Reference Architecture vRealize Automation 7.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
Reference Architecture You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2017 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com 2 VMware, Inc.
Contents vRealize Automation Reference Architecture Guide 5 Updated Information 7 1 Initial Deployment and Configuration Recommendations 9 2 vRealize Automation Deployment 11 3 vRealize Business for Cloud Deployment Considerations 15 4 vRealize Automation Scalability 17 Configure Manager Service for High Data Volume 18 Distributed Execution Manager Performance Analysis and Tuning 19 5 vRealize Business for Cloud Scalability 21 6 vRealize Automation High Availability Configuration Considerations 23 7
Reference Architecture 4 VMware, Inc.
vRealize Automation Reference Architecture Guide The vRealize Automation Reference Architecture Guide describes the structure and configuration of typical vRealize Automation deployments. In addition, it provides information about high availability, scalability and deployment profiles. Intended Audience This information is intended for anyone who wants to configure and manage vRealize Automation.
Reference Architecture 6 VMware, Inc.
Updated Information Reference Architecture is updated with each release of the product or when necessary. This table provides the update history of the Reference Architecture publication. Revision Description EN-002087-01 Updated database deployment information including support for SQL AlwaysOn groups in Chapter 2, “vRealize Automation Deployment,” on page 11. Updated references to vRealize Business Standard to vRealize Business for Cloud to reflect product name change. EN-002087 Initial release.
Reference Architecture 8 VMware, Inc.
Initial Deployment and Configuration Recommendations 1 Deploy and configure all VMware vRealize Automation components in accordance with VMware recommendations. Keep your vRealize Automation, vRealize Business for Cloud, and vRealize Orchestrator in the same time zone with their clocks synchronized. Install vRealize Automation, vRealize Business for Cloud, and vRealize Orchestrator on the same management cluster.
Reference Architecture 10 VMware, Inc.
vRealize Automation Deployment 2 Use the VMware resource recommendations as a starting point for vRealize Automation deployment planning. After initial testing and deployment to production, continue to monitor performance and allocate additional resources if necessary, as described in Chapter 4, “vRealize Automation Scalability,” on page 17.
Reference Architecture For more information about changing the default MSDTC ports, see the Microsoft Knowledge Base article Configuring Microsoft Distributed Transaction Coordinator (DTC) to work through a firewall available at https://support.microsoft.com/en-us/kb/250367. vRealize Automation supports SQL AlwaysON groups only with Microsoft SQL Server 2016. When installing SQL Server 2016, the database must be created in 100 mode.
Chapter 2 vRealize Automation Deployment For best product performance, review and implement configuration guidelines described in the vRealize Automation Coding Design Guide prior to importing vRealize Orchestrator content into production deployments. VMware, Inc.
Reference Architecture 14 VMware, Inc.
vRealize Business for Cloud Deployment Considerations 3 Deploy vRealize Business for Cloud, formerly known as vRealize Business Standard Edition, in accordance with VMware guidelines. Load Balancer Considerations Load balancing is not supported for data collection connections. For more information, see Chapter 4, “vRealize Automation Scalability,” on page 17. In the vRealize Business for Cloud appliance for UI and API client connections, you can use the vRealize Automation load balancer. VMware, Inc.
Reference Architecture 16 VMware, Inc.
vRealize Automation Scalability 4 Consider all applicable scalability factors when configuring your vRealize Automation system. Users The vRealize Automation appliance is configured for syncing less than 100,000 users. If your system contains more users, you may need to add memory to vRealize Automation Directories Management. For detailed information on adding memory to Directories Management, see "Add Memory to Directories Management" in Configuring vRealize Automation.
Reference Architecture Performance Analysis and Tuning As the number of resources collecting data increases, data collection completion times might become longer than the interval between data collection intervals, particularly for state data collection. To determine whether data collection for a compute resource or endpoint is completing in time or is being queued, see the Data Collection page.
Chapter 4 vRealize Automation Scalability 2 Locate the binding name and readerQuotas lines in the file. Note Do not confuse these two lines with the similar lines that contain the following string: binding name = "ProvisionServiceBinding". 3 Replace the number values assigned to the maxReceivedMessageSize and maxStringContentLength attributes with a larger value.
Reference Architecture 20 VMware, Inc.
vRealize Business for Cloud Scalability 5 Configure your vRealize Business for Cloud installation for scalability in accordance with VMware guidelines. vRealize Business for Cloud can scale up to 20,000 virtual machines across four VMware vCenter Server instances. The first synchronization of the inventory data collection takes approximately three hours to synchronize 20,000 virtual machines across three VMwarevCenter Server instances.
Reference Architecture 22 VMware, Inc.
vRealize Automation High Availability Configuration Considerations 6 If you require maximum system robustness, configure your vRealize Automation system for high availability in accordance with VMware guidelines. vRealize Automation Appliance The vRealize Automation appliance supports active-active high availability for all components except the appliance database. To enable high availability for these appliances, place them under a load balancer.
Reference Architecture Infrastructure Manager Service The manager service component supports active-passive high availability. To enable high availability for this component, place two manager services under a load balancer. Because two manager services cannot be active simultaneously, disable the passive manager service in the cluster and stop the Windows service. If the active manager service fails, stop the Windows service, if it is not already stopped under the load balancer.
vRealize Business for Cloud High Availability Considerations 7 Use the VMware vSphere HA feature for the vRealize Business for Cloud Edition appliance. To configure the VMware vSphere HA feature on the VMware ESXi host, see the vCenter Server and Host Management documentation. VMware, Inc.
Reference Architecture 26 VMware, Inc.
8 vRealize Automation Hardware Specifications Install appropriate components for your configuration on each vRealize Automation server profile in your environment. Required Hardware Specifications Recommended Hardware Specifications vRealize Automation Services, vRealize Orchestrator, vRealize Automation Appliance Database CPU: 4 vCPU RAM: 18 GB (See Chapter 4, “vRealize Automation Scalability,” on page 17 for more information.) Disk: 108 GB Network: 1 GB/s Same as required hardware specifications.
Reference Architecture 28 Required Hardware Specifications Recommended Hardware Specifications Infrastructure Database CPU: 2 vCPU RAM: 8 GB Disk: 40 GB Network: 1 GB/s CPU: 8 vCPU RAM: 16 GB Disk: 80 GB Network: 1 GB/s vRealize Business for Cloud Appliance services vRealize Business for Cloud Database Server CPU: 2 vCPU RAM: 4 GB Disk: 50 GB Network: 1 GB/s Same as required hardware specifications Server Role Components MSSQL Database Server vRealize Business for Cloud Appliance VMware, Inc.
9 vRealize Automation Small Deployment Requirements A vRealize Automation small deployment comprises systems of 10,000 managed machines or fewer and includes the appropriate virtual machines, load balancers, and port configurations. The small deployment serves as a starting point for a vRealize Automation deployment that enables you to scale in a supported manner to a medium or large deployment.
Reference Architecture Server Role CN or SAN vRealize Automation appliance SAN contains vra.va.sqa.local and vra.va-1.sqa.local Infrastructure Core Server SAN contains web.ra.local, managers.ra.local and inf-1.ra.local vRealize Business for Cloud Server CN = vrb.ra.local Ports Users require access to certain ports. All ports listed are default ports. Server Role Port vRealize Automation appliance 443, 8444. Port 8444 is required for the Virtual Machine Remote Console.
Chapter 9 vRealize Automation Small Deployment Requirements Service/System Outbound Ports Server Role Inbound Ports vRealize Automation appliance HTTPS: 443 Adapter Configuration: 8443 Remote Console Proxy: 8444 SSH: 22 Virtual Appliance Management Console: 5480 LDAP: 389 LDAPS:636 VMware ESXi: 902 Infrastructure Core requires access to vSphere Endpoint Port 443 to obtain a ticket for Virtual Machine Remote Console.
Reference Architecture 32 Service/System Outbound Ports Server Role Inbound Ports MSSQL Database Server MSSQL: 1433 MSDTC: 135, 1024 65535. For information about how to narrow this range, see the Database Deployment section of Chapter 2, “vRealize Automation Deployment,” on page 11. Infrastructure Core Server: 135, 1024 to 65535. For information about how to narrow this range, see the Database Deployment section of Chapter 2, “vRealize Automation Deployment,” on page 11. MSDTC: 135, 1024 65535.
Chapter 9 vRealize Automation Small Deployment Requirements Graphics Figure 9‑1. Minimum footprint for small configuration of vRealize Automation NOT SHOWN All Infrastructure systems require access to Port 5480 of all vRealize Appliances for Log Collection (vRA Settings > Cluster > Collect Logs on Virtual Appliance:5480) to function.
Reference Architecture 34 VMware, Inc.
vRealize Automation Medium Deployment Requirements 10 A vRealize Automation medium deployment comprises systems of 30,000 managed machines or fewer and includes the appropriate virtual machines, load balancers, and port configurations. Support A medium deployment can support the following items. n 30,000 managed machines n 1000 catalog items n 50 machine provisions Requirements A medium deployment most meet the appropriate system configuration requirements.
Reference Architecture Certificates The host names that are used in this table are examples only. Server Role CN or SAN vRealize Automation appliance SAN contains the following host names: vrava.ra.local n vrava-1.ra.local n vrava-2.ra.local n Infrastructure Web or Manager Server SAN contains the following host names: n web.ra.local n manager.ra.local n inf-1.ra.local n inf-2.ra.local vRealize Business for Cloud Appliance CN = vrb.ra.local Ports Users require access to certain ports.
Chapter 10 vRealize Automation Medium Deployment Requirements Outbound Ports for Service or System Server Role Inbound Ports vRealize Automation appliance HTTPS: Adapter Configuration: 8443 Remote Console Proxy: 8444 Postgres: 5432 RabbitMQ: 4369, 25672, 5671, 5672 ElasticSearch: 9300, 40002, 40003 Stomp: 61613 SSH: 22 LDAP:389 LDAPS: 636 vRealize AutomationAppliance (All other): 5432, 4369, 25672, 5671, 5672, 9300, 40002, 40003 vRealize Automation Infrastructure Web Load Balancer: 443 VMware ESXi: 90
Reference Architecture Outbound Ports for Service or System Server Role Inbound Ports MSSQL Database Server MSSQL: 1433 MSDTC: 135, 1024 65535. For information about how to narrow this range, see the Database Deployment section of Chapter 2, “vRealize Automation Deployment,” on page 11. Infrastructure Web/Manager Server: 135, 1024 - 65535. For information about how to narrow this range, see the Database Deployment section of Chapter 2, “vRealize Automation Deployment,” on page 11.
Chapter 10 vRealize Automation Medium Deployment Requirements Graphics Figure 10‑1. Minimum footprint for vRealize Automation medium configuration Not Shown: All Infrastructure systems require access to Port 5480 of all vRealize Appliances for Log Collection (vRA Settings > Cluster > Collect Logs on Virtual Appliance:5480) to function.
Reference Architecture Figure 10‑2. Minimum footprint for vRealize Business for Cloud medium deployment vRA Virtual Appliance Load Balancer vrava.ra.local vRA IaaS Web Load Balancer web.ra.local 40 443 443 443 vCenter 443 Amazon Web Services 443 vCloud Director 443 vCenter Operations Manager vRealize Business for Cloud Virtual Appliance vrb.ra.local VMware, Inc.
vRealize Automation Large Deployment Requirements 11 A vRealize Automation large deployment comprises systems of 50,000 managed machines or fewer and includes the appropriate virtual machines, load balancers, and port configurations. Support A large deployment can support the following items. n 50,000 managed machines n 2500 catalog items n 100 concurrent machine provisions Requirements A large deployment must meet the appropriate system configuration requirements.
Reference Architecture n Infrastructure Manager Service Load Balancer: manager.ra.local Certificates The host names used in this table are examples only. Server Role CN or SAN vRealize Automation appliance SAN contains the following host names: n vrava.ra.local n vrava-1.ra.local n vrava-2.ra.local Infrastructure Web Server SAN contains the following host names: web.ra.local n web-1.ra.local n web-2.ra.local n Infrastructure Manager Server SAN contains the following host names: n manager.ra.
Chapter 11 vRealize Automation Large Deployment Requirements Server Role Inbound Ports Outbound Ports for Service or System vRealize Automation vRealize Automation appliance HTTPS: 443 Adapter Configuration: 8443 Remote Console Proxy: 8444 Postgres: 5432 Rabbit MQ: 4369, 25672, 5671, 5672 ElasticSearch: 9300, 40002, 40003 Stomp: 61613 SSH: 22 Control-Center: 8283 LDAP: 389 LDAPS: 636 vRealize AutomationAppliance: 5432, 4369, 25672, 5671,5672, 9300, 40002, 40003.
Reference Architecture Outbound Ports for Service or System Server Role Inbound Ports Infrastructure Agent Server NA vRealize Automation Infrastructure Web Load Balancer: 443 vRealize Automation Infrastructure Manager Load Balancer: 443 vRealize Automation Appliance: 5480. MSSQL Database Server MSSQL: 1433 MSDTC: 135, 1024-65535. For information about how to narrow this range, see the Database Deployment section of Chapter 2, “vRealize Automation Deployment,” on page 11.
Chapter 11 vRealize Automation Large Deployment Requirements Graphics Figure 11‑1. Minimum footprint for vRealize Automation large configuration NOT SHOWN All Infrastructure systems require access to Port 5480 of all vRealize Appliances for Log Collection (vRA Settings > Cluster > Collect Logs on Virtual Appliance:5480) to function.
Reference Architecture Figure 11‑2. Minimum footprint for vRealize Business for Cloud large configuration vRA Virtual Appliance Load Balancer vrava.ra.local vRA Infrastructure Web Load Balancer web.ra.local 46 443 443 443 vCenter 443 Amazon Web Services 443 vCloud Director 443 vCenter Operations Manager vRealize Business for Cloud Virtual Appliance vrb.ra.local VMware, Inc.
Index D DEM, analysis and tuning 19 deploy and configure, recommendations 9 deploying, vRealize Automation 11 deployment large 41 medium 35 deployment considerations, vRealize Business for Cloud 15 G glossary 5 H high availability, vRealize Automation 23 I intended audience 5 M machines 27 manager service, configure for high volume 18 medium deployment, vRealize Automation 35 S scalability vRealize Automation 17 vRealize Business for Cloud 21 small deployment 29 U updated information 7 V vRealize Au
Reference Architecture 48 VMware, Inc.
