DefinIT
vRealize Lifecycle Manager 1.2 VC data collection fails when NSX-T hostswitches are in use
Sam
18/04/2018

vRLCM LogoWhen vRealize Lifecycle Manager 1.2 was released recently, I was keen to get it installed in my lab, since I maintain several vRealize Automation deployments for development and testing, as well as performing upgrades. With vRLCM I can reduce the administrative overhead of managing the environments, as well as easily migrate content between environments (I’ll be blogging on some of these cool new features soon).

However, I hit a snag when I began to import my existing environment – I couldn’t get the vCenter data collection to run.

Data Collection Failed (more…)

Retrieve Blueprint or Virtual Machine Custom Properties using the vRealize Automation API
Sam
02/02/2018

Just a quick post today, as I was working with a customer recently and we were trying to retrieve the Custom Properties assigned to a vRealize Automation 7.3 deployed Virtual Machine, similar to the one in the image below. It’s not as intuitive as you’d like it to be because of the split between IaaS APIs and Cafe APIs. Below you can see I’ve deployed a simple CentOS blueprint with a custom property at the Blueprint level (called “BlueprintLevel” with a value of “CustomProperty”) and a custom property at the VM level (called “CustomProperty” and a value of “Test123”).

vRA Blueprint Custom Property

vRA VM Custom Property (more…)

vRealize Automation 7.3 and NSX – Micro-segmentation strategies
Day 2 Actions Micro-segmentation Strategy
Sam
19/01/2018

vRealize Automation and NSX integration has introduced the ability to deploy multi-tiered applications with network services included. The current integration also enables a method to deploy micro-segmentation out of the box, based on dynamic Security Group membership and the Service Composer. This method does have some limitations, and can be inflexible for the on-going management of deployed applications. It requires in-depth knowledge and understanding of NSX and the Distributed Firewall, as well as access to the Networking and Security manager that is hosted by vCenter Server.

For customers who have deployed a private cloud solution using vRealize Automation, an alternative is to develop a “Firewall-as-a-Service” approach, using automation to allow authorised end users to configure micro-segmentation. This can be highly flexible, and allow the delegation of firewall management to the application owners who have intimate knowledge of the application. There are disadvantages to this approach, including significantly increased effort to author and maintain the automation workflows.

This blog post describes two possible micro-segmentation strategies for vRealize Automation with NSX and compares the two approaches against a common set of requirements.

This post was written based on the following software versions

Software Component Version (Build)
vRealize Automation 7.3 (5604410)
NSX 6.3.5 (7119875) – 6.4
vSphere 6.5 Update 1d (7312210)
ESXi 6.5 Update 1 (5969303)

These are some generic considerations when deploying micro-segmentation with vRealize Automation.

  • An application blueprint is designed to be deployed multiple times from vRealize Automation, the automation shouldn’t break any micro-segmentation or firewall policy when that happens.
  • vRealize Automation blueprints can scale in and out – this should be accommodated within the micro-segmentation strategy to ensure that required micro-segmentation is the same as implemented micro-segmentation.
  • vRealize Automation is a shared platform, so the micro-segmentation of one deployment should be limited in scope, but should also consider intra-deployment communications between applications, for example, of the same business group or tenant.

Application XYZ requirements

For illustration purposes, an example 3-tier application deployment is shown below “Application XYZ“. It consists of a Web, App and DB tier and a load balancer for the Web and App tiers.

Application XYZ Allowed Flows

Application XYZ Allowed Flows

(more…)

#vROps Webinar 2017 – Part 4 : Optimizing Workload Performance Using Automation
Simon
22/09/2017

In this episode, Sunny gave us a deep dive into the WLP and WLB features of vROps.

We were also joined by a special guest, Jad El-Zein who gave us a great insight into how vRA utilises vROps for initial placement of freshly provisioned VMs

We would highly appreciate it if you could spend 30 seconds to fill up this quick and simple survey to provide us your feedback. You can also request topics of your choice through this survey.

https://www.surveymonkey.com/r/2J2G82S

Here is the recording!

Simon’s #VMworld 2017: Sunday and Monday
Simon
12/09/2017

Sunday

Arriving in early on Sunday as the local flight choices are more limited from Bristol than perhaps a larger Airport, very fortunate to have a hotel so close to the VMworld venue, perhaps not so great for the evening activities but I am happy with it this way around.

Other than registration (4pm-8pm) and hopefully catching up with a few folk who have also arrived early.

In the evening I had the pleasure to meet many awesome people from the vCommunity.

My current focus has been on vRA so it was great to meet some well known and knowledgable.

(more…)

Looking forward to #VMworld EMEA 2017
Simon
01/09/2017

Having missed last years VMworld I feel very ready for attending the EMEA VMworld in Barcelona.

I almost felt annoyed about missing last year as the big announcements really caused a stir in the community and wider afield. (VMware on AWS) The announcements from the US VMworld this year were equally exciting so I am very keen to hear what else VMware has planned to reveal in a Barcelona.

I have put a good deal of effort into planning what I will be doing and attending to maximise my time there without burnout (Veterans I hear you laughing)

This will also be the first time I get to go officially for my employer Xtravirt (previous years I have been lucky enough to self fund etc).

My focus this year on sessions will be vRealize Operations, vRealize Automation, VMware on AWS and vSAN. Although where possible I also hope to cram in some NSX (Hands on Labs) as well.

Also this year I will get to finally meet my vROps Webinar Brother Sunny Dua, this is something I am looking forward to a great deal and we also plan to record a webinar while at the event so watch this space! Sadly Sunny will not be able to make it to Barcelona so I shall have to wait a little longer to meet. The next webinar has been scheduled though and there will be a guest!

Another first for me will be to attend the VMworld EMEA Hackathon on the Monday evening. Up until now I have never attended a hackathon although I am always told they are a enjoyable and a great source of learning so when I was told (er I mean encouraged) to attend by Sam McGeown I registered. I am looking forward to what promises to be a really fun event.

Aside from the social activities which are always a very high standard I am looking forward to visiting the solutions exchange and checking out the latest tech that the vendors have to offer.

Finally but not least I am really looking forward to meeting old and new faces in the vCommunity so if you are attending VMworld this year and want to say hi, ping me on twitter it would be great to meet.

Alexa, turn on my workload cluster
Sam
06/04/2017

Like many other geeks out there, I received an Amazon Echo device this Christmas, and whether it’s a fad or not, I’ve spent a few happy hours setting up my Hue lights and some other automation. The room in the house with the most automation is my office – the novelty may wear off, but walking in each morning and saying “Alexa, turn on my office” and having everything wake up for me is really cool.

I already have a vRealize Orchestrator workflow to shutdown my workload cluster. What I want to do is trigger that by a voice command from Alexa. (more…)

Getting started with vRealize Log Insight 4.3 for vRealize Automation 7
Sam
14/03/2017

In this humble consultant’s opinion, Log Insight is one of the most useful tools in the administrator’s tool belt for troubleshooting vRealize Automation. I have lost count of the number of times I’ve been asked to help troubleshoot an issue that, when asked, people don’t know which log they should be looking at. The simple fact is that vRealize Automation has a lot of log files. Correlating these log sources to provide an overall picture is a painful, manual process – unless you have Log Insight!

Installing the Content Packs

In order to get the full picture of what’s going on during a vRA deployment you will likely need to correlate logs from vRA, vRO and NSX. Installing and configuring these is pretty easy.

I am going to assume the vSphere integration has already been configured, and all ESXi hosts are forwarding their logs to Log Insight already. (more…)

Adding a vCloud Air (PAYG/Gen2) instance to vRealize Orchestrator as a vCloud Director host
Sam
19/04/2016

vRABig thanks to Jose Luis Gomez for this solution, his response to my tweet was spot on and invaluable!

I’ve been trying to configure vCloud Air as a vCloud Director host in vRealize Orchestrator in order to create some custom resource actions for Day 2 operations in vRealize Automation. What I found was that there’s *very* little information out there on how to do this, and I ended up writing my own custom resource mapping for the virtual machines to VCAC:VirtualMachine objects – at least that way I could add my resource action. But this still didn’t expose the vCloud Director functionality for those machines. To do this I needed vCloud Air added as a vCloud Director host.

As per Jose’s advice, I duplicated the “com.vmware.library.vCloud.Host/addHost” action, named it “addHost_vCA_G2”:

2016-04-19_10-58-00

I then modified the following line to include “/api/compute”:

newHost.url = "https://" + host + ":" + port;

Becomes

newHost.url = "https://" + host + ":" + port + "/api/compute";

I then duplicated the “Add a connection” workflow to create “Add a connection (vCloud Air Gen2)” and swapped the old action for the new action:

2016-04-19_11-00-46

2016-04-19_11-02-31

Now I can add vCloud Air (PAYG/Gen2) as an endpoint in the normal way:

2016-04-19_11-10-02  2016-04-19_11-12-57

The out-of-the-box “IaaS vCD VM” Resource Mapping now works in vRA and I can create custom Resource Actions against the vCloud:VM object type.

Once again, big thanks to Jose for this solution!