Nested blueprints allow you to have reuse and modularity control in machine provisioning, but they do require your understanding of specific rules and considerations. A nested blueprint is a blueprint that you add to another blueprint and use as a component in that other blueprint.
Blueprints can consume other blueprints as components. A blueprint that contains one or more nested blueprints is referred to as an outer blueprint. Stated another way, when you add a blueprint as a component to the design canvas while creating or editing another blueprint, the blueprint component is referred to as a nested blueprint and the container blueprint to which it is added is referred to as the outer blueprint.
The settings defined in the outer blueprint take precedence over settings in the nested blueprint. Saved changes to the nested blueprint are reflected in the outer blueprint, except for specified settings in the outer blueprint that take precedence over settings in the nested blueprint.
Provisioned deployments reflect the current state of the blueprint at the time of provisioning. At the time of provisioning, the resulting deployment reads current values from the blueprint, including from its nested blueprints. Once a deployment is created, it is detached from any changes that are subsequently made to the blueprint from which it was provisioned.
Using nested blueprints presents considerations that are not always obvious. It is important to understand the following nested blueprint rules and considerations to make the best use of your machine provisioning capabilities:
All networking and security components in outer blueprints can be associated with machines that are defined in nested blueprints.
When app isolation is applied in the outer blueprint, it overrides app isolation settings specified in nested blueprints.
Transport zone settings that are defined in the outer blueprint override transport zone settings that are specified in nested blueprints.
As a best practice to minimize blueprint complexity, limit blueprints to three levels deep, with the top-level blueprint serving as one of the three levels.
For a nested blueprint that contains an on-demand NAT network component, the IP ranges specified in that on-demand NAT network component are not editable in the outer blueprint.
The outer blueprint cannot contain an inner blueprint that contains on-demand network settings or on-demand load balancer settings. Using an inner blueprint that contains an NSX on-demand network component or NSX load balancer component is not supported.
For a nested blueprint that contains NSX network or security components, you cannot change the network profile or security policy information specified in the nested blueprint. You can, however, reuse those settings for other vSphere machine components that you add to the outer blueprint.
If a user is entitled to the top-most blueprint, that user is entitled to all aspects of the blueprint, including nested blueprints.
You can apply an approval policy to a blueprint. When approved, the blueprint catalog item and all its components, including nested blueprints, are provisioned. You can also apply different approval policies to different components. All the approval policies must be approved before the requested blueprint is provisioned.
To ensure that NSX network and security components in nested blueprints are uniquely named in a composite blueprint, vRealize Automation prefixes the nested blueprint ID to network and security component names that are not already unique. For example, if you add a blueprint with the ID name xbp_1 to an outer blueprint and both blueprints contain an on-demand security group component named OD_Security_Group_1, the component in the nested blueprint is renamed xbp_1_OD_Security_Group_1 in the blueprint design canvas. Network and security component names in the outer blueprint are not prefixed.
You can change the name of a nested blueprint but you cannot change the name of a machine component, or any other component, inside a nested blueprint while you are working in the outer blueprint.
When working in an outer blueprint, you can configure load balancer settings relative to network component settings and machine component settings that are configured in an inner or nested blueprint.
When working in an outer blueprint, you can override the Machine Resources settings that are configured for a machine component in a nested blueprint.
When working in an outer blueprint, you cannot add or delete custom properties for a machine component in a nested blueprint. However, you can edit those custom properties. You cannot add, edit or delete property groups for a machine component in a nested blueprint.
When working in an outer blueprint, you can drag and drop a software component onto a machine component within a nested blueprint.