Technology

In order to setup Active Directory Integrated Authentication, we must login to our default tenant again but this time as our “Tenant Administrator” (we setup in the previous post) instead of the system administrator account that is created during initial setup. Once you’re logged in, click the Administration tab –> Directories Management –> Directories and then click the “Add Directory” button. Give the directory a descriptive name like the name of the ad domain for example. Then select the type of directory. I’ve chosen the “Active Directory (Integrated Windows Authentication)” option. This will add the vRA appliance to the AD Domain and use the computer account for authentication. Note: you must setup Active Directory in the default (vsphere.local) tenant before it can be used in the subtenants. ...

We’ve got vRA installed and thats a good start. Our next step is to login to the portal and start doing some configuration. Go to https://vra-appliance-name-orIP and enter the administrator login that you specified during your install. Unlike prior versions of vRealize Automation, no domain vsphere.local domain suffix is required to login. To start, Lets add some local users to our vSphere.local tenant. Click on the vsphere.local tenant. Click on the “Local users” tab and then click the “New” button to add a local account. I’ve created a vraadmin account that will be a local account only used to manage the default tenant configurations. ...

If following the posts in order, this guide should help you setup vRealize Automation 7 from start to finish. This is a getting started guide that will hopefully get you on the right path, answer any questions you might have, and give you tips on deploying your own cloud management portal. Part 1 - Simple Installation Part 2 -Base Setup Part 3 - Authentication Part 4 - Tenants Part 5 - Endpoints Part 6 - Fabric Groups Part 7 - Business Groups Part 8 - Reservations Part 9 - Services Part 10 - Custom Groups Part 11 - Blueprints Part 12 - Entitlements Part 13 - Manage Catalog Items Part 14 - Event Subscriptions Part 15 - Custom Properties Part 16 - XaaS Blueprints Part 17 - Resource Actions Part 18 - Enterprise Install Part 19 - Load Balancer Settings Part 20 - NSX Initial Setup Part 21 - NSX Blueprints Part 22 - Code Stream and Jenkins Setup Part 23 - Code Stream and Artifactory Setup Part 24 - Add Custom Items to vRA7 Part 25 - Upgrade vRA from 7.1 to 7.2 Part 26 - Adding an Azure Endpoint Part 27 - Installing vRealize Code Stream for IT DevOps Part 28 - Configuring Endpoints for vRealize Code Stream for IT DevOps Part 29 - Using vRealize Code Stream for IT DevOps Part 30 - Unit Testing with vRealize Code Stream for IT DevOps Part 31 - Containers on vRealize Automation Part 32 - vRA 7.3 Component Profiles Part 33 - vRA 7.5 Upgrade If you’re looking for a getting started video, check out this P luralsight course for a quick leg up on vRA 7. ...

This is our first stop in our journey to install vRealize Automation 7 and all of it’s new features. This post starts with the setup of the environment and assumes that you’ve deployed a vRealize Automation appliance from an OVA and that you’ve also got a Windows Server deployed so that we can install the IAAS components on it. After you’ve deployed the vRA7 OVA, login to the appliance with the root login and password supplied during your OVA deployment. ...

Veeam is a popular backup product for virtualized environments but who wants to spend their days adding and removing machines to backup jobs? Now available on github is a Veeam package for vRealize Orchestrator. This is my gift to you, just in time for the Hollow-days. Available Features The following features are available with the plugin for it’s initial release. Add a VM to an existing backup job Remove a VM from a backup job Start a backup job immediately Add a Build Profile to vRealize Automation Add a VM to a backup job from vRA Remove a VM from a backup job from vRA Some additional functionality could easily be added to your environment using the existing worfklows such as start a backup as a Day 2 operation in vRA, or change backup jobs etc. The world is your oyster. ...

So far we’ve talked a lot about using our automation solution to automate network deployments with NSX. But one of the best features about NSX is how we can firewall everything! Lucky for us, we can automate the deployment of specific firewall rules for each of our blueprints as well as deploying brand new networks for them. Use Case: There are plenty of reasons to firewall your applications. It could be for compliance purposes or just a good practice to limit what traffic can access your apps. ...

Just deploying virtual machines in an automated fashion is probably the most important piece of a cloud management platform, but you still need to be able to manage the machines after they’ve been deployed. In order to add more functionality to the portal, we can create post deployment “actions” that act on our virtual machine. For instance an action that snapshots a virtual machine would be a good one. We refer to these actions that take place after the provisioning process a “Day 2 Operation”, probably because it’s likely to happen on the second day or later. Clever huh? ...

If you’re building a multi-machine blueprint or multi-tiered app, there is a high likelihood that at least some of those machines will want to be load balanced. Many apps require multiple web servers in order to provide additional availability or to scale out. vRealize Automation 6 coupled with NSX will allow you to put some load balancing right into your server blueprints. Just to set the stage here, we’re going to deploy an NSX Edge appliance with our multi-machine blueprint and this will load balance both HTTPs and HTTP traffic between a pair of servers. ...

You’re network isn’t fully on IPv6 yet? Ah, well don’t worry you’re certainly not alone, in fact you’re for sure in the majority. Knowing this, you’re probably using some sort of network address translation (NAT). Luckily, vRealize Automation can help you deploy translated networks as well as routed and private networks with a little help from NSX. A quick refresher here, a translated network is a network that remaps an IP Address space from one to another. The quickest way to explain this is a public and a private IP Address. Your computer likely sits behind a firewall and has a private address like 192.168.1.50 but when you send traffic to the internet, the firewall translates it into a public IP Address like 143.95.32.129. This translation can be used to do things like keeping two servers on a network with the exact same IP Address. ...

Any corporate network thats larger than a very small business is likely going to have a routed network already. Segmenting networks improves performance and more importantly used for security purposes. Many compliance regulations such as PCI-DSS state that machines need to be segmented from each other unless there is a specific reason for them to be on the same network. For instance your corporate file server doesn’t need to communicate directly with your CRM database full of credit card numbers. The quickest way to fix this is to put these systems on different networks but this can be difficult to manage in a highly automated environment. Developers might need to spin up new applications which may need to be on different network segments from the rest of the environment. Its not very feasible to assume we can now spin up test and delete hundred of machines each day, but need the network team to manually create new network segments and tear them down each day. That wouldn’t be a nice thing to do to your network team. ...