What you consider adding the SaltStack Config resource in your Cloud Assembly designs.

 

In this blog, I’m going to explain what you consider adding the SaltStack Config resource in your Cloud Assembly designs.

 

If you integrated Salt Stack Config with vRealize Automation, you could apply the Salt Stack Config resource to install the minions on virtual machines in your deployments. After the minion is deployed, you can use Salt Stack Config's powerful configuration management, drift remediation, and state management capabilities to manage your resources.

Minions are agents that run the salt-minion service. The service subscribes to jobs published by a Salt master, which is a server that runs the salt-master service. When a specific job applies to a minion, the minion executes the job.

There are three types of minions in the Salt environment:

 ·       Agents that run the salt-minion service.

·       Proxy minions that manage devices that cannot run the salt-minion service.

·       Agentless minions that run Salt commands on a system without installing a Salt minion.

You can use the Salt Stack Config resource to deploy minions and apply state files when you deploy Linux and Windows machines. To add or update minions and state files on existing deployments, you can run the Attach Salt Stack Resource Day 2 action.

If you used the salt Configuration property to deploy minions and state files as a day 0 action, update your cloud templates to use the Salt Stack Config resource. The salt Configuration property is now deprecated.

The Apply Salt Configuration Day 2 action is still available for resources that use the salt Configuration property.

Before you start

1.     Verify that you installed SaltStack Config and configured the integration. See Configure a SaltStack Config integration in vRealize Automation.

To familiarize yourself with how SaltStack Config works, including the key concepts of minions, see Understanding the SaltStack User Interface.

2.     In SaltStack Config, verify that the FQDN name resolution from minion to master is working.

a.     To verify the FQDN on the Salt master in SaltStack Config, select Minions > All Minons.

b.     Filter the Minion ID column for the value saltmaster.

c.     Click saltmaster to see the details.

d.     Verify that the FQDN value is correct.

3.     If you are deploying minions on a Linux machine, verify that the images in vSphere that you intend to deploy with a Salt minion have SSH capabilities enabled. SSH is used to remotely access the machine and deploy the minion.

4.     If you are deploying minions on a Windows machine, see How do I deploy minions using the API (RaaS) in a Windows environment.

5.     If you are deploying minions on a virtual machine that has VMware Tools installed and a Salt minion configured, verify that the VMware Tools Salt minion key appears under the Accepted tab in the Minion Keys workspace in SaltStack Config. See Enable Salt minion using VMware Tools for more information.

Note: If the VMware Tools Salt minion is an older version, deploying a minion against the virtual machine does not upgrade the Salt master to the latest version. You must upgrade your Salt master manually. See Upgrade the Master Plugin for more information.

6.     Verify that you can assign IP addresses to the machines you deploy.

SaltStack Config requires the machines to have IP addresses. Use the IP addresses for the public IP CIDR range for the SDDC (software-defined data center) where your Salt master is located.

7.     Verify that the cloud template that you are adding the minion to is deployable before you add the SaltStack Config resource properties.

8.     Verify that you have the following service roles:

1.     Cloud Assembly administrator

2.     Cloud Assembly user

3.     Service Broker administrator

These service roles are required to use the SaltStack Config resource.

 

Stay with me 😃 In my next blog, I will cover below topics.

 

1-     Add the SaltStack Config resource to the cloud template

2-     Troubleshoot minion deployments

3-     Add the SSC minion to deployments in air-gapped environments

 

What is new in VMware vRealize Automation 8.10.0

 

VMware has released VMware vRealize Automation 8.10 as on October 2022. With this release, VMware has provided several enhancements and new Features.

This is released introduce the ability for SaltStack users to view grains data of the salt vms at the time of deployment in Cloud Assembly and also resolved the issue , Spaces in Action Based Extensibility name is causing some issues in UI

New Features

• Cloud Guardrails (vRA Cloud Only) - Guided Setup

A guided setup is now included in Guardrails. This feature takes you through guided steps to onboard the cloud environments into Guardrails and enforce governance.

• Display salt grains data in Cloud Assembly for a more detailed resource view

This release provides the ability for SaltStack users to view grains data of the salt vms at the time of deployment in Cloud Assembly.

• Provide the ability to set custom salt grain data with SaltStack Config resource on Cloud Template

Cloud admins can now set custom salt grains as part of SaltStack Config Resource on a Cloud Template. This enables the cloud admins to manage the provisioned resource using the highstate file.

• Custom form fields with defined valueList are displayed as multi value picker

When adding a row or object fields in the custom forms designer, complex nested fields that have a defined valueList in their schema are now displayed as Value Picker or Multi Value Picker with enhancements to show default labels.

• Integration support between vRA and vRO user interactions

The vRA and vRO integration now supports 'User Interaction' during provisioning to Allow the ability to collect information that may not be known during the request time. This feature has these limitations:

• Nested workflows containing Manual User Interactions don't create work items under 'Inbox' tab. In that case, the interaction can only be answered from vRO directly.
• Script operations on LdapUsers and LdapGroups from executions from vRA won't yield result
• Requires the latest version of vRO (8.9.1) to work properly, due to fixes in vRO itself
• Variables of type SecureString cannot be displayed in the MUI form properly

Supported for Catalog Items, Custom Resources and Resource Actions. Learn more about user input requests.

Resolved Issues

• Default cluster group is not enabled for Cloud Assembly user with custom role

Cloud assembly user with custom role for managing integrations can't select default cluster group on TMC integration.

• Error importing Qualys scan results in Saltstack (SecOps) config UI

Importing latest version of Qualys scan report results in an error in Saltstack config (SecOps) UI.

• vRA deployed boot disk show as Discovered in resource center

Boot disk which is a part of the deployment appears as deployed/onboarded resources ** in resource view.

• Spaces in Action Based Extensibility name is causing some issues in UI

When working with an action name that starts or ends with a white space, you cannot search for these actions in the UI. In the editor the white space is trimmed, resulting in an error  “Action is not in same project as Flow ”, because the action with the trimmed name could not be found.

• First Class Disk resize from vRA fails on vCenter versions >= 7.0.3

From vRA, the resize action on a First Class Disk attached to a VM fails on vC version 7.0.3. The same action completed successfully when performed directly on the vCenter using PowerCLI. The issue is identified with the fail fast mechanism present in vRA that checks if the disk is attached and immediately fails the request.

• Inconsistencies with data may occur when switching from text to password field in custom form

Data inconsistencies might occur when service broker admins switch from text to password field in custom form. 

• vRealize Orchestrator (vCOIN) - Context Actions sometimes are not Initialized on clean setup

When an administrator tries to assign a context action from a workflow page it may throw an error.

Note: If an error occurs again after the upgrade, log into the vRO Web Client with an administrator account to the Configurations page, and delete the configuration elements residing in the following directory - '/vCOIN/_system'. Then login again in the vSphere client with administrator account and navigate to the context actions page and retry again.

• vRealize Orchestrator(vRO) - Scheduled tasks were failing intermittently because the authentication tokens had to be renewed.

The issue is now fixed with this release. vRO Scheduled tasks no longer require authentication tokens to be renewed for non-administrator users when not using the vRA plugin in the Workflow. Scheduled tasks will continue to run successfully.

• REST operations fail to encode special characters

As of 8.8.0 vRO version, invoking REST operations with query parameter values that contained certain special characters ($, ) failed with "Illegal group reference" error. Another manifestation of this bug could be incorrectly sent query parameter values, which didn't match the server's expectations. 

Resolution: Upgrade vRO platform version to 8.10.0 or upgrade just the REST plug-in to the build released with vRO 8.10.0

• Overprovision occurs when attempting to onboard past resource limits

Analysis of Relocation showed that the Provisioning Service API erroneously returned a capacity that was available when in fact it shouldn't have been. This was reflected by the cloud zone where resources were not consumed by onboarded workloads when they should have been.

Now, the requests coming to provisioning service are now serialized, so capacity requests and allocation worked as expected.

Changed and Deprecated Functionality

• Deprecate PowerCLI 11.5

Powershell 6 with PowerCLI 11.5 has been deprecated. Use PowerCLI 12.7.0 in its place.

• SaltStack Config

Upcoming in the October 2022 (next) release, the saltConfiguration property will be deprecated and removed. Users are encouraged to use the saltResource property in its place

Navigate Your Cloud Journey with VMware Cloud on AWS:

 If you are Planning to Join VMware Explore 2022 in San Francisco, August 29–September 1, and connect on your cloud journey.  AWS will have experts presenting on a diverse lineup of business and technical content.

Here’s a quick snapshot of sessions specific to VMware Cloud on AWS:

• Navigating Business Transformation Goals with VMware Cloud on AWS |
  Session ID: 3034
• Effective Migration Strategies: Lessons from large-scale migrations to AWS |
  Session ID: 3032
• Migration and Modernization at Scale with VMware Cloud on AWS |
  Session ID: MCLB3036USS
• Integration of Amazon FSx for NetApp ONTAP with VMware Cloud on AWS |
  Session ID: CEIB3040US
• Accelerating Cloud Migrations with VMware Cloud on AWS Outposts |
  Session ID: CEIB3041US
• Cloud Migration and Disaster Recovery with Modernization using VMware Cloud on AWS | Session ID: CMB2893US

Meet AWS at VMware Explore booth 1001

vRealize Automation 8.9 Key capabilities

 

 vRealize Automation 8.9 Key capabilities

 VMware  has Announced General Availability of VMware vRealize Automation 8.9 as on August 9, 2022. This release focuses on facilitating unified governance and consumption of Kubernetes and VM-based workloads and enhancing PublicCloud  governance and policy management. 

Kubernetes Automation

• Tanzu Mission Control Integration. As multi-cloud is becoming the norm in large organizations the need for consistent management across different clouds and workload types is becoming more and more important. Cloud operators and SREs are required to support seamless user experience and provide near 100% availability regardless of the disparate nature of the underlying technologies. The mix of brownfield and greenfield, cloud native and traditional workloads, along with the ever-increasing scale prevents the promise of the cloud around agility and simplicity from getting realized while most enterprise environments look more like spaghetti bowls than clouds. A real SRE crisis.
  
  VMware is bringing its top guns to solve this problem. The vRealize Automation Cloud July 2022 release will integrate with Tanzu Mission Control to tackle the problem of unmanageable cloud complexity by facilitating unified governance and consumption of cloud, VM, and Kubernetes-based workloads.
  
  Customers that have an entitlement to vRealize Automation Cloud and Tanzu Mission Control can design and deploy Kubernetes clusters from vRealize Automation Cloud, while simplifying management at scale by inheriting Tanzu Mission Control policies through its cluster groups and complying to vRealize Automation Cloud rules and constraints. More specifically with this integration:
• Cloud administrators and operators can deliver Tanzu Mission Control-created rules and self-service lifecycle management through vRealize Automation Cloud catalog.
• Cloud admins can attach a cluster to a cluster group and this cluster will inherit policies that are created by Tanzu Mission Control for the respective cluster group.
• DevOps and Developers can now use a single platform for consuming cloud infrastructure and Kubernetes based on a consistent operating model. Admins can retain the richness of their individual tools for VM and Kubernetes design while providing a unified experience for users.
  
  Learn more:
• Introducing the Tanzu Mission Control Integration for vRealize Automation Cloud
• VMware Tanzu Mission Control

Multi-Cloud Automation

• vRealize Automation Cloud Guardrails enhancements. We introduced vRealize Automation Cloud Guardrails, a multi-cloud governance and policy management capability, in tech preview with the vRealize Automation Cloud May 2022 release. vRealize Automation Cloud Guardrails is intended to primarily address the public cloud governance use case. It helps automate the enforcement of cloud guardrails for networking, security, cost, performance, and configuration at scale for multi-cloud environments with an everything-as-code approach. The outcome is being able to help ensure environments and apps are secure, apps are performing and available, and cloud costs are optimized across public clouds.
  
  With the latest vRealize Automation Cloud July 2022 release, we’ve further enhanced vRealize Automation Cloud Guardrail’s visibility and enforcement capabilities. New functions added include, cloud visibility, AWS member account view, enforcement scheduling, account discovery scheduling, account profiles, content library clean-up, and native project management. These enhancements enable vRealize Automation Cloud Guardrails to make provisioning, policy enforcement, and continuous management of multi-cloud environments easier, and quicker.
  
  Learn more:
• Blog – Cloud Guardrails – Desired state scheduled enforcement, drift visibility, and more…
• AWS GovCloud regions support. vRealize Automation now supports both US-East and US-West AWS GovCloud regions.

Note that the Tanzu Mission Control integration and vRealize Automation Cloud Guardrails are currently only available with vRealize Automation Cloud.

Source;-

VCAP-CMA Design 2022 certification Tips

 This week I finally passed the VCAP-CMA Design 2022 certification. I passed the exam in my second attempt with a score of 324 out of 500 where 300 is required to pass.

 

I was very confident that I would pass the exam for the first time, but I would not clear in the first attempt .

 

The Design exams are more like VCP exams with multiple choice questions and Deploy exam totally lab base exam. I am planning to attend the Deploy exam in the coming months.

 

VCAP-CMA Design 2022 certification consists of 60 questions, and you will have around 145 minutes available. Most of the questions are multiple choice. Some of the questions have a lot of text, which consume more time for reading and understanding. In this exam you really understand the question, what they are asking for. This is one of the biggest things to prepare for in this exam.

 

As you know, VCAP-CMA Design 2022 certification is a bit tricky, and it was expected. Do more focus on selecting the correct answer. There are few questions that do not have alternatives but by reading the question two and three times you will understand that you need to find the correct answers.

 

VCAP-CMA Design  2022 test?

• VMware vRealize Automation (2V0-31.21) exam has  145 minute with 60 Questions and costs $450 USD.
• Currently, you can take the VCAP-CMA Design  online via a remote proctored exam or in person at a test facility.
• More information about this exam check out this URL 

Exam Tips:

1-      Once you register for the exam, you will get an email from OnVue with 2 links.  One tested your environment to make sure you met certain standards (Audio, video, and microphone) and the other link belong for the day of the exam.

2-     The process to take a remote proctored test was simple and convenient. 

3-     Make sure you are familiar with   OnVue Online proctoring technical requirements as They are a bit strict about rules so make sure you are ready to go.

4-     One of the requirements is to have a very clean desk. 

 

Exam Questions Tips:

1-     Some questions are very short, and some are very long. Long questions will consume more time for reading,

2-     Some are tricky and take a lot of time to complete and some do not.

3-     If you are reading part of the question or didn’t read it thoroughly you might easily miss something.

4-     Do not waste your time — If you do not know the answer to a question, mark it in your list and move on. if time allows, come back to it.  Just try to get as many questions completed as possible. Do not leave any question unattended.

 

Study Tips:

My primary resources are below

VMwarevRealize Automation Documentation

VMwareValidated Solutions – March 2022 Update

VMwareValidated Design

exam preparation guide

vRealize Automation 8.xReference Architecture

vRealizeAutomation Design

I enjoyed taking the VCAP-CMA Design exam.  It was interesting and challenged me technically.  Some of those questions really confuse me but I knew right away.  If anyone wants to pass this exam, then I suggest them ,study hard and  experience will  help  them succeed.  Best of luck on your certification!

What is new in VMware vRealize Automation 8.8

 

 VMware  has Announced General Availability of VMware vRealize Automation 8.8 as on April 28, 2022. With this release, VMware has provided several enhancements and new capabilities. 

This creates an opening, particularly for IT infrastructure and operations teams that maintain the needs of developers and DevOps engineers, to streamline IT delivery processes by embracing modern automation practices. Because the existing IT infrastructure processes have been too tightly coupled and too inflexible to maintain modern application development practices, developers have embraced public clouds and open-source tools without a lot of IT oversight. Therefore, modernizing IT processes with automation holds the key to empowering IT to drive innovation together with developers in a safe, compliant, agile, and scalable way.Key vRealize Automation 8.8 capabilities and enhancements include:

• Multi-level approvals. Enable customers to define an approval policy and provision workflows in their environments. This feature adds the ability to specify the level of approval when multiple policies meet approval criteria. This allows approvals to send out sequentially, requiring multiple approvals before a requested cloud template is deployed. Use cases include an administrative approval, followed by a finance approval, to ensure that a provisioning request follows all policies and is within budget.

• Custom naming. Allow admins to easily manage and automate multiple naming standards. vRealize Automation has completely evolved the original feature to offer a wide range of additional features included unique profiles based upon scope, unique increments, and patterns per resource type, configure increment settings, expanded properties for the format, and matching patterns to support additional unique counters specific to a property.

• Day 2 operations for vSphere with Tanzu Kubernetes Grid (TKG) clusters. Enhance automation by provisioning Tanzu Kubernetes Clusters to update the Kubernetes version, Tanzu Cluster VM classes and scale worker nodes.

• Change Owner Day-2 Action support for AD Group Users. Facilitate the change of a deployment owner to users belonging to AD groups, such as project administrator or project member. Following this enhancement, users can easily provide AD groups with access to vRealize Automation and move ownership between users.

• vRealize Lifecycle Manager support for vRealize Orchestrator. Enable vRealize Lifecycle Manager support for vRO lifecycle management, including vRO installation, configurations, upgrades/patching, import, day-2 operations, and API automation. This feature allows customers to upgrade their entire vRealize infrastructure through a single pane, including external vRO instances, which leads to a dramatically lower operational cost.

Key vRealize Automation use cases:

• Self-Service Cloud. Evolve your VMware data center to private or multi-cloud infrastructure based on VMware Cloud Foundation and VMware Cloud.
• Security Operations. Harness event-driven automation to deliver full-service, closed-loop IT system compliance enforcement and vulnerability remediation.
• DevOps for Infrastructure. Enable a powerful Infrastructure as Code platform with support for infrastructure pipelining and iterative development.
• Kubernetes Automation. Automate the management of Kubernetes clusters and namespaces with support for vSphere with Tanzu.
• Network Automation. Automate VMware NSX to enable faster deployment and complete lifecycle automation of traditional and modern applications.

Learn more about vRealize Automation 8.8 and its new features – please check out these technical blogs:

• Approval Policies in vRealize Automation
• Cloud Assembly Custom naming re-imagined
• What’s New in vRealize Suite Lifecycle Manager 8.8
• New vRealize Automation Reddit Community Channel
• New Learn vRealize Automation Sites

 

CloudHealth key outcomes

 CloudHealth by VMware gives customers complete visibility into cloud and container costs, usage, and performance.

 So using Cloud health you can  deliver higher quality products faster, while keeping costs under control across thousands of resource deployments.

In this blog I am going to describe key feature of CloudHealth 

Multi Cloud strategies: - Cloud health provides below benefits.

Flexibility

Improved disaster recovery

Potential negotiation power

Less Signal vendor dependency

In public cloud customers have the biggest challenge as they have low visibility, increasing spend, over provisioning resources and lack of governance and control. Even the biggest customer problem is managing over provisioning issues and not even understanding how to manage ongoing provisioning on the public cloud. Cloud health addresses all these challenges and helps customers to manage AWS, Azure, google cloud and oracle environment in consolidated platforms across in their organization.

Cloud health provides visibility, Optimization, Governance that customers need to realise their business transformation   in the cloud.

There are three areas of excellence: financial, operation, security, and compliance. The organization needs to focus on as they grow and mature management on cloud. Typically cloud journeys began to address challenges around gaining visibility to decentralize multi cloud environments. Without Visibility companies struggle with protraction and forecasting cost.

Optimization involves identity cost saving, time saving due to operation efficiency improvement.

Cloud health seeks to enable customers to transform the business in cloud computing and limit their burden to manage their cloud. Cloud health is a single product to manage their multi cloud Portfolio, better visibility, governance, optimization, and automation across the entire portfolio. Cloud health enables individuals to make smart decisions thousands of times today. Cloud health works for all Major public and hybrid clouds and across all SaaS applications.  

Cloud Health helps organizations to drive accountability and improve collaboration.

Cloud Health is Single platform to provide visibility on AWS, Azure, Google cloud, as well as on prem platform. Simplify Finance management report on charge back spends on cost center. Drive accountability against budget for different teams to save money in the cloud through cost and resource optimization.

 

 

Cloud Health Key Benefits are below.

1-      Increase Agility - CloudHealth allows customers to get back to focusing on the reason they adopted the public cloud in the first place. Manage agility, flexibility and innovation using CloudHealth. Platforms improve governance and which result faster time to market and higher ROI. Cloud Health enables customers to increase agility. CloudHealth customers can deliver higher quality products and solutions faster, while keeping cost under control and reducing complexity with complete visibility and spend across public and private cloud as well as containerize environment. Customers confidently control their cloud journey. CloudHealth is a single source of truth for customers in a multi cloud environment.

2-      Improve collaboration: - Allows customers to drive consistent best practices throughout the organization from finance, engineering to IT operation. When an organization uses CloudHealth, the business unit and department better align and commit decisions faster. This allows customers to drive consistent best practices through organization, increase productivity, Improve collaboration and communication.

3-      Drive Innovation: - With cloud Health company concern to notify or take automated action, when infrastructure violates policy. This provides freedom to innovate and try new services knowing the cloud aligns with their business.

 

Cloud health Capability

CloudHealth is a robust and multi cloud management platform. customers can save money, reduce risk, and let the team spend less time on many tasks. Here are the capabilities to help organizations transform their business using CloudHealth.

Customers can import dashboards and broken down by project, team, department, and business unit to help customers to gain granular visibility into all cloud environments. Executives and stakeholders can subscribe to this report and analyze them for maximum business impact.

Customers can analyze detailed cost usages reports and leverage historical data, accurate forecasting and capacity planning.

Cloud health empowers the customer to get the most out of their cloud environment and enables them to make inbound databank decisions to drive the business.

 

Cost and Resource Optimization

Customers can manage discounts from multi cloud providers throughout their entire lifecycle to maximize saving.

 

Customers can analyze granular resource usage data to improve fiancé and reduce wastage.

Customers can gain visibility and optimization on Kubernetes and Amazon ECS and EKS environments.

 

Governance, Automation & collaboration

CloudHealth helps customers to gain consistency and control on their cloud environment by implanting governance policy and automation action. Customers can build custom policy and workflow to maintain hand of control over cloud usage.

Customers can easily integrate CloudHealth with existing tools to easily align with their cloud strategy with top business initiative.

Customers can bring the data from multiple streams together for a holistic view of their cloud environment.

CloudHealth enables customers to share reports and dashboard to increase transparency and drive accountability across lines of business.

CloudHealth helps customers to understand the true cost of ownership before and after migrating workload to the cloud .