Implementing Database-as-a-Service with vRealize Automation
By Vishwajit Shah / Jan 08,2021
This blog demonstrates an automated service model of delivering Database as a Service. VMware vRealize Automation is an Enterprise Private Cloud Solution that delivers a simplified secured portal to serve infrastructure on-demand essentials. IT administrators and developers can rapidly provision virtual machines, servers, and desktops using Prototype Machine Blueprints, requests various IT services, and manage applications through customary Service Catalog to provide a coherent user experience over Private and Public, or Hybrid Cloud environment.
The major challenge for IT admin to provide numerous various copies of relational database servers for production, testing, development is consistently a complex operation that involves the combined efforts of many teams and the creation of customized scripts that required professional development skills.
The ability to swiftly implement multiple instances of Oracle/SQL Server databases can reduce the time to create, test, deliver, and deploy new applications. vRealize Automation does accelerate the deployments and management of applications and compute services, thereby improving business agility and operational efficiency.
Sample diagram of vRealize Automation Software Components Process flow
Further, we will discuss a process of Blueprint creation, customization, VM Template, Script to Install\Configure Oracle Database 19c Binaries post new VM provisioning on Linux OS platform which inherits change in Oracle SID (Unique Security Identifier), Oracle DB Login Password, specifying Oracle SGA/PGA shared memory structures and other requirements of Day 2 operations as adding additional storage, user administration, renaming the provisioned VM’s, etc.
We will be able to achieve our purpose using vRealize Software Components to standardize the configuration properties and using action scripts to specify exactly how components are installed, configured, uninstalled, or updated during deployment scale operations, effortlessly we can rewrite these action scripts at any time and publish live to push changes to provision software components. To support Software components, it is mandatory to install the guest agent and Software bootstrap agent on your reference machines before you wanted to convert them into a machine template for cloning or take a snapshot.
vRealize Administrator can design action scripts to be generic and reusable by defining and consuming name and value pairs called software properties and passing them as parameters to the action scripts. If your software properties have values that are unknown or need to be defined in the future, you can either require or allow other Blueprint Architects, end-users to provide the appropriate values.
If it required to specify a value from another component in a blueprint, for example, the IP address of a machine, you can bind your software property to that machine’s IP address property. The software properties parameterize action scripts and make them comprehensive and transformable so you can utilize software components in different environments without altering the scripts.
In this instance, we are exhibiting an Oracle database deployment as DBaaS, we have prepared a Linux reference machine, used a clone blueprint for provisioning a complete and independent virtual machine based on a vCenter Server virtual machine template. If you want your templates to support Software components, the single script to install the Java Runtime Environment, install the guest agent and software bootstrap agent on your reference machine.
We have skipped sample steps of installing guest, bootstrap agents, and other required software on a reference Template Machine.
The basic details of the environment used to perform this demonstration.
- vRealize Automation 7.6 (Enterprise Edition)
- Oracle 19c Setup Images
- Redhat 7.6 Operating System [Used Compute Resources on reference machine vCPU: 2; Memory:16GB HDD-1: 20GB & HDD-2 :80GB]
- Custom Script to Install/Configure Oracle 19c Binaries (Content created with the help of Developers)
- vCenter Server 6.5
- 3 Node ESXi 6.5 Server
- Shared Storage to host Cloned/Template VM’s, allocate available compute resources to provision VM’s.
- Create a VM with the desired Linux OS and install vm-tools, update necessary upgrades and patches.
- Ensure that the below commands are available, depending on the Linux Redhat OS system. (wget; curl; python; yum or apt-get)
- Network connectivity required from the Virtual Machine
- vRealize Automation Guest Agent should be installed on all VMs you want to Install, configure, Start, Update, Uninstall the software using vRA Software Components.
- Post Guest Agent (aka the Gugent) installation VM’s, Create a Snapshot of the VM & Shutdown the Guest VM.
- Keep an Oracle DB Setup Files on designated location inside VM to specify kickstart post VM provisioning
- Create a template of the VM. (Note: For Linked Clones, create a new snapshot and provide a VM Name & For Full Clone you can just convert the machine directly to the Template.
- Create a Blueprint from using VM clone Template.
- Design Software Components, Software architect authors software components for use in the blueprint designer.
- Attach created Software Components to Machine Blueprint. > Publish > Request Item from Catalog to provision VM.
# Let us find out how to achieve Oracle DB provisioning
A. Steps for Creation of Machine Blueprint
Fig.1A Log in to the vRealize Automation console as a user with software architect and infrastructure architect privileges, Select Blueprints Tab under Design. (The below screenshot taken from the existing Blueprint sample)
Fig.1B Blueprint Design Canvas
Fig.2 Select New > Review and Edit General Settings below the Design Canvas.
Fig.3 Select Build Information settings for a vSphere machine component > Edit Settings.
Fig.4 Select Machine Resources > specify CPU, memory, and storage settings for a vSphere machine.
Fig.5 Select Storage. (Change or Add storage volume settings, include one or more storage reservation policies, to the machine component to control storage space.)
Fig.6 Select Network and specify the component from the drop-down menu.
Fig.7 Select Security, no custom settings specified. However, settings can be configured for a vSphere machine component based on NSX settings that are configured outside vRealize Automation. Fig.2 Select New > Review and Edit General Settings below the Design Canvas.
Fig.8 Select Properties, no values to add under Property Groups
Fig.9 Select Custom Properties next to Property Groupsunder Properties, added below guest custom property values
Fig.10 Review the Final Setting, Select Finish.
B. Steps for Creation of Software Components
Fig.11 Navigate to Software Components under Design and Select New
Fig.12 Provide appropriate name, enter Description, keep Container as Machine. If the machine is going to get deployed in the vCenter.
Fig.13 Created properties for Program Global Area (PGA), System Global Area (SGA), Oracle Database Login Password, SID – To Specify unique Database System Identifier.
Fig.14 Developed Bash Script to install Oracle DB Binaries, and creating an Oracle database home directory, Need to attach/paste script at the Configure Stage
Fig.15 Review for Ready to Complete. > Select Finish.
Fig.16 Attach the Software Component to Machine Blueprint. Select Finish
Fig.17 Navigate to Catalog
Fig.18 Oracle Database Blueprint Select Request.
Fig.19 Enter the desired values in Description, Reason for request, Deployments ( Number of copies) feilds.
Fig.20 Next Select or Highlight (machine: Redhat_7.7_19c_oracle) and review the number of instances and compute details.
Fig.21 Select Storage and review the added Disks
Fig.22 Next Select or Highlight (OracleDB19c_1). In this section, we would need to add the values depending on the Template/Reference Machine resource. If you have VM Memory is 16 GB, ensure that you keep a buffer of 3 to 4 GB from the actual allocated 16GB of VM Memory then assign the SGA & PGA values, including these two parameters the values should not exceed more than 10GB — 12GB at the time of requesting Oracle Database Blueprint from Catalog.
Example Reference 1)
PGA = 512
SGA = 2048
Password = Password123
DB sid = CATCH22
Example Reference 2)
PGA = 2048
SGA = 8192
Password = Password123
DB sid = CATCH26
(Note: If you choose to enter 2GB or 10GB, you need to enter the corresponding values in MB as 2048 / 10240. Incorrect/invalid SGA & PGA values result in failed machine deployments )
Summary That ends with the blog content, the configuration script is confidential and Intuitive proprietary hence cannot be disclosed. The bash script defines key parameters, objectives, execution, considering guest OS, and Oracle Database requirements. I hope this will be useful to get an overview of DBaaS provisioning with vRealize Automation Software Components.
The Internal users were accessing critical applications based on SAP BO/DS,and other Windows based agents installed on Normal Windows Boxes enabled with Terminal Services. The Access was primarily via the Remote Desktop Protocol (RDP) on port 3389, which is very commonly used port and liable to security threats and exposure. So, the Customer wanted to put in place a more secure and robust solution, which would not use the normal RDP ports,and thereby solve the potential security issues that may arise.
Limitation and considerations:
- Customer is a VMware shop
- Needs a robust, highly available, simple solution.
- On-Prem SDDC is running on legacy version of vSphere, so latest VDI solution deployment not possible
- Customer has presence on Native AWS
- There are limited users who would be using the VDI Solution (upto a 100 Users) with dedicated desktops
Intuitive came up with a solution to deploy VMware Horizon VDI on the Native AWS, using the Windows EC2 instances for the connection servers and the Windows Desktops, without integrating it with the vCenter or using VMware Dynamic Environment Manager (Formerly Known as VMware User Environment Manager) and Unified Access Gateway (UAG)
Logical Design Diagram:
Considering the limitation of the vSphere version running on the on-prem site, we decided to use the Native AWS, which would allow us to use and deploy the latest Horizon components versions on the latest Windows OS version as well and ability to take advantages of natively available High Availability built into AWS, additionally we would be closer to the Application in case of a DR as the AWS is the DR Site of the critical applications as well.
Since we cannot deploy any VMware appliances like vCenter and Horizon on the Native AWS, also considering the customer was using dedicated desktops and we do not have the requirement of UAG and DEM along with the integration to vCenter to dynamically create and allocate desktops, we could go into AWS without any issues
We deployed the Prod Horizon component of connection servers in HA Pair with dedicated desktops behind it in the AWS East-1 Prod VPC, which would hair pin back to on-prem Active Directory (AD) service for Authentication and would entitle users to authenticate into the Desktops and connection servers. The users would the use the dedicated desktops streamed using BLAST and PCOIP Protocols to the Horizon clients, which have all the required windows based application \ agents installed on it, which would connect back to the applications and Databases back on-prem. Since the network connectivity between the on-prem site and the AWS VPC was good, we were able to stream the desktops without any major latency issues.
For the DR the on-prem critical application in case of a site down situation would failover to the East-2 DR VPC configured on AWS, so to maintain the locality of the Horizon, we can failover to a similar setup on the East-2 VPC, using a separate connection server URL.