vRealize Automation + NSX = Awesome

Introduction

VMware vRealize Automation is VMware’s Cloud Management Platform for automating the delivery of infrastructure, applications and custom IT services. NSX is VMware’s network virtualisation platform for the Software Defined Data Center (SDDC)

In this blog, I will discuss why combining these two great products together results in a powerful service offering.

Over the last few years, in my role as a Senior Technical Account Manager, I have worked with a number of customers, helping them adopt and deploy VMware solutions throughout their organizations enabling them to recognize the value in their investment.

Recently I was selected for on an additional voluntary role as a Lab Captain, this means that I was part of the Hands on Lab team responsible for the creation of some of the new Hands on Lab material in the run up to VMworld. As my interests lie with VMware’s Cloud Management Platform I chose to develop content for the Lab module – App Centric Networking and Security within the vRealize Automation Advanced Lab, see HOL-1721-USE-2 – vRealize Automation 7: Advanced, Module 2, which will be released shortly after VMworld.

Integrating vRA and NSX is a simple OOTB process

Sometimes when it comes to integrating two products together things can get complicated. Fortunately, this is not the case with vRealize Automation and NSX, as our Cloud Management Platform teams have worked closely with our Network teams to ensure that integrating these two products is as simple as a few button clicks. Simply hit the checkbox and specify the NSX manager and credentials when creating a vSphere endpoint;

1

 

Using NSX components within a Blueprints

Now that the vRA and NSX platforms have been integrated, NSX components are easily consumed via the Blueprint Canvas. There is the option to create new components on demand during deployment of a blueprint or to consume existing pre-created NSX components. Out of the Box options are defined below;

  • Existing Network
  • Existing Security Group
  • Existing Security Tag
  • On-Demand Load Balancer
  • On-Demand NAT Network
  • On-Demand Routed Network
  • On-Demand Security Group

All of the above components are available to drag and drop onto the Blueprint Canvas and defined as required.

Ability to create complex multi-tiered applications easily

Through the integration of vRealize Automation and NSX you can easily create and automate the deployment of complex multi-tier applications such as the example WordPress application below;
2

 

In the above image we have a multi-tiered WordPress application with the Web Tier placed on a separate network to the Database tier. In front of the Web Servers there is a one armed load balancer providing a virtual IP address and each tier is secured with their own firewall rules.

Using vRealize Automation integrated with NSX we can create the above architecture within a blueprint. This can then be deployed repeatedly at the push of a button and deployed in minutes. Below is an example of how the above architecture is built within the blueprint canvas.

3

 

Using the Blueprint Canvas access to NSX components is found via the Network & Security Category, from here the components are dragged and placed onto the canvas and then the properties are defined. In this example we utilize the On-demand Load Balancer to load balance the Web Tier. The NSX Load Balancer is deployed and configured automatically when the Blueprint is provisioned.

The Web Tier and DB Tier are connected to Existing Networks which are pre-created NSX logical switches and are connected to a Distributed Logical Router (DLR) within NSX to allow traffic to be routed between the two networks.

Each Tier is connected to a corresponding Security Group, a Web Tier Security Group and a DB Tier Security Group. Each Security Group was created within NSX and the required Firewall rules assigned. The VM’s are placed into the security groups and the firewall rules are configured before they are powered on.

Conclusion

NSX is a powerful Software Defined Networking solution bringing many benefits to the Data Center, coupled with vRealize Automation it allows for the automated deployment of Applications with their underlying network and security requirements.

This powerful combination provides the necessary speed and agility for deploying todays Applications along with their networking and security requirements. Often Virtual Machines are deployed in minutes but complex applications requiring physical network changes can take days or weeks to implement. Using vRealize Automation coupled with NSX these tasks can now be automated reducing deployment times to minutes.

The Blueprint Canvas provided by vRealize Automation provides an intuitive and easy place to build complex blueprints utilizing NSX. It provides a useful visual aid for the development of blueprints where mistakes are easily spotted and rectified.

For hands on experience of vRealize Automation + NSX sign up for our free VMware Hands on Labs at labs.hol.vmware.com and take HOL-1721-USE-2 – vRealize Automation 7: Advanced, Module 2 – App-Centric Networking and Security (60 minutes). This Lab will be delivered shortly after VMworld