VMware Server Build / Provision Automation using System Center Orchestrator, Service Manager, Cireson’s Self Service Portal, and vSphere
Cireson Portal 5.1
SCSM / SCORCH 2012 R2
System Center Orchestrator provides the ability to build, deploy, and manage automation in a mixed VMware Server environment. Utilizing the VMware integration packs in System Center Orchestrator, with the vSphere CLI to fill in the “gaps”, you can automate the server build from start to finish. In the below example I will demonstrate an engineer utilizing Cireson’s Self Service Portal to begin the Server Build process, and how additional provisioning can be setup in the System Center stack.
Here is the Orchestrator runbook we will utilize for this server build. As you can see most of the values are inputs collected when the engineer completes the server request offering. Other notable processes is the PowerShell random LUN selection for storage, VLAN selection done in the vSphere CLI, renaming the Local and Guest account.
Request Offering for the initial server build utilizing Cireson’s 5.0 Portal
Annotations / vSphere notes will match the Active Directory description field as well as the CMDB in Service Manager. This is a clean way to create a history of the servers creation all the way back to the initial request.
Server Rebuild Request keeps certain objects in tact such as Local Administrative users
Request Ticket Number creates the audit trail for the CMDB
Once this request offering is submitted the VM build runbook will be triggered. Key runbook components are:
Select LUN PowerShell
$Datastore = ($Server = “VM-Prod-1″,”VM-Prod-2″,”VM-Prod-3″,”VM-Prod-4″,”VM-Prod-5″,”VM-Prod-6″,”VM-Prod-7″,”VM-Prod-7″,”VM-Prod-8″,”VM-Prod-9″,”VM-Prod-10”) | Get-Random
Clone Windows VM
Set Network Adapter VLAN
When using VLANS in your VMware environment this step is very important. Since you cannot select a VLAN in your Clone VM runbook, you must define it after using PowerShell and vSphere CLI. Its important to note that when you clone a VM the process within the VM continues after Orchestrator completes the step, so you must put a pause (10min) in after the VLAN PowerShell is ran so when the “Joining to Domain” step occurs, your network settings will be complete. Otherwise your VM will never join to the domain and the rest of your automation will fail.
connect-viserver -server “vSphereServerName”
Get-VM ‘OrchestratorQueryResults’ Get-NetworkAdapter | Set-NetworkAdapter -NetworkName ‘OrchestratorQueryResults’ -Connected:$true -StartConnected:$true -Confirm:$false
Reconfigure VM Properties
This is where your CMDB, vSphere Notes, and Active Directory description field need to sync. Input your “Annotations / vSphere Notes” query results here, as well as the SCSM ticket number.
Rename Local Admin Account
Rename Guest Account
Here is a sample of a request offering utilizing Cireson’s Advance Request offerings for application engineers to provision the server after its created. The requirement in this scenario is the Network Engineer creates the VM (utilizing the above request offering), then the Application Engineer provisions it.
Server Compliance and Remediation utilizing SCCM / PowerShell is a cool way to monitor and notify of compliance “drift”. I plan to leverage this in the future and will post a more in detail look at the Power of compliance through SCCM and PowerShell remediation!
In summary we have deployed a VM using multiple technologies with one interface. This allows anyone who isn’t familiar with System Center or VMware to deploy and provision servers. Cireson’s advance request offerings really opens the door for future customization’s in advance workplaces with a slick Azure style finish. Here is a link to my Ondrive for the runbook sample.