vRealize Automation supports virtualized networks based on the NSX platform. Integrated Containers for vRealize Automation networks are also supported.
To integrate NSX network and security with vRealize Automation, an IaaS administrator must configure vSphere and NSX endpoints. vRealize Automation supports NSX for vSphere and NSX-T.
For information about external preparation, see Checklist for Preparing NSX Network and Security Configuration.
You can create network profiles that specify network settings in reservations and in the blueprint. External network profiles define existing physical networks. On-demand NAT and routed network profiles can build NSX logical switches and appropriate routing settings for a new network path.
The network and security component settings that you add to the blueprint are derived from your NSX for vSphere and NSX-T configuration. For information about configuring NSX, see the Administration Guide in NSX for vSphere product documentation or NSX-T product documentation, depending on which application you are using.
For vSphere machine components with associated NSX, use network, security, and load balancing setting in the user interface. For machine components that do not have a Network or Security tab, you can add network and security custom properties, such as VirtualMachine.Network0.Name, to their Properties tab in the design canvas. NSX network, security, and load balancer properties are only applicable to vSphere machines.
If you specify a network profile in a reservation and a blueprint, the blueprint values take precedence.
Depending on the compute resource, you can select a transport zone that identifies a vSphere endpoint. A transport zone specifies the hosts and clusters that can be associated with logical switches created within the zone. A transport zone can span multiple vSphere clusters. The blueprint and the reservations used in the provisioning must have the same transport zone setting. Transport zones are defined in the NSX environments.
You can configure security settings by specifying information in a reservation, blueprint, or guest agent script. If machines require a guest agent, add a security rule to the reservation or the blueprint.
You can also add a Containers network component to a blueprint.
For related information about configuring networking and security for NSX-T in vRealize Automation, see VMware blog Application Networking and Security with vRealize Automation and NSX-T.