vRealize Automation supports virtualized networks based on the vCloud Networking and Security and NSX platforms.
Network and security virtualization allows virtual machines to communicate with each other over physical and virtual networks securely and efficiently.
To integrate network and security with vRealize Automation, an IaaS administrator must install the vCloud Networking and Security or NSX plug-ins in vRealize Orchestrator and create vRealize Orchestrator and vSphere endpoints.
For information about external preparation, see Checklist for Preparing NSX Network and Security Configuration.
You can create network profiles that specify network settings in reservations and in the blueprint canvas. External network profiles define existing physical networks. NAT and routed profiles are templates that will build NSX logical switches and appropriate routing settings for a new network path and for configuring network interfaces to connect to network path when you provision virtual machines and configure NSX Edge devices.
The network and security component settings that you add to the blueprint design canvas are derived from your NSX configuration and require that you have installed the NSX plug-in and run data collection for the NSX inventory for vSphere clusters. Network and security components are specific to NSX and are available for use with vSphere machine components only. For information about configuring NSX, see NSX Administration Guide.
For machine components that do not have a Network or Security tab, you can add network and security custom properties, such as VirtualMachine.Network0.Name, to their Properties tab in the blueprint canvas. However, NSX load balancer properties are only applicable to vSphere machines.
If a network profile is specified in the blueprint (by using the VirtualMAchine.NetworkN.ProfileName custom property) and by a reservation that is used by the blueprint, the network profile specified in the blueprint takes precedence. However, if the custom property is not used in the blueprint, and you select a network profile for a machine NIC, vRealize Automation uses a reservation network path for the machine NIC for which the network profile is specified.
Depending on the compute resource, you can select a transport zone that identifies a vSphere endpoint. A transport zone specifies the hosts and clusters that can be associated with logical switches created within the zone. A transport zone can span multiple vSphere clusters. The blueprint and the reservations used in the provisioning must have the same transport zone setting. Transport zones are defined in the NSX and vCloud Networking and Security environments. See NSX Administration Guide.