could not reserve enough space for object heap
ERROR | wrapper | 2011/11/26 18:02:57 | JVM exited while loading the application.
STATUS | wrapper | 2011/11/26 18:03:01 | Launching a JVM...
INFO | jvm 5 | 2011/11/26 18:03:01 | Error occurred during initialization of VM
INFO | jvm 5 | 2011/11/26 18:03:01 | Could not reserve enough space for object heap
ERROR | wrapper | 2011/11/26 18:03:01 | JVM exited while loading the application.
FATAL | wrapper | 2011/11/26 18:03:02 | There were 5 failed launches in a row, each lasting less than 300 seconds. Giving up.
FATAL | wrapper | 2011/11/26 18:03:02 | There may be a configuration problem: please check the logs.
STATUS | wrapper | 2011/11/26 18:03:02 |
Your first thought might be disk space, did a log run away? No that isn't the case--Java Heap refers to memory, looking inside the wrapper.conf from the command above we find more information.
# Initial Java Heap Size (in MB)
# Maximum Java Heap Size (in MB)
Java has to allocate 2Gb of RAM on startup. My VM only had 1.5Gb, that looks like the issue--this is what you get for ignoring the Minimum System Requirements (assuming your running Orchestrator on same server as your vCenter). Increase the RAM on your VM and this error should be gone. vCenter Server should have a minimum of 3Gb of RAM.
I guess the guys behind vCO missed including this workflow in the default install--(hey they had to miss one after making so many hundreds--right?)
Simple little workflow, thought I'd post it up to save anyone the trouble of recreating...
Change vCPU Count Workflow (1333)
- Licensed vCenter Server - This can be an evaluation license
- Service Account to perform LDAP Lookups (vco-service is used below)
- Active Directory Security Group for vCenter Orchestrator Admins (vCOAdmins is used below)
- Microsoft SQL Database (vco is used below)
- Credentials for an account with access to above Microsoft SQL Database
- Service Account that is a member of the vCenter Orchestrator Admins Group (vCOAdmins group, vco-service is used below) - yes this can be the same account as your LDAP lookup account
- Start Service
- Navigate to IP:8282
- Login with user vmware password vmware
- Select Network on the left
- Select IP address to bind to
- Confirm rest of settings on page (adjust ports if any conflict with other software on the orchestrator host)
- Click Apply changes at the bottom right
- Network should now have a green bubble next to it, proceed
- Select LDAP on the left
- Select Active Directory from the dropdown if it's not already selected
- Enter your primary & secondary LDAP hosts (domain controllers) note: secondary is optional
- Enter your LDAP root path, if your domain is requeny.lan enter: dc=requeny,dc=lan
- For username enter user@domain ex: email@example.com
- Password- this should be obvious
- Enter your User lookup base path: (where all your users are located, ex: cn=Users,dc=requeny,dc=lan (this would point to the Users OU in active directory)
- Enter your Group lookup base path: (where all your groups are located, ex: cn=Users,dc=requeny,dc=lan (this would point to the Users OU in active directory)
- Enter the path to your vCO Admins Group, ex: cn=vCOAdmins,cn=Users,dc=requeny,dc=lan
- Hit apply changes, if all your settings are correct LDAP should now have a green bubble next to it, but before continuing click the Test Login tab at the top and attempt to login with a user in the vCOAdmins group
- If that test login worked, proceed on
- Select Database on the left
- Select SQLServer from the dropdown
- Enter the username for SQL database (note, don't prefix with domain, or use use@domain format here, just the username)
- Password - this should be obvious
- Database host IP address or DNS name - hostname of SQL server ex: sql01
- Port: 1433 - MSSQL default, change it if your SQL server isn't listening on the default port
- Database name: this is the name of the database that has been created on your SQL server ex: vco
- Instance name: whatever your instance name is, ex: sqlexpress
- Domain: your AD domain here, use the NetBIOS name here, ex: requeny
- Hit apply changes, if all your settings are correct you will get an error under Validation results that says: Database connection successful. No schema found. Please initialize database. What this means is your connection worked, however there are no tables in the database.
- At the top you should see a new link Install the database, click that (this should only take a couple of seconds)
- You should now have a green bubble next to Database, proceed on
- Select Server Certificate
- If you don't have a certificate CA, select Create certificate database and self-signed server certificate
- Enter what your info in the next few boxes, examples below:
- Common name: orchestrator
- Organization: requeny
- Organizational Unit: basement
- Country: US
- Click Create at the bottom right
- Server Certificate on the left should now have a green bubble next to it, proceed onto step 8 below
- If you do have a certificate CA, you can follow my other post on what to do if you use Microsoft Active Directory: Certificate Services
- Once server certificate has a green bubble next to it, proceed onto step 8 below
- Select Licenses
- You can either enter a vCenter Server license manually, or Orchestrator can connect to your vCenter Server and read the license on it's own.
- To connect to a vCenter Server and read the license:
- Check the use vCenter Server license radio button
- Enter the hostname of your vCenter Server
- Enter the port of your vCenter Server Web Services (443 by default)
- Path: leave default
- Enter username & password of an account that can read license data from vcenter
- Click submit
- If you receive an error about 'SSL certificate is missing for this host read my other post on fixing this SSL error
- Licenses should now have a green bubble next to it, proceed
- To manually enter a vCenter Server license
- Check the Add vCenter Server license manually radio button
- Enter your vCenter Server serial number (remember you must enter a standard edition serial, foundation doesn't include Orchestrator)
- Enter the name of your License owner
- Click apply changes on the bottom right
- Licenses should now have a green bubble next to it, proceed
- Select Plug-ins (yes we skip Startup Options for now)
- Enter credentials for a user in the vCO Admin group
- Username ex: vco-service
- Password - this should be obvious
- Click Apply changes at the bottom right
- Plug-ins should have a green bubble next to it, as well as Startup Options at this point
- Check the plugins you want to enable/install. Leave the defaults and ensure vCO WebOperator & vCenter Server are checked, then hit apply changes again
- You'll notice the status next to many of the plugins is: Will perform installation at next server startup.
- Select Startup Options
- Click Install vCO server as service (This will install the Windows Service for vCenter Orchestrator)
- Now click on Start Service to startup vCenter Orchestrator (vCenter Orchestrator typically takes upwards of 30 seconds to start, you can use the refresh link to check the status)
- If you have any problems starting the service, click on Log on the left, and set the logging drop down to All then click Apply changes on the bottom right, go back and start the service again and then check the log for any errors
- Open the vCenter Orchestrator Client from the Start-Menu and login!
- Don't forget to use your domain login DOMAIN\username
- Don't forget to be a member of the VCOAdmins group so you can login.
- If you want to install the client elsewhere use the installer in the vCenter Server ISO @ vCenter-Server\vCO\vCenterOrchestrator.exe
Here you are trying to setup vCenter Orchestrator and you get this error: SSL exception, 'SSL certificate is missing for this host'
What vCenter Orchestrator is saying is that it doesn't have the certificate installed for that host, unlike other apps/programs, Orchestrator doesn't offer an option automatically install these certificates upon inital connection. You have to first add the certs then connect to the host, to do this: (refer the screenshot at the bottom if your stuck)
- Login to your vCenter Orchestrator Configuration Webpage: (http://vCenter-Orchestrator-Hostname:8282) - default user/pass is vmware/vmware
- Select Network from the left column
- At the top you'll see a tab for SSL Certificate, click that
- You can either import the SSL certificate from a file, or from a URL--URL is the easiest as you just enter the hostname and Orchestrator installs the certificate
- In the URL box, just enter your vCenter hostname, then click Import to the right of that text box
- You'll see the certificate details displayed if everything looks alright click Import at the bottom
- Repeat this process for each vCenter you plan to use Orchestrator with
- Go back to whatever step you were trying to do when you got the error: SSL exception, 'SSL certificate is missing for this host' and try it again, this time it should work successfully
If your trying to configure vCenter Orchestrator to use a local Microsoft SQL Express database and you get the error: Unknown host: Error when connecting to host localhost/127.0.0.1, port 1433: Connection refused: connect
You need to change a few options on your SQLExpress server to accept this connection.
- Launch SQL Server Configuration Manager
- Navigate to SQL Server Network Configuration->Protocols for SQLEXPRESS on the left column
- Double-Click on TCP/IP
- Ensure Enabled is set for Yes
- Ensure Listen All is set for Yes
- Click the IP Addresses Tab
- Scroll to the bottom and find IPAll
- Set TCP Port to 1433 for IPAll
- Hit Ok, and Ok to the dialog box that pops up
- Navigate to SQL Server Services on the left column
- Right-Click SQL Server (SQLEXPRESS) and select Restart
- Try again and your Orchestrator server should be able to connect to the database now
Simple little code snippet that you might find handy to use in vCenter Orchestrator. I am working on a workflow that needs to clone a VM and the name should increment by 1 for example, we want to clone appweb1 (but we already have appweb2, 3, 4) so we want the new VM to be appweb5.
Inside a new Scriptable task create an output parameter called newvmname and make it's source itself. Then use this bit 'o code:
var vms = System.getModule("com.vmware.library.vc.vm").getAllVMsMatchingRegexp("appweb[0-9]");
for (var i=0; i System.debug("Counting VMs:" + i);
var newvmname = "appweb" + i;
<span class="Apple-style-span" style="font-family: Georgia, 'Times New Roman', 'Bitstream Charter', Times, serif; font-size: 13px; line-height: 19px; white-space: normal;">If anyone has a better way to do this I'd love to hear it, I know you should be able to use the getAllVMsMatchingRegexp as an action inside the Schema but it seemed clunky to do that then pass to a Scriptable task when you can do it all in one object.</span>
So your trying to import a signed certificate that was created with the certificate signing request (CSR) you get an error in vCenter Orchestrator Configuration about the cert not being the correct format. If your using Microsoft Active Directory Certificate Services here are the exact steps:
- Export a certificate signing request from the VMware vCenter Orchestrator Configuration: Server Certificate area (goto http://vco-server:8282 then click Server Certificate on the left). If this option isn't displayed select the option to install a self signed certificate and then you will get the option to export a certificate signing request.
- Copy and paste the contents of the CSR file you downloaded from vCO Config area to your Cert Server web interface (http://CERTSERVER/certsrv).
- Select Web Server from the drop down and submit.
- Now ensure DER encoded is selected and download the certificate chain.
- Change the file extension on the file you just downloaded from .p7b to .csr
- You should now be able to upload it immediately using the "Import certificate signing request signed by CA" option inside the VMware vCenter Orchestrator Configuration: Server Certificate area (again goto http://vco-server:8282 and select Server Certificate on the left)
- You get a green bubble by Server Certificate and everything is happy.