vRA & SovLabs: Infoblox IPAM Module

An IP address is an integral part of the server architecture and is required by all servers, LB VIPs, NATs etc. Many customers still make use of spreadsheets, which is very difficult to automate when you have to manually enter data, and this eventually leads to inconsistencies due to the file not getting updated when a IP address is assigned, changed or deleted.

What you need is a robust high performance, highly available IP solution that you can manage from a single interface and provides  features like:

  • Manage a large pool of IP addresses
  • Improve availability, and simplified administration.
  • User based roles and permissions.
  • Provide vital operational and troubleshooting data:
    • IP address history, MAC address, Owner, Location, OS, etc.
  • Reports summarizing IP address resources and utilization.

There are many IPAM solutions out there with SovLabs support for the following:

I will be using the SovLabs Infoblox module in my example but if you have read this far you probably asked yourself “Infoblox has native integration with vRealize Automation, why use the SovLabs Infoblox module?”  I did some research and hopefully this information is useful in your decision making:

Differentiators between SovLabs Infoblox IPAM and Infoblox native integration vRA:

  • SovLabs do not require the Infoblox cloud adapter
  • SovLabs has different modules, which seamlessly integrates with each other and enhances the IPAM functionality:
    • Separate DNS and IPAM modules to allow each to be driven independently even between different providers.
    • Ability to create multiple independent DNS profiles that can drive DNS for multiple different providers independent of IPAM.  DNS is able to register against multiple domains out of the box and drive host records, CNAMEs, PTR and A records independently.
  • SovLabs has pre-validation logic for IP and DNS forward/reverse duplication detection.
  • SovLabs Template engine can be used for custom comments, fields in Infoblox based on vRA metadata.
  • SovLabs is design for ease of use.  No Infoblox schema changes or lengthy install and upgrade process.
  • SovLabs is completely policy driven, no need for custom workflow development.

The SovLabs module also has many other features which can viewed on the website here, but some of the highlights are:

  • Obtain and reserve unique IP address(es) and release automatically during appropriate machine lifecycle
  • Reserves unique IP address(es) and assigns to the VM NIC(s) based on IPAM profile(s)
  • IPAM profiles can span multiple networks, each consisting of a network name, subnet CIDR block and gateway address
  • IPAM configurations are interchangeable between endpoint providers; avoid lock-in by easily adding additional IPAM providers with other IPAM modules from SovLabs
  • No custom workflows required, completely policy driven
  • SovLabs IPAM configurations may also be used with SovLabs network load balancer modules

Prerequisites:

  1. Infoblox user on (all) Infoblox appliance(s) with the following permissions:
    • API and GUI access configured
    • Add/remove Host Records, A Records and/or PTR Records
  2. Infoblox WAPI version must be 1.2+

    Access https://{infoblox-fqdn}/wapidoc/ and look in the upper-left corner

  3. Login to the vRA tenant
    1. Add license for Infoblox IPAM module
    2. Validate the following show up on the Catalog page:
      1. Add Infoblox Endpoint
      2. Add IPAM Profile

 

Configuration:

  1. Add InfoBlox Endpoint
    1. Login to vRA Tenant
    2. Select Catalog -> SovLabs vRA Extensibility
    3. Screen Shot 2017-05-10 at 6.09.35 PM.png
    4. Click Request button on “Add Infoblox Endpoint”
    5. Screen Shot 2017-05-10 at 6.10.29 PM.png
    6. Infoblox Endpoint
    7. Enter Configuration label
      • Only AlphaNumeric characters, no spaces or special characters except: - and _
    8. Enter hostname
      • FQDN of Infoblox server
    9. HTTPS = yes
    10. Port – 443
    11. WAPI version = pick from dropdown box based the version your found through prerequisites
    12. DNS View = optional, which DNS views this endpoint supports
      • Not using Infoblox for DNS in this example
    13. Network View = optional, which Network views this endpoint supports
      • All my networks are crated under the default view
    14. Credential Configuration
    15. Enter username
      • Username should have API access and permissions to add/remove records to/from Infoblox
    16. Enter password
    17. Click Next
    18. Advanced Options
      • These are optional and can be left blank which will populate with default value.
    19. Host record template
    20. A record template
    21. PTR record template
    22. Fixed Address template
    23. Click Submit
  2. Add IPAM profile
    1. Select Catalog -> SovLabs vRA Extensibility
    2. Screen Shot 2017-05-11 at 8.05.34 AM.png
    3. Click Request on Add IPAM Profile
    4. Screen Shot 2017-05-11 at 8.06.10 AM.png
    5. Enter configuration label
      • Only AlphaNumeric characters, no spaces or special characters except: - and _
    6. Enter Description
      • I like to add the name of the network and subnet information here.
    7. Type = Infoblox
      • Since we are using Infoblox, that is what i picked.
    8. Provider host = select configuration label for previously created Infoblox endpoint
    9. Nic number = 0
      • On which NIC do you want to assign the IP address for the VM
    10. Subnets, Gateways and Network names
      1. The network name should match the vDS port group name.
      2. Enter values subnet, gateway and network name with comma separated and click on green + Sign
    11. Excluded IPs
      1. If you want to exclude some IP address, then enter them here individually.
    12. DNS Configuration
    13. Enter Primary DNS
    14. Enter Secondary DNS
    15. Enter DNS Suffix
    16. Enter DNS search Suffix
    17. Wins Configuration
    18. Enter WINS Server if necessary
    19. Click Submit

Enable the module:

Now we need to enable the custom properties module on our blueprint

  1. Login to vRA
  2. Click on the Infrastructure -> Reservations -> Network Profiles
  3. Edit the network profile that best matches the IPAM profile created above
  4. Click DNS tab
    1. Verify that the DNS suffix is set.
  5. Click on the Infrastructure -> Reservations
  6. Edit the reservation associated with the network profile review above in step 3.
    1. Click network tab
    2. Uncheck the network paths
    3. Also clear out the network paths dropdown value.
  7. Click OK
  8. Now we need to enable the custom properties module on our blueprint
  9. Click on Design -> Blueprint
  10. Edit Blueprint
  11. Click on the blueprint vSphere machine on the Design Canvas.
  12. Click on properties tab
  13. In the properties group section click +Add
  14. Check the box for:
    • SovLabs-EnableLifecycleStubs
    • Check the appropriate IPAM property group (starts with SovLabs-IPAM- and ends with -nic#)
    • Do not attach more than 1 IPAM profile property group to a blueprint VM object
  15. Click OK
  16. Repeat these steps for all blueprints that should get an IP address through IPAM.

Now deploy a VM and verify in Infoblox that the IP address is assigned to the network in the default view.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s