thecloudxpert

Configuring Multi-Org Tenancy in vRA 8.x - Part 3: Enabling Multi-Tenancy

vRealize Automation vRA Multi-Tenancy

Published on 16 April 2020 by Christopher Lewis. Words: 785. Reading Time: 4 mins.

Introduction

In this series of posts, we will be taking a look at how to configure a Multi-Organization Tenancy (aka Multi-Tenancy) in vRealize Automation (vRA) 8.x.

Now that all the prerequisites are complete, we will finally start to configure vRealize Automation 8.x to support Multi-Organization Tenancy. All the Multi-Organization Tenancy configuration is completed through VMware vRealize Suite Lifecycle Manager (vRSLCM). In this post, I will cover how to upload the SSL Certificates created in the previous post into vRSLCM, then I will cover how to apply the new Workspace ONE Access SSL certificate to the WOA deployment for vRA 8.x and finally I will cover how to enable Multi-Organization Tenancy with vRealize Automation 8.x.

For more information on the rest of the posts in this series, click here .

Walkthrough

Uploading the SSL Certificates into vRSLCM

In this section, we will import the both of the SAN SSL certificates created in Part 2 into vRSLCM so they can subsequently be deployed.

  1. From the vRSLCM homepage, click Locker.
  2. Select Certificate.
  3. Click Import.
  4. Enter a Name for the imported certificate.
  5. Open vra.domain.name.key in a text editor and then copy the entire contents of the file into the Private Key text field.
  6. Open vra.domain.name.cer in a text editor and then copy the entire contents of the file into the Certificate Chain text field.
  7. Open ca.cer in a text editor and then copy the entire contents of the file into the Certificate Chain text field.
    Note: If you have a one or more Sub-Ordinate CA certificates then will need to complete the whole certificate chain (ca -> sub -> leaf).
  8. Click Import.
    The certificate should now be imported and ready to apply to your deployment!
    Remember to follow the same process to import the vRealize Automation SAN SSL certificate before moving onto the next stage of the implementation.

Apply the WOA Multi-Organization Tenancy Certificate

  1. From the vRSLCM homepage, click Lifecycle Operations.
  1. Click Environments.
  1. Identify the target vRA Environment and click View Details.

4. Click Trigger Inventory Sync.

  1. At the Trigger Inventory Sync dialog, click Submit.
  1. Once this request completes successfully, follow Step 1 - Step 3 to get back to the Enviroinment Details view.
  1. Click (next to the Trigger Inventory Sync link).
  1. Click Replace Certificate.
  1. At the Replace Certificate | Current Certificate dialog, click Next.
  1. At the Replace Certificate | Select Certificate dialog, select the WOrkspace ONE Access certificate from the Select Certificate dropdown.
  1. At the Replace Certificate | Select Certificate dialog, Click Next.
  1. At the Replace Certificate | Retrust Product Certificate dialog, click Next.

Note: The checkbox next to the target environment should already been checked. If not, check the checkbox before clicking Next.

  1. At the Replace Certificate | Opt-in for Snapshot dialog, check the Opt-in for Snapshot checkbox.
  1. At the Replace Certificate | Opt-in for Snapshot dialog, click Next.
  1. At the Replace Certificate - Precheck Dialog, click on the Run PreCheck.
  1. At the Replace Certificate - Precheck Dialog, click on the validation for vidm in globalenvironment accordian to expand it.
  1. At the Replace Certificate - Precheck Dialog, at Consent, click Accept.
  1. At the Replace Certificate - Precheck Dialog, click Finish.
  1. Wait for the process to complete and then click on vRealize Suite Lifecycle Manager to return to the homepage.

We are now ready to actually enable Multi-Organization Tenancy, so lets get to it!

Enable Multi-Organization Tenancy

You enable multi-tenancy through the newly renamed Identity and Tenant Management section of vRSLCM homepage.

  1. From the vRSLCM homepage, click Identity and Tenant Management.
  1. Select Tenant Management.
  1. Click Enable Tenancy.
  1. Check the I have taken snapshot of VMware Identity Appliance Manager before performing this operation checkbox.
  1. Click Trigger Inventory Sync.
  1. Once the Inventory is synchronised, click Proceed.
  1. Enter the name of the Master Tenant Alias into the text field.
  1. Ensure that checkbox for the target vRSLCM Environment is checked, then click Enable Tenancy.
  1. Go grab a coffee because you could be waiting a while depending on the performance of your infrastructure!

Once the request has completed, you will be able to now go back to the Identity and Tenant Management section and add new tenants!

Bringing it all together!

I definitely getting to understand that enabling vRA8 Multi-Organization tenancy is a much more complex configuration than in vRA 7.x. However, hopefully, if you are following along, you shouldn’t be worried about it too much!

Thank you for sticking with me in this series of posts. We are finally getting to the end of this series with only one more post to go. I originally only had 3 post in this series series, but as I was writing I realised it would be more palatable to the reader if I split Part 3 in two and so Part 4 was born!

Published on 16 April 2020 by Christopher Lewis. Words: 785. Reading Time: 4 mins.


Blog Categories: VMware vRealize Automation
Related Post(s):
Recent Posts:

Blog Categories:
active directory 6 aria automation 8 aria operations 2 aws 2 blog 1 career 1 certificate authority 5 certificates 1 certification 91 cloud management 1 cloudnativecon 1 community 1 fun 1 general 9 hands on labs 1 home lab 2 kubecon 1 kubernetes 1 microsoft 7 nsx 45 nsx v 41 powercli 8 powershell 6 professional 1 reviews 1 vcap 48 vcap6 2 vcenter server 4 vcix 2 vexpert 9 vmug 5 vmware 99+ vmware aria 1 vmware aria automation 8 vmware aria operations 3 vmware cloud 3 vmware cloud director 1 vmware explore 2 vmware identity manager 2 vmworld 36 vrealize automation 79 vrealize automation saltstack config 1 vrealize business 2 vrealize log insight 1 vrealize operations 1 vrealize operations manager 5 vrealize orchestrator 11 vrealize suite 14 vrealize suite lifecycle manager 20 vsan 5 vsphere 9 windows 6
Top Tags:
active directory 6 api 18 barcelona 24 certificates 15 certification 7 howto 42 microsoft 7 multi tenancy 9 nsx v 43 platform services controller 8 powercli 8 powershell 7 psc 6 vcap 8 vcap6 45 vcap6 cma 47 vcap6 nv 37 vcix6 nv 36 vexpert 19 vmug 8 vmware 99+ vmware aria 9 vmware aria automation 8 vmworld 35 vmworld 2016 13 vmworld 2017 9 vra 13 vrealize 7 vrealize automation 74 vrealize operations 8 vrealize orchestrator 20 vrealize suite lifecycle manager 11 vrslcm 20 vsan 7 vsphere 12