Apparently I decided to take on my own challenge of trying to figure out how to automate the installation of the vCAC 6.0 Windows component called IaaS after finishing up my automating vCAC (vCloud Automation Center) 6.0 identity & appliance configuration blog article. Perhaps I am a glutton for punishment as my friend Steve Kaplan would say 🙂
Note: One thing I would like to point out is that before attempting any type of automation is to make sure you thoroughly understand the process that you are trying to automate. This means you should go through the manual process at least once, if not a couple mores times to figure out what exactly is happening. In my particular case, I had to gone through several dozen snapshot reverts to test various things before getting to this end state and this was only made possible with the use of VMware Snapshots.
The vCAC IaaS installer is provided by the vCACVA (vCAC Virtual Appliance) at the end of its configuration an installer is made available for download which contains the IP Address of the vCAC Identity VA (SSO) in the file name. vCAC IaaS is actually made up of several components and the diagram below will help illustrate what is being installed on the Windows Server.
After going through the initial installation, I noticed some interesting logs being generated on the UI console as well as configuration files being referenced. This is where I began the somewhat painful (spent close to 14+hrs) process of figuring out how to automate the installation of vCAC IaaS which also includes a SQL Server component as that is not part of the default installation if one does not already exists. My ultimate goal was to be able to automate the entire installation of vCAC (Virtual Appliances which I have shown in my previous blog article) as well as the Windows components for IaaS so that a customer can quickly and easily stand up an environment for testing and proof of concepts.
To automate the vCAC IaaS component I have created a shell script called createVCACIaaSInstallerScripts.sh that you can run inside the vCAC VA appliance. The script generates a new Windows batch script along with a couple of configuration files that will be executed on the Windows system that will be running IaaS. You can think of this as script inception 🙂 and the generated batch script will contain all the necessary information to install SQL Server Express as well as IaaS components without any user intervention.
Before getting started, you should manually go through the prerequisites below and though these can be automated, depending on your Windows setup, you may need to make some additional tweaks and that is why I have left this portion out of my script. In my environment I am using a Windows Server 2008 R2 64-bit system and this is what tested the script in. YMMV if you are using something different.
- Install Microsoft .NET 4.5
- Run through vCAC Pre-req automation script
Step 1 - Download the createVCACIaaSInstallerScripts.sh onto your vCAC VA appliance. Before executing the script, you will need to edit a couple of variables which are listed below with their descriptions.
VCAC_HOME_DIRECTORY - This is the directory on the vCAC IaaS server in which all the configuration and executables will be located in (default: C:\Users\\Administrator\Desktop\VCAC). You will need to escape the forward slash by using double slashes as noted in script.
VCAC_IAAS_SHORT_HOSTNAME - The short hostname of the vCAC IaaS system
VCAC_SSO_HOSTNAME - The FQDN hostname of your vCAC Identity system
VCAC_SSO_PASSWORD - The SSO Administrator password for *protected email*
VCAC_VA_HOSTNAME - The FQDN hostname of your vCAC VA system
VCAC_SERVICE_USER - The Windows account used to install vCAC IaaS (e.g. system\username)
VCAC_SERVICE_PASSWORD - The password to the above account
VCAC_SECURITY_PASSPHRASE - The security passphrase for the IaaS components
VCAC_DATABASE_INSTANCE_NAME - The name of the SQL Server Instance (default: VCACSQLEXPRESS)
VCAC_DATABASE_NAME - The name of the vCAC Database (default: vCAC)
EMAIL_SERVER - The hostname of an email server if you have one
EMAIL_PASSWORD - The password to the email server if you have one
Step 2 - Once you have finished editing the script you can then execute the script on the vCAC VA. The script will NOT perform any changes but will actually generate the following four files:
- vGhetto-SQLServerConfigFile.ini - SQL Server silent install config
- vCAC Core silent install config
- vCAC WAPI silent install config
- installVCACIaaS.bat - Script that performs both SQL Server install & vCAC IaaS
Note: This article came in handy while creating the SQL Server silent install configuration file, however it did not mention the odd/stupid quirks one had to go through to generate the config file by using some additional install flags.
Here is a screenshot of what the output looks like when running the script:
Step 3 - You will need to transfer these four files via SCP to your Windows Server that will be running IaaS. In addition, there also four Windows executables that are stored on the vCACVA that you will also need to transfer to your IaaS system. The following files are all stored in /opt/vmware/share/htdocs/service/iaas/download
Step 4 - You will need to download the SQL Server Express installer onto your IaaS system. In my environment I used SQL Server 2008 R2 Express and the expected file name is SQLEXPR_x64_ENU.exe which is stored as a variable within the script. If you choose to use a different version, this may or may not work.
Step 5 - We are almost there! To make things easier, we had you defined a directory in which all the configuration and executables will be stored in and by default this is C:\Users\\Administrator\Desktop\VCAC You should have the following nine files within this directory:
Step 6 - Finally, the hardest part 🙂 either double click onto the installVCACIaaS.bat file or what I would recommend is to run it from the cmd prompt. There are no additional configuration or tweaks required as the original shell script has done all the heavy lifting unless you provided the wrong information. The script will start off by installing SQL Server Express and then moving onto the various vCAC components. In total it takes about 20minutes and there are timestamps on when each component has finished installing, so you can get a cup of coffee, tea or beer and check out other cool articles on virtuallyGhetto.com 😉
Here is a screenshot of executing the bat script:
So there you have it! A complete automated installation of vCAC IaaS including a SQL Server database as part of the install. You can now combined this with my earlier article for automating both the vCAC Identity VA as well as the vCACVA to fully standup a vCAC environment in a little under 30 minutes. The scripts provided are very rudimentary as you can see I went a bit old school using bat scripting and I am sure there are a variety of enhancements that can be made to the script such as validating the files exists before starting and also waiting on each process before moving onto the next.
I also want to point out though the end solution looks like a trivial single script that a user executes, it took MANY MANY hours to figure out all the intricacies of the vCAC silent install process by looking at the various log files, configuration files and lots of snapshot reverts. In my opinion, this tells me we have more work to do on our installers not only making it easy and trivial to install from a UI point of view but also for automated silent installations. One should not have to reverse engineer various log and configuration files to be able to easily deploy 5, 10, 50 additional instances of vCAC or any other product for that matter. The user experience should be exactly the same and I hope this an area where we will continue to improve upon.
Lastly, this will probably be my last blog post for 2013. I am looking forward to some downtime in next couple of days before heading off to our much belated honeymoon in Asia for 3 weeks. I wish everyone Happy Holidays and a Happy New Years and see you in 2014!
I'm getting this error from the last step of the install script - System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
"C:\Program Files (x86)\VMware\vCAC\Server\Model Manager Data\Cafe\Vcac-Config.exe" RegisterCatalogTypes -v
I've tried running the command manually, and still getting the same error. Any ideas?
William Lam says
I've not seen this error before, you may want to check the log files to see if there's anything useful. If not, you can also try posting in the vCAC VMTN Community forums and someone from the team might be able to help.
Were you able to fix this error
MOAZZAM HUSSAIN says
I also have the same problem. While configuring VCAC core server components, the endpoint registration in virtual appliance failed because of:
System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. Please help me. Thanks in advance.
MOAZZAM HUSSAIN says
I am also faced with the same error while configuring vcac core server components. The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. in
“C:\Program Files (x86)\VMware\vCAC\Server\Model Manager Data\Cafe\Vcac-Config.exe” RegisterCatalogTypes -v
Please help me. Thanks in advance.
Tony Rebel says
Thanks for the scripts; I have a somewhat related question: I noticed in the Update sequence for VSphere 5.5 there is no reference to vCAC. Any thoughts / suggestions?
Sayaji Patil says
This comment has been removed by the author.
Sayaji Patil says
I'm getting this error when I run the vCAC-Config.exe
Unhandled Exception: System.Security.Cryptography.CryptographicException: The pa
rameter is incorrect.
I did some debugging and looks like this error is for the SERVICE_USER_PASSWORD parameter. I have the value in plain text
MOAZZAM HUSSAIN says
I am getting this error while configuring vCAC Core Server Components:
Configuring vCAC Core Server Components ...
Running vCAC Software Configuration Wizard in silent mode.
The following vCAC features have been installed and selected for configuration:
Database Configuration is completed.
Model Manager Web Configuration is completed.
Model Manager Data Configuration failed.
Model manager data configuration fails.
Please help me. Thanks in advance.
After vcac appliances and iaas install, when adding tentants can the AD domain name be different from the domain name of the vcac appliances?
Mike Foley says
Note that this doesn't seem to work on Windows 2012 unfortunately. The WAPI service threw a "access is denied" (Might have needed to run as Administrator?). I also saw some errors with running SQL 2008 R2 on Win2012 that wouldn't resolve. I'm installing SQL 2012 SP1 and will try again by hand.