TASK 8
As the Cloud Administrator, you must ensure that each virtual machine deployed by the Neptune Project is configured to a standard state.
You have already created a state file in the environment that can be used to meet this requirement.
The following tasks need to be completed:
Update the existing Neptune VMware Cloud Template to ensure that:
* The vRealize Automation SaltStack Config minion is installed during deployment.
* The base configuration state file is always run during deployment. The minion id of the machine should be dynamically assigned using the machine name.
* A secret should be used to ensure the remote access password is not visible within the cloud template.
NOTE: Do not deploy the Cloud template.
The following information has been provided to assist you in these tasks:
The following information has been provided to assist you in these tasks:
* vRA FQDN: vt-aulomation.corp.local
* Cloud Admin Username: vcapadmin@corp.local
* Cloud Admin Password: VMwarel!
* vRA Project Name: Neptune
* Existing Cloud Template Name: Neptune Ubunlu
* vRA-SSC Master Minion Id: saltstack
* vRA-SSC Master Id: saltstack_enterprise_installer
* vRA-SSC Environment: sse
* State File Location: /neptune/base/init.sls
* Remote Access Username: salt-user
* Remote Access Password: VMware1
* Password Secret name: salt-password
To update the existing Neptune VMware Cloud Template with the requirements for the Neptune Project, you would follow these steps:
Install the vRealize Automation SaltStack Config Minion During Deployment:
Open the existing Neptune Ubuntu Cloud Template in the vRealize Automation Cloud Assembly.
In the code pane, add the following properties to the SaltStack Config resource:
Cloud_SaltStack_1:
type: Cloud.SaltStack
properties:
masterId: saltstack_enterprise_installer
hosts:
- '${resource.Cloud_VM_1.id}'
saltEnvironment: sse
stateFiles:
- /neptune/base/init.sls
Dynamically Assign the Minion ID Using the Machine Name:
By default, the machine's name is passed in as the minion ID in SaltStack Config. Ensure that the machine names are appropriately set to be used as minion IDs.
Use a Secret for the Remote Access Password:
Refer to the secret directly in your Cloud Assembly cloud template by using the prefixsecret.and the name of your property:
inputs:
...
resources:
Cloud_Machine_1:
type: Cloud.Machine
properties:
...
remoteAccess:
authentication: usernamePassword
username: salt-user
password: '${secret.salt-password}'
By incorporating these changes, the Neptune VMware Cloud Template will install the SaltStack Config minion during deployment, run the base configuration state file, and use a secret to secure the remote access password.