Objective 3.2: Install an Enterprise Deployment

This is part of my VCP7-CMA study guide – Objective 3.2: Install an Enterprise Deployment.

Official Blueprint-


  • Identify IaaS enterprise deployment prerequisites
  • Validate environment readiness for given design based on install type and size
  • Confirm DNS configuration for servers and load balancers based on deployment type and size
  • Deploy and configure vRealize Automation Appliance OVF
  • Install using the installation wizard
    • Determine and select appropriate deployment based on size
    • Determine and select the appropriate servers for component installation
    • Prepare the environment for installation based on deployment size
    • Install IaaS Web components and model manager data
    • Install IaaS manager server and DEM Orchestrator components
    • Install DEM Workers
    • Install Management Agents
  • Implement and manage CA signed certificates


I would recommend to go thru the simple installation at least once and read the official documentation in addition to this blog posts.

Eric Shanks (The IT Hollow) – vRealize Automation 7 – Enterprise Install

Michael Rudloff (Open902.com) – vRealize Automation 7 – Enterprise Install

Objective 3.3: Install and Configure vRealize Business Standard for use with vRealize Automation

This is part of my VCP7-CMA study guide – Objective 3.3: Install and Configure vRealize Business Standard for use with vRealize Automation.

Official Blueprint-


  • Create and configure a vRealize Business tenant
  • Create a user based on defined credentials for vRealize Business in vRealize Automation
  • Select the credentials for the vRealize Business user
  • Configure vRealize Business to connect to vRealize Automation


Install vRealize Business Standard

  1. Deploy the OVF template and follow the wizard –2
  2. Customize Template –
    Currency – You cannot change the currency configuration after deploying!
    Enable Server –  Select the Enable Server option if this is going to be the vRealize Business for Cloud server, If you are deploying only a data collector for remote access then deselect this option.
    Networking – Make sure you expand the Networking Properties at the bottom of the page and configure the IP ,default gateway, netmask and DNS.8
  3. Go grab a cup of coffee and wait for the deployment to complete.

Configure vRealize Business Standard

  1. Log-in to the vRB console – https://vrb-fqdn-or-ip:5480
  2. Before registering with vRA we need to configure NTP.
    Navigate to Administrator > Time Settings.
  3. Configure the “Time Sync. Mode” to “Use Time Server” and write down the IP or DNS of your NTP server.1-NTP.JPG
  4. Now let’s register the vRealize Business with the vRealize Automation,
    go to vRealize Automation Tab,
    Hostname – IP or hostname of the vRealize Automation Appliance.
    SSO Default Tenant – this will be your default tenant name, usually – vsphere.local.
    SSO Admin User – only the user name of the administrator…
    SSO Admin Password – well… the admin user password.
    Accept “vRealize Automation” certificate – Yes please. if this is the first time you register this with vRA – you need this.2-vra-register
  5. After you click “Register” it will take a few moments – Make sure you see this green text – “Registered with vRealize Automation” and the SSO Status – “Connected to vRealize Automation”.3-vRA registered.JPG
  6. Next we need to configure vRealize Automation to use vRealize Business for Cloud and assign permissions.
  7. Log in to the vRealize Automation – https://vRA_hostname/vcac/org/tenant
  8. Go to Administration tab > Users & Groups and select Custom Groups.
  9. Select the user or group you want to add the vRB role
  10. From the “Add Roles to this Group” – select the required privileges.4-vRA-roles.JPGSome clarification from the official documentation (page 23 ) –

    • If the user has to perform all administration tasks such as managing connections, managing public cloud account, updating reference database, assign the Business Management Administrator role to a user who has the Tenant Administration role.
    • If the user has to view and update the cost information only, assign Business Management Administrator role.
    • If the user has to view the details but not update the information, assign Business Management Read only role.
    • If the user has to view the assigned tenant details, but not perform other administration, assign the Business Management Controller role.
  11. Click Update and Refresh the browser (log-out and log-in will do magic sometime…).
  12. The Business Managment tab is available in the vRA UI.5-vra-newtab
  13. Click the Business Managment tab and enter your license key.6-vrb-serial

Next will be to add the vCenter server to vRB, I think its out of the scope of the exam but here it is –

  1. Configure the vCenter in vRB.
    Go to Administration > Business Managment.8-vra
  2. Extend the vCenter Server and click the + sign
    Here you will add your “Resource” vCenter – where you are provision VMs from vRA.9
  3. When prompt – Select to Install the certificate.10.JPG
  4. Go back to Business Managment tab and click on the “Status” sign. Click “Update Now” under the vCenter data collection and wait for the data collection to run successfully.11.JPG
  5. Back to the Business Managment tab and you should see some data.12.JPG

VCP7-CMA Study Guide

I created this VCP7-CMA (2V0-731) study guide in order to help myself and anyone else studying towards VMware Certified Professional 7 – Cloud Management and Automation Exam  (currently – Beta).

This exam is focus on VMware vRealize® 7.x environment (Automation, Orchenstrator, Business) but you should have a good understanding of vSphere (VCP level) and some minimal knowldge of NSX and vCloud Air (as vRA Endpoints).

I will link to external blogs for most of the stuff for simplicity and speed, if you are the original writer and don’t want me to link to your blog – just write me (gilad.brown at gmail).

Official exam page

Official study tools (as suggested in the blueprint) –


Section 1 Create and Modify vRealize Automation Blueprints
Objective 1.1 Create, Modify and Publish Blueprints Based on a Given Design
Objective 1.2 Create and Manage XaaS Blueprints with Custom Resource Mappings
Section 2 Configure and Manage Tenants and Business Groups
Objective 2.1 Create and Manage Tenants
Objective 2.2 Create and Manage Directories
Objective 2.3 Create and Manage Business Groups
Objective 2.4 Manage User and Group Role Assignments
Section 3 Install and Configure vRealize Automation and Related Components
Objective 3.1 Install a Minimal Deployment
Objective 3.2 Install an Enterprise Deployment
Objective 3.3 Install and Configure vRealize Business Standard for use with vRealize Automation
Objective 3.4 Troubleshoot Common vRealize Automation Installation and Configuration Errors
Section 4 Configure and Manage the vRealize Automation Catalog
Objective 4.1 Manage the vRealize Automation Catalog
Objective 4.2 Create and Manage Approval Policies
Objective 4.3 Provision Resources from a vRealize Automation Catalog
Objective 4.4 Locate and Reclaim Resources Based on Provided Criteria
Objective 4.5 Manage Provisioned Resources
Section 5 Configure and Administer Fabric Groups and Endpoints
Objective 5.1 Create and Manage VMware Endpoints
Objective 5.2 Create and Manage Fabric Groups, Reservations and Network Profiles
Section 6 Extend a vRealize Automation Implementation
Objective 6.1 Configure vRealize Orchestrator for use with vRealize Automation
Objective 6.2 Create and Manage Event Broker Subscriptions
Objective 6.3 Configure Virtual Machine Lifecycle Automation
Objective 6.4 Install and Configure Plugins in vRealize Orchestrator
Objective 6.5 Modify and Run Basic vRealize Orchestrator Workflows

Additional materials –

  • The IT Hollow – Eric Shanks amazing blog, I have learned much of what I know about vRealize Automation from this blog.
  • VirtualJad – Another amazing blog by Jad El-Zein, lots of technical info about vRA, NSX and Automation.
  • Grant Orchard blog – blog focus on vRealize Automation.
  • VM to Cloud – Ryan Kelly blog, Automation and DevOps stuff.
  • VCP7-CMA (2V0-731) Practice Exam
  • HOL – VMware Hands On Labs
    • HOL-1721-USE-1 – vRealize Automation 7 Basics
    • HOL-1721-USE-2 – vRealize Automation 7 Advanced
    • HOL-1721-USE-3 – vRealize Automation Advanced Extensibility
    • HOL-1790-CHG-1 – vRealize Automation: Challenge Lab
    • HOL-1783-HBD-1 – VMware vCloud Air – Manage Your Cloud
    • HOL-1706-SDC-1 – Cloud Management Platform: Integrating the Parts
    • HOL-1706-SDC-6 – Guide to SDDC: VMware Validated Designs

I will try to update this page with more resources in the future so keep checking this page from time to time. Please comment or email me if you think I missed something.

Good luck with the exam!


My conclusions from VMworld 2016

That year was my 1st VMworld,  I always wanted to go but was unable to because many different reasons. This year I promised to myself to attend VMworld and that’s how I found myself 8 hours after my sister wedding (Mazal Tov!) staring my 17 hours journey to Las Vegas.

Soon as you land at Las Vegas airport you will notice the vendors billboard, mostly Nutanix. And that’s it, VMworld is on!

The solution exchange is the place to be most of the time, there is also the session (which are great!) and the VMviliage that you should not miss, overall the conference is great, I loved the atmosphere, loved the ability to meet with all the partners and hear (and see) their offering. The sessions are really good, they are a great way to learn about products and new features.

After all the hype and buzz (isn’t that the same?…) I was disappointed that there was no new important announcements. I was looking for vSphere 6.5 RTM which had his beta ended few weeks ago. I guess it will be announce in VMworld Europe. Its looks like VMware is really struggling at innovating, except for NSX (which they acquired). VSAN is great, (I’m a happy customer) but there is lots of competitions in the HCI market. There is also EUC, Automation and Monitoring, but that’s out-of-scope for this post, I will leave that for a separate blog post…

Here are some tips or “lesson-learned” I got from this experience –

Don’t over-swag

Apparently “swag” is the word for free mostly branded gifts (I didn’t know that…). Usually it will be t-shirts, flash drives, stickers, phone charger etc. if you will be lucky you might win some of the raffles (I wasn’t lucky…) and bring home a very cool (and heavy) prize.

I had a really struggle packing for the flight back home, travel light!

Don’t over-schedule

As a VMworld newbie pre-arrival to the conference I was eager to schedule as much sessions as I could, in realty I didn’t attend most of them. This is not your typical day-to-day work schedule. Walking from one session to another is not easy, the conference area is big, very big! You will have to walk very far and will be attracted to other stuff in the way or meet people. Try to be focus, I found that the best for me is 2 sessions a day, remember that some of the sessions are recorder and you will be able to watch them in the comfort of your office/home.

Attend the breakfast at VMworld!

Don’t miss the breakfast at VMworld, not because of the food (which was very good this year!) but for socializing. I found that people are more chatty in the morning. I had some very interesting talks around the table over breakfast.

As lunch people are more busy getting to or from somewhere, busy with there phone, thing at work or home and generally – busier and less chatty.

Attend the VMworld party

This year bands was Capital Cities and Fall Out Boy, there was also a dance floor with 2 DJs. If didn’t feel like dancing or see the band there was also lots of other attraction, food and drinks. I wish the party didn’t had to end by 11PM. I had a great time at the party and meet with very nice people (I guess the alcohol make people more open to new connection… hmm…).

So, in sort – that was my VMworld 2016. Hope to see you in VMworld 2017.

Thanks for reading!

Installing vSphere 6.0 Update Manager with External SQL database

VMware vSphere Update Manager is an important component in vSphere environment, Update Manager (VUM) enable you to automate (or in most cases semi-automate) the process of downloading and deploying updates, patches and other 3rd-party component.

The installation of VUM is pretty simple and straightforward, I didn’t find a “complete” step-by-step guide to install VUM with external SQL database so I decided to write this post. there is others great guides for installing VUM and I recommend to also check them up.

In this post I will use vSphere 6 Update 1b.

Important Links –

Prerequisite –

  • vCenter server (Windows or appliance).
  • Windows 2012 R2 Server (This is where we will install VUM).
  • Pre-created Database – I will use a Microsoft SQL 2012 SP2 Server but VUM support another versions (check the “VMware Product Interoperability Matrixes“)
  • Local SQL user with a db-owner permission on the VUM database and db-owner on the MSDB database.

Creating DSN –

You will need to create local DSN before the installation of VUM, VUM is a 32-bit application and you will need to use a 32-bit DSN driver.

Download the SQL Native Client for SQL server 2012 from the “Microsoft® SQL Server® 2012 Feature Pack“. Important! – Download the 64-bit version, it will also install the 32-bit driver.

  1. Select the “SQL Server Native Client 11.0” driver (the “SQL Server” driver will not work, trust me…).
  2. Enter the name of the DSN and the SQL server DSN name (I recommend use FQDN but this is not mandatory).
  3. Integrated Windows authentication is not supported, Select “With SQL Server authentication…” and enter the local SQL username and password.
  4. Select the checkbox for “Change the default database to:” and select the DB you created for VUM.
  5. Keep default and click Finish…
  6. Test the Data Source you just created

Done! You ready to install VUM.

Installing VUM –

  1. Mount (or extract) the “VMware vCenter Server 6.0 Update1b and Modules for windows” ISO image and execute the autorun.exe file. Select “Server” under the “vSphere Update Manager” (like in the picture) and select Install.
  2. Welcome, click next and accept the terms.
  3. You can deselect the option to download updates immediately after the installation. (default is enable).
  4. enter the IP Address or Name of the vCenter Server (again, I recommend to use FQDN), and the domain username and password.
  5. Select the DSN we created earlier.
  6. Enter the username and password for the local SQL authentication.
  7. You might get this warning, its ok. if its a lab environment just remember to monitor the free disk space on the SQL server, for production environment you will need to configure maintenance .
  8. Accept default ports and choose what you prefer – IP or hostname. I prefer hostname.
  9. Select where to install VUM and where to place the downloaded patches. I changed the download directory to a different drive.
    Note – if the drive have less then 120GB of free space the wizard will warn you about this. that ok.
  10. You ready to install, click Install.

Congratulation, you just installed VUM in your environment.

Next – add the plug-in to the vSphere Web Client (and vSphere Client)

Installing the VUM plug-in in the vSphere Web Client is super easy  –

  1. Log on to the vSphere Web Client. Go to Administration –> Client Plug-Ins.
    Click the “Check for New Plug-Ins”.
  2. You will notice this pop-up and after a few seconds the VUM plug-in will be added to the list.
  3. Done! you can access VUM from the Web Client.

Thanks for reading!

VMware Horizon 6 version 6.1.1


VMware Horizon 6 version 6.1.1 is finally out, this is not a major release but there are some new features that I was really waiting for like the HTML Access Support for Hosted Apps (it’s a real Citrix killer for me…)

I will update my lab tomorrow, till then you can download the new version here and read the release notes here.

VMware Horizon 6 version 6.1.1 – Download

VMware Horizon 6 version 6.1.1 – Release Notes

My 1st OneView Domain

In order to add enclosures and start managing your environment you should start by design and configure the different kind of “enclosure block” you need.

Enclosure block are way to manage your enclosures with ease and uniformness across your environment. This way it’s much quicker to deploy new enclosure or changing the purpose of exist enclosure (for example enclosure that was connected to your DC network and now you want to reconfigure to your DMZ network, typically you need to configure manually the trunks, VLANs, and assign ports, this is prone to mistakes and time consuming).

Let’s begin with HP networking terminology –

  • Network = VLAN
  • Network Set = collection of networks (VLANS), you assign this to server profiles.
  • Uplink Set = configuration of the uplink port, basically a trunk, uplink set can be Ethernet of Fibre. (Shared uplink set in Virtual connect terminology), you assign this to enclosure uplink ports.

Creating Networks

You should start by creating “Networks”, go to networks and select “+Create network”

Give a unique and easy to understand name for that network, note that you can chose from different pre-defined “Purpose” – I have no idea what this mean right now. Also configure the bandwidth and Smart Link.

 Create network

After creating your VLANs… sorry – networks, let’s create the network sets.

Creating the network sets.
Go to Networking > Network Sets.
Click “+ Create network set” to create new network set.
Give this network set a name, configure network bandwidth and click the “Add networks”.

Create network set

(I added another VLAN (106), I know this is not a best practice to use the same trunk for vMotion and ESX MNG but this is test enclosure so it will be fine for this example. )

Add your network to the network set.

add networks

After adding all the relevant networks you will see the network set with all networks, click Create to finish.

 create network set

Creating Logical Interconnect Groups

Interconnect groups are the way to configure your enclosure interconnect bays.

Logical Interconnect group

Let’s create a new Logical Interconnect Group –

Select the “+Create logical interconnect group”, Give it a name, and add Interconnects devices. In my example I will use HP VC Flex-10/10D Module.

 Now add uplink set, Select the “Add uplink set” and give it a name, chose Ethernet and add networks, then you need to assign them to ports.

  uplink set

After clicking create you will see the uplink set and port assign visually which is very nice!

 logical interconnect group

There is more setting to configure in the interconnect group, just scroll down.

You can configure Interconnect Settings, SNMP, Trap Forwarding and SNMP Access.

For now I will keep the default setting and click “Create”

Adding enclosure to OneView

Let’s start with the requirement to add enclosure,

No VC domain!

Firmwares –

  • HP Virtual Connect – 3.15 for adding, 4.10 for managing.
  • HP BladeSystem Onboard Administrator – 3.0 for adding, 4.01 for managing.
  • HP iLO 4 – 1.01 for adding 1.30 for managing.
  • HP iLO 3 – 1.20 for adding, 1.61 for managing.
  • It’s recommended to update OA, VC and servers to the latest SPP…
  • Emulex Converged Network Adapters – 4.2.401.6 or later

OneView can automatic update the firmware for you, I advise to update manually before adding to OneView.

First you need to create Enclosure Group, go to “Enclosure Groups”, select “+Create enclosure group” type the name of the enclosure group and select the relevant Logical interconnect group.

 Enclosure Group

Let’s add enclosure!!!

Go to “Enclosures” and click “+Add enclosure”.

Type the DNS name or IP of the OA, then username and password, select enclosure group and licensing, you can also select a firmware baseline, note that OneView come with SPP 2013.09.0.

 add Enclosures

After adding the enclosure you will see that OneView collecting the enclosure information and configure it to OneView.

 Enclosures view

After few minutes the enclosure information will be visible

 Enclosures view

That’s basically it.

You can go to the enclosure OA and see that it’s now in VC Domain Name: OneViewDomain.

The Virtual Connect Manager will redirect you to OneView.

 OneView Dashboard

Thanks for reading, hope that was informative for you.

Upcoming support in HP OneView 1.05


Just a quick update about HP OneView 1.05, no its not out yet but I did found this document that describe what’s new in the upcoming version of OneView –

HP OneView 1.05 adds support for:

• HP OneView VMware integration (delivered by HP Insight Control for VMware vCenter 7.3)

• Active-Active configuration support for HP Virtual Connect

• RAID support for HP ProLiant blade servers

• Dynamic network changes supported in server profiles

• HP OneView appliance upgrade support (v1.0/1.01 to v1.05)

• New HP ProLiant Gen8 managed servers (DL560, DL580, BL660c)

HP OneView – First Thoughts


Last week I was in a meeting in HP and was introduced with HP new converged infrastructure solution – HP OneView.

The “road map” for OneView is to replace some exist management software (HP SIM, HP VCEM, HP Insight Control), but I will be surprised if HP will not integrate other management tools for storage and networking into OneView – making OneView a truly converged infrastructure solution (based on licensing and users roles permissions  obvious), anyway – that sounds great.

So – few hours after the meeting I was already deploying OneView OVF for testing.

You can download OneView from here, as I write this, the latest version is 1.01, the deployment is quick and straightforward, just provide the network setting and some general setting and you will be ready.

For my frustration OneView is not ready for enterprise (I know this already but was eager to try OneView), you can’t import exist enclosures because this version doesn’t support importing of enclosures with a Virtual Connect domain, even not just for monitoring.

I did talked with some HP staff about that and been told that next version (1.05) will be out any day now and will include major changes and support like plug-in for VMWARE.

One more downgrade in OneView is that it’s not support servers prior to G7 (G1-G6), if this is not concerning you and your environment is assembled only from G7 and Gen8 servers I envy you… but for most of us SysAdmins – this is a real concern.

My conclusion from deploying and testing HP OneView is that its look very promising, yes this is not a finished product, Licensing and support is not very clear right now and I feel that there is some “birth pangs” that are reasonable for a fresh product.