If you have seen my previous article on Automating VCSA (vCenter Server Appliance) 5.0, you will notice the existing script will not work on latest VCSA 5.1, without a minor tweak. The reason for this is due to the new vCenter SSO (Single Sign-On) configuration that is now part of the initial setup.
Note: If you would like to learn more about the new vCenter SSO, I would recommend you take a look at the What's New vCenter Server 5.1 whitepaper.
Luckily, the change is quite simple and in the example below, you will be configuring vCenter Server SSO to run in the embedded mode on the VCSA. I have also enhanced the script to include the joining of an Active Directory domain if you wish to have the VCSA backed by AD.
Disclaimer: This is for educational purposes only, this is not officially supported by VMware. Please test this in a development environment before using it on actual systems.
Here is a script with the minimal commands needed for running an embedded configuration:
#!/bin/bash
# User Configurations
JOIN_AD=0
AD_DOMAIN=primp-industries.com
AD_USER=administrator
AD_PASS=mysupersecurepassword
VCENTER_HOSTNAME=vcenter51-1.primp-industries.com
## DO NOT EDIT BEYOND HERE ##
echo "Accepting EULA ..."
/usr/sbin/vpxd_servicecfg eula accept
if [ ${JOIN_AD} -eq 1 ]; then
echo "Configuring vCenter hostname ..."
SHORTHOSTNAME=$(echo ${VCENTER_HOSTNAME} | cut -d. -f1)
/bin/hostname ${VCENTER_HOSTNAME}
echo ${VCENTER_HOSTNAME} > /etc/HOSTNAME
sed -i "s/localhost.localdom/${VCENTER_HOSTNAME}/g" /etc/hosts
sed -i "s/localhost/${SHORTHOSTNAME}/g" /etc/hosts
echo "Configuring Active Directory ..."
/usr/sbin/vpxd_servicecfg ad write "${AD_USER}" "${AD_PASS}" ${AD_DOMAIN}
fi
echo "Configuring Embedded DB ..."
/usr/sbin/vpxd_servicecfg db write embedded
echo "Configuring SSO..."
/usr/sbin/vpxd_servicecfg sso write embedded
echo "Starting VCSA ..."
/usr/sbin/vpxd_servicecfg service start
Note: By default the script will not join an AD domain, you will need to change the JOIN_AD variable to 1 and ensure you specify all the Active Directory configurations including the FQDN of your vCenter Server as this is required for properly join your VCSA to your AD domain. If you choose to join an AD domain, make sure you have proper forward/reverse DNS configured on the VCSA and you will also need to reboot the VCSA for the changes to take effect.
To run the script remotely (you do not need to copy it to VCSA), use the following command:
# ssh [email protected][vcsa-ip] < configureVCSA.sh
You can now quickly deploy and configure your VCSA in just minutes versus spending 5-10 minutes clicking around and waiting for the web interface. Once you have tried this script, you will never go back to manually configuring the VCSA using the web interface!
script is great, it is exactly what I was looking for, I am also trying to re-configure the eth0. Can this be done by using ifconfig in the script, modifying the config file or will that cause issues. Is there a vami cmd to modify the network settings or some vmware cmd. Any help is welcome. thanks
Sean
Yes, there various ways of changing the IP Address (not sure if there's any VAMI specific tools). I would start by looking at /etc/sysconfig/network/ifcfg-eth0 and you can of course search online if you need the steps
You can reconfigure eth0 by running /opt/vmware/share/vami/vami_config_net
You could also call that script from William's script.
Chris
Hi,
I am looking for solution to configure vCSA to authenticate over two (or more) MS AD domains. In fact, for some reason, I need to add roles to my vCSA, using accounts from two different (and un-related) MS AD domains.
Do you have any idea would it be possible, using scripts?
Milan
sed commands made too many changes to /etc/hosts, localhost completely gone, you'd better write to it from the scratch with:
echo "127.0.0.1 ${VCENTER_HOSTNAME} ${SHORTHOSTNAME} localhost" > /etc/hosts
echo "::1 ${VCENTER_HOSTNAME} ${SHORTHOSTNAME} localhost ip6-localhost ip6-loopback" >> /etc/hosts
Joining AD domain did not work for me, I used another command:
/opt/likewise/bin/domainjoin-cli join "$AD_USER" "$AD_PASS" "$AD_DOMAIN"
Hi,
With the latest versions, 5.1U1, eg. VMware-vCenter-Server-Appliance-5.1.0.10100-1123965_OVF10.ova Do you know if this problem remains between VCSA and SSO? Is it even necessary to make this small touch? I mean to a instalation from scratch.
By the way, Is it better ovf or ova to implement VCSA?
Flat
I'm not seeing the script source... Maybe it got lost in the migration in between the old wiki and the new one?? :-/
Thanks, I've fixed the post
Hi, William:
What about scripts to automate vCSA and VDP upgrades? Looking forward to these. 🙂
Best Regards,
Joe
Take a look at this article for updating the virtual appliances http://www.virtuallyghetto.com/2013/05/patching-vmware-virtual-appliances.html