OK, so everyone loves a top 5 so here is a list of my top 5 resources for learning and deploying vRealize Automation.
1. VMware Hands on Labs.
Take ‘HOL-SDC-1633 vRealize Automation 7: What’s New‘. – Despite the name this is a really in depth tutorial and you will want to complete the entire lab. This will give you a good feel about what vRA is capable of and how you can extend the platform. There are some really good examples of how the event broker is used to integrate with ITSM CMDB software for change control (iTop is used). The lab also dives into vRO and gives you a taste of just how powerful this product really is.
Next, take ‘HOL-SDC-1632 vRealize Automation Advanced: Integration and Extensibility‘. – Yes, this lab is based on vRA 6.2 so is a little older but most of the fundamentals are there and again provides some good examples of how the platform can be extended with vRO. Examples of extensibility with Infoblox IPAM, Puppet Enterprise and NSX (although slightly depreciated) are used.
2. vRealize Automation Reference Architecture
Once you have had some experience and insight from doing the hands on Labs you will be eager to begin planning and designing your new vRA platform. This document will provide you with a lot of details such as all of the components that are involved and how best to deploy and scale these. Also included are firewall and load balancing requirements. I cannot emphasis enough the importance of planning your vRA deployment properly from the get go as this will ultimately determine the success of the project.
I am really happy that I discovered this site before starting my vRA 7 implementation. Michael Rudloff has done a fantastic job of documenting the enterprise installation and configuring the IaaS platform so that you get some decent functionality out of it. These guides really took away a lot of the pain during the installation and covers topics such as replacing certificates, configuring an endpoint, approval policies, business groups, fabric groups, etc and has an awesome guide on Custom Property Relationships. I also like how has turned his private archive public and reminds me a lot of my private Confluence site.
Before I start this post I want to put it into perspective. Up until now I have been working in infrastructure roles for a number of years, specialising in virtualization (mostly VMware), servers, storage and networking. A lot has changed recently and we can’t go a day without hearing or reading about “DevOps”. I don’t want to get into what DevOps is and isn’t as there is plenty on Google for that but what is clear is that the role of the system admin / virtual engineer / [insert infrastructure role here] is changing and fast.
I had actually planned for this to be just two paragraphs long and the post was meant to have a slightly different focus. However, that didn’t quite go as planned, so happy reading!
We are now at the age of ‘Cloud Computing’ and the need for applications that are cloud native and can be moved around cloud providers with ease. As we’re in a state of transition and it may take some time to get there but until then everything is moving towards a ‘hybrid’ cloud model. As part of this, as infrastructure engineers, we need to be able to deliver infrastructure and services quickly and efficiently. Doing things manually, following a run book or similar is no longer desirable and we need to find a way to automate the end to end delivery of these services. As engineers we need to bridge the gap between operations and development. I’m not suggesting that we need to be developers but we need to be more closely aligned and have a much better understanding of the development life cycle and delivery model.
The Virtualization model allowed us to deliver Infrastructure as a Service (Iaas), Platform as a Service (PaaS), Software as a Service (SaaS) and so on. In the cloud model this has been extended to Everything as a Service (XaaS) and even serverless architectures! Now, the possibilities are endless and we need to start delivering hybrid IT services under this new model. Here are some examples (and no where near limited to):
- Database as a Service;
- Email as a Service;
- Security as a Service;
- Docker as a Service;
- Operation services (user creation, mailbox creation, 3rd party application authorisation);
- Enhancing IaaS and PaaS delivery with tighter integration into IPAM software (i.e. SolarWinds IPAM), ITSM CMDB (i.e. ServiceNow) and monitoring systems;
There are also a lot of tools out there today, typically referred to as ‘Continuous Delivery’ applications that can help us on our journey, such as (again not limited to):
These applications allow us to treat our infrastructure as code and automate the delivery of IT infrastructure with a touch of a button. Whilst these applications are extremely powerful and useful they do not by themselves solve all the problems of delivering hybrid IT services.
So today my heart sunk when I tried to log into the vRA 7 IaaS portal and was presented with this lovely message:
Now, I had just recently attempted an upgrade of vRA 7.0.1 to 7.1 and failed miserably (more on that in a later post) so I had to roll back all of my changes (reverting snapshots, etc.) and brought all the services back. All seemed fine until I tried to log into the IaaS portal.
One of the first things I checked was the services registration on the vRA VAMI interface (Services tab). I thought perhaps the order of events of the rollback had skewed something. I observed the following:
So clearly something was afoot. I did a little digging and came across the following KB article:
Logging in to tenant fails after adding authenticated proxy config in VAMI in VMware vRealize Automation 7.0.x (2144067)
The interesting thing here, is that just a few hours before, I added a proxy server to the VAMI configuration in order to get the updates I needed from https://vapp-updates.vmware.com. As per the KB article I inspected the following log file: