VMware Cloud Community
vCloudvEngineer
Contributor
Contributor

vRO Use Cases

I know this question could also be considered a vRealize Automation question. I posted in the vRO forums because vRO is the engine to get these done.

My question is this: Listed below are some use cases I have implemented. What are some other use cases for vRA/vRO?

I am especially interested in Infrastructure as a Service but feel free to post any use case!

What I do today:

VM Provisioning (Windows 2012 R2, Windows 2016, RHEL, Other Linux)

Run REST API against RHEL Satellite

VM Disk Add/Remove w/ vAPI commands against OS for Online and Extends

Add Memory to VM

Add CPU to VM

Add to specific vSphere Folder (for EMC Avamar Backups management)

vmnic Modifications, Add, Remove

VM Tagging

Guest OS Modifications via (vAPI); Example: Restart a Service

VMtools Upgrades

VM Hardware Version Upgrades

MS Cluster - Shutdown/Startup

Change Guest-OS Type

Cisco UCSM API Calls (Add VLAN to Port Channel)

Cisco UCS Central API Calls (Roll out new template)

Cisco UCS Director API Calls (Mainly used to gather information)

Fabric Zone Creation - Brocade & Cisco MDS

PureStorage - Multiple: volume creation, protection groups, snapshots, etc

EMC Isilon - Create departmental shares

SSL Certificate Generation

VMware SRM Integration - configure VM for DR and remove when decomissioned

BIG IP F5 - Multiple tasks; example: Add to Load Balancing Group and Create Redirects

Active Directory (CRUD)

DNS (CRUD)

Integrations:

Thycotic for password/username

Solarwinds IPAM for IP Management

SNOW (ServiceNow)

Almost all of the above is done directly through SNOW catalog requests.

Any other Automation\Orchestration ideas out there? Would be cool to start a discussion on ideas/possibilities.

We haven't integrated Chef, Puppet, Ansible or Salt run books yet but are working towards it.

What has been useful to you or your organization?

Tags (1)
12 Replies
jarushepic
Enthusiast
Enthusiast

We built workflows for automated SAN zoning using the MDS REST API.  We also built a set of generic storage array workflows - e.g. create lun, define host on storage array, etc - and then have array specific implementations for those for HDS G1000, VMAX, & Pure.  We also use it for deploying new customers with Netapp and Rubrik.

We're also investigating using it for patching Windows since all existing solutions for that problem suck.

We're working with VMware to polish up the NSX plugin more so we can use that for dFW rule management.

We use it to configure vSphere Replication and look forward to moving to SRM 6.5 to use that new plugin to configuration protection groups and recovery plans.

In short, we use vRO to automate more or less our entire infrastructure.

Reply
0 Kudos
ericr999
Enthusiast
Enthusiast

I'm currently looking at Adding a new disk but with the logic of LVM behind. I want to handle all the possible cases, before adding disk. So I want to remove the thinking from the users, because they make too many mistakes! :smileysilly:

Also, we have did a case of provisioning blades. Its a two stage process, first, the user fill out a web form, we process it, and we request the storage to the storage team (yes this is still a manual process, they don't want to open up the api), once that's done the user gets a confirmation, and can launch phase two of the provisioning, which is booting via pxe, installing the OS, then once its all done, we change the network cards ip info, and we send a request to the team that will change the physical connection. So we are provisioning physical machine now. But just blades.

Also, I'm curious about your VM provisioning, what's the offer you have to the user as for versions ? Do you offer a fixed version like RHEL 7.4, or do you keep older versions still available ? I'm asking because in my case this means I would have to keep older templates, and must test them, and I don't like the idea of deploying older OS. Just curious what others do, because this is a lot of management and I have less time to do new stuff.

In here we have automated:

Spacewalk

Men&Mice (IPAM)

AD (PowerShell scripts)

HP Service Manager (Avnet Plugin)

CheckMK (Monitoring)

HP SIM (Blades)

VM Provisioning (Windows 2012 R2, RHEL, SLES)

CyberArk (Password Vault, retrieve and store passwords)

Reply
0 Kudos
vCloudvEngineer
Contributor
Contributor

We offer multiple OS versions:

Windows 2012 R2 and Windows 2016

RHEL 7.2 and RHEL 7.3

Reasons:

1. Application requirements. Some vendors are not ready for the newer OS.

2. Rebuilds if the team is not ready for the newer OS.

We have mandated recertification of servers and mandated target dates to move off of specific OS versions. So we publish the newer OS for teams ready to on to the newer OS and publish the older OS to support what applications/systems can't yet be moved.

We also offer small, medium, large and custom sized VMs. With large and custom sized requiring further approvals.

Compute automation is awesome. With the culmination Cisco UCS Director, UCSM and UCS Central, VMware Auto Deploy and vRA/vRO; you can automate the entire process of implementing a new blade. To the point where you insert the blade and everything else is taken care of. What UCS profile is attached to it, creation of DHCP reservations, fabric zoning, what auto deploy rule is used, which cluster/host profile, etc. In a multi-vCenter and multi UCS Domain infrastructure environment to boot!

Reply
0 Kudos
ericr999
Enthusiast
Enthusiast

The other thing is that we don't manage multiple versions for the other reason that it will force the user to do some manual steps, we think it might discourage them, and maybe force them to reconsider to upgrade the currents servers to newer one. But yeah, I understand your point that some application is sometimes hard to upgrade.

Yeah its pretty awesome what we can do now with all the automation! We are also doing the blade provisioning, but its currently a two steps procedure, one to provision the space and install the blade by one team. Once that's done we start the second procedure, to install the machine.

Also, another question while we are at it. Do you use a git repo for all your workflows, and for any post-install scripts ? If yes, how do you normally work ? I'm curious if I'm doing it the right way. My main issue is that some scripts can only be called by VRO and can only be run in that specific directory on the Windows server.

Reply
0 Kudos
ericr999
Enthusiast
Enthusiast

No more responses from other users ? Wondering where others are automating, and also wondering how it goes at your place regarding security ?

Do you have a lot of constraints from the security guys ?

In here, I can easily build new machine, but we are now investigating the option to unbuild/delete old machines. By unbuild, I mean unregister machine from systems, like remove the machine in Tripwire, Monitoring, Asset Management, etc.

Of course its not enough to just delete the VM, also, even deleting the VM is normally easy, but VM that are in production are stored in a different folder with different permissions, so normally we don't have access to them.

Anyway, I'm attempting to revive this post, if I can say. Smiley Happy

Reply
0 Kudos
danielleitcs
Contributor
Contributor

While IT Central Station does not yet have reviews for vRO, you can find real user reviews for vRA here with a variety of use cases that you might find helpful.

As an example, this Lead Engineer writes, "What we do with it is we've taken a very lengthy deployment process and we have shrunk it from what was a months-long process down to a matter of hours. We've also had benefits with configuration consistency because the machine is doing it for us. We aren't manually typing in, editing config files, and all that." You can read the rest of his review here.

Reply
0 Kudos
jesse_cohen
Enthusiast
Enthusiast

Feel like sharing any of your code?

specifically:

VM Disk Add/Remove w/ vAPI commands against OS for Online and Extends

Run REST API against RHEL Satellite

Guest OS Modifications via (vAPI); Example: Restart a Service

VMware SRM Integration - configure VM for DR and remove when decomissioned

Reply
0 Kudos
Ruchi1
Contributor
Contributor

Hi ,

I have a requirement to do CyberArk() Password Vault, retrieve and store passwords) can you guide me how to get it done I have added https rest host in vRO.

Thanks,

Reply
0 Kudos
LaxmiRagi
Enthusiast
Enthusiast

Hi Ruchi,

I have the same requirement, can you please help me if you have done this?

--

Laxmi

Reply
0 Kudos
Shikhayad
Contributor
Contributor

Hello,

We can achieve the use case with the help of following doc with adding REST host via vRO.

REST APIs | CyberArk Docs


Regards,
Shikha

Reply
0 Kudos
Windspirit
Hot Shot
Hot Shot

  • Mount / unmount ISO
  • add /remove NSX-T tag of VM (for network rules)
  • configure/unconfigure vReplication/SRM
  • add/remove/change vCenter tag of VM (e.g. backup settings)
  • user CoolRun to run a script in VM OS using vmware tools
  •  
Reply
0 Kudos
just70
Contributor
Contributor

A couple other use cases I use if for:

  • Gathering top N directories in size on a VM when a high disk usage alert is triggered.
  • Decommissioning a VM
  • Self-service unlocking privileged accounts
  • Suppressing Solarwinds alerts during planned maintenance
  • Self-service VM snapshot with a scheduled auto-deletion date/time
  • Oracle Enterprise Manager blackout enable/disable during planned Oracle product maintenance