Why you want to discover services in your environment
Wouldn’t it be nice if you could discover services running in each VM and then automatically build relationships or dependencies between services from different VMs, based on the network communication?
Only then could you answer the following questions:
1. Which services are running on my VM’s? For example, MySQL, Apache Tomcat etc.
2. Which VM is a part of an application?
3. What is the impact of shutting down or moving a VM?
4. What is the impact of an incident and the right escalation path for a problem?
5. Which VMs are used to migrate an application?
6. What applications are impacted by a planned outage on a VM or an infrastructure component?
7. How does the users know the type of infrastructure, if an application is running on it?
8. Which VMs are part of a Recovery Plan or Protection Group for Site Recovery or Disaster Recovery?
9. Are there any VMs that require protection for DR?
With the new Service Discovery Management Pack (SDMP) for VMware vRealize Operations you can. The Service Discovery Management Pack is a replacement for VMware Virtual Infrastructure Navigator (VIN) which isn’t compatible with vSphere 6.5
- vRealize Operations Manager 6.4.0, 6.5.0, 6.6.0* or 6.6.1 (I’m running 6.6.1)
- vRealize Operations Manager Advanced edition
- VMware vSphere 6.5
- VMware Tools needs to be installed on each VM for the Service Discovery to fully work
*version 6.6 is a revolutionary release of vROps with a complete new GUI and other significant improvements. Read all about it here.
Installation of the Service Discovery Management Pack
Before you can discover services you have to install an additional Management Pack in vRealize Operations. So let’s start with the installation.
Log in to your vROps console with an admin account, go to Administration and in the left menu click on Solutions. Click the + button to add a new Solution.
Click on Browse and select the Service Discovery Management Pack installation (PAK) file. Click Upload.
When the Management Pack is successfully uploaded, click on Next.
Accept the EULA and click Next.
When the installation is completed click on Finish.
Configuration of the Service Discovery adapter
For the Service Discovery adapter to receive data, it has to be configured.
Go back to Adminstration, Solutions and select the Service Discovery Management Pack. Click on the gear button to configure.
Give in a name and description for the Adapter Instance. Fill in your vCenter Server FQDN and select your Discovery Plan.
Shallow Discovery : Discover known services only. Will not show relationships unless services are known.
Deep Discovery : Discover all known and unknown services. Known services will be showed with their name. Unknown services will be shown with the process name and “unknown” will be prefixed to it.
By enabling Dynamic Application Group the management pack can automatically create dynamic applications based on the network communication between the services.
Click on the + button to create a new credential.
Fill in your login information for vCenter Server, Windows VM’s, Linux VM’s and Site Recovery Manager (SRM). Make up a Guest User Mapping CSV password and remember this because you will need this later. Click OK.
Test the connection.
Accept the certificate.
Save Settings and click OK.
If everything is setup correctly the Service Discovery adapter will start receiving data.
Configuration of the Guest User Mappings
For the Service Discovery adapter to be able to discover the services that are running in the VM’s, the adapter has to be able to execute scripts on the VM’s.
vCenter Server 6.5 allows this operation only if the guest credentials are authenticated and mapped in vCenter Server.
The vSphere Web Client provides functionality to define Guest User Mapping directly through the UI. But this is a manual process and needs to be repeated for each VM.
Or you can use the “Guest User Mapping Actions” provided by the Service Discovery adapter to do a bulk import of the guest credentials.
Let’s start with the manual process.
Manual Guest User Mapping
Log in to your vSphere Web Client. Select one of your VM’s. Go to Actions, Guest OS, View Guest User Mappings.
Give in your guest OS User name and Password to authenticate.
Click on the + button to add a new User Mapping. Select a vSphere Domain and SSO (admin) user for the mapping. And fill in the Guest OS username.
Click OK. You’re done.
Repeat these steps for each VM or…
Guest User Mapping Actions
Log in to your vROps console, go to Administration and in the left menu under Configuration click on Inventory Explorer.
Create a filter on vCenter to find your vCenter Server. Select it, click on the gear button and select Export Guest User Mappings.
Give in a path and file name (on the vROps appliance) and click on Begin Action.
Under History, Recent Tasks you can see the status of your action.
When the action is successfully completed, log on to your vROps appliance with SSH or in my case WinSCP and edit the exported Guest User Mappings CSV file. Fill in the credentials and save the file.
Encrypt the file with gpg (available on vROps appliance).
Give in your Guest User Mapping CSV password created during configuration of the adapter.
Go back to Inventory Explorer and select your vCenter Server. Click on the gear button and select Apply Guest User Mappings.
Give in the path and file name of your encrypted Guest User Mappings file (.gpg) and also for a Status file. Click on Begin Action.
Go to History, Recent Tasks to see the status of your action.
If a VM fails to define a mapping, look in your Status file for the cause. In my case several VM’s weren’t turned on.
Once installed and configured, what does SDMP show you
Go to Dashboards. In the top menu under All Dashboards select Service Discovery to unveil the Service Discovery dashboards created by the Management Pack.
Let’s start with the first dashboard, Service Visibility. This dashboards shows a list with VM’s without Service Visibility and VM’s with unknown Services by selecting a vSphere Resource.
This dashboard shows you all known and unknown Services including Category and Distribution percentage across a vSphere Resource.
Some common services may be filtered to reduce service discovery “noise” and focus on critical services.
To exclude services to be collected. Go to Inventory Explorer, Adapter Instances, Service Discovery Adapter Instance. On the right select your Service Discovery adapter, click on the gear button and select Configure Excluded Services. Edit the file and select Begin Action to remove services after the discovery.
Also is it possible to mark a Unknown Service as Known, rename it and revert it back to Unknown Service.
Go to Inventory Explorer, Adapter Instances, Service Discovery Adapter Instance and select your adapter. On the right select a Unknown Service, click on the gear button and select Mark Service as Known.
By selecting a specific Service, this dashboard shows you properties of the Service like install path, which ports it’s using, version etc. etc. And also a topology overview that displays the relationship between the services to other services running on other VM’s.
Virtual Machine Relationships
First of all this dashboard gives you a list with VM’s including Service Discovery details like status, method, incoming/outgoing connections, recovery plans, protection group etc. etc.
By selecting a VM the dashboard shows you a list of discovered services on this VM, relationships and a topology overview to display relationships of the VM with other VM’s based on discovered service relationships.
If enabled, the Service Discovery adapter automatically creates Dynamic Application Groups.
To see the Application Groups, go to Environment. In the left menu under Groups and Applications select Applications.
The group gets created as “Application” with a UUID but can be renamed.
To see the Application Group relationship details click on the application.
In the top menu select More, Environment and finally Map to see the server objects of your application.
Double click on a server object to see underlying Services.
In this blogpost I showed you how to discover services in your environment using the Service Discovery Management Pack (SDMP) for VMware vRealize Operations, which makes it easy to visualise relationships or dependencies between services from different VM’s and determine the impact on your application when you shut down a VM or a VM becomes unavailable due to an incident.
But is this Management Pack as easy to use as Virtual Infrastructure Navigator (VIN)? In my opinion, no. The Management Pack needs some work. Things that can be approved are the discovery, list with known services and application groups.
I’m hoping that later this year, when SDMP becomes backwards compatible with vSphere 5.5 and 6.0 and VIN stops working due to the same security vulnerability fix in vSphere 6.5, this Management Pack gets an update and turns out be as useful and easy as VIN.
One final remark, if you have problems with the discovery use this article to help you with troubleshooting.