vRealize Automation 8.9 Key capabilities

 

 vRealize Automation 8.9 Key capabilities

 VMware  has Announced General Availability of VMware vRealize Automation 8.9 as on August 9, 2022. This release focuses on facilitating unified governance and consumption of Kubernetes and VM-based workloads and enhancing PublicCloud  governance and policy management. 

Kubernetes Automation

• Tanzu Mission Control Integration. As multi-cloud is becoming the norm in large organizations the need for consistent management across different clouds and workload types is becoming more and more important. Cloud operators and SREs are required to support seamless user experience and provide near 100% availability regardless of the disparate nature of the underlying technologies. The mix of brownfield and greenfield, cloud native and traditional workloads, along with the ever-increasing scale prevents the promise of the cloud around agility and simplicity from getting realized while most enterprise environments look more like spaghetti bowls than clouds. A real SRE crisis.
  
  VMware is bringing its top guns to solve this problem. The vRealize Automation Cloud July 2022 release will integrate with Tanzu Mission Control to tackle the problem of unmanageable cloud complexity by facilitating unified governance and consumption of cloud, VM, and Kubernetes-based workloads.
  
  Customers that have an entitlement to vRealize Automation Cloud and Tanzu Mission Control can design and deploy Kubernetes clusters from vRealize Automation Cloud, while simplifying management at scale by inheriting Tanzu Mission Control policies through its cluster groups and complying to vRealize Automation Cloud rules and constraints. More specifically with this integration:
• Cloud administrators and operators can deliver Tanzu Mission Control-created rules and self-service lifecycle management through vRealize Automation Cloud catalog.
• Cloud admins can attach a cluster to a cluster group and this cluster will inherit policies that are created by Tanzu Mission Control for the respective cluster group.
• DevOps and Developers can now use a single platform for consuming cloud infrastructure and Kubernetes based on a consistent operating model. Admins can retain the richness of their individual tools for VM and Kubernetes design while providing a unified experience for users.
  
  Learn more:
• Introducing the Tanzu Mission Control Integration for vRealize Automation Cloud
• VMware Tanzu Mission Control

Multi-Cloud Automation

• vRealize Automation Cloud Guardrails enhancements. We introduced vRealize Automation Cloud Guardrails, a multi-cloud governance and policy management capability, in tech preview with the vRealize Automation Cloud May 2022 release. vRealize Automation Cloud Guardrails is intended to primarily address the public cloud governance use case. It helps automate the enforcement of cloud guardrails for networking, security, cost, performance, and configuration at scale for multi-cloud environments with an everything-as-code approach. The outcome is being able to help ensure environments and apps are secure, apps are performing and available, and cloud costs are optimized across public clouds.
  
  With the latest vRealize Automation Cloud July 2022 release, we’ve further enhanced vRealize Automation Cloud Guardrail’s visibility and enforcement capabilities. New functions added include, cloud visibility, AWS member account view, enforcement scheduling, account discovery scheduling, account profiles, content library clean-up, and native project management. These enhancements enable vRealize Automation Cloud Guardrails to make provisioning, policy enforcement, and continuous management of multi-cloud environments easier, and quicker.
  
  Learn more:
• Blog – Cloud Guardrails – Desired state scheduled enforcement, drift visibility, and more…
• AWS GovCloud regions support. vRealize Automation now supports both US-East and US-West AWS GovCloud regions.

Note that the Tanzu Mission Control integration and vRealize Automation Cloud Guardrails are currently only available with vRealize Automation Cloud.

Source;-

VCAP-CMA Design 2022 certification Tips

 This week I finally passed the VCAP-CMA Design 2022 certification. I passed the exam in my second attempt with a score of 324 out of 500 where 300 is required to pass.

 

I was very confident that I would pass the exam for the first time, but I would not clear in the first attempt .

 

The Design exams are more like VCP exams with multiple choice questions and Deploy exam totally lab base exam. I am planning to attend the Deploy exam in the coming months.

 

VCAP-CMA Design 2022 certification consists of 60 questions, and you will have around 145 minutes available. Most of the questions are multiple choice. Some of the questions have a lot of text, which consume more time for reading and understanding. In this exam you really understand the question, what they are asking for. This is one of the biggest things to prepare for in this exam.

 

As you know, VCAP-CMA Design 2022 certification is a bit tricky, and it was expected. Do more focus on selecting the correct answer. There are few questions that do not have alternatives but by reading the question two and three times you will understand that you need to find the correct answers.

 

VCAP-CMA Design  2022 test?

• VMware vRealize Automation (2V0-31.21) exam has  145 minute with 60 Questions and costs $450 USD.
• Currently, you can take the VCAP-CMA Design  online via a remote proctored exam or in person at a test facility.
• More information about this exam check out this URL 

Exam Tips:

1-      Once you register for the exam, you will get an email from OnVue with 2 links.  One tested your environment to make sure you met certain standards (Audio, video, and microphone) and the other link belong for the day of the exam.

2-     The process to take a remote proctored test was simple and convenient. 

3-     Make sure you are familiar with   OnVue Online proctoring technical requirements as They are a bit strict about rules so make sure you are ready to go.

4-     One of the requirements is to have a very clean desk. 

 

Exam Questions Tips:

1-     Some questions are very short, and some are very long. Long questions will consume more time for reading,

2-     Some are tricky and take a lot of time to complete and some do not.

3-     If you are reading part of the question or didn’t read it thoroughly you might easily miss something.

4-     Do not waste your time — If you do not know the answer to a question, mark it in your list and move on. if time allows, come back to it.  Just try to get as many questions completed as possible. Do not leave any question unattended.

 

Study Tips:

My primary resources are below

VMwarevRealize Automation Documentation

VMwareValidated Solutions – March 2022 Update

VMwareValidated Design

exam preparation guide

vRealize Automation 8.xReference Architecture

vRealizeAutomation Design

I enjoyed taking the VCAP-CMA Design exam.  It was interesting and challenged me technically.  Some of those questions really confuse me but I knew right away.  If anyone wants to pass this exam, then I suggest them ,study hard and  experience will  help  them succeed.  Best of luck on your certification!

What is new in VMware vRealize Automation 8.8

 

 VMware  has Announced General Availability of VMware vRealize Automation 8.8 as on April 28, 2022. With this release, VMware has provided several enhancements and new capabilities. 

This creates an opening, particularly for IT infrastructure and operations teams that maintain the needs of developers and DevOps engineers, to streamline IT delivery processes by embracing modern automation practices. Because the existing IT infrastructure processes have been too tightly coupled and too inflexible to maintain modern application development practices, developers have embraced public clouds and open-source tools without a lot of IT oversight. Therefore, modernizing IT processes with automation holds the key to empowering IT to drive innovation together with developers in a safe, compliant, agile, and scalable way.Key vRealize Automation 8.8 capabilities and enhancements include:

• Multi-level approvals. Enable customers to define an approval policy and provision workflows in their environments. This feature adds the ability to specify the level of approval when multiple policies meet approval criteria. This allows approvals to send out sequentially, requiring multiple approvals before a requested cloud template is deployed. Use cases include an administrative approval, followed by a finance approval, to ensure that a provisioning request follows all policies and is within budget.

• Custom naming. Allow admins to easily manage and automate multiple naming standards. vRealize Automation has completely evolved the original feature to offer a wide range of additional features included unique profiles based upon scope, unique increments, and patterns per resource type, configure increment settings, expanded properties for the format, and matching patterns to support additional unique counters specific to a property.

• Day 2 operations for vSphere with Tanzu Kubernetes Grid (TKG) clusters. Enhance automation by provisioning Tanzu Kubernetes Clusters to update the Kubernetes version, Tanzu Cluster VM classes and scale worker nodes.

• Change Owner Day-2 Action support for AD Group Users. Facilitate the change of a deployment owner to users belonging to AD groups, such as project administrator or project member. Following this enhancement, users can easily provide AD groups with access to vRealize Automation and move ownership between users.

• vRealize Lifecycle Manager support for vRealize Orchestrator. Enable vRealize Lifecycle Manager support for vRO lifecycle management, including vRO installation, configurations, upgrades/patching, import, day-2 operations, and API automation. This feature allows customers to upgrade their entire vRealize infrastructure through a single pane, including external vRO instances, which leads to a dramatically lower operational cost.

Key vRealize Automation use cases:

• Self-Service Cloud. Evolve your VMware data center to private or multi-cloud infrastructure based on VMware Cloud Foundation and VMware Cloud.
• Security Operations. Harness event-driven automation to deliver full-service, closed-loop IT system compliance enforcement and vulnerability remediation.
• DevOps for Infrastructure. Enable a powerful Infrastructure as Code platform with support for infrastructure pipelining and iterative development.
• Kubernetes Automation. Automate the management of Kubernetes clusters and namespaces with support for vSphere with Tanzu.
• Network Automation. Automate VMware NSX to enable faster deployment and complete lifecycle automation of traditional and modern applications.

Learn more about vRealize Automation 8.8 and its new features – please check out these technical blogs:

• Approval Policies in vRealize Automation
• Cloud Assembly Custom naming re-imagined
• What’s New in vRealize Suite Lifecycle Manager 8.8
• New vRealize Automation Reddit Community Channel
• New Learn vRealize Automation Sites

 

CloudHealth key outcomes

 CloudHealth by VMware gives customers complete visibility into cloud and container costs, usage, and performance.

 So using Cloud health you can  deliver higher quality products faster, while keeping costs under control across thousands of resource deployments.

In this blog I am going to describe key feature of CloudHealth 

Multi Cloud strategies: - Cloud health provides below benefits.

Flexibility

Improved disaster recovery

Potential negotiation power

Less Signal vendor dependency

In public cloud customers have the biggest challenge as they have low visibility, increasing spend, over provisioning resources and lack of governance and control. Even the biggest customer problem is managing over provisioning issues and not even understanding how to manage ongoing provisioning on the public cloud. Cloud health addresses all these challenges and helps customers to manage AWS, Azure, google cloud and oracle environment in consolidated platforms across in their organization.

Cloud health provides visibility, Optimization, Governance that customers need to realise their business transformation   in the cloud.

There are three areas of excellence: financial, operation, security, and compliance. The organization needs to focus on as they grow and mature management on cloud. Typically cloud journeys began to address challenges around gaining visibility to decentralize multi cloud environments. Without Visibility companies struggle with protraction and forecasting cost.

Optimization involves identity cost saving, time saving due to operation efficiency improvement.

Cloud health seeks to enable customers to transform the business in cloud computing and limit their burden to manage their cloud. Cloud health is a single product to manage their multi cloud Portfolio, better visibility, governance, optimization, and automation across the entire portfolio. Cloud health enables individuals to make smart decisions thousands of times today. Cloud health works for all Major public and hybrid clouds and across all SaaS applications.  

Cloud Health helps organizations to drive accountability and improve collaboration.

Cloud Health is Single platform to provide visibility on AWS, Azure, Google cloud, as well as on prem platform. Simplify Finance management report on charge back spends on cost center. Drive accountability against budget for different teams to save money in the cloud through cost and resource optimization.

 

 

Cloud Health Key Benefits are below.

1-      Increase Agility - CloudHealth allows customers to get back to focusing on the reason they adopted the public cloud in the first place. Manage agility, flexibility and innovation using CloudHealth. Platforms improve governance and which result faster time to market and higher ROI. Cloud Health enables customers to increase agility. CloudHealth customers can deliver higher quality products and solutions faster, while keeping cost under control and reducing complexity with complete visibility and spend across public and private cloud as well as containerize environment. Customers confidently control their cloud journey. CloudHealth is a single source of truth for customers in a multi cloud environment.

2-      Improve collaboration: - Allows customers to drive consistent best practices throughout the organization from finance, engineering to IT operation. When an organization uses CloudHealth, the business unit and department better align and commit decisions faster. This allows customers to drive consistent best practices through organization, increase productivity, Improve collaboration and communication.

3-      Drive Innovation: - With cloud Health company concern to notify or take automated action, when infrastructure violates policy. This provides freedom to innovate and try new services knowing the cloud aligns with their business.

 

Cloud health Capability

CloudHealth is a robust and multi cloud management platform. customers can save money, reduce risk, and let the team spend less time on many tasks. Here are the capabilities to help organizations transform their business using CloudHealth.

Customers can import dashboards and broken down by project, team, department, and business unit to help customers to gain granular visibility into all cloud environments. Executives and stakeholders can subscribe to this report and analyze them for maximum business impact.

Customers can analyze detailed cost usages reports and leverage historical data, accurate forecasting and capacity planning.

Cloud health empowers the customer to get the most out of their cloud environment and enables them to make inbound databank decisions to drive the business.

 

Cost and Resource Optimization

Customers can manage discounts from multi cloud providers throughout their entire lifecycle to maximize saving.

 

Customers can analyze granular resource usage data to improve fiancé and reduce wastage.

Customers can gain visibility and optimization on Kubernetes and Amazon ECS and EKS environments.

 

Governance, Automation & collaboration

CloudHealth helps customers to gain consistency and control on their cloud environment by implanting governance policy and automation action. Customers can build custom policy and workflow to maintain hand of control over cloud usage.

Customers can easily integrate CloudHealth with existing tools to easily align with their cloud strategy with top business initiative.

Customers can bring the data from multiple streams together for a holistic view of their cloud environment.

CloudHealth enables customers to share reports and dashboard to increase transparency and drive accountability across lines of business.

CloudHealth helps customers to understand the true cost of ownership before and after migrating workload to the cloud .

What is new in VMware vRealize Automation 8.7

 

VMware vRealize Automation 8.7 has released as on March 22, 2022. With this release, VMware has provided several enhancements and new capabilities. The latest release of VMware’s powerful and easy-to-use infrastructure automation platform. With a modern infrastructure automation solution, customers can help reduce overall application development cost, complexity, time to market, and optimize operations across a multi-cloud environment. The result? IT efficiency, security and agility that supports business revenue growth.

Key vRealize Automation 8.7 capabilities and enhancements include:

• SaltStack and CarbonBlack integration. Enable VMware customers to combine intelligent vulnerability insight from Carbon Black Cloud Workload with the powerful IT automation from vRealize Automation SaltStack SecOps. By integrating these technologies, security and IT teams can bridge the gap between security and IT workflows and deliver the last mile of security remediation through a unified, automated solution.

 

• On-demand workload clusters on vSphere with Tanzu. Empower DevOps teams to request vSphere with Tanzu Kubernetes Grid (TKGs) clusters in a self-service fashion, either via VMware Cloud Templates, or via the vRealize Automation Service Broker self-service catalog interface. Following this enhancement, users can create TKGs clusters to extend the automated provisioning and management services of TKGs across their vSphere environment.

 

 

• Deployment limit policy enhancements. Allow cloud admins to define deployment limits and restrict CPU (Central Processing Unit) count, memory, and VM (Virtual Machine) count. These policies also enable cloud admins to define deployment resource limits and restrict CPU count and memory of specific resources within a larger deployment.

 

• Resource Center enhancements. Enjoy a simplified view of discovered resources and day 2 actions on the Resources tab aimed at helping cloud admins and end users manage cloud resources across compute, storage, networking, and security. This release provides support for greenfield and brownfield customers throughout the cloud journey, regardless of their environment and structure, by enabling them to manage resources from all backgrounds.

 

 

• Dynamic job inputs for SaltStack configurations. Help admins to make jobs more dynamic, avoiding sprawl and enable jobs to be executed as self-service. In addition, admins can choose to use the drop-down parameter list, without deep knowledge of the infrastructure, to complete tasks. This feature brings flexibility, reusability and expands the personas who consume the jobs.

 

• Custom remediations for SaltStack SecOps. Discover remediation of unsupported vulnerabilities. With this release, customers will be able to associate custom remediations to unique vulnerabilities and use it for any future encounters.

 

VMware Link

Add Tanzu Kubernetes Grid management cluster with Tanzu mission control

 In this post, I will help you to know , how to add Tanzu Kubernetes Grid management cluster with Tanzu mission control

Adding Tanzu Kubernetes Grid management clusters with Tanzu Mission Control allow you to provision and manage Tanzu Kubernetes clusters by using the Tanzu Mission Control dashboard.

 Before registering your Tanzu Kubernetes Grid management cluster with Tanzu Mission Control must be meet below prerequires.

• You must be a member of VMware Cloud Services organization that has access to Tanzu Mission Control. For more information,
• Management clusters that you register in Tanzu Mission Control must be production clusters with multiple control plane nodes. This configuration allows Tanzu Mission Control to support complete lifecycle management for Tanzu Kubernetes clusters that are managed by the management cluster. For more information.

you can only register Tanzu Kubernetes Grid management clusters that are deployed on certain infrastructure providers.  Below are the list of currently supported . providers.

Configuration Requirements for Registering Tanzu Kubernetes Clusters

To effectively use Tanzu Mission Control to manage your Tanzu Kubernetes clusters, make sure that your clusters abide by the following configuration guidelines.

• Your Tanzu Kubernetes Grid management cluster must be a production cluster with multiple control plane nodes.
• Tanzu Kubernetes Grid workload clusters need at least 4 CPUs and 8 GB of memory.
• To add a Tanzu Kubernetes Grid workload cluster to Tanzu Observability, the cluster must have a minimum of two worker nodes.

Supported Environments for Registering Tanzu Kubernetes Clusters

Tanzu Mission Control supports the registration of management clusters running in the following environments:

• Tanzu Kubernetes Grid Service Supervisor Clusters running in vSphere with Tanzu or running in .
• Tanzu Kubernetes Grid management clusters (version 1.3.1 or 1.4.1) running in Microsoft Azure.
• Tanzu Kubernetes Grid management clusters (version 1.4.1) running in Amazon Web Services (AWS).
• Tanzu Kubernetes Grid management clusters (version 1.3) running in vSphere on Azure VMware Solution (AVS).
• Tanzu Kubernetes Grid management clusters (version 1.2 or later) running in vSphere, including vSphere on VMware Cloud on AWS (version 1.12 or 1.14).

Do not attempt to register any other kind of management cluster with Tanzu Mission Control.

• Tanzu Mission Control does not support the registration of Tanzu Kubernetes Grid management clusters prior to version 1.2.

AWS

Before deploying your management cluster on AWS, ensure that the tkg-cloud-vmware-com CloudFormation stack in the target AWS account includes the IAM permissions listed in Permissions Required by Tanzu Mission Control. These permissions are included automatically when you create or update the CloudFormation stack by running the tanzu management-cluster permissions aws set command.

If you configured the IAM permissions defined in the CloudFormation stack manually, you must add the permissions listed in Permissions Required by Tanzu Mission Control to the nodes.tkg.cloud.vmware.com IAM policy or role.

 

Procedure

After you have deployed your management cluster through the Tanzu Kubernetes Grid installer interface or the Tanzu CLI, follow these instructions in the Tanzu Mission Control .

Procedure

1.     In the Tanzu Mission Control console, click Administration in the left navigation pane.

2.     Click the Management clusters tab.

3.     Click Register Management Cluster, and then choose the kind of cluster you are registering.

4.     On the Register page, provide a name for the management cluster, and select a default cluster group for workload clusters.

When you add workload clusters, you can choose the cluster group into which to place them. This setting simply indicates the default choice.

5.     You can optionally provide a description and labels for the management cluster.

6.     Click Next.

7.     You can optionally select a proxy configuration for the cluster.

a.     Click to toggle the Set proxy option to Yes.

b.     Select the proxy configuration you defined for this cluster.

c.     You can optionally specify an alternative proxy configuration to use as the default selection for managed workload clusters.

When you add workload clusters, you can choose which proxy configuration to use. This setting simply indicates the default choice.

8.     Click Next.

When you click Next, Tanzu Mission Control generates a YAML file that defines how the management cluster connects to Tanzu Mission Control for registration. The credential provided in the YAML expires after 48 hours. You can optionally click View YAML to see the code.

9.     Copy the URL provided on the Register page, and give it to the administrator of your Tanzu Kubernetes Grid deployment to install the cluster agent on your management cluster and complete the registration process.

For clusters running in vSphere or vSphere with Tanzu, this is typically the vSphere administrator.

10.  Click View Management Cluster.

 

Below  procedure assumes that you have already started the registration process in Tanzu Mission Control.

 

Procedure

1.     If you are using a proxy configuration, use the generated tmc command to register the cluster.

a.     In a command window, log in with the Tanzu Mission Control CLI (tmc), making sure you have the latest version.

b.     Run the tmc managementcluster register command provided by Tanzu Mission Control, inserting the appropriate kubeconfig.

For example:

tmc managementcluster register my-mgmt-cluster --kubeconfig my-mgmt-cluster-kubeconfig --continue-bootstrap

2.     Use the generated YAML manifest in a kubectl apply command to register the cluster, if you are not using a proxy configuration.

a.     In a command window, connect to the management cluster with kubectl.

Make sure your current context is set appropriately for the management cluster you want to register, and not one of its workload clusters.

b.     Run a kubectl apply command like the following to start the installation.

Make sure you use the URL provided by Tanzu Mission Control, and that it is enclosed in quotes.

kubectl apply -f "https://my-org.tmc.cloud.vmware.com/installer?id=verylonginstallerid&source=registration"

Results

When you run the appropriate command, a namespace called vmware-system-tmc is created, and then the Tanzu Mission Control cluster agent is installed on the management cluster. The installation process may take a few minutes.

When the installation is complete, your management cluster is registered with Tanzu Mission Control. You can return to the Tanzu Mission Control console and view the registered cluster on the Management clusters tab of the Administration page. It might take a few minutes for Tanzu Mission Control to start receiving health information from the management cluster.

 

After you successfully register a management cluster, you can add any existing Tanzu Kubernetes clusters that are currently managed by the management cluster to Tanzu Mission Control