Archive for vRA

VMware vRealize Automation 6.2.2 Configuration and Management Part 3

October 16, 2015 Part 3, vRA Small Deployment v6.2.3 2 comments

vRARobot2

Configuration and Management

So in Part 2 I set up the following

  • 1 x Windows 2012 SQL Server
  • 1 x VMware vRA 6.2.2 appliance
  • 1 x Windows 2012 Datacenter IaaS Sever
  • 1 x vCenter 5.5 server providing SSO capabilities to vRA
  • Make sure the IaaS server is patched.

Configuration Start

Setting up User accounts and tenants

  • Log into vRA by opening a web browser and typing in https://vcac-appliance-name.domain.name/shell-ui-app (The default tenant)
  • Log in using the administrator@vsphere.local SSO account
  • You should now see the following page showing the default tenant vsphere.local. Ignore the second tenant for now. It is one I set up to work with vR Business.

vRAConfig1

vRA can be a Single Tenant or Multi-Tenant application. A tenant is an organizational unit in a vRA deployment. A tenant can represent a business unit in an enterprise or a company that subscribes to cloud services from a service provider. Each tenant has it’s own dedicated configuration although some system-level config is shared across tenants.

The system administrator – administrator@vsphere.local can create additional tenants.

Each tenant has a unique URL to the vRA console where the default is

  • https://vcac-appliance-name.domain.name/shell-ui-app

while mutli-tenant resources will be given a URL such as

  • https://vra-appliance-domain-name/shell-ui-app/org/tenant-name.

The default tenant is the only tenant that supports native Active Directory authentication; all other tenants must use Active Directory over LDAP or OpenLDAP

Tenant Services

  • Non Tenanted

Non tenanted items are visible and consumable by all tenants

  • Endpoints
  • Compute Resources
  • Reservations
  • Managed machines
  • Networking
  • Machine Prefixes
  • Build profiles
  • Data Dictionary
  • Tenanted

Tenants requiring exclusive access to their own build profiles, machine prefixes and non tenanted objects may require their own vRA instance

  • Catalog
  • Approvals
  • Entitlements
  • Tenant identity store
  • Branding
  • Advanced Service Designer

In a single tenant configuration, everything is handled at the default instance. This includes system wide configurations. Tenant administrators can manage users and groups, configure tenant-specific branding, notifications, business policies, and catalog offerings. The system administrator account is always administrator@vsphere.local, while the tenant administrator must be a user in one of the tenant identity stores, such as username@mycompany.com

In a multi-tenant environment, the system administrator creates new tenants for each organization that uses the same vRA instance. Tenant users log in to the vRA console at a URL specific to their tenant. There are 2 different deployments which we will not go into further

  • Default tenant-managed multitenancy
  • Individual tenant-managed multitenancy

Configuring the default tenant

  • Highlight vSphere.local and click edit
  • Click Identity Store and click Edit

vRAConfig20

  • Test Connection and click Update
  • Add your tenant admin account and infrastructure admin account. Note I have created AD accounts which are distinguishable as these vRA accounts.

vRAConfig8

  • Click Update
  • Your default tenant is complete

Adding a second tenant

  • Click Add tenant and you will see this screen
  • As an example I am creating a developer tenant

vRAConfig2

  • Click Submit and Next
  • Click Add identity store

vRAConfig3

  • Fill in the details – example below
  • Click Test Connection

vRAConfig4

  • Click Add
  • Click Submit and Next

vRAConfig5

  • Type in the username for your Tenant Adminstrators and Infrastructure Administrators
  • Click Update
  • You will now see your Developer tenant

vRAConfig6

vRA Roles recap

  • System-wide roles

vRAConfig9a

  • Tenant Roles

vRAConfig10

  • Business Group Roles

vRAConfig11

Licensing

Before doing anything make sure you have licensed you vRA

  • Log in as your Infrastructure account
  • Go to Infrastructure > Administration > Licensing
  • Add your license and click OK

vRAConfig16

Creating an endpoint credential prior to creating an endpoint

  • Log into your vRA console using the IAAS Admin account and click on the Infrastructure tab

vRAConfig12

  • Click on Endpoints then click on Credentials > New Credentials

vRAConfig13

  • I put in my domain admin account details and clicked the green tick

vRAConfig14

Endpoints

Endpoints are the infrastructure points which are consumed by vRA. IAAS Administrators can manage endpoints and vRA uses DEMs (Distributed execution managers) or agents to communicate with these endpoints.

Endpoints can be

  • vCenter
  • Open Stack
  • vCo
  • vApp vCloud Director
  • vCloud Hybrid Service
  • SCVMM
  • Amazon EC2
  • RHELV
  • Physical machines
  • Communication with storage devices which use Netapp FlexClone technology

Endpoints

  • Next click on Endpoints > New endpoint > Virtual > vSphere (vCenter)

vRAConfig17

  • Put in a name. E.g. vCenter
  • Put in a description
  • Put in the address as https://your-vCenter-Server/sdk
  • Select the credentials
  • Click OK

vRAConfig18

  • You should now see your endpoint
  • Note: Different endpoints need the credentials being put in the correct format (user@domain or domain\user) Check the vendor documentation
  • Note: Additional configuration is necessary when configuring an endpoint for vSphere which is supported by an underlying network platform such as vCloud networking or VMware NSX

vRAConfig19

  • At this point I recommend restarting the vCloud Automation Center Agent service on the IaaS server or restarting the IaaS server altogether especially if in the next step, you find you can’t see your cluster resource like I couldn’t to start with!!

Fabric Groups

The fabric contains all the compute resources which are discovered by the end point which is then organized into fabric groups for provisioning

Fabric groups are created in a tenant but their resources are available to all userswho belong in business groups in all tenants. Large enterprises might create fabric groups to reflect physical locations and smaller enterprises might just have one fabric group

  • Navigate to Infrastructure > Group > Fabric Groups. Click on New Fabric Group on the right hand side. The IAAS Admin creates fabric groups and assigns a fabric admin

vRAConfig21

  • Enter your Fabric details and choose a compute resource
  • If you gave fabric admin to the same user you are logged in as then you need to log out and in again

vRAConfig22

  • I then go to Infrastructure > Compute Resources > Computer Resources and hover over my compute resource and select Data Collection

vRA323

  • Check the status of the Compute Resource Data Collections

vRA324

  • It’s also worth checking Infrastructure > Monitoring > Log as you can see below I had some IIS issues which I had to sort and DEO and DEM issues

vRA325

Machine Prefixes

Machine prefixes are used to create names for machines provisioned through vCloud Automation Center. Tenant administrators and business group managers select these machine prefixes and assign them to provisioned machines through blueprints and business group defaults

Fabric Admins create machine prefixes and these prefixes are shared across all tenants. Every blueprint must have a machine prefix or use a default machine prefix

  • Go to Infrastructure > Blueprints > Machine Prefixes.

vRAConfig25

  • Click on New Machine Prefix on the right hand side

vRAConfig26

  • Machine prefixes must conform with DNS with no special characters and Windows OS’s must not exceed 15 characters

Business Groups

A business group links a set of resources or services to a set of users in a department or OU and is created by the tenant admin. In order to request machines a user must be a member of a business group

  • Go to Infrastructure > Groups > Business Groups, fill in the required detail

vRAConfig27

  • Click New Business Group

vRAConfig28

  • The Business Group manager can see all the machines which have been built and manage the groups’s blueprints
  • Multiple entries must be separated with commas. For example, JoeAdmin@mycompany.com,WeiMgr@mycompany.com.
  • Support users can work for another user
  • Normal users will just be able to see blueprints in the catalog

Reservations

A reservation is a share of the CPU, Memory, storage and networking resources from a fabric group and reserved for use by a business group. No relation to vSphere relations

  • Each reservation is for one business group
  • Business groups can have multiple reservations on a single compute resource
  • Each business group can have multiple reservations on compute resources of a different type
  • Reservations may also define priorities, policies an quotas that determine machine placement

Types

  • Virtual – Allocates resources on compute resource for use by the business group
  • Physical – Set of physical machines reserved for use by a business group
  • Cloud – Provides access to the provisioning services of a cloud services account

Reservation Policies

  • A reservation can only belong to one policy
  • You can add multiple reservations to a reservation policy
  • You can assign a reservation policy to more than one blueprint
  • A blueprint can have only one reservation policy
  • Can be used for tiering

Creating a reservation

  • Go to Infrastructure > Reservations > Reservations

vRAConfig29

  • Click New Reservation > Virtual > vSphere (vCenter)
  • Select the Compute Resource and select the value you set up previously. Some values will automatically populate

vRAConfig30

  • Click the Resources tab
  • Fill in your memory reservation
  • Select the datastore(s) you want to use and the reseravtion of storage you want to use. Don’t forget to tick the green button

vRAConfig31

  • Click on Network

vRAConfig32

  • Choose your networks
  • If you choose a network profile, it can allow machines to be assigned specific addresses. The profiles must be configured with IP addresses which can be used
  • Click the Alerts tab

vRAConfig33

  • Alerts are optional and you can put in recipients and schedule how often you want reminders to be sent out

Creating Reservation Policies

  • Go to Infrastructure > Reservations > Reservation Policies

vRAConfig34

  • Click New Reservation Policy
  • Fill in the details. For example you could set up policies for High end compute, mid range compute and low end compute etc

vRAConfig35

A quick look at network profiles

  • Go to Infrastructure > Reservations > Network Profiles
  • Select New network profile

vRAConfig36

  • Fill in your details as appropriate

vRAConfig37

A quick overview of DEMs and Agents

DEMs are used for provisioning and managing machines on

  • VMware vCloud Director and VMware Hybrid Service
  • RHELv Manager
  • Microsoft System Center Virtual Machine Manager
  • Amazon Web Services
  • Physical server management interfaces (Dell/Cisco/IBM)

Agents are used for provisioning and managing machines and services on

  • Hypervisor proxy agents (vSphere, Citrix, Xen and Hyper-V)
  • External provisioning infrastructure
  • Virtual desktop infrastructures
  • WMI (Windows management instrumentation)

DEMS

Can be installed as orchestrator or worker DEMs

DEM Orchestrator

  • Monitors and manages the DEM worker status so if a worker fails the orchestrator DEM moves the workflow to another DEM worker instance
  • Schedules workflows
  • Ensures only one instance of a scheduled workflow is running at any one time
  • Generates workflow history for reporting
  • One DEM orchestrator is always the active one. It is recommended to install an additional orchestrator instance on another machine for redundancy

DEM Workers

  • DEM workers communicate with the external systems to execute workflows
  • Dem workers must be able to communicate with external firewalls
  • The minimum installation installs the required DEMs and default vSphere Proxy agent. Additional proxy agents such as Hyper V and Xen server can be installed post installation.

Checking the DEM status

  • Go to Infrastructure > Monitoring > Distributed Execution Status

vRAConfig23

Agents

vRA uses agents to integrate with the following external systems. Endpoints must be configured before the agents are started and the endpoint and agent name has to match.

Agents are installed under Program Files (x86) > VMware > vCAC > Agents > agentname with the config being stored in VRMAgent.exe.config in the same folder

Hypervisor proxy agents

  • vCenter
  • Citrix Xenserver
  • Hyper-V

Integration agents

  • External provisioning agents (Integration with Citrix Provisioning server)
  • VDI (Used to register provisioned machines with a VDI Connection Broker)
  • WMI

Setup an additional vSphere Agent (for more than 1 vCenter instance)

  • Right click on setup_vcac-va-hostname.domain.name@5480.exe and “Run as Administrator”. We have the same installer screen as before
  • Accept the EULA and click next
  • Log into your appliance with the root credentials
  • Now we want to choose Custom Install. Click on Proxy Agents. Click Next
  • Enter the username and password you plan on using as your service account to run this service.
  • Configure the agent details
  • Select vSphere from the Agent Type Drop Down
  • Type in an agent name. All agent names must be unique and there cannot be two alike.
  • Type the FQDN of the server with the Manager Service (this was a complete install done on the iaas box)
  • Type the FQDN of the server with the Manager Web Service (this was a complete install done on the iaas box)
  • Type in the complete Endpoint address as well as port.
  • Click Finish.

Thank you for following Part 3 of the vRA series. The next series will be Part 4 which will cover Blueprints and Catalog Services.

 

Installing VMware vRealize Automation 6.2.2 Part 2

September 28, 2015 Part 2, vRA Small Deployment v6.2.3 No comments

vRARobot

Installing VMware vRA 6.2.2

vRA is software which provides a secure portal for authorised architects, business managers and users to request IT services through a commons service catalog. Tasks vRA can perform are

  • Provisioning of machines
  • Reclamation of machines
  • Services such as adding AD users
  • Storage as a Service

vRealize Automation Support Matrix

https://www.vmware.com/pdf/vrealize-automation-62-support-matrix.pdf

VMware vRealize Automation 6.2 Documentation Center

http://pubs.vmware.com/vra-62/index.jsp

vRA Components

  • VMware Identity Appliance – Preconfigured virtual appliance. You can alternatively use some versions of SSO provided with vSphere
  • VMware vRealize Appliance – Preconfigured virtual appliance that deploys the vRealize server
  • vRealize Automation Infrastructure as a Service – Enables the rapid modelling and provisioning of servers and desktops across virtual, physical, private, public and hybrid clouds
  • SQL server Database
  • IIS Server for IAAS

vRealize Automation Infrastructure as a Service has several components you can install in a custom configuration

  • IAAS website
  • Model Manager
  • vCloud Automation Center Manager Service
  • IAAS Database
  • Distributed Execution Managers
  • vRealize Automation Agents

Types of deployment

Click the links below for further information

Let’s get started

Installing the VMware vRealize Appliance

  • Download the .ova installer from the VMware site and I saved this to my vCenter server

vRA1

  • In vCenter click File > Deploy OVF template

vRA2

  • Select your ovf file which you downloaded

vRA3

  • Click Next and you should see the following information populate

vRA4

  • Click Next and accept the license agreement

vRA5

  • Put in a name and an inventory location

vRA6

  • Choose a storage location

vRA7

  • Choose a disk layout

vRA8

  • You will now need to add in a root password to access the device, enable SSH, set a hostname, set a gateway, DNS and IP address/subnet mask

vRA9

  • Check all the details. Note this is my lab environment

vRA10

  • Click Finish and you can now see the appliance deploying

vRA11

  • Once the appliance has finished installing open a web browser and navigate to

https://appliance-hostname.domain.name:5480/

  • Login with username ‘root’ and the password that was configured during deployment.

vRA31

  • Go to System > Time Zone and select the correct timezone

vRA33

  • Go to vRA Settings and make sure your hostname is correct and add certificate details. Note my details below are just for a self signed certificate. Type a common name for the certificate in the Common Name text box. You can use the fully qualified domain name of the virtual appliance.

vRA32

  • Go to Admin > Time settings and make sure the time is correct
  • You can use the host time if it is correct or you can use your own time server or an external time server such as 0.uk.pool,ntp.org etc
  • Time is very important in these installations and must be exact.

vRA34

  • Go to vRA Settings > SSO and configure SSO.
  • Note I am using my vCenter server as it is version 5.5 and already has SSO setup

vRA35

  • Enter your license key and you should be good to go.

vRA36

  • You can check all the services are running by logging into the appliance

vRA319

  • You can also use the below link to check. Replace the server name with your vRA appliance. You should see an xml file where you can check the status of services

https://techlabvra001.techlab.local/component-registry/services/status/current

vRA320

  • If you need to check any logs go to the catalina.out log file, located at /var/log/vmware/vcac/
  • Confirm that you can log into vCloud Automation Center console by going to https://vRA-Appliance-name.domain.name/shell-ui-app .in my case https://dacvvra001.dacmt.local/shell-ui-app. After accepting 2 SSL certs if you use self-signed certificates you will see this screen

vRA37

  • Log in using the vRA SSO username ‘administrator@vsphere.local‘ and the password that was configured to verify we can log in. if successful, we will see the vCAC home page

vRA38

Installing the IAAS Server and DB considerations

It is really important to pay attention to the pre-requisites for this part and note I am using a separate SQL DB server and a separate IAAS server

I use a script to do all the hard work/steps found below but I do double check things afterwards. Click RAW and copy into a notepad file and rename to whatever.ps1

https://github.com/vtagion/Scripts/blob/master/vRA%206.2%20PreReq%20Automation%20Script.ps1

vRA321

DB considerations

  • TCP/IP protocol enabled for SQL Server

vRA12

  • Microsoft Distributed Transaction Coordinator Service (MS DTC) enabled on all SQL nodes in the system. MS DTC is required to support database transactions and actions such as workflow creation. Start > Run > dcomcnfg
  • If you have a clustered SQL box you will see a clustered dtc – modify this the same way.

vRA13

  • No firewalls between Database Server and the Web server or IaaS Server, or ports opened as described in Port Requirements
  • If using SQL Server Express, the SQL Server Browser service must be running
  • For 6.0.x installations, the database name cannot contain a space. For 6.1 and later installations, the use of spaces in names is supported

IaaS Considerations

  • Create a service account with Local Admin rights on all IaaS components and Log on as a Service and Log on as a Batch job on all IaaS components.
  • Make sure the service account has a non expiring password or changing it can be time consuming throughout the whole vRA infrastructure.
  • Microsoft .NET Framework 4.5.1 or later
  • Microsoft PowerShell 2.0 (included with Windows Server 2008 R2 SP1 and later) or Microsoft PowerShell 3.0 on Windows Server 2012 or Windows Server 2012 R2. Execution policy must be remote signed as per below screenprint

vRA17

  • SecondaryLogOnService is running.
  • Java requirements for MSSQL, when the database is installed on the IaaS Windows server host. Note I had to use the below version. 1.8 did not work

vRA18

vRA14

  • Click New

vRA15

  • Type the following path to the Java installation directory

vRA16

Installing IAAS

Note: The database will create itself unless you want to use a customised script with your DB admin which is available on the Documentation Center

Note: Install all Windows updates

Note: I also installed Chrome on my server as it seems to work better

  • On your designated IAAS server go to the following link in your browser

https://hostname.domain.name:5480/installer

  • You should see this page
  • Click IaaS Installer below and it will download the files into the Downloads folder

vRA19

  • You should now see the software as per below
  • Right click and Run as Administrator

vRA20

  • You will see the IAAs wizard pop up
  • Click Next

vRA21

  • Accept the license agreement

vRA22

  • Put in the username and password that you used to configure the vRA appliance prior to this

vRA23

  • Choose Complete Install

vRA24

  • Make sure all the pre-requisites are fulfilled. They should all be green. If not go back and fix any issues

vRA25

  • Click Next
  • You now have to enter your user installer password and a passphrase and your database info. Make sure the account you use for your database has the correct permissions to create the DB

vRA27

  • You might get the following messages come up and you will need to follow the instructions

vRA28

vRA29

  • Click next
  • Accept all the defaults on the next page

vRA30

  • Click Next
  • Fill in all the relevant information on the Component registry screen

vRA39

  • Click Finish and wait for the installation to finish

vRA40

vRA41

vRA42

  • The next part of this series on vRA will focus on going deeper into the configuration of vRA and what we can do with this software including integration with vRealize Orchestrator and Advanced Service Designer 🙂

Important Information (Your service account password is changed)

Note: Just set password never expires on the user account basically unless a company has an absolute specific need to have a password policy which resets all passwords after a certain period of time.

You will see on the vRA appliance under services that iaas-service will be blank and no amount of rebooting will solve it!

IIS Services

  • The below vRA pools run under your service account identity. If you use a user account which has a password which expires then you will need to update all vCac services with the new password which is a pain in the backside (as I found out)
  • To reset the pools, right click on each of the 3 pools one at a time and select Advanced settings

vRA316

  • You should see this

vRA317

  • Find the account and click the radio button and click set to change the username/password

vRA318

  • You will also need to change the Windows services to run under the new password

vRA322

 

 

 

VMware vRealize Automation 6.2.2 Part 1

September 28, 2015 Part 1, vRA Small Deployment v6.2.3 No comments

vRARobot

Why use vRA?

  • Increase Business Agility
  • Improve efficiency
  • Fast time to cloud value
  • Consumerization of IT

What does it do?

  • It allows IT departments to accelerate the delivery and ongoing management of custom virtual machines, applications and business relevant infrastructure to improve efficiency and streamline processes. This can sometimes take weeks or months.
  • Policy based governance and application modelling ensures IT services are delivered with the correct service levels and configuration.
  • Life-cycle management allows the control of services from start to end, maintaining operational efficiency. Release automation also allows multi tier application deployments to be maintained in sync with company policies and processes.
  • Using a unified IT self-service catalog, business users can request and manage a large range of custom services.\Administrators can use a wizard driven service designer to define request forms and automate the delivery of their services along with application and other infrastructure services.
  • vRA can integrate with other enterprise systems such as DNS, AD, IPAM, CMDBs and load balancers
  • There is also Accelerated Application Deployment for application release automation which allows integration with the automation suite.
  • It can be integrated with VMware IT Business Management Standard Edition which automatically populates cost profiles where businesses can then compare private and public cloud service offerings.
  • It can allow businesses to keep control over service provisioning and who has access to use service catalogs and processes

vRA versions

  • Standard (1000 managed machines, 2500 concurrent deployments and 10 concurrent deployments and extension to cloud support)
  • Advanced (10,000 managed machines, 2500 catalog items, 50 concurrent deployments, High availability firewall setup and configuration of network load balancers
  • Enterprise (50,000 managed machines, 2500 catalog items, 100 concurrent deployments.) Platform as a service, application delivery, service level agreements and the leveraging of disaster recovery when managing and delivering applications

Check the link below for a more detailed comparison

http://www.vmware.com/products/vrealize-automation/compare.html

vRA Primary Policies

  • Business Groups – Administrators can define a multi level grouping structure linked to AD allowing role based access in the groups
  • Resource Reservations – Virtual, physical or cloud resources can be allocated to each group. Costs and service levels can be applied to the resource reservations. A request will generate a cost to the business.
  • Service Blueprints – These define policies which will control the provisioning and ongoing management of compute and application services. Each blueprint can be unique
  • Entitlements – Merge business groups and specified users with services and policies. A variety of groups can then use the same blueprint with their own group policy rather than have a unique blueprint for each business group

vRA Roles

System Administrator

  • Installs vRA
  • Creates Tenants
  • Manages system wide configuration
  • Designates who is going to manage the infrastructure fabric

IAAS Administrator

  • Manages the discovery and organization of compute, network and storage groups
  • Manages endpoints requires to interact with resources on virtual, physical and public cloud environments
  • Configures and manages fabric groups post discovery of fabric resources. Fabric groups can be used to divide resources used by one organisation to another. Many companies will only have one fabric group however if you need to allow isolation between groups in a company or need specific tenant branding then a number of tenants can be configured.

Tenant Administrator

  • Configures vRA according to the requirements of the business
  • Responsible for user and group management
  • Tenant branding
  • Business policies such as entitlements and approvals
  • Track resource usage by all the users within the tenant and initiate reclamation requests for machines no longer being used.
  • Responsible for creating one or more business groups within the tenant group and assigning users

Business Group Administrator

  • Able to make blueprints for their business group only
  • Take the business groups that the tenant admin issues to them and create content for the business users

What is the Service Catalog?

  • Contains Service Categories which can be broken down into groups to abstract services
  • They contain the unique application, infrastructure or other services available to request and use
  • Service architects can define and publish new services from the catalog
  • The tenant administrator and the business group manager will organise the catalog
  • Contains a goal navigator which guides you through vRA administration tasks such as organizing the fabric, configuring tenants or designing and publishing blueprint information.

Catalog Management

This has 4 functions

  • Services – Examples such as Development services or Production Services
  • Catalog Items – Items such as Linux web server or hardened Windows 2012 server
  • Actions – Ability to carry out actions on a catalog item such as Destroy virtual machine, expire virtual machine, power off and restart etc
  • Entitlements – Defines which users or groups can request catalog items or perform actions

What are Blueprints?

  • A whole specification containing resource such as CPU, RAM and storage for a virtual, physical or cloud machine along with attributes and the way it is provisioned.
  • They specify the workflow associated with blueprint and additional provisioning information
  • Examples might include a Windows Server 2012 server with 4G RAM, 6 vCPUs and 40GB of storage
  • Specify policies such as lease time of the machine and what actions are able to be carried out on the provisioned service.
  • Multi machine services can be configured into a single blueprint making it extremely efficient to build a service containing a web server, database server and an application server.
  • Note: It is only through the multi-machine blueprint that you are able to configure advanced operations such as the dynamic creation of NAT, Routed and Private networks

Application Blueprints

Enables the concept of Design Once – Deploy anywhere

  • Uses a drag and drop screen to model an application blueprint
  • Logical templates, application components and scripts can be added to the application blueprint
  • Component installation order is done by creating dependency links
  • Users do not need to know the underlying infrastructure in order to create the applications
  • The type of cloud to deploy to can be selected such as vRA, vCD or Amazon AWS
  • Each application can have multiple deployment profiles if it needs to be deployed in multiple cloud providers
  • Inconsistencies, errors and rework can be reduced or eliminated
  • Blacklisting can be used to prevent applications being deployed in a particular environment.

IT Business Management

  • Relates to chargeback and making the consumer aware of the cost of infrastructure and consumption
  • ITBM makes it easier to set up and implement a charging model and also compare internal costs to public cloud vendor costs

Advanced Service Designer

ASD allows administrators to deliver additional services not covered by the out of the box functionality

  • Wizard driven approach to designing end to end functionality
  • Once built the custom service can be published in the vCloud Automation Center
  • The process can define service capabilities, user interaction and entitlements
  • Define the automated workflows for the service by using existing vCloud Orchestrator workflows and plugins along with custom scripts

Extensibility

  • Leverage existing and future infrastructure with multi-vendors, multi-cloud infrastructures (Physical, Public and Cloud)
  • Configure personalised business services. Modification of vRA policies and custom properties (metadata tags)
  • Integration with third-party management systems. Using ASD and VCO you can extend the out of the box functionaility
  • Adding new IT services and creation of new Day2 Operations allows the use of workflows and plugins to deliver the Anything as a Service
  • vRA provides a REST API which can be used to call vRA from other infrastructure applications

Configuration Management

  • Configurations tend to drift over time and third-party products can complement vRA by providing configuration management and configuration drift management
  • Puppet Labs is an example of this providing thousand of out of the box modules which can be used in vRA. These modules can describe configurations of OS, networks, storage, middleware components and applications
  • The cloud management marketplace provides these modules
  • Puppet supports environments such as hybrid clouds giving companies the flexibility to deploy any service into any environment

Distributed Execution Manager (DEMs)

  • Executes the business logic of custom models interacting with internal, external databases and systems as required.
  • DEMs can manage cloud and physical machines
  • Each DEM instance performs either a Worker or Orchestrator role

DEM Worker

  • The Worker role executes workflows

DEM Orchestrator 

  • The Orchestrator role monitors DEM Worker instances, pre-processing workflows and scheduling workflows
  • Monitors the status of DEM workers and if a worker instance stops or loses connection to the Model Manager then the workflows are resubmitted for another DEM Worker to pick up.
  • Manages scheduled workflows and starts new workflows at scheduled times
  • Ensures that one scheduled workflow is running at a given time
  • Pre processes workflows before execution checking preconditions (RunOneOnly feature) and creating the history of the workflow
  • It is recommended to have at least one redundant Orchestrator instance on a separate machine for redundancy. This 2nd instance monitors the status of the active Orchestrator and will take over if this goes offline

vRA Agents

vRA uses agents to integrate with external systems

Proxy Agents

  • vRA uses virtualization proxy agents to send commands and collect data from ESXi, Xen Server and Hyper V hosts and the VMs provisioned on them
  • These proxy agents require Admin access to the virtualisation hosts, communication with the vRA Management Service and is installed separately with its own configuration file

Integration Agents

  • VDI PowerShell agents allow vRA to integrate with external VDI systems
  • VMs can be registered with XenDesktop on a Citrix Desktop Delivery Controller and users can access the Xen Desktop Web interface from vRA for example
  • External provisioning integration PowerShell agents (EPI) allow vRA to integrate external systems into the machine provisioning workflow such as integration with Citrix Provisioning Server
  • Requires Admin access to external systems

WMI Agent

  • vRA WMI agents allows you to monitor and control system information allowing you to manage remote servers from a central location
  • Enables the collection of data from vRA managed Windows machines

Managing EndPoints

  • The Infrastructure Admin defines endpoints which are required to discover virtual, physical or public cloud infrastructure resources
  • vRA discovers and manages the underlying infrastructure through the device managers which manages those resources
  • Ongoing rediscovery happens daily
  • Can be configured via the infrastructure tab or select the fabric configuration option from the goals navigator

vCloud Hybrid Service

  • Allows companies to expand their private data centers to the cloud
  • Allows applications to run on site and offsite without interruption
  • Supports more than 3500 applications certified to run on vSphere
  • Now certified out of the box with vRA
  • Customers can use the vCloud Hybrid Service as another vCloud Director end point in vRA
  • Endpoint information includes the location and credentials required to access each vCenter instance which is stored and encrypted in the vRA repository
  • Endpoints can be defined one at a time by the management console to imported in bulk via a .csv file

NSX

  • Network virtualization allows VMs to communicate securely with each other over physical and virtual networks
  • vRA supports NSX
  • Fabric Admins can create external network profiles to define existing physical networks and create NAT, Routed and Private network profiles
  • Network templates specify items such as IP address, DNS server, DHCP server
  • Multi machine blueprints allow configuration of network adapters and load balancing
  • Multi machine blueprints allow the selection of a transport zone which identifies the vSphere endpoint. Both the blueprint and the reservations used in the provisioning must have the same transport zone settings
  • Transport zones are defined in the NSX and vCloud Networking and Security environments

vRA installation components

  • SSO (Single Sign On) capabilities
  • User interface portal
  • IAAS components

VMware Identity Appliance

  • Pre-configured virtual appliance that provides single sign on capabilities for vRA. vCenter SSO 5.5.0b can be used as an alternative

VMware VRA Appliance

  • Pre-configured virtual appliance that deploys the vRA server delivered as an OVF (Open virtualization format)
  • Deployed into the existing infrastructure
  • Postgres database
  • vCO and ASD integration

IAAS

  • Enables the efficient provisioning of servers and desktops across virtual, physical, private and hybrid clouds
  • Contains customisable components such as IAAS website, DEMs, Model Manger, Manager Services, Database and agents

Installation Minimums

Check browser compatibility along with resource minimums

SSO

  • 1 CPU
  • 2GB RAM
  • 2GB storage

vRA Appliance

  • 2 CPU
  • 8GB RAM
  • 30GB storage

IAAS Components

  • 2 CPU
  • 8GB RAM
  • 30GB storage

 

  Recent Entries »