Ansible – VMware Identity Manager deployment through vRealize Suite Lifecycle Manager – Part#1

Today i’m going to show you how to create new environment for Vmware Identity Manager and install new instance of vIDM in vRealize Suite Lifecycle Manager in fully automaticaly way, using of course Ansible.
In VMware docs you will find that you can add an existing VMware Identity Manager OR deploy new VMware Identity Manager through vRealize Suite Lifecycle Manager. So i read many articles and blogs but it’s really hard to find anythink about installation new vIDM through vRSLCM using REST API.

Digging on the internet i came across a great article wrote by Gavin Stephens on his own blog SimplyGeek.co.uk. He describes in details deployment process of vIDM from OVA using Ansible playbooks.

So much for introduction, let’s talk about the case.

NOTE!!!
Deployment of an Identity Manager through vRLSCM is through a single node with an Internal PostgreSQL database embedded in the appliance and does not support an external database like Microsoft SQL. vRSLCM does not perform cluster-based installations of VMware Identity Manager. More info in VMware docs.

What is worthy to mention is that VMware recommends external Microsoft SQL Server database for vIDM environment what really suprised me.
An internal Postgres SQL database is embedded in the VMware Identity Manager appliance, but the internal database is not recommended for use with production deployments. Read more…

Ok before we start install vIDM through LCM, first we have to configure product binaries (vIDM OVA file) in vRSLCM. It’s nothing more than copied OVA file to /data directory on vRSLCM server and mount it. Of course you can use My VMware to download all Product Binaries but i don’t need them all and what’s worse there is no way to select just one product and add it to binaries:

Ok so let’s do our job in three steps using GUI REST API:

/lcm/gui/api/sourceLink – to add binaries to vRSLCM;

lcm/gui/api/action/createEnvironment – to create new environment in vRSLCM;

lcm/gui/api/action/requestId – to install vIDM.

Add binaries

So the first step is to copy OVA file to /data directory on vRSLCM. In my case it will be /data/productlinks/vidm/3.3/ and then i will add binaries to vRSLCM.

NOTE!!!
If Location Type is set to Local – the path has to start with /data to LCM could get product binaries.

Just send POST request using JSON object as below (edit if you use different vIDM version):

And the Ansible tasks should look like that:

Quick check if all is fine. Just login to the UI of vRealize Lifecycle Manager and navigate to Settings > Product Support:

Create environment

NOTE!!!
lcm/gui/api/action/createEnvironment will return requestID and environmentID. These two values have to be used in the task ‘Install new vIDM instance’.

So let’s create new environment and find requestID and environmentID:

Environment creation initialized:

Install new Identity Manager

And now let’s install it. Because vIDM deployment can take up to 15 mins so i created additional task to check when sshd service on vIDM server start.

And the task to check that a page returns a status 200.

And pretty much that’s it. vIDM finally is up and running and what is the most important- fully automated:) You don’t need to touch ‘Setup Wizard’ to complete the installation because it’s already done .

But how to run this role tasks? My playbook run two tasks and looks like that: first task ‘Add binaries’ start role task ‘vidmAddBinaries.yml’ and the second playbook task run role task vidmCreation.yml:

If you want to know how to Ansible role for vIDM configuration i invite you to read Part#2 of this series. First configuration task will change default user attributes.

Cheers.