Integrate VMware Integrated OpenStack with vRealize Automation

You can integrate VMware Integrated OpenStack with vRealize Automation through vRealize Orchestrator to enforce control and governance, manage OpenStack deployments as resource pools, and manage VMware Integrated OpenStack from the vRealize Automation portal.

You integrate the two solutions by enabling Keystone federation, configuring the vRealize Automation tenant FQDN through the OpenStack Management Server, and installing the vRealize Orchestrator OpenStack plug-in.

Prerequisites

Deploy and configure vRealize Automation. See the Installing or Upgrading vRealize Automation document for your version.
Deploy and configure vRealize Orchestrator. See the Installing and Configuring VMware vRealize Orchestrator document for your version.

Procedure

Add vRealize Automation as a Keystone identity provider.

sudo viocli federation identity-provider add --type vidm

You are prompted to enter the following information.

Option	Description
Identity provider name [None]:	Name of the identity provider
Identity provider display name (for Horizon) [VMware Identity Manager]:	Name of the identity provider to be displayed on the VMware Integrated OpenStack dashboard
Description [None]:	Custom description for this identity provider
vIDM endpoint address [None]:	IP address of your VMware Identity Manager endpoint in the format `https://vidm-endpoint-ip.eng.vmware.com`
vIDM admin user [admin]:	Username of the VMware Identity Manager administrator
vIDM admin password:	Password for the VMware Identity Manager administrator
Do not verify certificates when establishing TLS/SSL connections [False]:	Enter `true` to disable certificate verification or `false` to enable certificate verification.
vIDM tenant name []:	Enter `vsphere.local`
Enter the name of the domain that federated users associate with [Default]:	Domain to which all federated users belong. If the specified domain does not exist, it will be created.
Enter the name to the groups that federated users associate with (separated by commas ",") []:	Groups to which all federated users belong. If the specified groups do not exist, they will be created. Note: Include all groups defined in your custom mappings.
Do you want to change advanced settings? (Y/N)	Enter `N`

Update the deployment configuration.
```
sudo viocli identity configure
```
This command causes your VMware Integrated OpenStack deployment to go down temporarily.
Configure the VMware Integrated OpenStack tab for your vRealize Automation tenant.
```
sudo viocli vros enable -vt vra-tenant-name -vh vra-ip -va vra-admin -vrs mgmt-server-ip
```
Note: Enter the vra-tenant-name value in all uppercase letters.
Deploy the vRealize Orchestrator OpenStack Plug-In.
See Deploy the vRealize Orchestrator OpenStack Plug-In in the Using the vRealize Orchestrator OpenStack Plug-In 2.0 document.

Results

You can now manage VMware Integrated OpenStack through the vRealize Automation portal and design and consume blueprints.

For more information, see Using the vRealize Orchestrator OpenStack Plug-In.