Deploy the VMware OVA Template
You can deploy as a virtual appliance using a VMware OVA template.
You can deploy
Privileged Access Manageras a virtual appliance using a VMware OVA template.
First, deploy the VMware OVA template then configure the virtual appliance network settings. Before you can configure the network settings, the
Privileged Access Managerlicense is required. After you upload the license, configure the network connection so that it can autoprovision (import) your virtual machine devices.
The steps to deploy the virtual appliance include:
Deploy the OVA Template
Download and deploy the Virtual Appliance OVA within a VMware ESX or ESXi environment.
Follow these steps:
- Download the Virtual Appliance OVA from the CA Support site to local environment.
- Log in to the vSphere Virtual Infrastructure Client or vSphere web client.
- SelectFile, Deploy OVA Template. In the web client, selectHome,VMs and Templates. Right-click the vCenter, and selectDeploy OVF Template.
- Browse to the location of the OVA file and select the file and select Open.The OVA template is imported. Continue with the rest of the configuration. Select Next to move through the configuration.
- In the Name and Location settings:
- Enter a new name for this appliance.
- In theInventory Location, select the data center location where you want to installPAM. SelectNext.
- For theHost/Clustersettings, specify the host or cluster location where you want to deploy the template.
- For the Storage, select where you want to store all data files that are associated with the VM.
- For the Disk Format, selectThick Provision Eager Zeroed. Thin Provisioning is not supported.
- Accept the remaining default settings.
- Review the settings. Verify that thePower on after deploymentcheck box isnotselected.If any setting is changed, failure to keep this box unchecked results in redeployment of the OVA template. Edit the settings before the first power-up cycle of the guest VM instance.
- Select Next.The OVA template is imported into the VMware host, cluster, or data center location that you previously selected.
The VMware virtual appliance deployment is complete. Go to the next section to edit the virtual machine settings.
Edit the Virtual Machine Settings
The tasks that are required to set up the virtual machine settings include:
- Add network adapters
- Modify virtual RAM and CPU settings
Add Network Adapters
The OVA template ships with one virtual network adapter out of the box. The virtual appliance supports a total of eight virtual network adapters per virtual machine.
You can add the additional virtual network adapters even if there are no immediate plans to use them. Doing so allows for expansion when redeploying a new virtual appliance.
Add the virtual network adapters
beforethe first power-on cycle of the virtual appliance.
Follow these guidelines:
- Add virtual network adapters two through eight.
- If you are deploying adapters on ESX/ESXi hosts, select the right VM network.
- Select the correct network adapter type (Host Only, Bridged, or NAT) when adding virtual network adapters.
- Optional: If the deployment only requires one virtual network adapter, set adapters two through eight so they donotconnect when the virtual appliance powers on.
- Optional: Set all virtual network adapters with static MAC addresses. You can set a static MAC address that contains the VMware OUI prefix in compliance with the following format:00:50:56:XX:YY:ZZXX is a valid hexadecimal number between 00 and 3FYY and ZZ are valid hexadecimal numbers between 00 and FF.Do not set the value for XX greater than 3F. Otherwise, the address might conflict with MAC addresses that the vSphere vCenter Server generates, or addresses that are assigned to the adapters for infrastructure traffic. See the VMware vSphere documentation for more information about VMware OUI allocation. To generate MAC addresses that meet the requirements, third-party sites are available.
Adjust Virtual RAM and CPU Settings
See the Virtual Instances section of the Installation Requirements page for guidance on configuring RAM, CPU, and storage.
Clone and Launch the Virtual Machine Instance
After the virtual appliance settings are complete, complete the following steps:
- Take a snapshot of the instance and make a full clone. This newly cloned instance serves as the new template for future deployments in your environment.Any changes to the virtual machine settings require a new full clone.
- Launch a new virtual appliance instance from the cloned VM.
- Power on the virtual machine.After the boot process is complete, the Virtual Utility Console displays in the VMware Virtual Console.
- Configure the network settings using the Virtual Utility Console.
Configure Network Settings
For initial network configuration, configure a default gateway and one or more network interfaces. These first steps enable the virtual appliance to connect to a network.
Basic Network Setting
From the Virtual Utility Console, configure the settings for the first IP address. For other interfaces, you can use the
Privileged Access Manageruser interface.
The Main Menu of the console shows which keys are used to navigate through each menu.
Follow these steps:
- From the Main Menu of the utility console, selectBasic Network Settings. The Network Setup screen appears.
- For the Default Gateway field, enter an IP address of the virtual appliance.
- Specify a name as the host name for the virtual appliance.
- Set the Domain (if applicable)
- Save your configuration. You return to the Main Menu.
Interface Network Settings
Enable the required network interfaces for the virtual appliance.
Follow these steps:
- From the Main Menu, selectInterface Network Settings.
- For each network enabled network interface, enter an IP address. At least one interface is required.
- Set the subnet mask for each enabled network interface.
- Save the configuration.
- From the Main Menu, restart Networking.
- Verify that the network configuration is valid by contacting (pinging) the configured IP address from another PC.
The remaining configuration steps can be completed from the
Privileged Access Manageruser interface or Workstation Client.