Foundations and Concepts vRealize Automation 7.2 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
Foundations and Concepts You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2008–2017 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com 2 VMware, Inc.
Contents Foundations and Concepts 5 Updated Information 5 Using Scenarios 6 Using the Goal Navigator 6 Introducing vRealize Automation 6 Providing On-Demand Services to Users Overview 7 vRealize Business for Cloud Overview 12 Tenancy and User Roles 12 Tenancy Overview 12 User Roles Overview 16 Service Catalog 22 Requesting and Managing Items in the Catalog 23 Creating and Publishing Catalog Items 23 Services for the Service Catalog 23 Catalog Items 24 Actions 24 Entitlements 24 Approval Policies 25 Infrast
Foundations and Concepts Life Cycle Extensibility 38 vRealize Automation Extensibility Options 38 Leveraging Existing and Future Infrastructure 38 Configuring Business-Relevant Services 39 Extending vRealize Automation with Event-Based Workflows 39 Integrating with Third-Party Management Systems 39 Adding New IT Services and Creating New Actions 39 Calling vRealize Automation Services from External Applications 40 Distributed Execution 40 Index 4 41 VMware, Inc.
Foundations and Concepts VMware vRealize ™ Automation provides a secure portal where authorized administrators, developers, or business users can request new IT services. In addition, they can manage specific cloud and IT resources that enable IT organizations to deliver services that can be configured to their lines of business in a self-service catalog. This documentation describes the features and capabilities of vRealize Automation.
Foundations and Concepts Revision Description EN-002292-02 Updated “Scaling and Reconfiguring Deployments,” on page 32. EN-002292-01 n n EN-002292-00 Updated “Containers User Roles and Access Privileges,” on page 22. Updated “Tenant Roles and Responsibilities in vRealize Automation,” on page 20. Initial release. Using Scenarios You can use scenarios to build working samples of vRealize Automation functionality that you can learn from or customize to suit your needs.
Foundations and Concepts You can improve cost control by using vRealize Automation to monitor resource and capacity usage. For further cost control management, you can integrate vRealize Business Advanced or Enterprise Edition with your vRealize Automation instance to expose the cost of cloud and virtual machine resources, and help you better manage capacity, cost, and efficiency.
Foundations and Concepts n Infrastructure as a Service Overview on page 9 With Infrastructure as a Service (IaaS), you can rapidly model and provision servers and desktops across virtual and physical, private and public, or hybrid cloud infrastructures. n Software Components Overview on page 9 Software components automate the installation, configuration, and life cycle management of middleware and application deployments in dynamic cloud environments.
Foundations and Concepts n Containers Overview on page 11 You can use containers to gain access to additional instrumentation for developing and deploying applications in vRealize Automation. Infrastructure as a Service Overview With Infrastructure as a Service (IaaS), you can rapidly model and provision servers and desktops across virtual and physical, private and public, or hybrid cloud infrastructures. Modeling is accomplished by creating a machine blueprint, which is a specification for a machine.
Foundations and Concepts Standardization in Software With Software, you can create reusable services using standardized configuration properties to meet strict requirements for IT compliance. Software includes the following standardized configuration properties: n Model-driven architecture that enables adding IT certified machine blueprints and middleware services within the application blueprint.
Foundations and Concepts Users responsible for managing the catalog, such as tenant administrators and service architects, can manage the presentation of catalog items to the consumers of IT services, for example by grouping items into service categories for easier navigation and highlighting new services to consumers on the portal home page. Containers Overview You can use containers to gain access to additional instrumentation for developing and deploying applications in vRealize Automation.
Foundations and Concepts vRealize Business for Cloud Overview With vRealize Business for Cloud, directors of cloud operations can monitor their expenditures and design more cost-efficient cloud services. vRealize Business for Cloud provides the following benefits: Drives accountability by providing visibility into the cost of virtual infrastructure and public cloud n providers.
Foundations and Concepts About the Default Tenant When the system administrator configures an Active Directory link using Directories management during the installation of vRealize Automation, a default tenant is created with the built-in system administrator account to log in to the vRealize Automation console. The system administrator can then configure the default tenant and create additional tenants. The default tenant supports all of the functions described in Tenant Configuration.
Foundations and Concepts Figure 1. Single-Tenant Example http://vra.mycompany.com/vcac/ Default Tenant Business group mgr (Tenant config) Tenant admin Business Group • User management • Tenant branding • Tenant notification providers • Approval policies • Catalog management Business goup mgr Business Group http://vra.mycompany.
Foundations and Concepts The following diagram shows a multitenant deployment with centrally managed infrastructure. The IaaS administrator in the default tenant configures all infrastructure sources that are available for all tenants. The IaaS administrator can organize the infrastructure into fabric groups according to type and intended purpose. For example, a fabric group might contain all virtual resources, or all Tier One resources.
Foundations and Concepts Figure 3. Multitenant Example with Infrastructure Configuration in Each Tenant http://vra.mycompany.com/ vcac/org/tenanta/ http://vra.mycompany.com/ vcac/org/tenantb/ http://vra.mycompany.com/ vcac/org/tenantc/ Tenant A Tenant B Tenant C Tenant admin http://vra. mycompany.
Foundations and Concepts System-Wide Roles and Responsibilities Users with system-wide roles manage configurations that can apply to multiple tenants. The system administrator is only present in the default tenant, but you can assign IaaS administrators to any tenant. Table 3. System-Wide Roles and Responsibilities Role System Administrator Responsibilities n n n n n n n n n IaaS Administrator n n n n n n n n VMware, Inc. How Assigned Create tenants. Configure tenant identity stores.
Foundations and Concepts Tenant Role Overview Tenant roles typically have responsibilities that are limited to a specific tenant, and cannot affect other tenants in the system. 18 VMware, Inc.
Foundations and Concepts Table 4. Tenant Role Overview Role Description Tenant Administrator Typically a line-of-business administrator, business manager, or IT administrator who is responsible for a tenant. Tenant administrators configure vRealize Automation for the needs of their organizations. They are responsible for user and group management, tenant branding and notifications, and business policies such as approvals and entitlements.
Foundations and Concepts Tenant Roles and Responsibilities in vRealize Automation You can assign tenant roles to users in any tenant. The roles have responsibilities that are specific to that tenant. Table 5. Tenant Roles and Responsibilities Role Tenant administrator Responsibilities n n n n n n n n n n n n n Fabric administrator n n n n n n n n Customize tenant branding. Manage tenant identity stores. Manage user and group roles. Create custom groups. Manage notification providers.
Foundations and Concepts Table 5. Tenant Roles and Responsibilities (Continued) Role Responsibilities Software architect n n Container architect n n Create and manage software blueprint components. Assemble and manage composite blueprints. Tenant administrators can assign this role to users in their tenant at any time from the Administration tab. Add, edit, and remove container components in a blueprint by using options on the Design tab.
Foundations and Concepts Containers User Roles and Access Privileges You can use container-specific roles to control who can create and configure containers by using options in the vRealize Automation Containers tab and who can add and configure container components in blueprints by using options in the Design tab. When you enable Containers, two container-specific roles appear in the list of roles that a vRealize Automation tenant administrator can assign to users and groups.
Foundations and Concepts Requesting and Managing Items in the Catalog The catalog provides a self-service portal for requesting services and also enables business users to manage their own provisioned resources. The following example is of a typical life cycle. Connie, the consumer of IT services, logs in to the vRealize Automation console. On the Catalog tab, she browses for the service offerings she needs to do her job.
Foundations and Concepts Catalog Items Users can browse the service catalog for catalog items that they are entitled to request. Some catalog items result in an item being provisioned that the user can manage through its life cycle. For example, an application developer can request storage as a service, then later add capacity, request backups, and restore previous backups. Other catalog items do not result in provisioned items.
Foundations and Concepts If multiple entitlements exist for the same business group, you can prioritize the entitlements. When a user makes a catalog request, the entitlement and associated approval policy that applies is the highest priority entitlement that grants the user access to that item or action. Approval Policies An approval policy is used to govern whether a service catalog user needs approval from someone in your organization to provision items in your environment.
Foundations and Concepts n Configuring Reservation Policies on page 30 When a user requests a machine, it can be provisioned on any reservation of the appropriate type that has sufficient capacity for the machine. You can apply a reservation policy to a blueprint to restrict the machines provisioned from that blueprint to a subset of available reservations.
Foundations and Concepts When the fabric administrator has created reservations, the IaaS architects can create and publish machine blueprints for reuse in application blueprints and for catalog administrators to make available in the service catalog. Infrastructure Source Endpoints Infrastructure sources can include a group of virtualization compute resources or a cloud service account.
Foundations and Concepts Data Collection vRealize Automation collects data from infrastructure source endpoints and their compute resources. Data collection occurs at regular intervals. Each type of data collection has a default interval that you can override or modify. Each type of data collection also has a default timeout interval that you can override or modify.
Foundations and Concepts Fabric Groups An IaaS administrator can organize virtualization compute resources and cloud endpoints into fabric groups by type and intent. One or more fabric administrators manage the resources in each fabric group. Fabric administrators are responsible for creating reservations on the compute resources in their groups to allocate fabric to specific business groups.
Foundations and Concepts A business group can have multiple reservations on the same compute resource or different compute resources, or any number of reservations containing any number of machines. A compute resource can also have multiple reservations for multiple business groups. In the case of virtual reservations, you can reserve more resources across several reservations than are physically present on the compute resource.
Foundations and Concepts An example of a standalone virtual machine blueprint might be one that specifies a Windows 7 developer workstation with one CPU, 2 GB of memory, and a 30 GB hard disk. A standalone cloud machine blueprint might specify a Red Hat Linux web server image in a small instance type with one CPU, 2 GB of memory, and 160 GB of storage.
Foundations and Concepts Scaling and Reconfiguring Deployments You can scale provisioned deployments to adjust to changing workload demands. You use the scale in or scale out actions for horizontal scale, and the machine reconfigure action for vertical scale. You govern scale and reconfigure actions by using entitlements, approval policies, or by designing constraints directly into blueprints.
Foundations and Concepts Table 9. Support for Scalable Components (Continued) Component Type Suppor ted XaaS components No XaaS components are not scalable and are not updated during a scale operation. If you are using XaaS components in your blueprint, you could create a resource action for users to run after a scale operation, which could either scale or update your XaaS components as required.
Foundations and Concepts Table 10. Required Entitlements for Machine Reconfigure for Scaling Scenarios ( vSphere , vCloud Air , and vCloud Director only (Continued) Virtual or Cloud Machine Owner wants to... Required Entitlements Cancel a failed reconfigure request. Cancel reconfigure Cancel a scheduled reconfigure request. Cancel reconfigure XaaS Blueprints and Resource Actions XaaS architects can use the XaaS options to create blueprints and publish them to the service catalog.
Foundations and Concepts Resource Mappings You create resource mappings between the vRealize Automation catalog resource type and the vRealize Orchestrator inventory type to manage resources provisioned outside of XaaS. For example, you might want to create an action so that users can take a snapshot of their Amazon machines.
Foundations and Concepts Table 11. XaaS Object Types and Associated Forms Object Type Default Form Additional Forms Custom resource Resource details form based on the attributes of the vRealize Orchestrator plug-in inventory type (read-only). n None XaaS blueprint Request submission form based on the presentation of the selected workflow. n n Catalog item details (read-only) Submitted request details (read-only) Action submission form based on the presentation of the selected workflow.
Foundations and Concepts Configure an outbound mail server to send notifications. Do you want users to be able to respond to notifications? Yes Configure an inbound mail server to receive notifications. No Enable notifications for any events you want to allow users to receive updates for. Do you want to customize the templates for IaaS notifications? Yes TEMPLATE Edit the configuration files that control IaaS notifications. No Tell your users how to subscribe to the notifications you enabled.
Foundations and Concepts Branding Each tenant can change the appearance of the vRealize Automation console and login pages. System administrators control the default branding for all tenants. A tenant administrator can change the branding of the portal including the login pages, logo, the background color, and the information in the header and footer. If the branding for a tenant is changed, a tenant administrator can always revert back to the system defaults.
Foundations and Concepts For a full list of supported infrastructure types and provisioning methods, see vRealize Automation Support Matrix. For information about configuring infrastructure blueprints, see Configuring vRealize Automation. Configuring Business-Relevant Services The vRealize Automation console enables administrators to configure business- and user-specific policies through a web-based user interface without writing any code.
Foundations and Concepts Calling vRealize Automation Services from External Applications In some cases, organizations may want to interact with vRealize Automation programmatically rather than via the vRealize Automation console. For such scenarios, the vRealize Automation API provides a standardized, secured RESTful interface for cloud access and interaction, controlled through business-aware policy for consumers such as users, infrastructure, devices, and applications.
Index A F actions overview 24 XaaS 34 allocating resources, reservations 29 approval policies 25 fabric groups, overview 29 B help, using scenarios 6 blueprints machine 30 overview 7 XaaS 34 branding, defaults 38 business groups overview 29 requirements 29 C catalog, See service catalog catalog items, overview 24 catalog services, overview 23 compute resources, overview 27 containers, uses 11 Containers, using the context-sensitive help system 11 custom resources, overview 34 D dangling resources,
Foundations and Concepts R X rainpole, using the rainpole scenario 6 reclamation overview 31 reclaiming expired and underused machines 31 reconfiguring machines, overview 32 reservation policies, configuring 30 reservations, allocating resources 29 resource actions overview 35 See also actions resource mapping 35 roles tenant 20 See also user roles XaaS creating and publishing 34 form designer 35 overview 10 XaaS actions 34 XaaS blueprints, overview 35 S scaling overview of scale operations 32 partiall
