Oh my how time flies. It was just about 6 months ago that I was blogging about the release of vRA 7.2 and all the awesomeness within. Since then, VMware’s Cloud Management Business Unit has been hard at work developing, testing, tweaking and innovating towards the next big release. Today, I’m happy to announce the general availability of vRealize Automation 7.3. It’s an incremental release (i.e. a “dot” release), but don’t be fooled. Here you’ll learn just how much “umph” a .1 can have.

This release continues the trend of delivering awesome innovations, improved user experience, and greater / deeper integration into the ecosystem its managing. Below is a summary of the “spotlight” features and capabilities that are packed into vRA 7.3…

Enhanced API’s for Deploying, Upgrading and Migrating vRA

As part of a continued effort to broaden and enhance API’s across the entire cloud management stack, vRA 7.3 adds and exposes API’s to programmatically install, upgrade, and migrate vRA. This work also provides the foundation for up-and-coming SDDC automation and lifecycle management tools.

Support for creating and replacing self-signed certs

Retrieve available upgrade packages, status and approximate upgrade time

Supports automated migration from 7.x to 7.3

Audit Logging Framework

Provide system-wide logging and auditing capabilities to gain additional visibility into your vRA environment. The VAMI-accessible Audit Log Integration option adds seamless integration with vRealize Log Insight.

Extends the current Event Logging functionality

Enables logging of essential services across IaaS and .net (windows) services

Audit Workflow Subscriptions, IaaS Fabric, Endpoints, and more

Support for external Syslog and vRealize Log Insight

Configure using REST API

Component Profiles

One of the MOST REQUESTED features is now out-of-the box. Use Size and Image policies to drastically reduce blueprint sprawl and set consistent sizing policies (e.g. Small, Medium, Large, etc). This is also one of the primary use cases for XaaS blueprints to enable “t-shirt sizing”.

Enable T-Shirt sizing OOTB! (#1 XaaS use case)

Create profiles as needed, determine which to use per Blueprint (with default option)

Trigger Approval Policies to Size or Image conditions, including overrides

Import/Export profiles (value sets) using CloudClient

Significantly reduces blueprint sprawl

Shared Access Role

The Shared Access role is a new Business Group role that enables shared machine access to other BG users (within the same business group). The role is granted by the business group manager.

Shared Access user can review Items and execute entitled Day 2 actions

Shared users can’t request new resources on behalf of the owner

Intelligent Workload Placement (WLP)

vRA and vRealize Operations come together to provide analytics-based initial placement policies for vSphere machines.

Utilize analytics data in vRealize Operations to optimize the placement of workloads

vR Ops will recommend optimal Compute Cluster and Datastore based on available data

App Execution Information returns placement details

Optional toggle flag (via API) to force WLP usage or fail

Requires vR Ops 6.6 or higher

WLP integration in vRA introduces new Management Endpoint to integrate vRealize Operations:

Machine placement is determined by the vR Ops monitoring policy. vRA provides a list of available target reservations to vR Ops, which makes the recommendation based on CPU, Memory, and Storage metrics.

Create Monitoring Policies in vR Ops UI:

Enhanced Integration with vRealize Business

Uses consistent terminology across vRA and vRB

No derived costing in vRA – vRB is the single source of truth for all costing data

Supports pricing based on Blueprint, Reservation or Reservation Policy

Updating pricing for Reconfigure, Scale Out/In, HA-enabled, AWS and Azure machines

Adds cost info to imported machines

Integrated Health Service

The once-stand-alone Health Service (i.e. vRPT) is now available within vRA UI. This allows admins to gain visibility into overall health metrics of any supported vRA / vRO instance for current health status and upgrade/migrate preparedness.

Role based and tenanted access to health data

Configure multiple vRA instances to monitor

Schedule and configure test runs

Full REST interface to perform health service system management tasks

REST API Enables integration with vRealize Operations / SDDC Health Dashboard and 3rd-party tools

A detailed test report shows current status, criticality, and potential fix:

DBaaS, Production DB Cloning for Dev/Test

Provides the capability to snapshot and provision a DB instance point-in-time

Provision DB child nodes (Linked Clones), auto restore DB backup for test/dev

Supports Oracle and Microsoft SQL database

Prebuilt Blueprints (Oracle 12c, SQL 2014) and use case specific vRO workflow package

NSX Integration Enhancements

Where do I start? This section is definitely going to need it’s own post due to the amount of work the team has put into delivering some serious #BetterTogether goods. Here’s a quick summary of what’s shipping OOTB in vRA 7.3…

Direct API Integration — no more dependency of vRO plugin / endpoint dependency (although the vRO plugin will continue to be available for XaaS and vRO-centric use cases)

NSX is now a dedicated Endpoint, providing logical separation from the vSphere Endpoint(s). The new endpoint management service provides separate configs for all [IaaS] Endpoints then uses Associations to bind them together. This provide greater flexibility and scale.

Enhanced NAT Port Forwarding Controls during blueprint authoring provides greater flexibility and feature-parity with NSX management.

NAT Day 2: Add / Remove / Reorder NAT Port Forwarding rules on a provisioned machine

Enhanced Load Balancer Controls: Customize LB Algorithms, Persistence, Port(s), extended Health Monitor control, Transparent Mode (on/off), etc

LB Day 2: Add / Edit Virtual Servers, granularly modify LB policies

Security Day 2: Change Security Policy (Security Groups and/or Tags) as a Day2 Action

Enable NSX Edge High Availability (configured per-blueprint)

Enable NSX Edge Deployment Size Selection (configured per-blueprint)

Config Automation Framework

vRA 7.3 adds native integration with external configuration management tools (starting with Puppet).

Dynamically assign roles per Blueprint component

Dynamically query Puppet Master, Environment and Roles

Support for Day 2 Actions (de-register / delete)

Software Authoring Enhancements

Once the plugin is added, the Puppet Master registered as an extensibility Endpoint and becomes available in the converged blueprint canvas to drag and drop over a vSphere component.

You can download the new Puppet Plugin (3.0) from VMware Solution Exchange

Software Syntax Highlighting (UX Enhancement)

Elegant syntax highlighting of software lifecycle scripts (app authoring)

Intuitive color coding standards

Improves productivity and reduces scripting errors

Use Custom Properties in Software Scripts (using $ notation)

Support for Encrypted / Non-Encrypted properties

Container Management Enhancements

vRA’s container management engine now natively supports VMware Integrated Containers (VIC), allowing admins to add/manage VCH instances in vRA with a feature set similar traditional Docker hosts. This is on top of current capability of

Support for Docker volumes: create / attach volumes to containers, deploy volumes with container apps

UX Enhancements: UI improvements for easier and more user friendly navigation, Clarity UI adoption, new tabs, icons and buttons

Support for Docker Remote API 1.21

Enhanced selection of image versions in container definition form

Support for Docker volumes: create / attach volumes to containers, deploy volumes with container apps

Ready for VMware Cloud on AWS

Nothing to see here, folks — VMware Cloud on AWS is just another vSphere Endpoint! (once it’s available)

Build an IaaS Fabric using VMware Cloud SDDC Resources

Leverage Reservation Policies for machine placement

Azure Endpoint Enhancements

A handful of usability enhancements to the Azure endpoint focus on the overall user experience. vRA 7.3 adds support for software components (i.e. software authoring), enabling drag and drop of software to Azure machines on the blueprint canvas.

Specify software properties on the blueprint designer as well as on the request form

Usability Improvements, pre-populated forms and drop-downs

Requires VPN connectivity for communications

ServiceNow Plugin 2.0

This is a follow up and incremental release of the SNOW 1.0 Adds support for AWS catalog items (view and request AWS catalog items from the ServiceNow portal)

Seamless integration with the ServiceNow governance engine

CMDB and Day 2 operations support

Supported Releases: ServiceNow Helsinki and Istanbul, vRA 7.3

Available on Solution Exchange

Force Destroy [Deployments]

Efficiently clean-up failed deployments

Safely ignores any failures interrupting the Destroy process

Improves stable management of workloads

Applies to entire deployment

Available only after initial destroy request fails

Only the Business Group Manager can invoke the Force Destroy option

vRO Control Center RBAC

RBAC Auth Support to vRO Control Center

Admins log in with their accounts (previously only the ‘root’ user had access)

Troubleshoot requests based on user role

Trace execution and logs for workflow-based vRA requests, based on user role

Reuse privileges and roles from vRA

SDDC Storage Integration (vSAN/SPBM)

Enable SPBM management through vRO

Leverages the latest vCenter Server (6.5) plug-in shipped with vRO out-of-the-box

All Storage Policy Based objects are now accessible through API in vRO/vRA

Change Storage Policies as a Day2 Action

Changes can be governed, controlled

Secure Properties

Allow only privileged users to export secure properties in blueprints, software components and property groups in clear text

Allows Dev-Ops admins to export and import content across different vRA instances without compromising the security of their content

Supported using API and CloudClient import/export

Automated Postgres DB fail-over

Eliminates vPostgres DB single point of failure

Support for synchronous mode (required for consistent state failover)

Automatically promotes available Replica DB / demotes Master once available

Approx 60-sec failover time

Manager Service Fail-Over

Eliminates Manager Service (IaaS) single point of failure

Auto-enabled using wizard or silent install

Enabled manually when using suite installer

Default 30 to 120-sec failover time (customizable), depending on outage scenario

That about sums it up…not bad for a “dot” release, eh? I’ve got a few posts tee’d up that will dive much deeper on some of these new features…starting with the many NSX enhancements.

You could have deployed a vRA 7.3 environment in the time it took to read this full post — get to it!

Resources

Enjoy!

+++++

@virtualjad