CATEGORY: Customization

vCAC Day 2: Detach Linked Clone VM

This post will demonstrate another very cool day 2 operation, detaching a linked clone VM. Though I didn’t implement it as part of a customer engagement, it just occurred to me that this can be done with some of the great vCO / ASD Day 2 operations.
In vCAC, when creating a linked clone blueprint, one must properly design the hardware infrastructure underneath. Or more correctly, your underlying storage.

There are many storage considerations that needs to take place when designing a Dev / QA typed linked clone environment with vCAC, since vCAC unlike vCD, doesn’t currently abstract the underlying linked clone machine management.
While this is not an issue if planned correctly, performance hits are something that can always lurk behind dark corners, when many VMs are using the same Read-Only replica.

This, got me thinking. If vCAC doesn’t do any abstraction on the VM provisioning layer like vCD, you could actually detach, or inflate, a vCAC linked clone vm, with a simple API call to vSphere. Thus, turning the VM to a full-clone machine, totally non-dependent on the ‘source replica’ it was generated from.
This is also an API call generally available in vCD as well as a ‘Consolidate’ operation. It’s available in the vApp VM menu given the right permission, and that the VM is powered off. BUT, in vCD, if a VM is consolidated it still won’t be able to do stuff as hard disk resizing – while vCAC VMs – CAN!

Thus, the main difference though is that vCAC VMs , when detached from their linked-clone replicas, just turn into day to day vsphere VMs, while vCD VMs will still be under vCD’s ‘Hard’ management thus a bit more tricky to back up / restore etc, and still retain the OvDC Linked Clone policy in some forms.

The Technical Details

Essentially, the API call we are going to utilize is for a VC:VirtualMachine object. The method is called ‘promoteDisks_Task’ we can see in vCO, that this method accepts two parameters,an array of which disks do you want to promote, and whether to detach them from the link clone replica.

Screen Shot 2014-11-09 at 11.18.14

We’ll create a workflow for our Day 2 Op. Since the VM needs to be powered off during this operation, we will prompt the user for the best time for shut-down of his VM, by choosing an input of ‘date’ type (ASD will take care to present it automatically with a nice calendar. How cool is that?!) The second input for the workflow is the VM itself of course, of type VC:VirtualMachine.

With vCAC 6.1, we can create 2 workflows to run at separate cases, when the VM is Off, or On. The Off state workflow will not contain a date input, and the On Status workflow will. For this blog’s purpose, i’ll demonstrate only the On status workflow.

The workflow, will wait for the time specified by the user, then power off the VM grace fully, then, it will invoke the promote disks api call (we’ll get that in a second) and last it will wait for the generated task to end. Of course you can also opt to power the VM back on again.

Screen Shot 2014-11-06 at 18.12.15So what is in that scriptable task you ask? first , the scriptable takes in the VC:VirtualMachine parameter, and as out parameter has a VC:Task object (the task generated from promoting disks). The actual code that’s in there is:

[code]vcTask = vm.promoteDisks_Task(true)[/code]

This line of code will execute the promoteDisks task, on all of the VM disks, by specifying a null array, or only one parameter. Second parameter is ‘true’ for detaching disks (rather then just consolidating them).
Once the user will submit the request, vCO will do its thing, and by morning, that VM will turn into a regular boy! (VM!). The time this task takes may vary according to disk size, etc.

Once we have the workflow ready, we’ll configure it as an ‘On Status’ Day 2 operation like so:

Screen Shot 2014-11-15 at 12.24.16


And create an appropriate form for it:

Screen Shot 2014-11-17 at 11.41.12

As far as IaaS reservations , and policies for the user using up storage space, a check can be made to see if the VMs data store has enough room for the operation. Part from that, vCAC will actually calculate a full-disk usage on your reservation when you use linked-clones. This is due to the fact that linked clones are able to reach maximum VMDK size, thus , causing over allocation of their owner reservation. With this default method of calculating reservations, we can give our users the option to detach their VMs without worrying that their reservation will be over-subscribed.

As funny as it may seem, I couldn’t get a working vCAC system to demonstrate this fully and take screenshots, but really wanted to get this post out as soon as possible. I‘ll update it hopefully soon with the rest of the screenshots showing the VMs turning to full clones after the day 2 initiated.

Also, a thank you is deserved for Niran Even-Chen my VCDX friend for letting me use his 6.1 system, to take the screenshots above. Go check out his website –

Customizing vCAC Login Page Logo

A question I’ve been hearing a lot ever since I’ve been working with vCAC, and that’s quite a while now, is – “Can I customize the vcac login page?” well, actually I’ve came across how to do this a while back but didn’t blog about it for some reason. Anyway, this sort of thing lands in the ‘unsupported’ area, the method I’ll show here is super simple, and takes two minutes to revert back to original ‘I didn’t touch this’ configuration.

An example of a modified vCAC login page:
cusotm vcac sso

vCenter VA SSO & vCAC Identity VA SSO

In order to change the vCAC main in this type of configuration simply login to the VA , and replace the file located at:

Simply copy your image (png) to the same folder where this file is located, make a simple change to the current file:

[code]mv vmwareLogoBigger.png vmwareLogoBigger_orig.png[/code]

and modify your file accordingly

[code]mv <myLogoFileName>.png vmwareLogoBigger.png[/code]

Presto! You now have a new logo for your vCAC login page.

The image size doesn’t really matter , but I suggest you play around with the image size until you find a logo size that you find nice to look at.
As for changing the icon for a windows vCenter server, unfortunately I couldn’t test it out to find the location at the moment, but hopefully I could do so soon.

Enabling DevOps using vCAC 6

Its been a long time since I last wrote a post, unfortunately (or fortunately, i’ll admit) i’ve been working frantically on a very special use case for vCAC 6, using it to demonstrate DevOps scenario.
In this scenario, vCAC will be used as an IaaS platform to let Jenkins deploy a full continuous integration process. Building code, deploying it on a Multi Machine environment (a customer’s requirement). And generating a new build for QE to test.

In order to build this, I used some of the principles demonstrated in my previous article , writing a short code activity for a part of the implementation, while also using a new vCO plugin that isn’t released yet, and is actually in pre-beta phases.

The general description of this very interesting use case, goes like this:
1 – Jenkins requests vCAC to provide with clean ‘vanilla’ IaaS environment from vCAC 6, with REST API calls.
2 – vCAC then deploys , and runs a puppet command to install a CI night build on the VMs in the MultiMachine environment, as an “On” state workflow
3 – Jenkins executes a Multi Machine custom action – ‘Clone To Catalog’ after install is done, through vCAC API.
4 – VMs are cloned , blueprints are created, a new catalog item is created in ‘Night builds’ service
5 – Jenkins executes a final command, massively requesting the new catalog item for sleeping QE personnel so when they arrive to work at morning, they have a new environment ready for QA testing.

I believe a lot of organisations should adjust their development cycles to be efficient. This results in faster then ever time to market, and software versions being rapidly developed. 
DevOps is real, and cloud, is definitely the answer for it.

This is also a great example of utilizing the vCAC 6 APIs (which are currently in beta state) and maximizing the use of VMware’s main cloud solution.

Check out the demonstration video I made below, and be sure to leave any comments in the comment section!

vCAC’s CDK Development Unleashed

In this post i’m going to teach you some powerful capabilities of vCAC’s Cloud Development Kit (CDK). As I see a lot of customers who do have vCAC licenses, but not CDK license, I just want to make some points first.
A CDK license will basically let you do a couple of things:

1. Lets you use the “CloudUtil” command.
2. Installs a plugin for visual studio versions 2010/2012.

While the first ability seems pretty simplistic as it doesn’t seem to do much other than let you install new “stub” workflows, it can enable some very powerful abilities that are related more to the second point – Visual Studio development.

Installing the CDK plugin in visual studio, ultimately lets you develop any kind of C# code, and integrate them into the vCAC workflows. This ultimately means, that ANYTHING with a proper SDK available for C# can be used with your machine state workflows. This ability is relevant to 5.x and 6.0. When you see the potential for this its almost too big to not know what to do with it.

Although I still highly recommend using vCO to do any integration or workflows you need vCAC to pull off, and although vCO is an awesome tool that I care dearly about, today, almost any product has some sort of SDK form, while not all IT day-2-day products have a vCO plugin. Also, this ability can be used to integrate with in-house built applications.

The use case that lead me to write this blog post is for one of my customers, who wanted to get a fully blown Oracle Server to be provided in the vCAC catalog. And by ‘fully blown’ I mean, with physical RDMs , and Snapmirror relations configured to their Netapp at the DR site.

So how do we start?
– Preferablly, some C# development ‘know how’.
– Install Visual Studio on a Dev Desktop / Server.
– Install vCAC Cloud Development Kit (CDK) which also include the vCAC designer & Visual Studio plugin on same machine.
– CDK license installed in vCAC.

Setting up a project

First, we’ll create a new visual studio project. Choose C# Workflow, activity library type. After a new project has been created, we’ll go to the Tools -> vCAC Workflow generator tool, and create a state workflow. The full process is described in a previous article of mine here.

You won’t need to follow the entire article, but only get to the point when the visual studio is configured with a workflow project. (get past the vCAC Workflow Creation Tool)

After we have the project configured (doesn’t matter which state we want to run of course) we’ll start in creating the code activity, by adding a class to the project:

Now we will need to choose which kind of class do we want to add to our project, we will choose C# workflow “Code Activity” type.

Start Coding!

After we have a class set up, we’re able to program any kind of SDK integration into the workflow. In order to work with 3rd party or in-house SDKs , simply reference the appropriate DLLs into the project (call the nearest programmer if this post gets a bit vague for you)

After referencing the proper SDK DLLs, for this post i’m not going to example any specific SDK since the usage varies a lot. We’ll continue by developing our class with the code we want to perform during the workflow. The next image explains the code. We’ll select our class in the right pane:

In this code section I’ll receive as an example, 2 string values for name, and data, and an integer value for a number.
I won’t actually do anything of significance with it, this is just an example. In my customer’s use case, we integrated a DLL they wrote using the NetApp SDK , to create Netapp LUNs, with replications across their Netapp systems, using the Netapp SDK, and also some activities were done with vSphere SDK.

After we’re done coding (gonna take a while … ;)  ) we’ll configure our project’s item build method. Meaning, we only need to actually build the class, and create a DLL out of it. By default, the XAML file (our workflow) will also be checked. So to get this running error free, we’ll cancel the XAML workflow check (set to ‘none’), and build our class using ctrl+shift+B

After the build is done, we we’ll open the workflow , and the workflow toolbox on the left pane of the screen, and know we’ll be able to add our code activity to the workflow:

Lets say we’ve finished all of our coding and workflow building. The last pieces of the puzzle, are to run some ‘cloudutil’ command, and also, adjust the XAML workflow file a bit.

Notice that in the build output, we have a folder containing the build deliverables. This will contain the DLL for our class, and any other DLLs & dependencies we’ve referenced in our project. In order for vCloud Automation Center to run our custom workflow, we need to get it to know the DLLs we used. To our help – cloudutil – found at the vCAC Designer install path.

Install the Custome Workflow

We’ll run the next command on our deliverable DLL, and any other DLL referenced:

[code]cloudutil assembly-install -f <path to our DLL file>[/code]

After we’re done loading all assemblies to the IaaS / vCAC 52 Repository DB, we’ll modify the XAML workflow.
go to the XAML workflow file location, and open it with an editor (notepad++ etc). In the XAML text we’ll find a
line saying:


Changing it to look like:

[code]xmlns:local="clr-namespace:<OurClassNameSpaceName>;assembly=<Our DLLs Name>"[/code]

Notice that the DLL name should remain without a .dll suffix. Save the file.

Lastly, we’ll register our new xaml workflow into the repository , again with cloudutil:

[code]cloudutil workflow-install -f <xaml file path> -n <workflow name>[/code]

Once completed, we can open the vCAC Designer, load our newly created workflow from the repository, and see some magic:

I hope this post helped you realize the huge flexibility of vCloud Automation Center.
If you have any questions, as always, don’t hesitate! comment section is below!

Tiering vCAC Blueprints with Policies, On Demand

One of the most useful use cases that is quite tricky to achieve , is to get a blueprint request form, that will allow you to set on which tier or reservation you want to provision that VM/Blueprint.

After a mistake on my end last time I posted this article, and some more testing, I got this to work with a bit of less elegance. Fortunately, this awesome functionality, remains the same.

Imagine having a single windows / linux Blueprint, while having multiple vSphere Cluster Tiers (Gold / Silver / Bronze). The user than requests a catalog item and selects which tier will the requested VM reside on. Another great use case for this is to seamlessly choose Production Cluster / Testing Cluster to provision the VM On.
What i’m about to show you is relevant both for 6.0 and for 5.2 as well.

Lets get started!

Setting Properties and Policies

We’ll start by creating reservation policies for our vCAC Reservations. One reservation policy will represent the Gold tier, and one a Bronze tier. Each Reservation Policy will point out to a different vCAC reservation. The final result should be that the user selects the tier, the VM will be provisioned to a  reservation that has that policy tag.

After doing this, vCAC will allow us to select a specific policy tag for each reservation. Any blueprint tagged with a specific policy type “Gold” or “Bronze” will allow allocation of blueprints with that policy only to it.
Next, Lets set property dictionary value , for a property named “Blueprint.Tier” keep in mind that this could be anything, and i’m just using “Blueprint.Tier” as a rational name for it.
I’m gonna set two values for it, Bronze and Gold. Each correlates to a different reservation policy in my environment.

The second property dictionary we’ll create will be called – “__reservationPolicyID” this is in fact a hidden property within vCAC , that will determine on which policy should vCAC provision the VM. Keep in mind that the display name field will allow you to mask the name of the property, i’ve selected “Tier ID” as a display name for mine.
The “__reservationPolicyID”  values should be, you guessed it, the two unique identifiers for each policy within the vCAC DB.
To get these values, we’ll login to IaaS Server’s DB (MSSQL) and grab the two UUIDs from the table:

[code]SELECT [id],[name] FROM [vCAC].[dbo].[HostReservationPolicy][/code]

Response should look like this for our case:

Configuring the Property Relations

In order for this to work, we’ll need to create a relationship that will correlate the tier name with it’s ID (I wish there was a more elegant way of doing this) To do that, i’ll reference this great straight to the point article from

It will explain to you how to set relational properties in vCAC, so the desired outcome would be, when a user selects a tier such as “Gold” it’s “Tier ID” would be the the ID we correlated to it with the help of relation properties, and our XML relation. To demonstrate, here is the XML code i’ve used to create this in my environment:

<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<ArrayOfPropertyValue xmlns:xsi="">



So our parent here is “Blueprint.Tier” which represents the blueprint’s name, and the child is __reservationPolicyID, which get its value according the XML file, meaning , according to the correlating DB value for that Tier name.

Example, User selects:
Blueprint Tier: Bronze
Tier ID will be: D2A281E0-9EB5-4A6E-BDAE-4A106AD58286

The IaaS portal in its current form doesn’t select this automatically unfortunately, but allows only that selection for the user, so not much of error room there. In fact, the vCACSelfService Portal from 5.2 used to select this automatically after one property had been selected.

The Build Profile & Blueprint

The last piece of the puzzle is the build profile, we’ll create a build profile for our two custom properties, “Blueprint.Tier” & “__reservationPolicyID”

And lastly, set this build profile for any blueprint you wish to tier around your reservations.

The Result

Finally, the result would look like this:

Selecting Bronze will leave Tier ID field with the UUID right for that Reservation Policy, thus forcing this blueprint to deploy to a “Bronze” reservation, containing SATA storage, and Selecting Gold, will force it to deploy on the high-end reservation with SSD’s.
The nice thing about this is that its able to let you tier both storage and compute, opening a lot of new logical design possibilities such as assigning multiple tier reservations for a Business Group, and so on.

On a Side Note

The lesson I’ve learnt in the previous experience of writing this post, is that some properties will seem to only be available to be set by the user only when the blueprint is in ongoing request. This means, we will not be able to edit “__reservationPolicyID” once the user has chose to submit their request.
I found out that this is also true for “VirtualMachine.Netowrk0.ProfileName” property, which determines which IP address will vCAC allocate to the machine provisioned from the blueprint.

Please feel free to leave any comments below!