Containers are becoming the standard way to package and ship software, making them an essential part of application development. VMware vRealize Automation provides a unified cloud management portal for provisioning, configuring and monitoring infrastructure resources. This article has been developed to provide a basic solution to enable on-demand deployment of a virtualized platform to support the development of containers.

Combining VMware Photon OS and VMware vRealize Automation, these instructions detail the process for creating a simple Containers as a Service solution. Part 1 covers preparing the Photon OS template and Part 2 covers creating the vRealize Automation Blueprint and Catalog item. The Photon OS will use self-signed certificates for authentication.

These steps are for example purposes only, and careful consideration and analysis of your specific use case should be completed prior to implementing in your own infrastructure. The hostnames and network configurations are also examples and you should substitute in your own specific values. These steps have been compiled using vRA 7.2, and vSphere 5.5.


Create a vRA Blueprint for Photon OS Container Host Deployment


These steps continue on from where we left off on Part 1 having created and tested a Photon OS template.


1.1 Create a vRA Blueprint for Photon OS Container Host Deployment

  1. Log into the vRealize Automation user interface as a user with IaaS administrator 
  2. Select Administration > Property Dictionary > Property Groups
  3. Select Container host properties with certificate authentication to edit the Property Group
  4. Add the Public certificate hash you collected from the template in Part 1 to the Property Container.Auth.PublicKey  
  5. Click Ok
  6. Add the Private certificate hash you collected from the template in Part 1 to the Property Container.Auth.PrivateKey
  7. Click Ok
  8. Select the Design tab
  9. Select Blueprints
  10. Click New Blueprint
    • Type in a name for the Blueprint  
  11. Click OK
  12. Add an existing network to the Design Canvas.
  13. Select an existing Network profile that is part of an active vRA reservation.
  14. Add a new vSphere Machine to the Design Canvas
  15. Click the Build Information Tab
  16. Chose the following:
    • Blueprint Type: Server
    • Action: Clone
    • Provisioning Workflow: CloneWorkflow
    • Clone from: photon-template
    • Customization spec: photon-customizationNOTE: You may need to run a Data collection for the photon-template to show up in the dropdown boxphoton-customization is pre-created blank generic Linux Customization Specification
  17. Select the Network Tab
  18. Click New
  19. Select the previously added network profile e.g. Network01
  20. Click OK
  21. Select the Properties Tab
  22. Select Property Groups
  23. Click Add
  24. Select Container host properties with certificate authentication 
  25. Click OK
  26. Click Save
  27. Click Finish
  28. Highlight the Blueprint and click Publish
  29. Click the Administration Tab and select Services
  30. Select the service you want to add this new Blueprint to. If necessary, create a new service.
  31. Highlight the service and click Manage Catalog Items
  32. Click the green + to add a new Catalog item
  33. Select the Blueprint you created in the previous steps. Container Host – PhotonOS
    NOTE: The default installation of vRA 7.2 has two pre-created Docker Blueprints. These are not required for this process.
  34. To test the Blueprint, select the Catalog tab and Request the Container Host – PhotonOS item
  35. Click Submit
  36. You can monitor the progress by under the Requests tab 
  37. Once the request is complete the newly provisioned Photon host will be visible under the Containers tab


1.2 Create Container Deployment Constructs

Before we can deploy a container we need to create some placement policies.

  1. Log into the vRealize Automation user interface as a user with IaaS administrator
  2. Select the Containers tab and select Placements 
  3. Click Add
  4. Enter the following Example options
    • Name: Placement-01
    • Placement Zone: default-placement-zone-vsphere.local
    • Business Group: Configuration Administrators 
  5. Click the blue Tick, the placement policy is created

Now that you have created a placement, users are able to run containers on the Photon OS container host and any new hosts that are deployed into the same placement zone.


1.3 Deploy a Container

The below process deploys a container from Docker Hub. In order to do so your vRA needs to be able to access Docker Hub. vRA can also be connected to an internal container registry such as VMware’s project Harbor which is packaged with the vSphere Integrated Containers ova. In a production environment, it is likely that Docker Hub would not be accessible or perhaps not even desirable and an internal Container registry would be used to store and retrieve container images.

  1. Log into the vRealize Automation user interface as a user with IaaS administrator
  2. Select the Containers Tab
  3. Click Templates
  4. Search for a container template on the Docker Hub container registry that you wish to deploy e.g. vmwarecna/nginx 
  5. Click Provision
  6. Select the Business Group
  7. Click Provision
  8. Review the progress in the Provisioning requests window to the right 
  9. Select Resources > Containers 
  10. Select the eye icon in the top right corner to show the containers details 
  11. In the Properties section click the Ports hyperlink which is redirected to port 80 e.g. 
  12. A new browser tab will be opened and the VMware Photon default splash screen will be displayed, indicating that you have successfully deployed the VMware nginx image.


That concludes this Containers as a Service (CaaS) using Photon OS and vRA I hope you have found it informative. There are likely to be many additional configuration requirements for a production CaaS solution particularly in the areas of Storage, Networking and Security.

Additional information can be found at the following site:

James Wirth is a proven cloud computing and virtualization industry veteran with over 10 years’ experience leading customers in Asia-Pacific and North America through their cloud computing journey.

Twitter: @jameswwirth


One comment has been added so far

Leave a Reply

Your email address will not be published. Required fields are marked *