6.2
Table Of Contents
- IaaS Integration for Multi-Machine Services
- Contents
- IaaS Integration for Multi-Machine Services
- Introduction to Multi-Machine Services
- Configuring Network and Security Integration
- Configuring vRealize Orchestrator Endpoints
- Create a vSphere Endpoint for Networking and Security Virtualization
- Run the Enable Security Policy Support for Overlapping Subnets Workflow in vRealize Orchestrator
- Creating a Network Profile
- Configuring a Reservation for Network and Security Virtualization
- Optional Configurations for Multi-Machine Services
- Creating Multi-Machine Blueprints
- Specifying Scripts for Multi-Machine Service Provisioning
- Specifying Custom Properties for Multi-Machine Services
- Blueprint Action Settings for Multi-Machine Services
- Create a Multi-Machine Blueprint
- Specify Blueprint Information for a Multi-Machine Blueprint
- Specify Build Information for a Multi-Machine Blueprint
- Specify Network Information for a Multi-Machine Blueprint
- Specify Scripting Information for a Multi-Machine Blueprint
- Add Multi-Machine Blueprint Custom Properties
- Specify Actions for Multi-Machine Blueprints
- Publish a Blueprint
- Configuring Multi-Machine Blueprints for Network and Security Virtualization
- Managing Multi-Machine Services
Configuring Multi-Machine
Blueprints for Network and
Security Virtualization 5
When you provision a multi-machine service in vRealize Automation, you can provision virtualized
networks and related services for the vSphere component machines in that multi-machine service based
on the vCloud Networking and Security and NSX platforms.
Fabric administrators create network profile templates, external network profiles, and the reservations that
determine the available networks and other settings. Tenant administrators and business group managers
create NAT, routed, and private network profiles, virtual network adapters, and virtual load balancers,
specify applicable security policies, security groups, and security tags to a multi-machine blueprint.
n
Adding Network Profiles to a Multi-Machine Blueprint
A tenant administrator or business group manager can create NAT, routed, and private network
profiles for a multi-machine blueprint, and assign those profiles to virtual network adapters in the
same multi-machine blueprint.
n
Configure Network Adapters for Component Machines
A network adapter defines a network connection for a component machine. A tenant administrator or
business group manager can configure a network adapter for a multi-machine blueprint, and apply
the network adapter to one or more component blueprints in that multi-machine blueprint.
n
Configure Load Balancers for Component Machines
A tenant administrator or business group manager can configure a load balancer for a multi-machine
component blueprint. All machines provisioned from the component blueprint are added as
members of the load balancer.
n
Applying Security on a Component Machine
From the Security tab the tenant administrator or business group manager can enable the App
isolation and assign security groups, security tags, and security policies to a multi-machine blueprint.
n
Configure Reservations for Routed Gateways
A tenant administrator or business group manager can configure reservations for use in provisioning
the routed gateway of a multi-machine service.
n
Enable App Isolation for Component Machines
When App Isolation is enabled for a vRealize Automation multi-machine blueprint, the firewall blocks
all inbound and outbound traffic to the component machines of the blueprint. The component
machines of the multi-machine blueprint can communicate with each other but cannot connect
outside the firewall.
VMware, Inc.
42