Before purchasing or installing the software one of the first things you need to understand is what vRA is trying to solve. Unlike what VMware has released previously, vRA is a very different and tries to solve the problems related to managing multiple cloud platforms and the end to end delivery of IT services. Yes, there are a lot of tools out there that can help in the delivery of these services but it very quickly starts to turn into a complex mismash of applications and processes. It’s also important to point out that vRA is not exclusive to vSphere but is designed to be platform agnostic. Think of vRA operating as the management plane in your data centre that plugs into all the services around it.
So when I talk about ‘end to end delivery of IT services’ what exactly am I referring to? Well, consider the example process below of bringing a new virtual server into service:
- End user requests new virtual server, provides details and submits request to IT support services;
- A change is raised on the ITSM CMDB platform;
- Wait for change to be approved before provisioning starts (alternatively the request could be rejected and process cancelled);
- When approved, begin the provisioning process;
- Get the next available hostname (i.e. using a prefix and the next available number increment);
- Request and reserve the next available IP address from the IPAM software and update the record to reflect the new server being provisioned;
- Provision the virtual server with specific hardware configuration;
- Add/update DNS records;
- Add server to the Active Directory domain and place into the correct Organization Unit;
- Update OS with latest security patches;
- Add to existing firewall rules;
- Generate SSL certificates;
- Install software such as Anti-Virus and applications;
- Add new Configuration Item with server details;
- Update server inventory;
- Add to monitoring system;
- Mark change as complete;
- Email End user that requested the virtual server that it is now ready;
You’ll agree, that this is a lot of steps for provisioning something like a virtual server and will involve multiple different teams (and think about doing this on many different cloud platforms). Most of the time, a lot of these steps are performed manually using run books but are sometimes overlooked and can cause delays in fulfilling the request or lead to problems later, like outdated information. We have tools like Puppet which help us with deployments, software installations, etc. but most of these are very Linux focused. They also do not address the other steps, or at least not in a very friendly way.
Finally, and more interestingly, think about when the virtual server is taken out of service or decommissioned. This is almost always where things get messy. I have seen really well laid out and robust commissioning procedures but nothing to support the decommissioning. Often, it’s a case of ‘best effort’ and items get missed and are usually discovered later, often after they have caused a problem or identified with routine audits of DNS or firewalls. In some cases this could even pose a security risk. When we think of all of this what we are actually referring to is Compliance, Governance and Life Cycle Management.
My advise here is that even before you touch vRA, you need to think about how IT services are being provisioned within your organisation. This will involve engaging with the various operations or development teams and weed out every single process that is involved, how services are delivered, maintained, monitored and secured. You will need to fully understand the manual process and any automation that exists. Secondly, you will need to understand all of the applications that are being used to support these teams and how you will potentially interface with these during automated deployments.
vRealize Automation is designed to solve all of these problems. it is a fully extensible platform that allows Administrators to create policy driven processes for the provisioning of IT services. It does this whilst providing a catalog of available services that end users can simply request by providing some details and a couple of clicks of a button. Administrators are armed with a powerful Advanced Service Designer tool that allows items such as Virtual Servers or Software Components to be drag and dropped onto the design canvas and later submitted to the catalog. These ‘designs’ are what vRA refers to as blueprints.
One of the best features of vRA (introduced in version 7) is the very cool Event Broker that allows stub workflows to be performed at various stages of the deployment, which are less suited for doing at the start or end (i.e. Active Directory joins during the provisioning process). Also, actions performed using the event broker do not need to be included in the blueprints and heavily reduces the amount of repetition and maintenance of the the blueprints (think of the raising a change scenario). This is where most of the creativity is going to take place and I can’t wait to explore the possibilities.
I can’t even begin to scratch the surface of the potential that vRA has so take a look at my Top 5 vRealize Automation Resources to get you started.
It would be great to hear what others out there are doing with vRA so please drop me a comment!