Scribd
Upload
98 views

BlueCat vRO Plugin v7.4.0 For IPAM Automation

Bluecat vRO automation plugin

Uploaded by

Dilraj Rajan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
98 views

BlueCat vRO Plugin v7.4.0 For IPAM Automation

Bluecat vRO automation plugin

Uploaded by

Dilraj Rajan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

vRO Plug-in v7.4.

0
IPAM Automation Guide

CONFIDENTIAL - For customer's internal use only.


This document may not be reproduced or distributed without the written consent of BlueCat.

© 2019 BlueCat Networks (USA) Inc. and its affiliates.


Contents

Contents

BlueCat vRO plug-in................................................................................... 3


Installation notice.................................................................................................................................3
Requirements.......................................................................................................................................3
Installing the BlueCat vRO plug-in......................................................................................................4
Disabling the BlueCat vRO plug-in..................................................................................................... 5
Creating new profiles.......................................................................................................................... 5
Configuring the SSL connection to Address Manager............................................................. 6
Deleting profiles...................................................................................................................................6
Setting JavaScript access to Address Manager API.......................................................................... 6
JavaScript Examples................................................................................................................ 7

Terms and Conditions...............................................................................10

ii | CONFIDENTIAL
BlueCat vRO plug-in

BlueCat vRO plug-in


This guide describes how to install and configure the BlueCat vRO plug-in v7.4.0 for IPAM Automation
(vRO plug-in v7.4.0).
The BlueCat vRO plug-in provides an automated solution for assigning IP addresses and updating DNS
information from BlueCat Address Manager.
The BlueCat vRO plug-in can help eliminate delays and costs associated with provisioning VMware
resources. Once installed, you can configure the BlueCat vRO plug-in to connect to Address Manager and
use the predefined BCN Workflows, or build your own workflows in VMware to perform other provisioning
tasks.
The predefined BCN Workflows can be downloaded from article 9910 on BlueCat Customer Care. For
more information about BlueCat workflows, refer to the BlueCat vRO Plug-in v7.4.0 Workflow Guide
documentation.
 Note: The BlueCat vRO plug-in requires Address Manager and DNS/DHCP Server to operate in
your VMware environment.

Installation notice
If you are moving from vCO to vRO plug-in v7.4.0, you will need to manually re-configure all plug-in
settings. Ensure that you back up or make note of the previous configuration before deleting the old plug-
in.

Requirements
Before you install the BlueCat vRO plug-in v7.4.0 for IPAM Automation, ensure that system components
and Address Manager configuration requirements are met.

System components
The following system components must be set up in your network environment and functioning properly.
This table describes the supported software and hardware requirements:

System components Description

• Address Manager v9.1.0 Ensure that you have set up the Address Manager
with the required configurations.
 Note: The BlueCat vRO plug-in v7.4.0 for
IPAM Automation is tested and supported
only on Address Manager v9.1.0. If you
are running an earlier version of Address
Manager, you must upgrade the software.
For assistance, contact BlueCat Customer
Care: https://care.bluecatnetworks.com.

CONFIDENTIAL | 3
IPAM Automation Guide

System components Description

• DNS/DHCP Server v9.1.0 Ensure that all servers are under Address Manager
• DNS/DHCP Server v9.0.0 control and services have been successfully
deployed.
• DNS/DHCP Server v8.3.2
• DNS/DHCP Server v8.3.1  Note: The BlueCat vRO plug-in v7.4.0
• DNS/DHCP Server v8.3.0 for IPAM Automation is supported
only on DNS/DHCP Server v8.3.0 or
greater. If you are running an earlier
version of DNS/DHCP Server, you must
upgrade the software. For assistance,
contact BlueCat Customer Care: https://
care.bluecatnetworks.com.

BlueCat vRO Plug-in v7.4.0 for IPAM Automation Ensure that you have downloaded the BlueCat vRO
package plug-in v7.4.0 for IPAM Automation package and all
documents from the BlueCat Customer Care portal:
https://care.bluecatnetworks.com.

• VMware vRealize Orchestrator v7.3/v7.4 Verify that vRealize Orchestrator is functioning


properly.

Address Manager configuration


Before installing the BlueCat vRO plug-in, ensure that the following objects and configurations exist in
Address Manager and deployed to DNS/DHCP Server:
• IPv4 network with a defined IP address range.
• DNS views and zones.
• API user account. This user account will be used by the BlueCat vRO plug-in to log in to Address
Manager.
 Note: In order to perform IPAM automation using the BlueCat vRO plug-in, the API user must
be granted Full access rights at the IP address and MAC address levels, Full access rights at
the Zone level, Full access rights at the Host Record level, and Full access rights with the ability
to perform a full deployment of data at the server level.
• DNS deployment roles added at the IPv4 network and DNS zones level.
• DHCP deployment roles added at the IPv4 network level if using DHCP reserved address.
• Match Client DNS option added at the View level with the value of 127.0.0.1. This is ONLY needed if
the Match Client DNS option is defined in your configuration.
• Allow Dynamic Updates DNS option added at the IPv4 network and DNS zone level with the Address
Manager IP address or the Network that includes the Address Manager IP address.
For more information about how to perform the mentioned tasks, refer to the Address Manager
Administration Guide.

Installing the BlueCat vRO plug-in


Follow the steps to install the BlueCat vRO plug-in.
To install the plug-in:
1. Log in to the VMware vRealize Orchestrator Control Center user interface as root. The Control Center
page opens.
2. Under Plug-ins, select Manage Plug-Ins. The Manage Plug-Ins page opens in the main page.
3. Under Install plug-in, click Browse.... A pop-up window opens.

4 | CONFIDENTIAL
BlueCat vRO plug-in

4. Locate the BlueCat vRO plug-in .dar file (BAMVROPlugin.7.4.0.dar) and click Open. The plug-in .dar
file name appears under Install plug-in.
5. Click Install. The Install plug-in verification page opens.
6. Click Install. A note block appears to confirm that the plug-in was successfully installed.
7. Under Plug-In, ensure that the Enable plug-in check box next to the BlueCat vRO plug-in is selected.
8. Click Save changes in the pop-up window.
Once you have saved the changes, the Orchestrator server service automatically restarts.
 Note: For instructions on how to remove the BlueCat vRO plug-in from vRealize Orchestrator, refer
to VMware KB 2064575.

Disabling the BlueCat vRO plug-in


You can disable the BlueCat vRO plug-in in vRealize Orchestrator.
To disable the BlueCat vRO plug-in:
1. Log in to the VMware vRealize Orchestrator Control Center user interface. The Control Center page
opens.
2. Under Plug-ins, select Manage Plug-Ins. The Manage Plug-Ins page opens in the main page.
3. Under Enabled plug-in, deselect the BlueCat vRO plug-in check box.
4. Click Save changes in the pop-up window.
Once you have saved the changes, the Orchestrator server service automatically restarts.

Creating new profiles


Create at least one profile in order to allow the BlueCat vRO plug-in to work with Address Manager. You
can create as many profiles as you want.
 Note: If you are running Address Manager in replication and a failover has been performed, you
must reconfigure the profile with the updated Address Manager IP address or hostname from the
vRealize Orchestrator configuration page.
To create a profile:
1. Log in to the VMware vRealize Orchestrator Client user interface. The VMware vRealize Orchestrator
page opens.
2. Select Run in the drop-down menu next to the VMware vRealize Orchestrator title.
3. In the left panel, navigate to Library > BAM > Configuration.
4. Under Configuration, click Add a profile
5. Set the following parameters:
• Profile Name—enter the unique descriptive name for the profile that you are creating.
• Host—enter the IP address or FQDN of the Address Manager server.
• User Name—enter an Address Manager API username that vRealize Orchestrator will use to log in
to the Address Manager server. This API username must already exist in Address Manager.
 Note: In order to perform IPAM automation using BlueCat vRO plug-in, the API user must be
granted Full access rights at the IP address and MAC address levels, and Full access rights
with the ability to perform a full deployment of data at the server level.
• Password—enter the API user password for the Address Manager server.
• Use SSL—select the Yes radio button to connect to the Address Manager server using SSL.
6. Click Submit.

CONFIDENTIAL | 5
IPAM Automation Guide

Configuring the SSL connection to Address Manager


If you are moving from an earlier version to vRO v7.3.0 and install the new vRO plug-in, you need to
reconfigure the SSL connection to Address Manager.
To connect to Address Manager via SSL:
1. Navigate to Library > BAM > Configuration > Update a profile. The Update a profile page opens.
2. Under Select a profile, select Not set
3. Under BAM, select the profile to edit.
4. Press the Select button.
5. Press the Next button.
6. Under Update profile, select the Yes radio button under Use SSL.
7. Click Submit to confirm the changes.
8. Once the changes have been submitted, log in to the VMware vRealize Orchestrator Control Center
user interface as root. The Control Center page opens.
9. Under Manage, click Certificates. The Certificates page opens.
10.Under Trusted Certificates, click Import.
11.Enter https://Address_Manager_IP or hostname in the Import from URL field.
12.Click Import.
 Note: Once the Trusted Certificates have been imported, you must restart your VMware plug-in
server.

Deleting profiles
You can delete BlueCat vRO plug-in profiles.
To delete a profile:
1. Navigate to Library > BAM > Configuration > Remove a profile. The Remove a profile page opens.
2. Under Select a profile, select Not set.
3. Under BAM, select the profile to remove.
4. Press the Select button.
5. Click Submit to confirm the removal of the profile.

Setting JavaScript access to Address Manager API


In order to access the Address Manager API from a vRO workflow, you must make some changes to your
vRO server JavaScript settings.
To allow access to the all Address Manager API, perform the following changes to your vRO server:
1. Create the following in the /etc/vco/app-server directory:

rhino-class-shutter-file

2. Add the following line in the rhino-class-shutter-file:

java.lang.*

3. Save the configuration.


4. Log in to the VMware vRealize Orchestrator Control Center user interface as root. The Control Center
page opens.

6 | CONFIDENTIAL
BlueCat vRO plug-in

5. Under Monitor and Control, select System Properties. The System Properties page opens in the
main page.
6. Click NEW.... A pop-up window opens.
7. Set the following properties:
• Key—enter com.vmware.scripting.rhino-class-shutter-file
• Value—enter /etc/vco/app-server/rhino-class-shutter-file
• Description—enter the description of the system property. For example, "Configure JavaScript
access to additional Java classes."
8. Click Add.
9. Click Save changes from the pop-up window.
10.Restart the server.
For details on how to use actions, please refer to VMware vRealize Orchestrator documentation.

JavaScript Examples
Refer to the following JavaScript examples.

Using APIEntity and passing a Long object


This script will demonstrate how to use APIEntity and how to correctly pass a Long object into to API
method. It will create Configuration, TFTP Group and finally delete the Configuration.

/* Copyright 2019 BlueCat Networks (USA) Inc. and its affiliates. All Rights
Reserved. */
var result
var configId;
try
{
var testConfig = BCNProteusAPI.createAPIEntity( new
java.lang.Long(0),configName,"","Configuration" );
var args = new Array( new java.lang.Long(0), testConfig );
configId = new
java.lang.Long( BCNProteusAPI.call( profileName,"addEntity",args ));
System.log( "New configuration was created, id=" + configId );
var addTFTPGroupArgs = new Array( configId, "tftpGroupName1", "" );
var tftpGroupId = new
java.lang.Long( BCNProteusAPI.call( profileName,"addTFTPGroup",
addTFTPGroupArgs ) );
System.log( "New TFTP Group was created, id=" + tftpGroupId );
}
catch( err )
{
System.log( "ERROR: " + err.message );
throw( err );
}
finally
{
var deleteConfigArgs = new Array( configId );
BCNProteusAPI.call( profileName, "delete", deleteConfigArgs );
System.log( "Configration was deleted, id=" + configId );
}

Finding the DNS deployment role and changing the role type
The script will find the DNS deployment role and change the role type to MASTER if it is SLAVE, and
change to SLAVE if it is MASTER. To run this script, the following entities must be created:

CONFIDENTIAL | 7
IPAM Automation Guide

• Configuration—the configuration's name will be used a parameter of this workflow.


• DNS View—under the configuration with name default.
• DNS deployment role—under the view configured to be deployed to the master or slave server.

var args = new Array( new java.lang.Long(0), configName, "Configuration" );


var result;

System.log ( “calling API with: ” + args.toString() );

try
{
result = BCNProteusAPI.call( profileName, "getEntityByName", args );

System.log( result.getType() + "," + result.getId() );


var configId = new java.lang.Long( result.getId() );
args = new Array( configId,"default", "View" );
result = BCNProteusAPI.call( profileName, "getEntityByName", args );
var viewId = new java.lang.Long( result.getId() );
args = new Array( viewId );
result = BCNProteusAPI.call( profileName, "getDeploymentRoles", args );
System.log( "type of return " + typeof result + ",keys:" +
Object.keys(result.getItem()) );
for (var key in result.getItem() )
{
if ( result.getItem().hasOwnProperty(key))
{
var v = result.getItem()[key];
System.log( key + " -> " + v.getType() + "," + v.getId() + "," +
v.getServerInterfaceId() + "," + v.getProperties() );
if( v.getType() == "MASTER" )
{
v.setType( "SLAVE" );
}
else if( v.getType() == "SLAVE" )
{
v.setType( "MASTER" );
}
args = new Array( v );
result = BCNProteusAPI.call( profileName, "updateDNSDeploymentRole",
args );
}
}
}
catch( err )
{
System.log( "ERROR: " + err.message );
throw( err );
}

Limitations
• The BlueCat vRO Plug-in v7.4.0 is only compatible with Address Manager v9.1.0. You cannot use the
BlueCat vRO Plug-in v7.4.0 with Address Manager v9.0.0 or earlier.
• Currently, the byte[] parameter type is not supported. The Java engine always transforms the byte[]
parameter into NativeArray. As a result, the following three API methods are not supported:
• public long addTFTPFile(long parentId, java.lang.String name, java.lang.String version, byte[] data,
java.lang.String properties) throws java.rmi.RemoteException.
• public byte[] updateBulkUdf(byte[] data, java.lang.String properties) throws
java.rmi.RemoteException.

8 | CONFIDENTIAL
BlueCat vRO plug-in

• public void uploadResponsePolicyItems(long parentId, byte[] data) throws


java.rmi.RemoteException.
• The null parameter is not supported. Parameters that are null must be replaced by an empty string
("").

CONFIDENTIAL | 9
IPAM Automation Guide

Terms and Conditions


READ THIS BEFORE INSTALLING OR USING BLUECAT PRODUCTS, SERVICES, AND
DOCUMENTATION
The material herein is subject to the applicable BlueCat License Agreement previously entered into
between BlueCat and your company, or if none, then to BlueCat’s standard terms and conditions which
you can view and download from https://www.bluecatnetworks.com/services-support/support/license-
agreements/. BlueCat reserves the right to revise this material at any time without notice.
Company names and/or data used in screens and sample output are fictitious, unless otherwise stated.

Copyright
©2001—2019 BlueCat Networks (USA) Inc. and its affiliates (collectively ‘BlueCat’). All rights reserved.
This document contains BlueCat confidential and proprietary information and is intended only for the
person(s) to whom it is transmitted. Any reproduction of this document, in whole or in part, without the prior
written consent of BlueCat is prohibited.

Trademarks
Proteus, Adonis, BlueCat DNS/DHCP Server, BlueCat Address Manager, BlueCat DNS Edge, BlueCat
Device Registration Portal, BlueCat DNS Integrity, BlueCat DNS Integrity Gateway, BlueCat Mobile
Security, BlueCat Address Manager for Windows Server, and BlueCat Threat Protection are trademarks of
BlueCat.
iDRAC is a registered trademark of Dell Inc. Windows is a registered trademark of Microsoft Corporation.
UNIX is a registered trademark of The Open Group. Linux is a registered trademark of Linus Torvalds.
QRadar is a registered trademark of IBM. ArcSight is a registered trademark of Hewlett Packard. Ubuntu is
a registered trademark of Canonical Ltd. CentOS is a trademark of the CentOS Project. All other product
and company names are registered trademarks or trademarks of their respective holders.

10 | CONFIDENTIAL
BlueCat Networks (USA) Inc. and its affiliates.
www.bluecatnetworks.com
Toll Free: 1.866.895.6931
Document #: vRO_PlugIn_IG_7.4.0-R3
Published in Canada
Date: May 2019

You might also like