iT Infra Automation

  Objective Enable automated bulk creation of NSX-T Security Groups and VM membership assignment by uploading a .csv file through vRA catalog request . This solution leverages: vRA → For self-service catalog & request handling. vRO → Workflow logic, parsing CSV, and REST API communication. NSX-T REST API → To validate, create, and update Security Groups. Input CSV Example The CSV file contains the following columns: SecurityGroupName,Criterion1,Criterion2 App-Frontend,VM.Name=web*,Tag=env:dev App-Backend,VM.Name=app*,Tag=env:qa DB-Servers,VM.Name=db*,Tag=env:prod SecurityGroupName → Name of the NSX-T security group Criterion1, Criterion2 → Membership conditions (VM names, Tags, IPs, etc.) Workflow Logic vRA Catalog Request User uploads CSV file with GroupName,Criterion1,Criterion2 . vRA triggers a vRO workflow via Event Subscription or custom catalog item. vRO Workflow Steps Parse CSV file (using Properties or ResourceElement ...

  Use Case Summary A user provisions a VM from vRA. Once the VM is deployed in vCenter , a vRO workflow is triggered via Event Broker subscription. The workflow: Checks if the Tag exists (using REST API to NSX-T). If not found, creates the Tag under the correct category. Assigns the Tag to the newly provisioned VM. This eliminates the need for manual intervention and ensures every VM is tagged correctly for policies, automation, and visibility . High-Level Flow VM Provisioning in vRA User requests VM with required details (e.g., Environment, Owner, Application). Event Broker Subscription After provisioning, vRA triggers a vRO workflow . vRO Workflow Actions Connects to vCenter using REST API. Checks if Tag exists. If exists → Skip creation. If not exists → Create new Tag under category. Assigns Tag to the VM. Result VM is provisioned with the right tags automatically applied . Flow Diagram Steps Start VM Prov...

  Overview This deployment model integrates VMware Aria Automation Code Stream with Kubernetes to securely and automatically execute Helm chart deployments . The approach leverages a short-lived Kubernetes Job that handles: Git repository checkout Helm chart installation/upgrade Automatic cleanup post-execution This ensures secure, ephemeral, and repeatable deployments with minimal cluster footprint. Design Components 🔹 Code Stream Pipeline Type: Kubernetes Task Trigger: Manual or scheduled Inputs: Git credentials (e.g., gitusername1 , gitpassword2 ) Purpose: Submits Kubernetes Job manifest to the target cluster 🔹 Kubernetes Job API Version: batch/v1 Namespace:   <Name Space> Service Account: crypto (preconfigured RBAC permissions) Image: Custom Alpine with Helm + Git CLI ( k8s:1.33.3 ) Execution Steps: Clone Helm chart from internal GitLab Run helm upgrade --install with values file Deploy resources into ...