In our last post we created a reservation to limit the resources that our business group can use for service deployments. But before we get into building services, we want to create a custom group that will allow the tenant administrator to regulate who has permissions to do certain tasks within that tenant. This is really helpful in a enterprise environment when there may be many people with different roles within a organization and not everyone needs access to do everything within vRA.
In our last post, we created a business group that we will use now to create a reservation of resources for. A vRealize Automation reservation is a means to allocate resources in a fabric group (CPU, RAM, Storage, etc.) to a specific business group. To begin, we need to navigate to Infrastructure > Reservations and click Reservations.
Our next step in the initial setup of vRA 7 after creating our fabric group, is to create a business group. A business group associates a set of services and resources to a set of users, often corresponding to a line of business, department, or other organizational unit. Business groups are used when creating reservations and entitling users to items in the service catalog. Before a user can even begin to request catalog items, they must belong to a business group. But before we get into creating the business group, we might want to go ahead and create a machine prefix as this will be one of the options that we set when we create the business group. You use machine prefixes to generate the names of provisioned machines. To create a machine prefix navigate to Infrastructure > Administration >Machine Prefixes. Click New and enter in the the prefix name, number of digits and next number. In this case, the first computer name will be DEV-000 since the number of digits is set to 3 and the next number is 0. The next machine would be DEV-001 and so on and so forth.
Now that we have setup our endpoint and a data collection has ran to discover our vCenter resources, its time to start carving those resource up for use…and fabric groups are the starting point. An IaaS administrator can organize compute resources into fabric groups by type and intent. One or more fabric administrators manage the resources in each fabric group. Fabric administrators are responsible for creating reservations on the compute resources in their groups to allocate resources to specific business groups. Fabric groups are created in a specific tenant, but their resources can be made available to users who belong to business groups in all tenants. To begin with creating our fabric group, we need to login as the IaaS administrator and navigate to Infrastructure > Endpoint > Fabric Groups. Click New
So far, we’ve created our tenant and we got the tenant setup with Active Directory authentication. The next step we want to take is to create a vSphere endpoint that will allow vRealize Automation to communicate with the vSphere environment and discover compute resources, collect data, and provision machines. To begin, we must first login to our tenant as a IaaS administrator. Once we have done that, we want to navigate to Infrastructure > Credentials to enter in the credentials that the endpoint will use to login in order to see the available resources. Click New.
After we have created our first tenant the next step will be to integrate user authentication via Active Directory. To being doing so, we must first log in to our default tenant as our tenant administrator. Navigate to https:// FQDN of vRA Appliance/vcac/org/vsphere.local. Enter in the username and password of the tenant administrator.
This post will be a short walkthrough on how to create a tenant in vRealize Automation 7. After you complete the initial installation of vRA, you have the default tenant that is created. The default tenant is not where we want to create and deploy any services. The default tenant should be used for creating other tenants and defining other administrators. To begin creating our first tenant we must first log into our default tenant. Navigate to https://FQDN or IP of vRA appliance/ and login with the administrator account that was created during installation