VMware Aria Automation Tools

Dears,

I've deployed VRA8 using our company server naming standards as hostname.

Howerver i'd like to allow user to acces the portal using a more friendly DNS name.

So I created a host A dns record and also add it as an alternative name in my VRA certificate.

The problem is that VRA return 404 error when access using that new record, it seems that the webserver deny the request since it doen't know that new record.

I didn't find any information about that particular case in kb/doc.

Is it supported ? if yes how can it be achieved ?

Thanks in advance for your help.

Regards,

Benjamin

This was never supported in vRA 7 so I doubt it's possible in 8.

This was supported in 7 (possibly late 7.x):
https://docs.vmware.com/en/vRealize-Automation/7.6/com.vmware.vra.install.upgrade.doc/GUID-98B69260-1505-4547-815B-1160E8759E8C.html?hWord=N4IghgNiBcIMYDswFsCmIC+Q

Never suspected it wouldn't be supported in 8.x, but found out the hard way as I was ready to switch from 7.6...

If you want to use friendly name I would recommend to use some load balancer like NSX (Record A with friendly name point to LB and LB redirect users to correct URL). vRA supports also F5 and Netscaler.

Probably you can use some open source LB like HAproxy but remember that it is not supported.

In vRA 7 record A in DNS is not sufficient because you need to point A record to long url (https://<vra>/vcac/org/<tenant>

I don't know how vRA 8 works but I suppose that there is the same problem.

Ok, I've read once again what you did and I've checked that in vRA8 url is just simple hostname.

Check this:

1) You have record A and PTR that correspond with you hostname for example vra.your.domain

2) Create CNAME (not record A) with friendly name for example: cloud.you.domain and point to record A vra.your.domain

Of course friendly name should be included in SAN (Subject Alternative Name).

Check and give me a feedback :smileyhappy: I am curious.

Hello,

I also did some test using a cname but its gives the same error "404".

I guess its should work using any kind of load balancer but it will be a little over kill in my business case since its a small deployment with only one server.

Hi Benjamin

Sadly they havent thought of that. So it is currently not possible, unless you deploy it HA, because there you need a load balancer.

It worked in vRA 7 like a charm and was also our best practice if you went with a single deployment, so you could scale out afterwards to an HA deployment.

Please create a feature request to help to raise the awareness on the VMware side.

Cheers Philippe

TBH they have thought of that, but let's say there are some technical challenges to it ...

Using LB is the option at the moment.

We are doing this for a vRA 7.6 environment using IIS.

You will need to dedicate an IP address for this, the create a DNS host record for your friendly name,

vra.org.com etc...

Bind the IP for your friendly name to the IIS server, then create an HTTP redirect, and paste the URL for your vRA site in there.

When you go to vra.org.com in our 7.6 case, it redirects to https://vraserver/vcac/org/tenant/#csp.catalog.selfservice.cilist

no certificate errors no san required.

As others have suggest above, a load balancer / application delivery controller like F5 Netscaler or NSX will do this for you, provided one is available.

I was unpleasantly surprised to find out that still seems not possible to have friendly-name.domain.org.
Not even with a clustered environment behind a loadbalancer if the real VIP dns name is not that friendly name.

So, I have vRA 8.3 now: 1 lcm, 3 idm's and 3vra's, all with they company ugly-dns-names. Also I have 1 NSX-T VIP for idm and 1 for vra. Both those NSX-T VIPs also required such ugly-dns-names.

To make this user friendly, I tried to add either cname of A-records with friendly names that point to the vra VIP, but that still returns the 404 error.

 is vmware still chalenged by this?

 did you find a solution?

We had a CNAME in DNS for 7.6 and it worked fine. Have not been able to get a CNAME to work for 8.8. VMware Support said we needed a 3 node deployment with a load balancer. We have a single node with no tenants and that's all we need right now. Looking at the pods it looks like the landing-ui-app pod is not being forwarded requests when the hostname is the CNAME. Tried messing with hosts files on the appliance and adding our CNAME to the template for the pod so it gets the additional server name in the nginx config as well as Kubernetes coreDNS but nothing worked. I'm sure it is possible, just need to figure out how Kubernetes is forwarding requests to the pods.

Use an iFrame  But really without a load balancer or forwarding page, you are stuck here for now.