Finally we came to last post of this series where an end user will request a virtual machine for himself from the services he is entitled to.

In our last post Creating Entitlements we have created an entitlement for windows server 2003 and granted access to users manish@alex.local and alexhunt@alex.local. Lets see if these 2 users can request for a new virtual machine for themselves from the self-service portal and whether or not this request is completed.

If you have missed earlier posts of this series then you can access the same by clicking on below links:

1: Introduction to vCAC(vRA)

2: Installing and Configuring vRA Identity Appliance

3: Installing and Configuring vRA Appliance

4: Installing and configuring IaaS Components

5: Creating Tenants

6: Adding vSphere Endpoints

7: Creating and Configuring Fabric Groups

8: Creating Business Groups and Reservation

9: Creating and Publishing Blueprints

10: Creating Service

11: Creating Entitlements

Now we will see how an end user will request for a new virtual machine for him.… Read More

Entitlements  allows you to grant users and groups access to Services and/or Blueprints as well as determine what actions they can perform with them. Entitlements offer a significant amount of flexibility in how you provide access to services through the catalog, who can access those services, what actions they can perform, and what is any approvals are required.

Entitlements are made up of three components. Services, Catalog Items, and Actions. You can choose to entitle complete Services which encompass all Items within the service or just select catalog Items. You can also determine what actions the users that belong to the entitle can perform against all the catalog items that are a part of the entitlement.

Within entitlements you also have the ability to assign approvals to Services, Catalog Items, and actions.

If you have missed earlier posts of this series then you can access the same by clicking on below links:

1: Introduction to vCAC(vRA)

2: Installing and Configuring vRA Identity Appliance

3: Installing and Configuring vRA Appliance

4: Installing and configuring IaaS Components

5: Creating Tenants

6: Adding vSphere Endpoints

7: Creating and Configuring Fabric Groups

8: Creating Business Groups and Reservation

9: Creating and Publishing Blueprints

10: Creating Service

Now we will see how to create entitlements.… Read More

What is A Blueprint?

Blueprints define the resources and attributes associated with the provisioning of a virtual, physical, or cloud machine. vRA supports several type of platforms as endpoint such as vSphere, vCloud, Hyper-V, XEN, Physical, Amazon etc so a unique Blueprint is needed per platform.

Blueprints are visible as Item to end users in Service Catalog from where they can request to provision a new virtual machine or applications etc.

In this post we will learn how to Create and Publish a vSphere Blueprint. To do this there are certain pre-requisites that need to be met.

Within the blueprint configuration there is a template picker that will allow you to pick form the available templates in your environment. In order for templates to show up in the template picker there are some items that need to be configured in the vCAC environment. You will need to have the following already configured:

• vSphere Credential
• vSphere EndPoint
• Fabric Group (with the vSphere resources assigned)
• Reservation

If you have missed earlier posts of this series then I would recommend reading them first before going ahead.… Read More

What is a Business Group?

A Business group associates a set of services and resources to a set of users, such as a line of business, department, or other organizational unit. A business group is created within a tenant by the tenant administrator.

A business group can have access to catalog items specific to that group and to catalog items that are shared between business groups in the same tenant. Each business group has one or more reservations that determine on which compute resources, virtual machines that this group has requested can be provisioned. To request catalog items, a user must belong to at least one business group. A user can be a member of more than one business group, and can have different roles in different groups.

A business group must have at least one business group manager, who monitors the resource use for the group and often is an approver for catalog requests.… Read More

Fabric and Fabric Groups

The Fabric groups are what enable you to provide access to resources from your physical infrastructure. Fabric includes all the computing resources that are discovered from the added endpoint data collection.

Fabric is organized into fabric groups and there can be multiple fabric groups with different purposes, for example you may assign clusters to different business groups within the enterprise to ensure performance.

Within a fabric group we add users or groups that are responsible for managing infrastructure resources and add the resources they are responsible for.

For example we may select clusters that are managed from vCenter and assign the user/groups that are responsible for managing those resources.

Fabric administrators are responsible for creating reservations on the compute resources within their groups to allocate fabric to specific business groups. Fabric groups are created in a specific tenant, but their resources can be made available to users who belong to business groups in all tenants.… Read More

Endpoints are infrastructure sources that are consumed by vCloud Automation Center.

vRealize Automation supports following endpoints:

• vCenter
• vCloud Director
• Hyper-v, Citrix Xen server,
• Physical servers like HP,DELL and Cisco
• cloud platforms like Openstack, Amazon Web Services (AWS) etc.

Physical Endpoints

A physical endpoint represents one physical machine or a pool of multiple physical machines. To make a physical machine available for provisioning, you must create an endpoint to represent it. Information about each known physical machine, such as its installed memory and CPU count, is collected regularly through its management interface.

vRealize Automation communicates with physical machines through the following types of physical endpoints, which represent the management interfaces through which it communicates.

• Cisco UCS Manager
• Dell iDRAC
• HP iLO

Note: iDRAC and iLO endpoints represent single standalone machines. Cisco UCS Manager endpoints represent pools of multiple machines.

vRealize Automation make use of DEMs or agents to communicate with and manage endpoints.… Read More

vRealize Automation can be used to create private cloud or hybrid cloud that can be shared by a number of groups within a company.

vRealize Automation has a concept called Tenants that can be used to provide isolation between independent groups in shared cloud environment, where multiple companies, divisions or independent groups are using a common infrastructure fabric, Tenants are useful for isolating the users, resources and services from one tenant from those of other tenants.

A tenant can be compared to an organizational unit. For private clouds a tenant can be a business unit within enterprise. In hybrid clouds it can be a company that subscribes to cloud services from a service provider.

In Multi-Tenant environment each tenant has unique configuration policies that are specific to that tenant.  Let’s look as some of the attributes that define a tenant.

• Each tenant has one or more identity stores that are used to authenticate users. 

… Read More

In our last post Installing and Configuring vRA appliance we learned what is vRealize automation appliance and how to deploy and configure it. In this post we will learn installing and configuring the 3rd component of vRA suite “IaaS”. As always before jumping into install/configure lets have a look on what is IaaS and what it offers.

Overview of IaaS

IaaS stands for Infrastructure as a Service and provides a self-service portals to administrators and end users with ability to provisioning or deploy virtual machines on virtual and physical servers and across private, public and hybrid cloud infrastructures.

vRA IaaS is made up of several components including:

• IaaS Website
• Distributed Execution Managers(DEM)
• Agents
• Model Manager
• Manager Service
• Database

If you want to learn about functionality of these components please read the earlier post vCAC Introduction of this series.

The following diagram shows the relation of the different components of vRA:

Installation Pre-requisites:

• Windows Server 2008 R2 SP1 / Windows Server 2012 R2
• Microsoft .NET

… Read More

In our last post we have installed and configured Identity Appliance which will serve as SSO for rest of the components of vCAC (vRA). In this post we will learn how to install and configure vRealize Automation Appliance (formerly vCAC).

Before diving into installation lets have a basic understanding of what is vRA and what it do.

Overview of vRA

The vRA appliance provides cloud management & a self-service portal for cloud services  as well as authoring, administration, and governance.  vRA can be deployed as a single instance or we can deploy multiple instances of it behind a load balancer to achieve high availability.

Installation Prerequisites

1: DNS (forward / reverse) entry created for vRA appliance.

2: Network Time Protocol (NTP) server configured.

3: SSO (Identity Appliance or vCenter 5.5 U1 SSO) installed and configured.

4: 2 vCPU / 8 GB of RAM / 30 GB of storage.

Database Consideration

The vRA appliance have an embedded Postgres database but we have also following choice for database selection:

a: Use the embedded vPostgres database available with  vRA appliance.… Read More