Why you want to discover services in your environment

Wouldn’t it be nice if you could discover services running in each VM and then automatically build relationships or dependencies between services from different VMs, based on the network communication?

Only then could you answer the following questions:

1. Which services are running on my VM’s? For example, MySQL, Apache Tomcat etc. 2. Which VM is a part of an application? 3. What is the impact of shutting down or moving a VM? 4. What is the impact of an incident and the right escalation path for a problem? 5. Which VMs are used to migrate an application? 6. What applications are impacted by a planned outage on a VM or an infrastructure component? 7. How does the users know the type of infrastructure, if an application is running on it? 8. Which VMs are part of a Recovery Plan or Protection Group for Site Recovery or Disaster Recovery? 9. Are there any VMs that require protection for DR?

With the new Service Discovery Management Pack (SDMP) for VMware vRealize Operations you can. The Service Discovery Management Pack is a replacement for VMware Virtual Infrastructure Navigator (VIN) which isn’t compatible with vSphere 6.5

Information about the Service Discovery Management Pack and the download link to the installation (PAK) file can be found here. Read the Release Notes before proceeding.

Requirements:

  • vRealize Operations Manager 6.4.0, 6.5.0, 6.6.0* or 6.6.1 (I’m running 6.6.1)
  • vRealize Operations Manager Advanced edition
  • VMware vSphere 6.5
  • VMware Tools needs to be installed on each VM for the Service Discovery to fully work

*version 6.6 is a revolutionary release of vROps with a complete new GUI and other significant improvements. Read all about it here.

Installation of the Service Discovery Management Pack

Before you can discover services you have to install an additional Management Pack in vRealize Operations. So let’s start with the installation.

Log in to your vROps console with an admin account, go to Administration and in the left menu click on Solutions. Click the + button to add a new Solution.

Discover Services

Click on Browse and select the Service Discovery Management Pack installation (PAK) file. Click Upload.

Discover Services

When the Management Pack is successfully uploaded, click on Next.

Discover Services

Accept the EULA and click Next.

Discover Services

When the installation is completed click on Finish.

Discover Services

Configuration of the Service Discovery adapter

For the Service Discovery adapter to receive data, it has to be configured.

Go back to Adminstration, Solutions and select the Service Discovery Management Pack. Click on the gear button to configure.

discover services

Give in a name and description for the Adapter Instance. Fill in your vCenter Server FQDN and select your Discovery Plan.

Shallow Discovery : Discover known services only. Will not show relationships unless services are known.

Deep Discovery : Discover all known and unknown services. Known services will be showed with their name. Unknown services will be shown with the process name and “unknown” will be prefixed to it.

discover services

By enabling Dynamic Application Group the management pack can automatically create dynamic applications based on the network communication between the services.

discover services

Click on the + button to create a new credential.

Fill in your login information for vCenter Server, Windows VM’s, Linux VM’s and Site Recovery Manager (SRM). Make up a Guest User Mapping CSV password and remember this because you will need this later. Click OK.

discover services

Test the connection.

discover services

Accept the certificate.

discover services

Click OK.

discover services

Save Settings and click OK.

discover services

If everything is setup correctly the Service Discovery adapter will start receiving data.

discover services

 

Configuration of the Guest User Mappings

For the Service Discovery adapter to be able to discover the services that are running in the VM’s, the adapter has to be able to execute scripts on the VM’s.

vCenter Server 6.5 allows this operation only if the guest credentials are authenticated and mapped in vCenter Server.

The vSphere Web Client provides functionality to define Guest User Mapping directly through the UI. But this is a manual process and needs to be repeated for each VM.

Or you can use the “Guest User Mapping Actions” provided by the Service Discovery adapter to do a bulk import of the guest credentials.

Let’s start with the manual process.

Manual Guest User Mapping

Log in to your vSphere Web Client. Select one of your VM’s. Go to Actions, Guest OS, View Guest User Mappings.

Give in your guest OS User name and Password to authenticate.

discover services

Click on the + button to add a new User Mapping. Select a vSphere Domain and SSO (admin) user for the mapping. And fill in the Guest OS username.

discover services

Click OK. You’re done.

discover services

Repeat these steps for each VM or…

Guest User Mapping Actions

Log in to your vROps console, go to Administration and in the left menu under Configuration click on Inventory Explorer.

Create a filter on vCenter to find your vCenter Server. Select it, click on the gear button and select Export Guest User Mappings.

discover services

Give in a path and file name (on the vROps appliance) and click on Begin Action.

discover services

Under History, Recent Tasks you can see the status of your action.

discover services

When the action is successfully completed, log on to your vROps appliance with SSH or in my case WinSCP and edit the exported Guest User Mappings CSV file. Fill in the credentials and save the file.

discover services

Encrypt the file with gpg (available on vROps appliance).

discover services

Give in your Guest User Mapping CSV password created during configuration of the adapter.

discover services

Go back to Inventory Explorer and select your vCenter Server. Click on the gear button and select Apply Guest User Mappings.

Give in the path and file name of your encrypted Guest User Mappings file (.gpg) and also for a Status file. Click on Begin Action.

discover services

Go to History, Recent Tasks to see the status of your action.

discover services

If a VM fails to define a mapping, look in your Status file for the cause. In my case several VM’s weren’t turned on.

Once installed and configured, what does SDMP show you

Go to Dashboards. In the top menu under All Dashboards select Service Discovery to unveil the Service Discovery dashboards created by the Management Pack.

discover services

Service Visibility

Let’s start with the first dashboard, Service Visibility. This dashboards shows a list with VM’s without Service Visibility and VM’s with unknown Services by selecting a vSphere Resource.

discover services

Service Distribution

This dashboard shows you all known and unknown Services including Category and Distribution percentage across a vSphere Resource.

discover services

Some common services may be filtered to reduce service discovery “noise” and focus on critical services.

To exclude services to be collected. Go to Inventory Explorer, Adapter Instances, Service Discovery Adapter Instance. On the right select your Service Discovery adapter, click on the gear button and select Configure Excluded Services. Edit the file and select Begin Action to remove services after the discovery.

discover services

Also is it possible to mark a Unknown Service as Known, rename it and revert it back to Unknown Service.

Go to Inventory Explorer, Adapter Instances, Service Discovery Adapter Instance and select your adapter. On the right select a Unknown Service, click on the gear button and select Mark Service as Known.

discover services

Service Relationships

By selecting a specific Service, this dashboard shows you properties of the Service like install path, which ports it’s using, version etc. etc. And also a topology overview that displays the relationship between the services to other services running on other VM’s.

discover services

Virtual Machine Relationships

First of all this dashboard gives you a list with VM’s including Service Discovery details like status, method, incoming/outgoing connections, recovery plans, protection group etc. etc.

By selecting a VM the dashboard shows you a list of discovered services on this VM, relationships and a topology overview to display relationships of the VM with other VM’s based on discovered service relationships.

discover services

Application Groups

If enabled, the Service Discovery adapter automatically creates Dynamic Application Groups.

To see the Application Groups, go to Environment. In the left menu under Groups and Applications select Applications.

The group gets created as “Application” with a UUID but can be renamed.

To see the Application Group relationship details click on the application.

discover services

In the top menu select More, Environment and finally Map to see the server objects of your application.

discover services

Double click on a server object to see underlying Services.

discover services

Final word

In this blogpost I showed you how to discover services in your environment using the Service Discovery Management Pack (SDMP) for VMware vRealize Operations, which makes it easy to visualise relationships or dependencies between services from different VM’s and determine the impact on your application when you shut down a VM or a VM becomes unavailable due to an incident.

But is this Management Pack as easy to use as Virtual Infrastructure Navigator (VIN)? In my opinion, no. The Management Pack needs some work. Things that can be approved are the discovery, list with known services and application groups.

I’m hoping that later this year, when SDMP becomes backwards compatible with vSphere 5.5 and 6.0 and VIN stops working due to the same security vulnerability fix in vSphere 6.5, this Management Pack gets an update and turns out be as useful and easy as VIN.

One final remark, if you have problems with the discovery use this article to help you with troubleshooting.