Friday, 10 March 2017

VCP7-CMA Section 1 - Blueprint Dissection

Blueprint dissection of section 1 of the VCP7-CMA exam (white text = the blueprint, red text = my comments)

Objective 1.1: Create, Modify and Publish Blueprints Based on a Given Design  
·       Select the provisioning workflow, virtual machine template, and customization specification
From vRA, Design > Blueprints > New > (specify name, expiration & archive durations, etc) > with ‘Machine types’ selected from the top left corner, drag a ‘vSphere Machine’ from the bottom left corner to the blueprint area…  From here, the Build Information tab has Clone From and Customization Spec:

·       Configure expiration and archive durations
Configured in the previous step when creating a blueprint, or alternatively from ‘Blueprint Properties’ (which is the cog next to the name of the blueprint.

·       Configure machine prefixes
Infrastructure > Administration > Machine Prefixes > ‘+’ 

Name = Previx, Number of digits = trailing digits from name, next number = where to start the numbering sequence… I.e., in the above example, the first server would be srv43000, then srv43001, etc…
·      Configure and manage networking components
Log in as Fabric Administrator > Infrastructure > Network Profiles > Add:
o   External – Connected to an external network and a prereq for NAT and Routed.  This is a pre-created network.
o   NAT – Only available with NSX – Address translation for one to many or one to one NATting…  External IP and internal IP different so a web-server for example.
o   Routed – Only available with NSX – Used to give access to the application through an ESG.
After which, these can be dragged onto a blueprint as a network object, then on the ‘Network’ tab on the VM, select the network you’ve dragged onto the blueprint, choose IP assignment (or static IP – more unlikely for traditional IaaS Blueprints, more likely for a particular application that can be microsegmented, etc).

·       Specify compute, memory, and storage resources
Add an endpoint - Infrastructure > Endpoints > New > Virtual (vSphere – vCenter) – This step may have been done as part of the deployment process
Create a business group – Administration > Users and Groups > Business Groups
Infrastructure > Compute Resource > Shows what resource is available.
Infrastructure > Reservations > New Reservation – Create a reservation for each tenant and/or business group:

Then check from within the business group that the resource is allocated:

Then, selected from within the blueprint
·       Configure custom properties and property groups
Custom properties configurable throughout vRA (for example, on a blueprint, business group, etc) and a property group can be configured through Administration > Property Dictionary > Property Groups
·       Create nested blueprints
From the blueprint canvas, you can drag on existing blueprints.

·      Create and add software components
Only available with vRA Enterprise (not vRA Advanced) – same applies to containers in vRA 7.2… 
Design > Software Compents > New +

Fill in properties as you wish…  For each action (Install, Configure, Start, Update and Install), fill in what the actions you want to execute in order to manage the software:

Next then finish…
Then Publish:

Now you can include this in a machine blueprint on the design canvas:

This is useful for lifecycle management
·      Publish blueprints
Once a blueprint is created, you can publish it by clicking on ‘Publish’…  You then have to create a service, to which you can add your published blueprint to the service…  Then an entitlement, which you add to your blueprint, service and whatever actions you want to allow your users to execute (for example, once they have created a VM, do you want them to renew the lease, RDP to it, connect to the VM via VMRC, etc)…

Objective 1.2: Create and Manage XaaS Blueprints with Custom Resource Mappings   
·       Create and manage XaaS resources in vRealize Automation based on the design
All through vRealize Orchestrator…  If inbuilt, you can get to the client using https://vra-app/ and selecting vRealize Orchestrator client…  If external, use the same mechanism but to the vRO appliance IP (https://vro-app:8281/vco).  If you’re using an external vRO server, you might need to do some work to use vRA for authenticaton (again, using the :8281/vco address mentioned above, you can configure this – Orchestrator Control Center):

o   Configure Active Directory plugin

o   Configure REST plugin
Library > HTTP-REST > Configuration > Add a REST Host

o   Configure PowerShell plugin
On the host that you wish to use to execute powershell…

winrm quickconfig
winrm set winrm/config/service/auth @{Basic = "true"}
winrm set winrm/config/service @{AllowUnencrypted = "true"}
winrm set winrm/config/winrs @{MaxMemoryPerShellMB = "2048"}

Set-ExecutionPolicy Unrestricted

Then from vRO; Library > Powershell > Configuration > Add a PowerShell host

Defaults – but use UPN rather than NT\user format.
o   Configure SOAP plugin
As before – Library > SOAP > Configuration > Add a SOAP host

o   Configure vCenter Server plugin
Library > vCenter > Configuration > Add a vCenter Server

·      Create and manage custom resources
Design > XaaS > Custom Resources:

·      Create and manage XaaS Service Blueprints
Must have the services architect role…  First, there will need to be something written from vRO – this is a very simple example which does nothing other than log a name, email address and a message to the system log…  no extensibility of value but it proves a point:

o   Create a service blueprint form
From within vRA – Design > XaaS > XaaS Blueprints > + 


Under ‘Fields’ there are the vRO fields which can be labelled so they read humanly readable rather than camelCase:

o   Configure output parameters
On a separate form (you have three options; add the Submitted request details form)

You can drag outputs from the vRO Workflow to the main form as I have done here on the emailBody of my vRO workflow (and given it a friendlier name)

Then when the workflow is run:

View from vRO:

And from vRA:

o   Publish the blueprint
As with a machine blueprint – Publish the blueprint > create a service (or you can add to an existing) > add entitlements > consume!
·      Create and manage XaaS resource actions
o   Create a service blueprint form
Design > XaaS > Resource Actions – how you run a vRO script against a managed object; i.e., a VM…

On the Input Resources tab, you need to map between the vRA and vRO objects:

o   Configure output parameters
See above – jobResult is an output parameter (as defined by the vRO workflow):

And the user will see (different workflow but similar to this):

o   Publish the blueprint
As before – but this time you have to add the action to the entitlement…  Click publish on the blueprint once it’s been created…

Administration > Catalogue Items > Entitlements > (select your entitlement) > Entitled Items + > :

§  Create and manage resource mappings with specific conditions
You will have to write some kind of conversion in vRO – or use an existing one…  Then…  From vRA > Design > XaaS > Resource Mappings:

This is used when you have a Resource Action with a specific property – i.e., below I am deleting a computer acct:


The previously created resource map that I created (‘AD to VM’ when in fact it should have been named ‘VM to AD’) is available to us

No comments:

Post a Comment