Deployment Specification for Cloud-Based Automation for VMware Cloud Foundation

The deployment specification details the design decisions covering physical design. vRealize Automation Cloud is a SaaS offering managed by VMware, the only components deployed within the VMware Cloud Foundation instance are Cloud Proxy and Cloud Extensibility Proxy appliances.

Cloud Proxy Appliance

The Cloud Proxy connects VMware Cloud Services Platform (CSP) services, such as VMware Cloud Assembly, to on-premises data centers. They are virtual appliances delivered as an OVA that you deploy within your on-premises vCenter Server.

The Cloud Proxy includes specific agents for the various VMware Cloud services and supports data communication between the cloud provider and the managed vCenter Server environment. The Cloud Proxy provides life cycle management of itself, as well as data delivery and communications functionality. Within the Cloud Proxy, service agents gather data and use a data pipeline service that provides high throughput and low latency data delivery. It also controls channel communication between the Cloud Proxy instances that deployed to a vCenter Server on-premises and the VMware Cloud services. For more information, see VMware Cloud Services Cloud Proxy.

Table 1. Design Decisions for Deployment of the Cloud Proxy Appliance
Decision ID	Design Decision	Design Justification	Design Implication
CBA-CDP-CFG-001	Deploy the Cloud Proxy appliance in the default management vSphere cluster.	Required to establish secure communication between the VMware Cloud Foundation instance and Cloud Assembly.	The Cloud Proxy must be able to connect to the internet through a firewall.
CBA-CDP-CFG-002	Protect the Cloud Proxy appliance by using vSphere High Availability.	Supports the availability objective without requiring manual intervention during an ESXi host failure.	None.
CBA-CDP-CFG-003	Place the Cloud Proxy appliance in a designated virtual machine folder.	Provides organization of the appliances in the management domain vSphere inventory.	You must create the virtual machine folder during deployment.

Cloud Extensibility Proxy

Before you can create an on-premises extensibility action integration or vRealize Orchestrator integration for vRealize Automation Cloud, you must deploy a Cloud Extensibility Proxy to your on-premises vCenter Server.

The Cloud Extensibility Proxy is a virtual appliance delivered as an OVA used in the configuration of the on-premises extensibility action integrations and vRealize Orchestrator integrations in Cloud Assembly.

To perform extensibility actions, Cloud Assembly utilizes the Cloud Extensibility Proxy with an embedded vRealize Orchestrator server to trigger actions on-premise.

Table 2. Design Decisions for Deployment of the Cloud Extensibility Proxy Appliance
Decision ID	Design Decision	Design Justification	Design Implication
CBA-CEP-CFG-001	Deploy the Cloud Extensibility Proxy appliance in the default management vSphere cluster.	Required to establish secure communication between the on-premise vRealize Orchestrator and Cloud Assembly.	The Cloud Extensibility Proxy must be able to communicate out to the internet through a corporate firewall.
CBA-CEP-CFG-002	Protect the Cloud Extensibility Proxy appliance by using vSphere High Availability.	Supports the availability objective without requiring manual intervention during an ESXi host failure.	None.
CBA-CEP-CFG-003	Place the Cloud Extensibility Proxy appliance in a designated virtual machine folder.	Provides organization of the appliances in the management domain vSphere inventory.	You must create the virtual machine folder during deployment.

Deployment for Multiple Availability Zones

In an environment with multiple availability zones, the appliances run in the first availability zone. If a failure occurs in the first availability zone, the appliances are failed over to the second availability zone.

Table 3. Design Decisions for Deployment of the Cloud Proxy Appliance in Multiple Availability Zones
Decision ID	Design Decision	Design Justification	Design Implication
CBA-CDP-CFG-004	When using two availability zones, add the Cloud Proxy appliance to the VM group of the first availability zone.	Ensures that the Cloud Proxy appliance runs in the primary availability zone hosts group.	After the implementation of the second availability zone for the management domain, you must update the VM group for the primary availability zone virtual machines to include the Cloud Proxy appliance.

Table 4. Design Decisions for Deployment of the Cloud Extensibility Proxy Appliance in Multiple Availability Zones
Decision ID	Design Decision	Design Justification	Design Implication
CBA-CEP-CFG-004	When using two availability zones, add the Cloud Extensibility Proxy appliance to the VM group of the first availability zone.	Ensures that the Cloud Extensibility Proxy appliance runs in the primary availability zone hosts group.	After the implementation of the second availability zone for the management domain, you must update the VM group for the primary availability zone virtual machines to include the Cloud Extensibility Proxy appliance.