Usage

Notes

If you plan to use the SovLabs IPAM module to automate IP address reservations, be sure to turn off the internal vRA Network Profile.

If this is a brand new vRA installation and you’ve not yet set up any network profiles with IP ranges, skip this step.

Steps for disabling the internal vRA IP reservations in your Reservation(s)

Login to the vRA tenant (Be sure your login has Infrastructure Architect role enabled.)
Click on the Infrastructure tab and go to Reservations
Edit the reservation associated with the builds you’ll be managing
1. Click on the Network tab
2. Clear the Network Profile dropdown value so it’s empty
3. Click OK

Attach vRA Property Group to vRA Blueprint

The vRA Property Group can also be attached at the vRA Business Group or Reservation level

Login to the vRA tenant
Click on the Design tab > Blueprints
Hover over the desired blueprint name and click Edit
1. Click on the vSphere machine component on the Blueprint Design Canvas
2. Click on the Properties tab
3. In the Property Groups section, add the vRA property group for Infoblox IPAM:
  - Starts with SovLabs-IPAMProfile-[tenant]_[profile_shortname]

Do not attach more than 1 IPAM vRA Property Group to a blueprint with the same NIC number

Repeat for all desired vRA blueprints and provision!

Skip IP in Use

As part of the process, the SovLabs IPAM workflow checks to make sure the reserved IP address is not in use by doing a ping check and a reverse DNS lookup. By default, if either of those tests reports back as true, the IPAM integration will fail and the build will roll back.

Enable the Skip IP in Use feature to skip IP addresses that are marked free on IPAM, but are actually found to pingable or resolving to DNS entries.

Note: when the IP is "skipped" the workflow will mark that IP as in use on the IPAM. The SovLabs Custom Naming integration will get a new hostname, and the IPAM integration will try to get another IP address. This loop will continue until a reservation passes the ping and reverse lookup tests. Optionally, you can configure an email notification to go out when this happens so an administrator can be made aware of the conflict.

Prerequisites

The Skip IP in Use option requires SovLabs Custom Naming module to be licensed and included on the build. (Either the Custom Naming property group is attached to the blueprint, or the SovLabs_NamingStandard custom property is otherwise set to a SovLabs Naming Standard)
Optionally, to send the email notification in case of a skipped IP, the SovLabs Notifications module must be licensed and configured to send warning emails.
- Set up a Notification Configuration with type SovLabs IPAM

A Notification Group does not need to be added for this type of Notification

Usage

Login to the vRA tenant
Click on the Design tab > Blueprints
Hover over the desired blueprint name and click Edit
1. Click on the vSphere machine component on the Blueprint Design Canvas
2. Click on the Properties tab
3. In the Custom Properties section, add the vRA property definition:
  - Name: SovLabs_IPAMSkipInUseIPs
  - Value: true
  - *Note: Changing the value to false will not disable this feature
4. Verify Custom Naming module is attached via vRA Property Group or via SovLabs Lifecycle Components Toolkit Lifecycle Profile

Repeat Step 3 for all desired blueprints

Advanced - Additional IP Addresses

Only available in releases 2020.6.0+

Sovlabs Additional IP logic allows the customer to generate a number of “additional” IP addresses which are reserved in IPAM/DNS but are not associated to a VM networking configuration in any way other than custom properties. This feature makes the assumption in design that the additional addresses as represented in the property stack will have no deployment relationship with a NIC.

Use of a NIC by SovLabs via IPAM/DNS is simply to leverage pre-existing IPAM/DNS logic to reserve the additional addresses.
Any assignment of an address/hostname to the assumed NIC is consequential to the SovLabs module behavior in regards to assigning IP and hostname to the IPAM/DNS reservation for that NIC.
Additional IP addresses are associated with a specific IPAM policy defined in their property setup and not necessarily the IPAM policy used to define the NIC.

The additional addresses will be requested individually via properties as described below in the Setup section.

Warning for large number of Additional IPs reserved per VM

This feature adds approximately 12 fields per Additional IP address to the custom properties that are applied to a VM.
On average, the additional fields per IP consumed increases the custom properties object by 550-700 bytes (of 65550 bytes allowed with ~25000 bytes VMWare overhead included).
In testing, the property stack exceeded limitations and caused failed/stuck deployments when the number of Additional IPs exceeded 30 additional IPs total on a VM which has reservations for 6 NICS and uses only SovLabs Naming, SovLabs IPAM and Sovlabs DNS.
Logging has been included in IPAM and DNS machine building logic to report the custom property stack size and your mileage may vary depending on the number of modules being used and other custom properties that might be added.

Example Logging

IPAM machineBuilding:

[2020-03-04 12:39:37.145] [W] getNextIp returning property Hashtable : estimated bytesize:19020; number of base properties:315

DNS machineBuilding:

[2020-03-04 12:48:19.311] [W] addDNS returning vmPropertiesJson : size:34554; number of base properties:526

Prerequisites

SovLabs IPAM module licensed and configured
SovLabs DNS module licensed and configured
SovLabs Property Toolkit module licensed
Basic knowledge of SovLabs Property Toolkit module
Basic knowledge of SovLabs Template Engine
Successful SovLabs IPAM/DNS assignment and removal for a single VM deployment prior implementing this feature

Setup

To specify additional addresses from the SovLabs Extensibility Module, a user will define a vRA Custom Property for each of the additional IP Addresses. This property will provide SovLabs a unique name for the address and the proper SovLabs IPAM profile to use.

Login to the vRA tenant
Click on the Design tab > Blueprints
Hover over the desired blueprint name and click Edit
1. Click on the vSphere machine component on the Blueprint Design Canvas
2. Click on the Properties tab
3. In the Custom Properties section, add the vRA property definition:
  - Name: SovLabs_Additional_IP_«some-unique-name»
  - Value: «SovLabs IPAM Profile Configuration label» (This value can be templated)
4. Repeat Step 3 for all desired additional IP Addresses
5. *Note: Property Toolkit module can be used to generate these vRA Custom Properties (e.g. looping, dynamic, etc)

The following SovLabs Network stack values will be generated:

SovLabs_Network_«some-unique-name».Address
SovLabs_Network_«some-unique-name».Hostname
SovLabs_Network_«some-unique-name».PrimaryDNS
SovLabs_Network_«some-unique-name».SecondaryDNS
SovLabs_Network_«some-unique-name».DnsSuffix
SovLabs_Network_«some-unique-name».DnsSearchSuffixes
SovLabs_Network_«some-unique-name».Gateway
SovLabs_Network_«some-unique-name».SubnetMask
SovLabs_Network_«some-unique-name».Name

Example

vRA Custom Property Name: SovLabs_Additional_IP_interface1
vRA Custom Property Value: {{default-ipam-profile}}

This example assumes that another vRA Custom Property exists with:

Property Name: default-ipam-profile
Property Value: (An existing SovLabs IPAM Profile name (e.g. Configuration Label))

Any number of unique SovLabs_Additional_IP properties may be defined:

Property Name	Property Value
`SovLabs_Additional_IP_interface2`	`infoblox-328-internal`
`SovLabs_Additional_IP_proxyIfc`	`{{proxy-ipam-profile}}`
`SovLabs_Additional_IP_interface3`	`ms-ipam-development`
`SovLabs_Additional_IP_heartbeat`	`{{heartbeat-ipam-profile}}`

Microsoft DHCP Integrated Ranges Reservations

Only available in releases 2020.8.0+

The SovLabs Infoblox IPAM module now supports assigning an IP address from an Infoblox managed Microsoft DHCP resevered range. The additional fields for required for this configuration are only shown when “Fixed IP” is set on the Infoblox Endpoint. The details of the 4 additional fields can be seen on the Setup page.

This feature was designed to allow the Infoblox Module to reserve IP addresses in Microsoft integrated DHCP ranges in Infoblox. This is designated by a Microsoft icon next to the range on the Infoblox appliance under Data Management > IPAM.
This feature requires a MAC Address be provided either via the SovLabs random MAC generation or a templated version using SovLabs template language.
This feature requires the IP address of the DHCP server being used for integration within the Infoblox appliance for the targeted network ranges.
WAPI version 2.0 must be selected in the SovLabs Infoblox Endpoint. Not compatible with the WAPI 1.2 option.

Setup

Login to the vRA tenant
Click on the Deployments tab > Select SovLabs Infoblox Endpoint filter. Ensure that the targeted endpoint is using WAPI Version ‘2.0’ and Reservation Type set to ‘Fixed IP’.
Create a new IPAM profile by clicking on the Catalog tab. Find the Add IPAM Profile - SovLabs Modules item. Click on Request.
1. Select the Infoblox Host using “Fixed IP” type hosting the targeted DHCP ranges.
2. Fill out the required information per the previous “Setup’ section.
3. On the Use Ranges value - select true.
4. For Generate Random MAC? value select true or templated and provide SovLabs Template language code to generate a valid random MAC address.
5. For Update MAC Address with final MAC Address select true if you would like to replace the temporary MAC address with the MAC address from the VM NIC.
6. In the Microsoft DHCP Server IP Address, specify a valid IP Address of a MS DHCP server linked with in the Infoblox Appliance.
7. Ensure all required fields are completed and submit the IPAM profile request.

You must set Generate Random MAC? to true. Setting Update MAC Address with final MAC Address to true will replace the generated MAC Address.

Hover over the desired blueprint name and click Edit
1. Click on the vSphere machine component on the Blueprint Design Canvas
2. Click on the Properties tab
3. In the Property Groups section, add the vRA property group for Infoblox IPAM:
  - Starts with SovLabs-IPAMProfile-[tenant]_[profile_shortname]

Do not attach more than 1 IPAM vRA Property Group to a blueprint with the same NIC number

Repeat for all desired vRA blueprints and provision!

Advanced - Enable Locking for IPAM

If performing multiple concurrent builds and facing issues with obtaining IP Addresses, a vRA Property can be set to only allow 1 SovLabs IPAM machineBuilding to run at a time.

Setup

Login to the vRA tenant
Click on the Design tab > Blueprints
Hover over the desired blueprint name and click Edit
1. Click on the vSphere machine component on the Blueprint Design Canvas
2. Click on the Properties tab
3. In the Custom Properties section, add the vRA property definition:
  - Name: SovLabs_IPAMEnableLocking
  - Value: true
  - *Note: Changing the value to false will not disable this feature

Repeat Step 3 for all desired blueprints

Disable

Unpublish the Event Broker Subscriptions for that integration. (Recommended)

Unpublishing the Event Broker Subscriptions is non-destructive and is a simple way to disable the integration from running for all builds. The EBS will go to “Draft” mode and will not execute until you click “Publish” to publish it again.

Steps:

Login to the vRA tenant
Click on the Administration tab -> Events -> Subscriptions
Highlight the Event Broker subscription and click Unpublish

Or, remove the custom property or property group for the IPAM configuration

Steps:

Login to the vRA tenant
Click on the Design tab > Blueprints
Hover over the desired blueprint name and click Edit
1. Click on the vSphere machine component on the Blueprint Design Canvas
2. Click on the Properties tab
3. In the Property Groups section, remove the vRA property group for Infoblox IPAM:
  - Starts with SovLabs-IPAMProfile-[tenant]_[profile_shortname]

Repeat Step 3 for all desired blueprints