New Poem – Isolation

I had one of those Holy Spirit moments like Steve you need to write this. During my parents struggle, they go days and weeks feeling isolated. God prompted me to write this poem May God grant you peace in the storm.

Poem : Isolation

Scripture : Ezekiel 3:26


Our entire being is made to worship

We thrive when being around other believers

Our soul jumps for joy when worshipping

Our spirits are filled with hope, love and joy

There are moments in life where we need separation

There are moments in life between you and God

The isolation brings peace in the middle of the storm

The isolation brings clarity to the moment

Clarification God uses to remind you of his love

There is an eternal view we are reminded of

it’s not easy to face

it’s not easy to comprehend

There are some challenges in life that bring isolation

The enemy tries to have us doubt

There could be physical and/or emotional pain involved

It’s hard to be like this, but it happens

God is there through all of it

Isolation is a tough feeling to overcome

I’m not sure there is a right answer to deal with it

Past moments in life crop up providing perspective

All I can muster to suggest, hang onto these moments

God will help you through the storm

Each situation is different

Each challenge will test your will

May you lean on God more than ever in these moments

Remember his word, draw strength from it


Story Behind the Poem

I chose Ezekiel 3:26 for the theme verse. Per the story, Ezekiel was “made silent” for 7 years. He couldn’t speak and was trapped at home. Its an interesting perspective. In my own life, in unsettled times, I draw on stories from the bible I can relate to my own situation. Regarding isolation, imagine what Ezekiel felt when God did this.

A friend and spouse were going through a challenging time dealing with cancer. They were separated due to the situation and dealing with treatment and other things. This story also reminds me of my parents and when my dad was dealing with cancer. There were times they would go weeks being at home not being around others, due to the lowered immune system.

This can being create an isolated feeling. A boring routine with quiet time that gives a person time to reflect, which I can only guess is not a peaceful time, rather feelings of “why”, “how come” and “I don’t want to deal with this”. God has gifted me to write my feelings in such a way I can hopefully share with others, they can use poems like this when they are feeling down or isolated to bring some hope and perspective in their lives.

Change Docker default network to persist reboots and vRealize Automation 7.2


Containers are coming to a company near you! Containers are all the rage.  They are one of the hottest technologies in IT.  In all seriousness, all technologies have to mature, fit a business need.  Docker is a leading company in this space.

Within vRealize Automation 7.2, there is a container option.  Here are docs about containers and vRealize Automation 7.2.   As a vRA admin, I want to understand all features.  To help achieve my goal, I wanted to setup a catalog item similar to these articles.

Mark’s article was very helpful.   His article uses a DHCP scope (which is ok) and default networking in Photon assumes DHCP.  My article uses a vRO workflow, script on the template to set networking based on ip settings handled by vRA.

My article is related to vRealize Orchestrator, but the concept is the same.  Maybe I’ll blog my Photon example later although it’s similar to Mark’s article.   Here are my Photon workflows and I used on Photon vRA example

Regardless of how you setup your template, one of the features of Docker has it’s own internal networking.  The default is  (more info here). For some enterprises, this can conflict with existing non-routed internet address ranges ( 10.x, 172.x, and 192.168.x).

I ran into this and needed to adjust my default docker network.   My docker network wouldn’t persist reboots.  I initially found out how to change default docker network, but it wouldn’t persist a reboot.  (Links are listed below)

I wanted to setup my Photon template, used by vRA, with a persistent docker network that wouldn’t revert back to 172.17.x.x after reboots.  Follow Marks or my article to setup a Photon template, catalog items in vRA, then adjust your Photon template using instructions below.

After working with VMware and some experimentation.  This worked for me.

Photon OS use systemd-networkd to manage the network. Here is the external documentation on how to setup a bridge with systemd-networkd:

Following steps:

# cd /etc/systemd/network
# vi 10-static-docker0.netdev


# vi


# chmod 755 10-static-docker0*
# systemctl restart systemd-networkd.service
# systemctl restart docker

Modify whatever you want, I left as that will work in my network.

Here are other links that helped along the journey.

There is a few ideas.

Showed how to adjust the docker networking, didn’t persist reboots though

Known issue, I applied this hotfix to vRA


Steve Schofield

vRO workflows

<< back to main article

Download vRO package

Download on Github

There are two workflows, one action you’ll import into vRO.  The workflows are used by the Event Broker in vRA to setup networking on .  The workflows are available to download.

Go to the landing page on vRA


Download vRealize Orchestrator client

Type in user id and password

default is vcoadmin / vcoadmin

You’ll need Java


Import package

Here is an article by Jonathan Medd to import a packages into vRO


Adjust the root password on the Template-vRO template.

The setting is on vRO Run in Guest workflow


Back to vRA to setup Event Broker


Steve Schofield

Setup Template-vRO catalog item

<< back to main article

Here are steps to publish in the vRO template as a catalog item.    if you want more information on setting up Catalog items, Entitlements, check out Eric Shanks vRealize Automation guide.

Create a Service called vRO-App


Go to Catalog items,

Select Template-vRO blueprint


Add catalog item to the vRO-App Service


Entitlement the item to vRO-App service.   For this example, I entitled just the configuration administrators (configurationadmin by default).  If you have this attached to a LDAP source, you could provision based on LDAP group membership.


The Template-vRO72 catalog item will show up after entitled.



Steve Schofield

vRO setup Event Broker

<< back to main article

vRA introduced the Event Broker feature.   We’ll setup a subscription to fire to run the vRO-Assign-Network workflow.

Click New


Select Machine.Provisioning option


Add the following conditions or adjust to fix your environment


Select vRO-Assign-Network workflow


Click Finish


Don’t forget to Publish to make the subscription live.


Steve Schofield




Add Key-State-Changes Property group, add to blueprint

<< back to main article

vRO needs the payload properties bucket, which contains all information about the request, including network information.   There are custom properties added to blueprints to expose this information.

The attacked example are the list of properties I use on blueprints.  I encourage you to investigate each item to understand which data is made available.

Go to Administration > Property Groups


Add to the property group




Edit your blueprint

Add on custom properties page, Property Groups

We will cover in another article how to expose the properties and use meta data,.



Steve Schofield

Add Blueprint, network for Template-vRO7

<< back to main article

Sign-into vRA as account with permissions to create / publish blueprints, add items to catalog.

Click Design

New Blueprint

I adjusted “1 to 60 days” option


Drag vSphere Machine on canvas


Select Build Information,

Change to Linked Clone in Action field


Select the “….”


A popup window will appear

Select Template-vRO7


Select Network and Security


Drag existing network to canvas


Select network profile

In our example, it’s internal network


Select Network on Blueprint

Follow steps in picture


Close Blueprint

Make sure Publish



Steve Schofield

Add Script to Template-vRO7 VM

<< back to main article

After the vRO OVF  is deployed and running.  Open the VM in VMRC (VMware Remote Console), login.  I add a bash shell script to the template vRO will execute to adjust network settings passed by vRA.  Once the script is added, permissions are adjusted, take a snapshot

Open VMRC, login as root


In VI, craate a file named placed on the root folder.   The file can be located in any folder, we just chose the root folder.


Type settings listed in the image, or copy and paste from listed below


Type command to give vRO the ability to execute the script

Chmod 755 /

Notice perms after adjusting



  • Shutdown VM
  • Take a single snapshot



Code from step 3

mv /etc/HOSTNAME /etc/HOME.original
echo $1 >> /etc/HOSTNAME
mv /etc/sysconfig/networking/devices/ifcfg-eth0 /etc/sysconfig/networking/devices/ifcfg-eth0.original
echo “DEVICE=eth0” >> /etc/sysconfig/networking/devices/ifcfg-eth0
echo “BOOTPROTO=’static'” >> /etc/sysconfig/networking/devices/ifcfg-eth0
echo “STARTMODE=’auto'” >> /etc/sysconfig/networking/devices/ifcfg-eth0
echo “TYPE=Ethernet” >> /etc/sysconfig/networking/devices/ifcfg-eth0
echo “USERCONTROL=’no'” >> /etc/sysconfig/networking/devices/ifcfg-eth0
echo “IPADDR=’$2′” >> /etc/sysconfig/networking/devices/ifcfg-eth0
echo “NETMASK=’$3′” >> /etc/sysconfig/networking/devices/ifcfg-eth0
mv /etc/sysconfig/network/routes /etc/sysconfig/network/routes.original
echo “default $4 – -” >> /etc/sysconfig/network/routes
mv /etc/resolve.conf /etc/resolve.conf.original
echo “nameserver $5” >> /etc/resolve.conf
echo “nameserver $6” >> /etc/resolve.conf
echo “domain $7” >> /etc/resolve.conf
echo “search $7” >> /etc/resolve.conf
service network restart


Steve Schofield

Make sure Data Collection is working within vRA

<< back to main article

This is a short step.  There are a few assumptions

  • A connection to vCenter where Template-VRO7 is deployed
  • The vRA / vRO has connectivity and permissions to same vCenter where the Template was deployed
  • Reservations, Business groups and other items are setup
  • The Template-vRO7 vm deployed with a single snapshot (for linked clones)

Sign into vRA with administration permissions, kick off a data collection


Look for a successful data collection, this will pull in the Template-VRO7 the blueprint will use.



Steve Schofield

Import vRO appliance

<< back to main article

To import vRO OVF, I connected directly to a host running 6.5, which is deployed in a cluster attached to a 6.5 vCenter.  I ran into an SSL cert issue when trying to import through vCenter (HTML or Web client)

As a workaround, I imported directly to a VMHost running 6.5, browse to https://vmhostname/, login as root.  You’ll able to use the host client, which is HTML 5 based.

Go to Virtual Machines, right click and select Create / Register VM.  


Select Deploy a virtual machine from an OVF or OVA file, browse where the OVF file is located


Name Template-vRO7


Select which Datastore where the OVF will be deployed.


Accept License agreement (of course there is an EULA)


Select Network (vlan 16 in our example) and Disk Provisioning (Thin)


Additional settings.  The values in the image are settings I used, when the VM is being provisioned by vRA, there is a vRO workflow that executes a script on the host to adjust settings passed from vRA. The step executing the script is covered in another article


Review Settings and deploy the OVF


Power on the VM, there are adjustments to the machine.


Step 1 complete


Steve Schofield