Upgrade vRealize Automation 6.2 To 7.x

This post describes how to upgrade vRealize Automation 6.2 to 7.x. Before performing this upgrade please read my previous post “vRealize Automation 7 Upgrade Considerations“, this post describes multiple pitfalls and could prevent potential issues.

Done reading? OK then let’s start!
 

upgrade vRealize Automation
 

Step 1 : Backup current Installation

Before you do anything backup your current installation! Believe me when I say this is a critical step, if something goes wrong you don’t want to rely only on a VM snapshot…
 

Step 2 : Shutdown vRealize Automation services on your IaaS server

Shut down services in the following order on the IaaS servers. But be absolutely sure not to shut down the actual machine, otherwise the appliance upgrade will fail.
Each virtual machine has a Management agent, which should be stopped with each set of services.

  • All VMware vCloud Automation Center agents
  • All VMware DEM workers
  • VMware DEM orchestrator
  • VMware vCloud Automation Center Service
  •  

    For deployments that use load balancers, disable all of the secondary nodes and health monitors from the load balancer for the distributed installation.

    After shutting down the services check if the Web Repository is running :
    https://IaaSFQDN/Repository/Data/MetaModel.svc

    This should return a XML page without any errors.
     

    Step 3 : Uninstall Common Components Catalog

    If the Common Components Catalog is installed, you must uninstall it before you upgrade. It will appear in Add / Remove Programs on servers hosting the following specific IaaS components :

  • Model Manager
  • Manager Server
  • Each host providing web service and containing model manager data
  •  

    Stop all vRA services before uninstalling.
     

    Step 4 : Prepare and update the embedded PostgreSQL database

    Now the documentation describes the next step as : “Prepare and update the embedded PostgreSQL database if your deployment includes one” but if you open the link attached to this step it says : “If your high-availability deployment relies on a clustered PostgreSQL server, either embedded or external, you must configure each vRealize Automation appliance node for upgrade.”
    So only perform this step if your vRA environment relies on a clustered PostgreSQL server!

    Locate the secondary vRealize Automation appliance node in your 6.2.x environment.
    Open a shell console and stop the vPostgres service. And execute:

    Navigate to /storage/db/pgdata/postgresql.conf and backup the file.
    Verify that the archive settings are accurate : archive_mode = off and #archive_command = ”.

    Note : There may be multiple entries.

    Navigate to the /etc/fstab file and remove lines starting with /dev/sdd, which contain the Wal_Archive write ahead logs.

    Navigate to /etc/vcac/server.xml and back-up the file.

    Verify that the jdbc:postgresql database connection points to the external IP address of the master Postgres node.

    If the connection is not set, edit the /etc/vcac/server.xml file entry jdbc:posgresql that points to the Postgres database and point it to the external IP address of the master Postgres node for external Postgres or master virtual appliance for embedded Postgres.
    For example, jdbc:postgresql://1.2.3.4:5432/vcac
    Now you can shut down the vRealize Automation appliance.
    Repeat the above steps on each vRealize Automation appliance node in your 6.2.x environment.
    Locate the master vRealize Automation appliance node and repeat the above steps.

    If you are upgrading a 6.2.x high-availability setup with an embedded PostgreSQL database and there is an external Load Balancer pool configured especially for PostgreSQL database, remove the external LB pool for PostgreSQL.
     

    Step 5 : Increase vRealize Automation Appliance hardware resources

    Before you proceed with upgrade you must increase hardware resources for each vRealize Automation appliance.

    Don’t skip this step! The pre install script will check this :

    vRA-Upgrade-008

    Upgrade the vCPU to 4 virtual sockets, the vRAM to 18GB and extend the size of Disk 1 to 50 GB.
    If there is an existing virtual Disk 4 from a previous vRealize Automation 6.2.x release, delete this disk and add a new virtual disk 4 with 50 GB disk size. If you have two disks, add Disk 3 with 25 GB disk size first and then Disk 4 with 50 GB disk size.

    vRA-Upgrade-005

    IMPORTANT : Before continuing create a snapshot of the virtual machine.
     

    Step 6 : Create a SaaS Schema and Citext for an external PostgreSQL server

    For an external PostgreSQL server, you need to manually create a schema called saas and a citext extension for your vRealize Automation database.
    Important :Do not perform these steps if you are using an embedded PostgreSQL database on your vRealize Automation appliances.

    If you are using an external clustered PostreSQL database, log in to the master PostgreSQL node. Otherwise, log in to your standalone external PostgreSQL node.
    Run the following command to manually create the required saas schema and citext extension.
    The following example uses a psql binary path for vPostgres. Your path might be different based on your operating system and the implementation of PostgreSQL that you use.

    Replace VCAC_DATABASE and VCAC_USER with your vRealize Automation database name and database user. And yes the default database name and default user name are still vcac.
     

    Step 7 : Upgrade the external PostgreSQL virtual appliance

    If you are using another type of PostgreSQL server, such as a community edition or shared PostgreSQL server, do NOT use this procedure.

    Open the vRealize Automation appliance management console for the upgrade.
    Go to the management console for your virtual appliance by using its fully qualified domain name, https://ApplianceFQDN:5480.
    Log in with the user name root and the password you specified when the appliance was deployed.

    Click the Update tab.
    Click Settings and select a download option for the updates.
    Click Status.
    Click Check Updates to verify that an update is accessible.
    Click Install Updates.
    Click OK.

    Open the log /opt/vmware/var/log/vami/vami.log file to verify that the upgrade is progressing successfully.

    The time it takes for the update to finish depends on your site environment.
    Reboot the virtual appliance.
    Click the System tab.
    Click Reboot and confirm your selection.
    Reconnect all PostgreSQL virtual appliances to the load balancer.
     

    Step 8 : Upgrade the vRealize Automation appliance

    Open the vRealize Automation appliance management console for the upgrade.
    Go to the management console for your virtual appliance by using its fully qualified domain name, https://ApplianceFQDN:5480.
    Log in with the user name root and the password you specified when the appliance was deployed.
    Click the Services tab and verify that all services except iaas-service are listed as REGISTERED.

    vRA-Upgrade-014

    Click the Update tab.
    Click Status.
    Click Check Updates to verify that an update is accessible.

    vRA-Upgrade-001

    Click Install Updates.
    Click OK.

    vRA-Upgrade-003

    Open the log files to verify that the upgrade is progressing successfully.

    /opt/vmware/var/log/vami/updatecli.log
    /opt/vmware/var/log/vami/vami.log
    /var/log/vmware/horizon/horizon.log

    You can continue to follow the progress of the update in the updatecli.log file.
    When the upgrade has completed successfully the log file will show the following :

    You must upgrade to vCloud Automation Center version 6.1 or later before you upgrade to version 6.2.3.

    Note : The updatecli.log log file might display information about the version of vRealize Automation that you are upgrading from.

    The time it takes for the update to finish can vary, maybe time for lunch?

    After the upgrade is completed the following information is shown :

    vRA-Upgrade-007

    Now you can reboot the virtual appliance.
    Click the System tab.
    Click Reboot and confirm your selection.

    Log back in to the vRealize Automation appliance management console.
    Click the Services tab on the console and verify that all services are running.
    Click the Refresh tab to monitor the progress of service startup.

    vRA-Upgrade-014

    You should see a minimum of 30 services. Verify that all services are registered except iaas-service.
     

    Step 9 : Update Your Single Sign-On Password for VMware Identity Manager

    Go to the management console for your virtual appliance by using its fully qualified domain name, https://ApplianceFQDN:5480.
    Log in with the user name root and the password you specified when the appliance was deployed.
    Select vRA Settings > SSO.

    vRA-Upgrade-010

    Note :You can safely ignore the error message “SSO server is not connected”.

    Enter a new VMware Identity Manager password and click Save Settings.

    vRA-Upgrade-011

    And reboot the virtual appliance again.
    Click the System tab.
    Click Reboot and confirm your selection.
    Log back in to the vRealize Automation appliance management console.
    Click the Services tab on the console and verify that all services are running.
    Click the Refresh tab to monitor the progress of service startup.
    You should see a minimum of 30 services. Verify that all services are registered except iaas-service.
     

    Step 10 : Update the License Key

    Go to the management console for your virtual appliance by using its fully qualified domain name, https://ApplianceFQDN:5480.
    Log in with the user name root and the password you specified when the appliance was deployed.
    Select vRA Setting > Licensing tab.

    vRA-Upgrade-012

    Enter the license key information in the vRealize Automation appliance.
    And click Submit Key.

    vRA-Upgrade-013
     

    Step 11 : Migrate the Identity Store to the VMware Identity Manager

    Create a Local User Account for your Tentants

    Log in to the vRealize Automation console with the default system administrator username administrator and password.
    The console location is https://ApplianceFQDN/vcac/.

    vRA-Upgrade-015

    Select your tentant.

    vRA-Upgrade-016

    Select the Local Users tab and click New.
    Create a local user account to assign to the tenant administrator role.

    vRA-Upgrade-017

    Note : The local user name should be unique to the vsphere.local active directory.

    Click OK.
    Click the Administrators tab.
    Enter the local user name in the Tenant administrators search box and press Enter.

    vRA-Upgrade-018

    Click Finish.
    Repeat these steps for each of your tenants.
    Log out of the console.

    Connect your Active Directory to a Tentant

    Log in to the tentant console with the created Local Users username from the last step.
    The console location is https://ApplianceFQDN/vcac/org/.

    Navigate to Administration > Directories Management > Directories.
    Click Add Directory.

    Enter a unique directory name.
    Select Active Directory over LDAP when using non-Native Active Directory.
    Lease This Directory Supports DNS Services selected.
    Enter the Distinguished Name (DN) of the starting point for directory server searches.
    Enter the full distinguished name (DN), including common name (CN), of an Active Directory user account that has privileges to search for users.
    Enter the Active Directory password for the account that can search for users.

    Click Test Connection to test the connection to the configured directory.

    vRA-Upgrade-019

    Click Save & Next.
    The Select the Domains page with the list of domains appears.

    vRA-Upgrade-020

    Accept the default domain setting and click Next.
    Verify that the attribute names are mapped to the correct Active Directory attributes .

    vRA-Upgrade-021

    Click Next.
    Select the groups and users you want to synchronize.

    vRA-Upgrade-022

    Click Save.
    Click the New icon.
    Enter the user domain and click Find Groups.
    Click Select to select the groups you want to synchronize.

    vRA-Upgrade-023

    Click Next.
    On the Select Users page, select the users you want to synchronize and click Next.

    vRA-Upgrade-024

    Review the users and groups are syncing to the directory and click Sync Directory.

    vRA-Upgrade-025

    The directory synchronization process takes some time and it happens in the background.

    vRA-Upgrade-026

    For deployments that use load balancers, follow the next two steps.
    Navigate to Administration > Directories Management > Identity Providers and click on your new identity provider.
    Scroll to the bottom of the page and update the value for the IdP Hostname property to point to the FQDN for the vRealize Automation load balancer.
     

    Step 12 : Migrate Multiple Tenant and IaaS Administrators

    Use the tenant migration tool to migrate your tenant administrators into your newly synchronized vsphere.local tenant. Otherwise, you can manually add them to the vsphere.local tenants.

    Go to the management console for your virtual appliance by using its fully qualified domain name, https://ApplianceFQDN:5480.
    Select the vRA Settings > SSO tab.

    vRA-Upgrade-011

    Right-click Identity Stores Migration Tool and select Copy Link Address.

    Login to your 6.2.x SSO virtual appliance with SSH .
    And run the following commands :

    Edit the migration.properties file in the bin folder to change the value of property vra.system.admin.username from administrator to administrator@vsphere.local with the full address including tenant extension.

    Enter the command ./reassign-tenant-administrators to migrate your tenants and IaaS administrators to your newly synchronized vsphere.local tenant.

    Log in to the vRealize Automation appliance default tenant as tenant administrator and for each tenant verify that under the Administrators tab you can see the list of migrated tenant administrators.
     

    Step 13 : Download and install updates for IaaS.

    Perform the upgrade in the following sequence :

  • Web sites, Finish the upgrade on one server before upgrading the next server that is running a Website service. Start with the one that has the Model Manager Data component installed.
  • Manager services, upgrade the active manager service before you upgrade the passive manager service.
  • DEM orchestrator and workers, upgrade all DEM orchestrators and workers. Finish the upgrade on one server before you upgrade the next server.
  • Agents, Finish the upgrade on one server before you upgrade the next server that is running an agent.
  • The Management Agent is updated automatically.

    Before continuing, verify that Microsoft .NET Framework 4.5.2 or later is installed on the IaaS installation machines and you are logged on as the vRA service account.

    Enter the URL for the Windows installer download page.
    For example, https://ApplianceFQDN:5480/installer, where FQDN is the name of the primary (master) vRealize Automation appliance node.

    Right click the IaaS installer link and select Run As Administrator.

    vRA-Upgrade-027

    When prompted, save the installer file, setup__vcac-ApplianceFQDN@5480.exe, to the desktop.
    Note : As same as the previous versions do NOT change the file name!

    vRA-Upgrade-028

    Click Next.

    vRA-Upgrade-029

    Select “I Accept the terms in the license agreements”.
    Click Next.

    vRA-Upgrade-030

    Fill in the username and password, select “Accept Certificate” and click Next.

    vRA-Upgrade-031

    Click Next.

    vRA-Upgrade-032

    Review the prerequisites and click Next.

    vRA-Upgrade-033

    Fill in the username and password, deselect use SSL for database connection if necessary and click Next.

    Note : This form can differ from the shown example if the environment is deployed as a distributed environment, please review your settings!

    vRA-Upgrade-034

    Load the SSO default tenant, download the certificate, fill in the credentials and select test and finally select test IaaS.

    vRA-Upgrade-035

    Review the settings and click Upgrade.

    vRA-Upgrade-036

    vRA-Upgrade-037

    Click Next

    vRA-Upgrade-038

    And that’s it! Enjoy all the new features of vRealize Automation 7 :).

    Reference

    Upgrading from vRealize Automation 6.2 to 7.0.1: Link

    Marco van Baggum

    Marco van Baggum

    Marco is a Staff Consulting Architect at VMware. Want to learn more about Marco? Check out Marco's About page.

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.