Cloud Automation Cloud Management Platform Vmware vRealize vRealize Automation vRealize Suite

Integrating NSX with vRealize Automation – Part I

Why this blog?

NSX and vRealize Automation are two major products from VMware. You use vRealize Automation to build a Cloud environment and use NSX for building a Software-Defined-Network environment. Individually they are awesome products and when you mix them up, you get an overdose of awesomeness. Fun apart, the actual power of Software Defined Datacenter comes into play when you use them together. With NSX you can build Dynamic routing, load balancing, firewall rules etc.

Few Use Cases

A few of the real life use cases that is possible with the integration of these two products.

  • Think of this scenario, how cool will it be if you can spin a multi layer application all by a single click along with it’s network, firewall rules and load balancer auto-configured at the runtime. So every time anyone deploys one such instance their respective configurations are also build by runtime.
  • At the time of deletion all these network, firewall and load balancers are also deleted automatically. I am not even talking about other features that NSX brings into the game.
  • Build a catalog item with built in approval policies and advanced services like guest introspection, anti-virus etc. So when someone asks for that item they get all the features along with it. No more after post deployment installations and approval/clearance from respective team. So no more waiting

So in this blog series I am going to talk about how to integrate NSX with vRealize Automation and then use the network functionalities provided by NSX to build a multi-machine blueprint and use it to deploy three tier workload. In the first part I will cover the integration of NSX and vRealize Automation. In the second part I will cover the building of the blueprint and in the third part will consist of the results.

So without further ado let’s start the series.

The process which integrates NSX with vRealize Automation (vRA) is detailed below:

  1. First you need to install NSX plugin in vRealize Orchestrator (vRO). Both internal and external vRO is supported. For this blog I chose to use external vRO appliance.
  2. Second, you need to add the NSX manager as an endpoint in vRO appliance.
  3. You need to add vRealize Orchestrator as an End Point in vRealize Automation and run a discovery of resources.
  4. Now all the NSX information will be available in vRealize Automation to be consumed by the blueprints.

Let’s start with the plugin installation in vRO.

Installation of the NSX Plugin in vRO

To upload and install NSX plugin you need to download the NSX plugin for vRO from the VMware download link. Note the following from the site:
This plug-in (1.0.4) can be utilized by vRA 7.1.0, vRO 7.1.0, NSX-vSphere 6.2.2, NSX-vSphere 6.2.4.

So this works with only the above versions of the products. But the general process applies to other versions as well.

Once you have downloaded the plugin, you need to go to controlcenter of vRealize Orchestrator. You can use both the internal vRO or an external appliance. Also to go to ControlCenter you can either directly go to the controlcenter by going to

https://<IP or FQDN of vRO Server>:8283/vco-controlcenter/

or by going to the default page and from there select the Orchestrator Control Center link:

https://<IP or FQDN of vRO Server:8281/vco/

vRealize Automation - 1
vRO Control Center link

Clicking on the link takes you to the control center page and will ask for your password. Use the “root” user id and the password that you have set at the time of deployment.

vRealize Automation - 2
Providing ID and Password

Once in the Control Center scroll down to select “Manage Plug-Ins”.

vRealize Automation - 3
Click on Manage Plug-Ins

In the Manage Plug-Ins window select on Browse to browse to the folder where the plugin is and select the same.

vRealize Automation - 4
Click on Browse

Select the Plugin and Click on Open.

vRealize Automation - 5
Select plugin

Once the plugin is selected, click on Install.

vRealize Automation - 6
Start of Installation

Accept the EULA and Click on Install to start the installation.

vRealize Automation - 7
Accepting EULA

Once the installation is completed, you get a prompt to restart the server. The same page also gives you a link to the “Startup Options” page from where you can do the same.

vRealize Automation - 8
After installation, go to restart server page

From the “Startup Options” page click on Restart button to restart the server.

vRealize Automation - 9
Restart the server

Once the restart is completed. You are done. The plugin has been installed.

vRealize Automation - 10
Server restarted

Double check the installation of the plugin. NSX plugin should be listed and should be selected as well.


vRealize Automation - 11
Plugin check

Since the plugin is installed, next you need to configure and integrate with vRA.

Configuration of NSX in vRO / vRealize Automation

In this part you need to do the following two steps:

  • Add the NSX endpoint in vRealize Orchestrator
  • Add the vRealize Orchestrator as an endpoint in vRealize Automation Server

You need to start with the Orchestrator. So login to the Orchestrator Client with the credentials. Please note the following:

  • If you are using the internal vRO server of vRealize Automation, then the “Host Name” field should have the format as <IP or FQDN of vRA server:443>.
  • If you are using the external vRO server, then the “Host Name” field should have the format as <IP or FQDN of external vRO server:8281>

Note, the port difference. For internal vRO server of a vRA server you need to use port 443 and for external vRO server you need to use port 8281.

vRealize Automation - 12
Connecting to vRealize Orchestrator

Once logged in, by default you would be in “Run” mode of vRO. To add the NSX endpoint go to Workflows tab.

vRealize Automation - 13
Opening Workflows tab

Next, go to Library –> NSX –> Configuration –> Create NSX Endpoint. We will run this particular workflow to add the NSX manager as an endpoint. Click on the Green button at the top to run the workflow.

vRealize Automation - 14
Running Workflow

When the workflow is run it provides a form where you can provide the information. You need to provide the following information:

  • Endpoint Name
  • NSX user name
  • NSX Password

The next two options are pre-populated and you can keep them at their default.

vRealize Automation - 15
Providing details of NSX Manager

Wait for the successful run of the workflow. When it completes successfully, NSX Manager is added as a managed endpoint in vRO.

vRealize Automation - 16
Successful Completion of NSX endpoint addition

Once the endpoint is added successfully, you can go ahead and check the details from the endpoint. It should show each and every component you have configured in your NSX Manager.

vRealize Automation - 17
Details checking

Your configuration at vRO is finished. Next you need to go to vRA and add this vRO as an Endpoint. Login to vRA server tenant as “IaaS Administrator” so that you can add an Endpoint. Go to Infrastructure –> Endpoint –> Endpoint. Click on New –> Orchestration –> vRealize Orchestrator.

vRealize Automation - 18
Adding vRO Endpoint

Provide the Endpoint a name. Provide the name of the vRO server in the appropriate box. Please note the following:

  • If you are using the internal vRO server then the Address is “https://<IP or FQDN of vRO/vco”
  • If you are using external vRO server then the address is “https://<IP or FQDN of vRO:8281/vco”

So, for external vRO server you need to provide the port number as 8281. For internal vRO no need to specify any port.

vRealize Automation - 19
Details of vRO

Click on the button next to “Credentials” to add a credential to use. It will provide a new window. Click on New button to add a new credential (you can use an existing one as well).

vRealize Automation - 20
Add new credential

Provide details of the credential and click on Green button to save the details.

vRealize Automation - 21
Details of Credential

Click on OK button to save the credential and use it.


vRealize Automation - 22
Use of Credential

Important point. Here you need to add a Custom Property for vRO specifying the priority. Since I did not provide this property, it will give me an error.

vRealize Automation - 23
Priority setting error

Set a customer property with “VMware.VCenterOrchestrator.Priority” and set a value in it. I set 1 as property value. Click on OK to save the endpoint.

vRealize Automation - 24
Custom property value set

Once saved, it will start the data collection. Wait for the data collection to be complete.
vRealize Automation - 25 vRealize Automation - 26

Once the data collection is completed successfully our configuration is complete. To check whether everything is running fine, go ahead and configure NSX as a resource point in vCenter Endpoint. So go to the configured vCenter Endpoint and select “Specify manager for network and security platform”. You need to provide NSX manager IP or FQDN and credential for that.

vRealize Automation - 27
Details of NSX as part of vCenter Endpoint

Next, we need to force a Data Collection at vCenter Endpoint so that it will get all the entities available from NSX Manager. For this go to Compute Resources and select the Compute Resource which came from that vCenter Endpoint. Right Click and Select “Data Collection”

vRealize Automation - 28
Data Collection 1

Under Network and Security Inventory click on “Request Now” button to start the data collection. Note, here I got a failed data collection as earlier I added the NSX manager before adding the NSX manager in vRO and adding vRO as an endpoint. So vRealize Automation could reach NSX manager from vCenter endpoint (it was a valid URL) but it did not know how to get the data from NSX Manager.

vRealize Automation - 29
Start of Data Collection


Now after all these configurations the data collection is successful. Click on OK to go back to earlier page.

vRealize Automation - 30
Successful data collection

You can check and reserve resources from NSX now. To do that, go to Reservation and add/modify a reservation to include network elements.

vRealize Automation - 31
Reservation checking

Note, I can see all the portgroups created by NSX Manager and the Transport Zone, Security Group and Routed Gateways.

vRealize Automation - 32
Addition of NSX resources 1

Select what you require and click ok to save the reservation.

vRealize Automation - 33
Addition of NSX resources 2

Configuration and Integration of NSX to vRealize Automation environment is complete. Now you should be able to use the entities presented by NSX environment from inside vRealize Automation.


In the Part I on this blog series I have covered how to install NSX plugin in vRealize Orchestrator and then integrate vRealize Orchestrator as an Endpoint in vRealize Automation server. Also after this post you should be able to utilize entities from NSX in vRealize Automation reservations.

In the next part I am going to cover how to utilize these entities in a Blueprint and create those functionalities at the runtime.


5 comments have been added so far

    1. Hi Damion, Apologies for the late reply. As of vRA 7.2 same plugin applies (1.0.4). You need to remember that if you are using in-built vRO server then you do not need to install the Plugin, it is already included (using in-built vRO is the recommended way from vRA 7.2 onwards). If you are using external vRO server then the same version works.

  1. Hello,

    It would be worth to mention what role should be assigned to the solution user in NSX that will be used with NSX plugin in vRO. Auditor and Security Administrator will not allow you to list Datacenters. Also these roles will cause failure in collecting data from NSX in vRA Compute resource using DEM worker.

Leave a Reply

Your email address will not be published.