vRealize Automation provides a secure web portal where authorized administrators, developers and business users can request new IT services and manage specific cloud and IT resources, while ensuring compliance with business policies. Requests for IT service, including infrastructure, applications, desktops, and many others, are processed through a common service catalog to provide a consistent user experience.

Installation Overview

Installing vRealize Automation requires deploying the vRealize Automation appliance, and the vRealize Automation Infrastructure as a Service IaaS components which need to be installed on one more Windows servers. To install, you deploy the vRealize Automation appliance and then complete the remainder of the installation using one of the following options:

  • A consolidated, browser-based installation wizard.

  • Separate browser-based appliance configuration, and separate Windows installations for IaaS server components.

  • A command line based, silent installer that accepts configuration input from an answer properties file.

  • An installation REST API that accepts JSON formatted input.

Architecture

vRealize Automation provides self-service provisioning, IT services delivery and life-cycle management of cloud services across a wide range of multi-vendor, virtual, physical and cloud platforms though a flexible and robust distributed architecture. The two main functional elements of the architecture are the vRealize Automation server and the Infrastructure as a Service Components (IaaS).

Figure 1. vRealize Automation Architecture

vRealize Automation Server Appliance

The vRealize Automation server is deployed as a preconfigured Linux virtual appliance. The vRealize Automation server appliance is delivered as an open virtualization file (.OVF) that you deploy on existing virtualized infrastructure such as vSphere. It performs the following functions:

  • vRealize Automation product portal, where users log to access self-service provisioning and management of cloud services.

  • Single sign-on (SSO) for user authorization and authentication.

  • Management interface for vRealize Automation appliance settings.

Embedded vRealize Orchestrator

The vRealize Automation appliance contains a preconfigured instance of vRealize Orchestrator. vRealize Automation uses vRealize Orchestrator workflows and actions to extend its capabilities.

PostgreSQL Database

vRealize Server uses a preconfigured PostgreSQL database that is included in the vRealize Automation appliance. This database is also used by the instance of vRealize Orchestrator within the vRealize Automation appliance.

Infrastructure as a Service

vRealize Automation IaaS consists of one or more Microsoft Windows servers that work together to model and provision systems in private, public, or hybrid cloud infrastructures.

Model Manager

vRealize Automation uses models to facilitate integration with external systems and databases. The models implement business logic used by the Distributed Execution Manager (DEM).

The Model Manager provides services and utilities for persisting, versioning, securing, and distributing model elements. Model Manager is hosted on one of the IaaS web servers and communicates with DEMs, the SQL Server database, and the product interface web site.

IaaS Web Server

The IaaS web server provides infrastructure administration and service authoring to the vRealize Automation product interface. The web server component communicates with the Manager Service, which provides updates from the DEM, SQL Server database, and agents.

Manager Service

Windows service that coordinates communication between IaaS DEMs, the SQL Server database, agents, and SMTP. The Manager Service communicates with the web server through the Model Manager, and must be run under a domain account with administrator privileges on all IaaS Windows servers.

Distributed Execution Manager Orchestrator

Distributed Execution Managers execute the business logic of custom models, interacting with the PostgreSQL database and external databases and systems as required. The DEM Orchestrator is responsible for monitoring DEM Worker instances, pre-processing workflows for execution, and scheduling workflows.

Distributed Execution Manager Worker

The vRealize Automation IaaS DEM Worker executes provisioning and de-provisioning tasks initiated by the vRealize Automation portal. DEM Workers also communicate with specific infrastructure endpoints.

Proxy Agents

vRealize Automation IaaS uses agents to integrate with external systems and to manage information among vRealize Automation components. For example, vSphere proxy agent sends commands to and collects data from a vSphere ESX Server for the VMs provisioned by vRealize Automation.

VMware Identity Manager

VMware Identity Manager is the primary identity provider for vRealize Automation and manages user authentication, roles, permissions, and overall access into vRealize Automation by means of federated identity brokering. vRealize Automation supports the following authentication methods using VMware Identity Manager:

  • Username/Password is a single factor password authentication using basic Active Directory configuration for local users

  • Kerberos

  • Smart Card/Certificate

  • RSA SecurID

  • RADIUS

  • RSA Adaptive Authentication

  • SAML Authentication

Consolidated vRealize Automation Deployment

The scope of the design for the Consolidated SDDC uses the vRealize Automation appliance in a small scale, distributed deployment designed to maintain the ability to scale-up to the larger VMware Validated Design for Software-Defined Data Center. This is achieved by the use of a load balancer which is configured such that, the appliance cluster running a single node can be scaled for use with two or more appliances, the IaaS web server cluster running a single node can be scaled for use with two or more servers, and the IaaS Manager Server cluster running a single node for use with two servers.