WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Hardware Options
    • Hardware Reviews
    • Lab Deployment Scripts
    • Nested Virtualization
    • Homelab Podcasts
  • VMware Nostalgia
  • Apple
You are here: Home / Aria / Automate the deployment & initial configuration of Aria Suite Lifecycle Manager (formally vRSLCM) 

Automate the deployment & initial configuration of Aria Suite Lifecycle Manager (formally vRSLCM) 

02.15.2024 by William Lam // 3 Comments

I love writing automation, especially for deploying a consistent and repeatable environment for testing or learning purposes. I recently deployed the latest Aria Suite Lifecycle Manager 8.14 (formally vRealize Suite Lifecycle Manager or vRSLCM) manually using the graphical Easy Installer method, which was easy and straight forward.

Unlike the vCenter Server Appliance (VCSA) installer, which includes both a UI and CLI option, the latter for automation purposes. I found that ASLCM only provides an interactive UI method for deployment and I was interested in an automated solution. Similar to the VCSA installer, the extracted contents of the ASLCM ISO is the installer and OVA image, so I figured I could just deploy using PowerCLI and I could start playing with ASLCM!

Automating the ASLCM OVA deployment was trivial, but what I discovered was that there was different behavior between using the Easy Installer versus just deploying the OVA and powering it on. I observed that I was not able to login using the password that I had set in the OVF properties for the admin@local user ...

Long story short, I eventually realized that the Easy Installer was also performing the default password change for admin@local user, which typically is not required for most VMware appliances as you can define that as part of the OVF properties. I am not sure why it was designed to have a "default" password rather than just setting it up right from the beginning.

In any case, after observing how the ASLCM appliance was configured, I was able to create a fully automated deployment script for ASLCM using the OVA and it would ensure that it was ready before initiating the default password change using ASLCM APIs.

$vCenterServerFQDN = "FILL_ME_IN"
$vCenterUsername = "FILL_ME_IN"
$vCenterPassword = "FILL_ME_IN"

$VMFolder = "Workloads"
$VMCluster = "Supermicro-Cluster"
$VMNetwork = "VM Network"
$VMDatastore = "sm-vsanDatastore"
$VMNetmask = "255.255.255.0"
$VMGateway = "192.168.30.1"
$VMDNS = "192.168.30.2"
$VMNTP = "pool.ntp.org"
$VMDomain = "primp-industries.local"

# Aria Suite Lifecycle Manager Configurations
$AriaSuiteLifecycleHostname = "aria-lcm"
$AriaSuiteLifecycleIP = "192.168.30.91"
$AriaSuiteLifecycleRootPassword = "VMware1!"
$AriaSuiteLifecycleAdminPassword = "VMware1!"
$AriaSuiteLifecycleOVA = "/Volumes/Storage/Software/VMware-Aria-Suite-Lifecycle-Installer-22630473/vrlcm/VMware-Aria-Suite-Lifecycle-Appliance-8.14.0.4-22630472.ova"

### DO NOT EDIT BEYOND HERE ###

$AriaSuiteLifecycleFQDN = "${AriaSuiteLifecycleHostname}.${VMDomain}"

Write-Host "Connecting to vCenter Server ..."
Connect-VIServer -Server $vCenterServerFQDN -User $vCenterUsername -Password $vCenterPassword | Out-Null

$ovfconfig = Get-OvfConfiguration $AriaSuiteLifecycleOVA

$networkMapLabel = ($ovfconfig.ToHashTable().keys | where {$_ -Match "NetworkMapping"}).replace("NetworkMapping.","").replace("-","_").replace(" ","_")
$ovfconfig.NetworkMapping.$networkMapLabel.value = $VMNetwork
$ovfconfig.common.vami.hostname.value = $AriaSuiteLifecycleFQDN
$ovfconfig.vami.VMware_Aria_Suite_Lifecycle_Appliance.ip0.value = $AriaSuiteLifecycleIP
$ovfconfig.vami.VMware_Aria_Suite_Lifecycle_Appliance.netmask0.value = $VMNetmask
$ovfconfig.vami.VMware_Aria_Suite_Lifecycle_Appliance.gateway.value = $VMGateway
$ovfconfig.vami.VMware_Aria_Suite_Lifecycle_Appliance.DNS.value = $VMDNS
$ovfconfig.vami.VMware_Aria_Suite_Lifecycle_Appliance.searchpath.value = $VMDomain

$ovfconfig.common.varoot_password.value = $AriaSuiteLifecycleRootPassword
$ovfconfig.common.va_ssh_enabled.value = "True"
$ovfconfig.common.va_firstboot_enabled.value = "True"
$ovfconfig.common.va_telemetry_enabled.value = "False"
$ovfconfig.common.va_fips_enabled.value = "False"
$ovfconfig.common.va_ntp_servers.value = $VMNTP

$datastore = Get-Datastore -Server $viConnection -Name $VMDatastore | Select -First 1
$cluster = Get-Cluster -Server $viConnection -Name $VMCluster
$vmhost = $cluster | Get-VMHost | Get-Random -Count 1
$vmfolder = Get-Folder -Name $VMFolder

Write-Host "Deploying Aria Suite Lifecycle Manager OVA ..."
$vm = Import-VApp -Source $AriaSuiteLifecycleOVA  -OvfConfiguration $ovfconfig -Name $AriaSuiteLifecycleHostname -Location $VMCluster -VMHost $vmhost -Datastore $datastore -DiskStorageFormat thin -InventoryLocation (Get-Folder $VMFolder)
$vm | Start-Vm -RunAsync | Out-Null

Disconnect-VIServer * -Confirm:$false | Out-Null

Write-Host "Waiting for Aria Suite Lifecycle Manager to be ready ..."
while(1) {
    try {
        $requests = Invoke-WebRequest -Uri "https://$($AriaSuiteLifecycleFQDN)/lcm/bootstrap/api/status" -Method GET -SkipCertificateCheck -TimeoutSec 5

        if($requests.StatusCode -eq 200) {
            Write-Host "Aria Suite Lifecycle Manager is now ready!"
            break
        }
    }
    catch {
        Write-Host "Aria Suite Lifecycle Manager is not ready yet, sleeping for 5 minutes ..."
        sleep 300
    }
}

$json = @{
    "username" = "admin@local"
    "password" = $AriaSuiteLifecycleAdminPassword
}

$body = $json | ConvertTo-Json -Depth 2

$pair = "admin@local:vmware"
$bytes = [System.Text.Encoding]::ASCII.GetBytes($pair)
$base64 = [System.Convert]::ToBase64String($bytes)

$headers = @{
    "Authorization"="basic $base64"
    "Content-Type"="application/json"
    "Accept"="application/json"
}

Write-Host "Changing default password for admin@local user ..."
$requests = Invoke-WebRequest -Uri "https://$($AriaSuiteLifecycleFQDN)/lcm/authzn/api/firstboot/updatepassword" -Method PUT -SkipCertificateCheck -TimeoutSec 5 -Headers $headers -Body $body

if($requests.StatusCode -eq 200) {
    Write-Host "admin@local password change successful!"
} else {
    Write-Error "Failed to change default password"
}
Write-Host -ForegroundColor Green "You can now login to Aria Suite Lifecycle Manager https://$($AriaSuiteLifecycleFQDN)/login`n"

Here is a screenshot of running the script above once the default password has been changed, you can then login by opening a browser to https://[FQDN_ASLCM/login as directed in the console output of the script using the default admin@local user account:


and there you have it, automated deployment of ASLCM along with the default password configured similar to using the Easy Installer UI!


This automation is actually part of a more comprehensive project that I am currently working on with the rest of the Aria products, so stay tuned for more details!

More from my site

  • Automated Aria Suite (Lifecycle, Identity, Operations, Logs & Automation) Lab Deployment Script
  • Automating vRealize stack based on VVD using new vRealize Suite Lifecycle Management
  • Cross vCenter Clone with vSphere 6.0+
  • Minimum vSphere edition & features for Tanzu Community Edition (TCE)
  • Deploy Harbor in an Air-Gapped environment for Tanzu Kubernetes Grid (TKG)

Categories // Aria, Automation, VMware Cloud Foundation Tags // Aria Suite Lifecycle Manager, vRealize Suite Lifecycle Manager

Comments

  1. *protectedPaul Cable says

    04/09/2024 at 12:54 pm

    William are you aware of any way to assign admin@local permissions to a vidm user? I only ever login to LCM to do admin tasks, but every time I go from vidm to LCM I have to then logout and then log back in as admin@local to get access to all the settings.

    Reply
    • *protectedfundemental pumpkin says

      04/09/2024 at 2:57 pm

      https://old.reddit.com/r/vmware/comments/1c04e2u/aria_suite_lifecycle_give_a_user_the_same/?

      Reply
  2. *protectedTk says

    06/30/2024 at 10:22 pm

    Hi William.. Is there any way we can remove a particular environment from LCM to make it standalone (in our case it is sandbox env)

    Reply

Thanks for the comment!Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • VCF 9.0 Hardware Considerations 05/30/2025
  • VMware Flings is now available in Free Downloads of Broadcom Support Portal (BSP) 05/19/2025
  • VMUG Connect 2025 - Minimal VMware Cloud Foundation (VCF) 5.x in a Box  05/15/2025
  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025
  • Quick Tip - Validating Broadcom Download Token  05/01/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...