If you have been following Cloud Assembly enhancements, you probably have read Cloud Assembly Meets Google Cloud Platform blog by Chris McClanahan where he describes how Google Cloud Platform becomes a first-citizen in vRealize Automation.
Now, with the introduction of vRealize Automation 8.4 several capabilities and enhancements are available, among them, the ability to deploy a GCP’s virtual machines to a sole tenant node or dedicated host.
So first things first, what is a GCP’s sole-tenancy ?
Per Google documentation: “Sole-tenancy lets you have exclusive access to a sole-tenant node, which is a physical Compute Engine server that is dedicated to hosting only your project’s VMs. Use sole-tenant nodes to keep your VMs physically separated from VMs in other projects, or to group your VMs together on the same host hardware“.
Within a sole-tenant node, you can provision multiple VMs of various sizes and types, which lets you efficiently use the underlying resources of the dedicated host hardware and can help you meet dedicated hardware requirements for bring your own license (BYOL) scenarios that require per-core or per-processor licenses and obviously to isolate virtual machines for security, privacy or others issues.
So there you go, now the question is, how could we take advantage of this vRealize Automation feature?
Very simple, in the Cloud Assembly’s Cloud.GCP.Machine resource type leverage the
useSoleTenant YAML property to indicate that you want to deploy a virtual machine to a sole tenant node.
To facilitate this functionality, Google Cloud Platform’s Node Affinity Labels are converted to Constraint Tags in Cloud Assembly. These Node Affinity Labels are discovered by vRealize Automation and applied on relevant vRealize Automation‘s cloud zones where node groups reside.
Let’s see it with an example, in my environment, I have created a Node Template named: node-template-1 (ok, zero points for originality) with CPU:60, Memory:240GB, in the us-east1-b Zone for hosting my isolated VMs, then I made sure to associate at least one single Node Affinity Label: “env:private“
which in turn and right after the next collection process happened, vRealize Automation was able to discover it then map into a Constraint Tag for the appropriate Cloud Zone:
And with all that in place, I just need to create my Cloud Templates, set
useSoleTenant to “true” , indicating that a sole-tenant node needs to be used to host my VM, then select Constraint Tag: “env:private” for targeting the specific Cloud Zone where Sole-Tenant Nodes exists in my environment.
When I instanced my Cloud Template, I will have my GCP’s VM deployed in our isolated host:
At GCP Console:
vRealize Automation keeps evolving and providing more Out-Of-the-Box Public Cloud capabilities that are easy to consume and help to meet customer security and compliance requirements.