Part 6: vRA 7.5 Custom Groups, End points and Reservation Configuration
In this post will cover the creation of custom groups, end points, fabric groups and reservations and why do we need these to be configured.
Custom Groups
Tenant administrators can create custom groups by combining other custom groups, identity store groups, and individual identity store users. Custom groups provide more granular control over access within vRealize Automation than business groups which correspond to a line of business, department, or other organizational unit.
Custom groups enable us to grant access rights for tasks on a finer basis than the standard vRealize Automation group assignments. For instance, us may want to create a custom group to allow tenant administrators to control who has specific permissions within the tenant.
End Point
us can create endpoints that allow vRealize Automation to communicate with the vSphere environment and discover compute resources, collect data, and provision machines. us can optionally associate NSX settings to the vSphere endpoint by associating to an NSX for vSphere or NSX-T endpoint.
Fabric Group
An IaaS administrator can organize virtualization compute resources and cloud endpoints into fabric groups by type and intent. One or more fabric administrators manage the resources in each fabric group.
Fabric administrators are responsible for creating reservations on the compute resources in their groups to allocate fabric to specific business groups. Fabric groups are created in a specific tenant, but their resources can be made available to users who belong to business groups in all tenant
Machine Prefix
us can create machine prefixes that are used to create names for machines provisioned through vRealize Automation. A machine prefix is required when defining a machine component in the blueprint design canvas.
A prefix is a base name to be followed by a counter of a specified number of digits. When the digits are all used, vRealize Automation rolls back to the first number.
Network Profiles
An external network profile identifies network properties and settings for an existing network. An external network profile is a requirement of NAT and routed network profiles.
Business Groups
Business groups are used to associate a set of services and resources to a set of users. These groups often correspond to a line of business, department, or other organizational unit. us create a business group so that us can configure reservations and entitle users to provision service catalog items for the business group members.
To add multiple users to a business group role, us can add multiple individual users, or us can add multiple users at the same time by adding an identity store group or a custom group to a role. For example, us can create a custom group Sales Support Team and add that group to the support role. us can also use existing identity store user groups. The users and groups us choose must be valid in the identity store
Reservation
When a member of a business group create a provisioning request for a virtual machine, vRealize Automation selects a machine from one of the reservations that are available to that business group.
Please find the links for all the posts in this series below.
- Introduction and Design : Installing and Configuring vRealize Automation (vRA) 7.5
- Part 1: Deploying vRealize Automation (vRA) 7.5 Appliance
- Part 2: Installing SQL for vRealize Automation (vRA) 7.5
- Part 3: vRealize Automation (vRA) 7.5 Installation and IIS server Configuration
- Part 4: vRA 7.5 Initial Configuration of Default tenant and AD Directory Sync
- Part 5: vRA 7.5 Sub tenant Creation and Branding
- Part 6: vRA 7.5 Custom Groups, End points and Reservation Configuration
- Part 7: vRA 7.5 Infrastructure and XaaS Blue Prints Creation
- Part 8: vRA 7.5 Approvals, Catalog Management and Testing Blue Prints
- Part 9: vRA 7.5 fixing installation errors and configuration issues
Please click on the left side social share icons to share this post if you feel its useful to others.
Contents of the Post
Custom Groups
Login to tenant as tenant admin – Administration – Users & Groups – Custom Groups – + sign
.png)
Provide a name for the group and select all the required roles on the right side
.png)
select members part of this group.
.png)
Create vCenter End Point
Select infrastructure – End Points – new – Virtual – vSphere(vCenter)
.png)
Provide vCenter endpoint name
- End point name: vCenter ( same name as used while installing IIS)
- Address : https://fqdn-vcenter/sdk
- Username and password for vCenter
.png)
review
.png)
Create Fabric Group
Select infrastructure – Fabric Group – new : this is to mention which clusters are part of this group.
.png)
Sync vCenter objects with vRA
Now logoff and log back in as vraadmin
.png)
Select Compute Resources – Click the fabric group – data collection
Data collection needs to done if any new host or templates are addedd to vcenter after adding fabric group.
.png)
Click on request now on all
.png)
wait and notice that it will be successful
.png)
Create Machine Prefix
Provide the name, select and no of digits and start value (00,01 ) and all
.png)
Create Network Profiles
network profile is very important as it will contain IP vLan details and IP range.
Click on External
Note: NAT and routed for NSX environments.
.png)
Provide Name, mask and gateway
.png)
Provide DNS server details
.png)
Provide IP range start and end ip with a name
.png)
no network profile is created.
.png)
Create Business Groups
Click on New for business group.
.png)
Provide Name and next
.png)
select all emails part of group managers ( approvers) and users ( requesters).
Support role is for users who will support if there are any issues.
.png)
Select the Machine prefix created earlier.
.png)
Create Reservation
Now Create a reservation which contain pool of resources.
Create vSphere reservation.
.png)
Provide Name, Business group and priority
note: dont use priority 1 as if you need to give other group priority it cannot be done, so give something like 10 or 11
.png)
Select compute resource, Quota ( VM#), memory , storage and okay.
.png)
Select network which needs to be assigned to VM and map it to network profile created earlier.
.png)
review and finish
.png)
with this reservation created.
.png)
With this the basic steps are created and part 6 is completed, move to part 7.
Please find the links for all the posts in this series below. Click on the link below for the next post in this series.
- Introduction and Design : Installing and Configuring vRealize Automation (vRA) 7.5
- Part 1: Deploying vRealize Automation (vRA) 7.5 Appliance
- Part 2: Installing SQL for vRealize Automation (vRA) 7.5
- Part 3: vRealize Automation (vRA) 7.5 Installation and IIS server Configuration
- Part 4: vRA 7.5 Initial Configuration of Default tenant and AD Directory Sync
- Part 5: vRA 7.5 Sub tenant Creation and Branding
- Part 6: vRA 7.5 Custom Groups, End points and Reservation Configuration
- Part 7: vRA 7.5 Infrastructure and XaaS Blue Prints Creation
- Part 8: vRA 7.5 Approvals, Catalog Management and Testing Blue Prints
- Part 9: vRA 7.5 fixing installation errors and configuration issues
Please click on the left side social share icons to share this post if you feel its useful to others.
Hope this post is useful, please leave your comments below.
Hello. This blog is very helpful.
But I have a question.
I’m currently using vRA 7.6.
I would like to limit the number of vCPUs to the Reservation used by a specify business group.
However, vCPU limits cannot be set in Reservation, and limiting vCPUs in a blueprint is not used to limit the entire resource.
I saw on a blog that from vRA 7.4, the vCPU-restricting functionality has disappeared.
Do you know the reason for this?
And is there an official VMware document on this?
Have a good day! Thank you : )