A network profile contains IP information such as gateway, subnet, and address range. vRealize Automation uses vSphere DHCP or a specified IPAM provider to assign IP addresses to the machines it provisions based on network profile settings.

You can create a network profile to define a type of available network. You can create external network profiles and templates for on-demand network address translation (NAT) and routed or private network profiles. The profiles can build NSX logical switches and appropriate routing settings for a network path.

Network profiles are used to configure network settings when machines are provisioned. Network profiles also specify the configuration of NSX Edge devices that are created when you provision machines.

Available Network Types

The following network types are available as you define a network profile:

  • Existing network

  • On-demand routed network

  • On-demand NAT network

  • On-demand private network (NSX for vSphere only)

Table 1. Available Network Types for a vRealize Automation Network Profile

Network Type

Description

External

Existing network configured on the vSphere server. They are the external part of the NAT and routed networks types. An external network profile can define a range of static IP addresses available on the external network.

You can use IP ranges obtained from the supplied VMware IPAM endpoint or from a third-party IPAM service provider endpoint that you have registered and configured in vRealize Orchestrator, such as Infoblox IPAM. An IP range is created from an IP block during allocation.

An external network profile with a static IP range is a prerequisite for NAT and routed networks.

See Creating an External Network Profile For an Existing Network.

NAT

On-demand network created during provisioning. NAT networks that use one set of IP addresses for external communication and another set for internal communications.

With one-to-one NAT networks, every virtual machine is assigned an external IP address from the external network profile and an internal IP address from the NAT network profile. With one-to-many NAT networks, all machines share a single IP address from the external network profile for external communication.

You can use IP ranges obtained from the supplied VMware IPAM endpoint or from a third-party IPAM service provider endpoint that you have registered and configured in vRealize Orchestrator, such as Infoblox IPAM. An IP range is created from an IP block during allocation.

A NAT network profile defines local and external networks that use a translation table for mutual communication.

See Creating a NAT Network Profile For an On-Demand Network.

Routed

On-demand network created during provisioning. Routed networks contain a routable IP space divided across subnets that are linked together using Distributed Logical Router (DLR).

Every new routed network has the next available subnet assigned to it and is associated with other routed networks that use the same network profile. The virtual machines that are provisioned with routed networks that have the same routed network profile can communicate with each other and the external network.

You can use IP ranges obtained from the supplied VMware IPAM endpoint or from a third-party IPAM service provider endpoint that you have registered and configured in vRealize Orchestrator, such as Infoblox IPAM. An IP range is created from an IP block during allocation.

A routed network profile defines a routable space and available subnets.

See Creating a Routed Network Profile For an On-Demand Network.

Private

(NSX for vSphere only)

On-demand network created during provisioning. This option is only available for NSX for vSphere. This option is not available for NSX-T.

Private networks include the following considerations:

  • Private networks have no inbound or outbound connectivity. An edge is not provisioned for private networks.

  • You can create a private network profile with or without static IP addresses or ranges. DHCP and third-party IPAM are not supported for private networks.

See Create a Private Network Profile for an On-Demand Network in vRealize Automation.

For NSX information about networking, see VMware NSX Data Center for vSphere Documentation and VMware NSX-T Data Center Documentation.

For related information about configuring networking and security for NSX-T in vRealize Automation, see VMware blog Application Networking and Security with vRealize Automation and NSX-T.

Using Supplied or Third-party IPAM

Network profiles also support third-party IP Address Management (IPAM) providers, such as Infoblox. When you configure a network profile for IPAM, your provisioned machines can obtain their IP address data, and related information such as DNS and gateway, from the configured IPAM solution. You can use an external IPAM package for a third-party provider, such as Infoblox, to define an IPAM endpoint for use with a network profile.

Note:

If you are using a third-party IPAM provider and want to specify on which network to deploy your machine, use a separate network profile for each VLAN to avoid the known issue described in Knowledge Base Article 2148656.

If you do not use a third-party IPAM provider, but instead use the vRealize Automation-supplied IPAM endpoint, you can specify the ranges of IP addresses that network profiles can use. Each IP address in the specified ranges that are allocated to a machine is reclaimed for reassignment when the machine is destroyed. You can create a network profile to define a range of static IP addresses that can be assigned to machines. When provisioning virtual machines by cloning or by using kickstart/autoYaST provisioning, the requesting machine owner can assign static IP addresses from a predetermined range.

Specifying a Network Profile in a Reservation or Blueprint

You specify a network profile when you create reservations and blueprints. In a reservation, you can assign a network profile to a network path and specify any one of those paths for a machine component in a blueprint. You can assign a network profile to a specific network path on a reservation. For some machine component types, such as vSphere, you can assign a network profile when you create or edit blueprints.

You can use an existing network profile and an on-demand network profile as you define network adapters and load balancers for a vSphere machine.

If you specify a network profile in a reservation and a blueprint, the blueprint values take precedence.

Making Changes After Blueprint Deployment

While you cannot change the network profile of a deployed virtual machine, you can change the network to which the VM is connected. If the network is associated to a different network profile, vRealize Automation assigns an IP address from that network profile to the VM. The VM continues to use the old IP address until you update the IP address on the guest operating system. If you use the Reconfigure action on the deployed VM, you must update the IP address on the guest operating system.