Integrating Contrail Release 5.0.X with VMware vRealize Orchestrator
A dedicated Contrail plugin is used to connect to VMware vRealize Orchestrator (vRO). Contrail Release 5.0 supported a Beta version of the plugin. Starting with Contrail Release 5.0.1, a fully supported version of the plugin is available. The plugin is used to view the Contrail controller configuration in the vRO inventory, and to modify configurations by using vRO workflows. You can also create network policies, security groups, and automate both simple and complex workflows by using vRO.
Components of vRealize Orchestrator
vRO consists of the following components:
vRO Inventory—The vRO inventory displays the Contrail plugin and the Contrail node or endpoint. All Contrail plugin objects that represent your system are displayed in the vRO Inventory. Objects are displayed in a hierarchical order and are based on the Contrail schema.
With Release 5.0, Contrail inventory objects such as projects, security groups, virtual networks, network IPAMs, network policies, ports, floating IP pools, and service templates are displayed in the vRO inventory. Relevant API objects are also displayed in the vRO inventory.
vRO Workflows—The vRO workflow is a process that manipulates objects in a vRO Inventory. Each plugin has a set of predefined workflows. vRO combines workflows from different plugins to create complex processes and manages them. Multiple workflows are used to create blueprints in vRA.
Note:VMware vCenter plugin workflows are represented as simple workflows in vRO plugin.
Contrail Workflows
You must connect to the Contrail controller or an endpoint before you create Contrail workflows. You must use Create Contrail controller connection to connect to an endpoint. You must use Delete Contrail controller connection to terminate a connection with an endpoint. Once you connect to the Control controller, the vRO plugin accesses the Contrail inventory objects and then updates the vRO inventory with the Contrail inventory objects.
The following workflows are defined for simple networking operations in Contrail Release 5.0:
Network
Create network
Delete network
Note:You must use the Create network workflow to create a network on the Contrail controller.
Network Policy
Create network policy
Add rule to network policy
Remove network policy rule
Delete network policy
Security policy
Create security group
Add rule to security group
Edit security group
Remove security group rule
Delete security group
Service Instance
Add port tuple to service instance
Create service instance
Delete service instance
Remove port tuple from service instance
Network IPAM
Port
Project
Service Template
Virtual Network
Floating IP
Create floating IP
Delete floating IP
Floating IP pools
Create floating IP pool
Delete floating IP pool
Edit floating IP pool
Starting with Contrail Release 5.0.1, the following workflows are also defined:
Tag
Create global tag
Create tag in project
Delete tag
Tag Type
Create tag type
Delete tag type
Network Policy
Edit network policy rule
Security policy
Edit security group rule
Service Health Check
Create service health check
Add service instance to service health check
Remove service instance from service health check
Edit service health check
Delete service health check
Project
Add application policy set to project
Remove application policy set to project
Add tag to project
Remove tag from project
Virtual Network
Add tag to virtual network
Remove tag from virtual network
Virtual Machine Interface (VMI) - Port
Add tag to port
Remove tag from port
Service Group
Create service group in policy management
Create service group in project
Add service to service group
Edit service of service group
Remove service from service group
Delete service group
Address Group
Create global address group
Create address group in project
Add subnet to address group
Remove subnet from address group
Delete address group
Add label to address group
Remove label from address group
Application Policy Set
Create global application policy set
Create application policy set in project
Add firewall policy to application policy set
Remove firewall policy from application policy set
Add tag to application policy set
Remove tag from application policy set
Delete application policy set
Firewall Policy
Create global firewall policy
Create firewall policy in project
Add firewall rule to firewall policy
Remove firewall rule from firewall policy
Delete firewall policy
Firewall Rule
Create global firewall rule
Create firewall rule in project
Edit firewall rule
Delete firewall rule