Thursday 22 March 2018

VMware vRealize Automation - Creating & Configuring Tenants Part 1

I have dedicated couple of blog posts earlier in vRealize Automation section wherein we discussed about Installation, Architecture, Roles and LayersCreating blueprints, Custom properties and What's new with the latest releases.  Here are few links for quick reference vRealize Automation Installation Part 1vRealize Automation Installation Part 2 , vRA Roles and Layers , vRealize Automation Architecture , Provisioning Machines in vRA , Multi Machine Blueprints , Custom Properties , and What's New in vRA7.
Recently did the fresh installation of vRA 7.0 in my Home Lab environment and added another tenant QA, synced users and also configured branding and created fabric groups so thought of dedicating a series of blog post which will serve as step by step guide for my reference and also help others to understand the procedure from creating a Tenant, configuring Branding, adding users, creating Fabric Groups, Creating machine prefixes and also talk about the creation of reservation policies, business groups.

*Note: Installation/Configurations/Specifications methods used here has been Tested in My Home Lab Nested Environment

The steps involved when creating/configuring a tenant is to access the default tenant (vSphere.local) and name the new Tenant/ Create a tenant specific URL and finally specify the users who can access the Tenant and can assign the Tenant and Administrator roles to the newly created users.

As shown in the above screenshot I logged in to my default tenant and created a new tenant  (QA) after providing some details including the Name of the new Tenant / Description/URL/Contact Email.  Next task on the list is to add local users and assigning them Tenant Administrators/ IaaS administrator roles and do some branding for our newly created tenant QA.

After the successful creation of my new tenant QA and giving the local users the IaaS administrator and Tenant Administrator roles it was time for me to access the newly created Tenant https://vRealize Automation Appliance FQDN /VCAC/ORG/Qa/Domain and do some Branding for the same. 

Wherein we have the option to customize the look and feel of the login screen including logo, background color and specify Header and Footer Settings.

Once the branding is done the next task on the list is to make use of Directory Management Feature to configure a link to Active Directory (Over LDAP) (Integrated Windows Authentication) to support user authentication. By Specifying Directory Name, FQDN of vRealize Automation Appliance,Domain Name, Domain Administrator Username/ Password.  Once the Directory is configured we can further go ahead and provide details including SYNC Settings, Group Information (Group DN's) to sync for example CN=users,DC=example,DC=company,DC=com, by selecting the Active Directory Groups that we want to Sync with the directory the users part of the groups are also synced. 

After we saved the directory configuration the next task on the list is to assign Tenant and IaaS administrator roles to the QA tenant, which will be done by connecting to the default tenant (vsphere.local) using the administrator account and editing the properties of QA tenant and then selecting the Administrators options.

Once we have added both the Tenant and IaaS administrator roles will be creating a Fabric Group and assigning Fabric Administrators, all these tasks will be performed using the IaaS admin role we have configured in our last step as IaaS admin is responsible for configuration of Infra Fabric by connecting various endpoints, and also for creation of Fabric Group/ Assignment of Fabric Admin role to a Fabric Group

Will be dedicating another article Part 2 of the series further explaining the steps involved for the creation of Fabric Groups,Machine Prefixes, Reservation Policies, Network Profiles, Business Groups and Reservations.

No comments:

Post a Comment