iT Infra Automation

 Managing a large number of Distributed Firewall (DFW) rules manually in NSX-T can be time-consuming and error-prone. In enterprise environments, firewall rules are often provided in bulk through spreadsheets and need to be applied consistently across policies. In this blog, we’ll explore how to automate bulk creation and update of NSX-T DFW rules using VMware Aria Automation (vRA) and vRealize Orchestrator (vRO) , driven by a CSV input file . Use Case Overview The goal of this automation is to: Import firewall rules in bulk using a CSV file Automatically create or update DFW rules in NSX-T Enforce platform limits and validations Support large-scale rule deployments in a controlled manner This solution is ideal for: Firewall rule migrations Compliance-driven rule deployment Large-scale application onboarding Input CSV Format The automation accepts a CSV file with the following fields: Policy Name ,  Source ,  Destination,  Protocol ,...

Overview SSL certificate renewal for GitLab requires careful planning to avoid service disruption. This guide explains the end-to-end process for renewing GitLab SSL certificates across both Application and Database servers , including backup, CSR generation, certificate replacement, service restart, and verification . This procedure ensures: Secure HTTPS access Zero data loss Safe rollback using snapshots Compliance with enterprise certificate standards Environment Overview Component Description GitLab Application Server Hosts GitLab UI & services GitLab Database Server Hosts PostgreSQL Access Method CyberArk SSH Certificate Type Custom Root + Intermediate + Signed Certificate   High-Level Flow Diagram Phase 1: Backup & CSR Preparation Step 1: Take VM Snapshots GitLab Application Server ...

  Key Differences That Matter for Modern Cloud Automation With the release of VMware Cloud Foundation (VCF) 9 , automation has evolved beyond what Aria Automation 8.x originally delivered. While Aria Automation 8.x was a powerful standalone automation platform, VCF 9 Automation is designed as a deeply integrated, platform-native automation layer . This blog explains the real-world differences , especially from an architect, automation engineer, and platform operations perspective. 1. Platform Philosophy Shift Aria Automation 8.x Designed as a standalone automation product Focused on self-service provisioning Required manual integration with vSphere, NSX, vROps, and Code Stream Automation was often project-based , not platform-driven VCF 9 Automation Built as a core capability of VMware Cloud Foundation Automation is platform-native , not an add-on Tight lifecycle alignment with VCF components Automation is infrastructure-aware by default 2. Installa...

  6. CI/CD and Automation Pipelines Aria Automation 8.x Relied heavily on Code Stream Pipelines required more manual configuration Less visibility into infra lifecycle state VCF 9 Automation CI/CD aligns with VCF lifecycle events Pipelines are more context-aware Better integration with platform operations Outcome: Automation pipelines become smarter , not just faster. 7. Operational Visibility & Troubleshooting Aria Automation 8.x Logs and troubleshooting often siloed Required jumping across products Root cause analysis was time-consuming VCF 9 Automation Better correlation with VCF components Improved visibility across automation actions Faster troubleshooting due to platform context Ops Benefit: Reduced MTTR for automation-related issues. 8. Customization vs Standardization Aria Automation 8.x Highly customizable Flexibility often led to automation sprawl Difficult to standardize across teams VCF 9 Automation Enc...

  VCF 9 Automation vs Aria Automation 8.x - Quick Comparison Category Aria Automation 8.x VCF 9 Automation Product Positioning Standalone automation platform Native automation capability of VCF Architecture Separate product stack Deeply integrated with VCF Installation Model Independent deployment Deployed via VCF workflows Upgrade & Lifecycle Manual planning and validation VCF-managed lifecycle Version Compatibility Admin-managed Automatically aligned with VCF Primary Focus Workload provisioning Platform and workload automation Automation Scope VM-centric Platform, domain, and workload-aware Infrastructure Awareness Limited context Full VCF context awareness Policy En...

 In modern datacenter operations, automation plays a critical role in improving accuracy, reducing manual workloads, and increasing operational efficiency. When tenants provision virtual machines using VMware Aria Automation (vRA) , it is often necessary to ensure that these systems are properly registered and managed through Red Hat Satellite Server for patching, compliance, and lifecycle operations. This article explains an automated workflow that integrates vRA, vCenter, vRealize Orchestrator (vRO), and Red Hat Satellite , enabling seamless onboarding of newly provisioned Linux VMs. Why Automate the Satellite Onboarding Process? Without automation, administrators must manually: Verify VM creation in vCenter Register the host in Satellite Apply activation keys Associate lifecycle environments Confirm subscription status Automation eliminates errors and speeds up operations by ensuring these tasks happen automatically during deployment. End-to-End Workflow Ove...