In vRealize Automation today EBS or event based subscription is a very powerful feature that allows you to integrate with 3rd party systems, assist with the provisioning of an application or anything you may need to do during the lifecycle of a machine or catalog item via the integration with vRealize Orchestrator.
Some common integrations are:
• Create CI in CMDB
• Update CI in CMDB
• Retire CI in CMDB
• Generate and Set Unique password from Secret Server
• Configure F5 loadbalancing
• Configure Netwoks and or firewall rules
• IPAM integration
• Installing additional software based on properties
• Etc
There is a good post by some of my colleagues on SNOW integration HERE using the new extensibility in Cloud Assembly .
Cloud Assembly which is still in Initial Availability has a similar concept. First thing I notice is there is less event topics currently then in vRA as shown in the image below:
But this is fine as it has the main events everyone used anyway. But what Cloud Assembly introduces is the ability to still integrate with vRO but also what is called ABX (Action Based Extensibility) which currently leverages AWS Lambda. This is what I will focus on going forward but more looking under the sheets in what is happening on the Lambda side.
Lets first get a base line on what my Lambda looks like in my AWS account.
As the above image shows, I have a couple there. Now I am going to create a simple action in Cloud Assembly.
1) Select Actions – > NEW ACTION
2) Enter Name, Select Project, Template and Runtime
You will notice in the above image there is some common templates already available for use. For this I will just choose Custom Script and nodejs runtime.
3) Once we have this how we want it click Save.
Right now there is nothing in Lambda it needs to execute at least once to be created. To do this we can just click the Test button.
I now go back into Lambda console and I can see an extra function as shown in the below image.
Now lets dive into this function and look at how it has been configured.
You will notice that there is an abx_wrapper.js file that is wrapping the script we entered which is named client_main.js
What we can also see is a folder called VMW_system_dependancies which has common modules for in this case node js.
Moving down the page we can see that it has chosen a role to use. My account has 5 different lambda roles and it appears to just automatically choose the first one available. It also configures it with “No VPC” this is fine for just using internet connectivity but it can not directly connect to anything configured within a VPC.
There is at the time of writing this no way to choose this through Cloud Assembly. But you can come into lambda and make these changes and the action will still work. Just be warned if you make a change with the action in Cloud Assembly and save it, any changes made manually will be reverted.
SO….This is cool you say, but what if I wanted to do something more advanced that required custom modules or ones not provided by default?
Good news you can.
When we go to create the action we choose Import Package and then choose an entry point.
In this example I will use a function that SSH’s into a server to run a command. Which requires “simple-ssh” module. I Have written this in vscode.
I then zip up the contents which includes my index.js, node-modules and in this case the ssh pem file used to authenticate.
We then set the entry point. This needs to be the file.function so in my case it is index.handler. This will tell the abx wrapper script what it needs to reference.
Now once we import and save lets have a look on the back end.
As you can see from the below image the functions has all my files too. Has my node-modules, it has the pem file, index.js and the package.json files.
Lets now have look at the run through Cloud Assembly.
Woohoo As we can see ls -al was run and gives me back the output.
So now the $100 question… We now have vRO and Lambda at our disposal which should you use?
This luckily pretty simple for most enterprises vRO will still be the most used. It is also agnostic, I can from vRO hit any machine or service on any platform I have connecting into my environment. If your running CMDB on premise then you would use vRO to do that integration.
However if your only provisioning to AWS and your 3rd party integrations are with SaaS based services ABX is the way forward.
Hope you enjoyed this little peak behind the scenes.
Cheers