WilliamLam.com

Configure vRealize Automation to use Platform Services Controller as External Identity Provider

by // 2 Comments

I was doing some research on an inquiry that I had received from a customer who was interested in configuring their vRealize Automation (vRA) instance to use vCenter's Platform Services Controller (PSC) as an External Identity Provider (IDP) rather than the default VMware Identity Manager (vIDM) which vRA supports natively out of the box. vIDM already supports a large number of websso applications as seen here and it itself can also be used as an External IDP to integrate with things like Active Directory Federation Services (ADFS) for example.

For some customers who are more familiar with the PSC, this is a convenient way to unify their authentication between the different vRealize products which support vIDM and integrating that directly with PSC. Since both solutions spoke SAML, it was merely figuring out process on setting up the External IDP using the PSC. In reading some of our internal Wikis and working with one of the vIDM Engineers, since I was stuck on a particular step, I was able to finally get this to work which I have outlined the steps below. I also learned that we had officially supported this since vRA 7.0 which was great to hear as well.

I know there are number of customers who would also like to see the reverse of this configuration, where PSC can use vIDM as an External IDP. I know this is something the PSC team is currently looking into for External IDP support. If this is something that you are interested in or would like to see specific External IDP setup/configuration, feel free to leave a comment.

Pre-Requisite: 

  • Join Platform Services Controller (PSC) to Active Directory (instructions here & here)
  • Join vRealize Automation (vRA) Appliance to Active Directory (instructions here)

In my lab environment, I have deployed an Embedded VCSA 6.5 (this also works with an External PSC) and vRealize Automation 7.2 (this was prior to 7.3 getting released but should work as well).

[Read more...]

Exclusive vGhetto discount on homelab hardware from MITXPC

by // 4 Comments

On a regular basis I already receive a number of inquires from both internal VMware folks as well as external partners and customers about VMware homelabs and the type of hardware that can be used. After demo'ing our recent USB to SDDC project, the requests have literally tripled! Most folks are generally inquiring BOM details and/or where to purchase the Intel NUC or the SuperMicro E200-8D.

In particular, the SuperMicro E200-8D has probably received the most amount of interest lately. In fact, I am also interested in one after having an opportunity to play with one during the Melbourne VMUG. One thing I had noticed while talking to several colleagues who have purchased this system both locally within the Bay Area as well as overseas such as Australia was that one particular reseller kept coming up over and over again. That vendor was MITXPC which is a local bay area company located over in Fremont which specializes in Mini-ITX systems.

The reason MITXPC was being used by the majority of these folks was simple, they had the best price for the SuperMicro E200-8D which was significantly cheaper than other vendors including Amazon.

Vendor Price
E200-8D on MITXPC $799 USD ($783.02 w/discount code)
E200-8D on Amazon $849 USD

Having heard good things about MITXPC, I decided to reach out to them and see if there was anything special they could do for the VMware Community. I was able to get a special discount code that would offer folks an additional 2% off their entire purchase at MITXPC. For those of you who have been holding off on a refresh your home lab or itching to build your own, this is a great time! If you would like to take advantage of this offer, simply use the discount code VIRTUALLYGHETTO2OFF when you check out. I would like to give a huge thanks to Eric Yui of MITXPC for working with me on this and helping out the VMware Community.

Disclaimer: I am not affiliated with MITXPC.

How to purge all logs in vRealize Log Insight?

by // 17 Comments

I had just deployed a new vRealize Log Insight (vRLI) 4.0 instance in my home lab environment to investigate a behavior that I was seeing with another product, non-vRLI related. Due to the nature of the work, I needed to have a pristine vRLI environment each time to study the results. I had already forwarded some logs into vRLI and rather than deploying another instance or re-deploy the current instance, what I really wanted to be able to do is to just wipe all the logs in vRLI but did not see an option within the UI. I also could have used VM snapshots, but was hoping there was a cleaner solution that vRLI provided out of the box.

The next place I looked immediately after was Mr. Log Insight's site aka Steve Flanders blog but there was nothing there about this other than archiving. After a few Google searches, I came across this exact same question on the vRLI Ideas site but sadly there was no solution and it was dated back in 2014. Though Steve makes a good point about just letting the logs rotate out automatically, in my case, this was not an option and I needed a pristine environment.

Being the curious one, I figured there has to be a way, even if it is not officially recommended nor supported. As you probably have guessed, I did find a way but I would caution that you read the disclaimer below before proceeding further. This was something I needed to do in my lab to test a few scenarios that was non-vRLI related, but I needed syslog target, so this is why I am using vRLI 🙂

Disclaimer: This is probably not officially supported nor recommended by VMware. Please use at your own risk. YOU WILL LOSE ALL YOUR LOGS

[Read more...]