After publishing my two-part series on automating vCAC 6.0 installation and configuration here and here, I received an interesting inquiry on how to automate vCloud Application Director (AppD) deployment and configuration. Given that I had a couple of days before winding down for the holidays and for my upcoming trip, I took my final challenge of 2013. The challenge with trying to automate AppD deployment, even though it is distributed as a Virtual Appliance is that it requires user interaction during the first bootup. A user must provide a valid AppD license key which then allows AppD service to start up and the user must also change both the root and admin account as part of the bootup process.
This is not ideal from an automation standpoint as it prevents anyone from automating the deployment and configuration of AppD. In my opinion, these configurations should have been part of the OVF properties which can then be specified during the deployment and allow for automated/unattended deployment of AppD. Since the setup was happening during the boot process, I opted for more of an out-of-the-box solution after spending a couple of minutes looking for a workaround.
The solution that I came up would require a "slight" modification to the startup scripts which is accomplished by initially mounting the VMDK of a newly deployed AppD Virtual Machine that has not been powered on. This can be done in one of two ways by either using a live-CD such as KNOPPIX or programmatically using the vSphere APIs. Once the VMDK has been mounted, you will need to rescan the guestOS to ensure the virtual disk is visible and then mount the 3rd partition of AppD Virtual Machine as seen in the screenshot below.
The following script /opt/vmware/etc/isv/firstboot is responsible for prompting for the license key as well as changing the passwords for the two user accounts. To allow the script to continue, we will need to comment out the following lines in the script 75-102 and 287-289 as seen in the screenshot below.
In addition to the change above, we will also need to the create the license file /home/darwin/tcserver/darwin/appd-license.properties that is normally generated by going through the regular process which must also contain a valid license key. This is required as it will prevent the AppD service from starting up properly. To help simplify the changes, I have created a simple shell script called prepvCloudAppD.sh which will automatically comment out the appropriate lines in the firstboot script as well as create the AppD license file. There are two variables you will need to specify before running the script:
- APPD_LICENSE - The license key
- APPD_VMDK_MOUNT_HOME - The mount home of the AppD filesystem (Default: /mnt)
Here is a screenshot of executing the script:
At this point we are now ready to power up our AppD Virtual Machine and you will notice that AppD no longer prompts the users for input.
Once AppD is up and running, you should change the default password for both the root and admin account as they are not very secure by default. The default password for the root account is "vmware" and the defualt password for admin account is "password". The admin password is not an OS account but an application account and this will need to be changed by using the darwin-cli. You can do this inside of a simple shell script or right on the command line by running the following command (be sure to replace it with the password of your choice):
APPD_ADMIN_PASS=VMware123
cat > /tmp/password << __APPD_PASSWORD__
${APPD_ADMIN_PASS}
${APPD_ADMIN_PASS}
__APPD_PASSWORD__
/usr/java/jre-vmware/bin/java -jar /home/darwin/tools/darwin-cli.jar login --serverUrl https://localhost:8443/darwin --username admin --password password\;change-user-password --username admin --currentUserPassword password\;logout < /tmp/password
The above commands will create a new file in /tmp/password which contains the password you wish to change the admin account to.
Then using the darwin-cli, we can now re-direct the file we just created and change the password without any user intervention which is great for automated configuration of AppD.
Finally, we can confirm everything was setup correctly by logging into the AppD interface by opening a browser to the following URL: https://[APPD-HOSTNAME]:8443/darwin and logging in using the admin account and password we changed earlier.