VMware Access Point Deployment Utility

Note: This Fling is deprecated, so the download is no longer available, and it will not be updated. Also, feedback is no longer monitored.

This utility is a wrapper for the VMware OVF Tool for deploying the VMware Access Point Appliance. It allows you to input settings in a GUI;  the utility will create and execute the properly formatted OVF Tool input string for you. It also allows settings to be saved to an XML file and later imported to reduce how much data needs to be manually entered. The utility will take a standard PEM formatted certificate chain and private key and convert them to the proper format for JSON. View settings can also be set at time of deployment with this utility.

Screen Shot 2015-12-15 at 3.56.24 PM
Note: This Fling is deprecated, so the download is no longer available, and it will not be updated. Also, feedback is no longer monitored.
  • Microsoft .NET Framework 4.5
  • VMware OVF Tool 4.1
Note: This Fling is deprecated, so the download is no longer available, and it will not be updated. Also, feedback is no longer monitored.

When you first start the application it reads the registry to see if the VMware OVF tool is installed, and it reads where the tool is currently installed. If no tool is detected, you will see a message indicating that you will need to install the OVF Tool to continue. Once the OVF Tool is installed, you can start inputting the information required to deploy the Access Point Appliance. Note, some of the settings are case sensitive--these items are called out below.

General Configuration

Virtual Center: This is the FQDN or IP address of the Virtual Center you want to deploy the appliance into.
Example: 192.168.1.12
This setting is case sensitive.

VC Username: User that has access to deploy a Virtual Appliance in the Virtual Center you are targeting for deployment. This should be in the format user@domain.com.
Example: chris@halstead.net or administrator@vsphere.local

VC Password: The password for the user specified in the previous step.

ESX Host: The FQDN or IP of the ESX host where the appliance will be deployed. It must reside in the Virtual Center you specified earlier.
Example: esxhost.company.com or 192.168.1.11
This setting is case sensitive.

Datastore: The datastore as defined in Virtual Center/vSphere that you want to place the appliance on.
Example: VMFS_1

Folder: The folder you want to place the appliance in. This is optional and can be left blank or set to “/”.
Example: External
This setting is case sensitive.

Appliance Name: The name of the Access Point appliance once it is deployed.
Example: AP_PROD

VC Datacenter: The name of the Virtual Center Datacenter you want to deploy this appliance to. Remember, you must have IP Pools defined for this datacenter with the network(s) you plan to use.
Example: Home
This setting is case sensitive.

Cluster Name: The name of the cluster in which the ESX host you are deploying to resides. If you are using clusters in your environment you must enter the cluster name. This is an optional field, and if not using a cluster it must be left blank. If you are using clusters in your environment it is a required field.
Example: Prod Cluster
This setting is case sensitive.

#NICs: How many NICs are defined for the virtual appliance. If one, external, management and back-end traffic flows over the one NIC. If two NICs are configured, external has a dedicated NIC and management and back-end traffic travel over the second NIC. If three NICs are defined, external traffic, management traffic and back-end traffic each have their own NIC.
Example: onenic

Use a Management IP?: This option is automatically selected if using two or three NICs.

Use a Back-End IP?: This option is automatically selected when using three s.

Configure View Settings During Deployment: Checking this box will enable the panel containing View Settings which will be passed into the appliance API via JSON and set during deployment.

Configure Certificates During Deployment: Checking this box will enable the panel containing certificate settings which will be passed into the appliance API via JSON and set during deployment.

External IP: IP address of the Virtual Appliance.
Example: 192.168.1.50

External Network: The network label as defined in Virtual Center/vSphere for the port group you want to assign to the external interface. If using just one NIC, this will be used by management and back-end traffic as well.

DNS IP: Single DNS Server*
Example: 192.168.1.199

*Note: Access Point is currently not properly accepting multiple DNS entries (even when deployed via vCenter). In SUSE, multiple DNS entries should be placed on separate “nameserver” lines and they are being placed on a single line. This is a known issue and at this time you must use a single DNS IP Address. This will be fixed in a future release of Access Point.

Management IP: IP address that will be bound to the management network if using two or three NICs.
Example: 192.168.1.51

Management Network: The network label as defined in Virtual Center/vSphere for the port group you want to assign to the management interface. If using two NICs, this will be used by management and back-end traffic.

Back-End IP: The address that will be bound to the back-end network if using three NICs.
Example: 192.168.1.52

Back-End Network: The network label as defined in Virtual Center/vSphere for the port group you want to assign to the back-end interface.

Root Password: Password used when connecting via console to the Access Point appliance. This must be a valid linux password.
Example: VMware1

Admin Password: Password used to connect to the REST API. This password must be 8 characters long and contain at least one each of the following: upper case letter, lower case letter, number and special character, e.g.: ! @ # $ % * ( )
Example: VMware1!

Path to OVA: This is the path to the OVA for VMware Access Point. You can type in the path or click the … button and browse to the file. Example:\\192.168.1.17\software\Deploy Access Point GUI\euc-access-point-2.0.0.0-2939373_OVF10.ova

Optional Certificate Configuration

The certificates for Access Point are set via the API using JSON. The certificate data must be formatted as a single line string with embedded newline characters. This can be a bit of a pain to do, so this application will format the certificates for you. You just need to have a properly formatted PEM private key and certificate chain. You copy them into the appropriate text boxes, and choose “Format Private Key” and “Format Certificates”. The certificates will be automatically formatted for deployment via JSON.

Private Key Format

—–BEGIN RSA PRIVATE KEY—–
Private Key Data
—–END RSA PRIVATE KEY—–

Certificate Chain Format

—–BEGIN CERTIFICATE—–
Target Certificate Data
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
Intermediate Certificate Data
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
Root Certificate Data
—–END CERTIFICATE—–

Optional View Configuration

The primary use case for the Access Point appliance is to access View desktops and applications. You can set all of the View configurations at deployment by selecting the “Configure View Settings During Deployment” checkbox and entering the proper information.

Destination URL: URL of a View connection server, or the address of a load balancer in front of View Connection servers. This URL must contain the protocol, FQDN or IP and port.
Example: https://192.168.1.30:443

View Thumbprints: Specifies a list of View Connection Server thumbprints. If you do not provide a comma separated list of thumbprints, the server certificates must be issued by a trusted CA. The format includes the algorithm (sha1 or md5) and the hexadecimal thumbprint digits. To find these properties, browse to the View Connection Server, click the lock icon in the address bar, and view the certificate details.
Note: The appliance will accept both the space delimited format from Chrome or the colon separated format from Firefox.
Examples: sha1=b6 77 dc 9c 19 94 2e f1 78 f0 ad 4b ec 85 d1 7a f8 8b dc 34 or
sha1=53:0A:BB:34:56:B1:4A:8A:9E:E6:A3:07:92:D7:1F:21:81:63:88:E6
Note: sha1 or md5 MUST be lower case.

Tunnel Enabled Checkbox: Specifies whether the View secure channel is enabled.

Access Point URL: The external URL to be used by clients to connect to the Access Point appliance to tunnel secure connections.
Example: view.chrisdhalstead.com:443
Note: Do NOT start this URL with https://

Enable PCOIP Checkbox: Specifies if the PCOIP Secure gateway is enabled.

PCOIP URL: The external IP of the Access Point appliance which will be used as the PCOIP secure gateway. This should ONLY be an IP address and the port for PCOIP.
Example: 68.134.246.117:4172

Blast Enabled Checkbox: Specifies if the Blast Secure gateway is enabled.

Blast URL: Specifies an external URL of the Access Point appliance, which allows end users to make secure connections through the Blast Secure Gateway.
Example: view.chrisdhalstead.com:8443
Note: Do NOT start this URL with https://

Deployment of an Access Point Appliance:

Back up Settings

Now that all of the appropriate settings for deploying an Access Point appliance are in place, this is a good time to export out the settings that you have entered. Click the “Export Current Settings” button at the bottom left of the form and select a location to save the settings to. This will create an XML document with the values you had entered (with the exception of passwords) so they can easily be imported at a later date when deploying additional appliances.

Prior to deploying the appliance, or for troubleshooting, the generated input string can be shown and copied out at any time by clicking the “Show OVF Tool String” button on the bottom right of the form.

Click the “Deploy Access Point Appliance” button when you are ready to deploy. There is a lot of validation that happens before the appliance is actually deployed. If any fields are not correctly formatted or missing you may receive a message indicating which fields are missing for formatted incorrectly. You can monitor the deployment from the dialog box which shows the live OVF Tool log.

More detailed information on the utility can be found here:
http://chrisdhalstead.net/2015/11/20/vmware-access-point-deployment-utility/

Note: This Fling is deprecated, so the download is no longer available, and it will not be updated. Also, feedback is no longer monitored.
No changes yet.
New comments are disabled.
Note: This Fling is deprecated, so the download is no longer available, and it will not be updated. Also, feedback is no longer monitored.
New bug reports are disabled.
Note: This Fling is deprecated, so the download is no longer available, and it will not be updated. Also, feedback is no longer monitored.