Objective 7.2 – Utilize basic workflows using Orchestrator

  • Configure and manager vCenter Orchestrator

Theres a good video of Installing and Configuring vCenter Orchestrator from VMwares Education Services Here

Download the VMware Orchestrator Appliance from Vmware, Deploy the OVF by selecting File>Deploy OVF from within the VIClient.

When prompted accept the EULA & name the Orch Appliance.

Select the Datastore, Cluster, Resource Pool, Storage, Disk Format & Network Mapping  you require.

On the Application page you will need to specifiy 2 passwords.

The Root password is for configuration & managment of the appliance only.

For example here you can change the IP settings, the Hostname, configure proxy settings , change the appliance password & reboot\update the appliance

You will gain access to this configuration by browsing to https:\\<ip address>:5480

Default credentials for appliance configuration are

  • Username: root
  • Password: user specified at setup

The vCO Configuration Interface password will be used by the VMware User in the vCO Configuration Interface. This is where you specifiy Orchestrator specfic settings.

For example here you will configure the Orch Database, Orch Authentication, vCenter Server integration etc

You will gain access to this configuration by browsing to https:\\<ip address>:8283

Default credentials for the vCO configuration are

  • Username: vmware
  • Password: user specified at setup



You will then also need to configure the Networking Settings. if you want to have the orchestrator Appliance configured for DHCP then leave these options blank.


Review the deployment settings, select the “Power on after deployment” option and the hit Finish.

Once powered on browse to https:\\<ip address>:8283 locate Network and then from the drop down select the IP assigned to the appliance during configuration  & select apply


Under the network setting, select the SSL trust Manager tab.

Now we need to import the vCenter Server and vCenter SSO certificates

Load the vCenter Server certificate in Orchestrator from a URL, enter the  IP_of_the_vCenter_Server:443 & select Import


you may get an error saying the certificate is untrusted, do you want to import or reject. Select Import


Repeat the operation on IP_of_the_vCenter_Server:7444

On the left section click on the Authentication tab. You will see that as default the vCO VA is configured for the local LDAP server. Change Authentication mode to SSO Authentication. Enter the IP of the vCenter VA and the root / vmware credential. Click on “Register Orchestrator”

You will be greeted by  “The Orchestrator solution user is registered. You must complete the SSO configuration.”

Here I selected a pre-created group within Active Directory called vCO Admin.

As you can see clock tolerance is set to 300 seconds.


 Click on Accept Orchestrator Configuration

On the left section click on the Plug-ins tab. We need to provide a vCO admin user to install the plug-ins when the vCO server will be restarted.

Here I used my service account which is a member of the vCO Admins group in active directory that i defined earlier.

Then we need to enable the vCenter Server plug-in. Check it. Click on Apply changes.

  • Add Orchestrator to vCenter

Browse to the vCO configuration page https:\\<ip address>:8283 & locate “vCenter Server”


Select the “New vCenter Server Host” tab

  • From the Available drop-down menu, select Enabled
  • In the Host text box, type the IP address or the DNS name of the machine on which the vCenter Server instance you want to add is installed
  •  In the Port text box, retain the default value, 443.
  • (Optional) Select the Secure channel check box to establish a secure connection to your vCenter Server system.
  • In the Path text box, retain the default value, /sdk.
  • Select the method you want to manage your vCenter Server
    • Shares a unique session – Creates only one connection to vCenter Server using the service account defined.
    • Session per user – if you want to authenticate in vCenter as the user that will authenticate in vCO


I created a Service account within my domain that has Administrator privledges to my vCenter in order to facilitate this. My Account is set so that the Password will not expire

Apply the changes

You should then see the vCenter Server listed as a host on the hosts tab


Once the Service is running again within Startup Options you can now log in (i had to restart the appliance before I could log in)


Login to the Orch client using its IP or browse to  https://<ip Address>:8281 to use the orchestrator web interface.

You should also be able to see the Orchestrator Server listed under the vCenter Orchestrator option on home page


If you cant see Orchestrator here, right click the manage tab, select Servers and then highlight the vCenter and select edit configuration


You can then enter the details of the Orchestrator Server



You will then be able to run and Schedule workflows from within vCenter.


The integration of Orchestrator is also shown in the following 3 Part video series from VMware Education Services




  • Create basic vCenter management workflows

Theres a good video of Creating basic workflows from VMwares Education Services Here

  • Troubleshoot existing workflows

Troubleshooting of workflows requires hands on experience, I can only recommend creating a lab and running through Scenerios to obtain this skill.

  • Import/Export Packages

Open the vCenter Orchestrator client & login.

Select the Administer option from the drop down


Select the Packages tab.

To export a package, right click a package and select “Export Package…”


To Import a package, select the Import package icon


The full Video List from VMware Education Services can be found here



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s