Register vRO 8.2 with vCD 10.2
I decided to write an article, because starting with the official documentation, I found, that the documentation has just been copied from a previous version and is not matching VMware Cloud Director anymore.
I started with: alright, let’s attach vRealize Orchestrator 8.2 in the service management to VMware Cloud Director 10.2 to implement XaaS. Did that a couple of times inthe past, checked the documentation, still the same, awesome, grabbed the blog article from Yves Sandfort (https://www.comdivision.com/blog/linking-vrealize-orchestrator-vro-to-vcloud-director-vcd-for-service-management) and I was good to go, because I remembered, that I need the certificate from vRO. After taking the first look in the vCD UI in the service management section, clicking add in the vRO Servers tab, I knew, this is working completely different, for example, the trust anchor to import the certificate is not there anymore. Being honest, this way it makes much more sense.
Alright, now, long story short, because I don’t want to describe all my failed attempts,I just document the steps I’ve taken:
First - Register vSphere Services
According to the documentation, you need to register vCD with the vSphere Lookup Service provided by the vCenter Server and vRO needs to have the vCenter configured as an authentication provider. That’s the easy part and straight forward, just follow the forms and provide the needed information.
Second – Import certificates
From my perspective, that’s a major improvement in vCD. Being honest, don’t know if it’s the same in 10.1, but as I’ve already mentioned previously, the trust anchor is missing, I imported the vRO certificates using the provided built-in functionality. I just clicked “Import from URL”, provided the vRO URL and it presented two certificates. Just imported both.
I don’t know if that step is mandatory, just did it to be safe.
The screenshot shows the two provided certificates from vRO.
Third – Register vRealize Orchestrator with VMware Cloud Director
In theProvider UI navigate to Libraries -> Service Management -> vRO Servers.There click the ADD link.
Clicking the ADD link provides the form shown in the screenshot. Obviously, the trust anchor import certificate icon is gone. If you fill the form, vCD tries to connect to vRO and will run into a timeout. It took me a couple of attempts and then I thought: I can’t be the first one trying this. After thinking everything through it just popped into my eyes: the port, by default, is wrong.
8281 was used up to vRO version 7.6, but now, on 8.2, 443 is the correct port to connect. Just change the number to 443 and everything works like a charm.
Conclusion: always read and think before clicking OK. Would it be better to change the default to 443? In my opinion yes, because we should slowly force companies moving to newer releases of vRO. It seems, like the documentation, it’s a copy/paste result.