Lab Overview - HOL-1921-01-CMP - vRealize Automation 7 - Getting Started
Note: It may take more than 90 minutes to complete this lab. You should expect to only finish 2-3 of the modules during your time. The modules are independent of each other so you can start at the beginning of any module and proceed from there. You can use the Table of Contents to access any module of your choosing.
The Table of Contents can be accessed in the upper right-hand corner of the Lab Manual.
This introductory lab demonstrates the features of vRealize Automation and is a great place to start to begin learning about the powerful capabilities and features of the solution.
Lab Module List:
This lab manual can be downloaded from the Hands-on Labs Document site found here:
This lab may be available in other languages. To set your language preference and have a localized manual deployed with your lab, you may utilize this document to help guide you through the process:
Rainpole Systems is an electronics manufacturer located in Palo Alto, California. Rainpole designs and manufactures electronic devices for use in everything from aircraft instrumentation to home automation. Given the diversity of their product set, Rainpole needs to develop cloud-based IT services to support the increasing demands of the business units and their developers.
Rainpole Systems is planning to use vRealize Automation to automate and streamline development of their custom developed eCommerce application. Rainpole is just beginning their journey into automating the deployment and management of development resources. By providing a self-service catalog to the developers, they will be able to offer Infrastructure as a Service (IaaS) to the organization while putting policies and governance in place that will allow them to manage the lifecycle of the resources.
You will take on the roles of a Rainpole Cloud Administrator, a Rainpole Developer, and a Development Manager in this exciting lab exercise to experience how VMware and vRealize Automation can help make these goals a reality.
During this module, you will input text into the Main Console. Besides directly typing it in, there are two very helpful methods of entering data which make it easier to enter complex data.
You can also click and drag text and Command Line Interface (CLI) commands directly from the Lab Manual into the active window in the Main Console.
You can also use the Online International Keyboard found in the Main Console.
In this example, you will use the Online Keyboard to enter the "@" sign used in email addresses. The "@" sign is Shift-2 on US keyboard layouts.
Notice the @ sign entered in the active console window.
When you first start your lab, you may notice a watermark on the desktop indicating that Windows is not activated.
One of the major benefits of virtualization is that virtual machines can be moved and run on any platform. The Hands-on Labs utilizes this benefit and we are able to run the labs out of multiple datacenters. However, these datacenters may not have identical processors, which triggers a Microsoft activation check through the Internet.
Rest assured, VMware and the Hands-on Labs are in full compliance with Microsoft licensing requirements. The lab that you are using is a self-contained pod and does not have full access to the Internet, which is required for Windows to verify the activation. Without full access to the Internet, this automated process fails and you see this watermark.
This cosmetic issue has no effect on your lab.
Please check to see that your lab is finished all the startup routines and is ready for you to start. If you see anything other than "Ready", please wait a few minutes. If after 5 minutes you lab has not changed to "Ready", please ask for assistance.
Module 1 - What Can vRealize Automation 7 Do for You? (30 minutes)
Module 1 is an Introduction to Self-Service in vRealize Automation. It is intended to provide you with an overview of some of the major features of vRealize Automation that enable users to deploy, configure and interact with virtual machines. In this module you will first assume the role of a user in the development group. In this role you will deploy a VM from the service catalog and manage its lifecycle through the use of a "lease". You will also interact with a VM through vRealize Automation, adding capacity and accessing the VM console. You will then follow a request as it moves through the process of being approved by various administrators within the organization.
For the first lesson, you will view the console as a development user. Your company, Rainpole, has recently invested in the VMware vRealize Suite as the basis for a new private cloud infrastructure. vRealize Suite contains a number of technologies that enable IT to deliver services on-demand, at the speed of business. One of those technologies, vRealize Automation, will provide you with a self-service portal through which you can request and interact with virtual machines. Your IT department says that this will allow you get the resources you need, when you need them - no waiting!
The self-service portal is the starting point to all of the services your organization offers you. You can see that by accessing the tabs at the top of the screen you can:
When you first log in, you will be on the Home tab. This is the basic user dashboard. It contains portlets that show a variety of information, such as:
Now you will request a new virtual machine.
To start out you are brought to the "Infrastructure" category of the Service Catalog. We will be focusing on Infrastructure as a Service (IAAS) provisioning. (We do not use other service types for this lab.)
The user devuser has been given access to several blueprints. Each blueprint represents a separate machine that the user can request and manage. The blueprint describes the entire lifcycle for the request. Let's give it a try.
1. Select Request on the CentOS blueprint.
The New Request form provides you with some options to fill out which will determine the number of the deployments you wish to request, as well as the configuration parameters for your new Virtual Machine(s).
1. Provide a Description for this deployment. You may use the description provided in the screenshot, or create your own.
2. Enter a Reason for the request. This field can be used to inform approvers why you have requested this blueprint. Approvers and Approval Policies will be covered in more detail in later modules.
3. To configure the VM that will be deployed in this blueprint, select the CentOS item.
Note: Please do not change the Deployments field. Requesting multiple deployments can cause performance issues with your lab, and the request will take an excessive amount of time to deploy.
This service will default to a single instance of the VM with 1CPU, 1024MB Memory, and 10GB of storage.
1. Verify that the VM configuration settings are correct, and modify the description for the machine if desired. NOTE: Although the number of CPUs can be adjusted, continue with the default of 1 CPU for this exercise. If you change the number of CPUs, the VM will not deploy. Later in this module, you will discover why.
2. Review the disk configuration for the VM by clicking on the Storage tab.
Review the storage configuration for the VM and ensure that drive 0 has a capacity of 10GB. Here you can add additional disks to the system, but the default will be sufficient for your needs in this case.
Now that you have verified the VM's configuration, you are ready to submit your request.
1. Click the Submit button.
*Note: You will notice that you also have the option to Save your request so that you can finish working on it later if you are unable to complete the request at that time.
You have just submitted your first request in vRealize Automation! You will now follow your submission through the rest of the deployment process.
This tab will show you the request state as it moves through the provisioning process. Note that the Status of this request is now In Progress. This deployment will take some time in the lab environment, so we will return to it later in the module.
This exercise demonstrated the ease at which vRealize Automation allows a user to request items through a service catalog. But what if you require more than the default resource allocation for a request? In the next exercise, we will show how approval policies allow for flexibility in the request process, but still provide IT with control.
Approval policies are very flexible, and may be configured with one or more conditional levels of approval. For example, a VM requested with a standard configuration may require no approval. A VM that deviates from that standard may require an IT manager's approval. A non-standard VM that also exceeds a specific cost threshold may require the IT manager's approval, but also that of the Finance department. The approval triggers can be based on specific attributes of the request or the requested item, such as number of CPUs, memory, etc. The creation and configuration of these policies will be explored in later modules.
While developing your application on the VM you deployed previously, you determine that you may need additional resources in order to get the best performance for the application. Create a new request in vRealize Automation for a larger VM:
While a request is pending approval, the workflow will pause until the approver(s) take action.
To see your pending request, click on the Requests tab and look for the item with a status of Pending Approval. This VM request must be approved by the Development Manager due to the additional CPUs.
The request you just submitted has sent an email to the Development Manager of Rainpole Systems, requesting approval of the increased CPU count on your new server. Here we will explore how an approval is handled via e-mail.
From Google Chrome, open Webmail by;
Log in to the Dev User e-mail to verify that your request has been submitted.
You may see several new e-mails.
Note: You may have to refresh the Mail UI.
Next, you will approve the request as the development manager.
After clicking on Approve in the e-mail you received, a new message will appear.
Now you will log in to vRealize Automation as the Rainpole CFO to finalize the approvals.
First, return to Google Chrome and select the vRealize Automation tab. Then log out of the vRealize Automation portal.
Log in to the vRealize Automation Portal.
The details of the approval provide you with a Justification field for providing information to the requestor as to why their request was approved or rejected. In this case we will go ahead and approve this request.
Now that you have approved the request, you must log back in to the portal as devuser to see the status of your request.
This exercise is complete. In the next exercise, we will explore how vRealize Automation allows users to interact with deployed VMs, using the first machine deployed. In the Requests tab, this first deployment request should show a Status of Successful - if the Status remains In Progress, click the Refresh icon at the bottom of the page (not shown) periodically until the status changes.
Now that you have deployed a Virtual Machine using the vRealize Automation Self-Service Catalog, you will explore the entitlements that have been assigned to devuser which allow you to interact with your VM.
Entitlement policies control ongoing management functions each user is allowed to perform against their machines. Ongoing management functions include (but are not limited to) the following operations:
Depending upon the entitlement policies, users can also modify policies of public cloud machines. Examples are elastic block storage, elastic load balancers, and security groups.
To see which actions you are currently entitled to:
The Actions menu lists all of the actions you are currently entitled to on this VM. As you can see there are quite a few options assigned to devuser ranging from power operations, to snapshots, and lifecycle options.
In this case you would like to access the console of the VM and validate that SSH services are running so that you can access the VM via SSH.
Note: You may see the Pop-up Blocked message in the upper right hand corner of the browser. If you see this message:
When you first launch the console, the screen may be blank as the VM has put the display to sleep. Click inside the window to activate the blue box, and press any key to display the login prompt. Log in to the console using the following credentials:
Once logged in, you will run a command and verify that the SSH service is online.
If the output of the command reads openssh-daemon is stopped run the following command
This should start the service and allow you to move forward.
Since you would like to connect to this VM via SSH, you will need to determine the IP address of the VM you deployed.
Please make note of the as your IP address may not be the same as this example.
You will use the PuTTY tool to establish an SSH connection to your VM.
Now that you have connected via SSH you are able to interact with the VM as you wish. Feel free to explore the VM and run any commands you may know.
Note: If public key authentication is not available, the password for the root account is VMware1!
VMware vRealize Automation provides your organization with the ability to very closely manage the lifecycle of the components that are deployed from the self-service catalog. VMs and other components are subject to lease times, expiry periods, and destruction dates. Managing the lifecycle of these objects allows organizations to manage their capacity more effectively and ensure that waste minimized in their environments. In this lesson you will review the major components of lifecycle management, and what they mean to your deployments.
After deploying the CentOS catalog item, you notice that the lease time you've been provided is insufficient for your project's requirements. You will need to request more time on the lease in order to complete your project. Here you will learn how to extend the lease using the Resource Actions.
A new window will appear asking for parameters around the Lease Extension. Complete the form as follows:
Tenant Administrators define Entitlements to determine what end users like devuser are able to do with their machines. Some users may only be able to connect to their machine, while other users, like developers, may be given more control and allowance to perform actions such as reboots, reconfigurations, or even snapshots.
Approvals can be required selectively to these actions based on group. As there is not currently an approval policy defined for this resource action and user, the lease change will take effect immediately. We'll explore configuring approval policies in another module.
You can verify the deployment's new lease expiration date in the Expires column.
When a deployment's lease expires, it can remain in an archived state for an amount of time determined by your organization. During that time, you can request to have the deployment unarchived and redeployed with no loss of data. Once the archival period has ended, the deployment will be destroyed. Organizations use this feature to ensure that capacity is utilized efficiently and to avoid having idle resources taking up space in the environment.
If an administrator determines that one of your deployments might be a candidate for reclamation before your lease expires, they can send you a Reclamation Request which will be found in the Inbox tab in the vRealize Automation portal. The request specifies a new lease length in days, the amount of time given for the machine owner's response, and which machines to target for reclamation.
If you plan to continue on to other modules in this lab, please follow the steps below to ensure that there are enough available resources for the remaining exercises. If you do not plan to do other modules in this lab, you may stop now.
To ensure that enough resources are available for the next modules in the lab, we must clean up the VMs which we have provisioned. To do so:
Repeat these steps for the second VM in the Deployments list.
You've just been introduced to some of the ways that VMware vRealize Automation can provide automated infrastructure delivery, governance, and lifecycle management. You learned how to consume infrastructure resources from the self-service portal, manage the lifecycle of your deployments, and saw how governance can be put in place to manage requests via approval policies. In the upcoming modules you will learn about the administrative functions behind the scenes of what you just covered, as well as how to build your own services and approval policies.
Congratulations on completing Module 1.
If you are looking for additional information on vRealize Automation, try one of these:
Proceed to any module below which interests you most.
To end your lab click on the END button.
Module 2 - Introduction to Administration (30 Minutes)
Now that you're familiar with the vRealize Automation user interface, you'll learn how to administer the self service experience by becoming a Cloud Administrator. You will then create an Infrastructure as a Service (IaaS) Administrator, and a Tenant Administrator where you will learn about the basic functionality of each role. As an IaaS Administrator you will learn how endpoints are configured to communicate with vSphere infrastructure and automate the tasks and requests that are submitted via the self-service portal. As a Tenant Administrator you will learn how to manage Business Groups, the Self-Service Portal, and how to apply your company's branding to the portal.
VMware vRealize Automation uses two distinct types of administrator accounts to divide up the administrative tasks required to manage the infrastructure endpoints, compute resource reservations, users, groups, and policies that need to be put in place. These two accounts are known as the IaaS Administrator and the Tenant Administrator. Here you will configure these administrator accounts and assign them to the vsphere.local tenant.
Opening the browser will take you to the vRealize Automation login page. In order to configure the administrator accounts, you will need to log in to the vsphere.local domain rather than the default corp.local.
You will need to log in to the vsphere.local domain to gain access to the Tenant configuration portal.
Log in with the following credentials:
The Default Tenant Administrator Portal allows you to create and manage tenants, configure default branding, set up email servers for notifications, view event logs, and configure the server itself. You will be managing the vsphere.local tenant and assigning new administrators.
Selecting the account will assign devmgr as a Tenant Administrator for this tenant. You will now need to assign an IaaS Administrator.
Selecting the account will assign itmgr as an IaaS Administrator for this tenant.
Log out of the Default Tenant Administrator portal.
Since you unchecked the Remember this setting checkbox before the previous login, the corp.local domain should be selected as the login domain for vRealize Automation. If corp.local is not selected, then select it from the drop-down and verify that the Remember this setting checkbox is checked.
In this section you will become familiar with the role that the Tenant Administrator plays in vRealize Automation. A Tenant Administrator is responsible for the governance, policies, and entitlements that you explored in the previous module. Here you will learn how these are configured and review some existing settings. The actual configuration of these policies and entitlements will be covered in a later module.
Log in as the devmgr user, which has now been assigned the Tenant Administrator role.
The Tenant Administrator Portal shows you some tabs which you might recognize from the previous module, but it also includes two new tabs.
You have a number of administrative functions available. Take a moment to review what each function provides:
Feel free to click through any of these options to see what has already been configured before moving on.
Your company, Rainpole Inc., would like you to customize the vRealize Automation portal so that it matches your company's branding.
Select Branding from the left pane
Note: If you get an error message after applying the branding, please read to the next step.
In some rare cases in the Hands-On Labs, applying this branding can cause an error message to appear. If you experience this, please follow these steps before continuing with the lab. If you did not get the error, you may skip this step!
Now that you've applied your branding to the portal, you may customize the login screen as well.
After uploading the new login screen branding, scroll to the bottom of the Login Screen Branding window (not shown) and click Save to use the Rainpole logo on the login screen.
The IaaS Administrator is responsible for maintaining the endpoints which provision the resources requested by the consumers of the self-service catalog. They are also responsible for authoring, and maintaining the services and blueprints that are offered up in the catalog. Here you will assume the role of the IaaS Administrator and review the privileges assigned to this user.
Log in as the itmgr user, which you assigned the IaaS Administrator role earlier in the module.
The IaaS Administrator portal contains fewer tabs than the Tenant Administrator, and it is primarily focused on managing the infrastructure.
As the IaaS Administrator, you are responsible for managing and maintaining the infrastructure and endpoints utilized by the catalog services your users request.
Review the options available in this section:
IaaS Administrators create the endpoints that allow vRealize Automation to communicate with your infrastructure. Depending on your machine provisioning needs, the procedure to create an endpoint differs. An endpoint can be configured to communicate with hypervisors such as vSphere, Hyper-V, KVM, or to public cloud services such as AWS, or to additional infrastructure services such as Infoblox for IPAM.
This flexibility allows your organization to deploy your workloads wherever you determine to be best for your company's needs, and to integrate with the ancillary services in your environment.
This vSphere (vCenter) endpoint is configured to talk directly to vCenter Server. This allows vRealize Automation to gather data on the vSphere infrastructure, create reservations that will be consumed by service catalog users, and deploy resources to your vSphere environment. This endpoint is also associated with an NSX endpoint, which we will observe momentarily.
The vSphere (vCenter) endpoint is configured to communicate with NSX. Integration with NSX will enable your services to leverage the networking and security features provided by NSX when deploying catalog items. For example, a VM can be automatically configured with networking information, security policies, and load balancers when it is deployed.
As an IaaS Administrator, you can organize virtualization compute resources and cloud endpoints into fabric groups by type and intent. One or more fabric administrators manage the resources in each fabric group.
Fabric administrators are responsible for creating reservations on the compute resources in their groups to allocate fabric to specific business groups. Fabric groups are created in a specific tenant, but their resources can be made available to users who belong to business groups in all tenants.
Note the details of this fabric group:
Now that your endpoints are configured, you may need to check on the status of the endpoints and other services within vRealize Automation.
The audit log provides details about the status of managed virtual machines, as well as activities performed on these machines during reconfiguration. The log includes information about machine lifecycle events, fabric group management, and more.
A Distributed Execution Manager (DEM) runs the business logic of custom models, interacting with the database, and with the external databases and systems as required.
Each DEM instance acts in either a Worker role or in an Orchestrator role. The Worker role is responsible for running workflows. The Orchestrator role is responsible for monitoring DEM Worker instances, preprocessing workflows to run, and scheduling workflows.
The DEM Orchestrator performs these specific tasks:
The Log Viewer shows general system status logs. These logs will include informational messages from the various services within vRealize Automation, along with errors and warnings that may help in troubleshooting issues with vRealize Automation.
This view displays workflow history and optionally, you may open a specific workflow to display its execution details.
Now that you're familiar with the functions available to the Infrastructure, you can log out of vRealize Automation.
At this point, you have completed the exercise. If you wish to continue with subsequent modules, please proceed to the next steps to remove the branding applied previously. If you do not plan to do other modules in this lab, you may stop now.
Now that you've gained a basic understanding of the IaaS and Infrastructure Administrator roles, and what their functions are, you should be able to create and manage a tenant, assign administrator roles, create business groups, connect endpoints to infrastructure, and customize the vRealize Automation interface.
Congratulations on completing Module 2.
If you are looking for additional information on administering vRealize Automation, try one of these:
Proceed to any module below which interests you most.
To end your lab click on the END button.
Module 3 - Basic Service Authoring (60 minutes)
In this module, you will assume the role of a Cloud Administrator and learn how to create new services, build and publish basic blueprints, and assign those blueprints to services which can be consumed by your organization. This module will take roughly 45 minutes to complete. If you need additional time to complete this lab, you may click the Extend button at the top of the Hands On Labs interface.
Services are used to organize catalog items into related offerings to make it easier for service catalog users to browse for the catalog items they need.
For example, catalog offerings can be organized into Infrastructure Services, Application Services, and Desktop Services.
A tenant administrator or catalog administrator can specify information about the service such as the service hours, support team, and change window. Although the catalog does not enforce service-level agreements on services, this information is available to business users browsing the service catalog.
Your IT Director has requested a new Service that will hold Rainpole Inc. internal applications. In this lesson you will create a new service and assign it to the appropriate business group.
1. Click on the Chrome Icon on the Windows Quick Launch Task Bar.
Log in using the following credentials:
1. Username: cloudadmin
2. Password: VMware1!
3. Click Sign in
Review the settings for the new service. These options do not need to be modified, but you can see that vRealize Automation allows you to set active hours for the service, and to specify an owner, support team, and a change window for catalog maintenance.
Now that the Rainpole Apps service has been created, you need to entitle it to the appropriate Business Groups.
Entitlements determine which users and groups can request specific catalog items, or perform specific actions on deployed items. Entitlements are specific to a business group.
You have completed this exercise. Now that you've created the Rainpole Apps service and entitled it to your developers, you will need to add content to the service for them to consume. In the upcoming sections you will create a basic blueprint, publish it to the Rainpole Apps service, and add the ability for developers requesting the blueprint to choose from a set list of deployment sizes.
Let's begin by creating a very basic Converged Blueprint.
In the menu on the left, you can see three options: Blueprints, Software Components, and XaaS. The Design tab is where you will create and manage all three types of objects. A Blueprint is a complete deployment - Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and so on. Software Components and XaaS objects are consumed by the blueprints, and XaaS objects can be exposed independently as a published catalog item.
Notice that there are already several blueprints present in the environment. Let's review the most basic one, which you will use in the next steps.
2. Click on the CentOS blueprint
Welcome to the Blueprint Design Canvas!
This particular blueprint is a very basic IaaS blueprint that deploys a single vSphere virtual machine running CentOS. This VM is attached to an existing internal network.
In the properties dialog for the CentOS VM, you can see the configuration that dictates how this machine will be deployed.
Now you will create a new blueprint. You'll start by creating a basic IaaS blueprint that you can use to provision raw vSphere VMs. With this blueprint as a starting point, you will later be able to expand on it by adding parameters, managed software components, NSX integrations for network and security services, and more as needed.
You are now back at the Blueprint Design Canvas, but it is blank. Before we add any virtual machines to this blueprint, we will add an existing network for the VMs to consume.
Now you will configure the vSphere Machine to be deployed.
Now you will add another vSphere Machine to this blueprint. This machine will act as the database server for the environment.
The blueprint has been created. However, it is in Draft status by default. Before the blueprint can be entitled for developers to use, it must be published and added to the vRealize Automation catalog.
First, you will add this blueprint to the service you created earlier. This will allow all users entitled to that Service to consume this blueprint.
Congratulations! You have created a simple blueprint to deploy two vSphere Machines, and entitled it for Rainpole's developers to use. Continue to the next exercise to discover how to leverage parameterized blueprints to provide more flexibility to your users, and to observe the blueprint deployment in action.
In the previous exercise, you created a blueprint for Rainpole's developers to consume. The ability to create web and database servers for new application development will save Rainpole significant time.
However, some of Rainpole's developers are requesting the ability to be able to choose to deploy database servers of varying sizes. One way to deliver on this request is to leverage parameterized blueprints in vRealize Automation.
Parameterized blueprints allow you to configure options for vSphere Machine resource sizing (commonly known as "t-shirt sizing") as well as deployment options, rather than requiring separate blueprints for each option. This reduces blueprint sprawl and provides more flexibility to your users.
In this exercise, you will create a set of component profiles that will be attached to the database machine in the blueprint you created previously. With these components in place, you will assume the role of a developer and deploy the created blueprint, noting the parameter options.
Before we can leverage parameters in a blueprint, we must define component profiles that can be used.
The available profile groups are Image, which will override values in the Build Information tab for vSphere Machines in blueprints, and Size, which will override vSphere Machine resource settings (CPU, memory, or storage.)
3. When ready, click Size to continue
NOTE: Disregard the 2 existing size values. These values are used by another lab in the 1921 series.
With the component parameters defined, you will now proceed to add these values to a vSphere Machine in the Rainpole Wordpress Environment blueprint. This will allow the Rainpole developers to be able to choose the memory allocation for the database servers at request time.
With the component profile added to the Rainpole DB vSphere Machine, you can now enable the previously defined values for this blueprint object.
Now we will choose the size values we created earlier to be part of this value set. The pre-existing values will not be used for this exercise.
Note that the two vSphere Machines defined in the blueprint, rainpole-wp-db and rainpole-wp-web, are listed in this request.
Now that the request has been successfully submitted, you will take a look at the items that were deployed.
To ensure that enough resources are available for the remaining modules in the lab, you must clean up the VMs that have been provisioned. To do so:
Now that you've created your first blueprint, you understand how to use the design canvas, configure default settings for blueprint items, publish a blueprint, and entitle it by assigning it to a service. In the next module you will learn how to apply policies and governance to blueprints and catalog items.
Congratulations on completing Module 3.
If you are looking for additional information on authoring services within vRealize Automation, try one of these:
Proceed to any module below which interests you most.
To end your lab click on the END button.
Module 4 - Policy-Based Lifecycle Management and Governance (30 minutes)
In this module you will assume the role of a Cloud Administrator and explore putting policies and governance in place to manage the lifecycle of the VMs managed by vRealize Automation. This module will take roughly 30 minutes to complete. If you need additional time to complete this lab, you may click the Extend button at the top of the Hands On Labs interface.
A blueprint can optionally define a lease duration for machines provisioned from that blueprint.
If a blueprint does not specify a lease period, machines are provisioned from that blueprint with no expiration date. If a blueprint specifies a single value for lease duration, machines are provisioned from that blueprint with an expiration date based on the blueprint lease duration. The expiration date is calculated from the time of the request, not from when the machine was provisioned.
If a blueprint specifies a range of possible lease durations, a user can select the desired lease duration within that range when submitting the machine request. Machine requests can be subject to approval based on the requested lease duration.
When a machine lease expires, the machine is powered off. When the archive period expires, the machine is destroyed. You can reactivate an archived machine by setting the expiration date to a date in the future in order to extend its lease, and then powering it back on.
You can send notification emails to alert machine owners and business group managers that a machine's lease is about to expire and again when the lease expires. Users can be entitled to request a lease extension at any time before it expires. A business group manager or support user can also change the expiration date for a machine after it is provisioned.
In this exercise, you will adjust the lease times on a vRealize Automation blueprint. Once complete, you will deploy a virtual machine using this blueprint, and view the timeframes for lease expiration and archival.
Following the deployment, you will expire the lease on the virtual machine and verify that it is in an expired state. With the machine's lease expired, you will then renew and extend the lease so that the virtual machine will remain available.
Leases and archive times are configured within the blueprints that are deployed by vRealize Automation. In order to change the default lease and archive period, you must edit the blueprint.
In order to ensure adequate resources across Rainpole's development environment, leases will be used to clean up unused resources. The developers at Rainpole have requested enough lease time to complete their testing, and they would also like to have more time to recover the virtual machine should its lease expire.
The archive period will allow the developers to redeploy a blueprint and restore the state it was in when the lease expired. Once the archive period expires, the deployment is destroyed.
Verify your changes by requesting the blueprint from the catalog.
You will now follow your request through the rest of the deployment process.
Verify that the message "The request has been submitted successfully" before moving on. If you receive an error, verify that the Lab Status is "Ready" and try submitting the request again.
This tab will show you the request state as it moves through the provisioning process. The deployment may take a few minutes to complete.
Once the request has been completed, we'll be able to view the new virtual machine under Items.
When a lease expires, all of the virtual machines in the deployment will be powered off and any other resources associated with the deployment will be expired as well.
This VM has expired, but the state it was in when the lease expired has been archived. The only action available is to Destroy the VM from this view, but the owner of this VM can modify the lease and restore the VM back to its previous state.
In order to make use of this VM again, the lease must be extended.
A new window will appear asking for parameters to change the lease expiration date. Complete the form as follows:
Note the new Expires date, and the Destroy On date set for 15 days after expiration. The owner of this deployment will now have access to their VM and no data will have been lost.
An approval policy is used to govern whether a service catalog user requires approval from someone in your organization in order to provision items in your environment.
A tenant administrator or approval administrator can create approval policies. The policies can be for pre-provisioning or post-provisioning. If a pre-approval is configured, then the request must be approved before the request is provisioned. If it is a post-approval, then the request must be approved before the provisioned item is released to the requesting user.
The policies are applied to items in an entitlement. You can apply them to services, catalog items, catalog item components, or actions that require an approver to approve or reject a provisioning request.
When a service catalog user requests an item that includes one or more approval policies, the approval request is sent to the approvers. If approved, the request moves forward. If rejected, the request is canceled and the service catalog user is notified regarding the rejection.
The IT management at Rainpole Inc. have stipulated that any requests asking for more than 1GB of memory must be approved by the IT Manager. You will use vRealize Automation to put this policy into place.
You will need to apply this policy to the virtual machines being deployed within a catalog item request:
The approval policy you've just created must now be applied to a catalog item:
Now that the approval policy has been applied to the catalog item, log out as cloudadmin so you can test the new policy.
You have completed this exercise, and have successfully leveraged an approval policy to demonstrate a request that will only complete upon manager approval.
In this module, you learned how to manage the lease expiration settings of vRealize Automation blueprints, and how to create and apply approval policies. These policies allow vRealize Automation consumers to request blueprint items on demand, while still allowing IT to manage availability of the underlying resources.
Congratulations on completing Module 4.
If you are looking for additional information on lifecycle management and governance of vRealize Automation resources, try one of these:
Proceed to any module below which interests you most. [Add any custom/optional information for your lab manual.]
To end your lab click on the END button.
Thank you for participating in the VMware Hands-on Labs. Be sure to visit http://hol.vmware.com/ to continue your lab experience online.
Lab SKU: HOL-1921-01-CMP