A network profile contains IP information such as gateway, subnet, and address range. vRealize Automation uses vSphere DHCP or a specified IPAM provider to assign IP addresses to the machines it provisions.
| Network Type | Description |
|---|---|
| External | Existing network configured on the vSphere server. They are the external part of the NAT and routed networks types. An external network profile can define a range of static IP addresses available on the external network. You can use IP ranges obtained from the supplied VMware IPAM endpoint or from a third-party IPAM service provider endpoint that you have registered and configured in vRealize Orchestrator, such as Infoblox IPAM. An IP range is created from an IP block during allocation. An external network profile with a static IP range is a prerequisite for NAT and routed networks. |
| NAT | On-demand network created during provisioning. NAT networks that use one set of IP addresses for external communication and another set for internal communications. With one-to-one NAT networks, every virtual machine is assigned an external IP address from the external network profile and an internal IP address from the NAT network profile. With one-to-many NAT networks, all machines share a single IP address from the external network profile for external communication. You can use IP ranges obtained from the supplied VMware IPAM endpoint or from a third-party IPAM service provider endpoint that you have registered and configured in vRealize Orchestrator, such as Infoblox IPAM. An IP range is created from an IP block during allocation. A NAT network profile defines local and external networks that use a translation table for mutual communication. |
| Routed | On-demand network created during provisioning. Routed networks contain a routable IP space divided across subnets that are linked together using Distributed Logical Router (DLR). Every new routed network has the next available subnet assigned to it and is associated with other routed networks that use the same network profile. The virtual machines that are provisioned with routed networks that have the same routed network profile can communicate with each other and the external network. You can use IP ranges obtained from the supplied VMware IPAM endpoint or from a third-party IPAM service provider endpoint that you have registered and configured in vRealize Orchestrator, such as Infoblox IPAM. An IP range is created from an IP block during allocation. A routed network profile defines a routable space and available subnets. |
Before we can use this network profile in the blueprint we need create them for that purpose we need to have the Fabric Admin roles.
| Fabric administrator | Manage property groups. Manage compute resources. Manage network profiles. Manage Amazon EBS volumes and key pairs. Manage machine prefixes. Manage property dictionary. Create and manage reservations and reservation policies in their own tenant. If this role is added to a user with IaaS administrator or system administrator privileges, the user can create and manage reservations and reservation policies in any tenant. |
Go to the Infrastructure –> Reservation –> Network Profiles
Here we will create all Network Profiles required for deployment.
- EXTERNAL
For External Network Profile we must provide a name/subnet/Gateway
The rest tab are optional. Also we need to remember that when we setup the Gateway we are not able to change it.
After creation we can use this External network in Reservation and attach it to the blueprint.
- ROUTED
Routed network required from as some more settings because before we can create it we need to have External network profile to setup it with this routed Network
And as we don’t have in it any DHCP we have to create the Network Ranges
For Routed network we need also assign in network profile in Reservation name of our external network for Distributed Logical Router.
In blueprint we are adding the On Demand Routed Network which should create in process of deployment the connection for DLR with other virtual Switch.
- NAT
For NAT we also need the External network profile but we should provide information how this will be assigned
| Option | Description |
|---|---|
| One-to-One | Assign an external static IP address to each network adapter. Every machine can access the external network and is accessible from the external network. All external IP addresses that are assigned to an NSX edge uplink must be part of the same subnet. When using NAT 1:1 in vRealize Automation, the corresponding external network profile must contain only IP ranges that exist within a single subnet. |
| One-to-Many | One external IP address is shared among all machines on the network. An internal machine can have either DHCP or static IP addresses. Every machine can access the external network, but no machine is accessible from the external network. Selecting this option enables the Enabled check box in the DHCP group. The NAT one-to-many translation type allows you to define NAT rules when you add a NAT network component to a blueprint. |
NAT network required Network Range in External Network Profile
In blueprint we are adding the On Demand NAT Network which should create in process of deployment the Edge VM with configured NAT network
On the NSX we have our Edge with configured NAT rule
- Load Balancer
for modyfing blueprint we can also add On Demand Load Balancer. This Will allow us to provide web page with configured Load Balancer on NSX.
After Deployment we have available our web page via VIP ip address
