EB
Uploaded byErik Bussink
PDF, PPTX3,311 views

vRA7 What's New

The document provides an overview of new features in vRealize Automation 7.0, including: 1. Simplified deployment architecture with fewer virtual appliance components and services to manage. 2. Enhanced identity management (vIDM) with multi-domain and multi-tenant support, SAML token integration, and improved scalability. 3. Converged blueprint designer that unifies infrastructure and application blueprinting and enables software component libraries and multi-tier application authoring. 4. Integration with NSX for on-demand networking and security group configuration during application deployment. 5. LifeCycle extensibility framework that enables centralized policy-based triggering of third-party integr

Embed presentation

Download as PDF, PPTX
© 2015 VMware Inc. All rights reserved. vRealize Automation 7.0 What’s New | Spotlight Features Erik Bussink Solution Architect ebussink@vmware.com bussink.ch | @ErikBussink
The Impact of the Accelerating Pace of Business Applications  Drive competitive advantage  Enable new business opportunity Applications IT Operations  Shorter release cycles  Agile development processes DEMAND  Increased demand  Faster delivery expectations The Business RESULT  Lower customer satisfaction  Growing use of shadow IT  Large application backlog  Perceived as barrier to progress  Increased risk  Missed opportunity
Hybrid Cloud (Private / Public) Physical Software-Defined Data Center (SDDC) Cloud Management Platform enables the One Cloud, Any Application Approach 3 SOFTWARE-DEFINED DATA CENTER Compute Network Storage End-User Computing Extensibility Applications Cloud Management Platform BusinessOperationsAutomation Virtualized Infrastructure Compute Network Storage
Automating is key to a scalable and sustainable SDDC SDDC requires a new management paradigm 4 Prodigious Level of Automation • Logical construct of users and resources (IT and financial) • Policy-based life cycle management • Self-service capabilities Explosive Growth • New SDDC objects (e.g. VMs, NSX controllers, VSAN datastores) • Management scope expands across virtual and physical
Task timeWait time Full Automation Eliminates Wait Time Semi-Automated Service Blueprints Policy-driven Automation Dev Test Prod On Premise Infrastructure Verification Build VMs – New or Clone Get IP Install, Setup, Configure Load Balancer Entries / Firewall Changes Web Server Configuration 1- 2 days 3- 5 days 3 – 5 days 1 – 2 days 4 – 7 days 2 – 3 days 2 – 5 days Developer Request External Interface & Integration IT Processes Ticket 5
vRealize Automation 7.0 What’s New | Spotlight Features 6CONFIDENTIAL
Accelerate Time to Value (TTV) • New Deployment Architecture • Wizard-Based Automated Installation
Applicati on Services Simplified Virtual Appliances HA Landscape 8 6.X vRA VA vRA VA Data Store Data Store Applicati on Services vRO vRO Identity Identity IaaS Load Balancer vRA Load Balancer AD, LDAP, SAML, 2FA 7.0 • Fewer Services to Deploy • Fewer VA’s to Manage • Fewer External Dependencies • Happy Customers • All services automatically clustered when deployed in an HA configuration 1. vRA Core Services 2. Embedded vRealize Orchestrator Instance 3. vIDM (SSO) Services 4. vPostgres DB SINGLE VIP NEEDED FOR ALL THESE SERVICES IN HA!
IaaS Services (win) vRA VA vRA VAvRA Core vIDM vRO vPostgres DB RabbitMQ Load Balancer Load BalancerLoad Balancer External ServicesFabric Endpoints* DEM 1 Web Service 1 DEM 2 Web Service 2 Agent 1 Agent 2 Model Mgr 2 Model Mgr 1 * not all represented AD | LDAP vRealize Automation 7.0 Deployment Architecture HA | Distributed
Installing vRealize Automation 7.0 - Highlights 10 • Completely Revamped Installation Process • Everything starts with a single download of the vRA VA (OVA) • Installation wizard offers two different types of installs – Simple Install – wizard-driven walk through for installing vRA in a monolithic (non-distributed) instance – Enterprise Install – wizard-driven walk through for installation all components in a distributed, highly-available vRA instance. • Wizard locates IaaS installation candidates, leverages new management agent.
Deployment Options: Minimal vs. Enterprise • Minimal assumes a POC like environment – 1 vRealize Automation Appliance – 1 Windows Server • Enterprise assumes a fully distributed install – Advises user on load balancer use – Creates and places certs – Creates database 11
IaaS Components: Assignment of Server Roles • Wizard will detect and show available machines in the deployment • Allows user to assign roles to specific machines • Machine discovery requires management agent to be pre- installed • A stand-alone pre-req checker is available
Federated Identity VMware Identity Management (vIDM)
vIDM - Enhanced Authentication Service 14 • Embedded Service in vRA appliance (no separate VAs) • Integrated UI with common Look and Feel • Enable new Enterprise use cases • Features Enabled by vIDM – Multiple domains to single tenant – Single domain to multiple tenants – Full OTB branding capabilities – OTB 3rd party SAML Token Support – OTB Smart Card Support – Multi-factor authentication – Login Auditing – Major Scalability Improvements – HA support (configured by wizard) Active Directory vRA Appliance Auth Services Auth Services connecting to multiple ADs
vIDM – Additional Features Tenant and Directory Management • Tenant isolation • Tenant boundary is flexible, not bound by AD domains • Sync the directory content to the local database • Faster searches and logins • Can sync only part of the directory • Sync based on schedule or manually • Define mapping of attributes Support for Local Users • AD is not required • Basic operations for users add/remove/edit • Local users are per tenant 15
vIDM – Per-Tenant Branding • Branding configured per- Tenant • Customize login screen wallpaper and color pallet • vRA UI global branding and color pallet 16 Powered'by'VMware'Identity'Manager™
Converged Blueprints (CBP) Redefining Services Design
Converged Blueprint (CBP) Designer Simplified Blueprint Authoring for IaaS and Applications • Unified graphical canvas for designing machines, software components and application stacks • Ability to extend or define external integrations in the canvas through XaaS (a.k.a ASD) • Enable team collaboration by enhancing and introducing fine grain roles • Avoid App Services complexity that often lead to longer sales cycle or reduced opportunity
App Authoring - Software Components Library • The Software Architect (new role) authors software components for use in the CBP Designer – no more external tools. • Once published, software components are shared across Business Groups, but not across Tenants • Once Published, software components cannot be requested on their own – they are only consumable in the CBP Designer • Typical Application Creation Workflow: – Create and publish software components, properties, dependencies, etc. – Application design with published software components using CBP – Complete networking configuration for app blueprint – Complete security configuration for app blueprint – Publish, add to catalog, entitle, add EBS subscriptions (optional) – Optionally Export App Blueprint (or Import others)
App Authoring - Significant Converged Capabilities Added Feature / Function Details Unified Canvas • Single model to author machines, applications, software components, and XaaS blueprints. • Consolidation of roles between vRA and AppServices Machine Authoring • Author machine with standard configuration • Use Puppet/Chef based configuration Software Authoring • Author script based software • Author Puppet/Chef content Multi-Tier and Composite Applications • Authoring multi-tier application blueprints with dependencies and cross node binding • Author composite blueprints with individual sub-application blueprints • Author blueprints using preconfigured XaaS service blueprints Integrated Networking and Security (NSX) • NSX integration for single machine and multi-tier applications • On-demand networks, security groups, and load balancing for single and multi-tier blueprints (vSphere only) Declarative Format • Declarative format for machine, software, application, and XaaS blueprints • Import/Export a blueprint and save it in source control repository (CloudClient)
vRA 7.0 Out of the Box Content vRA 7 will ship with out-of-the-box application blueprints for quick start and TTV (top customer requests): 1. Windows System: Windows 2012 R2, IIS, MSSQL, .NET (#1 customer request) 2. LAMP Stack: RHEL and Apache Load Balancer 3. Micro Services App: This will mimic an e-commerce app that will replace the existing Duke’s Bank example 4. Ruby on Rails App: 3-tier app with Apache LB, Ruby on Rails, Oracle DB 21 • OOTB Blueprints are embedded in the vRA VA and imported into vRA using CloudClient • Additional application blueprints will be made available for download from the Solutions Exchange: • Multi-tier complex app, retail store use case • Big Data app, Java app, Sharepoint 2013
Blueprints as Code 22 • Ability to read and create blueprints with a text editor of choice. • Save it in source control like Git • Machine blueprint in YAML format • Application & Software blue prints currently in JSON format moving to YAML by GA • Import/Export in same or multiple vRA instances • Complete Blueprint is exported into a zip compressed format similar to the current ASD export
© 2015 VMware Inc. All rights reserved. vRealize Automation 7 NSX + vRA 7 Cloud Management Technical Marketing
Application Deployment with On-Demand Networking & Security • Logical switches and routers are created on demand by NSX when the user creates an application • Single machine, single-tier or multi-tier topologies • Supports NAT and routed topologies • Automated IP addressing of both VMs and subnets • On-demand security groups built per app and per tier with VMs placed into groups • App isolation option • Security policies applied to dynamically created groups • Load-balancer configuration dynamically deployed and dedicated to application 24CONFIDENTIAL Web/App Database VM VM VM
Application Deployment with On-Demand Micro-Segmentation • Networking is pre-created by NSX admin • VMs placed on pre-created logical switches • On-demand security groups created when application is deployed • Security policies applied to dynamically created groups • Micro-segmentation on larger L2 networks • Load-balancer configuration dynamically deployed • VMs and security groups removed when app destroyed but networking remains 25CONFIDENTIAL Web/AppDatabase VM VMVM
Application Deployment into Existing Network and Security Services • Pre-created logical switches and routers defined by the NSX admin - VMs are wired to pre-created switches • Security Groups pre-defined to match security tags for each tier of application • When a cloud user selects a catalog item VMs are wired to NSX switches and tagged with appropriate security tags • Enforcement is based on combining the tag with the rules in the security group • Applications can be single tier or multi-tier – typically routed topologies 26CONFIDENTIAL Web/App Database VM VM VM
Simplified Application Centric Network and Security Web App Database VM VM VM VM VM VM 27 • Applications configured with dedicated or shared virtual switches and routers depending on needs • Application level micro-segmentation security • Dynamic configuration of application specific load balancers without expensive physical hardware VM • Networks configured to meet unique performance needs of each application VM VM VM VM VM VM VM Dynamically Configure NSX Network and Micro-segmentation unique for each application
CBP - Networking and Security Integration • Automated connectivity to existing or on-demand networks • Micro-segmentation for application stack • Automated security policy enforcement thru NSX security policies, groups and tags • On-demand dedicated NSX load balancer • Parent component only, not application-level 28 NSX Integration for Blueprint Authoring & Deployment
Mission:Extensible LifeCycle Extensibility (LE) Redefines Ecosystem Integration CDK
LifeCycle Extensibility – Ecosystem Automation 30 • No need of any additional development tools • No need of deep knowledge how the core functionality works • Centrally create and manage extensibility for all IaaS services • Increase TTV with quick-n-easy extensibility use cases • Quickly leverage existing workflows from within the vRA UI • Scalable model Create vRO WF Subscribe for Event1 2 Customize & Extend vRA using Event broker
LifeCycle Extensibility – Centralized Policy Management Enable OOTB extensibility for IaaS and Application Services dynamically by leveraging the Event Broker • Enable OTB extensibility for IaaS and Application Services dynamically by leveraging the Event Broker Service (EBS) • Invoke workflows based on a policy-based trigger configured for a specific “interesting” event “Invoke vRO Workflow to integrate with a custom service based on the NAME of a blueprint, Custom Property Value, Requestor ID, or machine and platform type….GO!”
LifeCycle Extensibility – Event Broker (EBS) High-Level View XaaS Postgres Sql IaaS Cloud, Physical, virtual vCA, AWS , Azure, Softlayer, ….. Event Broker Service (EBS) Approvals Identity SW service SW agent Resource Governance • Compute, Storage, Network • Reservation • Reservation Policies Infrastructure Abstraction Layer Compute Network Storage Orchestration Engine • State Machine • Life Cycle Workflows • Data Collection PluggableFramework 3rd party management systems • CMDB • IPAM / DNS / DHCP • Load Balancers / Networking • Service Desk • Monitoring Systems • Storage Management • Databases • Web Services • … vRealizeOrchestrator
vRealize Orchestrator Updates | Features
Introducing the [new] vRO Control Center The vRO 7.0 Control Center • Embedded + External • New modern UI for vRO setup, configuration, workflow monitoring, troubleshooting, and other useful information. • Collect metrics for workflow execution • Analyze running workflows • General troubleshooting • Manage, Import/Export central DB • WAY more slick than previous “legacy” UI
New Plugin Management UI • Install and Management Plugins • Debugging + Logging Granularity Per-Plugin • View Plugin Status, Enable / Disable as needed • Switch to Legacy UI if this is all too much for you
Runtime Metrics and Monitoring • Global View of all Running Workflows • Manage Workflow Execution • Search by Workflow Name and Token ID • View Multiple Workflows Simultaneously
Entitlements • As with 6.x, Services, Catalog Items, and Actions can be added to an Entitlement • In 7.0, the list of Catalog Items includes Catalog types • Adding a Catalog Item type will entitle users to objects built off of that type. 6.x 7.0
Entitlements • As with 6.x, Actions and Approvals can be added to Entitlements. – Entitlement dictates what the user can see & do – Limit what actions a user can perform to the actions in the entitlement that enabled the user to provision the resource. • Actions are bound to Entitlements – For actions to apply to a Resource, they must be granted in the same entitlement as the relevant Catalog Items or Services • This wasn’t always the case – In 7.0, Actions are bound to the entitlement resource was provisioned from – In 6.x, if a user was entitled to an action - that action was available to all items regardless of the entitlement it was provisioned from.
VMware’s CMP Automates SDDC at Scale 39 DEFINE Define Business Groups and Allocate Budget CREATE Create Reservations & Policies Create Single Machine, Multi- tier Application, or other custom service blueprints REQUEST AND DEPLOY Standardize Requests and Deploy Infrastructure Across Private, Public, and Hybrid Clouds METER Meter and Correlate Consumer Usage and Costs MONITOR Collaborate Across Infra and Ops Teams; Monitor Infrastructure Across Private, Public, and Hybrid Clouds MANAGE Remediate, Optimize, and Reclaim Infrastructure Based on Policies and Cost 1 2 3 4 5 6

More Related Content

PDF
vRA + NSX Technical Deep-Dive
byVMUG IT
 
PPTX
V mware v realize automation 6.2 knowledge transfer kit
bysolarisyougood
 
PPTX
VAS - VMware CMP
byMohamed El Shorbagy ☁☁☁
 
PDF
Storage Management with vRealize Operations
byVirtualization and Cloud Management Solutions
 
PDF
ebk EVO-RAIL v104
byErik Bussink
 
PDF
VMware Ready vRealize Automation Program
byVirtualization and Cloud Management Solutions
 
PPTX
Self service it with v realizeautomation and nsx
bysolarisyougood
 
PPTX
V mware v realize orchestrator 6.0 knowledge transfer kit
bysolarisyougood
 
vRA + NSX Technical Deep-Dive
byVMUG IT
 
V mware v realize automation 6.2 knowledge transfer kit
bysolarisyougood
 
VAS - VMware CMP
byMohamed El Shorbagy ☁☁☁
 
Storage Management with vRealize Operations
byVirtualization and Cloud Management Solutions
 
ebk EVO-RAIL v104
byErik Bussink
 
VMware Ready vRealize Automation Program
byVirtualization and Cloud Management Solutions
 
Self service it with v realizeautomation and nsx
bysolarisyougood
 
V mware v realize orchestrator 6.0 knowledge transfer kit
bysolarisyougood
 

What's hot

PPTX
Lets vRealize level -100 Presentation
byAnil Gupta (AJ) - vExpert
 
PDF
Partner Presentation vSphere6-VSAN-vCloud-vRealize
byErik Bussink
 
PPTX
vCenter Orchestrator APIs
byPablo Roesch
 
PDF
VMware Integrated OpenStack 2.0
byErik Bussink
 
PPTX
vCloud Automation Center 6.0 -My Notes on Architecture
bytechstarts
 
PDF
EVO-RAIL 2.0 Overview Deck
byErik Bussink
 
PDF
PuppetConf 2016: Puppet and vRealize Automation: The Next Generation – Ganesh...
byPuppet
 
PPTX
V mware virtualization design and deploy service
bysolarisyougood
 
PDF
Cloud Management with vRealize Operations
byVirtualization and Cloud Management Solutions
 
PPTX
VMware vSphere technical presentation
byaleyeldean
 
PPTX
Log Analytics by VMware Log Insight
byKiss Tibor
 
PPTX
VMworld 2015: Take Virtualization to the Next Level vSphere with Operations M...
byVMworld
 
PDF
VMware vCloud Suite
byVMware
 
PPTX
VMware 2015: Next Horizon for Cloud Networking and Security
byVMworld
 
PPTX
IaaS with Software Defined Networking
byPrasenjit Sarkar
 
PDF
vRealize Operations 6.4: Supercharge your SDDC Intelligent Operations
byVMware
 
PPTX
Troubleshooting Storage Devices Using vRealize Operations (formerly vC Ops)
byVirtualization and Cloud Management Solutions
 
PDF
Presentation desarrollos cloud con oracle virtualization
byxKinAnx
 
PPTX
V mware v center orchestrator 5.5 knowledge transfer kit
bysolarisyougood
 
PDF
The Age of Network Operations Management in Software Defined Data Centers
byVirtualization and Cloud Management Solutions
 
Lets vRealize level -100 Presentation
byAnil Gupta (AJ) - vExpert
 
Partner Presentation vSphere6-VSAN-vCloud-vRealize
byErik Bussink
 
vCenter Orchestrator APIs
byPablo Roesch
 
VMware Integrated OpenStack 2.0
byErik Bussink
 
vCloud Automation Center 6.0 -My Notes on Architecture
bytechstarts
 
EVO-RAIL 2.0 Overview Deck
byErik Bussink
 
PuppetConf 2016: Puppet and vRealize Automation: The Next Generation – Ganesh...
byPuppet
 
V mware virtualization design and deploy service
bysolarisyougood
 
Cloud Management with vRealize Operations
byVirtualization and Cloud Management Solutions
 
VMware vSphere technical presentation
byaleyeldean
 
Log Analytics by VMware Log Insight
byKiss Tibor
 
VMworld 2015: Take Virtualization to the Next Level vSphere with Operations M...
byVMworld
 
VMware vCloud Suite
byVMware
 
VMware 2015: Next Horizon for Cloud Networking and Security
byVMworld
 
IaaS with Software Defined Networking
byPrasenjit Sarkar
 
vRealize Operations 6.4: Supercharge your SDDC Intelligent Operations
byVMware
 
Troubleshooting Storage Devices Using vRealize Operations (formerly vC Ops)
byVirtualization and Cloud Management Solutions
 
Presentation desarrollos cloud con oracle virtualization
byxKinAnx
 
V mware v center orchestrator 5.5 knowledge transfer kit
bysolarisyougood
 
The Age of Network Operations Management in Software Defined Data Centers
byVirtualization and Cloud Management Solutions
 

Similar to vRA7 What's New

PPTX
20151019 v mworld2015-recap-02
byKevin Groat
 
PPTX
PuppetConf 2017: vRealize Automation and Puppet: Enabling DevOps Ready IT- Ga...
byPuppet
 
PDF
Webinar Fondazione CRUI e VMware: VMware vRealize Suite
byJürgen Ambrosi
 
PPTX
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
byArraya Solutions
 
PPTX
Desktop virtualization customer presentation
byNuno Alves
 
PPTX
Desktop virtualization customer presentation
byNuno Alves
 
PPTX
VMworld 2014 Announcements
byBrendan Rose
 
PDF
VMworld 2013: Go to Market with the VMware Solution Exchange
byVMworld
 
PDF
Whitepaper application virtualization_smackdown
byAswin Eshuis
 
PPTX
V mware view 5 customer presentation
bysolarisyourep
 
PPTX
Plan, Deploy & Manage Modern Applications Leveraging vCloud Automation Center...
byPuppet
 
PPT
Capito Ardoe House VMWare Presentation
byCapito Livingstone
 
PPTX
VMware Orchestrator Architectural Overview.pptx
bysappelsien
 
PPTX
VMworld 2015: Introducing Application Self service with Networking and Security
byVMworld
 
PPTX
VMware and Puppet: How to Plan, Deploy & Manage Modern Applications
byPuppet
 
PDF
VMworld 2013: Best Practices for Application Lifecycle Management with vCloud...
byVMworld
 
PDF
Virtualizing & Mobility - Transforming the way governments communicate - Mitel
byKBIZEAU
 
PPTX
Horizon 6 what's new
by培林 何
 
PPTX
VMware Customer references - Cloud
byAnil Gupta (AJ) - vExpert
 
PDF
VMware - Application Portability
byVMUG IT
 
20151019 v mworld2015-recap-02
byKevin Groat
 
PuppetConf 2017: vRealize Automation and Puppet: Enabling DevOps Ready IT- Ga...
byPuppet
 
Webinar Fondazione CRUI e VMware: VMware vRealize Suite
byJürgen Ambrosi
 
Gain Insights, Make Decisions, and Take Action Across a Streamlined and Autom...
byArraya Solutions
 
Desktop virtualization customer presentation
byNuno Alves
 
Desktop virtualization customer presentation
byNuno Alves
 
VMworld 2014 Announcements
byBrendan Rose
 
VMworld 2013: Go to Market with the VMware Solution Exchange
byVMworld
 
Whitepaper application virtualization_smackdown
byAswin Eshuis
 
V mware view 5 customer presentation
bysolarisyourep
 
Plan, Deploy & Manage Modern Applications Leveraging vCloud Automation Center...
byPuppet
 
Capito Ardoe House VMWare Presentation
byCapito Livingstone
 
VMware Orchestrator Architectural Overview.pptx
bysappelsien
 
VMworld 2015: Introducing Application Self service with Networking and Security
byVMworld
 
VMware and Puppet: How to Plan, Deploy & Manage Modern Applications
byPuppet
 
VMworld 2013: Best Practices for Application Lifecycle Management with vCloud...
byVMworld
 
Virtualizing & Mobility - Transforming the way governments communicate - Mitel
byKBIZEAU
 
Horizon 6 what's new
by培林 何
 
VMware Customer references - Cloud
byAnil Gupta (AJ) - vExpert
 
VMware - Application Portability
byVMUG IT
 

vRA7 What's New

  • 1.
    © 2015 VMwareInc. All rights reserved. vRealize Automation 7.0 What’s New | Spotlight Features Erik Bussink Solution Architect ebussink@vmware.com bussink.ch | @ErikBussink
  • 2.
    The Impact ofthe Accelerating Pace of Business Applications  Drive competitive advantage  Enable new business opportunity Applications IT Operations  Shorter release cycles  Agile development processes DEMAND  Increased demand  Faster delivery expectations The Business RESULT  Lower customer satisfaction  Growing use of shadow IT  Large application backlog  Perceived as barrier to progress  Increased risk  Missed opportunity
  • 3.
    Hybrid Cloud (Private /Public) Physical Software-Defined Data Center (SDDC) Cloud Management Platform enables the One Cloud, Any Application Approach 3 SOFTWARE-DEFINED DATA CENTER Compute Network Storage End-User Computing Extensibility Applications Cloud Management Platform BusinessOperationsAutomation Virtualized Infrastructure Compute Network Storage
  • 4.
    Automating is keyto a scalable and sustainable SDDC SDDC requires a new management paradigm 4 Prodigious Level of Automation • Logical construct of users and resources (IT and financial) • Policy-based life cycle management • Self-service capabilities Explosive Growth • New SDDC objects (e.g. VMs, NSX controllers, VSAN datastores) • Management scope expands across virtual and physical
  • 5.
    Task timeWait time FullAutomation Eliminates Wait Time Semi-Automated Service Blueprints Policy-driven Automation Dev Test Prod On Premise Infrastructure Verification Build VMs – New or Clone Get IP Install, Setup, Configure Load Balancer Entries / Firewall Changes Web Server Configuration 1- 2 days 3- 5 days 3 – 5 days 1 – 2 days 4 – 7 days 2 – 3 days 2 – 5 days Developer Request External Interface & Integration IT Processes Ticket 5
  • 6.
    vRealize Automation 7.0 What’sNew | Spotlight Features 6CONFIDENTIAL
  • 7.
    Accelerate Time toValue (TTV) • New Deployment Architecture • Wizard-Based Automated Installation
  • 8.
    Applicati on Services Simplified Virtual AppliancesHA Landscape 8 6.X vRA VA vRA VA Data Store Data Store Applicati on Services vRO vRO Identity Identity IaaS Load Balancer vRA Load Balancer AD, LDAP, SAML, 2FA 7.0 • Fewer Services to Deploy • Fewer VA’s to Manage • Fewer External Dependencies • Happy Customers • All services automatically clustered when deployed in an HA configuration 1. vRA Core Services 2. Embedded vRealize Orchestrator Instance 3. vIDM (SSO) Services 4. vPostgres DB SINGLE VIP NEEDED FOR ALL THESE SERVICES IN HA!
  • 9.
    IaaS Services (win) vRAVA vRA VAvRA Core vIDM vRO vPostgres DB RabbitMQ Load Balancer Load BalancerLoad Balancer External ServicesFabric Endpoints* DEM 1 Web Service 1 DEM 2 Web Service 2 Agent 1 Agent 2 Model Mgr 2 Model Mgr 1 * not all represented AD | LDAP vRealize Automation 7.0 Deployment Architecture HA | Distributed
  • 10.
    Installing vRealize Automation7.0 - Highlights 10 • Completely Revamped Installation Process • Everything starts with a single download of the vRA VA (OVA) • Installation wizard offers two different types of installs – Simple Install – wizard-driven walk through for installing vRA in a monolithic (non-distributed) instance – Enterprise Install – wizard-driven walk through for installation all components in a distributed, highly-available vRA instance. • Wizard locates IaaS installation candidates, leverages new management agent.
  • 11.
    Deployment Options: Minimalvs. Enterprise • Minimal assumes a POC like environment – 1 vRealize Automation Appliance – 1 Windows Server • Enterprise assumes a fully distributed install – Advises user on load balancer use – Creates and places certs – Creates database 11
  • 12.
    IaaS Components: Assignmentof Server Roles • Wizard will detect and show available machines in the deployment • Allows user to assign roles to specific machines • Machine discovery requires management agent to be pre- installed • A stand-alone pre-req checker is available
  • 13.
  • 14.
    vIDM - EnhancedAuthentication Service 14 • Embedded Service in vRA appliance (no separate VAs) • Integrated UI with common Look and Feel • Enable new Enterprise use cases • Features Enabled by vIDM – Multiple domains to single tenant – Single domain to multiple tenants – Full OTB branding capabilities – OTB 3rd party SAML Token Support – OTB Smart Card Support – Multi-factor authentication – Login Auditing – Major Scalability Improvements – HA support (configured by wizard) Active Directory vRA Appliance Auth Services Auth Services connecting to multiple ADs
  • 15.
    vIDM – AdditionalFeatures Tenant and Directory Management • Tenant isolation • Tenant boundary is flexible, not bound by AD domains • Sync the directory content to the local database • Faster searches and logins • Can sync only part of the directory • Sync based on schedule or manually • Define mapping of attributes Support for Local Users • AD is not required • Basic operations for users add/remove/edit • Local users are per tenant 15
  • 16.
    vIDM – Per-TenantBranding • Branding configured per- Tenant • Customize login screen wallpaper and color pallet • vRA UI global branding and color pallet 16 Powered'by'VMware'Identity'Manager™
  • 17.
  • 18.
    Converged Blueprint (CBP)Designer Simplified Blueprint Authoring for IaaS and Applications • Unified graphical canvas for designing machines, software components and application stacks • Ability to extend or define external integrations in the canvas through XaaS (a.k.a ASD) • Enable team collaboration by enhancing and introducing fine grain roles • Avoid App Services complexity that often lead to longer sales cycle or reduced opportunity
  • 19.
    App Authoring -Software Components Library • The Software Architect (new role) authors software components for use in the CBP Designer – no more external tools. • Once published, software components are shared across Business Groups, but not across Tenants • Once Published, software components cannot be requested on their own – they are only consumable in the CBP Designer • Typical Application Creation Workflow: – Create and publish software components, properties, dependencies, etc. – Application design with published software components using CBP – Complete networking configuration for app blueprint – Complete security configuration for app blueprint – Publish, add to catalog, entitle, add EBS subscriptions (optional) – Optionally Export App Blueprint (or Import others)
  • 20.
    App Authoring -Significant Converged Capabilities Added Feature / Function Details Unified Canvas • Single model to author machines, applications, software components, and XaaS blueprints. • Consolidation of roles between vRA and AppServices Machine Authoring • Author machine with standard configuration • Use Puppet/Chef based configuration Software Authoring • Author script based software • Author Puppet/Chef content Multi-Tier and Composite Applications • Authoring multi-tier application blueprints with dependencies and cross node binding • Author composite blueprints with individual sub-application blueprints • Author blueprints using preconfigured XaaS service blueprints Integrated Networking and Security (NSX) • NSX integration for single machine and multi-tier applications • On-demand networks, security groups, and load balancing for single and multi-tier blueprints (vSphere only) Declarative Format • Declarative format for machine, software, application, and XaaS blueprints • Import/Export a blueprint and save it in source control repository (CloudClient)
  • 21.
    vRA 7.0 Outof the Box Content vRA 7 will ship with out-of-the-box application blueprints for quick start and TTV (top customer requests): 1. Windows System: Windows 2012 R2, IIS, MSSQL, .NET (#1 customer request) 2. LAMP Stack: RHEL and Apache Load Balancer 3. Micro Services App: This will mimic an e-commerce app that will replace the existing Duke’s Bank example 4. Ruby on Rails App: 3-tier app with Apache LB, Ruby on Rails, Oracle DB 21 • OOTB Blueprints are embedded in the vRA VA and imported into vRA using CloudClient • Additional application blueprints will be made available for download from the Solutions Exchange: • Multi-tier complex app, retail store use case • Big Data app, Java app, Sharepoint 2013
  • 22.
    Blueprints as Code 22 •Ability to read and create blueprints with a text editor of choice. • Save it in source control like Git • Machine blueprint in YAML format • Application & Software blue prints currently in JSON format moving to YAML by GA • Import/Export in same or multiple vRA instances • Complete Blueprint is exported into a zip compressed format similar to the current ASD export
  • 23.
    © 2015 VMwareInc. All rights reserved. vRealize Automation 7 NSX + vRA 7 Cloud Management Technical Marketing
  • 24.
    Application Deployment withOn-Demand Networking & Security • Logical switches and routers are created on demand by NSX when the user creates an application • Single machine, single-tier or multi-tier topologies • Supports NAT and routed topologies • Automated IP addressing of both VMs and subnets • On-demand security groups built per app and per tier with VMs placed into groups • App isolation option • Security policies applied to dynamically created groups • Load-balancer configuration dynamically deployed and dedicated to application 24CONFIDENTIAL Web/App Database VM VM VM
  • 25.
    Application Deployment withOn-Demand Micro-Segmentation • Networking is pre-created by NSX admin • VMs placed on pre-created logical switches • On-demand security groups created when application is deployed • Security policies applied to dynamically created groups • Micro-segmentation on larger L2 networks • Load-balancer configuration dynamically deployed • VMs and security groups removed when app destroyed but networking remains 25CONFIDENTIAL Web/AppDatabase VM VMVM
  • 26.
    Application Deployment intoExisting Network and Security Services • Pre-created logical switches and routers defined by the NSX admin - VMs are wired to pre-created switches • Security Groups pre-defined to match security tags for each tier of application • When a cloud user selects a catalog item VMs are wired to NSX switches and tagged with appropriate security tags • Enforcement is based on combining the tag with the rules in the security group • Applications can be single tier or multi-tier – typically routed topologies 26CONFIDENTIAL Web/App Database VM VM VM
  • 27.
    Simplified Application CentricNetwork and Security Web App Database VM VM VM VM VM VM 27 • Applications configured with dedicated or shared virtual switches and routers depending on needs • Application level micro-segmentation security • Dynamic configuration of application specific load balancers without expensive physical hardware VM • Networks configured to meet unique performance needs of each application VM VM VM VM VM VM VM Dynamically Configure NSX Network and Micro-segmentation unique for each application
  • 28.
    CBP - Networkingand Security Integration • Automated connectivity to existing or on-demand networks • Micro-segmentation for application stack • Automated security policy enforcement thru NSX security policies, groups and tags • On-demand dedicated NSX load balancer • Parent component only, not application-level 28 NSX Integration for Blueprint Authoring & Deployment
  • 29.
    Mission:Extensible LifeCycle Extensibility (LE)Redefines Ecosystem Integration CDK
  • 30.
    LifeCycle Extensibility –Ecosystem Automation 30 • No need of any additional development tools • No need of deep knowledge how the core functionality works • Centrally create and manage extensibility for all IaaS services • Increase TTV with quick-n-easy extensibility use cases • Quickly leverage existing workflows from within the vRA UI • Scalable model Create vRO WF Subscribe for Event1 2 Customize & Extend vRA using Event broker
  • 31.
    LifeCycle Extensibility –Centralized Policy Management Enable OOTB extensibility for IaaS and Application Services dynamically by leveraging the Event Broker • Enable OTB extensibility for IaaS and Application Services dynamically by leveraging the Event Broker Service (EBS) • Invoke workflows based on a policy-based trigger configured for a specific “interesting” event “Invoke vRO Workflow to integrate with a custom service based on the NAME of a blueprint, Custom Property Value, Requestor ID, or machine and platform type….GO!”
  • 32.
    LifeCycle Extensibility –Event Broker (EBS) High-Level View XaaS Postgres Sql IaaS Cloud, Physical, virtual vCA, AWS , Azure, Softlayer, ….. Event Broker Service (EBS) Approvals Identity SW service SW agent Resource Governance • Compute, Storage, Network • Reservation • Reservation Policies Infrastructure Abstraction Layer Compute Network Storage Orchestration Engine • State Machine • Life Cycle Workflows • Data Collection PluggableFramework 3rd party management systems • CMDB • IPAM / DNS / DHCP • Load Balancers / Networking • Service Desk • Monitoring Systems • Storage Management • Databases • Web Services • … vRealizeOrchestrator
  • 33.
  • 34.
    Introducing the [new]vRO Control Center The vRO 7.0 Control Center • Embedded + External • New modern UI for vRO setup, configuration, workflow monitoring, troubleshooting, and other useful information. • Collect metrics for workflow execution • Analyze running workflows • General troubleshooting • Manage, Import/Export central DB • WAY more slick than previous “legacy” UI
  • 35.
    New Plugin ManagementUI • Install and Management Plugins • Debugging + Logging Granularity Per-Plugin • View Plugin Status, Enable / Disable as needed • Switch to Legacy UI if this is all too much for you
  • 36.
    Runtime Metrics andMonitoring • Global View of all Running Workflows • Manage Workflow Execution • Search by Workflow Name and Token ID • View Multiple Workflows Simultaneously
  • 37.
    Entitlements • As with6.x, Services, Catalog Items, and Actions can be added to an Entitlement • In 7.0, the list of Catalog Items includes Catalog types • Adding a Catalog Item type will entitle users to objects built off of that type. 6.x 7.0
  • 38.
    Entitlements • As with6.x, Actions and Approvals can be added to Entitlements. – Entitlement dictates what the user can see & do – Limit what actions a user can perform to the actions in the entitlement that enabled the user to provision the resource. • Actions are bound to Entitlements – For actions to apply to a Resource, they must be granted in the same entitlement as the relevant Catalog Items or Services • This wasn’t always the case – In 7.0, Actions are bound to the entitlement resource was provisioned from – In 6.x, if a user was entitled to an action - that action was available to all items regardless of the entitlement it was provisioned from.
  • 39.
    VMware’s CMP AutomatesSDDC at Scale 39 DEFINE Define Business Groups and Allocate Budget CREATE Create Reservations & Policies Create Single Machine, Multi- tier Application, or other custom service blueprints REQUEST AND DEPLOY Standardize Requests and Deploy Infrastructure Across Private, Public, and Hybrid Clouds METER Meter and Correlate Consumer Usage and Costs MONITOR Collaborate Across Infra and Ops Teams; Monitor Infrastructure Across Private, Public, and Hybrid Clouds MANAGE Remediate, Optimize, and Reclaim Infrastructure Based on Policies and Cost 1 2 3 4 5 6