7.1
Table Of Contents
- Installing vRealize Automation
- Contents
- vRealize Automation Installation
- Updated Information
- Installation Overview
- Preparing for Installation
- Installing with the Installation Wizard
- Deploy the vRealize Automation Appliance
- Using the Installation Wizard for Minimal Deployments
- Run the Installation Wizard for a Minimal Deployment
- Installing the Management Agent
- Synchronize Server Times
- Run the Prerequisite Checker
- Specify Minimal Deployment Parameters
- Create Snapshots Before You Begin the Installation
- Scenario: Finish the Installation
- Address Installation Failures
- Set Up Credentials for Initial Content Configuration
- Using the Installation Wizard for Enterprise Deployments
- Run the Installation Wizard for an Enterprise Deployment
- Installing the Management Agent
- Synchronize Server Times
- Run the Prerequisite Checker
- Specify Enterprise Deployment Parameters
- Create Snapshots Before You Begin the Installation
- Finish the Installation
- Address Installation Failures
- Set Up Credentials for Initial Content Configuration
- The Standard Installation Interfaces
- Using the Standard Interfaces for Minimal Deployments
- Using the Standard Interfaces for Distributed Deployments
- Distributed Deployment Checklist
- Distributed Installation Components
- Disabling Load Balancer Health Checks
- Certificate Trust Requirements in a Distributed Deployment
- Configure Web Component, Manager Service and DEM Host Certificate Trust
- Installation Worksheets
- Deploy the vRealize Automation Appliance
- Configuring Your Load Balancer
- Configuring Appliances for vRealize Automation
- Install the IaaS Components in a Distributed Configuration
- Install IaaS Certificates
- Download the IaaS Installer
- Choosing an IaaS Database Scenario
- Install an IaaS Website Component and Model Manager Data
- Install Additional IaaS Website Components
- Install the Active Manager Service
- Install a Backup Manager Service Component
- Installing Distributed Execution Managers
- Configuring Windows Service to Access the IaaS Database
- Verify IaaS Services
- Installing Agents
- Set the PowerShell Execution Policy to RemoteSigned
- Choosing the Agent Installation Scenario
- Agent Installation Location and Requirements
- Installing and Configuring the Proxy Agent for vSphere
- Installing the Proxy Agent for Hyper-V or XenServer
- Installing the VDI Agent for XenDesktop
- Installing the EPI Agent for Citrix
- Installing the EPI Agent for Visual Basic Scripting
- Installing the WMI Agent for Remote WMI Requests
- Post-Installation Tasks
- Troubleshooting an Installation
- Default Log Locations
- Rolling Back a Failed Installation
- Create a Support Bundle
- General Installation Troubleshooting
- Installation or Upgrade Fails with a Load Balancer Timeout Error
- Server Times Are Not Synchronized
- Blank Pages May Appear When Using Internet Explorer 9 or 10 on Windows 7
- Cannot Establish Trust Relationship for the SSL/TLS Secure Channel
- Connect to the Network Through a Proxy Server
- Console Steps for Initial Content Configuration
- Troubleshooting the vRealize Automation Appliance
- Troubleshooting IaaS Components
- Validating Server Certificates for IaaS
- Credentials Error When Running the IaaS Installer
- Save Settings Warning Appears During IaaS Installation
- Website Server and Distributed Execution Managers Fail to Install
- IaaS Authentication Fails During IaaS Web and Model Management Installation
- Failed to Install Model Manager Data and Web Components
- IaaS Windows Servers Do Not Support FIPS
- Adding an XaaS Endpoint Causes an Internal Error
- Uninstalling a Proxy Agent Fails
- Machine Requests Fail When Remote Transactions Are Disabled
- Error in Manager Service Communication
- Email Customization Behavior Has Changed
- Troubleshooting Log-In Errors
- Silent Installation
- Index
Certificate Trust Requirements in a Distributed Deployment
For secure communication, vRealize Automation relies on certicates to create trusted relationships among
components.
The specic implementation of the certicates required to achieve this trust depends on your environment.
To provide high availability and failover support, you might deploy load-balanced clusters of components.
In this case, you obtain a multi-use certicate that includes the IaaS Web component in the cluster, and then
copy that multi-use certicate to each component in the cluster. You can use Subject Alternative Name
(SAN) certicates, wildcard certicates, or any other method of multi-use certication appropriate for your
environment as long as you satisfy the trust requirements. If you use load balancers in your deployment,
you must include the load balancer FQDN in the trusted address of the cluster mult-use certicate.
For example, if you have a load balancer conguration that requires a certicate on the load balancer as well
as its components, you might obtain a SAN certicate to certify web-load-balancer.eng.mycompany.com,
web-component-1.eng.mycompany.com, and web-component-2.eng.mycompany.com. You would copy that
single multi-use certicate to the load balancer and each of the appliances and then register the certicate on
the Web component machines.
The Certicate Trust Requirements table summarizes the trust registration requirements for various
imported certicates.
Table 4‑5. Certificate Trust Requirements
Import Register
vRealize Automation appliance cluster Web components cluster
Web component cluster
n
vRealize Automation appliance cluster
n
Manager Service components cluster
n
DEM Orchestrators and DEM Worker components
Manager Service component cluster
n
DEM Orchestrators and DEM Worker components
n
Agents and Proxy Agents
Configure Web Component, Manager Service and DEM Host Certificate Trust
Customers who use a thumb print with pre installed PFX les to support user authentication must congure
thumb print trust on the web host, manager service, and DEM Orchestrator and Worker host machines.
Customers who import PEM les or use self-signed certicates can ignore this procedure.
Prerequisites
Valid web.pfx and ms.pfx available for thumb print authentication.
Procedure
1 Import the web.pfx and ms.pfx les to the following locations on the web component and manager
service host machines:
n
Host Computer/Certificates/Personal certificate store
n
Host Computer/Certificates/Trusted People certificate store
2 Import the web.pfx and ms.pfx les to the following locations on the DEM Orchestrator and Worker
host machines:
Host Computer/Certificates/Trusted People certificate store
Chapter 4 The Standard vRealize Automation Installation Interfaces
VMware, Inc. 63