Foundations and Concepts vRealize Automation 6.
Foundations and Concepts You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation, submit your feedback to docfeedback@vmware.com VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com Copyright © 2008–2016 VMware, Inc. All rights reserved. Copyright and trademark information. VMware, Inc.
Contents Foundations and Concepts Updated Information 5 5 Using the Goal Navigator 6 1 Introducing vRealize Automation 7 Service Catalog Overview 7 Infrastructure as a Service Overview Advanced Service Designer Overview 8 8 vRealize Business Standard Edition Overview Application Services Overview 8 9 2 Tenancy and User Roles 10 Tenancy Overview 10 User and Group Management 11 Comparison of Single-Tenant and Multitenant Deployments User Roles Overview 11 15 System-Wide Role Overview 15 S
Foundations and Concepts Configuring Reservation Policies Cost Profiles 30 30 Machine Blueprints 31 Machine Leases and Reclamation Machine Leases 32 32 Reclamation Overview Machine Reconfiguration 32 33 5 Advanced Service Designer 34 Creating Advanced Services Custom Resources 35 Resource Mappings 35 Service Blueprints 35 Resource Actions 36 Form Designer 34 36 6 Common Components 37 Approvals Overview Notifications Branding 37 38 38 7 Extensibility 39 vRealize Automation Extensibi
Foundations and Concepts VMware vRealize ™ Automation provides a secure portal where authorized administrators, developers, or business users can request new IT services. In addition, they can manage specific cloud and IT resources that enable IT organizations to deliver services that can be configured to their lines of business in a self-service catalog. This documentation describes the features and capabilities of vRealize Automation.
Foundations and Concepts Revision Description 001650-04 Updated Data Collection to add default data collection intervals. 001650-03 Made minor editorial updates. 001650-02 Updated Actions. 001650-01 Updated information about machine lease expiration and archive behavior. See Machine Leases. 001650-00 Initial 6.2 release. Using the Goal Navigator The goal navigator guides you through high-level goals that you might want to accomplish in vRealize Automation.
Introducing vRealize Automation 1 IT organizations can use VMware vRealize ™ Automation to deliver services to their lines of business. vRealize Automation provides a secure portal where authorized administrators, developers or business users can request new IT services and manage specific cloud and IT resources, while ensuring compliance with business policies.
Foundations and Concepts Infrastructure as a Service Overview With Infrastructure as a Service (IaaS), you can rapidly model and provision servers and desktops across virtual and physical, private and public, or hybrid cloud infrastructures. Modeling is accomplished by creating a machine blueprint, which is a specification for a virtual, cloud, or physical machine. Blueprints are published as catalog items in the common service catalog.
Foundations and Concepts vRealize Business Standard Edition provides the following benefits: n Drives accountability by providing visibility into the cost of virtual infrastructure and public cloud providers. n Promotes efficiencies in the virtual infrastructure by making it possible to compare the costs, efficiency, and availability of their private cloud with public cloud providers and industry benchmark data.
Tenancy and User Roles 2 vRealize Automation supports multiple tenants in the same installation. Users always log in and perform their tasks in a specific tenant. Some administrator roles can manage configuration that affects multiple tenants. This chapter includes the following topics: n Tenancy Overview n User Roles Overview Tenancy Overview A tenant is an organizational unit in a vRealize Automation deployment.
Foundations and Concepts Table 2‑1. Tenant Configuration (Continued) Configuration Area Description Service catalog offerings Service architects can create and publish catalog items to the service catalog and assign them to service categories. Services and catalog items are always specific to a tenant. Infrastructure resources The underlying infrastructure fabric resources, for example, vCenter servers, Amazon AWS accounts, or Cisco UCS pools, are shared among all tenants.
Foundations and Concepts System-wide configuration is always performed in the default tenant and can apply to one or more tenants. For example, system-wide configuration might specify defaults for branding and notification providers. Infrastructure configuration, including the infrastructure sources that are available for provisioning, can be configured in any tenant and is shared among all tenants.
Foundations and Concepts Figure 2‑1. Single-Tenant Example http://vra.mycompany.com/vcac/ Default Tenant (Tenant config) Business group mgr Tenant admin Business Group • User management • Tenant branding • Tenant notification providers • Approval policies • Catalog management Business goup mgr Business Group http://vra.mycompany.
Foundations and Concepts Table 2‑2. Multitenant Deployment Examples Example Description Manage infrastructure configuration only in the default tenant In this example, all infrastructure is centrally managed by IaaS administrators and fabric administrators in the default tenant. The shared infrastructure resources are assigned to the users in each tenant by using reservations.
Foundations and Concepts The following diagram shows a multitenant deployment where each tenant manages their own infrastructure. The system administrator is the only user who logs in to the default tenant to manage system-wide configuration and create tenants. Each tenant has an IaaS administrator, who can create fabric groups and appoint fabric administrators with their respective tenants.
Foundations and Concepts System Administrator The system administrator is typically the person who installs vRealize Automation and is responsible for ensuring its availability for other users. The system administrator creates tenants and manages systemwide configuration such as system defaults for branding and notification providers. This role is also responsible for monitoring system logs. In a single-tenant deployment, the same person might also act as the tenant administrator.
Foundations and Concepts Table 2‑3.
Foundations and Concepts In Infrastructure as a Service, tenant administrators and business group managers can create machine blueprints and multi-machine blueprints. In Application Services, application architects can create application blueprints and deployment profiles. In the Advanced Service Designer, service architects can create service blueprints. Business Group Manager Manages one or more business groups. Typically a line manager or project manager.
Foundations and Concepts Table 2‑4. Tenant Roles and Responsibilities Role Responsibilities Tenant administrator n Manage tenant identity stores. n Manage user and group roles. n Create custom groups. n Customize tenant branding. n Manage notification providers. n Enable notification scenarios for tenant users. n Create and manage approval policies. n Manage catalog services. How Assigned The system administrator designates a tenant administrator when creating a tenant.
Foundations and Concepts Table 2‑4. Tenant Roles and Responsibilities (Continued) Role Responsibilities Business group manager n Create and publish business group– specific machine blueprints from IaaS. n Manage business group–specific catalog items and entitlements. n Monitor resource usage in a business group. Support user n Request and manage items on behalf of other users within their business groups.
Service Catalog 3 The service catalog provides a common interface for consumers of IT services to use to request and manage the services and resources they need.
Foundations and Concepts If the request results in an item being provisioned, it is added to Connie's list of items on the Items tab. Here she can view the item details or perform additional actions on her items. In the virtual machine example, she might be able to power on or power off the machine, connect to it through Remote Desktop, reconfigure it to add more resources, or dispose of it when she no longer needs it.
Foundations and Concepts Other catalog items do not result in provisioned items. For example, a cell phone user can submit a request for additional minutes on a mobile plan. The request initiates a workflow that adds minutes to the plan. The user can track the request as it progresses, but cannot manage the minutes after they are added. Some catalog items are available only in a specific business group, other catalog items are shared between business groups in the same tenant.
Foundations and Concepts The actions that you entitle to users apply to any items that support the entitled action and they are not limited to the services and actions in the same entitlement.
Infrastructure as a Service 4 With Infrastructure as a Service (IaaS), you can rapidly model and provision servers and desktops across virtual and physical, private and public, or hybrid cloud infrastructures.
Foundations and Concepts A tenant administrator creates business groups and designates managers for each group. After business groups are created, a fabric administrator can create reservations. A reservation allocates provisioning resources in the fabric group to a specific business group. Optionally, the fabric administrator can configure policies such as reservation policies that control placement of provisioned machines, or cost profiles that associate a cost with the use of specific compute resources.
Foundations and Concepts Information about the compute resources on each infrastructure source endpoint and machines provisioned on each compute resource is collected at regular intervals. Table 4‑2.
Foundations and Concepts Table 4‑3. Data Collection Types (Continued) Data Collection Type Description Performance Data Collection (vSphere compute resources only) Updates the record of the average CPU, storage, memory, and network usage for each virtual machine discovered through inventory data collection. Performance data collection runs every 24 hours. The default timeout interval for performance data collection is 2 hours.
Foundations and Concepts A business group must have at least one business group manager, who monitors the resource use for the group and often is an approver for catalog requests. In IaaS, group managers also create and manage machine blueprints for the groups they manage. Business groups can also contain support users, who can request and manage machines on behalf of other group members. Business group managers can also submit requests on behalf of their users.
Foundations and Concepts A compute resource can also have multiple reservations for multiple business groups. In the case of virtual reservations, you can reserve more resources across several reservations than are physically present on the compute resource. For example, if a storage path has 100GB of storage available, a fabric administrator can create one reservation for 50GB of storage and another reservation using the same path for 60GB of storage.
Foundations and Concepts n Cost per CPU specified in the virtual blueprint or installed in the physical machine n Cost per GB of storage capacity as specified in the virtual blueprint (not used for physical machines, because storage attached to physical machines is not discovered or tracked) For finer definition of storage cost for virtual machines, you can also associate each known datastore on a compute resource with a storage cost profile.
Foundations and Concepts n If a tenant administrator sets the shared blueprint as copyable, the business group manager can also copy it to use as a starting point to create a new group blueprint. You can add custom properties to a blueprint to specify attributes of a machine or to override default specifications. You can also add build profiles to a blueprint as a convenience for specifying multiple custom properties.
Foundations and Concepts You can use the metrics to identify underused machines that might be candidates for reclamation. Select the candidate machines and send a reclamation request to the owners of the machines. The machine owner has a fixed period of time to respond to the request. If the machine is still in use, the owner can stop the reclamation process and continue using the machine.
Advanced Service Designer 5 Service architects can use the Advanced Service Designer to create advanced services and publish them to the service catalog. They can also create and publish post-provisioning operations that the consumers can perform on provisioned items.
Foundations and Concepts Custom Resources You must create a custom resource so that you can create an advanced service for provisioning with the option to access and manage the provisioned items. Custom resources define the items for provisioning, and you can use them to define post-provisioning operations that the consumers can perform. You create a custom resource to define a new type of provisioned item and map it to an existing vRealize Orchestrator object type.
Foundations and Concepts Resource Actions You can create custom resource actions to configure the post-provisioning operations that the consumers can perform. To create post-provisioning operations, you must publish vRealize Orchestrator workflows as resource actions. To create a resource action for an item provisioned by using the Advanced Service Designer, you use a custom resource as an input parameter for the workflow.
Common Components 6 vRealize Automation includes several common components in addition to the service catalog and catalog item sources such as Infrastructure as a Service and the Advanced Service Designer. This chapter includes the following topics: n Approvals Overview n Notifications n Branding Approvals Overview Any catalog request, whether it is for a new catalog item or to perform an action on a provisioned item, can be subject to approval.
Foundations and Concepts An approval phase is a sequence of approval levels associated with a particular stage in the request. The approval policy type defines how many phases a policy has and which stage in a request triggers a particular approval phase.
Extensibility 7 The architecture of vRealize Automation is designed with extensibility in mind. To satisfy different extensibility use cases, vRealize Automation offers a variety of configuration options and tools.
Foundations and Concepts 5. Call vRealize Automation services from existing applications ServiceNow PMG Remedy Homegrown service catalog 2. Configure businessrelevant services Specify provisioning methodology Service entitlements Custom properties Resource reservations Specify custom machine/OS properties Etc. vRealize Automation vRealize Automation RESTAPI Policy Management Design Center Multi-vendor, Multi-cloud Advanced Services Designer vRealize Orchestrator IT Process Automation 4.
Foundations and Concepts Using custom properties, machine blueprint authors can define additional machine properties or override their standard attributes for a variety of purposes. For details about the use and configuration of custom properties, see the IaaS Configuration documentation for the relevant machine type or the Custom Properties Reference.
Foundations and Concepts The vRealize Automation runtime environment consists of one or more DEM Worker instances that can execute any workflow installed in the core engine. Additional Worker instances can be added as needed for scalability, availability and distribution. Skills can be used to associate DEMs and workflows, restricting execution of a given workflow to a particular DEM or set of DEMs with matching skills. Any number and combination of skills can be associated with a given workflow or DEM.
