vRA 7.2 DIG – 01, Introduction

vRA 7.x focuses a lot on the user experience (UX), starting with one of the most critical — deploying the solution — then the second most critical, configuring it.  Following through with the promise of a more streamlined deployment experience, vRA 7’s release made a significant UX leap with the debut of the wizard-driven and completely automated installation of the entire platform and automated initial configuration.  And all of this in a significantly reduced deployment architecture.

The overall footprint of vRA has been drastically reduced. For a typical highly-available 6,x implementation, you would need at least 8 VA’s to cover just the core services (not including IaaS/windows components and the external App Services VA). In contrast, vRA 7’s deployment architecture brings that all down to a single pair of VA’s for core services. Once deployed, just 2 load-balanced VA’s will deliver vRA’s framework services, Identity Manager (SSO/vIDM), vPostgres DB, vRO, and RabbitMQ — all clustered and configurable behind a single load balance VIP and a single SSL cert. All that goodness, now down to 2 VA’s and all done automatically (!) during deployment.

While the IaaS (.net) components remain external, several services have moved to the VA(s). This will continue to be the case over time as more and more services make it over — eventually eliminating the Windows dependencies all together.…

vRA 7.2 Detailed Implementation Guide

Welcome to the vRealize Automation 7.2 Detailed Implementation Guide (DIG). This series of posts — made up of detailed how-to, end-to-end videos, plenty of commentary, and other related content — was put together to help you deploy and configure a highly-available, production-worthy vRealize Automation 7.2 distributed environment, complete with SDDC integration (e.g. VSAN, NSX), extensibility examples and ecosystem integrations. The design assumes VMware NSX will provide the load balancing capabilities and includes details on deploying and configuring NSX from from scratch to deliver these capabilities.

This little project has been in the works for quite some time and will continue to expand as I include additional how-to’s for a variety of use cases (e.g. IPAM and ITSM integration).

Target Audience

This guide was created for anyone looking to install and/or configure vRealize Automation 7.2 in any environment. And, as were my intentions in previous POC guides, the content here can be used as a form of training and education or simply a reference document for existing or new vRA environments.

As for skill level, this guide assumes you have a general idea of vRealize Automation and VMware’s broader Cloud Management products. However there is no expectation that you’ve previously deployed and configured vRA.…

VMware SDDC Technical Whiteboard

One of my favorite things to do is whiteboard. In my line of work, the whiteboard allows me to tell a story…one that can be broad in coverage, yet tuned on-the-fly to best align with the needs of the audience. It started as a “cloud” whiteboard back when vCloud Director (vCD) was released and the first vCloud Suite offering was announced. The first storylines were all about VMware’s cloud and management framework and leveraging vCD to align with a set of industry-accepted characteristics that defined “cloud”. There have been several iterations over time as new technologies (and acquisitions) came to fruition, with an evolving storyline to highlight modern challenges and the transformative nature of the Software-Defined Datacenter.

The whiteboard has been delivered on your standard everyday office whiteboard, table-tops, glass walls, flip charts, notepads, napkins, and electronically via powerpoint, iPad, and digital sketch pads. Regardless of delivery medium, I have found the whiteboard to be the most effective means of articulating the often-confusing details and associated benefits of the Software-Defined Datacenter at any level of depth…and without yawn-generating, ADD-invoking death by powerpoint.

My most recent iteration of the SDDC whiteboard doubles as field and partner enablement, so I had to put a little more thought into the storyline to ensure it closely resembles how customers have typically leveraged vSphere, NSX, VSAN, and the vRealize Suite evolve their existing datacenters to quickly build and gain the benefits of SDDC.…

vRA and NSX – Intro to Network and Security Automation

Network and security automation — and specifically the use of on-demand services — will continue to play a more significant role as NSX (and network virtualization in general) continues to become more and more prominent. Customers are still trying to understand the impacts of app-centric networking and whether or not they’re ready to hand these critical services to automation tools. There’s a perception that automation reduces control and/or visibility into networking and security services that traditionally involve a ton of ownership, red tape, and several siloed personalities that love to hear their own voice (I used to be one!). Plus, there are personal domains and certifications to protect!

Once these folks realize vRA + NSX will provide greater control, more governance, and better visibility than they’ve ever had before, heads tend to deflate a bit. NSX adoption is on a rocketship and its benefits are resonating with traditional network silos and modern shops alike. As adoption (and resulting trust) continues to grow within an enterprise, the second part of the equation — automation — become the obvious next step for streamlining network and security services, often getting kicked off with two wonderful words: now what? Enter vRealize Automation.

For its part, vRA is designed to bridge the gap between a pure consumption model and on-demand everything.…

vRA and NSX Integration Series

It should be no surprise that VMware is putting a lot of time and energy around the benefits of vRealize Automation and NSX. The #BetterTogether campaign has taken off and just about anyone touching either of these solutions should be able to articulate that message by now. I’ve been focusing on the integrations between vRA and NSX partly because it’s within my charter, but primarily due to being huge believer in the transformative nature of the technology behind it. Whether at a VMUG, in a briefing, building internal content, or in my home office as my puppy, Millie, begs to go out and play just as I start recording a video (it’s like clockwork!), this has easily become one of my favorite topics.

While the benefits are easily articulated and demos [usually] go off without a hitch, much of the feedback I get suggests there’s a perceived complexity with the integration. “Not so!”, says I. While complex is a relative term, integrating vRA and NSX doesn’t have to be, especially if you have a basic understanding of the two solutions individually. Although I will agree on at least one thing — while documentation is generally getting better, there’s still a major gap in prescribed [how-to] content.…

vRA and NSX – Using Baseline Security Groups

vRA and NSX came together back when vRA (a.k.a. vCAC) 6.0 was released, just as VMware was transitioning from vCNS to NSX. In vRA 6.x, inventory-collected security groups must be selected (checked) per Reservation prior to being available for consumption by a multi-machine blueprint (and only MMBP’s support NSX in vRA 6.x). As I’ve highlighted several times before, the latest release of vRealize Automation (7.x) delivers deeper integrations with NSX and unified service authoring capabilities to make delivering application-centric networks the new norm. See this post for how vRA and NSX are better together…I won’t repeat those details here.

With vRA 7’s deeper integration and broader use cases, one hugely powerful feature is the ability to incorporate one or more NSX Security Groups — either Pre-Existing or On-Demand — into your service design using the new Converged Blueprint Designer (CBP). You simply drag-and-drop the security group right on to the unified canvas and bind it to the desired machine components…

vra-cbp-nsx-sg

nsx security groups in vra

As a result, the provisioned machines are automatically added to the security group (Existing Security Group) or a new security group is dynamically created and bound to an existing security policy at request (On-Demand Security Group).…

vRealize Automation and NSX – Better Together

One of the hottest topics in the world of software-defined everything is unequivocally NSX. This rocketship of a technology is fundamentally changing datacenter design — much like vSphere so effectively did (except at a greater pace). NSX redefines how networks are built, consumed, and managed. Even more importantly, security no longer has to be compromised due to the the prohibitive cost of per-application policies. And best of all, this all done with software. That’s a good thing since we’re at the start of a software-defined revolution, quickly breaking out of our hardware-defined chains.

I can go on and on, but this post isn’t about how awesome NSX is…not entirely anyway.

Making Awesome…Awesomer

So how do we take awesome up another notch? Easy…automate it (i’m sure you figured I’d say that). And not just automate in the “I’ll run a fancy custom script or workflow as soon as the request hits my desk”. While that’s neat — and congrats on putting in all the work for building those static processes (also, good luck handing those proprietary scripts over to the next admin when LinkedIn recruiters finally land you) — that’s not what I’m referring to. Automation in that sense has been around for decades and traditionally misses two of the worst choke points in IT — People and Process.…

VMware Cloud Management Q1’16 Releases

Today was a big day for VMware’s Cloud Management business unit!

While most of these releases are an incremental (“sub”) release, they are quite important for all customers who have either already deployed or upgraded to vRealize Automation 7.0 and/or vRealize Business 7.0, or have been patiently holding off for the first incremental update prior to deploying or moving into production (especially considering the many platform-level enhancements introduced in 7.0).

As you’d expect, the vRA / vRB 7.0.1 updates bring with them bug fixes and minor enhancements since the 7.0 release(s). The theme is product quality, performance, scale and stability. These also represent the first releases to align with the BU’s new 90-day target for major and minor releases.

 

 

vRealize Automation 7.0.1

 

vRealize Orchestrator 7.0.1 (standalone VA)

 

vRealize Automation 6.2.4

 

vRealize Business for Cloud 7.0.1

 

vRealize CodeStream 2.0

 

vRealize CodeStream Management Pack for DevOps 2.0

And finally, the vRealize Suite 7.0 has been officially released to align with the completed portfolio of cloud management solutions.…