thecloudxpert

Configuring Multi-Org Tenancy in vRA 8.x - Part 4: Configuring Multi-Tenancy

vRealize Automation vRA Multi-Tenancy

Published on 17 April 2020 by Christopher Lewis. Words: 678. Reading Time: 4 mins.

Introduction

In this series of posts, we will be taking a look at how to configure a Multi-Organization Tenancy (aka Multi-Tenancy) in vRealize Automation (vRA) 8.x.

In this post, I will tackle the final two steps in configuring vRA 8.x Multi-Organization tenancy. That is, applying the SAN SSL Certificate for vRA created in Part 2 and then finally creating a new Organization/Tenant!

For more information on the rest of the posts in this series, click here .

Apply the vRA Multi-Organization Tenancy Certificate

The last step before we start adding new Organizations/Tenants is to ensure that the vRA certificate includes the FQDNs of the new organizations. We created the SAN SSL Certificate in Part 2 of this series and uploaded it into vRSLCM in Part 3 so that it is easy to apply. The process we’re going to follow is pretty much identical to the one we used for replacing the WOA certificate in Part 2 of the series but for completeness I have included the full steps I went through.

  1. From the vRSLCM homepage, click Lifecycle Operations.
  1. Click Environments.
  1. Identify the target vRA Environment and click View Details.

Note: It would be considered best practice to complete an Inventory Sync before making any changes, as I only just completed one for the WOA certificate, I won’t be doing it again. If you are adding a new tenant at a much later date, you may want to do an inventory sync if you didn’t run it when updating the WOA certificate with the new Organization/Tenant.

  1. Click (next to the Trigger Inventory Sync link).
  1. Click Replace Certificate.
  1. At the Replace Certificate - Current Certificate dialog, click Next.
  1. At the Replace Certificate - Select Certificate dialog, select the WOrkspace ONE Access certificate from the Select Certificate dropdown.
  1. At the Replace Certificate - Select Certificate dialog, Click Next.
  1. At the Replace Certificate - Precheck dialog, click Run Precheck.
  1. At the Replace Certificate - Precheck Dialog, click Finish.
  1. Wait for the process to complete and then click on vRealize Suite Lifecycle Manager to return to the homepage.

We are now ready to actually create our first Organization/Tenant, so lets get to it!

Note: At this point I checked whether or not I could still log into the default/provider tenant and when navigating to https://vra.domain.name and trying to log in, I got a Bad Gateway message. To fix this I went back into vRA 8.x deployment in LCM and chose to the Re-Register with Identitiy Manager option shown below:

Create the new Organization/Tenant

  1. From the vRSLCM homepage, click Identity and Tenant Management.
  2. Select Tenant Management.
  3. Click Add Tenant.
  4. Enter the Tenant Name into the text box.
  5. Enter the Username, First Name, Last Name, Email ID and Password for the local Organization Admin account for this Org.
  6. Click Next.
  7. Click Next and Save.
    Note: We’re not migrating existing Active Directory configuration into the new Organization.
  8. Check the checkbox for the vRealize Automation deployment to create the tenant.
  9. Click Next and Save.
  10. Click Run Precheck.
  11. Assuming everything is successful, click Next and Save.
  12. Click Create Tenant.
  13. The new Org will now be created.

Log into the new Tenant

  1. From your browser, navigate to medtech.vra.domain.name.
  2. Click Goto Logon Page.
  3. Enter the Username and Password (as specified in the previous section)
  4. Click Sign In.
  5. You are no logged into the Medtech Org!

Bringing it all together!

Firstly, vRA 8.x Multi-Organization Tenancy FTW! This is a key parity item with vRA7. I’m yet to still fully understand all of the nuasances of this new feature but I already updated this series to have a 5th Post!

So we now finally have a new Organization (medtech) and a default Organization (provider) configured! I estimate it has taken me around 4 hours to configure Multi-Organization tenancy up to this point in my lab. We now have separate logon URLs for each Organization which is great, albeit different to the experience in vRA 7.

Thank you for sticking with me in this series of posts. Hopefully you have found them of value and they help you on your multi-cloud journey.

Published on 17 April 2020 by Christopher Lewis. Words: 678. Reading Time: 4 mins.


Blog Categories: VMware vRealize Automation
Related Post(s):
Recent Posts:

Blog Categories:
active directory 6 aria automation 8 aria operations 2 aws 2 blog 1 career 1 certificate authority 5 certificates 1 certification 91 cloud management 1 cloudnativecon 1 community 1 fun 1 general 9 hands on labs 1 home lab 2 kubecon 1 kubernetes 1 microsoft 7 nsx 45 nsx v 41 powercli 8 powershell 6 professional 1 reviews 1 vcap 48 vcap6 2 vcenter server 4 vcix 2 vexpert 9 vmug 5 vmware 99+ vmware aria 1 vmware aria automation 8 vmware aria operations 3 vmware cloud 3 vmware cloud director 1 vmware explore 2 vmware identity manager 2 vmworld 36 vrealize automation 79 vrealize automation saltstack config 1 vrealize business 2 vrealize log insight 1 vrealize operations 1 vrealize operations manager 5 vrealize orchestrator 11 vrealize suite 14 vrealize suite lifecycle manager 20 vsan 5 vsphere 9 windows 6
Top Tags:
active directory 6 api 18 barcelona 24 certificates 15 certification 7 howto 42 microsoft 7 multi tenancy 9 nsx v 43 platform services controller 8 powercli 8 powershell 7 psc 6 vcap 8 vcap6 45 vcap6 cma 47 vcap6 nv 37 vcix6 nv 36 vexpert 19 vmug 8 vmware 99+ vmware aria 9 vmware aria automation 8 vmworld 35 vmworld 2016 13 vmworld 2017 9 vra 13 vrealize 7 vrealize automation 74 vrealize operations 8 vrealize orchestrator 20 vrealize suite lifecycle manager 11 vrslcm 20 vsan 7 vsphere 12