#VMware #Automation #CloudComputing
🚀 Join our detailed workshop on ‘Aria Automation – Getting More Out of it!, where we empower your organization with advanced automation strategies. Led by experts Katherine Skilling, Sam Aaron, Scott Bowe, and Trisha Navarro, this session provides a step-by-step guide to creating automation […]
There are two ways to get data form AD in vRealize Orchestrator with plugin and with ldapClient. Native ldapClient is much more powerful but also a bit more complicated in use. In this short post I’ll show you how to use both. First we will find user email for a known user account name and next we will find a user account name based on his email. As we all know one can bind the user name or its email on a XaaS form in vRA quite easily.
Lets start with finding user email for a known AD account name with AD plugin. First we need to clean a user name that was passed form vRA. vRA will pass user name in format user@domain we need only account name. The next step is to find a proper AD endpoint to work with. If your vRO have only one AD endpoint you can just take first one form findAllHosts function like this: var adHosts = AD_HostManager.findAllHosts()[0];
For me it is bit more complicated therefore second input to this action is domain name I want to do a search in. Once we have AD endpoint set we can use library function searchExactMatch to find the user. Using this function you can also search for groups, OUs or computer accounts. Just change the first argument form “User” to “UserGroup”, “OrganizationalUnit” or “ComputerAD” respectively. Function searchExactMatch returns an array, therefore we take only first element here. User names should be unique 😉 Once you have a AD:User object you can get any of its attributes with getAttribute function.
Working with vRO AD plugin FindUsereEmail Example:
Continue reading “[Quick Hint] Working with AD in vRO with plugin and ldapClient”There are situations when your workflow will have to restart a VM. This post shows a way to disable VM monitoring in Patrol using a simple REST call. This way your monitoring team will not get a false positive alarm and you will avoid unnecessary emails 😉
Disable VM Monitoring:
/***
Inputs:
vmName <String> - Hostname
sleepTime <Number> - Monitoring suspend time in sec
***/
//https://<patrolweb>/eadmin/suppress_host_bem.pl?host=<hostname>&until_ts=<time_in_sec>&action = add
System.debug("Supend VM Monitoring...");
var operationUrl = "/eadmin/suppress_host_bem.pl?host={vmName}&until_ts={sleepTime}&action=add";
operationUrl = operationUrl.replace("{vmName}", vmName);
operationUrl = operationUrl.replace("{sleepTime}", sleepTime);
request = patrol.createRequest("GET", operationUrl);
request.setHeader("Content-Type", "application/json");
var response = request.execute();
if(response.statusCode > 399){
throw 'Error: ' + response.contentAsString;
}
else {
System.log(response.contentAsString);
}
Once you are done with all VM operations and restarts you can enable monitoring again.
Enable VM Monitoring:
/***
Inputs:
vmName <String> - Hostname
***/
//https://<patrolweb>/eadmin/suppress_host_bem.pl?host=<hostname>&action=delete
System.debug("Unsupend Monitoring...");
var operationUrl = "/eadmin/suppress_host_bem.pl?host={vmName}&action=delete";
operationUrl = operationUrl.replace("{vmName}", vmName);
request = patrol.createRequest("GET", operationUrl);
request.setHeader("Content-Type", "application/json");
var response = request.execute();
if(response.statusCode > 399){
throw 'Error: ' + response.contentAsString;
}
else {
System.log(response.contentAsString);
}
In my vRealize Orchestrator a lot of workflows are being scheduled to be executed automatically in future. Since i like keeping it clean I have a workflow scheduled to be executed daily to clean up all old executed workflows. This way my Scheduled Workflows tab in vRO is always clean.
To use the code below you have to create a vRO REST endpoint with basic authentication and set it as a variable in the workflow.
/*
* INPUTS:
* vroHost <REST:RESTHost> - vRO rest endpoint with basic authentication
*/
operationUrl = "/api/tasks"
request = vroHost.createRequest("GET", operationUrl);
request.setHeader("Accept", "application/json");
request.setHeader("Content-Type", "application/json");
var response = request.execute();
if(response.statusCode >= 300){
throw 'Error while trying to execute request! response.statusCode: ' + response.statusCode;
}
else {
var response = JSON.parse(response.contentAsString);
for each (var task in response.relations.link){
var finished = false;
var oneTime = false;
for each (var attrib in task.attributes){
if (attrib.name == "recurrenceCycle"){
System.debug("recurrenceCycle: " + attrib.value);
if(attrib.value == "one-time"){
oneTime = true;
}
}
if (attrib.name == "state"){
System.debug("state: " + attrib.value);
if(attrib.value == "finished"){
finished = true;
}
}
}
var id = task.href.split("/");
id = id[id.length-2];
if (finished && oneTime){
System.warn("DELETE TASK: " + id);
deleteTask(id);
}
}
}
function deleteTask(id){
operationUrl = "/api/tasks/" + id
request = vroHost.createRequest("DELETE", operationUrl);
request.setHeader("Accept", "application/json");
request.setHeader("Content-Type", "application/json");
var response = request.execute();
if(response.statusCode >= 300){
throw 'Error while trying to execute Delete request! response.statusCode: ' + response.statusCode;
}
else {
System.debug('Delete response.statusCode: ' + response.statusCode);
}
}
I was asked to initiate Tripwire Scan on all VMs deployed by vRealize Automation. This requirement was an issue raised by compliance audit finding. After some talks to Tripwire team, we decided on an approach to assign a tag to a host in Tripwire this will force initial VM scan.
VM is registered in Tripwire during agent installation this is handled by SCCM, Salt or Ansible respectively depending on underlaying operating system.
Additionally for the code to work you will have to create a REST endpoint for a Tripwire host using basic authentication. In my case the url is just Tripwire server fqdn over https.
First we have to find the VM Id in Tripwire. I’m in a lucky situation that all VM names are unique in all vCenters. Each VM name is equal to hostname part of its fqdn. Therefore a vSphere vmname will be used to find the asset in Tripwire.
//INPUTS:
//restHost <REST:RESTHost>: Tripwire vRO endpoint
//hostname <String>: vSphere vmname
operationUrl = "/assetview/api/assets";
request = restHost.createRequest("GET", operationUrl);
request.setHeader("Content-Type", "application/json");
request.setHeader("Accept", "application/json");
response = request.execute();
//Evaluate response
var found = false;
if(response.statusCode < 400){
System.debug("Response Status Code: " + response.statusCode);
devices = JSON.parse(response.contentAsString)["computing-device"];
for each (device in devices){
var id = device["synthetic-id"][0]["@id"];
var curHostname = device["hostname"].split(".")[0].toLowerCase();
if (curHostname.indexOf(hostname) == 0 ){
found = true;
System.log("Found hostname: " + hostname);
System.log("id: " + id);
break;
}
}
if(!found){
//did not found the VM
throw "Error can't find the VM " + hostname + " in Tripwire.";
}
}
else {
throw "Error invoicing REST call - Url: " + operationUrl + ", returned Status Code: " + response.statusCode + ", response: " + response.contentAsString
}
If you want to debug a failing action on custom form. There is no other way to do that, but to get access to vRO Scripting.log file. But how can we do that if vRO is now hosted in container running in a pod?
Start by logging in to you vRA instance with SSH. Once there list all pods in prelude namespace.
kubectl -n prelude get pods
You are looking for a pod name starting with vco-app-xxx. This pod is hosting 3 containers. if you are interested exactly how it is build run:
kubectl describe pod/vco-app-c6588f4c5-wnf2z -n prelude
You will find three containers inside this pod: vco-polyglot-runner, vco-server-app, vco-controlcenter-app, We are interested in vco-server-app.
Now the trick is to access the container process witch interactive bash session. Run following commend and change your pod name (container name at the end will stay this same)
kubectl -n prelude exec -ti vco-app-c6588f4c5-wnf2z -c vco-server-app bash
Now you will se that your prompt has changed. You are in vco-server container and you can run
tail -f /usr/lib/vco/app-server/logs/scripting.log
And the logs will start flowing. To exit just hit CTRL+C and then type exit on the prompt and you will be back in your vRA SSH session.
In vRealize Automation 8.x we have out of the box integration for Ansible and Ansible Tower directly build in in to a Cloud Templates designer. Still there is a way to run this integration as a part of EBS subscription. This way you will be able to detect any single Job failure and decide if you want to proceed with deployment or do you want to scrap it. Ability to run Ansible tower jobs with a REST call is also beneficial it you want to design a 2-day operation on a VM around existing Ansible automation.
So how can we achieve this goal? Lets start with ansible configuration. You will need a access token for Ansible Tower. Go to your ansible click your user settings then “tokens” and small plus sign on the right.
In this post I described how to build a blueprint with multiple disk devices for MS Windows deployment. Now my Linux colleagues want a single disk with multiple LVM Virtual Groups on it. Based on this same disk form input as for Windows deployment of course.
The plan is to create one disk with a size equal to sum of all disks defined by user in an input form. Later we will create volume group structure on this disk and mount it to user defined mount points.
So lets start again with the Input definition (this is basically ^C^V form previous post):
Continue reading “Automatic disk resizing in vRA8 during deployment”This is basic date manipulation library for vRO. DateJs is an JavaScript Date library for parsing and processing dates. It allows for many operations and calculations like: comparing dates, add time spans to a given date, or get N-th day of the week in a given month etc.
If you need to calculate a date for a first Wednesday in October in two year it will help you a bit I hope.
Below you will find an examples of how to initiate the library in vRO and what you can do with it:
Continue reading “vRO Date manipulation library”In this blog post we will crate a set of actions which will allow us to run any vRA8 REST call. vRealize Automation 8 Swagger documentation can be found under url:
https://<vra-server-hostname>/automation-ui/api-docs/
You can find all vRA services here. In this example we will run a request to get all vRA deployments form Deployment service:
