5.1
Table Of Contents
- Installing and Configuring VMware vCenter Orchestrator
- Contents
- Installing and Configuring VMware vCenter Orchestrator
- Updated Information
- Introduction to VMware vCenter Orchestrator
- Orchestrator System Requirements
- Orchestrator Components Setup
- Installing and Upgrading Orchestrator
- Configuring the Orchestrator Server
- Start the Orchestrator Configuration Service
- Log In to the Orchestrator Configuration Interface
- Configure the Network Connection
- Orchestrator Network Ports
- Import the vCenter Server SSL Certificate
- Selecting the Authentication Type
- Configuring the Orchestrator Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Importing the vCenter Server License
- Start the Orchestrator Server
- Additional Configuration Options
- Change the Password of the Orchestrator Configuration Interface
- Change the Default Configuration Ports on the Orchestrator Client Side
- Uninstall a Plug-In
- Activate the Service Watchdog Utility
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Import the Plug-In Licenses
- Orchestrator Log Files
- Configuration Use Cases and Troubleshooting
- Registering Orchestrator with vCenter Single Sign On in the vCenter Server Appliance
- Setting Up Orchestrator to Work with the vSphere Web Client
- Check Whether Orchestrator Is Successfully Registered as an Extension
- Unregister Orchestrator from vCenter Single Sign On
- Enable Orchestrator for Remote Workflow Execution
- Changing SSL Certificates
- Back Up the Orchestrator Configuration and Elements
- Unwanted Server Restarts
- Orchestrator Server Fails to Start
- Revert to the Default Password for Orchestrator Configuration
- Setting System Properties
- Disable Access to the Orchestrator Client By Nonadministrators
- Disable Access to Workflows from Web Service Clients
- Setting Server File System Access for Workflows and JavaScript
- Set JavaScript Access to Operating System Commands
- Set JavaScript Access to Java Classes
- Set Custom Timeout Property
- Modify the Number of Objects a Plug-In Search Obtains
- Modify the Number of Concurrent and Delayed Workflows
- Where to Go From Here
- Index
Authentication Methods
To authenticate and manage user permissions, Orchestrator requires a connection to an LDAP server or a
connection to a vCenter Single Sign On server.
Orchestrator supports the following directory service types: Active Directory, eDirectory, and Sun Java System
Directory Server.
Connect your system to the LDAP server that is physically closest to your Orchestrator server, and avoid
connections to remote LDAP servers. Long response times for LDAP queries can lead to slower performance
of the whole system.
To improve the performance of the LDAP queries, keep the user and group lookup base as narrow as possible.
Limit the users to targeted groups that need access, rather than to whole organizations with many users who
do not need access. Depending on the combination of database and directory service you choose, the resources
you need can vary. For recommendations, see the documentation for your LDAP server.
To use the vCenter Single Sign On authentication method, you must first install vCenter Single Sign On. If you
install Orchestrator together with vCenter Server, the Orchestrator server is preconfigured to use vCenter
Single Sign On as an authentication method. If you install Orchestrator separately from vCenter Server, and
you want to use vCenter Single Sign On, you must configure the Orchestrator server to use the vCenter Single
Sign On server that you installed and configured.
Orchestrator Database Setup
Orchestrator requires a database to store workflows and actions.
If you install Orchestrator together with vCenter Server, the Orchestrator server is preconfigured to use the
vCenter Server datasource and no additional configuration of the database is required. However, if you need
to use a separate database, you can configure Orchestrator to use a dedicated database by using the
Orchestrator configuration interface.
If you install Orchestrator separately from vCenter Server, you must set up the Orchestrator database. You can
configure the Orchestrator server to use either the vCenter Server datasource, or another database, that you
have created for the Orchestrator server.
Orchestrator server supports Oracle and Microsoft SQL Server databases. Orchestrator can work with
Microsoft SQL Server Express in small-scale environments consisting of up to 5 hosts and 50 virtual machines.
For details about using SQL Server Express with Orchestrator, see “Configure SQL Server Express to Use with
Orchestrator,” on page 45.
The common workflow for setting up the Orchestrator database is the following:
1 Create a new database. For more information about creating a new database, refer to the documentation
of your database provider (Microsoft or Oracle).
2 Enable the database for remote connection. For an example of how to do that, see “Configure SQL Server
Express to Use with Orchestrator,” on page 45.
3 Configure the database connection parameters. For more information, see “Configure the Database
Connection,” on page 46.
The way in which your database is set up can affect Orchestrator performance. Install the database on a machine
other than the one on which the Orchestrator server is installed. This approach avoids the JVM and DB server
having to share CPU, RAM, and I/O.
Storing your database plug-ins in a database separate from the one that Orchestrator uses results in more
modularity when upgrading the system. A dedicated database instance allows you to perform upgrades and
maintenance without impacting other products.
Installing and Configuring VMware vCenter Orchestrator
20 VMware, Inc.