The Scoop – vRealize Automation 7.2

Today VMware announced vRealize Automation 7.2, the third incremental release since the revamped 7.0 platform was first introduced. With each release comes new features and functionality with an almost obsessive focus on driving time-to-value and improving the overall user experience. vRA 7.2 is no exception to that rule.

vRealize Automation 7.2

vra7-585

Accelerating Time to Value:

  • New API’s for programmatically Installing, Configuring, and Upgrading vRA 7.2+
  • Leverage the API’s to validate installation, deploy monolithic or distributed environments, generate certs and install licensing
  • Enhanced Upgrade API’s enable programatic system-wide upgrade functionality

Storage Over-Provisioning in vRealize Automation

A driving factor of virtualization in the old days was the immediate efficiencies that were realized with each P2V. It was money in the bank each time consolidation ratios increased and fewer physical boxes were required. In the physical world, we tried to ensure each OS and associated app(s) had plenty of excess CPU, memory, and storage resources available to it…just in case they were needed at some point in the future. The target utilization rate was typically under 20% (often less than half that) and a sustained rate above that was a cause for concern. In contrast, virtualization aspired resource utilization rates of 60-80% per host and a little below that cluster-wide. While high utilization became the new norm, over-provisioning of resources was typically avoided (at least in production).

Fast forward to the cloud era (private / public, doesn’t matter), where over-provisioning of machines consuming shared resources is a necessary evil for driving efficiencies at every level of infrastructure and scale. This is especially true for infrastructure-as-a-service. This evil is also one of the benefits…it’s what helps deliver the perception of unlimited resources to the consumer without actually making that kind of investment. While the cost of spare capacity has become less of an issue over time, over-provisioning of resources remains a common practice for many small shops, enterprises, and service providers alike.…

VMware SDDC Technical Whiteboard

One of my favorite things to do is whiteboard. In my line of work, the whiteboard allows me to tell a story…one that can be broad in coverage, yet tuned on-the-fly to best align with the needs of the audience. It started as a “cloud” whiteboard back when vCloud Director (vCD) was released and the first vCloud Suite offering was announced. The first storylines were all about VMware’s cloud and management framework and leveraging vCD to align with a set of industry-accepted characteristics that defined “cloud”. There have been several iterations over time as new technologies (and acquisitions) came to fruition, with an evolving storyline to highlight modern challenges and the transformative nature of the Software-Defined Datacenter.

The whiteboard has been delivered on your standard everyday office whiteboard, table-tops, glass walls, flip charts, notepads, napkins, and electronically via powerpoint, iPad, and digital sketch pads. Regardless of delivery medium, I have found the whiteboard to be the most effective means of articulating the often-confusing details and associated benefits of the Software-Defined Datacenter at any level of depth…and without yawn-generating, ADD-invoking death by powerpoint.

My most recent iteration of the SDDC whiteboard doubles as field and partner enablement, so I had to put a little more thought into the storyline to ensure it closely resembles how customers have typically leveraged vSphere, NSX, VSAN, and the vRealize Suite evolve their existing datacenters to quickly build and gain the benefits of SDDC.…

The Scoop: vRealize Automation 7.1

vRealize Automation 7.1 in now Generally Available for download. This release brings several features and enhancements, but primarily sticks to the themes of Time to Value, Quality and Stability. Another focus point for this release is to provide customers currently on vRA 6.x an upgrade path to all the benefits of the 7.x platform.

vRealize Automation 7.1

I’ll be posting some details around a few of the new capabilities in the next several weeks, but for now here’s a summary list of what vRA 7.1 delivers…

Time To Value

  • Streamlined deployment and prereq installation process
  • Silent installer leveraging new vra-command CLI tool
  • Install management agents, prereqs, and core for VA and IaaS nodes
  • Use wizard-generated unattended properties file for subsequent silent installations
  • Leverages new VA public API (https://<vrava_ip>:5480/config/):

    vra7-176

  • UI-based (VAMI) Migration wizard
  • Migrate from vRealize Automation 6.2.x environment to a new vRealize Automation 7.1 instance
  • Complete DB migration (vPostgres and SQL)
  • Migrate IDVA/SSO Directories to vIDM
  • Preserves the source 6.2.x environment
  • Supports migrating from 6.2.x Simple to 7.1 HA/Distributed (as well as HA to HA):

    vra7-226

  • vSphere Endpoint Improvements
  • Data collection performance increased by ~60%
  • Support for vSphere infrastructure changes (e.g.

vRA and NSX – Part 3, Security Groups and Policies

Introduction

Recapping Part 2 of this series: We staged a number of NSX Logical Switches to be consumed by vRA machines as External Networks. vRA collects and identifies these networks as traditional [vSphere] Network Paths and allows them to be wired for consumption in the Converged Blueprint (CBP) designer as needed (or using custom properties, but that’s beyond this post). Logical Switches can be created for a consumption-only model, automatically created per Deployment when using On-Demand services, or some combination of these.

Moving on…

Similar to it’s relationship with NSX Logical Switches, vRA provides both consumption-based and dynamic security services to deliver a number of use cases leveraging NSX Security Groups and Security Policies.

A Security Group defines — and logically groups — the objects you want to protect (e.g. virtual machines) and the policies that protect them (via a security policy). Group membership can be static or dynamic (e.g. based on logical naming, containers, tags, or as members of other security groups). Pre-created security groups are collected by vRA endpoint inventory and consumed as Existing Security Groups (SG) within the Converged Blueprint designer. These security groups may ultimately contain a combination of unmanaged vSphere VMs and vRA-managed machines.

vra7-327vRA also supports On-Demand Security Groups (ODSG) within CBP, which requires the use of an existing Security Policy.…

vRA and NSX – Part 2, Staging Logical Networks

Introduction

A logical switch emulates a traditional network switch by creating logical networks that can be used to connected one or more vnics of a virtual machine to the corresponding logical network. In an NSX environment, logical switches are directly mapped to an available Transport Zone (VXLAN) and is stretched across all hosts and clustered configured with that VXLAN. Similarly, a Universal Logical Switch is deployed when used with Universal Transport Zones and can be stretched across hosts, clusters, and even vCenters. Logical switches are typically created and managed using the vSphere Web Client. Once created, machines can be logically wired to them for connectivity to other machines and/or upstream services (e.g. NSX Edge Services Gateway or Distributed Logical Router…or anything else wired to the resulting logical network). Thanks to the power of NSX, these networks can be spun up rapidly (albeit statically) and exist exclusively in the virtualization layer, saving countless management cycles and associated overhead (+ cost).

As you are well versed by now, NSX delivers the critical services needed for a modern network infrastructure while lifecycle automation of network and security services — from provisioning to decommissions (and everything in between) — are defined by the automation layer.…

Just Released!! Cloud Management for Dummies

I’m proud to announce the release of my first “Dummies” book!

A Cloud Management Platform (CMP) provides a unified platform for managing private, public, and hybrid cloud environments together with conventional and modern application architectures. Cloud Management for Dummies was written to guide organizations through some of the challenges of selecting a cloud management platform as they move from traditional IT to a more modern, automated, and governed infrastructure.

cmpdummies-title

About this Book

Cloud Management For Dummies is loaded with information that can help you understand and capitalize on cloud management. In plain and simple language, we explain what a cloud management platform is, why you need it, and which capabilities to demand in an enterprise solution. We also illustrate common use cases for CMP and guide you to the path to management in the hybrid cloud era.

Excerpt: Identifying the Market Context

Companies in all industries are responding to new opportunities to leverage big data and mobility to drive a better customer experience and a more productive work environment. Many companies are actively pursuing new business models and revenue streams that rely on digitizing and modernizing business processes.

The phenomenon of digitization, along with other structural changes in the business world, is driving the need to dramati- cally speed up application delivery.

vRA and NSX – Intro to Network and Security Automation

Network and security automation — and specifically the use of on-demand services — will continue to play a more significant role as NSX (and network virtualization in general) continues to become more and more prominent. Customers are still trying to understand the impacts of app-centric networking and whether or not they’re ready to hand these critical services to automation tools. There’s a perception that automation reduces control and/or visibility into networking and security services that traditionally involve a ton of ownership, red tape, and several siloed personalities that love to hear their own voice (I used to be one!). Plus, there are personal domains and certifications to protect!

Once these folks realize vRA + NSX will provide greater control, more governance, and better visibility than they’ve ever had before, heads tend to deflate a bit. NSX adoption is on a rocketship and its benefits are resonating with traditional network silos and modern shops alike. As adoption (and resulting trust) continues to grow within an enterprise, the second part of the equation — automation — become the obvious next step for streamlining network and security services, often getting kicked off with two wonderful words: now what? Enter vRealize Automation.

For its part, vRA is designed to bridge the gap between a pure consumption model and on-demand everything.…