SovLabs Prerequisites

Basic prerequisites before using the SovLabs Prerequisites Workflow

  1. SSH needs to be enabled on all vRO Appliances (or vRA Appliances if vRO is running Embedded in vRA)
  2. vRA should be configured and running with Tenant, Compute Resource(s), Reservation(s), vRA Blueprint(s)
  3. Credentials needed
    1. Root Credentials for all vRA Appliances
    2. Administrator@vsphere.local Credentials for vRA vsphere.local tenant
    3. Tenant Admin Credentials for the vRA tenant where SovLabs will be installed into
    4. If vRO is external, then Root Credentials for all vRO Appliances

What steps are NOT done by this

If the vRA installation is using external vRO(s) then the "external" part of vRO Prequisites Step 2.0 of still needs to be done.

These steps are not easily automated and are difficult to do from the vRO(s) themselves, as a restart of the vRO(s) might be needed as part of the configuration.

Importing SovLabs Prerequisites Package

  1. Login to vRO Client
  2. Switch to "Design" view
  3. Switch to "Packages" tab
  4. Click "Import Package..."
  5. Browse to the "com.sovlabs.prerequisites-YYYY-MM-DD.package" provided at the bottom of this page (Download SovLabs Prerequisites Package)

Executing SovLabs Prerequisites Workflow (for a vRA setup with one vRA Appliance with vRO running as Embedded)

  1. Once imported, switch to "Workflows" tab
  2. Navigate to "SovLabs / Configure SovLabs Prerequisites" and Run that workflow
  3. Start by providing the FQDN for a vRA node, like if you where accessing the VAMI of that vRA Node
    If it is a Distributed Installation, provide the first node in the Cluster
  4. Provide "root" Password and "administrator@vsphere.local" Password
  5. Select Yes, to auto detect the Installation FQDN of the vRA Installation
  6. Select Yes, to auto detect the version of vRA installed
  7. Select yes, to populate the drop down of tenants in the vRA Installation, then select the tenant wanted and provide a Tenant Admin account in this tenant.
    The Tenant Admin account is only used for lookups and initial configuration, it is not used as a Service Account.
  8. Leave "Use the recommended Service Account setup" to Yes, and provide the needed info and password
  9. Leave "Use the recommended Entitlement Group setup" to Yes
  10. Leave "Create a new Business Group in the vRealize Automation tenant, as recommended" to Yes, and provide an email address to be used for Capacity Alerts in that Business Group
  11. Leave the defaults regarding "vRA Connection"
  12. Leave "Create recommended vRA IaaS Connection in vRO Inventory" to Yes, and provide IaaS Service Account information.
    Service Account should be provided in UPN format, e.g. ""
  13. Select Yes to auto detect if vRO is embedded
  14. Select Yes, to generate the vRO Node Authentication Objects, that the rest of the presentation and workflow will be using
  15. Select Yes, to auto detect vRO Control Center Heap Size
  16. Select Yes, if Kerberos Configuration is wanted, and provide the number of Kerberos Domains to be configured and whether or not to enable Kerberos Logging
  17. If between 1 and 3 Kerberos Domains are being configured, provide the needed details on each tab.
    If more than 3 Kerberos Domains is to be configured, then a text box will be shown with a "Kerberos template", which needs to be edited in a text editor and provided back.
    If Kerberos is already configured on the vRO, then the existing Kerberos configuration will be shown, and can be edited in a text editor if wanted.
  18. Here a Summary of the configuration is presented, and can be copied to a text file, for easy reference in the future.
  19. At the last tab, it is needed to provide the string "RunAgainProtection", which will cause an alert if an already run workflow token is being Run Again.

Next steps

  1. Restart vRO Server service on all vRA or vRO Appliances depending on whether or not vRO is external.
  2. Import the SovLabs plugin via vRO Control Center
  3. Run the normal "SovLabs Configuration" workflow, selecting the same details as used in the "Configure SovLabs Prerequisites" workflow
    1. Tenant
    2. Business Group
    3. Entitlement Group

Download SovLabs Prerequisites Package


Release Notes


  • Configure SovLabs Prerequisites
    • Added regex validation for vraTenantAdminUser
    • Added regex validation for vraIaasServiceAccount
    • Always show vraIaasServiceAccount and vraIaasServiceAccountPassword
    • Regex validation for serviceAccount, if useRecommendedServiceAccount != true
  • Configure vRA Connections - SovLabs Prerequisites
    • Optimized Presentation regarding vraIaasServiceAccount and vraIaasServiceAccountPassword
  • Configure Entitlement Group - SovLabs Prerequisites
    • Added regex validation for vraTenantAdminUser
  • Configure Business Group - SovLabs Prerequisites
    • Added regex validation for vraTenantAdminUser


  • Initial Release

Have more questions? Submit a request


Please sign in to leave a comment.