After the big vSphere 7 launch last week, VMware this week announced the General Availability of all vRealize goodness … Namely vRealize Operations 8.1, Automation 8.1 and Log Insight 8.1.
Spending some time at home at the moment I decided to upgrade the home lab, starting with vROps 8.1. I am running two Intel NUCs still with ESXi 6.7 and 32-GB RAM each (really…). My vROps was an 8.01 updated from 8.0, updated from 7.5…
I ran the Upgrade assessment utility first, highly recommended. It will not only check versions, but also resources and pointed out some alerts I had in the past that might indicate resource problems… It comes as a PAK file that you load in the admin interface, like a software update.
After the assessment I just ran the update PAK file…. Obviously I have a very small test install, but I have some management packs installed and 3 compliance packs. All went smoothly. After that I upgraded my vCenter from 6.7 to 7.0 because I was feeling lucky… It proved no problem a all, validating the connection in vROps 7 established the blink to the updated VC.
Notice the newly cleaned interface! I added my Azure account, since cloud management pacs are now native. That will be my next blog post!
Adding my old Shuttle NAS server as a vSphere 7 host is next!
VMware has been working hard to add new features to vRealize Operations (vROps), the management tool is unrecognisable from it’s origins as vCops… One of the most overlooked areas for me is compliance. It is very powerful and easy to setup.
Since I talked about vCOps … let’s get back some years to around 2012 when VMware was still actively selling a product called Configuration manager (vCM). It was a product they inherited from EMC with a heavy Windows background… It WAS a Windows program, but extremely powerful. You could make your own rule sets for testing, use the built-in ones (vSphere hardening guidelines) or buy additional ones (SoX, HIPAA, PCI,…). So it was not limited to vSPhere environments. You could for example make a rule to check anti-virus was installed on all your desktops. Or check your MS AD. or…. But it was very complex to setup… I demoed it a lot, especially in the financial world.
The last GA version of vCM is 5.8.5 which is supported until 1/2021 (sse KB), but VMware stopped bundling it with vRops Advanced and Enterprise with version 6.7. They started developing a SaaS version called vRealize Air Compliance, but with the sales of vRealize Air to OVH in 2017 the product stopped. At least I cannot find it anymore.
The good news is that Vmware started adding compliance testing to vROps 6.7 and with each version the possibilities keep improving!
Compliance is based on alert symptoms. In previous releases you had to edit the default policy to enable them… But now Compliance finally has a full-blown dashboard where you can edit the benchmarks and activate them in the policy of your choice. By default vROps includes the vSphere, NSX and vSAN hardening guidelines as benchmarks. Can you imagine ? You can enable them with one click and check your whole SDDC for security weaknesses! I cannot emphasise enough how important this is, can you keep an eye on all settings of hundreds of virtual machines with pen and paper ? Of course not. Use vROps ! On top of that you can create up to 5 of your own benchmarks (or parts of the others) to check. This is the custom benchmark pane in the middle. I will sit back down now…
Of course my homelab reflects the real world .. with a lot of compliance issues! if you click a benchmark you get to the details with triggered symptoms. From their you can decide action. What I still miss here is a ‘remedy’ or ‘action’ button like we had in vCM. Now you have to go through a lot of messages and decide on corrective action. But knowing the team this is probably coming !
And for the ‘piece de résistance’ VMware now includes all the important industry benchmarks like PCI or HIPAA for free ! You just need to download them from the dashboard and enable them. You see in my example that I enabled ISO on my SDDC.
These used to be expensive extras in Configuration Manager and now you just need to download… I hope with the new services discovery and Telegraf agents that more benchmarks are coming, operating systems for example. Maybe partners will provide the too on the Exchange.
And if all of this is not enough, you can unleash these benchmarks on your VMware Managed Cloud (VMC SDDC) environment as well of course. All from the same interface.
I hope this blog post has inspired you to test this out for yourself. Let me know how it goes and I am available for consulting if you need help. You can contact me through my website.
One of the big advantages of VMware’s vRealize Operations Manager tool is plugins. It is also one of the least well known ones. Luckily with vROps 8.0 they cleaned up the admin interface. You can now quickly see which management packs have been installed and upgrade them all from one screen. It also makes it clearer which native management packs can be activated (such as the VMware MP for AWS) or which ones are no longer there (such as the VMware MP for NSX).
There are a lot of third party plugins available, especially for storage devices. You can find them in the solutions exchange (www.vmware.com/cmm) – I memorise that url as two letters before that news site ☺️. As you might know I have been working a lot with the Blue Medora plugins in the past years. I am now involved in a project however where the end user is a large Dell EMC customer and wants to use their toolset.
Dell EMC has published Storage Analytics for vROps for a number of years now. It used to be a paid solution, but since version 4.6 it is free to customers! This seems not well known yet, but you can check it in the documentation. Download, certification and documentation are available on the solutions exchange. They published a new version 5.0 that is compatible with vROps 8.0, although I also installed it on vROps 7.0! (Don’t ask…).
There is more confusion around the installation as some Dell EMC colleagues stated you need to install v4.6 first and then 5.0. That made no sense to me as each version is clearly a pak file (zipped java) with all the files and describe.xml to install the solution and dashboards and alerts. I tested it twice now, I just installed v5.0 and it worked.
Storage Analytics is a solution that can connect to most Dell EMC storage solutions: Avamar, Isilon, EMC RecoverPoint for Virtual Machines, VxFlex OS, Unity, Unity/VSA, VNX, VNXe, VMAX3, VMAX All Flash, PowerMax, VPLEX and XtremIO infrastructures in virtual or physical environments. This is a mixed blessing in my opinion. You need to install and maintain only one management pack, but it installs all dashboards for all solutions out-of-the-box. So you have some deleting to do. Before configuring any storage, you have to add separate vCenter accounts with RO users. My best guess is that they need it to build the relationships. Since my customer uses VMAX (really big ones…) I installed one instance per array as per the instructions. Again you have to keep your wits about since the fields take different values depending on your storage… I left one on Vplex (default) and it did not work of course. For VMAX you need to specify the <ip_adderss>:<port> of your Unisphere instance. This is not well documented! My config screen for an array looks like this:
After you setup the instances they start collecting data in your vROps database. This takes a while in big environments! I have also noticed that detecting the relationships can take even longer. But after a day I could see the relationship between hosts, VM, datastores and VMAX devices:
This is a standard dashboard and very helpful for troubleshooting I think. The management pack also installs symptoms and alerts of course. You might want to tweak these in policies if you get too many capacity related alerts:
And I leave you with these beautiful PowerMax overview dashboard that is included and shows everything you need to know in handy heat maps. I am even winning over storage people with these!
About three years ago I posted a blog discussing the performance of the vRealize Operations REST APIs. That blog post still gets referenced, but I thought it was time to update since there have been overall platform performance improvements with each release and the original blog doesn’t address a specific question that I keep getting The post Performance of vRealize Operations REST APIs appeared first on VMware Cloud Management.