You can configure a network profile to support blocks of IP addresses for an on-demand network when that network profile is used in a vRealize Automation cloud template that uses external IPAM integration.

Using an existing integration for a particular external IPAM provider, you can provision on-demand network to create of a new network in the external IPAM system.

Using this process, you configure a block of IP addresses instead of supplying a parent CIDR (as is done when using vRealize Automation's internal IPAM). The IP address block is used during on-demand network provisioning to segment the new network. The IP blocks are data-collected from the external IPAM provider, provided the integration supports on-demand networking. For example, when using an Infoblox IPAM integration, IP blocks represent Infoblox network containers.

When you use an on-demand network profile and an external IPAM integration in a cloud template, the following events occur when the cloud template is deployed:
  • A network is created in the external IPAM provider.
  • A network is also created in vRealize Automation, reflecting the new network configuration from the IPAM provider, including settings such as CIDR and gateway properties.
  • The IP address for the deployed virtual machine is fetched from the newly created network.

In this on-demand networking example, you configure a network profile to allow a cloud template deployment to provision a machine to an on-demand network in vSphere by using Infoblox as the external IPAM provider.

For related information, see How do I configure a network profile to support an existing network for an external IPAM integration in vRealize Automation. Both network configuration examples fit within the overall vendor-specific workflow for external IPAM integration at Tutorial: Configuring VMware Cloud on AWS for vRealize Automation.

Prerequisites

While the following prerequisites apply to the person who creates or edits the network profile, the network profile itself would be applicable when used by a cloud template deployment that contains an IPAM integration. To learn about vendor-specific IPAM integration points, see How to configure an external IPAM integration in vRealize Automation.

This sequence of steps is shown in the context of an IPAM provider integration workflow. See Tutorial: Configuring a provider-specific external IPAM integration for vRealize Automation.

Procedure

  1. To configure a network profile, click Infrastructure > Configure > Network Profiles.
  2. Click New Network Profile.
  3. Click the Summary tab and specify the following sample settings:
    • Specify a vSphere cloud account/region, for example vSphere-IPAM-OnDemandA/Datacenter.

      This example assumes use of a vSphere cloud account that is not associated with an NSX cloud account.

    • Name the network profile, for example Infoblox-OnDemandNP.
    • Add a capability tag for the network profile, for example infoblox_ondemandA.

      Make note of the capability tag value, as you must also use it as a cloud template constraint tag to make the network profile association to be used when provisioning the cloud template.

  4. Click the Network Policies tab and specify the following sample settings:
    • From the Isolation policy drop-down menu, select On-demand network.
      This option allows you to use external IPAM IP blocks. Depending on the cloud account, new options appear. For example, the following options appear when using a vSphere cloud account that is associated to an NSX cloud account:
      • Transport zone
      • Tier-0 logical router
      • Edge cluster

      For this example, the vSphere cloud account is not associated to NSX, so the Network domain menu option appears.

    • Leave the Network domain option blank.
  5. Click External as the address management Source.
  6. Click Add IP Block, which opens the Add IPAM IP Block page.
  7. From the Provider menu on the Add IPAM IP Block page, select an existing external IPAM integration. For example, select the Infloblox_Integration integration point from Add an external IPAM integration for Infoblox in vRealize Automation in the example workflow.
  8. From the Address spaces menu, select one of the available and listed IP blocks, for example 10.23.118.0/24 and add it.

    If the IPAM provider supports address spaces, the Address spaces menu appears. For an Infoblox integration, address spaces are represented by Infoblox network views.

  9. Select a Subnet size, such as /29 (-6 IP addresses).
  10. Click Create.

Results

A network profile is created that can be used to provision an on-demand network using the specified external IPAM integration. The following sample cloud template shows a single machine to be deployed to a network that is defined by this new network profile. 

			formatVersion: 1
			inputs: {}
			resources:
			  Cloud_Machine_1:
			    type: Cloud.Machine
			    properties:
			      image: ubuntu
			      flavor: small
			      networks:
			        - network: '${resource.Cloud_Network_1.id}'
			          assignment: static
			  Cloud_Network_1:
			    type: Cloud.Network
			    properties:
			      networkType: private
			      constraints:
			        - tag: infoblox_ondemandA
Note: When the cloud template is deployed, the first available network in the specified IP block is fetched and considered to be the network CIDR. If you are using an NSX network in the cloud template, you can instead set the CIDR of the network manually by using the network property networkCidr, as shown below, to manually set a CIDR and override the settings for IP blocks and subnet size that are specified in the associated network profile. 
Cloud_Network_1:
			    type: Cloud.Network
			    properties:
			      networkCidr: 10.10.0.0/16