Learning VMware vRealize Automation

vRealize Automation (a.k.a vRA) is a complete Cloud Management Platform (CMP) that can be used to build and manage a multi-vendor cloud infrastructure. Using an automation solution, end users can self-provision virtual machines in private and public cloud environments, physical machines (install OEM images), applications, and IT services according to policies defined by administrators.

Using a sales pitch definition—it is a self-serviced, policy-driven orchestration and cloud automation engine with integration capabilities built into the core of the product.

Before you move forward, I would like you to take a closer look at the preceding image that depicts how various products in VMware dovetail to complement the automation solution. The automation construct is built upon a layer of management that can automate tasks and activities in compute, storage, and network components that is referred to as Software-Defined Data Center (SDDC).

From my experience, here are the most common use cases of vRealize Automation solution:

Many other use cases can be listed here, but I will limit the list since our primary requirement is to make you understand the core capabilities of the product.

Do spend some time to recognize the goodness this product has:

Just for the ease of understanding, we have broken down the components of vRealize Automation into the following:

The identity management appliance or vSphere 5.5 SSO or vSphere 6.0 PSC provides Single Sign-On (SSO) capabilities that allow connectivity to Active Directory (AD) or Open LDAP-compatible directory services.

vSphere 6.0 PSC

Since the release of vSphere 6, the SSO configuration has been built into Platform Service Controller (PSC) that is available in both Linux and Windows-based flavor. If your design demands an SSO configuration to be highly available behind a load balancer, you have the flexibility to choose between both Linux and Windows:

A vRealize Automation or CAFÉ appliance is a preconfigured virtual appliance that deploys vRealize Automation services and related components. The virtual appliance is built on top of the SUSE Linux Enterprise Server 11 (SLES) operating system. The CAFÉ appliance is focused on the business logic behind vRA that allows the IaaS component to focus on provisioning.

The server includes the vRealize Automation services, which provide the following:

It includes an embedded vPostgres database, vRealize Orchestrator (server/configurator), Rabbit MQ messaging server, and vFabric Tomcat server:

RabbitMQ

This is a message broker that uses the Advanced Message Queuing Protocol (AMQP). Since RabbitMQ service will start before the vcac-server service, it is important that RabbitMQ service starts successfully; otherwise, some of the vRA services will fail. While the services in the CAFÉ appliance use REST API to communicate with each other, RabbitMQ is used to handle the following:

• Work queues

• Buffer and batch operations

• Request offloading

• Workload distribution

To check whether the RabbitMQ server is connected, execute the command as shown in the screenshot in the vRealize Automation server — rabbitmqctl list_queues.

If the RabbitMQ server is connected, the output will match the following screenshot:

In case the RabbitMQ server is down, the result will be an error as shown:

Listing queues...
Error: unable to connect to node rabbit@localhost: nodedown

Copy

tcServer (Tomcat)

VMware vFabric tcServer is a web application server based on open source Apache Tomcat. With its lean architecture and small memory footprint, tcServer requires significantly fewer resources than conventional Tomcat servers and allows you to have a greater server density in virtual and cloud environments. vRealize Automation deploys all the web applications inside the vFabric tcServer:

• Shell-UI: This is the web interface that users hit when they connect to the CAFÉ UI.

• Component registry: This is similar to the SSO lookup service in vCenter. It acts as a central repository that manages all the common services and endpoints. Since all services are registered to component registry, a lookup is performed against it to find the URI and its certificates.

  • A central repository for all the services and stores endpoint-related information

  • A central repository for clients to get the required service and endpoint information

  • A central repository that provides the health status of every service—checks whether a service is alive or dead

vRA IaaS is made up of several components, and it is important to understand how they all relate to each other. The following conceptual diagram will help to illustrate what is being installed on the Windows Server:

All of the preceding components will be installed in Windows OS:

The Model Manager role actually refers to two types of data—Model Manager Data and Model Manager Web a.k.a. repository.

This database is used by the IaaS component to store the following:

The vCloud Automation Center service (commonly called the Manager Service) is a Windows .NET service that coordinates communication between DEMs, agents including guest agents (over SOAP), the IaaS database, AD (or LDAP), and SMTP. The Manager Service communicates with the repository to queue external workflows in the SQL database that will be later picked up by either a DEM worker or a proxy agent or a guest agent.

Some of the key functionalities of Manager Services are listed here:

A Virtual Machine Observer (VMO) task is another important task performed by Manager Service. This task is scheduled to be executed every 60 minutes to check whether any machine has expired or reached the archive state and initiates the required operations. Earlier, in the vRA 6.2 version, a VMO task was executed every 10 seconds. Since it's a resource-intensive action, it has been added as a configuration parameter in the manager service config file (ProcessLeaseWorkflowTimerCallbackIntervalMiliSeconds).

For additional details, please refer to http://pubs.vmware.com/vra-62/index.jsp?topic=%2Fcom.vmware.vra.system.administration.doc%2FGUID-5FBB7C73-2AAD-4106-9C0D-DE7B416A4716.html.

The Distributed Execution Manager (DEM) is of two types. It can either act as a DEM Worker or a DEM Orchestrator.

The agents are designed to interact with external systems. There are different types of agents, each having specific functions:

The management agent helps to collect support and telemetry log information through a cluster collection process. The management agent is automatically installed as a part of deployment in every IaaS node. The management agent pings the CAFÉ appliance via port 5480 every three minutes to check whether any work item (telemetry information or a log bundle collection) is pending. If a work item is pending, it will execute the work item and send back the response. So even if the vCAC server service in the CAFÉ appliance has been stopped, the management agent will be able to function.

The roadmap for the management agent in the upcoming releases of vRA will be the following:

As you have understood that the vRealize Automation solution has multiple components, the startup order for every component plays an important role when recovering from a power outage or an orchestrated shutdown. Here is the recommended startup method.

Start with the load balancer; ensure that it is fully functional before moving on to the next step. If NSX LB is used, connect to the NSX Edge appliance via SSH and execute the command (show service loadbalancer monitor) and check whether the configuration is intact and enabled:

Once all these steps are completed, perform the following steps:

To preserve data integrity, follow the following shutdown order for the vRealize Automation components:

This chapter is intended to refresh your understanding of the vRA architecture, and it depicts the high level details of every component involved. It's important for us to understand the functionality of each component and its workflow before we set out to build the distributed vRealize Automation installation. In the next chapter, we will focus on planning the requirements and steps involved in building the distributed vRealize Automation infrastructure.