Deploying Infrastructure as Code

We need to configure vRA and NSX, which will allow for an isolated network of VMs to be used from the dev environment.

The network layout of the desired solution is as follows:

NSX Edge will provide Source Network Address Translation (SNAT) routing so that isolated VMs can have access to external dev network resources in this layout. It will also provide destination NAT (DNAT) port forwarding so that dev machines are able to access specific services on a target isolated VM by addressing the NSX Edge in this layout. This design will also make use of the vSphere linked clones technology to minimize storage requirements. vRA provisioning will be implemented with the following blueprint structure:

  • Base Windows image: This will provision a blank Windows image that will become accessible through vRA.
  • Base Linux image: This will provision a blank Linux image that will be become accessible through vRA.
  • Windows linked clone component: This will be the linked clone blueprint on top of the VM that was instantiated from the base Windows image and a specific snapshot. This represents the actual isolated VM to be provisioned.
  • Linux linked clone component: This will be the linked cone blueprint on top of the VM that was instantiated from the base Linux image and a specific snapshot. This represents the actual isolated VM to be provisioned.
  • Multi-machine blueprint: This will be a collection of the component blueprints that will be provisioned at once:

To provision the machine properly, the following components should be included:

  • External network profile: This is a definition of the subnet from the external dev network, along with details for routing and DNS resolution:
  • Cluster reservation: A dedicated reservation is needed to limit resource usage to only a single datastore (so that the linked clone works), as well as to map the network port group to the External network profile.
  • NAT network profile: This is a definition of the subnet that isolated VMs will use behind NSX Edge. This is only a template that will later be copied into the multi-machine blueprint components assignment:

  • Reservation policy: This will be a dedicated reservation policy that ensures that all blueprints will only address the designated cluster reservation that's created.
  • Machine prefix: This is only used to distinguish the machines that have been provisioned by the multi-machine blueprint.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.15.190.144