The logical design includes the integration of vRealize Automation Cloud with the supporting infrastructure and private cloud services. The networking, identity and access management, product configurations, and secure access must be designed for seamless integration between vRealize Automation Cloud and other components.

Figure 1. Logical Design for Cloud-Based Automation for VMware Cloud Foundation
A VMware Cloud Foundation instance with the Standalone Workspace ONE Access instance is connected to the vRealize Automation Cloud service through a Cloud Proxy and to the vRealize Orchestrator through a Cloud Extensibility Proxy. The Cloud Proxy supports data communication between the cloud provider and the managed environment. You access vRealize Automation Cloud by using a user interface and API.
Table 1. Logical Components for Cloud-Based Automation

Single VMware Cloud Foundation Instance with a Single Availability Zone

Single VMware Cloud Foundation Instance with Multiple Availability Zones

Multiple VMware Cloud Foundation Instances

  • A Cloud Proxy appliance is deployed on the management VLAN in the management domain.

  • A Cloud Extensibility Proxy appliance is deployed on the management VLAN in the management domain.

  • A Cloud Proxy appliance is deployed on the management VLAN in the management domain.

  • A Cloud Extensibility Proxy appliance is deployed on the management VLAN in the management domain.

  • A vSphere Distributed Resource Scheduler VM/Host rule ensures that the Cloud Proxy appliances are running on an ESXi host group in the first availability zone of the management domain.

  • A Cloud Proxy appliance is deployed on the management VLAN in the management domain in each instance.

  • A Cloud Extensibility Proxy appliance is deployed on the management VLAN in the management domain in each instance.

User Access

vRealize Automation Cloud provides UI and REST API for consuming vRealize Automation Cloud services.

Cloud Accounts

vRealize Automation Cloud simplifies the multi-cloud experience by deploying and managing resources in multi-cloud environments. Each supported infrastructure is connected to the vRealize Automation Cloud service by using cloud accounts.

You add VI workload domains from a VMware Cloud Foundation instance as vCenter Server and NSX-T cloud accounts into Cloud Assembly. By using these cloud accounts, you can connect VI workload domains into vRealize Automation Cloud to facilitate comprehensive cloud automation services.

Integration with NSX-T Data Center

The integration of Cloud Assembly with NSX-T Data Center supports designing and authoring cloud templates by using the networking and security features of NSX-T Data Center. You can use NSX-T Data Center network constructs, such as segments, routing, load balancing, and security groups.

You can configure automated network provisioning as a part of the cloud template design instead of as a separate operation outside vRealize Automation Cloud.

Usage Model

vRealize Automation Cloud provides a usage model that includes interaction between the cloud automation services, the supporting infrastructure, and the provisioning infrastructure. The usage model of vRealize Automation Cloud contains the following elements and components in them:

Figure 2. vRealize Automation Cloud Usage Model
Cloud Assembly is in the middle being connected to tagging, images, cloud templates, and accessibility, Service Broker, and Cloud zones. Users access Cloud Assembly by using the Service Broker.
Users

Cloud, tenant, group, infrastructure, service, and other administrators as defined by business policies and organizational structure. Cloud or tenant users in an organization can provision virtual machines and directly perform operations on them at the level of the operating system.

Cloud Templates

Cloud Assembly provides the creation of cloud templates in a design canvas, YAML, or HashiCorp Configuration Language (Terraform).

Images and Flavors

Image and flavor mappings simplify the cloud template creation while adding greater flexibility and customization.

An image mapping groups a set of predefined target machine images for a specific cloud account region in Cloud Assembly by using natural language naming.

A flavor mapping groups a set of target deployment sizes for a specific cloud account region in Cloud Assembly by using natural language naming.

Provisioning infrastructure

Private and public cloud resources which together form a hybrid cloud.

Private cloud resources are supported hypervisors and associated management tools.

Public cloud resources are supported cloud providers and associated APIs.

Cloud Assembly

Self-service capabilities for users to administer, provision, and manage workloads.

Service Broker

Aggregates native content from multiple clouds and platforms into a single catalog with role-based policies.

vRealize Orchestrator

Provides a standard set of plug-ins, including a plug-in for vCenter Server, with which you can orchestrate tasks in the different environments that the plug-ins expose.