Configure VMware vRealize Automation to provision VMs on VMware Cloud on AWS
Configure VMware vRealize Automation to provision VMs on VMware Cloud on AWS
Project Overview
Project Detail
Mware vRealize Automation is automation software that you can use to request and manage IT resources. By choosing to configure vRealize Automation with VMware Cloud on AWS, you can automate the delivery of virtual machines (VMs), applications, and IT services across multiple data centers and cloud environments.
Your IT teams can then create catalog items to configure service provisioning and operational capabilities that your users can request and use with their existing vRealize Automation tools. You can also improve your IT agility and efficiency by integrating VMware Cloud on AWS with vRealize Automation Cloud Assembly.
This pattern describes how to configure VMware vRealize Automation to automatically build VMs or application capabilities on VMware Cloud on AWS.
Prerequisites and limitations
Prerequisites
An existing on-premises data center and a VMware Cloud on AWS software-defined data center (SDDC). For more information about the cloud SDCC, see About Software-Defined Data Centers in the VMware documentation.
An existing connection between the on-premises data center and the cloud SDDC, using AWS Direct Connect, a VPN (route or policy-based), or both.
The on-premises data center and cloud SDDC are synchronized with network time protocol (NTP) or another authoritative time source.
The maximum latency of a round-trip time between the on-premises data center and the cloud SDDC doesn’t exceed 100ms.
The vCenter Server’s fully qualified domain name (FQDN) must resolve to a private IP address.
Cloud SDDC users with access to your on-premises environment.
Organization owner access in the vRealize Automation Cloud Assembly service role.
End users with permission in vRealize Automation Service Broker to consume service.
The on-premises data center’s Classless Inter-Domain Routing (CIDR) range must be open for the generating of API tokens from the VMware Cloud on AWS console. The following list provides the minimum roles required to generate API tokens:
You can only configure 20 VMware Cloud accounts with public endpoints in one vRealize Automation. For more information about this, see Scalability and concurrency maximums in the VMware documentation.
Product versions
vRealize Automation version 8.x or later
VMware vRealize Identity Manager version 3.x or later
VMware vRealize Suite Lifecycle Manager version 8.x or later
Architecture
The following diagram shows the vRealize Automation services that can use infrastructure from both on-premises and VMware Cloud on AWS environments.
VMware Cloud Assembly components
VMware Cloud Assembly is a core component of vRealize Automation and you can use it to deploy and provision VMs and compute resources. The following table describes VMware Cloud Assembly components that must be configured for provisioning VMs on VMware Cloud on AWS.
Components
Definition
Cloud Account
The Cloud Account provides connection details (for example, server name, user name and password, access key, and API token). VMware Cloud Assembly uses the Cloud Account to collect an inventory of your resources.
Cloud zones
Cloud zones identify resource boundaries in the Cloud Account (for example, AWS Regions and the cloud SDDC). Cloud zones associate compute resources with the Cloud Assembly project.
Projects
A project is a logical entity that consists of users and resources such as cloud zones. It also consists of resource quotas and VM naming policies that are used when building the VM.
Flavor mappings
Flavor mapping provides information about the VM’s capacity (for example, number of CPUs and amount of memory) that are used in the Cloud Template.
Image mappings
Image mapping maps the VMware vSphere VM template and Amazon Web Services (AWS) image that are used in the Cloud Template. For more information about this, see Learn more about image mappings in vRealize Automation in the VMware documentation.
Network profile
Network profile controls the placement decision to choose a network during VM provisioning.
Storage profile
Storage profile controls the placement decision to choose storage during VM provisioning.
Cloud Templates
VMware Cloud Templates are an important component of vRealize Automation because they define cloud infrastructure provisioning and orchestration. The Cloud Templates are specifications for the resources and include the resource type, resource properties, and input to be collected from users.
Tools
VMware vRealize Automation – vRealize Automation is an infrastructure automation platform with event-driven state management and compliance. It is designed to help organizations control and secure self-service clouds, multi-cloud automation with governance, and DevOps-based infrastructure delivery.
VMware Cloud on AWS –VMware Cloud on AWS is an integrated cloud offering jointly developed by AWS and VMware.
Epics
Generate the API tokens
Task
Description
Skills required
Generate the API tokens from your VMware Cloud on AWS account.
Sign in to the VMware Cloud Console.
On the VMware Cloud Services toolbar, choose My Account and then choose API Token.
Enter a name for your API token, provide the required lifespan, and define the scopes for the token.
Choose the Open ID check box and then choose Generate.
Install vRealize Automation in your on-premises data center
Task
Description
Skills required
Download the required software.
Download the VMware vRealize Suite ISO file from the My VMware Portal. This package contains vRealize Suite Lifecycle Manager, VMware Identity Manager, and vRealize Automation.
On the VMware Cloud Console, open the Projects tab and then choose New project.
Enter the name of your project.
Open the Cloud Zones tab and choose default VMware Cloud on AWS Cloud Account.
Cloud administrator
Configure cloud zone.
On the VMware Cloud Console, open Cloud Zones and choose thecloud zone for your SDDC data center.
By default, cloudadmin@vmc.local (this is the default local user ID for the cloud SDDC’s vCenter) only has access to provision in the Compute-ResourcePool.
Open the Compute tab under Cloud Zones and then choose Compute-ResourcePool.
Cloud administrator
Configure flavor mapping.
Open the Flavor Mappings tab and create a new flavor mapping.
Enter the flavor name, choose the VMware Cloud on AWS account, and then provide the number of vCPUs and amount of memory.
Cloud administrator
Configure image mapping.
Open Image Mappings and create a new image mapping.
Enter the image name.
Choose the VMware Cloud on AWS account and provide the Cloud Account templates that are required.
Cloud administrator
Configure network profile.
Open Network Profile and create a new network profile.
Enter the network profile name.
Open the Network tab and choose the existing network that you want to use for provisioning.
Cloud administrator
Configure storage profile.
Open Storage Profile and choose New Storage Profile.
Enter the storage profile's name.
In the Policies section, create a new policy.
Choose Workload Datastore. By default cloudadmin@vmc.local only has access to provision in the workload's datastore.
Cloud administrator
Create the Cloud Template.
Open the Design tab, choose Cloud Templates, and then choose New From and Blank Canvas.
Provide the name and description of the Cloud Template.
Choose the project that you created earlier.
From the Cloud Template resources design page, drag components into the blank canvas according to your requirements.
Choose Test to test the template and fix any issues.
Choose Deployment and provide the deployment name to deploy the VMs.
