EDIT: This post is quite old now, and based on information from vRA 6.x. Rather than editing it, I have written an updated post to address improvements in this area.
I’ve been meaning to write this post for a while now, in fact every time we have a dot release of vRealize Automation and I have to answer this question (again) I mean to finish it. Finally it’s here!
vRealize Automation is a pretty great tool. It has a broad range of capabilities and use cases, and a huge capability for extensibility care of the tight integration it has with vRealize Orchestrator.
What vRealize Automation does not have is through and through multi-tenancy for service providers. Let’s dig into that a little more, since multi-tenancy can mean different things to different people. Here are couple of use cases, and what the workflow looks like in both vCD and vRA.
Summary: A customer has a virtual datacenter with a Service Provider, and wants to carve out some of it’s resources for another line of business.
vCD: An Org Admin creates an Org VDC from the context of the Provider VDC. This admin has no rights to any other org.
vRA: A Fabric Group member creates a Reservation from a Compute Resource, and allocates it to a Business Group. This user can perform this function across Tenants.
Implications: A customer cannot be given a pool of resources to manage in a secure manner in a Service Provider environment using vRA. All administrative tasks must be performed by the Service Provider.
Summary: A customer requires a service catalog that includes services from multiple cloud platforms.
vCD: Virtual Datacenters are only able to be created from a vCenter Endpoint.
vRA: Services can be delivered from multiple vendors and their cloud offerings.
Implications: vCD cannot do this feasibly. vRA can deliver this capability.
How can Service Providers deliver the second Use Case when considering the implications of the first?
They can offer a managed service from a platform that exists on the customer site. In that case, the customer is the only tenant.
They can offer a dedicated hosted instance. In that case the customer is the only tenant.
If you hear anyone (and I do mean anyone) from VMware suggesting otherwise, and implying that a multi-tenanted vRA implementation is a good idea for a Service Provider play, please send them my way.