Oh my how time flies. It was just about 6 months ago that I was blogging about the release of vRA 7.2 and all the awesomeness within. Since then, VMware’s Cloud Management Business Unit has been hard at work developing, testing, tweaking and innovating towards the next big release. Today, I’m happy to announce the general availability of vRealize Automation 7.3. It’s an incremental release (i.e. a “dot” release), but don’t be fooled. Here you’ll learn just how much “umph” a .1 can have.
This release continues the trend of delivering awesome innovations, improved user experience, and greater / deeper integration into the ecosystem its managing. Below is a summary of the “spotlight” features and capabilities that are packed into vRA 7.3…
Enhanced API’s for Deploying, Upgrading and Migrating vRA
As part of a continued effort to broaden and enhance API’s across the entire cloud management stack, vRA 7.3 adds and exposes API’s to programmatically install, upgrade, and migrate vRA. This work also provides the foundation for up-and-coming SDDC automation and lifecycle management tools.
- Support for creating and replacing self-signed certs
- Retrieve available upgrade packages, status and approximate upgrade time
- Supports automated migration from 7.x to 7.3
Audit Logging Framework
Provide system-wide logging and auditing capabilities to gain additional visibility into your vRA environment. The VAMI-accessible Audit Log Integration option adds seamless integration with vRealize Log Insight.
- Extends the current Event Logging functionality
- Enables logging of essential services across IaaS and .net (windows) services
- Audit Workflow Subscriptions, IaaS Fabric, Endpoints, and more
- Support for external Syslog and vRealize Log Insight
- Configure using REST API
One of the MOST REQUESTED features is now out-of-the box. Use Size and Image policies to drastically reduce blueprint sprawl and set consistent sizing policies (e.g. Small, Medium, Large, etc). This is also one of the primary use cases for XaaS blueprints to enable “t-shirt sizing”.
- Enable T-Shirt sizing OOTB! (#1 XaaS use case)
- Create profiles as needed, determine which to use per Blueprint (with default option)
- Trigger Approval Policies to Size or Image conditions, including overrides
- Import/Export profiles (value sets) using CloudClient
- Significantly reduces blueprint sprawl
Shared Access Role
The Shared Access role is a new Business Group role that enables shared machine access to other BG users (within the same business group). The role is granted by the business group manager.
- Shared Access user can review Items and execute entitled Day 2 actions
- Shared users can’t request new resources on behalf of the owner
Intelligent Workload Placement (WLP)
vRA and vRealize Operations come together to provide analytics-based initial placement policies for vSphere machines.
- Utilize analytics data in vRealize Operations to optimize the placement of workloads
- vR Ops will recommend optimal Compute Cluster and Datastore based on available data
- App Execution Information returns placement details
- Optional toggle flag (via API) to force WLP usage or fail
- Requires vR Ops 6.6 or higher
WLP integration in vRA introduces new Management Endpoint to integrate vRealize Operations:
Machine placement is determined by the vR Ops monitoring policy. vRA provides a list of available target reservations to vR Ops, which makes the recommendation based on CPU, Memory, and Storage metrics.
Create Monitoring Policies in vR Ops UI:
Enhanced Integration with vRealize Business
- Uses consistent terminology across vRA and vRB
- No derived costing in vRA – vRB is the single source of truth for all costing data
- Supports pricing based on Blueprint, Reservation or Reservation Policy
- Updating pricing for Reconfigure, Scale Out/In, HA-enabled, AWS and Azure machines
- Adds cost info to imported machines
Integrated Health Service
The once-stand-alone Health Service (i.e. vRPT) is now available within vRA UI. This allows admins to gain visibility into overall health metrics of any supported vRA / vRO instance for current health status and upgrade/migrate preparedness.
- Role based and tenanted access to health data
- Configure multiple vRA instances to monitor
- Schedule and configure test runs
- Full REST interface to perform health service system management tasks
- REST API Enables integration with vRealize Operations / SDDC Health Dashboard and 3rd-party tools
A detailed test report shows current status, criticality, and potential fix:
DBaaS, Production DB Cloning for Dev/Test
- Provides the capability to snapshot and provision a DB instance point-in-time
- Provision DB child nodes (Linked Clones), auto restore DB backup for test/dev
- Supports Oracle and Microsoft SQL database
- Prebuilt Blueprints (Oracle 12c, SQL 2014) and use case specific vRO workflow package
NSX Integration Enhancements
Where do I start? This section is definitely going to need it’s own post due to the amount of work the team has put into delivering some serious #BetterTogether goods. Here’s a quick summary of what’s shipping OOTB in vRA 7.3…
- Direct API Integration — no more dependency of vRO plugin / endpoint dependency (although the vRO plugin will continue to be available for XaaS and vRO-centric use cases)
- NSX is now a dedicated Endpoint, providing logical separation from the vSphere Endpoint(s). The new endpoint management service provides separate configs for all [IaaS] Endpoints then uses Associations to bind them together. This provide greater flexibility and scale.
- Enhanced NAT Port Forwarding Controls during blueprint authoring provides greater flexibility and feature-parity with NSX management.
- NAT Day 2: Add / Remove / Reorder NAT Port Forwarding rules on a provisioned machine
- Enhanced Load Balancer Controls: Customize LB Algorithms, Persistence, Port(s), extended Health Monitor control, Transparent Mode (on/off), etc
- LB Day 2: Add / Edit Virtual Servers, granularly modify LB policies
- Security Day 2: Change Security Policy (Security Groups and/or Tags) as a Day2 Action
- Enable NSX Edge High Availability (configured per-blueprint)
- Enable NSX Edge Deployment Size Selection (configured per-blueprint)
Config Automation Framework
vRA 7.3 adds native integration with external configuration management tools (starting with Puppet).
- Dynamically assign roles per Blueprint component
- Dynamically query Puppet Master, Environment and Roles
- Support for Day 2 Actions (de-register / delete)
- Software Authoring Enhancements
Once the plugin is added, the Puppet Master registered as an extensibility Endpoint and becomes available in the converged blueprint canvas to drag and drop over a vSphere component.
You can download the new Puppet Plugin (3.0) from VMware Solution Exchange
Software Syntax Highlighting (UX Enhancement)
- Elegant syntax highlighting of software lifecycle scripts (app authoring)
- Intuitive color coding standards
- Improves productivity and reduces scripting errors
- Use Custom Properties in Software Scripts (using $ notation)
- Support for Encrypted / Non-Encrypted properties
Container Management Enhancements
vRA’s container management engine now natively supports VMware Integrated Containers (VIC), allowing admins to add/manage VCH instances in vRA with a feature set similar traditional Docker hosts. This is on top of current capability of
- Support for Docker volumes: create / attach volumes to containers, deploy volumes with container apps
- UX Enhancements: UI improvements for easier and more user friendly navigation, Clarity UI adoption, new tabs, icons and buttons
- Support for Docker Remote API 1.21
- Enhanced selection of image versions in container definition form
Support for Docker volumes: create / attach volumes to containers, deploy volumes with container apps
Ready for VMware Cloud on AWS
Nothing to see here, folks — VMware Cloud on AWS is just another vSphere Endpoint! (once it’s available)
- Build an IaaS Fabric using VMware Cloud SDDC Resources
- Leverage Reservation Policies for machine placement
Azure Endpoint Enhancements
A handful of usability enhancements to the Azure endpoint focus on the overall user experience. vRA 7.3 adds support for software components (i.e. software authoring), enabling drag and drop of software to Azure machines on the blueprint canvas.
- Specify software properties on the blueprint designer as well as on the request form
- Usability Improvements, pre-populated forms and drop-downs
- Requires VPN connectivity for communications
ServiceNow Plugin 2.0
This is a follow up and incremental release of the SNOW 1.0 Adds support for AWS catalog items (view and request AWS catalog items from the ServiceNow portal)
- Seamless integration with the ServiceNow governance engine
- CMDB and Day 2 operations support
- Supported Releases: ServiceNow Helsinki and Istanbul, vRA 7.3
- Available on Solution Exchange
Force Destroy [Deployments]
- Efficiently clean-up failed deployments
- Safely ignores any failures interrupting the Destroy process
- Improves stable management of workloads
- Applies to entire deployment
- Available only after initial destroy request fails
- Only the Business Group Manager can invoke the Force Destroy option
vRO Control Center RBAC
- RBAC Auth Support to vRO Control Center
- Admins log in with their accounts (previously only the ‘root’ user had access)
- Troubleshoot requests based on user role
- Trace execution and logs for workflow-based vRA requests, based on user role
- Reuse privileges and roles from vRA
SDDC Storage Integration (vSAN/SPBM)
- Enable SPBM management through vRO
- Leverages the latest vCenter Server (6.5) plug-in shipped with vRO out-of-the-box
- All Storage Policy Based objects are now accessible through API in vRO/vRA
- Change Storage Policies as a Day2 Action
- Changes can be governed, controlled
- Allow only privileged users to export secure properties in blueprints, software components and property groups in clear text
- Allows Dev-Ops admins to export and import content across different vRA instances without compromising the security of their content
- Supported using API and CloudClient import/export
Automated Postgres DB fail-over
- Eliminates vPostgres DB single point of failure
- Support for synchronous mode (required for consistent state failover)
- Automatically promotes available Replica DB / demotes Master once available
- Approx 60-sec failover time
Manager Service Fail-Over
- Eliminates Manager Service (IaaS) single point of failure
- Auto-enabled using wizard or silent install
- Enabled manually when using suite installer
- Default 30 to 120-sec failover time (customizable), depending on outage scenario
That about sums it up…not bad for a “dot” release, eh? I’ve got a few posts tee’d up that will dive much deeper on some of these new features…starting with the many NSX enhancements.
You could have deployed a vRA 7.3 environment in the time it took to read this full post — get to it!
- Download: https://my.vmware.com/en/web/vmware/info/slug/infrastructure_operations_management/vmware_vrealize_automation/7_3
- Release Notes: http://pubs.vmware.com/Release_Notes/en/vra/73/vrealize-automation-73-release-notes.html
- Docs: http://pubs.vmware.com/vrealize-automation-73/index.jsp#com.vmware.ICbase/PDF/ic_pdf.html
Great information. I rely on your blog often for new information regarding vRA. A while back you had a post called vCAC IaaS Optimization Guide, for the vCAC 6 days. Do you have an updated optimization guide for 7.3 + by chance? I find numerous tidbits here and there like setting vCO socket timeouts in the shindig config file and Changing the polling method from WebSocket to HTTP. I realize some of these items may be in the 7.4 documentation, but I’m also guessing there are a number of ‘undocumented’ or lesser known optimizations and adjustments that can be made. We manage 4 separate vRA environments which is more than a handful. Any tips, tricks and optimizations would be so greatly appreciated! Thanks!!
Thanks for the summary! I found it very informational.
Any update on the configuration of disk size?
In previous versions when I set a larger disk size for the VM in the component profile, during deployment, vRA/VCSA failed to change the disk size (physically). Obviously, the logical extension in the OS is another issue, however, this is a feature highly requested by our customers. Not to mention that this also involves manual configuration.
Thanks for this! I am trying to configure the Storage Policies for Day 1 and Day 2 deployments on 7.3 and 6.5 ESXi. on our VSAN Cluster.
SDDC Storage Integration (vSAN/SPBM)
Enable SPBM management through vRO
Leverages the latest vCenter Server (6.5) plug-in shipped with vRO out-of-the-box
All Storage Policy Based objects are now accessible through API in vRO/vRA
Would you happen to know how can that be achieved?
Thanks in advance!
“Use Custom Properties in Software Scripts (using $ notation)” I have been searching for weeks trying to find out documentation on how to do it, but I have found nothing. I have tried:
But these dont work. Any ideas?
nice one, thx! where do you find “DBaaS, Production DB Cloning for Dev/Test”. I cannot locate those blueprints. I only found some reference in vRA 6.2 documentation: https://pubs.vmware.com/vra-62/index.jsp?topic=%2Fcom.vmware.vra.asd.doc%2FGUID-8F7C7809-6E2E-42FC-BD5E-961226B1A080.html
Guy, you are great. The information detailed here is the one what we need to decide for the immediate upgrade. Awesome!.