vRealize Automation 8.X Initial Configuration Step by Step

In previous posts we covered some of the concepts that constitute vRealize Automation 8.X. In case you have not touched them, take your time and give it a look, to make them as a reference I have put them all in a single post, which will be updated, as more posts are published.

Now it’s time to start with a bit of hands on experience and the very first step after installation is indeed configuration. One of the key factors that will be a game changer in a product is the simplicity and ease of configuration while giving you the flexibility that can comply with business use cases. Before we start, there are terminologies that you need to be aware of.

Terminologies

Cloud Account

As you already know vRA is a cloud management platform which supports a variety of public clouds and on-premises VMware clouds. Cloud Account is an entry point to connect to actual resources and start provisioning from them. Accounts that can be added are the following:

VMware vCenter
AWS
Google Cloud Platform
Microsoft Azure
NSX-T
NSX-V
VMware Cloud Foundation
VMware Cloud on AWS

Cloud Zone

within a Cloud Account, you can have separate resources as Cloud Zones. For example you can create Cloud Zones for different purposes like production and test environments. You can select clusters or standalone hosts in a cloud zone. Cloud Zones will be assigned to Projects as a provisioning resource, so there have to be a way to select the resource, this is where the concept of Placement Policy comes in. There are 3 ways that you can use as the placement logic:

Random (Default)
Binpack: Place it one the most heavily loaded host, in case it has enough capacity.
Spread: Place evenly across the compute resources.

There is another property related to a Cloud Zone and that is Capability Tag, and like other tag management features you can use to differentiate the Cloud Zones. As an example you can create a tag for storage capabilities: SSD, SAS, NL-SAS.

Project

Projects are used to group users and their entitled resources together. That means you must add at least one Cloud Zone to a project, so that, users of the project can provision resources from the Cloud Zone. There is 1:n relationship between a Project and Cloud Zones, meaning, you can add different Cloud Zones from different Cloud Accounts (AWS, vCenter, GCP, etc) to a project.

Flavor Mapping

Simply, Flavor Mappings are the VM sizes in terms of the number of CPU cores and memory Capacity. You can create it with any configuration of your desired requirement, 2 cores and 4GB as the extra small size, for instance. As a side note, Flavor Mapping are created in their specified Cloud Account, or we can say, they are Cloud Account Specific.

Image Mapping

VMs’ templates are Image Mappings. Basically, according to your environment’s requirements, you will have separate template to escalate the process of VM provisioning. There might be a template for MS SQL or Apache Web Server and another template for your developed application. Here you will have these templates as images that virtual machines will be provisioned from.

What we have covered so far, is the series of steps to initially configure vRA as depicted below.

Before we begin, let’s see the branding section.

Branding

Login to vRealize Automation Portal. Click on the Branding tab and provide your organization logo and the product name. There is also options to configure background and text colors.

You can see how this change will be in effect, and you will have a customized view that corresponds your organization name and logo.

Add a Cloud Account

Now go ahead and click Services tab, and then click on Cloud Asssembly. Most configuration tasks happens in Cloud Assembly.

From Cloud Assembly, click on Infrastructure, and from the left menu, in Connections, hit Cloud Accounts. Here you can add your desired account, I’ll add my vCenter account here. Before we continue I need an account where I can use to connect to my vCenter server, and I have to give my account privileges it needs through a custom role. It is always recommended to use different accounts for different purposes, this is the concept of service account. The privileges needed are listed here.

I’ll create a role and name it “vRA-Cloud-Account” and a user with the same name in vCenter server. For that purpose I have created a PowerCLI script that creates a custom role and then assign permissions to the user on datacenter level.

$vCenterServer = "vcsa1.vconceptions.lab"
$privileges = "C:\users\administrator\desktop\privileges.txt"
$privilegesbyids = @()
Get-Content $privileges | Foreach-Object{
    $privilegesbyids += $_
}

New-VIRole -name vRA-Cloud-Account -Privilege (Get-VIPrivilege -Server $vCenterServer -id $privilegesbyids) -Server $vCenterServer -Verbose

New-VIPermission -Entity vConceptions-DC -Principal vsphere.local\vRA-Cloud-Account -Role vRA-Cloud-Account

$vCenterServer = "vcsa1.vconceptions.lab"

$privileges = "C:\users\administrator\desktop\privileges.txt"

$privilegesbyids = @()

Get-Content $privileges | Foreach-Object{

$privilegesbyids += $_

}

New-VIRole -name vRA-Cloud-Account -Privilege (Get-VIPrivilege -Server $vCenterServer -id $privilegesbyids) -Server $vCenterServer -Verbose

New-VIPermission -Entity vConceptions-DC -Principal vsphere.local\vRA-Cloud-Account -Role vRA-Cloud-Account

For the $Privileges file that contains list of all required privileges by IDs, use the file below.

privileges Download

Click on vCenter.

Provide a name and vCenter server details and click validate.

when the validation is done successfully, it will allow you to select provisioning resources. A point here is that, the user must have permissions on all datacenters and clusters, weather you want to use them for provisioning or not. There is also an optional checkbox to create a Cloud Zone, which we leave it unselected. click on Add button.

Add a Cloud Zone

From the left menu, under Configure, click Cloud Zones. In Summary tab, select the Account, here is vCenter we already added. Provide a name and description, then select Placement Policy and Folder and hit create.

Now in Compute tab, you can select what compute resources to use for your cloud zone. There are three options:

include all compute
manually select compute
dynamically include compute by tags

These options will give you the flexibility to use your compute resources for different purposes, take production, test and development for instance.

select your desired option and click create.

Create a Project

Again from the left menu, under Administration, click Projects. In summary tab, provide a name and description.

In Users tab, you can select users and/or group that can access this project.

click ADD GROUPS, select your desired group and assign a role to it.

In Provisioning tab, under Zones section, click ADD Zones to add the cloud zone we created before.

Select Cloud Zone and assign values for each item. The value of zero means the highest priority or unlimited.

let’s see what each item indicates:

Cloud Zone: It’s clear, within each Project, you can add several cloud zones.
Provisioning Priority: Indicates the priority given to the cloud zone, when provisioning new resources. The value of 0 is the highest priority.
Instances limit: The maximum number of VMs that can be provisioned in this cloud zone. The value of zero means unlimited.
Memory limit (MB): The maximum amount of memory that can be used in the cloud zone. The value of zero means unlimited.
CPU limit: the maximum number of vCPUs used in the cloud zone. The value of zero means unlimited.
Storage limit (GB): The maximum amount of storage that the project can consume from this cloud zone. The value of zero means unlimited.

We are not gonna touch other fields and options as of now, as most of them are related to tag management, It will be discussed in later posts. Now, hit the create button.

Create a Flavor Mapping

To create a flavor mapping, in the left menu, under Configure, click on Flavor Mappings, then hit the plus sign to create a new one.

you can give it a name, and set values for vCPUs and memory. It’s to note that, flavor mapping is Account/Region specific and you can set different values for different accounts/regions. click on Create, when you are done.

Create an Image Mapping

Under Configure, click on Image Mappings. You need to give an Image name as well as the account/region that will the image mapping will be created on. Then, select your template, here I used a Microsoft Windows 2016 template. There is also a possibility of adding configuration script under the Cloud Configuration section. Go ahead and click Create.