5.5
Table Of Contents
- Installing and Configuring VMware vCenter Orchestrator
- Contents
- Installing and Configuring VMware vCenter Orchestrator
- Introduction to VMware vCenter Orchestrator
- Orchestrator System Requirements
- Hardware Requirements for Orchestrator
- Hardware Requirements for the Orchestrator Appliance
- Operating Systems Supported by Orchestrator
- Supported Directory Services
- Browsers Supported by Orchestrator
- Orchestrator Database Requirements
- Software Included in the Orchestrator Appliance
- Level of Internationalization Support
- Setting Up Orchestrator Components
- Installing and Upgrading Orchestrator
- Download the vCenter Server Installer
- Install Orchestrator Standalone
- Install the Orchestrator Client on a 32-Bit Machine
- Install the Client Integration Plug-In in the vSphere Web Client
- Download and Deploy the Orchestrator Appliance
- Upgrade Orchestrator 4.2.x and 5.1.x Standalone
- Upgrading Orchestrator 4.0.x Running on a 64-Bit Machine
- Upgrading Orchestrator 4.0.x and Migrating the Configuration Data
- Upgrading the Orchestrator Appliance
- Uninstall Orchestrator
- Configuring the Orchestrator Server
- Start the Orchestrator Configuration Service
- Log In to the Orchestrator Configuration Interface
- Configure the Network Connection
- Orchestrator Network Ports
- Import the vCenter Server SSL Certificate
- Selecting the Authentication Type
- Configuring the Orchestrator Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Importing the vCenter Server License
- Selecting the Orchestrator Server Mode
- Start the Orchestrator Server
- Configuring vCenter Orchestrator in the Orchestrator Appliance
- Configuring Orchestrator by Using the Configuration Plug-In and the REST API
- Configure Network Settings by Using the REST API
- Configuring Authentication Settings by Using the REST API
- Configure the Database Connection by Using the REST API
- Create a Self-Signed Server Certificate by Using the REST API
- Managing SSL Certificates Through the REST API
- Importing Licenses by Using the REST API
- Additional Configuration Options
- Change the Password of the Orchestrator Configuration Interface
- Change the Default Configuration Ports on the Orchestrator Client Side
- Uninstall a Plug-In
- Activate the Service Watchdog Utility
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Import Licenses for a Plug-In
- Orchestrator Log Files
- Configuration Use Cases and Troubleshooting
- Configuring a Cluster of Orchestrator Server Instances
- Registering Orchestrator with vCenter Single Sign-On in the vCenter Server Appliance
- Setting Up Orchestrator to Work with the vSphere Web Client
- Check Whether Orchestrator Is Successfully Registered as an Extension
- Unregister Orchestrator from vCenter Single Sign-On
- Enable Orchestrator for Remote Workflow Execution
- Changing SSL Certificates
- Back Up the Orchestrator Configuration and Elements
- Unwanted Server Restarts
- Orchestrator Server Fails to Start
- Revert to the Default Password for Orchestrator Configuration
- Setting System Properties
- Disable Access to the Orchestrator Client By Nonadministrators
- Disable Access to Workflows from Web Service Clients
- Setting Server File System Access for Workflows and JavaScript
- Set JavaScript Access to Operating System Commands
- Set JavaScript Access to Java Classes
- Set Custom Timeout Property
- Modify the Number of Objects a Plug-In Search Obtains
- Modify the Number of Concurrent and Delayed Workflows
- Where to Go From Here
- Index
vCenter Server Setup
Increasing the number of vCenter Server instances in your Orchestrator setup causes Orchestrator to
manage more sessions. Each active session results in activity on the corresponding vCenter Server, and too
many active sessions can cause Orchestrator to experience timeouts when more than 10 vCenter Server
connections occur.
For a list of the supported versions of vCenter Server, see VMware Product Interoperability Matrix.
NOTE You can run multiple vCenter Server instances on different virtual machines in your Orchestrator
setup if your network has sufficient bandwidth and latency. If you are using LAN to improve the
communication between Orchestrator and vCenter Server, a 100Mb line is mandatory.
Authentication Methods
To authenticate and manage user permissions, Orchestrator requires a connection to an LDAP server or a
connection to a vCenter Single Sign-On server.
Orchestrator supports the Active Directory, OpenLDAP, eDirectory, and Sun Java System Directory Server
directory service types.
When you install Orchestrator together with vCenter Server, the Orchestrator server is preconfigured to use
vCenter Single Sign-On as an authentication method.
When you install Orchestrator standalone, it is preconfigured to use an embedded LDAP server. The
embedded LDAP server is suitable for testing purposes only. If you want to use Orchestrator with an LDAP
server in a production environment, you must set up a separate LDAP server and configure Orchestrator to
connect to it.
If you download and deploy the Orchestrator Appliance, the Orchestrator server is preconfigured to work
with the OpenLDAP server distributed together with the appliance. The default OpenLDAP configuration is
suitable for small- or medium-scale environment. To use Orchestrator in a production environment, you
must set up either an LDAP server or a vCenter Single Sign-On server and configure Orchestrator to work
with it.
To use LDAP server, you must connect your system to the LDAP server that is physically closest to your
Orchestrator server, and avoid connections to remote LDAP servers. Long response times for LDAP queries
can lead to slower performance of the whole system.
To improve the performance of the LDAP queries, keep the user and group lookup base as narrow as
possible. Limit the users to targeted groups that need access, rather than to whole organizations with many
users who do not need access. The resources that you need depend on the combination of database and
directory service you choose. For recommendations, see the documentation for your LDAP server.
To use the vCenter Single Sign-On authentication method, you must first install vCenter Single Sign-On. If
you install Orchestrator separately from vCenter Server and want to use vCenter Single Sign-On, you must
configure the Orchestrator server to use the vCenter Single Sign-On server that you installed and
configured.
Orchestrator Database Setup
Orchestrator requires a database to store workflows and actions.
If you install Orchestrator together with vCenter Server, the Orchestrator server is preconfigured to use the
vCenter Server datasource (vDB) and no additional configuration of the database is required. However, if
you need to use a separate database, you can configure Orchestrator to use a dedicated database by using
the Orchestrator configuration interface.
Installing and Configuring VMware vCenter Orchestrator
18 VMware, Inc.