In this post will cover the creation of custom groups, end points, fabric groups and reservations and why do we need these to be configured.
If you have visited directly on this page, then I would highly recommend you read earlier posts of this series from below links:
- Installing and Configuring vRA 7.6
- Tenant and users Initial Configuration
- vRealize Automation 7.6 Part 3: Configuring Endpoints
Tenant administrators can create custom groups by combining other custom groups, identity store groups, and individual identity store users. Custom groups provide more granular control over access within vRealize Automation than business groups which correspond to a line of business, department, or other organizational unit.
Custom groups enable us to grant access rights for tasks on a finer basis than the standard vRealize Automation group assignments. For instance, us may want to create a custom group to allow tenant administrators to control who has specific permissions within the tenant.
us can create endpoints that allow vRealize Automation to communicate with the vSphere environment and discover compute resources, collect data, and provision machines. us can optionally associate NSX settings to the vSphere endpoint by associating to an NSX for vSphere or NSX-T endpoint.
An IaaS administrator can organize virtualization compute resources and cloud endpoints into fabric groups by type and intent. One or more fabric administrators manage the resources in each fabric group.
Fabric administrators are responsible for creating reservations on the compute resources in their groups to allocate fabric to specific business groups. Fabric groups are created in a specific tenant, but their resources can be made available to users who belong to business groups in all tenant
us can create machine prefixes that are used to create names for machines provisioned through vRealize Automation. A machine prefix is required when defining a machine component in the blueprint design canvas.
A prefix is a base name to be followed by a counter of a specified number of digits. When the digits are all used, vRealize Automation rolls back to the first number.
An external network profile identifies network properties and settings for an existing network. An external network profile is a requirement of NAT and routed network profiles.
Business groups are used to associate a set of services and resources to a set of users. These groups often correspond to a line of business, department, or another organizational unit. us create a business group so that us can configure reservations and entitle users to provision service catalog items for the business group members.
To add multiple users to a business group role, us can add multiple individual users, or us can add multiple users at the same time by adding an identity store group or a custom group to a role. For example, us can create a custom group Sales Support Team and add that group to the support role. us can also use existing identity store user groups. The users and groups us choose must be valid in the identity store.
When a member of a business group creates a provisioning request for a virtual machine, vRealize Automation selects a machine from one of the reservations that are available to that business group.
Login to tenant as tenant admin – Administration – Users & Groups – Custom Groups – + sign
Provide a name for the group and select all the required roles on the right side.
Select members part of this group.
Create Fabric Group:
Select infrastructure – Fabric Group – new: this is to mention which clusters are part of this group.
Sync vCenter objects with vRA
Now logoff and log back in as vadmin
Select Compute Resources – Click the fabric group – data collection
Data collection needs to be done if any new host or templates are added to vCenter after adding fabric group.
Click on request now on all.
Create Machine Prefix
Provide the name, select and no of digits and start value (00,01) and all
Create Business Groups
Click on New for business group.
Select all emails part of group managers (approvers) and users (requesters).
Support role is for users who will support if there are any issues.
Select the Machine prefix created earlier.
Now Create a reservation which contain pool of resources.
Create vSphere reservation.
Provide Name, Business group and priority Note: Don’t use priority 1 as if you need to give another group priority it cannot be done, so give something like 10 or 11.
Select compute resource, Quota ( VM#), memory , storage and okay.
review and finish.
With this the basic steps we have created Custom Groups, End points and Reservation Configuration.