HEADSET CHANNEL

Delivering Multi-Cloud
Platform with vRealize
Automation 8

Scott Norris, VMware

Tony Phan, VMware

#v FORUMAU
Disclaimer

This presentation may contain product features or functionality that are currently
under development.

This overview of new technology represents no commitment from VMware to deliver

these features in any generally available product.

Features are subject to change, and must not be included in contracts, purchase orders,
or sales agreements of any kind.

Technical feasibility and market demand will affect final delivery.

Pricing and packaging for any new features/functionality/technology discussed

or presented, have not been determined.

This information is confidential.

The information in this presentation is for informational purposes only and may not be incorporated into any contract. There is no commitment or obligation
to deliver any items presented herein.

#v FORUMAU
Agenda Foundation

Infrastructure-as-Code

Simplify Automation through Action Based eXtensibility

Catalog and Policies through Service Broker

Native Cloud Integrations

Extensible Pipelines through Code Stream

Cost and Compliance with CloudHealth

©2019 VMware, Inc. 3

Foundation

©2019 VMware, Inc. 4

 Multi-Cloud Journey

Hybrid Cloud Native Public Cloud

©2019 VMware, Inc. 5

What is Driving Native Public Cloud Adoption?

Developer and Strategic

Business Agility IT Investments

Developer speed Global reach

Infinite scale Cost efficiency

On-demand services De-Risk strategies

©2019 VMware, Inc. 6

Integrating Multi-Cloud Brings Challenges

Lack of Standards Multiple Portals

• Different deployment • Multiple UI/API’s for Dev’s
and maintenance and Admins
procedures • Different terminology and
• Lack of centralised concepts between
workload metadata providers

Security Growing Costs

• Lack of security and audit • 24x7 Development
standards Workloads
• Enforcement of available • No simple correlation to
cloud providers based on costs and business units or
data sensitivity projects

©2019 VMware, Inc. 7

7
Programmable Provisioning: vRealize Automation for Multi-Cloud
Purchase and operate as SaaS and on-premises
VMware Cloud Automation

Service
vRealize Broker
Catalog &Automation
Policy Service Brokering
Code Stream
Continuous Delivery
Self-service catalog
catalog of native templates for
of native templates for each
each cloud.
cloud. Deployment automation Application Function Container Third-Party
Consistent governance
governance guard
guard rails
rails across
across clouds.
clouds. with operations Service Service Service Tools

Developer Multi-Cloud and Application Automation Blueprints: Multi-Cloud Templates

Cloud Assembly

POLICIES
Orchestrates and expedites infrastructure and application delivery in line with DevOps principles
Multi-Cloud and Application Automation
Developer, Deployment automation
Orchestrates with
and expedites operations and application delivery in line with DevOps principles
infrastructure
DevOps Admin VM DISK STORA SQL SEARC REDIS INSTA DISK
MACHI VOLU NETWO LOAD EC2 EBS S3 ROUTE REDSH RDS LAMB KMS KINESI IAM EMR DNS APP
BALAN 53 IFT DA S GE H NCE
NE ME RK
CER

Cloud Admin, Cloud API

SRE
Self-governing Cloud Services

SDDC (VCF) EDGE VCPP / VMC PUBLIC CLOUD

The The picture The

picture can’t be picture
can’t be displayed. can’t be
displayed. displayed.
Hybrid infra

On Premises: vRealize Automation 8 SaaS: Cloud Automation Service (vRA Cloud)

©2019 VMware, Inc. 8

Define, Aggregate and Deploy across Clouds
VMware Automation

VMware vRealize Automation 8.0

VMware vRealize Automation Cloud
ON-
PREM

VMware Cloud VMware Service VMware Code

Assembly Broker Stream
§ Infrastructure-as-Code for § Consistent control across § Deliver developers code
SAAS multi-cloud deployments cloud services and applications faster
§ Build and deploy cloud- § Templates for multiple § Reduce time required for
agnostic blueprints for clouds and platforms troubleshooting and
infrastructure and apps § Central catalog with role- remediation
based policies

©2019 VMware, Inc. 9

 Cloud Automation with vRealize Automation 8
Define, Aggregate and Deploy across Clouds
Brownfield Greenfield

Cloud AWS CFT vRO Azure Pivotal* K8s*

Assembly ARM*

VMware Marketplace
DIY
Catalog Items

START

STOP

SCALE OUT

+
GOVERNANCE POLICIES
DEV STAGE PROD
Power schedule Approval TASK
TASK … TASK …
…
Lease Notification DEPLOY DEPLOY DEPLOY

Resource Naming
Versioned Blueprints
Cost Tagging

VMware VMware VMware

Cloud Assembly TM
Service Broker TM
Code Stream TM

©2019 VMware, Inc. 10

* Indicate Templates and Services that are Coming Soon
Infrastructure-as-Code

©2019 VMware, Inc. 11

Cloud-Agnostic Infrastructure-as-Code
Abstract image definition maps to specific images for each cloud & region

Image mapping b

VM Templates AMI Azure VM GCP

images images
1

©2019 VMware, Inc. 12

Cloud-Agnostic Infrastructure-as-Code
Flavors map to instance types in native clouds

Th
e
Machine flavor c
pict
ure
ca
n’t Compute
be Engine
10GB PD
dis
pla 1 1

CPU, ye
AWS Instance d.Azure Instance GCP Instance
Memory types types types
1

©2019 VMware, Inc. 13

Ansible Integration
Configuration Management

Ansible Server Cloud Assembly

The
pictu
re Playbook
can’t
be
displ
ayed
.

The picture can’t

be displayed. Deployment

©2019 VMware, Inc. 14

Puppet Integration
Consume Puppet Roles with Puppet Enterprise

©2019 VMware, Inc. 15

Integrated Version Control
Iterate > Release > Restore

©2019 VMware, Inc. 16

Source Control with Source Control
“Pull” Blueprint Definitions Externally

©2019 VMware, Inc. 17

Tags, Tags, Tags
Resource placement is intent-based and determined at provisioning time

Determines resources
The
Configures the
The
Sets the The by matching
picture picture
can’t be can’t be pictur
displayed CAPABILITY TAGS displayed CONSTRAINT TAGS e CONSTRAINT TAGS
. . can’t
for the resources in the blueprints be to CAPABILITY TAGS
displa
yed. at deployment

Cloud Zone Project

Project Priority BLUEPRINT RESOURCES
DEPLOYMENT
Image mapping

Machine flavor

Network profile

Storage Profile Cloud Zone

©2019 VMware, Inc. 18

The picture can’t be displayed.

©2019 VMware, Inc. 19

Demonstration
Infrastructure-as-Code

©2019 VMware, Inc. 20

Simplify Automation through
Action Based eXtensibility

©2019 VMware, Inc. 21

Extensibility with Event Broker Service

Cloud service lifecycle

PROVISION MANAGE RETIRE ARCHIVE
Invoke vRO workflows
REQUEST APPROVAL
PENDING ACTIVE EXPIRED DESTROYED
DEPLOYMENT DEPLOYMENT UPDATES DEPLOYMENT DEPLOYMENT

Pending Approved
Request Request

Event broker

EVENT EVENT EVENT EVENT EVENT EVENT EVENT

Invoke Action scripts

Sample integrations )
Custom host Create AD OU Install puppet agent Update CMDB Cleanup
naming
Add admins to OUs Install centrify Archive the instance
disk
Add requester Config LVM

Get IP Address from

Infoblox

©2019 VMware, Inc. 22

Actions
Serverless code execution framework

AWS Lambda
Th Th
e e
pic pict
tur ure
e can
ca ’t
Event n’t
Based be
be Azure Functions
dis
dis Th
pla
pla e
yed
ye pict
.
d. ure
can
T ’t
h be
e OnPremdisABX
pi pla
ct yed
ur .
Catalog Request
e
ca
(XaaS)
n’t
b
e
di
sp
la
ye
d.

©2019 VMware, Inc. 23

Cloud Assembly Integration with Event Based Extensibility

Cloud Lifecycle Events

Blueprint IT services and custom IT
Network Pre Post
Reservation Allocation Removal operations (XaaS)
Configure Provision Provision
The • Storage as a service
pict • Backup/recovery
ure Event
can’ Event • Security/compliance
Subscription Subscription
t be Subscriptions • AD management tasks
disp Event Event
T laye Subscription Subscription
h d. Third-Party integration
e
p • CMDB
i
c • DNS
t • IPAM
u The
ABX Orchestrator Workflow • Load balancers
r picture
e • Service desk
XaaS
can’t
c be • Monitoring systems
a displa • Databases
n yed.
’t • Web services
b AWS Lambda OnPrem ABX Azure Functions vRealize Orchestrator
e
d T The
i h pict
s e ure
p pi can’
l ct t be
a ur disp
y e laye
e c d.
d a
©2019 VMware, Inc. 24
. n’
Extensibility Providers

New Capability
AWS Lambda

Action Based
Azure Functions Python / NodeJS
Extensibility
GCP Functions (tbc)

Extensibility
ABX OnPrem (beta)
Provider

vRealize Orchestrator vRO Instance vRO Workflow

©2019 VMware, Inc. 25

Action Flows
Combine many serverless functions

Action Flows can be

trigger based on an
event subscription or
standalone (ABX XaaS)

You can control of flow

execution, using
programming concepts
(like forks, joins) and
pass parameters
between multiple
actions.

©2019 VMware, Inc. 26

Action Based eXtensibility Versioning
Git Integration

• Two way Git Integration Cloud Assembly Visual Studio Code

• Use existing IDE tools for

development

• Iterative development
and release

• Diff in Cloud Assembly or

in Git

©2019 VMware, Inc. 27

Demonstration
Action Based eXtensibility

©2019 VMware, Inc. 28

Catalog and Policies through
Service Broker

©2019 VMware, Inc. 29

What is Service Broker

POLICIES
Enforce constraints
for the templates,
services and cloud
resources
Service Broker

PORTAL LIBRARY
Consume cloud Curate a collection • Self-service, single click
services with a of ready to consumption experience
single click through consume templates
a self-service portal and services
with governance

BROKER
Make 3rd party • Aggregation
services available • Service brokering
for developers
• Out of the box templates

©2019 VMware, Inc. 30

 Central Governance for Distinct Services

CONTROLLED
TEMPLATES & SERVICES POLICIES CONSUMPTION OF CLOUD
SERVICES
Aggregated catalog of services
Services across cloud platforms Constraints
Compose across cloud platforms
Application

Assembly
• Single click consumption of Code

Cloud
VMware Azure Access Template
Cloud
AWS Cloud
Resource Assembly templates, AWS CFTs,
Formation
Assembly
Templates
Templates
Manager
Templates
ARM templates, Helm charts
Power Sched
• Catalog of existing services that can
Lease be consumed

VMware Individual
Kubernetes
Helm Charts
Docker
Images
OVF
Resource
(isolated) Policy based governance

Service
Broker
Templates
Cost
consumption • Access, lease, approval, cost policies
for catalog items
Approval • Day 2 management of deployments
Vmware with access constraints
VMware vRO VMware vRA Code Stream
Workflows Blueprints Pipeline Naming
Executions Automated
Extensibility
Tagging CD pipeline
• Publish any vRealize Orchestrator

Stream
Code
workflow to catalog

©2019 VMware, Inc. 31

Publishing Versioned Blueprints to Catalog
Enable consumption of versioned blueprints
CLOUD ASSEMBLY SERVICE BROKER SERVICE BROKER
BLUEPRINT CATALOG ADMINISTRATION STOREFRONT

Cloud Assembly

Multi-tier app
with isolated
network Multi-tier app with isolated network
RELEASE SUSE Linux Enterprise
Server 15 VMware v4

REQUEST
v4

v3
Content Request Form
v1
RELEASED

v4 v4 Forms auto-
created, can Canonical is the commercial sponsor of Ubuntu, the leading open-source platform for cloud, personal
be further computing and next-generation devices. Ubuntu delivers reliability, performance and interoperability to
cloud and scale-out environments. Together with our partners, we ensure that Ubuntu runs reliably on every
RELEASED updated for platform from the PC and the smartphone to the server and, crucially, the cloud.
v3 v3 each version
V Request Details
Deployment name _________________________________________

Description _________________________________________
v2 Project _________________________________________

Size _________________________________________

Network _________________________________________

Storage tier _________________________________________

RELEASED Request Summary

v1 v1 REQUEST

©2019 VMware, Inc. 32

Content Sources

Cloud AWS CFT vRO Azure Pivotal* K8s*

Assembly ARM*

Catalog Items

START

STOP

SCALE OUT

+
GOVERNANCE POLICIES
Power schedule Approval

Lease Notification

Resource Naming

Cost Tagging

©2019 VMware, Inc. 33

* Indicate Templates and Services that are Coming Soon
Demonstration
Catalog

©2019 VMware, Inc. 34

Native Cloud Integrations

©2019 VMware, Inc. 35

Cloud Specific Provisioning
Rich support of IaaS and PaaS services

The
picture The The The The The The The The The The The
can’t be pict pict pict pict pict pict pict pict pict pict pict
displayed. ure ure ure ure ure ure ure ure ure ure ure
can’ can’ can’ can’ can’ can’ can’ can’ can’ can’ can’
t be t be t be t be t be t be t be t be t be t be t be
displ displ displ displ displ displ displ displ displ displ displ
EC2 aye EBS aye S3 aye ROUTE
aye53 REDSHIFT
aye RDS aye LAMBDA
aye KMS aye KINESIS
aye IAM aye EMR aye
AWS d. d. d. d. d. d. d. d. d. d. d.

VM DISK STORAGE SQL SEARCH REDIS DNS APP TRAFFIC KEY FUNCTIONS

AZURE

* * * * *

INSTANCE DISK STORAGE BIG CLOUD DNS APP

QUERY SQL ENGINE
GCP
©2019 VMware, Inc. 37
Terraform Integration
Embrace and integrate with Terraform
USE BLUEPRINTS USE TERRAFORM TEMPLATES*
*Roadmap

Cloud Assembly building blocks Terraform plugin for Cloud API Terraform plugin for Catalog Items
based on Terraform resource types

Cloud Assembly
Terraform Terraform
templates templates
EC2 EBS SOURCE CODE SOURCE CODE
REPOSITORY REPOSITORY
RDS LAMB
DA

VM DISK

Use Cloud API from Use Service Broker

REDIS DNS

Terraform catalog items from

Terraform

Terraform CLOUD API CATALOG API

resource types

Compute Storage Network

©2019 VMware, Inc. 38

Demonstration
Native Public Integrations

©2019 VMware, Inc. 39

Extensible Pipelines through
Code Stream

©2019 VMware, Inc. 40

Application Delivery Lifecycle Has Evolved

Source
Source Code 1 Production 7 Monitor
Control

2 6 8

CI Server UAT Rollback

3 5 9

Artifact
4 Development Analyze
Repository

Continuous Integration Continuous Delivery Continuous Monitoring

©2019 VMware, Inc. 41

 Two Key Types of Pipelines – Infrastructure and Apps

Infrastructure Pipelines
• Separate Git for each
Plan Save Check Create Monitor,
Approval for /Update Notify Environment
Changes Changes changes Dep. Rollback
Infra • Plan, Check, Update
Deployments
• Integrate with Blueprints,
K8s
2
Application Pipelines
• Separate Build and
Build Create Dev & Deploy E2E Tests Approval Update Deployment pipelines
Image Test UAT Prod
App • Deployments through
Blueprints, K8s
• One image update at a time

©2019 VMware, Inc. 42

Code Stream – Tito Application
Pipeline integrations

Git trigger Performance Blue Green Threat

Deploy to
Blueprint UI Test Load Test Analysis Failover Detection
any Cloud

T T T T
h The Th Th he
pict h h
e e e e e pi
p ure pic pi ct
can’ p pi
i i tur ct ct ur
c t be e ur e
disp c u
t t ca r e ca
u laye n’t ca n’t
d. u e
r r be c n’t be
e e dis a be di
c c pla n’ di sp
a a ye t sp la
VMware n n d. b la ye
’t ’ e ye d.
The
Codestream b t di d.Th pictur
e b s e
pict e
d e pl can’t
i d a ure
be
VMware
s i y ca
displ
Slack Amazon
n’t
p s VMware
e VMware
ayed.
Cloud Assembly
l p d. be
Route53
dis
a l Wavefront Secure State
y a pla
e y ye
d e d.
. cypress.io
d locust.io
.

©2019 VMware, Inc. 43

Demonstration
Code Steam

©2019 VMware, Inc. 44

Cost and Compliance with
CloudHealth

©2019 VMware, Inc. 45

 Roadmap

Cost Visibility
Cost information at multiple levels

ORGANIZATION

Cloud
Admin Display costing at a
COMPONENT COST deployment, resource,
and project level
PROJECTS
Calculate individual
PROJECT LEVEL
AGGREGATED COST component costs for
workloads

DEPLOYMENTS

*
DEPLOYMENT LEVEL
COST
Real cost information
with advanced reports
and drill-down for
public clouds
©2019 VMware, Inc. 46
 CloudHealth Features
• EC2, EBS, VM,
• Group by line of SQL rightsizing
Perspectiv Rightsizin
business for across CPU,
chargeback or es g
memory,
showback network, disk

• Graphical,
• Cost savings
tabular, multi- Dashboard Cost
recommendations
dimensional s and manageme
nt • Amortization,
• Across multiple reporting budgeting,
clouds, on-prem,
Optimization forecasting
and containers Visibility

• Enhance the tooling Reserved

you already use Integration instance • Plan, buy,
Governance manageme
• Connect Datadog, s manage
New Relic, Puppet, nt Standard and
Slack, JIRA, and Convertible RIs
more Automated
Security
Actions
Policies
• Manage
compliance to • Take automated actions
policies such as CIS such as start, stop, delete
• Automatically get • Set and ensure policies assets
alerted of security throughout a distributed
©2019 VMware, Inc. risks organization 47
 5

Thank You!

#v FORUMAU
 Join the
conversation
#vFORUMAU @VMwareAU

#v FORUMAU