vRealize Automation Cloud supports integration with an external IPAM provider. This example uses Infoblox as the external IPAM provider.
You can use a provider-specific IPAM integration point to obtain and manage IP addresses and related network characteristics for cloud template deployments.
In this example, you create an external IPAM integration point to support access to your organization's account with an external IPAM provider. In this example workflow, the IPAM provider is Infoblox and the provider-specific integration package already exists. While these instructions are specific to an Infoblox integration, they can be used as reference if creating an IPAM integration for a different external IPAM provider.
You can obtain a provider-specific integration package from your IPAM provider's website or the VMware Marketplace.
Infoblox.zip, which is available for download from the VMware Marketplace as follows:
- Infoblox plug-in version 1.4 - Compatible with the current vRealize Automation Cloud iteration and providing all the functionality of previous versions. With this version, you can use the same host name with a different DNS suffix for two NICs. See plug-in release notes for details.
- Infoblox plug-in version 1.3 - Providing additional network data collection filters over earlier versions. See Control network data collection by using Infoblox filters in vRealize Automation Cloud.
- Infoblox plugin version 1.2
- Infoblox plugin version 1.1
- Infoblox plugin version 1.0
- Infoblox plugin version 0.4
- Verify that you have cloud administrator credentials. See Credentials required for working with cloud accounts in vRealize Automation Cloud.
- Verify that you have the cloud administrator user role. See What are the vRealize Automation Cloud user roles.
- Verify that you have an account with external IPAM provider and that you have the correct access credentials to your organization's account with the IPAM provider.
- Verify that you have access to a deployed integration package for your IPAM provider. The deployed package is initially obtained as a .zip download from your IPAM provider website, or from the VMware solutions exchange marketplace, and then deployed to vRealize Automation Cloud.
For information about how to download and deploy the provider package .zip file and make it available as a Provider value on the IPAM Integration page, see Download and deploy an external IPAM provider package for use in vRealize Automation Cloud.
- Verify that you have access to a configured running environment for the IPAM provider. The running environment is typically a cloud account or integration point that contains an associated cloud extensibility endpoint that has been deployed to the target vCenter.
For information about running environment characteristics, see Create a running environment for an IPAM integration point in vRealize Automation Cloud.
- Enable required extensible attributes in your Infoblox application. See Add required extensible attributes in the Infoblox application for integration with vRealize Automation Cloud.
- Verify that you have the required user credentials to access and use your Infoblox IPAM product. For example, open the Administration tab in the Infoblox appliance and customize administrator, groups, and roles entries. You must be a member of a group that has administrator or superuser permissions or a custom group that has DHCP, DNS, IPAM, and Grid permissions. These settings allow access to all the functionality that is available in the Infoblox plug-in, enabling you to create an Infoblox IPAM integration and designers to use that IPAM integration in cloud templates and deployments. For more information about user permissions, see your Infoblox product documentation.
- Select Add Integration. and click
- Click IPAM.
- In the Provider drop-down, select a configured IPAM provider package from the list, for example Infoblox_hrg.
If the list is empty, click Import Provider Package, navigate to an existing provider package .zip file, and select it. If you do not have the provider .zip file, you can obtain it from your IPAM provider's web site or from the VMware Marketplace.
For information about how to deploy the provider package .zip file in vCenter and make it available as a Provider value on the Integration page, see Download and deploy an external IPAM provider package for use in vRealize Automation Cloud.
For information about how to upgrade an existing IPAM integration to use a more recent version of a vendor's IPAM integration package, see How to upgrade to a newer external IPAM integration package in vRealize Automation Cloud.
- Enter your administrator user name and password credentials for your account with the external IPAM provider, along with all other (if any) mandatory fields, such as the host name of your provider.
In this example, you obtain the host name of your Infoblox IPAM provider using the following steps:
- In a separate browser tab, log in to your IPAM provider account using your Infoblox administrator credentials.
- Copy your host name URL.
- Paste your host name URL in the Hostname field on the IPAM Integration page.
- In the Running Environment drop-down list, select an existing on-premises actions-based extensibility integration point, for example Infoblox_abx_intg.
The running environment supports communication between vRealize Automation Cloud and the external IPAM provider.Note: If you use an Amazon Web Services or Microsoft Azure cloud account as the integration running environment, be sure that the IPAM provider appliance is accessible from the Internet and is not behind a NAT or firewall and that it has a publicly resolvable DNS name. If the IPAM provider is not accessible, the Amazon Web Services Lambda or Microsoft Azure Functions cannot connect to it and the integration will fail. For related information, see Create a running environment for an IPAM integration point in vRealize Automation Cloud.The IPAM framework supports any of the following types of running environments:
Note: An Infoblox IPAM integration point requires an on-premises actions-based extensibility (ABX) point that is associated to a deployed cloud extensibility proxy in vCenter.
- an on-premises, actions-based extensibility (ABX) integration point
- an Amazon Web Services (FaaS) cloud account
- a Microsoft Azure (FaaS) cloud account
Infoblox appliances are typically located in on-premises data centers that are not publicly accessible from the Internet. This make an on-premises actions-based extensibility integration point the logical choice for an Infoblox running environment. Using an on-premises actions-based extensibility integration point allows you to deploy the cloud extensibility proxy in your own data center and open a tunnel link between Cloud Assembly and Infoblox through the cloud extensibility proxy.
For information about how to create the example on-premises actions-based extensibility integration point used in this workflow, see Configure an on-premises action-based extensibility integration in Cloud Assembly.
The configured cloud account or integration point allows communication between vRealize Automation Cloud and the IPAM provider, in this example Infoblox, through an associated cloud extensibility proxy. You can select a provider that has already been created or you can create one.
For information about how to create a running environment, see Create a running environment for an IPAM integration point in vRealize Automation Cloud.
- Click Validate.
Because this example uses the on-premises actions-based extensibility integration for the running environment, you can view the validation action.
- Click the Extensibility tab.
- Click All Runs or Integration runs from the filter to note that an endpoint validation action is initiated and running. and select either
- When prompted to trust the self-signed certificate from the IPAM provider, click Accept.
After you accept the self-signed certificate, the validation action can continue to completion.
- Enter a Name for this IPAM integration point, such as Infloblox_Integration, and a Description, such as Infoblox IPAM with ABX integration for team HRG.
- Click Add to save the new external IPAM integration point.
A data collection action is imitated. Networks and IP ranges are data-collected from the IPAM provider. You can view the data collection action as follows:
- Click the Extensibility tab.
- Click and note that a data collection action is initiated and running. You can open and view the action run content.
The provider-specific external IPAM integration is now available for use with networks and network profiles.