“… And on the eight day God created vRO. And vRO was without integration, and alone on the Earth. And God said, Let there be integration with the Ecosystem: and there was the vRO Plug-in. And God saw the Plug-in, and it was good.” … or at least so the story goes.
Although this might not be what exactly happened, we can all agree that the automation capabilities that VMware vRealize Orchestrator (vRO) provides are overwhelming. These are even more enriched throughout the VMware vRealize Orchestrator Plug-ins and the integration and automation of Ecosystem partners that these provide.
In this post we will take a deeper look into the endless sea or possibilities that can be accomplished with the VMWare vRealize Orchestrator Plug-in for Microsoft Windows PowerShell.
The PowerShell plug-in allows interaction between vCenter Orchestrator and Windows PowerShell. You use the plug-in to call PowerShell scripts and cmdlets from Orchestrator actions and workflows, and to work with the result. Although this sounds somewhat easy, there have been some challenges and concerns with using the plugin, like: Microsoft Windows CredSSP authentication and credential delegation. Wouldn’t it be also nice to be able to run PowerShell scripts without the need to understand in details how PowerShell works? It would, right?
Well then let’s ROCK with vROC!
vROC (or vROCmdlet) stands for VMware vRealize (vR) Orchestrator (O) workflows that wrap around Windows PowerShell cmdlet (C) commands. This is how i’m going to call these workflows. This is not an VMware official terminology
The ultimate goal of Project vROC is to present to the vRO administrators complete set of workflows that wrap around all Microsoft PowerShell cmdlets. Microsoft PowerShell cmdlets are increasing with each next product version. Currently there are hundreds and even thousands of cmdlets that you can leverage to administer Microsoft products.
Imagine the possibility to automate, without doing any PowerShell scripting, common tasks like:
- Create and manage users and computer accounts, network settings and properties (like DNS, DHCP, IPAM, …) in Microsoft Windows Server or Microsoft Windows Client operating systems.
- Create and manage Microsoft Exchange Server mailboxes and email account settings.
Integrate this into your existing VMware vRealize Automation (vRA) deployment process and you will be overwhelmed by the customization possibilities this adds to vRA.
An example use case where vROC’s can be used with vRA deployment might look like this. When new virtual machine (VM) is being deployed from vRA:
- Use vROC’s to add DNS entry for the VM.
- Use vROC’s to create or add users to Windows Active directory security groups.
- Use vROC’s to change the network settings like IP Address or DNS Address of the VM.
- Use vROC’s to install or configure an existing Windows Server roles or role features on the VM
- Use vROC’s create user mailboxes in Microsoft Exchange Server
If you already wanna rock with vROC, wait until you hear this.
vROC’s also give you an option to change credentials during command execution so that you can execute one PowerShell command with higher privileged user account and another with lower privileged user account. Currently all PowerShell commands are being run under the account which has been used to add the PowerShell Host. This has always been a concern among Security Administrators and I think will win them on our side with this feature.
All vROC’s are built around the mechanism and concept introduced with the Add CredSSP to a Powreshell script vROC workflow.
As of the writing of this article there are already around 140 vROC workflows available for download.
To read more about the around the mechanism and concept introduced with the Add CredSSP to a Powreshell script vROC workflow, visit:
Introducing the Add CredSSP to a PowerShell script (vROCmdlet) workflow
If you are interested in learning more and download the latest version of the vROC workflow package library, visit:
com.SpasKaloferov vCO (vRO) workflow library package
“And God blessed the eight day, and sanctified it: because that in it he had rested from all his work which God created and made. …” … or at least so the story ends.
include TEMPLATEPATH."/../../../itBlogDisclaimer.php"; ?>