Thursday, December 10, 2015

vRealize Orchestrator receiving ssl_error_weak_server_ephemeral_dh_key message

If you try to connect to your orchestrator server on port 8281 or 8283 you see the following message within your browser:

Secure Connection Failed

An error occurred during a connection to vro2uzis2.user.bicadmin.com:8281. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key)

  • ·      The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
  • ·      Please contact the website owners to inform them of this problem.






Here is how to fix this:

  • Login to your vRealize Orchestrator server via SSH as root user 
  • Copy the file /etc/vco/app-server/server.xml

server:~ # cp /etc/vco/app-server/server.xml /etc/vco/app-server/server.20151210.xml

  • Edit the file /etc/vco/app-server/server.xml and remove within the cipher section everything starting with TLS_DHE_*

server:~ # vi /etc/vco/app-server/server.xml

  • Copy the file /etc/vco/configuration/server.xml

server:~ # cp /etc/vco/configuration/server.xml /etc/vco/configuration/server.20151210.xml

  • Edit the file /etc/vco/configuration/server.xml and remove within the cipher section everything starting with TLS_DHE_*

server:~ # vi /etc/vco/configuration/server.xml

  • Restart the vRealize Orchestrator and vRealize Orchestrator Configurator services

server:~ # service vco-server restart
server:~ # service vco-configurator restart

Wednesday, August 12, 2015

Set virtual machine boot order (via vRealize Orchestrator workflow)

I sometimes came up the requirement to set the virtual machine boot order on automation projects. A long time there was no easy way to modify the boot order with automatically but since quite a while you can modify the boot order simply via API.
So now I share a workflow to modify the boot order with vRealize Orchestrator. This workflow will change the boot order to:
1. CD-ROM Drive
2. Network boot (first found Ethernet device)
3. Hard Drive (hard disk at SCSI 0:0)
4. Removable devices

If you prefer any other order, feel free to modify the workflow.

The JavaScript code to modify the boot order is:
var myVcVirtualEthernet = null;
var myVcVirtualDisk     = null;

for each ( var myDevice in virtualmachine.config.hardware.device ) {
     switch ( true ) {
          case myDevice instanceof VcVirtualE1000:
          case myDevice instanceof VcVirtualE1000e:
          case myDevice instanceof VcVirtualPCNet32:
          case myDevice instanceof VcVirtualVmxnet:
          case myDevice instanceof VcVirtualVmxnet2:
          case myDevice instanceof VcVirtualVmxnet3:
               if ( myVcVirtualEthernet == null ) {
                    myVcVirtualEthernet = myDevice;
               }
               break;
          case myDevice instanceof VcVirtualDisk:
               if ( myDevice.controllerKey == 1000 && myDevice.unitNumber == 0 ) {
                    myVcVirtualDisk = myDevice;
               }
               break;
          default:
               break;
     }
}

if ( myVcVirtualEthernet == null ) {
     throw "No Ethernet device found on virtual machine " + virtualmachine.name;
}

if ( myVcVirtualDisk == null ) {
     throw "No Disk device found on virtual machine " + virtualmachine.name + " on SCSi 0:0";
}

var myVcVirtualMachineBootOptionsBootableDeviceArray = new Array() ;

var myVcVirtualMachineBootOption = new VcVirtualMachineBootOptionsBootableCdromDevice();
myVcVirtualMachineBootOptionsBootableDeviceArray.push( myVcVirtualMachineBootOption );

var myVcVirtualMachineBootOption = new VcVirtualMachineBootOptionsBootableEthernetDevice();
myVcVirtualMachineBootOption.deviceKey = myVcVirtualEthernet.key;
myVcVirtualMachineBootOptionsBootableDeviceArray.push( myVcVirtualMachineBootOption );

var myVcVirtualMachineBootOption = new VcVirtualMachineBootOptionsBootableDiskDevice();
myVcVirtualMachineBootOption.deviceKey = myVcVirtualDisk.key;
myVcVirtualMachineBootOptionsBootableDeviceArray.push( myVcVirtualMachineBootOption );

var myVcVirtualMachineBootOptions = new VcVirtualMachineBootOptions() ;
myVcVirtualMachineBootOptions.bootOrder = myVcVirtualMachineBootOptionsBootableDeviceArray;

var myVcVirtualMachineConfigSpec = new VcVirtualMachineConfigSpec() ;
myVcVirtualMachineConfigSpec.bootOptions = myVcVirtualMachineBootOptions;

var myVcTask = virtualmachine.reconfigVM_Task( myVcVirtualMachineConfigSpec );

Workflow schema:


You can download the workflow from VMware Orchestrator Community here.