Deep Dive in to Virtualization & Cloud

Install and Configure VMware Cloud Provider Lifecycle Manager

VMware Cloud Provider Lifecycle Manager is a tool for automating the deployment and lifecycle management of Cloud Provider solutions like Cloud Director, Tenant App, and Usage Meter and RabbitMQ. VMware Cloud Provider Lifecycle Manager helps to deliver a prescriptive deployment architecture based on best practices and validated designs. You can run tasks on VMware Cloud Provider Lifecycle Manager by using CLI commands or running REST API requests by using any REST clients.

VMware Cloud Provider Lifecycle Manager manages the vCenter Server, NSX-T Manager, and vRealize Operations Manager infrastructure components as data center components. VMware Cloud Provider Lifecycle Manager cannot deploy and manage data center components. VMware Cloud Provider Lifecycle Manager stores the information about the data center components to deploy new products to previously registered vCenter Server.

Download VMware Cloud Provider Lifecycle Manager

You can download the binaries as OVA file for vCPLCM from this link. In this blog we will see how to deploy and integrate already deployed Provider infrastructure.

Deploy VMware Cloud Provider Lifecycle Manager

You can deploy VCPLCM appliance like any appliance in the management cluster in provider environment.

Select Deploy OVF Template option from vCenter and select the OVA file which you downloaded and click Next

Provide the VM name and select the Folder you want to deploy the VM in vCenter Inventory and click Next

Select the Cluster and click Next

Review the OVA details and click Next

Agree the EULA and click Next

Select the Datastore to deploy the appliance and click Next

Select the Network you wan to deploy the appliance and click Next

Customize the template by providing the password, hostname, IP Address and NFS share to save the binaries etc and click Next

Note: – You can keep the NFS directory section blank and use local directory as product repository.

Review the configuration and click Finish to proceed with implementation

After deploying Power On the appliance, to access the virtual appliance management interface (VAMI) page of the VMware Cloud Provider Lifecycle Manager appliance, in a Web browser, navigate to https://vcplcm-host-name:5480/

Use the root credential provided during the deployment to access the VAMI

To access the VMware Cloud Provider Lifecycle Manager, use this URL https://vcplcm-host-name/ with admin (Username – vcplcm) credential provided during deployment.

Here you can create your Datacenter and create the environment.

Configure VMware Cloud Provider Lifecycle Manager

In this section we will go tough the basic configuration and creating a new Data Center and creating or registering an environment of VMware Cloud Provider.

Product Repository

On VMware Cloud Provider Lifecycle Manager, you must store the product deployment and upgrade files in a specific file structure. You can either create a repository directory on the VMware Cloud Provider Lifecycle Manager virtual machine or use an existing pre-configured repository directory during deployment. Also, you can check this repository is mounted or not by login to the appliance using putty.

$df --h

Also make sure the repo directory permission is set to below by using chmod command.

#chmod -R 755 /cplcmrepo

And you need to create directory for each product you need to install through VCPLCM and Copy the product OVA files to the corresponding repository directory on the VMware Cloud Provider Lifecycle Manager appliance using WinSCP.

#mkdir vcd

Register Datacenter

Before you can deploy a product by using the UI, first you must register the data center components that VMware Cloud Provider Lifecycle Manager uses as an infrastructure to deploy products in.

In the top navigation bar, click Datacenters and Click Register Datacenter

You can use a JSON file to register you Datacenter or you can manually provide the details in Next step, Here I am registering my Management vCenter

Her I have mentioned the VMware Provide Management network for the VMware Cloud Director and click Next

Once you provide the required information click on Validate and Register the Datacenter.

Sameway you can register the Management / Resource vCenter, NSX-T and vROPs as well.

Create Environment

When you create the environment for the product you want to deploy, you can specify the product nodes, integrations with other products, and product certificates.

In the top navigation bar, click Environments and Click Create Environments

You can use a JSON file to create you Environment or you can manually provide the details in Next step, Here I am creating it manually

Provide the Environment name and click Next

Select the management vCenter and click Next

Provide the Datacenter Configuration and click Next

Now you select which product you wan to install or register and click Next

Provide the product specific details like IP Address, Integrations and Certificates and register the product.

Note: – I will come up with a new Blog with specific product installation and configuration from VCPLCM.

Replace VCPLCM Certificate

During deployment VMware Cloud Provider Lifecycle Manager generates a self-signed certificates for the UI. You can configure VMware Cloud Provider Lifecycle Manager to either use the self-signed certificate or your own custom CA signed certificate by providing the custom certificate and key files in PEM format.

Note: – Take the appliance snapshot before you start generating certificate also you can back up the current GUI certificates.

We must change the certificate of both Appliance Management as well as he VCPLCM Management also.

First Let’s change the certificate of Appliance Management.

Note: – I have already created the signed certificate by using openssl which I have already described in previous certificate changing blogs.

Appliance Management HTTP service is running by lighthttpd and the certificate is saved in below director

#cd  /opt/vmware/etc/lighttpd

I have taken the backup of current server.pem certificate and added the signed certificate like below

Part 1- Signed Public Certificate

Part 2 – Root Certificate

Part 3- Private Key

And restarted the appliance to take this effect.

Now let’s change the VCPLCM Management URL certificate. I am using the same signed certificate which is applied on Appliance Management URL.

When you download the Signed certificate from Microsoft CA server you will get certificate in cer and p7b format and Now I have used the p7b certificate to cover to pem as VCPLCM accepts PEM format.

#openssl pkcs7 -in certnew.p7b -print_certs -out rui.pem

Now move the rui.pem and rui.key certificates to VCPLCM server and copy to below directory

#cd /opt/vmware/cplcm/security/certs/

Now execute the below command to set the variable before you generate PKCS12 formatted certificate.

#mkdir -p $CPLCM_CERT_DIR
#openssl pkcs12 -export -out $CPLCM_CERT_DIR/vcplcm.p12 -name $key_alias -passout "pass:$keystore_password" -inkey $CPLCM_CERT_DIR/rui.key -in $CPLCM_CERT_DIR/rui.pem

This will create the PKCS12 formatted certificate and now you can restart the Nginx service to take this effect

#systemctl restart nginx


If you have any comments, please drop me a line.
I hope this article was informative, and don’t forget to buy me a coffee if you found this worth reading.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.