Starting today I will be doing vCAC6.0 series. I have attended vCAC official VMware course on 5.2 and I see significant changes in architecture in vCAC6.0. This series is upgrading myself on vCAC6.0 from 5.2. I will be starting with Installation directly. It is lengthy and full of screens. Use it during you installation and configuration of your labs or manuals.
There are basically three main components of vCAC. From these three component you can scale out entire infrastructure as per your requirement.
vCAC Identity Appliance (Please read this as SSO, with vCenter 5.5b you don’t need identity appliance)
vCAC IaaS (windows based)
Minimum Requirements for vCAC components
Identity Appliance vCAC Appliance IaaS Components (Windows) 1 vCPU 2 vCPU 2 vCPU 2 GB RAM 8 GB RAM 8 GB RAM 2 GB Disk space 30 GB Disk space 30 Disk space
Deploying Identity Appliance
1) Grab the OVF file. Connect to vSphere Web client. Select Deploy OVF Template
2) Accept EULA
3) Select the folder where you wish to place this appliance
4) Select the Virtual disk format and VM storage policy if you configured any
5) Select the network label and select IP protocol. 9 out 10 people select IPv4
6) Below screen is self-explainable. All you need to remember is username is root. Also always populate hostname with the FQDN name.
7) Review the screen and select Finish to start deployment of OVF
Configuration of Identity Appliance
After successfully deploying OVF file, power On the appliance. Wait till you see below screen.
1) First Change time setting. By default appliance picks up time from host. It is optional step, I have configured below my own NTP server.
2) Change the time zone if it is applicable to you. By default it picks UTC. Since VMware also uses UTC. It would be good to keep it at default
3) Now go to the network tab. Check if all details are proper populated. These are all settings which we configured while deploying OVF appliance. If any value is incorrect –correct it and don’t forget to press Save Settings
4) Only thing you probably must configure in this appliance is SSO. SSO must be initialized. SSO domain is by default selected. you cannot modify it. Enter admin password and confirm it. Here the user is administrator. Apply to initialize SSO. SSO initialize takes any from 2-4 mins
Notes: By default vSphere.local tenant is also created when we deploy vCAC.
4a) After SSO is initialize, following confirmation is seen.
5) Now go to Host settings tab. Hostname is automatically populated. Append 7444. It is only port SSO works. Don’t forget to press Apply button
6) Now go to the host tab to generate self-signed certificate. Please observe common name value. For some reason this value is incorrectly populated. I’m unsure if it is do with my installation or others have faced it as well. This value has dependency on vCAC’s connection to SSO.
Below screen shows the right values that must be insert into fields below.
Please note Common Name is most import field in certificate field
Below screen confirms SSL certificate is successfully restored
You can optionally join identity appliance to active directory. Since its main function is SSO. It is not needed. However when I did this exercise I was not aware of the recommendation by VMware
Here Identify Appliance is successfully configured.
Installing and Configuring vCAC Appliance
Steps from 1-7 as described in installing identity appliance are similar for vCAC appliance. There is nothing much to learn and repeat. I have pasted below final screens of vCAC appliance.
Configuring vCAC Appliance
1) After deploying vCAC appliance lets get to it’s configuration part. First get the hostname resolved. Go to vCAC settings tab, under it Host Settings
2) Now lets go to SSL certificate. Below I’m generating self-signed certificate. Follow the details on the screen.
3) Now get the vCAC talk to SSO. vCAC must connect to SSO. As shown below screen enter the details
Below screen shows SSO is successfully connected.
4) Enter the license. This license is for appliance. When you configure tenant you must configure license there as well, key might be same
After SSO is configured various services will start getting registered
In next post I will be focusing on IaaS. I wanted to cover IaaS in this section however post is already very lengthy.
Note I have not covered any technical stuff in this blog. Architecture has changed and many components which were separated 5.2 are merged either in vCAC or in IaaS. I have explained them via PPT here.