Foundations and Concepts 12 April 2018 vRealize Automation 7.
Foundations and Concepts You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation, submit your feedback to docfeedback@vmware.com VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com Copyright © 2008–2018 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc.
Contents Foundations and Concepts Foundations and Concepts Using Scenarios 4 5 5 Using the Goal Navigator 5 Introducing vRealize Automation Tenancy and User Roles Service Catalog 6 12 24 Infrastructure as a Service 27 XaaS Blueprints and Resource Actions VMware, Inc.
Foundations and Concepts VMware vRealize ™ Automation provides a secure portal where authorized administrators, developers, or business users can request new IT services. In addition, they can manage specific cloud and IT resources that enable IT organizations to deliver services that can be configured to their lines of business in a self-service catalog. This documentation describes the features and capabilities of vRealize Automation.
Foundations and Concepts Foundations and Concepts Before you begin working with vRealize Automation, you can familiarize yourself with basic vRealize Automation concepts. Using Scenarios You can use scenarios to build working samples of vRealize Automation functionality that you can learn from or customize to suit your needs. Scenarios walk you through the most common and simplified workflow to complete a vRealize Automation task.
Foundations and Concepts Introducing vRealize Automation IT organizations can use VMware vRealize ™ Automation to deliver services to their lines of business. vRealize Automation provides a secure portal where authorized administrators, developers, or business users can request new IT services and manage specific cloud and IT resources, while ensuring compliance with business policies.
Foundations and Concepts n Infrastructure as a Service Overview With Infrastructure as a Service (IaaS), you can rapidly model and provision servers and desktops across virtual and physical, private and public, or hybrid cloud infrastructures. n Software Components Overview Software components automate the installation, configuration, and life cycle management of middleware and application deployments in dynamic cloud environments.
Foundations and Concepts n Service Catalog Overview The service catalog provides a unified self-service portal for consuming IT services. Users can browse the catalog to request items they need, track their requests, and manage their provisioned items. n Containers Overview You can use containers to gain access to additional instrumentation for developing and deploying applications in vRealize Automation.
Foundations and Concepts Deploying Any Application and Middleware Service You can deploy Software components on Windows or Linux operating systems on vSphere, vCloud Director, vCloud Air, and Amazon AWS machines. n IaaS architects create reusable machine blueprints based on templates, snapshots, or Amazon machine images that contain the guest agent and Software bootstrap agent to support Software components.
Foundations and Concepts n For information about vRealize CloudClient, see https://developercenter.vmware.com/tool/cloudclient. XaaS Overview With the XaaS, XaaS architects can create XaaS blueprints and resource action, and publish them as catalog items. With XaaS, you can provide anything as a service using the capabilities of VMware vRealize ™ Orchestrator ™. For example, you can create a blueprint that allows a user to request a backup of a database.
Foundations and Concepts Container administrators can use Containers to perform the following tasks: n Model containerized applications in vRealize Automation blueprints. n Provision container hosts from the vRealize Automation service catalog. n Manage container hosts from within vRealize Automation. n Create and configure hosts. n Set resource quotas for containers. n Work with templates, images, and registries. n Create and edit blueprints in the vRealize Automation service catalog.
Foundations and Concepts n Promotes efficiencies in the virtual infrastructure by making it possible to compare the prices, efficiency, and availability of their private cloud with public cloud providers and industry benchmark data. n Optimizes decisions about placement for virtual workloads and tradeoffs between buying new hardware and using public cloud providers. For more information about vRealize Business for Cloud, see the vRealize Business for Cloud documentation.
Foundations and Concepts Table 1. Tenant Configuration (Continued) Configuration Area Description Service catalog offerings Service architects can create and publish catalog items to the service catalog and assign them to service categories. Services and catalog items are always specific to a tenant. Infrastructure resources The underlying infrastructure fabric resources, for example, vCenter servers, Amazon AWS accounts, or Cisco UCS pools, are shared among all tenants.
Foundations and Concepts Infrastructure configuration, including the infrastructure sources that are available for provisioning, can be configured in any tenant and is shared among all tenants. You divide your infrastructure resources, such as cloud or virtual compute resources, into fabric groups and assign an administrator to manage those resources as the fabric administrator. Fabric administrators can allocate resources in their fabric group to business groups by creating reservations.
Foundations and Concepts Figure 1. Single-Tenant Example http://vra.mycompany.com/vcac/ Default Tenant (Tenant config) Business group mgr Tenant admin Business Group • User management • Tenant branding • Tenant notification providers • Approval policies • Catalog management Business goup mgr Business Group http://vra.mycompany.
Foundations and Concepts Table 2. Multi-tenant Deployment Examples Example Description Manage infrastructure configuration only in the default tenant In this example, all infrastructure is centrally managed by IaaS administrators and fabric administrators in the default tenant. The shared infrastructure resources are assigned to the users in each tenant by using reservations.
Foundations and Concepts The following diagram shows a multi-tenant deployment where each tenant manages their own infrastructure. The system administrator is the only user who logs in to the default tenant to manage system-wide configuration and create tenants. Each tenant has an IaaS administrator, who can create fabric groups and appoint fabric administrators with their respective tenants.
Foundations and Concepts System Administrator The system administrator is typically the person who installs vRealize Automation and is responsible for ensuring its availability for other users. The system administrator creates tenants and manages systemwide configuration such as system defaults for branding and notification providers. This role is also responsible for monitoring system logs. In a single-tenant deployment, the same person might also act as the tenant administrator.
Foundations and Concepts Tenant Role Overview Tenant roles typically have responsibilities that are limited to a specific tenant and cannot affect other tenants in the system. VMware, Inc.
Foundations and Concepts Table 4. Tenant Role Overview Role Description Tenant Administrator Typically a line-of-business administrator, business manager, or IT administrator who is responsible for a tenant. Tenant administrators configure vRealize Automation for the needs of their organizations. They are responsible for user and group management, tenant branding and notifications, and business policies such as approvals and entitlements.
Foundations and Concepts Tenant Roles and Responsibilities in vRealize Automation You can assign tenant roles to users in any tenant. The roles have responsibilities that are specific to that tenant. Table 5. Tenant Roles and Responsibilities Role Responsibilities Tenant administrator n Customize tenant branding.
Foundations and Concepts Table 5. Tenant Roles and Responsibilities (Continued) Role Responsibilities Infrastructure architect n Create and manage infrastructure blueprint components. n Assemble and manage composite blueprints. n Define custom resource types. n Create and publish XaaS blueprints. n Create and manage resource mappings. n Create and publish resource actions. n Create and manage software blueprint components. n Assemble and manage composite blueprints.
Foundations and Concepts Table 5. Tenant Roles and Responsibilities (Continued) Role Responsibilities Business group manager n Add and delete users within the business group. n Assign support user roles to users in the business group. n Create and manage entitlements for the business group. n Request and manage items on behalf of a user in the business group. n Assign approval policies for the business group. n Monitor resource usage in a business group. n Change machine owner.
Foundations and Concepts When you enable Containers, two container-specific roles appear in the list of roles that a vRealize Automation tenant administrator can assign to users and groups. User Role Description Container Administrator Users and groups with this role can see the Containers tab in vRealize Automation. They can use all theContainers options, such as configuring hosts, placements, and registries.
Foundations and Concepts Requesting and Managing Items in the Catalog The catalog provides a self-service portal for requesting services and also enables business users to manage their own provisioned resources. The following example is of a typical life cycle. Connie, the consumer of IT services, logs in to the vRealize Automation console. On the Catalog tab, she browses for the service offerings she needs to do her job.
Foundations and Concepts For example, catalog offerings can be organized into Infrastructure Services, Application Services, and Desktop Services. A tenant administrator or catalog administrator can specify information about the service such as the service hours, support team, and change window. Although the catalog does not enforce service-level agreements on services, this information is available to business users browsing the service catalog.
Foundations and Concepts You can entitle an entire service category, which entitles all of the catalog items in that service, including items that are added to the service after you create the entitlement. You can also add individual catalog items in a service to an entitlement. Services do not contain actions. You must add actions to an entitlement individually. For each service, catalog item, or action that you entitle, you can optionally specify an approval policy to apply to requests for that item.
Foundations and Concepts n Configuring Infrastructure Fabric The IaaS administrator and fabric administrator roles are responsible for configuring the fabric to enable provisioning of infrastructure services. Fabric configuration is system-wide and is shared across all tenants. n Infrastructure Source Endpoints Infrastructure sources can include a group of virtualization compute resources or a cloud service account.
Foundations and Concepts n Machine Leases and Reclamation Machine lease and reclamation options provides mechanisms for controlling resource use and controlling prices. n Scaling and Reconfiguring Deployments You can scale provisioned deployments to adjust to changing workload demands. You use the scale in or scale out actions for horizontal scale, and the machine reconfigure action for vertical scale.
Foundations and Concepts An IaaS administrator configures an infrastructure source by specifying the endpoint details and credentials that vRealize Automation can use to communicate with the source. vRealize Automation collects information about all configured infrastructure sources at regular intervals. Table 6.
Foundations and Concepts Table 8. Data Collection Types Data Collection Type Description Infrastructure Source Endpoint Data Collection Updates information about virtualization hosts, templates, and ISO images for virtualization environments. Updates virtual datacenters and templates for vCloud Director. Updates Amazon regions and machines provisioned on Amazon regions. Endpoint data collection runs every 4 hours.
Foundations and Concepts Business Groups A business group associates a set of services and resources to a set of users, often corresponding to a line of business, department, or other organizational unit. Business groups are managed in Administration > Users and Groups and are used when creating reservations and entitling users to items in the service catalog. To request catalog items, a user must belong to the business group that is entitled to request the item.
Foundations and Concepts A cloud reservation provides access to the provisioning services of a cloud service account, for Amazon AWS, or to a virtual datacenter, for vCloud Director, for a business group to use. A business group can have multiple reservations on the same compute resource or different compute resources, or any number of reservations containing any number of machines. A compute resource can also have multiple reservations for multiple business groups.
Foundations and Concepts Machine Blueprints A blueprint that contains a machine component specifies the workflow used to provision a machine and includes information such as CPU, memory, and storage. Machine blueprints specify the workflow used to provision a machine and include additional provisioning information such as the locations of required disk images or virtualization platform objects.
Foundations and Concepts When a machine lease expires, the machine is powered off. When the archive period expires, the machine is destroyed. You can reactivate an archived machine by setting the expiration date to a date in the future to extend its lease, and powering it back on. You can send notification emails to alert machine owners and business group managers that a machine's lease is about to expire and again when the lease expires.
Foundations and Concepts Table 9. Support for Scalable Components Component Type Support ed Machine components Yes Scale out provisions additional instances of your machines, and scale in destroys machines in last in, first out order. Software components Yes Software components are provisioned or destroyed along with machines that are scaled, and the update life cycle scripts are run for any software components that depend on the scaled machine components.
Foundations and Concepts For a clustered deployment, in which the deployment created from a blueprint contains more than one VM, scaling fails if the blueprint uses a hostname custom property but does not contain a machine prefix value. To avoid this issue, you can use the machine prefix option in the blueprint definition. Otherwise, the scaling function attempts to use the same hostname setting for each VM in the cluster. For more information, see VMware Knowledge Base article 2148213 at http://kb.vmware.
Foundations and Concepts You can create XaaS blueprints and actions for either requesting or provisioning. The XaaS blueprints for requesting do not provision items and provide no options for post-provisioning operations. Examples of XaaS blueprints for requesting include blueprints for sending emails, generating reports, performing complex calculations, and so on. For an XaaS blueprint, the result is a provisioned item.
Foundations and Concepts XaaS Blueprints An XaaS blueprint is a complete specification of a resource. With XaaS blueprints, you publish predefined and custom vRealize Orchestrator workflows as catalog items for either requesting or provisioning. Blueprints for requesting run workflows with no provisioning and provide no options for managing a provisioned item. Before you create a blueprint for provisioning, you must map the workflow output parameter as a custom resource.
Foundations and Concepts Configure an outbound mail server to send notifications. Do you want users to be able to respond to notifications? Yes Configure an inbound mail server to receive notifications. No Enable notifications for any events you want to allow users to receive updates for. Do you want to customize the templates for IaaS notifications? Yes TEMPLATE Edit the configuration files that control IaaS notifications. No Tell your users how to subscribe to the notifications you enabled.
Foundations and Concepts System administrators control the default branding for all tenants. A tenant administrator can change the branding of the portal including the login pages, logo, the background color, and the information in the header and footer. If the branding for a tenant is changed, a tenant administrator can always revert back to the system defaults. Life Cycle Extensibility The architecture of vRealize Automation is designed with extensibility in mind.
Foundations and Concepts For a full list of supported infrastructure types and provisioning methods, see vRealize Automation Support Matrix. For information about configuring infrastructure blueprints, see Configuring vRealize Automation. Configuring Business-Relevant Services The vRealize Automation console enables administrators to configure business- and user-specific policies through a web-based user interface without writing any code.
Foundations and Concepts It can also be beneficial to expose entirely new services in the service catalog, so that users can automate other initiatives directly via the portal. Service architects can create XaaS blueprints for storageas-a-service, networking services or virtually any kind of IT service by using XaaS. For details about how to create new catalog items, see Configuring vRealize Automation.
