VMware vRealize Automation

Main articles:

• PaaS - Platform As A Service
• IT Service Management (ITSM)

VMware vRealize Automation, or vRA (before the release of version 6.2, the solution was called vCloud Automation Center, or vCAC^[1])^[2] infrastructure automation platform designed to provide self-service clouds, automate processes in a multi-cloud environment with controls, and administer and protect DevOps infrastructure. It helps improve the adaptability and performance of your IT environment (April 2022 data).

2022

Fix a vulnerability that allows attackers to gain administrator privileges

VMware has fixed a critical vulnerability in some of its products. This became known on May 19, 2022. CVE-2022-22972 affects Workspace ONE Access, VMware Identity Manager (vIDM), and vRealize Automation. More details here.

VMware vRealize Automation SaltStack SecOps Cloud

On January 14, 2022, it became known that VMware Cloud the company's vRealize Automation solution VMware can now be supplemented with SaltStack SecOps Cloud, which allows you to add additional funds safety infrastructure to automation. This clouds component allows you to add compliance and remediation features vulnerabilities to your Cloud vRA Cloud solution SaaS.

Previously, this product was only available for the vRealize Automation:

SecOps is Security plus Operations, that is, tools that allow you to combine the efforts of security teams and administrators in configuring and monitoring the virtual environment. Now both commands can configure security policies, scan systems for compliance, and fix configurations from a single console.

Many organizations have to comply with various security standards (ISO 27000, HIPAA, PCI, NIST, etc.), which requires thousands of different requirements and checks. The Center for Internet Security (CIS) organization provides users with a single compliance framework within different requirements and regulations.

vRealize Automation SaltStack SecOps Cloud includes a database of CIS-certified content and DISA STIG (Defense Information Systems Agency Security Technical Implementation Guides) requirements, which are the basis for configuring cloud security policies.

vRealize Automation SaltStack SecOps Cloud scans systems daily for compliance and prevents the security configurations from leaking smoothly to the wrong side.

This solution also includes integration services with VMware Carbon Black Cloud, which allows you to add a solution to proactively search for Black Cloud vulnerabilities to correct configurations and comply with regulatory requirements.

In addition to this vRA SaltStack SecOps Cloud allows to add results of scanning of solutions of Tenable, Rapid7, Qualys and Kenna to accelerate control of a safe configuration of the environment.^[3]

2021: vRealize Automation 8.5

On August 26, 2021, it became known that VMware announced the availability for download of the vRealize Automation 8.5 (vRA) solution, designed to automate routine operations in the cloud based on VMware vSphere.

Highlights in Automation 8.5:

1. Microsoft Azure Support Updates

There are improvements such as optimal utilization of availability sets, reuse of resource groups for day-2, storages support for casual images in image gallery, support for disk encryption sets, enabling/disabling boot diagnostics and log analytics, and many other small improvements.

2. VMware Cloud Environment Support

Now, as part of its public cloud infrastructure support, VMware provides vRA for the Azure VMware Solution (AVS), Google Cloud VMware Engine (GCVE), Oracle Cloud VMware Solution (OCVS), and VMware Cloud on Dell EMC.

3. NSX-T Federation Changes

Now the federation mechanism allows you to select the local or global NSX Manager in the NSX-T Cloud Account, as well as existing global segments for the environment. In addition, vRA supports existing Global Security Groups for Network Profile profiles or within Cloud Template.

4. IP Assignment Changes

Now vRA 8.5 has the ability to assign the same range IP addresses to networks vSphere and. NSX For example, this is useful when there are multiple, and servers vCenter you need to use the same IP range for multiple networks within multiple vCenter. Each such environment will vRA be controlled separately.

5. Custom Resource Action Troubling Mechanism

You can now enable casual day-2 trawling in the vRA, bind it to event ID troubling, and show the user the result of the workflow.

6. Resource Quotas

A Resource Quota Policy has emerged that allows cloud administrators to limit CPU, memory, and storage consumption. You can set constraints at the organization, project, or user level.

7. Integration with SaltStack configurations

You can now use the vRA Cloud Template saltConfiguration property to set minions and status files in them during deployment.

8. Property Group Optimization

The Property Groups capabilities now include vRO Actions for dynamic external values, which allows you to set input Property Group parameters. You can bind passwords (secrets) to constant Property Group values and reuse them. Also, the RBAC mechanism allows you to create casual roles and control Project Scope.

9.vRealize Orchestrator Plugin для vRA

The vRO plugin now allows access to IaaS objects such as Cloud Zones, Cloud Accounts, and Properties.

10. Resource Views

Resource views are a way to monitor and manage resources in a vRA that allows you to:

• Select the management type - all resources, or by types: machines, storage, networks.
• Search by resource name for all available resources.
• Get easy access to day-2 actions directly from the resource context menu.
• See if any day 2 action is currently in progress.

11. Skyline Support

This support includes providing recommendations for vRA instances, log assist functions for managing log bands, and displaying details about the vRA environment.

12. Manage Notifications

You can now enable and disable notifications for policy events, including lease, approval, and onboarding relations events. Notification scripts are monitored through the Service Broker service in the vRA.^[4]

2019: Announcement vRealize Automation 8

On September 5, 2019, VMware announced the release of a major version of vRealize Automation 8. It automates most of the routine operations in the VMware vSphere-based cloud.

VMware noted that the solution of vRealize Automation is an onpremizny product, but if the user needs to use it in a cloud (for example, VMware vCloud on AWS), that is similar SaaS-service which is called VMware vRealize Automation Cloud (former Cloud Automation Services) which consists of the Cloud Assembly, Service Broker and Code Stream components which are also in onpremizny vRealize Automation.

According to the developer, vRealize Automation 8 is built on the basis of a microservice architecture based on containers, everything is implemented on the basis of containers inside one VM, which gives flexibility of deployment and ease of scaling.

Thus, the installation and configuration process has become easier, the configuration wizards allow you to start using the product already an hour after launch. The installer is supplied as an ISO file and can be deployed on Windows, Linux, or MacOS. The built-in marketplace includes various samples of operating systems, applications, bloodgates and images to quickly deploy the vRA infrastructure, VMware emphasized. In addition, the user can deploy vRealize Lifecycle Manager, vRealize Automation, and Workspace ONE Access (formerly VMware Identity Manager) as part of a single process (or you can use these existing components, if previously installed, and connect authentication services ).

According to the developer, the Automation 8 vRealize is built on the basis of the HTML5 interface based on Clarity. A powerful API for deployment and configuration extends the capabilities of the GUI. The Blueprints section has been substantially refined, where the user designs the architecture of the future system (OS, applications, network resources, etc.). The descriptive part of the bloopers is based on the YAML markup language, you can also visually work with blocks on the work field. Blooprints support version control and the Git workflow.

As noted in VMware, one of the updates to vRealize 8 is support for the VMware Cloud on AWS, Amazon Web Services, Microsoft Azure and Google Cloud Platform cloud platforms. You can create universal (cloud-independent) Projects, Cloud Zones, Profiles, and Blueprints for them. This gives you more flexibility in companies that use hybrid clouds using the services of several cloud providers.

vRealize Orchestrator, as the main part of vRealize Automation, in the presented version works as a service inside the virtual machine vRealize Automation VM and provides full integration with Git, and work takes place in the HTML5 interface. Also, the Action Based Extensibility (ABX) option appeared in the vRA, which is an alternative to vRealize Orchestrator. With ABX, you can use Node.js scripts or Python scripts to handle specific triggers, VMware emphasized.

The final release of vRealize Automation 8 is expected until November 1, 2019.^[5]

2016

VMware vRealize Automation 7.2

On October 18, 2016, VMware released VMware vRealize Automation 7.2.

In this version, the product will allow developers to speed up the delivery of applications. As part of the release, Admiral is a highly scalable, lightweight container management portal that will help you implement containers and run them on. servers Docker

In addition to Admiral support, developers will be able to deploy servers Docker through the Realize Automation 7.2 service catalog. They will be able to model the container applications of their choice through unified service templates or Docker Compose.

Application architects can create hybrid implementations from virtual machines and containers. Cloud administrators can manage container servers and apply rules for their use, including managing quotas and negotiation policies.

vRealize Automation 7.2 is suitable for organizations that need to support current applications while upgrading them with microservice and native cloud architecture.

VMware's multi-technology approach covers the private and public cloud, including container and OpenStack support.

vRealize Automation 7.1

On August 25, 2016, VMware announced the release of vRealize Automation 7.1^[6].

Additions and Changes

• possibility of installation in non-interactive mode ("quiet" installation).
• command-line interface for agents.
• Migration utility to move data from the vRealize Automation 6.2.x environment to the new vRealize Automation 7.1 installation (the original environment remains intact).
• IPAM integration framework (now supported by Infoblox) with the ability to automate the deployment of machines and applications (IP address assignment).
• Integrated Active Directory policy support.
• A custom property dictionary that simplifies the definition of properties in vRealize Orchestrator actions.
• possibility to reconfigure life cycle events.
• options for deploying vSphere environments and improving the data collection mechanism.
• The ability to manually scale vRealize Automation environments and update dependent components.
• castomization of the "message of the day" on the information panel.
• More information and filters are available on the Items page.
• blueprints for vSphere and AWS environments have appeared and are available for download from VMware Solution Exchange.
• support of an external DB of PostgreSQL is removed.

2015

VMware vRealize Automation 7

On October 15, 2015, VMware announced the release of vRealize Automation 7.

VMware vRealize Automation 7 provides unified service design capabilities that enable IT and DevOps groups to facilitate and accelerate the implementation of integrated tiered applications using application-centric networks and security in the cloud.

VMware vRealize Automation Interaction Diagram (2015)

A unified service design system will allow you to model infrastructure, networks, security and applications, as well as custom IT services, including their interactions and dependencies in graphical form. Released with VMware NSX 6.2 for dynamic network configuration and unique microsegmentation for each application developed in the project designer.

VMware vRealize Automation 7 projects can be used throughout the hybrid cloud with full support from the moment they are implemented on VMware vCloud Air and Amazon Web Services (AWS) platforms, including upgraded support for VMware vCloud Government Service and AWS GovCloud, OpenStack Kilo and VMware vSphere 6 Update 1.

Unified service templates are available through APIs or CLIs as text and read-only code for project development by DevOps groups.

The release will present improved extensibility through Event Broker, which allows you to access new features without changing the product source code to allow you to upgrade. It will also simplify the structure of user APIs for requesting and managing services. Through integration with VMware Identity Manager, VMware vRealize Automation 7 will help provide improved authentication services, including multi-factor authentication, smart card support, the ability to integrate with distributed external authorization services, and more. In addition, VMware vRealize Automation 7 will introduce a consolidated architecture with simplified installation, which will help reduce deployment time by 37% for most configurations (compared to the previous release). This will help IT companies get the most out of their solutions faster.

Prices and availability

VMware vRealize Automation 7 will be available in Q4 2015 and will be delivered as a standalone product within VMware vCloud Suite and VMware vRealize Suite. Software as a separate product will be sold in two editions: Advanced and Enterprise.

VMware vRealize Automation v.7 Properties

On November 5, 2015, some details about VMware vRealize Automation 7 version became known.

• Simplified deployment procedure.

vRealize Automation 7 does not require complex installation and configuration operations - the solution is deployed in a single interface with the proposed settings (there are authentication settings and Single Sign-On), which can then be changed. The console looks like this:

Window screenshot ON (2015)

• Unified service infrastructure design

In the visual designer of the service infrastructure, everything is done mainly with the mouse - it became somewhat easier to build the IT infrastructure of the enterprise:

Screenshot of the program window (2015)

• VMware NSX support for network topology and security infrastructure.

VMware NSX network infrastructure components are available for networking architecture and security infrastructure. You can transfer them in the visual editor using Drag & Drop:

Screenshot of the program window (2012)

The introduction of the editor eliminated the need to design a virtualized network infrastructure outside vRealize Automation.

• Formalized service descriptions and templates

Service description templates can be edited as text files. This allowed a more flexible approach to the design and unification of DevOps architecture. Supported source control systems for storing objects - scripts, workflow templates and scripts, service description files, etc.

• Enhanced scalability for third-party cloud integration

vRealize Automation 7 has gained extensive capabilities to call operations in third-party solutions for managing virtual infrastructures. Event Broker has appeared, standardizing the operations of transmitting commands to third-party means.

Updated API, improved integration with Amazon AWS cloud infrastructure and VMware vCloud Air, which helps create hybrid clouds for the enterprise (private + public).

As of November 5, 2015, the VMware vRealize Automation 7 release is not available for download. It is expected that this will happen before the end of 2015.

2014

VMware vRealize Automation 6.2

On October 14, 2014, VMware announced the introduction of a new version of VMware vRealize Automation (formerly VMware vCloud Automation Center).

The updated solution delivers business agility by automating the delivery of IT services and applications. New Product Release Delivers Improved Integration and access to shared services with VMware vRealize Operations.

Improved integration makes operational processes smarter, adds analytics to cloud lifecycle management. VMware vRealize Operations 6.2 provides the ability to review the state of services and identify idle machines in multivendor infrastructures. This will allow VMware vRealize Automation, which operates on a policy basis, to verify that there is still a need for resources before revoking them, reusing unbooted and idle machines. This increases resource utilization and saves on capital costs.

VMware vRealize Automation integration with VMware NSX helps solve the problem by managing and deploying virtual networks and services such as load balancers and security policies.

The templates will include network and security policies that are bound to applications when they are implemented, reinstalled, or migrated. Once the VMware application is revoked, vRealize Automation will reconfigure the network services according to security policies and firewall rules.

Administrators will have no need to worry about hundreds of firewall and security policies, many of which remain from unused applications.

As of October 2014, VMware Automation Center was a single infrastructure management portal to help accelerate the delivery of IT services tailored to your business needs.

2013: VMware vCloud Automation Center 6.0

On October 15, 2013, VMware announced the release of vCloud Automation Center 6.0.

vCloud Automation Center helps automate the delivery of personalized IT services.

Description

The new version of VMware vCloud Automation Center includes a single solution for fast application delivery, including application release automation and support for DevOps automation. This is achieved by integrating VMware vCloud Application Director. The product contains a directory for querying and managing all types of IT services, which provides access to any on-demand service. The ROI period under this approach is significantly reduced.

VMware vCloud Automation Center 6.0 allows you to build any client IT services (for example, Hadoop as a service) in a matter of minutes in addition to the standard capabilities of implementing services according to the "Infrastructure as a service" (), IaaS "Platform as a service" () PaaS and "Desktop as a service" () models. DaaS Continuing to expand the range of compatible platforms and clouds, VMware vCloud Automation Center 6.0 provides cloud support on VMware vCloud Hybrid Service, VMware NSX, and Red Hat Enterprise Linux OpenStack.

List of changes

The following are available in vCloud Automation Center 6.0 (vCAC):

• Ability for users to request different applications and monitor their deployment status
• Improved handling of transaction approval policies
• End users can roll back system updates themselves
• Solution connectivity to third-party services
• Deploy policy-based services
• New Advanced Service Designer providing updated tools for designing custom forms and workflows
• Integration with IT Business Management Standard Edition
• VMware vCloud Hybrid Service support, including administrative tasks with VMs hosted there
• Support for OpenStack architecture (in addition to existing vSphere, vCloud Director, Amazon Web Services, Hyper-V, Kernel-based Virtual Machine, Citrix XenServer and various physical server management interfaces)
• Access virtual machines via Remote Console
• Supports dynamic creation of isolated and routed networks and load balancers.
• VSAN storage support for virtual machine hosting
• Storage DRS Engine Support
• Service Support LDAP
• Multi-lease improvements (working with multiple organizations in the same IT environment).
• Verb-oriented RESTFUL API mechanism in beta.

Sales of the solution should begin in the fourth quarter at a license price of $4,995 per processor.

Sales started

On December 13, 2013, VMware announced the launch of VMware vCloud Automation Center 6.0.

Notes