vRealize Automation for Service Providers

EDIT: This post is quite old now, and based on information from vRA 6.x. Rather than editing it, I have written an updated post to address improvements in this area.

I’ve been meaning to write this post for a while now, in fact every time we have a dot release of vRealize Automation and I have to answer this question (again) I mean to finish it. Finally it’s here!

vRealize Automation is a pretty great tool. It has a broad range of capabilities and use cases, and a huge capability for extensibility care of the tight integration it has with vRealize Orchestrator.

What vRealize Automation does not have is through and through multi-tenancy for service providers. Let’s dig into that a little more, since multi-tenancy can mean different things to different people. Here are couple of use cases, and what the workflow looks like in both vCD and vRA.

“Virtual Datacenter”

Summary: A customer has a virtual datacenter with a Service Provider, and wants to carve out some of it’s resources for another line of business.

vCD: An Org Admin creates an Org VDC from the context of the Provider VDC. This admin has no rights to any other org.

vRA: A Fabric Group member creates a Reservation from a Compute Resource, and allocates it to a Business Group. This user can perform this function across Tenants.

Implications: A customer cannot be given a pool of resources to manage in a secure manner in a Service Provider environment using vRA. All administrative tasks must be performed by the Service Provider.

“Cloud Brokerage”

Summary: A customer requires a service catalog that includes services from multiple cloud platforms.

vCD: Virtual Datacenters are only able to be created from a vCenter Endpoint.

vRA: Services can be delivered from multiple vendors and their cloud offerings.

Implications: vCD cannot do this feasibly. vRA can deliver this capability.

How can Service Providers deliver the second Use Case when considering the implications of the first?

  1. They can offer a managed service from a platform that exists on the customer site. In that case, the customer is the only tenant.

  2. They can offer a dedicated hosted instance. In that case the customer is the only tenant.

If you hear anyone (and I do mean anyone) from VMware suggesting otherwise, and implying that a multi-tenanted vRA implementation is a good idea for a Service Provider play, please send them my way.