vRealize Automation 7.3 is on the market since the end of May. vRA 7.3 brings us some enhancements in the context of VMware NSX. While there was a great reliance on vRO for the NSX integration in pre 7.3. With 7.3, vRA directly leverages the NSX API for most of the integrations. On top of that some new NSX configuration options were added to the vRealize Automation platform. In this article I will have a look at all the enhancements.
Introducing the NSX endpoint
A big improvement is that you can now add NSX as an endpoint in the vRA 7.3 interface. After associating the NSX endpoint with a vCenter Server, you’re all set! That’s a big difference compared to the pre-vRA 7.3 era, where you had to configure an endpoint in vRO, and add the configuration to a vCenter endpoint in vRA. To get an idea of this proces I’ve added two screenshots:
So the question here is; don’t you need vRO at all anymore? Well…it depends :). If the out-of-the-box features of vRA are sufficient for you, then…no. But if you need to do some very specific things, you can still use the vRO and the NSX plugin in vRO. This, of course, requires some additional configuration steps.
Enhancements to the OnDemand Load Balancer
vRA 7.3 introduces some enhancements to the OnDemand Load Balancer. You can now further customize the behaviour of the load balancer. There are some new advanced settings available that you can configure directly in the blueprint:
- The distribution protocol (RR, IP-HASH, LEASTCONN, URI, HTTPHEADER or URL) and the way session persistence is achieved;
- Health check specific parameters, like interval, timeout retries etc.;
- And some advanced settings like a connection (rate) limit and max/min connections.
Enhanced NAT port forwarding rules
Another nice enhancements is configuring NAT rules straight in the converged blueprint designer.
Just specify a name, the blueprint component you want to point to, source/destination port, protocol and a description and you’re all set! Notice you will need static IP assignment (for the NAT network profile) for this option to work.
Also new is a day 2 operation to change the NAT port forwarding rules after the VM/blueprint is deployed.
Set Edge High Availability
You can set properties for the used Edges in a blueprint by using one of the new custom properties:
- NSX.Edge.ApplianceSize = compact || large || quadlarge || xlarge
- NSX.Edge.HighAvailability = true (enable high availability)
- NSX.Edge.HighAvailability.PortGroup = VM network (the network for the HA NIC)
You can specify the properties at design time or at deployment time.
NSX Security Groups and Security Tags
You can now view linked security groups and security tags to a deployed item in vRealize Automation. There’s also a new day 2 operations available called “change security”. With the change security option you can add exisiting security groups and tags, or disassociate them. After you’ve submitted the request, vRA will reconfigure NSX and apply the requested changes.
With all these enhancements it has become much easier to leverage the power of NSX straight from vRealize Automation. Happy automating!