VFoglight: Difference between revisions
m (Removed usage of domain account) |
(Removed VMware category) |
||
(9 intermediate revisions by the same user not shown) | |||
Line 7: | Line 7: | ||
# Add the names of the regional servers to the Federative's config file | # Add the names of the regional servers to the Federative's config file | ||
#* Open <code> S:\Program Files\vizioncore\vFoglight\config\federation.config </code> | #* Open <code> S:\Program Files\vizioncore\vFoglight\config\federation.config </code> | ||
#* Add to <code> JndiURLs </code> section, eg <code> "jnp:// | #* Add to <code> JndiURLs </code> section, eg <code> "jnp://server.domain.com:1099" </code> | ||
#* Restart Foglight services | #* Restart Foglight services | ||
# Check status of new connection | # Check status of new connection | ||
Line 40: | Line 40: | ||
== Dashboard Creation == | == Dashboard Creation == | ||
This procedure assumes the VM's you want to view via a dashboard are contained within a resource group, in this instance called | This procedure assumes the VM's you want to view via a dashboard are contained within a resource group, in this instance called ''WEB-SERVICE'' (based on the resource pool that the servers are contained within). | ||
# '''Create Dashboard...''' | # '''Create Dashboard...''' | ||
#* From the right hand menu, on the '''General''' tab, select '''Create new dashboard''' | #* From the right hand menu, on the '''General''' tab, select '''Create new dashboard''' | ||
#* Give the dashboard a sensible name, eg " | #* Give the dashboard a sensible name, eg "WEB-SERVICE dashboard for 2nd line team" | ||
#* Set the Relevant Role(s) to be the intended audience groups | #* Set the Relevant Role(s) to be the intended audience groups | ||
#* Set the Allowed Role(s) to include all groups that should be allowed to see the dashboard (always include Administrators) | #* Set the Allowed Role(s) to include all groups that should be allowed to see the dashboard (always include Administrators) | ||
Line 53: | Line 51: | ||
#* On the '''General''' tab select 1 column | #* On the '''General''' tab select 1 column | ||
#* On '''Data''' tab, navigate to '''Data | Virtual | VMware | Resource Pools''' | #* On '''Data''' tab, navigate to '''Data | Virtual | VMware | Resource Pools''' | ||
#* Drag and drop the ''' | #* Drag and drop the '''WEB-SERVICE (VMWResourcePool)''' object into the central pane | ||
#* Select the '''Utilizations: Resource Pool''' view | #* Select the '''Utilizations: Resource Pool''' view | ||
#* Add further object views as per complete table below (ie you've already done the 1st) | #* Add further object views as per complete table below (ie you've already done the 1st) | ||
Line 61: | Line 59: | ||
! Object !! View | ! Object !! View | ||
|- | |- | ||
| | | WEB-SERVICE (VMWResourcePool) || Utilizations: Resource Pool | ||
|- | |- | ||
| | | WEB-SERVICE (VMWResourcePool) || Reportlet: Advanced Alarm History | ||
|- | |- | ||
| | | WEB-SERVICE (VMWResourcePool) || Alarm List with Filter (TopologyObject) | ||
|- | |- | ||
| | | virtualMachines (under "WEB-SERVICE (VMWResourcePool)") || vmExplorer: VMCPUdetails (used/ready) | ||
|- | |- | ||
|} | |} | ||
== Active Directory Integration == | == Active Directory Integration == | ||
Line 81: | Line 78: | ||
|} | |} | ||
# Create service account on | # Create service account on PROD domain | ||
#* EG | #* EG Create account <code> svc-vFog </code> using something like | ||
#* <code> dsadd user "cn=- | #* <code> dsadd user "cn=svc-vFog, cn=Users, dc=prod, dc=domain, dc=com" - pwd "password-here" -pwdneverexpires yes -disabled no </code> | ||
#* and make a member of the "SQL Service Accounts" group | #* and make a member of the "SQL Service Accounts" group | ||
# Log into vFoglight (as foglight/foglight), and navigate to '''Dashboards | Users & Security | Configure Directory Services''' | # Log into vFoglight (as foglight/foglight), and navigate to '''Dashboards | Users & Security | Configure Directory Services''' | ||
# Configure AD integration using the table below, leave all other fields as is | # Configure AD integration using the table below, leave all other fields as is | ||
# Kick start AD integration | # Kick start AD integration | ||
#* Log out of the vFoglight interface, then log in as a | #* Log out of the vFoglight interface, then log in as a CORP domain user (ie yourself). The login should partially succeed, and you should receive a error message like | ||
#* ''You logged in as user 123456 and do not have access to the application.'' | #* ''You logged in as user 123456 and do not have access to the application.'' | ||
#* If not, check the latest ManagementServer log at <code> .\Program Files\vizioncore\vFoglight\logs\ </code> and attempt to resolve. | #* If not, check the latest ManagementServer log at <code> .\Program Files\vizioncore\vFoglight\logs\ </code> and attempt to resolve. | ||
Line 103: | Line 100: | ||
! Field !! Description !! Example | ! Field !! Description !! Example | ||
|- | |- | ||
| Nearest LDAP server || Primary Domain Controller || <code> ldap:// | | Nearest LDAP server || Primary Domain Controller || <code> ldap://dcsvr01.corp.domain.com:389/ </code> | ||
|- | |- | ||
| Secondary LDAP server URL || Secondary Domain Controller || <code> ldap:// | | Secondary LDAP server URL || Secondary Domain Controller || <code> ldap://dcsvr02.corp.domain.com:389/ </code> | ||
|- | |- | ||
| Distinguished name of the service account || vFoglight server's Service Account || <code> CN=- | | Distinguished name of the service account || vFoglight server's Service Account || <code> CN=svc-vFog,CN=Users,DC=corp,DC=domain,DC=com </code> | ||
|- | |- | ||
| Password || vFoglight Service Account password || ''Password for - | | Password || vFoglight Service Account password || ''Password for svc-vFog'' | ||
|- | |- | ||
| LDAP query prefix || Query prefix for user a/c finding || <code> CN= </code> | | LDAP query prefix || Query prefix for user a/c finding || <code> CN= </code> | ||
|- | |- | ||
| LDAP query suffix || Query suffix for user a/c finding, note the leading ''',''' || <code> ,DC= | | LDAP query suffix || Query suffix for user a/c finding, note the leading ''',''' || <code> ,DC=corp,DC=domain,DC=com </code> | ||
|- | |- | ||
| The scope(s) to search for groups || Where to look for domain user groups || <code> DC= | | The scope(s) to search for groups || Where to look for domain user groups || <code> DC=corp,DC=domain,DC=com </code> | ||
|- | |- | ||
| The LDAP context for user searching || Where to look for domain users || <code> DC= | | The LDAP context for user searching || Where to look for domain users || <code> DC=corp,DC=domain,DC=com </code> | ||
|- | |- | ||
|} | |} | ||
== Database Backup Scheduling == | == Database Backup Scheduling == | ||
Line 127: | Line 123: | ||
<!-- COMMENTED OUT, AS DOMAIN ACCOUNTS DON'T SEEM TO WORK | <!-- COMMENTED OUT, AS DOMAIN ACCOUNTS DON'T SEEM TO WORK | ||
# Create scheduled task account on GMI domain | # Create scheduled task account on GMI domain | ||
#* EG | #* EG create <code> svc-vFog </code> using something like | ||
#* <code> dsadd user "cn=- | #* <code> dsadd user "cn=svc-vFog, cn=Users, dc=gmi, dc=dtc, dc=reuint, dc=com" -pwd "password-here" -pwdneverexpires yes -disabled no </code> | ||
#* and make a member of the "Scheduling Clients" group --> | #* and make a member of the "Scheduling Clients" group --> | ||
# Create directory structure on the backup drive... | # Create directory structure on the backup drive... | ||
Line 134: | Line 130: | ||
#* <code> T:\backup\data </code> | #* <code> T:\backup\data </code> | ||
# Within the config directory create two config files and one batch script; backup.conf, my.conf and DoBackup.bat; with contents as shown at bottom of procedure. | # Within the config directory create two config files and one batch script; backup.conf, my.conf and DoBackup.bat; with contents as shown at bottom of procedure. | ||
#* As long as S: is your software/database drive, and T: is your backup drive there should be no reason to edit the conf files | #* As long as S: is your software/database drive, and T: is your backup drive there should be no reason to edit the conf or batch files | ||
# From a command prompt, run the DoBackup.bat script and check that the following files are created | # From a command prompt, run the DoBackup.bat script and check that the following files are created | ||
#* <code> T:\backup\data\ibdata1 </code> | #* <code> T:\backup\data\ibdata1 </code> | ||
#* <code> T:\backup\data\ibbackup_logfile </code> | #* <code> T:\backup\data\ibbackup_logfile </code> | ||
# Schedule the batch script to run at 07:00 and 19:00 hrs ''local'' time, using a command similar to (edit as suggested)... | # Schedule the batch script to run at 07:00 and 19:00 hrs ''local'' time, using a command similar to (edit as suggested)... | ||
#* <code> schtasks /create /tn "vFoglight MySQL backup" /ru | #* <code> schtasks /create /tn "vFoglight MySQL backup" /ru <user> /rp <password> /tr T:\backup\config\DoBackup.bat /sc hourly /mo 12 /st 07:00:00 </code> | ||
#* /ru - ''Service account username'' | #* /ru - ''Service account username'' | ||
#* /rp - ''Service account password'' | #* /rp - ''Service account password'' – edit as required | ||
#* /st - ''First run start time'' | #* /st - ''First run start time'' – change to be GMT representation of 7am local time | ||
#* Note that due to the GMI lock-down policy, this command must be run as a local admin | #* Note that due to the GMI lock-down policy, this command must be run as a local admin | ||
Line 194: | Line 190: | ||
On the Federation vFoglight server, the problem is caused by a lack of data to the source FMS/local vFoglight server, or a problem between that server and the master Federation server. | On the Federation vFoglight server, the problem is caused by a lack of data to the source FMS/local vFoglight server, or a problem between that server and the master Federation server. | ||
[[Category: | == Duplicate / Unwanted vCentre == | ||
To remove a vCentre server instance that's not required from vFoglight... | |||
# In the left-hand '''Dashboards''' menu | |||
# Browse to '''Management Server | Servers | Data Management''' | |||
# Then expand '''VMware Model | virtualCenters''' | |||
# Locate the vCentre you want to remove, and click the '''delete''' icon | |||
...if the vCentre comes back, then there's probably a vFoglight VMware agent still sending data to the server | |||
[[Category:Applications]] | |||
[[Category:Virtualisation]] |
Latest revision as of 07:38, 25 June 2012
- General support documentation can found on Vizioncore's website: http://www.vizioncore.com/vzone/index.php.
- Note that the local vFoglight server is known as an FMS or local child server, the global server is a Federation Master.
Maintenance and Procedures
Add Regional Servers to Federative
- Add name and IP of regional server to Federative's host file
- Add the names of the regional servers to the Federative's config file
- Open
S:\Program Files\vizioncore\vFoglight\config\federation.config
- Add to
JndiURLs
section, eg"jnp://server.domain.com:1099"
- Restart Foglight services
- Open
- Check status of new connection
- Log into Federative server
- Go to Administration, and find the Federation pane
- Click on "Number of Children" to view the server topology
Software Upgrade
Be aware that during the upgrade, stopping/starting vFoglight service, and database changes/upgrades may take some time. Cancelling the upgrade during any of these steps could corrupt the database.
- Copy installer to server
- Restart the server
- Start the installer, and select the Custom method
- Change the drive letter for the install path (probably S: - leave rest of path intact)
- Select Upgrade
- If the Agent installer pops up, cancel it.
- Once the upgrade completes...
- Verify you can login to vFoglight (it can take 5 mins+ for the services to start fully after the upgrade, be patient)
- If a master/global Federation server, confirm this is still the case. Browse to Dashboards | Administration | Administration, and check the Federation mode is "Master". If not, correct the config in
.\Program Files\Vizone\config\foglight.config
so thatfoglight.federation = true
, then restart the server and re-verify. - Note that the software can report incorrect version numbers, for example after installing v5.2.6.0 the GUI shows v5.2.5 (found at Dashboards | Administration | Administration, Current Statistics pane).
Cartridge Install / Upgrade
If upgrading a cartridge, you must uninstall the current version 1st...
- Browse to Dashboards | Administration | Administration, and in the Navigation pane click on Cartridges | Inventory
- Select the relevant cartridge, and use the Uninstall Selected button.
Install the cartridge...
- Download the cartridge .car file to your local machine
- Browse to Dashboards | Administration | Administration, and in the Navigation pane click on Cartridges | Inventory
- Use the Browse button to locate the .car, then click on Install Cartridge
- Verify that the expected version of cartridge has been installed
Dashboard Creation
This procedure assumes the VM's you want to view via a dashboard are contained within a resource group, in this instance called WEB-SERVICE (based on the resource pool that the servers are contained within).
- Create Dashboard...
- From the right hand menu, on the General tab, select Create new dashboard
- Give the dashboard a sensible name, eg "WEB-SERVICE dashboard for 2nd line team"
- Set the Relevant Role(s) to be the intended audience groups
- Set the Allowed Role(s) to include all groups that should be allowed to see the dashboard (always include Administrators)
- Enter a description into the Help text box, if required
- Customise Dashboard...
- On the General tab select 1 column
- On Data tab, navigate to Data | Virtual | VMware | Resource Pools
- Drag and drop the WEB-SERVICE (VMWResourcePool) object into the central pane
- Select the Utilizations: Resource Pool view
- Add further object views as per complete table below (ie you've already done the 1st)
Object | View |
---|---|
WEB-SERVICE (VMWResourcePool) | Utilizations: Resource Pool |
WEB-SERVICE (VMWResourcePool) | Reportlet: Advanced Alarm History |
WEB-SERVICE (VMWResourcePool) | Alarm List with Filter (TopologyObject) |
virtualMachines (under "WEB-SERVICE (VMWResourcePool)") | vmExplorer: VMCPUdetails (used/ready) |
Active Directory Integration
Procedure to enable vFoglight to authenticate user logins on AD domain, and to be able to use AD groups. The vFoglight server needs a service account in order to be able to interact with AD domain.
Be aware that there is a bug in the vFoglight interface, every time you edit the Configure Directory Services form you must re-enter the password information |
---|
- Create service account on PROD domain
- EG Create account
svc-vFog
using something like dsadd user "cn=svc-vFog, cn=Users, dc=prod, dc=domain, dc=com" - pwd "password-here" -pwdneverexpires yes -disabled no
- and make a member of the "SQL Service Accounts" group
- EG Create account
- Log into vFoglight (as foglight/foglight), and navigate to Dashboards | Users & Security | Configure Directory Services
- Configure AD integration using the table below, leave all other fields as is
- Kick start AD integration
- Log out of the vFoglight interface, then log in as a CORP domain user (ie yourself). The login should partially succeed, and you should receive a error message like
- You logged in as user 123456 and do not have access to the application.
- If not, check the latest ManagementServer log at
.\Program Files\vizioncore\vFoglight\logs\
and attempt to resolve.
- Log into vFoglight (as foglight/foglight), and navigate to Dashboards | Users & Security | Manage Groups
- You should see both local (Built-In and Internal) groups, and External (from the AD domain).
- Give VI Admins login access to vFoglight
- Highlight the VI Administrators group, and click on Edit Roles button.
- Add all roles to the group and save.
- Test by logging out of vFoglight and logging back in as a domain user
Field | Description | Example |
---|---|---|
Nearest LDAP server | Primary Domain Controller | ldap://dcsvr01.corp.domain.com:389/
|
Secondary LDAP server URL | Secondary Domain Controller | ldap://dcsvr02.corp.domain.com:389/
|
Distinguished name of the service account | vFoglight server's Service Account | CN=svc-vFog,CN=Users,DC=corp,DC=domain,DC=com
|
Password | vFoglight Service Account password | Password for svc-vFog |
LDAP query prefix | Query prefix for user a/c finding | CN=
|
LDAP query suffix | Query suffix for user a/c finding, note the leading , | ,DC=corp,DC=domain,DC=com
|
The scope(s) to search for groups | Where to look for domain user groups | DC=corp,DC=domain,DC=com
|
The LDAP context for user searching | Where to look for domain users | DC=corp,DC=domain,DC=com
|
Database Backup Scheduling
Procedure to set-up backup of vFoglight MySQL database to local disk
- Create directory structure on the backup drive...
T:\backup\config
T:\backup\data
- Within the config directory create two config files and one batch script; backup.conf, my.conf and DoBackup.bat; with contents as shown at bottom of procedure.
- As long as S: is your software/database drive, and T: is your backup drive there should be no reason to edit the conf or batch files
- From a command prompt, run the DoBackup.bat script and check that the following files are created
T:\backup\data\ibdata1
T:\backup\data\ibbackup_logfile
- Schedule the batch script to run at 07:00 and 19:00 hrs local time, using a command similar to (edit as suggested)...
schtasks /create /tn "vFoglight MySQL backup" /ru <user> /rp <password> /tr T:\backup\config\DoBackup.bat /sc hourly /mo 12 /st 07:00:00
- /ru - Service account username
- /rp - Service account password – edit as required
- /st - First run start time – change to be GMT representation of 7am local time
- Note that due to the GMI lock-down policy, this command must be run as a local admin
backup.conf | datadir="T:\backup\data" innodb_data_home_dir="T:\backup\data" innodb_data_file_path=ibdata1:10M:autoextend innodb_log_group_home_dir="T:\backup\data" set-variable=innodb_log_files_in_group=2 set-variable=innodb_log_file_size=134217728 |
my.conf | datadir="S:\Program Files\vizioncore\vFoglight\mysql\data" innodb_data_home_dir="S:\Program Files\vizioncore\vFoglight\mysql\data" innodb_data_file_path=ibdata1:10M:autoextend innodb_log_group_home_dir="S:\Program Files\vizioncore\vFoglight\mysql\data" set-variable=innodb_log_files_in_group=2 set-variable=innodb_log_file_size=134217728 |
DoBackup.bat | REM vFoglight database back-up script REM Simon Strutt v1.1 11-Aug-09 if exist T:\backup\data\ibdata1.4 del /q T:\backup\data\ibdata1.4 if exist T:\backup\data\ibdata1.3 ren T:\backup\data\ibdata1.3 ibdata1.4 if exist T:\backup\data\ibdata1.2 ren T:\backup\data\ibdata1.2 ibdata1.3 if exist T:\backup\data\ibdata1.1 ren T:\backup\data\ibdata1.1 ibdata1.2 if exist T:\backup\data\ibdata1 ren T:\backup\data\ibdata1 ibdata1.1 if exist T:\backup\data\ibbackup_logfile.4 del /q T:\backup\data\ibbackup_logfile.4 if exist T:\backup\data\ibbackup_logfile.3 ren T:\backup\data\ibbackup_logfile.3 ibbackup_logfile.4 if exist T:\backup\data\ibbackup_logfile.2 ren T:\backup\data\ibbackup_logfile.2 ibbackup_logfile.3 if exist T:\backup\data\ibbackup_logfile.1 ren T:\backup\data\ibbackup_logfile.1 ibbackup_logfile.2 if exist T:\backup\data\ibbackup_logfile ren T:\backup\data\ibbackup_logfile ibbackup_logfile.1 "S:\Program Files\vizioncore\vFoglight\mysql\bin\ibbackup" T:\backup\config\my.conf T:\backup\config\backup.conf |
Troubleshooting
vFoglight not updating
Pages are accessible, but not updating (normally animated dials etc are grey/black). Caused by lack of data flow from VC server to the vFoglight server. To resolve, check vFoglight services on the vCenter and potentially reinstall the vFoglight agent on the VC server...
- On VC, browse to vFoglight server
- Go to Administration, then Cartridges | Component Download
- Install the Virtual VMware Agent (accept all default options, Next, Next, Next)
- Ensure vFoglight services are running on VC
On the Federation vFoglight server, the problem is caused by a lack of data to the source FMS/local vFoglight server, or a problem between that server and the master Federation server.
Duplicate / Unwanted vCentre
To remove a vCentre server instance that's not required from vFoglight...
- In the left-hand Dashboards menu
- Browse to Management Server | Servers | Data Management
- Then expand VMware Model | virtualCenters
- Locate the vCentre you want to remove, and click the delete icon
...if the vCentre comes back, then there's probably a vFoglight VMware agent still sending data to the server