Automate Secure Application Services in VMware Private Clouds

The IT world is transitioning to the cloud. Upwards of 70% of Enterprises will utilize a hybrid model by 2020 according to Right Scale’s “2017 State of the Cloud Report”. This is due to the need for agility and scalability, an overwhelming number of users and requests, exponential growth of deployed apps and the mandate for disaster recovery and business continuity.

A key benefit of the cloud is automation and a drive to enhanced agility. With automation, comes the ability to roll-out apps quicker for better time-to-revenue. Organizations can reduce TCO with less IT staffing and minimized overprovisioning.

For all the accolades public clouds receive some administrators have anxieties. A 451 Research survey “Can private cloud be cheaper than public cloud?” reveals private cloud users have concerns with public clouds:

  • security (79%)
  • performance (46%)
  • managing cost (39%)

The survey also states the benefits of a private cloud:

  • site control (71%)
  • cost (53%)
  • infrastructure ownership (43%)

Migrating to Private Clouds

Many organization’s IT groups are thus migrating to private clouds to extend the use of on-premises architectures. This affords them a streamlined consumption model, superior agility, and economics of the public cloud. In making this shift and accomplish their goals enterprises need to simplify and automate services available from their existing IT operations.

Creating a private cloud requires administrators rethink traditional design methods and make fundamental changes to IT. The underlying infrastructure must be simplified. The concept of IT as a Service be employed. To improve quality and reduce human error they must utilize repeatable, standardized procedures when deploying infrastructure elements. Above all automation is mandatory to improve the speed of service delivery.

Private Cloud Orchestration with VMware’s vCloud

Regarding private cloud orchestration techniques, VMware’s vCloud is the most widely adopted and seems to be the solution of choice-even over OpenStack “free” open source methods. vCloud is a complete tool suite for private clouds and is composed of vSphere and the vRealize Suite. IT can optimize cloud deployments and manage an entire Infrastructure lifecycle from a single console.

vSphere includes:

  • VMware ESX hypervisor, that functions as the virtualization server
  • VMware vCenter Server, which manages vSphere environments
  • VMware vSphere Client, which is used to install and manage VMs
  • VMware’s file system component.

The vRealize suite encompasses:

  • vRealize Automation. This provides a self-service, policy-based infrastructure and application provisioning and lifecycle management tool
  • vRealize Operations. Gives IT intelligent performance, capacity and configuration management
  • vRealize Business for Cloud is used for automated costing, usage metering and service pricing

Automation with VMware vRealize Orchestrator

A key component of vCloud is vRealize Orchestrator (vRO). This is workflow software that simplifies the automation of complex tasks. With vRO organizations can design and deploy scalable workflows to automate routine or sophisticated IT processes. Such methods dramatically simplify and accelerate IT operations. Administrators can reduce OPEX and lessen the vulnerability of user errors. The efficiency of service delivery and operational management are improved.

vRO is integrated into vCloud to extend service delivery and operational management and ensures all tasks necessary to deliver a required service are completed. vRO is kind of a “master conductor” and orchestrates various services. Administrators can deploy multi-tier apps, VMs and secure application services such as those from application delivery controllers (ADCs).

Workflow Development with VMware vRealize Orchestrator

One of the principal ways vRO automates tasks is through workflow development. Users can create their own workflows through various designer menus using an intuitive, easy-to-use drag-and-drop workflow creator. These are complete instructions to create a particular end function and define how to perform an automated task. They are organized in a hierarchical tree structure. Workflows are created to provision, delete or alter resources, including ADCs, and involve their configuration and setting policies.

Custom workflows can be built from scratch (from a library of individual tasks) with built-in actions. This can simplify the process by using plug-ins and the pre-built workflows for any level of abstraction. IT accesses and launches workflows from the VMware vSphere. Complex workflows can be quickly and easily designed and deployed in just a few steps.

Administrators can automate and orchestrate ADC provisioning operations and integrate those workflows into other parts of the infrastructure. Ultimately this enables customers to access services that would otherwise require a ticket and possibly weeks of delay.

vRO may be combined with several technologies to allow designing and running workflows on VMware-based tools and third-party applications that are part of the customers private cloud environment. The tool provides comprehensive coverage of vSphere APIs and is integrated with the vCloud suite components including vRealize Automation and vRealize Operations.

Integration and Orchestration with VMware vRealize Orchestrator

To enable the integration and orchestration of VMware and multiple third-party services with vRO, software plug-ins are developed and installed. They provide vital communications and control. Leveraging these plug-ins vRO configures policies on these external services. Numerous software vendors have developed plug-ins to support automation for their software through vRO.

A10 has developed a vRealize Orchestrator (vRO) plug-in solution. It’s available on VMware’s Solution Exchange (a marketplace of extensible solution plug-ins). It is also available for A10 customers at A10 product software and documentation. vRO provides a RESTful API to enable other applications to integrate with the tool and design and execute their own workflows. Figure 1 is a diagram showing the interaction of vRO and A10 Thunder/vThunder.

vmware vrealize integration
Figure 1: VMware vRealize Integration

A10 Thunder ADC Plug-in for VMware vRealize Orchestrator

The A10 Thunder ADC plug-in for vRO enables integration of VMware vRealize Orchestrator (vRO) functionality, enabling management, implementation and automation of many workflows for secure app services. This automates ADC provisioning and configuration on Thunder ADC devices. The plug-in offers full programmability and control of all A10 devices including virtual, physical and bare metal.

The vRO workflow designer via the plug-in sends commands to and receives information back from the Thunder ADC appliances’ APIs. Thus, incorporating the ADCs into workflows for an efficient and simple process. To help accelerate the deployment process over 50 plus pre-built workflows for configuring L4-L7 ADC functionality on A10 devices are included. These include:

  • L4-7 SLB configuration (real servers, service groups, virtual server)
  • SLB App Centric Templates
  • Health monitoring
  • SSL file management
  • Network configurations: Ethernet; Trunk Interfaces and VLANs
  • IP NAT pools
  • High availability cluster using VRRP-A
  • Multi-tenancy: L3V Application Delivery Partitions (ADPs)

JavaScript for VMware vRealize Orchestrator

A10 VRO plug-in also provides a JavaScript-based scripting engine with more than 30 scripting objects to help administrators develop custom workflows in addition to the out of box workflows. This permits the creation of new building blocks for workflows as well as other actions and policies. Over 75 action scripts are also included along with a plug-in SDK.

With the A10 Thunder ADC plug-in for vRO, organizations running private clouds leveraging VMware’s vCloud suite can achieve many benefits. Administrators can:

  • Automate management of applications. vThunder ADCs provisioning, configuration and deployments are streamlined with workflows initiated in seconds. The intuitive GUI provides drop-downs, defaults, wizards and inventory tree views for ease of use.
  • Accelerate responses to bottlenecks. Out-of-box workflows automate app lifecycle management and simplify troubleshooting.
  • Gain complete control over Thunder workflows. Scripts and workflows can be fully customized by accessing the entire Rest-based APIs (A10 aXAPIs)
  • Leverage a single pain of glass for management. A self-service portal is available and provides visualization into VRO.

How A10 Can Help

The A10 Networks Thunder line of Application Delivery Controllers intelligently manage, control and automate the deployment of application delivery services in multi-cloud environments to maximize agility, provide actionable insights and ensure app availability and security while simplifying operations with the lowest TCO. The Thunder Series comprehensive support for multiple third party tool suites, coupled with flexible deployment methods, make it ideal for a wide variety of deployment scenarios. Their capabilities enable:

  • Integration with A10 Harmony Controller to offer visibility into hundreds of per-request metrics involving user experience, latencies, contextualized traffic profiles, anomalies, malicious intrusions and server health and utilization levels.
  • Use of machine learning and artificial intelligence to proactively and automatically modify, provision and configure new app service instances and policies.
  • Simplification and acceleration of both infrastructure configurations and operational troubleshooting by over 80%.
  • Self-service and automation to improve agility and efficiency by eliminating the need for IT administrators to set up and configure per-application infrastructure.
  • Centralized management to coordinate and distribute policies and configuration files to all app services and device clusters.


Get more from your enterprise network. A10 Thunder ADC helps enterprise data centers improve the bottom line.