Hey all,
not quite internet facing, yet. But the question is around the same subject. I've read Internet facing vRA: Some considerations - viktorious.nl - Virtualization & Cloud Management but that seems outdated (not all applies to vRA 7)
basically I'm planning to deploy vRA in medium sized environment as outlined here: https://www.vmware.com/files/pdf/products/vCloud/vRealize-Automation-6x-Reference-Architecture.pdf
If I follow the guides every machine vra, infra, dem, agent get local dns name (example: company.local). However if I create certificates for this they are not trusted in my domain.
I want to be able to publish the UI under my real domain name like 'vra.cloud.mydomain.com').
so i'm wondering which machines should i place in the local domain, and which parts into official domain (so that I have a chance to publish on internet as well at a later stage)
I'm guessing it would be ok to have the two vRA appliances in my domain and the VIP for the load balancer.
Get single cert for those (use SANs)
Everything else could stay in ".local" ?! with self-signed certificates?
I checked the install guide and the load balancer guide but I couldnt find any further information on this and I can't believe i'm the only one that does not want to have _everything_ in .local ?!
Am I missing something here? Any advice or hint would be greatly appreciated. in vCloud Director this was quite simple as there i could leave everything in .local and in UI configure the public addresses.
Kalli