VMware vRealize Suite 8.2 Released
VMware has released vRealize Automation 8.2, vRealize Orchestrator 8.2, vRealize Operations Manager 8.2, vRealize Log insight 8.1 and vRealize Suite Lifecycle Manager 8.2.
vRealize Automation 8.2
What’s new:
- vRealize Automation Blueprint name change to VMware Cloud Templates
- Blueprints are renamed to VMware Cloud Templates. Learn more.
- You might still see the term Blueprint in the official documentation, API, error messages, and other areas of code.
- VMware vRealize Automation 8.2 includes in-product user assistance
- Use the signpost help to learn about a setting.
- Use the help panel to get more information about a feature or configuration process.
- Migration Assistant enhancement
- Enhancement to the migration assessment service now allows the user to migrate content and deployments from a vRA 7.5/7.6 instance to a vRA 8.2 instance.
- Migrate infrastructure, subscriptions and deployments
- Rollback a migration
- Incrementally migrate individual Business Groups in stages without migrating the entire vRA 7.x system at once
- Enhancement to the migration assessment service now allows the user to migrate content and deployments from a vRA 7.5/7.6 instance to a vRA 8.2 instance.
- Terraform Configuration as a VMware Cloud Templates Resource in vRealize Automation
- Terraform open source configurations are now integrally supported by VMware Cloud Templates. Cloud Administrators can integrate Terraform configurations stored in Git and release as self-service catalog items. Select capabilities include the following: Learn more
- Create Cloud Templates with Terraform configurations
- Compose hybrid Terraform-VMware Cloud Templates
- Enable built-in power Day 2 actions and custom day 2 actions on Terraform resources
- Central deployment state file
- Managed Terraform runtime in cloud
- Code Stream pipeline to deploy Terraform based Cloud Templates for DevOps users
- Terraform open source configurations are now integrally supported by VMware Cloud Templates. Cloud Administrators can integrate Terraform configurations stored in Git and release as self-service catalog items. Select capabilities include the following: Learn more
- SDDC Manager Integration and VMware Cloud Foundation (VCF) cloud account
- Configure SDDC Manager integration and on-board workload domains as VMware Cloud Foundation(VCF) cloud accounts into VMware Cloud Assembly service. A VCF cloud account enables you to incorporate a VCF workload into Cloud Assembly to facilitate a comprehensive hybrid cloud management solution.
- SDDC Manager can be as an integration endpoint once for onboarding one or more workload domains as VCF cloud accounts.
- VCF cloud accounts bring in both Compute and Network resources (vSphere and NSX-T) into vRealize automation for provisioning new resources.
- VCF cloud accounts support service credentials to automatically create a new service account to use with vSphere and reuses the existing NSX credential from SDDC Manager.
- Flavor, Image, Network and Storage profiles can be defined for VCF cloud accounts similar to vSphere and VMC cloud accounts.
- Use vSphere/NSX specific or agnostic resources with constraints to direct the provisioning of new resources into VCF cloud accounts.
- Configure SDDC Manager integration and on-board workload domains as VMware Cloud Foundation(VCF) cloud accounts into VMware Cloud Assembly service. A VCF cloud account enables you to incorporate a VCF workload into Cloud Assembly to facilitate a comprehensive hybrid cloud management solution.
- Multi-tenancy: Centralized Management of Tenant Infrastructure
- Setup and manage Virtual Private Zones and share IaaS resources across projects while maintaining tenant isolation. For managed service providers, shared infrastructure multi-tenancy ensures optimal resource allocation and control. This capability enables a provider to allocate provider-managed infrastructure to their tenants. Currently this is only supported for provider organizations in Multi-Tenancy configuration through VMware Cloud Provider Hub. Learn more.
- Provider administrator creates a bundle of isolated IaaS resources (Compute, Network, Storage, Image, and Flavor) called the Virtual Private Zone (VPZ). All CRUD operations are supported.
- Provider administrator shares the VPZ with a tenant.
- Tenant administrator, in turn, shares the VPZ with a project within the tenant org. Note that multiple VPZ can be added to a single project.
- Tenant project members can provision a machine into the VPZ.
- Project members view the deployment and see an “obfuscated” view of the underlying infrastructure (only the VPZ name).
- Tenant A resources are not visible to Tenant B, even when underlying infrastructure is shared.
- Setup and manage Virtual Private Zones and share IaaS resources across projects while maintaining tenant isolation. For managed service providers, shared infrastructure multi-tenancy ensures optimal resource allocation and control. This capability enables a provider to allocate provider-managed infrastructure to their tenants. Currently this is only supported for provider organizations in Multi-Tenancy configuration through VMware Cloud Provider Hub. Learn more.
- Custom Role Based Access Control (RBAC)
- vRealize Automation 8.2 introduces Custom roles based access that enables customers to closely align the roles they assign consumers and providers to the actual roles they hold within their organizations. It helps with configuring restrictive enough roles, based on the actual tasks (permissions) users are eligible for and resource they are eligible to without overloading permissions with unnecessary tasks or confront organization security.
- Base concepts:
- Org admins are able to define custom roles within organization.
- Each custom role can be assigned to an organization users/group.
- New custom roles model integrates with out of the box roles and works in collaboration with access control and policy within the organizations.
- Available configurable permissions:
- Custom Roles for Images, Flavors, Zones, Machines and Requests, Cloud Accounts, Cloud Zones and Projects
- Custom Roles for Manage and View Onboarding Plans
- Custom Roles for Extensibility use cases:
- Manage and View
- Action Runs
- Actions
- Subscriptions
- Viewer permissions for:
- Events
- Event Topics
- Workflows
- Workflow Runs
- Custom Roles to Manage and View Cloud Templates
- Custom Roles to Manage and View Custom Day2 for built-in & custom resources
- Custom Roles for Pipeline Modeling, Execution, and Configuration
- Custom Roles for Policy Permissions
- Custom Roles to manage permissions for approvals
- Refer to custom roles and examples of how they work with the other roles for more information.
- Custom Roles for Images, Flavors, Zones, Machines and Requests, Cloud Accounts, Cloud Zones and Projects
- XaaS Custom Resource and Custom Action Enhancements
- Custom Resources Schema Dynamic data support. vRealize Automation 8.2 now includes automatic validation for the workflows added as lifecycle actions to your custom action. This feature also includes improvements to the external type property and custom resource property schema. Learn more.
- Custom Day 2 actions bindings. vRealize Automation 8.2 supports three types of action bindings: in request, with binding action, and direct binding. Learn more.
- Support 1:N Association Between NSX-T Manager and vCenter
- Support for 1 NSX-T manager connected to multiple vCenters. Learn more.
- NSX-T Policy Mode Support
- Enable the creation of a new NSX-T endpoint in Policy mode. Learn more.
- Policy mode support for Networks (Day 0, Day 2), Load Balancers (Day 0), Security Groups (Day 0), Tagging (Day 0), VM Scale In/Out (Day 2), and Port Forwarding (Day 0, Day 2).
- NSX Load Balancer Configurations – Logging Level, Algorithm, Type, NIC, and VIP
- Support for NSX Load Balancer advanced configurations, including Logging level, Algorithm, and Type (Day 0, Day 2). Learn more.
- Support for NSX Load Balancer configuration options for NIC for all network types, including private, existing, public, outbound and routed networks. Load Balancer can now be connected to a specific machine NIC, rather than always using the first NIC in the machine by default.
- Ability to specify the IPv4 VIP (Virtual IP) in the Cloud Templates; this would allow Load Balancer to have a specific IP, instead of an IP from a static IP range.
- NSX Port Forwarding
- Port Forwarding (DNAT rules) support for NSX outbound networks. vRealize Automation now exposes a new Cloud.NSX.Gateway Cloud Templates resource type that allows the DNAT rules to be specified for the gateway/router connected to the outbound network. Learn more.
- Day 2 actions support for adding new NAT port forwarding rules, reordering rules, editing existing rules, and deleting rules.
- Networking Day 2 – Reconfigure Security Groups
- Reconfigure security groups:
- Change security groups – add a new or existing security group, remove associated security groups, and modify associated security groups. Security groups are part of deployments for day2 actions. The day2 actions are supported for a single machine only and not for a multi-machine cluster.
- Delete security group – remove security group from deployment. If the security group is on-demand, then it is destroyed.
- Move VM between networks:
- Update deployment constraints on the vSphere machine NIC to move it from one existing network to another existing network in the same network profile.
- Machine can be moved from static to static network, or dynamic to dynamic network.
- The previous network is deleted from the deployment. Learn more.
- Reconfigure security groups:
- vSphere 7 Supervisor Namespace as a Catalog item
- Ability for catalog user to request vSphere supervisor namespaces from the vRealize Automation catalog powered by an underlying VMware Cloud Template.
- Cloud Templates author can define supervisor namespace resource limits on the Cloud Templates resource. This allows the admin to restrict user resource consumption.
- ITSM Plug-in 8.1.2
- New ITSM plugin (version 8.1.2) for vRealize Automation is now available on ServiceNow store.
- Orlando Support – Plugin supports Orlando which is latest ServiceNow version. It also supports previous ServiceNow versions Madrid and New York.
- Support for Custom Forms in User Portal
- Multi-level Approval – The ServiceNow administrator can configure multi-level approval for ServiceNow Catalog requests.
- Email Notifications – The ServiceNow administrator can configure email notifications for various activities like Deployment Requests, Approval Requests, Day 2 Requests, and Endpoint and Entitlement configurations.
- Auto Create tickets for failed deployments – A support ticket is created and assigned to support groups in ServiceNow whenever a deployment request fails in vRealize Automation or a day-2 action fails.
- vRealize Automation Scaling
- Up to 250 resources per deployment and 400,000 virtual machines.
- If you anticipate deployments to have more than 100 resources, upgrade to the new API version 2020-08-25.
- New Version of the vRealize Automation REST API
- A new version of the vRealize Automation REST APIs is available with all vRealize Automation releases. The new version increases resource support to 300 resources per deployment and provides performance improvements. If you are an API user and have not locked your API to a version before, you might encounter a change in an API response. As a best practice, lock your API to the latest version which is apiVersion=2020-08-25 to ensure that your API responses do not change unexpectedly with an API update. If left unlocked, your API requests will default to the latest version.
- First Class Disk and IaaS APIs
- Create a First Class Disk (FCD) disk object independently without a VM. Full support for CRUDL functionality – Create, Edit, Delete, List
- Support for Day 2 actions and disk snapshot life cycle management
- IaaS API to create, delete, list, attach and detach FCD.
- IaaS API to convert existing disk to an FCD. Learn more.
- IaaS API for FCD snapshot management (Create, Delete, List, and Restore).
- Extensibility Subscriptions
- Support for up to 50 blocking and 50 non-blocking subscriptions per event topic. Learn more
- Approvals For Catalog Items in Service Broker, Onboarded Deployments And Cloud Assembly Deployments
- Approvals now apply to all catalog items beyond Cloud Assembly Cloud Templates, including Cloud Formation Templates, vRO workflows, ABX actions, OVAs, etc.).
- Trigger approval policies based on the attributes of underlying resources filtered by: cloud account, cloud type, flavor, image, region or resource type. Learn more
- Support approval flow for pre-provision and day 2 actions for cloud assembly blueprint deployments
- Support approval flow for day 2 actions on imported deployments
- More information about approval policies
- Show Request Form in Approval Details
- Approver can now see the input parameters the requester submitted as part of the approval request. This enhanced view helps the approver make the approval decision based on the same information the originator of the request provided.
- Integration With vROps
- When customers subscribe to both vRA Cloud and vROps Cloud, the integration gets automatically configured to provide the following benefits:
- Support for advanced workload placement based on vROps policies.
- Pricing for resources, deployments and projects for VMware Cloud.
- Infrastructure health & performance metrics for VMware Cloud. Learn more
- When customers subscribe to both vRA Cloud and vROps Cloud, the integration gets automatically configured to provide the following benefits:
- IaaS API Filter Resources Within Particular Region In Cloud Accounts
- Resources in Cloud Assembly IaaS API can be found by the region that they belong to using Data filter. The region can be uniquely identified by the externalRegionId and the corresponding cloudAccountId.
- API for Updating Cloud Account Password
- Update cloud account password for vSphere and NSX using IaaS API.
- Bitbucket integration support
- Support for integration with on premises Bitbucket to use as a Git-based repository for ABX action scripts and VMware cloud templates.
- Custom property update via API
- Update custom property for machines through IaaS API
- vRA Log Retention Improvements
- On-premise logging infrastructure improved to include:
- Seven days of log retention for each service
- Service logs in a separate partition to not conserve storage space
- Logging infra extracted out of K8s layer to be able to collect logs if K8s is down
- On-premise logging infrastructure improved to include:
- Custom Day 2 Actions
- Custom day 2 operations for custom resources and vRealize Automation built-in types. Learn more
- Custom Resources
- Support for custom resources based on vRO types. Learn more
- Deployment History
- View and filter deleted deployment history for up to 90 days after deletion. Learn more
- Share ABX Across Projects
- Ability to share a single action-based extensibility across multiple projects. Learn more
- Double encoding of the space symbols in oData queries is not necessary
- The URL encoding behavior for IaaS API oData queries now work consistently with the modern internet search engines like Google. Before this change, double encoding was required for special symbols (%2520 and +). Now there is no need to double-encode space symbols.
- Example:
- If you previously had the following query: {{url-home}}/iaas/api/machines?$filter=externalRegionId%2520eq%2520%27Datacenter%3Adatacenter-21%27
- Now this query should be changed to: {{url-home}}/iaas/api/machines?$filter=externalRegionId%20eq%20%27Datacenter%3Adatacenter-21%27
- Limitations:
- If you want to search for ‘symbol’ – you should escape it by an additional quote
- Search for ‘&’ symbol – not supported in oData queries for CloudAccounts
- Search for ‘%’ symbol – not supported for all endpoints.
- Custom Forms in Service Broker
- If a workflow is imported in Service Broker and has a custom form enabled before enabling Properties and Composite types and the array counterparts were implemented, the custom form needs to be deleted and the workflows imported again in Service Broker to fix the elements in the form.
See the full release notes here.
vRealize Orchestrator 8.2
vRealize Orchestrator 8.2 is mostly maintenance and stabilizing release. No new features in this release.
see the full release notes here.
vRealize Operations Manager 8.2
What’s new:
- Product Enhancements
- vRealize Operations Manager 8.2 delivers new and enhanced capabilities for self-driving operations to help customers optimize, plan, and scale VMware Cloud, which includes on-premises private cloud or VMware SDDC in multiple public clouds such as VMware Cloud on AWS, while at the same time unifying multi-cloud monitoring. Powered by artificial intelligence (AI), this release will provide a unified operations platform, deliver continuous performance optimization, efficient capacity and cost management, proactive planning, app-aware intelligent remediation, and integrated compliance.
- Here are the key features and capabilities:
- Simplified Troubleshooting and Intelligent Remediation
- Application Operations:
- Support for new applications through the Telegraf Agent: Oracle Database, Hyper-V, .Net, Clickhouse, Redis, and Cassandra.
- Support for script-based Telegraf agent installation to enable customers to automate agent installation.
- Enhanced integration with vRealize Network Insight to discover applications.
- Metrics correlation across objects in a hierarchical scope.
- Enhanced log integration:
- Log-metric correlation
- New log widget
- Enhanced vSAN (File Services and CNS) support.
- Ability to ping endpoints for their availability.
- The vCenter Cloud account has been enhanced so that manual acceptance is not required on CA signed solution certificates. Updates of such certificates work seamlessly.
- Application Operations:
- Efficient Capacity and Cost Management
- Rate-card based pricing for vCenter Server and VMware Cloud on AWS based workloads.
- Granular customization of maintenance, license, labor, and facilities cost drivers at individual server levels.
- Ability to customize auto-discovered operating systems for server licenses costs.
- Ability to include deleted VM costs in list-based views for showback.
- Enhanced support for Tanzu Kubernetes Grid for Capacity Management and Optimization.
- Support for vSAN slack space-based capacity calculations.
- Dashboards, Widgets, Reports, and Views Enhancements
- Simplified policy management workflows.
- Enhanced Object Summary pages for vSAN.
- Improved visualization of vSphere tags.
- Enhanced dashboard management and widget visualization:
- Top N widget now has a threshold.
- Scoreboard widget has a new theme (name: Gradient).
- View Distribution Chart has a new distribution type (name: Summary).
- Property widget now has a threshold.
- Health chart now displays maximum and minimum, in addition to the current value.
- Improved dashboard folder management.
- Improved dashboard sharing management.
- Dashboard to Dashboard navigation.
- Enhanced Getting Started page. Dashboards are now categorized into three main areas:
- Management
- Flows
- Collections
- New and improved out-of-the-box dashboards with pre-calculated Performance metrics.
- The following dashboards have been deprecated and will be maintained for at least one more release. However, they are available and enabled from Dashboard Library > Deprecated in the current release. The deprecated dashboards are not available from the Getting Started dashboard.
- Capacity Allocation Overview Dashboard
- Cluster Configuration Dashboard
- Cluster Utilization Dashboard
- Datastore Usage Overview Dashboard
- Datastore Utilization Dashboard
- Distributed Switch Configuration Dashboard
- Heavy Hitter VMs
- Host Configuration Dashboard
- Host Usage Overview Dashboard
- Host Utilization Dashboard
- Migrate to vSAN
- Operations Overview Dashboard
- Optimization History Dashboard
- Optimize Performance Dashboard
- Troubleshoot a Cluster
- Troubleshoot a Datastore
- Troubleshoot a Host
- Troubleshoot a VM Dashboard
- Troubleshoot vSAN Dashboard
- Troubleshoot with Logs Dashboard
- Utilization Overview Dashboard
- VM Configuration Dashboard
- VM Utilization Dashboard
- vSAN Capacity Overview
- vSAN Operations Overview
- vSphere Security Compliance Dashboard
- Platform Enhancements
- Moved to Zulu OpenJDK8.
- Improved content management with an ability to export and import all the custom and out-of-the-box content with a single click.
- Swagger based API documentation.
- Ability to browse APIs, authenticate and execute APIs, and collect API responses through a single console.
- Ability to view API output in XML and JSON formats.
- Basic Authentication
- Basic authentication using the REST API is deprecated and disabled in vRealize Operations Manager 8.2 fresh deployments by default. Instances that have been upgraded to vRealize Operations Manager 8.2, will inherit the same properties before the upgrade. It is recommended that you use token-based authentication instead. If you still need to enable or disable basic authentication, see KB 77271.
- Regulatory Compliance Packs
- From vRealize Operations Manager 8.1 onwards, the following regulatory compliance packs are native. For a newer version of a regulatory compliance pack, you must upgrade to vRealize Operations Manager 8.1.
- VMware vRealize Compliance Pack for DISA
- VMware vRealize Compliance Pack for ISO
- VMware vRealize Compliance Pack for HIPAA
- VMware vRealize Compliance Pack for FISMA
- VMware vRealize Compliance Pack for CIS
- VMware vRealize Compliance Pack for PCI
- VMware vRealize Compliance Pack for DISA supports ESXi 6.5 and VMware vRealize Compliance Pack for CIS supports ESXi 6.7
See the full release notes here.
vRealize Log insight 8.1
What’s new:
- Partition storage usage and oldest log ingestion time: For each data partition, information about the storage used and the time of the first log ingestion are now displayed, with additional details such as the filter criteria, retention period, and whether the partition is enabled. The information about the age of stored data helps meet the compliance requirement that log events are kept for a defined amount of time (as configured with retention).
- Vertical scale: A preset VM size Extra Large is introduced with doubled compute resources compared to Large size, helping to scale and enhance the performance of large environments more effectively. For more information, see https://kb.vmware.com/s/article/80928.
- Syslog event forwarding with SSL: Event forwarding using syslog is enhanced to optionally secure the connection with SSL.
- Unlimited log export management: Enable email notifications for export completion and track the progress of the export tasks. If a task is queued, you can see the position of the task in the queue.
- IPV6 zero compression support.
- Local account security hardening: New optional password policy restriction for local account user with the following additional rules:
- A password must contain at least 15 characters.
- A user can change their password only once in 24 hours.
- When a user changes their password, they cannot use the last five passwords.
- When a user changes their password, at least eight characters of the new password must be different from the old password.
- A user account is locked if not logged in for 35 days or password not changed for 60 days.
- Incremental performance improvement for queries based on extracted fields.
- Content pack search: Ability to search content packs from the Content Pack Marketplace without leaving the product UI.
- Content pack updates:
- VMware NSX Advanced Load Balancer 1.0 (New)
- VMware Cloud Director Availability 1.0 (New)
- VMware Horizon 4.0
- VMware Horizon 7.x and BLAST desktop protocol support
- New General – Performance and General – Availability dashboards
- NSX-T 3.9 (Support NSX-T 3.0, 3.0.1)
- vRealize Suite Lifecycle Manager 8.0.1+ (Support vRealize Suite Lifecycle Manager 8.1)
- vRealize Operations Manager 4.1 (Support vRealize Operations Manager 8.2)
- vSAN 2.2
- Overview dashboard and Storage Policy Events dashboard
- Support vSAN 7.0
See the full release notes here.
vRealize Suite Lifecycle Manager 8.2
What’s new:
- Continuous Availability (CA) deployment for vRealize Operations Manager
- Scale-Up for vRealize Suite products
- Improved password management
- VMware Managed Cloud (VMC) support on vRealize Suite Lifecycle Manager
- vRealize Network Insight deployment is not supported for VMC software-defined data center (SDDC)
- VMware vRealize Cloud Subscription Manager support
- Federal Information Processing Standards (FIPS) support
- Enhanced support for data sources of VMware vRealize Network Insight
- VMware vRealize Automation support
- NTP configuration for vRealize Automation 8.x
- Catalog application for vRealize Automation 8.x
- Graceful start and shutdown of vRealize Automation
- Enhanced support for VMware Identity Manager
- User experience enhancements
- In product feedback support
See the full release notes here.