VMware for Cloud Provisioning

From ServiceNow Wiki
Jump to: navigation, search
Cloud Provisioning
Related Topics
Get the Book
Cloud Provisioning

1 Overview

The VMware application for cloud provisioning enables users to request VMware virtual servers through the ServiceNow service catalog. When a user requests a virtual server, Orchestration executes preconfigured approval and provisioning tasks. If the request is approved, Orchestration automatically creates a virtual server from a stored template, configures the virtual machine, and then starts the server. Cloud provisioning is available with the Calgary release.

VMware for cloud provisioning is a feature of Orchestration, which is available as a separate subscription from the rest of the ServiceNow platform.

2 Upgrade Instructions

After you upgrade from an earlier version to the Calgary release, the information in VMware vCenter must be updated. To add data and update the relationships, either run ServiceNow Discovery or discover vCenter details using the discovery utility that does not require the full Discovery product.

3 How it Works

Orchestration in the ServiceNow platform integrates with the vCenter API and adds VMware workflow activities to the existing Workflow application. These activities enable Orchestration to clone new virtual machines from templates, configure virtual machines, and power virtual machines on and off.

4 Provisioning Tasks by Group

Tasks for setting up a virtualization product, provisioning virtual resources, and requesting virtual machines from the service catalog depend on the user group to which you belong.

  • Virtual Provisioning Cloud Administrator: Members of this group own the cloud provisioning environment and are responsible for configuring the different virtualization providers used by cloud provisioning. Administrators can create service catalog items from VMware templates and Amazon EC2 images, approve requests for virtual machines, and monitor the cloud provisioning environment using the Service Monitoring Portal.
  • Virtual Provisioning Cloud Operator: Members of this group fulfill provisioning requests from users. Operators perform the day-to-day work of cloud provisioning by completing tasks that appear in the Cloud Operations Portal. Operators are assigned to specific virtualization providers and must be technically adept with the products they support.
  • Virtual Provisioning Cloud Users: Members of this group can request virtual machines from the service catalog and use the My Virtual Assets portal to manage any virtual machines that are assigned to them.

5 Asset Management Integration

The My Assets plugin creates a new model and model category called VMware Instance. The system creates a new asset for this model when cloud provisioning fulfills a virtual machine request, and then creates a VMware configuration item (CI). The new asset appears in the requester's My Assets portal. When the virtual machine is terminated, asset management retires the asset. The My Assets plugin is automatic for new Calgary instances, but must be activated for upgraded instances.

5.1 Activating the Plugin

Users with the admin role can activate the My Assets plugin on an instance upgraded to Calgary.

6 Requirements

  • All virtual machine templates must contain VMware Tools.
  • For Windows virtual machines (VMs), click here to determine whether Microsoft Sysprep is required on the vCenter instance.
  • The vCenter user must have proper credentials for cloning, customization, and powering on the virtual machine.
  • On Windows 2003 templates, the password for an Administrator must be blank on the base image.

7 Activating the Plugin

This feature requires the Orchestration - VMware Support plugin. VMware for cloud provisioning is a feature of Orchestration, which is available as a separate subscription from the rest of the ServiceNow platform.

8 Selecting a role for the VMware vCenter integration

While configuring ServiceNow to connect to vCenter, you supply credentials for a vCenter user. The user's permissions in vCenter determine which VMware tasks the user can perform in the ServiceNow instance. Based on the role that you select, you can implement one of a variety of levels of permission.

8.1 Administrator role in VMware

The Administrator role provides all privileges available in vCenter. This includes access to every operation that ServiceNow supports plus all of the features that ServiceNow does not use. Using the Administrator role is a simple way to grant a ServiceNow instance full power.

8.2 Full access

It is possible define a role that provides the ServiceNow instance enough access to perform all supported operations without granting full Administrator privileges. With this role, ServiceNow users can run Discovery, view all resources, perform all operations (Start, Stop, Pause, Snapshot, Terminate, VM Modifications), and provision new VMs (including guest customization).

One way to accomplish this is to clone the "Virtual Machine Power User (sample)" role that is provided with vCenter and then edit the role to add the following additional permissions:

  • Datastore > Allocate Space
  • Network > Assign Network
  • Resource > Assign virtual machine to resource pool
  • Virtual Machine > Inventory > Create from existing
  • Virtual Machine > Inventory > Create new
  • Virtual Machine > Inventory > Remove
  • Virtual Machine > Provisioning (All in this category)

8.3 Virtual Machine Power user

The "Virtual Machine Power User (sample)" role that is provided with vCenter allows a user to browse the datastore, schedule tasks, and perform many VM operations. The role enables ServiceNow users to run Discovery, view all resources, and perform the Start, Stop, Pause, and Snapshot operations and to perform VM modifications like adding a disk.

This role does not have permission to provision new VMs or to terminate existing VMs.

8.4 Virtual Machine user

The "Virtual Machine User (sample)", slightly less powerful than the Power User role, allows a user to browse the datastore, schedule tasks, and perform some VM operations. It provides enough for ServiceNow users to run Discovery, view all resources, and perform the Start, Stop, and Pause operations.

The role does not have permission to provision new VMs, terminate existing VMs, manage snapshots, or make VM configuration modifications.

8.5 Read-only user

The "Read-only" role allows a user limited read access to the system without any other privileges. The role allows ServiceNow users to run Discovery and view resources.

The role does not have permission to provision new VMs or to run any VM operations.

9 Enhancements

9.1 Eureka

Was this article helpful?
Yes, I found what I needed
No, I need more assistance