vRA / vRO - Add an Azure connection

calendar Jan 8, 2019 · 2 min read · Azure VMware VMware vRealize vRO  ·
Share on: linkedin copy

Integrating vRA / vRO and Azure is available out-of-the-box with vRA 7.2+ and has been well documented by others for how to set the integration up (vaficionado.com).

The integration is fairly straightforward however I faced two main issues, the first being proxy settings and the second being an issue with the vRO workflow "Add an Azure connection".

Update Azure Plugin

To resolve other vRO / Azure bugs, ensure you update the Azure plugin in vRO to the latest version from https://kb.vmware.com/s/article/55826 (see attachment in the KB article). As the KB states, the updated plugin can be installed in vRA/vRO 7.2, 7.3, 7.3.1 & 7.4.

Proxy Server Issue

To resolve the majority of proxy issues, ensure that your proxy server is configured to do no SSL interception (ie certificate replacement) / whitelist the below domains (list provided by VMware GSS)

  • login.windows.net
  • management.azure.com
  • login.microsoftonline.com
  • mystorageaccount.blob.core.windows.net
  • ea.azure.com
  • consumption.azure.com
  • vrbc-services.vmware.com
  • aws.amazon.com
  • *.amazonaws.com

vRO Workflow Issue

Once the plugin is updated and the URLs have been whitelisted by the proxy, the next issue I faced was with the vRO workflows "Add an Azure connection" and it failing at the third "Import a certificate from URL" when using a Proxy Server.

For this issue, a case was logged with VMware GSS and after spending far too much time troubleshooting, we realised this third child workflow "Import a certificate from URL", doesn't actually do anything so it can be safely removed so that the workflow run will be successful.

Increase vRO Socket Timeout

To ensure that the timeout issues do not occur between Azure and vRO, edit the vRO socket timeout value as per below commands to increase the timeout value from 30000 to 300000

1cd /usr/lib/vcac/server/webapps/o11n-gateway-service/WEB-INF/classes/META-INF/spring/root
2cp o11n-gateway-service-context.xml o11n-gateway-service-context.xml.bak
3vi o11n-gateway-service-context.xml
4# Edit the line...
5<property name="socketTimeout" value="#{vcoConfig['vco.socket.timeout.millis']?:30000}"/>
6# Change the 30000 value to 300000
7:wq!
8service vcac-server restart
comments powered by Disqus