VFoglight: Difference between revisions

From vwiki
Jump to navigation Jump to search
Line 78: Line 78:
|}
|}


# Create service account on GMI domain
# Create service account on PROD domain
#* EG for DTCP-VIRFOGV01 create <code> -sVFOGDTCP-VIRFOGV01 </code> using something like
#* EG Create account <code> -svc-vFog </code> using something like
#* <code> dsadd user "cn=-sVFOGDTCP-VIRFOGV01, cn=Users, dc=gmi, dc=dtc, dc=reuint, dc=com" - pwd "password-here" -pwdneverexpires yes -disabled no </code>
#* <code> dsadd user "cn=--svc-vFog, cn=Users, dc=prod, dc=domain, dc=com" - pwd "password-here" -pwdneverexpires yes -disabled no </code>
#* and make a member of the "SQL Service Accounts" group
#* and make a member of the "SQL Service Accounts" group
# Log into vFoglight (as foglight/foglight), and navigate to '''Dashboards | Users & Security | Configure Directory Services'''
# Log into vFoglight (as foglight/foglight), and navigate to '''Dashboards | Users & Security | Configure Directory Services'''
# Configure AD integration using the table below, leave all other fields as is
# Configure AD integration using the table below, leave all other fields as is
# Kick start AD integration
# Kick start AD integration
#* Log out of the vFoglight interface, then log in as a GMI domain user (ie yourself).  The login should partially succeed, and you should receive a error message like  
#* Log out of the vFoglight interface, then log in as a CORP domain user (ie yourself).  The login should partially succeed, and you should receive a error message like  
#* ''You logged in as user 123456 and do not have access to the application.''
#* ''You logged in as user 123456 and do not have access to the application.''
#* If not, check the latest ManagementServer log at <code> .\Program Files\vizioncore\vFoglight\logs\ </code> and attempt to resolve.
#* If not, check the latest ManagementServer log at <code> .\Program Files\vizioncore\vFoglight\logs\ </code> and attempt to resolve.
Line 100: Line 100:
! Field                                    !! Description                          !! Example  
! Field                                    !! Description                          !! Example  
|-
|-
| Nearest LDAP server                      || Primary Domain Controller            || <code> ldap://dtcp-gmiadsc01.gmi.dtc.reuint.com:389/ </code>
| Nearest LDAP server                      || Primary Domain Controller            || <code> ldap://dcsvr01.corp.domain.com:389/ </code>
|-
|-
| Secondary LDAP server URL                || Secondary Domain Controller          || <code> ldap://dtcp-gmiadsc02.gmi.dtc.reuint.com:389/ </code>
| Secondary LDAP server URL                || Secondary Domain Controller          || <code> ldap://dcsvr02.corp.domain.com:389/ </code>
|-
|-
| Distinguished name of the service account || vFoglight server's Service Account  || <code> CN=-sVFOGDTCP-VIRFOGV01,CN=Users,DC=gmi,DC=dtc,DC=reuint,DC=com </code>
| Distinguished name of the service account || vFoglight server's Service Account  || <code> CN=-svc-vFog,CN=Users,DC=corp,DC=domain,DC=com </code>
|-
|-
| Password                                  || vFoglight Service Account password  || ''Password for -sVFOGDTCP-VIRFOGV01''
| Password                                  || vFoglight Service Account password  || ''Password for -svc-vFog''
|-
|-
| LDAP query prefix                        || Query prefix for user a/c finding    || <code> CN= </code>
| LDAP query prefix                        || Query prefix for user a/c finding    || <code> CN= </code>
|-
|-
| LDAP query suffix                        || Query suffix for user a/c finding, note the leading ''','''  || <code> ,DC=gmi,DC=dtc,DC=reuint,DC=com </code>
| LDAP query suffix                        || Query suffix for user a/c finding, note the leading ''','''  || <code> ,DC=corp,DC=domain,DC=com </code>
|-
|-
| The scope(s) to search for groups        || Where to look for domain user groups || <code> DC=gmi,DC=dtc,DC=reuint,DC=com </code>
| The scope(s) to search for groups        || Where to look for domain user groups || <code> DC=corp,DC=domain,DC=com </code>
|-
|-
| The LDAP context for user searching      || Where to look for domain users      || <code> DC=gmi,DC=dtc,DC=reuint,DC=com </code>
| The LDAP context for user searching      || Where to look for domain users      || <code> DC=corp,DC=domain,DC=com </code>
|-
|-
|}
|}


== Database Backup Scheduling ==
== Database Backup Scheduling ==

Revision as of 10:51, 22 February 2010

  • General support documentation can found on Vizioncore's website: http://www.vizioncore.com/vzone/index.php.
  • Note that the local vFoglight server is known as an FMS or local child server, the global server is a Federation Master.

Maintenance and Procedures

Add Regional Servers to Federative

  1. Add name and IP of regional server to Federative's host file
  2. Add the names of the regional servers to the Federative's config file
    • Open S:\Program Files\vizioncore\vFoglight\config\federation.config
    • Add to JndiURLs section, eg "jnp://server.domain.com:1099"
    • Restart Foglight services
  3. Check status of new connection
    • Log into Federative server
    • Go to Administration, and find the Federation pane
    • Click on "Number of Children" to view the server topology

Software Upgrade

Be aware that during the upgrade, stopping/starting vFoglight service, and database changes/upgrades may take some time. Cancelling the upgrade during any of these steps could corrupt the database.

  1. Copy installer to server
  2. Restart the server
  3. Start the installer, and select the Custom method
  4. Change the drive letter for the install path (probably S: - leave rest of path intact)
  5. Select Upgrade
  6. If the Agent installer pops up, cancel it.
  7. Once the upgrade completes...
    • Verify you can login to vFoglight (it can take 5 mins+ for the services to start fully after the upgrade, be patient)
    • If a master/global Federation server, confirm this is still the case. Browse to Dashboards | Administration | Administration, and check the Federation mode is "Master". If not, correct the config in .\Program Files\Vizone\config\foglight.config so that foglight.federation = true , then restart the server and re-verify.
    • Note that the software can report incorrect version numbers, for example after installing v5.2.6.0 the GUI shows v5.2.5 (found at Dashboards | Administration | Administration, Current Statistics pane).

Cartridge Install / Upgrade

If upgrading a cartridge, you must uninstall the current version 1st...

  1. Browse to Dashboards | Administration | Administration, and in the Navigation pane click on Cartridges | Inventory
  2. Select the relevant cartridge, and use the Uninstall Selected button.

Install the cartridge...

  1. Download the cartridge .car file to your local machine
  2. Browse to Dashboards | Administration | Administration, and in the Navigation pane click on Cartridges | Inventory
  3. Use the Browse button to locate the .car, then click on Install Cartridge
  4. Verify that the expected version of cartridge has been installed

Dashboard Creation

This procedure assumes the VM's you want to view via a dashboard are contained within a resource group, in this instance called WEB-SERVICE (based on the resource pool that the servers are contained within).

  1. Create Dashboard...
    • From the right hand menu, on the General tab, select Create new dashboard
    • Give the dashboard a sensible name, eg "WEB-SERVICE dashboard for 2nd line team"
    • Set the Relevant Role(s) to be the intended audience groups
    • Set the Allowed Role(s) to include all groups that should be allowed to see the dashboard (always include Administrators)
    • Enter a description into the Help text box, if required
  2. Customise Dashboard...
    • On the General tab select 1 column
    • On Data tab, navigate to Data | Virtual | VMware | Resource Pools
    • Drag and drop the WEB-SERVICE (VMWResourcePool) object into the central pane
    • Select the Utilizations: Resource Pool view
    • Add further object views as per complete table below (ie you've already done the 1st)
Object View
WEB-SERVICE (VMWResourcePool) Utilizations: Resource Pool
WEB-SERVICE (VMWResourcePool) Reportlet: Advanced Alarm History
WEB-SERVICE (VMWResourcePool) Alarm List with Filter (TopologyObject)
virtualMachines (under "WEB-SERVICE (VMWResourcePool)") vmExplorer: VMCPUdetails (used/ready)

Active Directory Integration

Procedure to enable vFoglight to authenticate user logins on AD domain, and to be able to use AD groups. The vFoglight server needs a service account in order to be able to interact with AD domain.

Be aware that there is a bug in the vFoglight interface, every time you edit the Configure Directory Services form you must re-enter the password information
  1. Create service account on PROD domain
    • EG Create account -svc-vFog using something like
    • dsadd user "cn=--svc-vFog, cn=Users, dc=prod, dc=domain, dc=com" - pwd "password-here" -pwdneverexpires yes -disabled no
    • and make a member of the "SQL Service Accounts" group
  2. Log into vFoglight (as foglight/foglight), and navigate to Dashboards | Users & Security | Configure Directory Services
  3. Configure AD integration using the table below, leave all other fields as is
  4. Kick start AD integration
    • Log out of the vFoglight interface, then log in as a CORP domain user (ie yourself). The login should partially succeed, and you should receive a error message like
    • You logged in as user 123456 and do not have access to the application.
    • If not, check the latest ManagementServer log at .\Program Files\vizioncore\vFoglight\logs\ and attempt to resolve.
  5. Log into vFoglight (as foglight/foglight), and navigate to Dashboards | Users & Security | Manage Groups
  6. You should see both local (Built-In and Internal) groups, and External (from the AD domain).
  7. Give VI Admins login access to vFoglight
    • Highlight the VI Administrators group, and click on Edit Roles button.
    • Add all roles to the group and save.
    • Test by logging out of vFoglight and logging back in as a domain user


Field Description Example
Nearest LDAP server Primary Domain Controller ldap://dcsvr01.corp.domain.com:389/
Secondary LDAP server URL Secondary Domain Controller ldap://dcsvr02.corp.domain.com:389/
Distinguished name of the service account vFoglight server's Service Account CN=-svc-vFog,CN=Users,DC=corp,DC=domain,DC=com
Password vFoglight Service Account password Password for -svc-vFog
LDAP query prefix Query prefix for user a/c finding CN=
LDAP query suffix Query suffix for user a/c finding, note the leading , ,DC=corp,DC=domain,DC=com
The scope(s) to search for groups Where to look for domain user groups DC=corp,DC=domain,DC=com
The LDAP context for user searching Where to look for domain users DC=corp,DC=domain,DC=com

Database Backup Scheduling

Procedure to set-up backup of vFoglight MySQL database to local disk

  1. Create directory structure on the backup drive...
    • T:\backup\config
    • T:\backup\data
  2. Within the config directory create two config files and one batch script; backup.conf, my.conf and DoBackup.bat; with contents as shown at bottom of procedure.
    • As long as S: is your software/database drive, and T: is your backup drive there should be no reason to edit the conf or batch files
  3. From a command prompt, run the DoBackup.bat script and check that the following files are created
    • T:\backup\data\ibdata1
    • T:\backup\data\ibbackup_logfile
  4. Schedule the batch script to run at 07:00 and 19:00 hrs local time, using a command similar to (edit as suggested)...
    • schtasks /create /tn "vFoglight MySQL backup" /ru GMI\reutadmin /rp <password> /tr T:\backup\config\DoBackup.bat /sc hourly /mo 12 /st 07:00:00
    • /ru - Service account username
    • /rp - Service account password – edit as required
    • /st - First run start time – change to be GMT representation of 7am local time
    • Note that due to the GMI lock-down policy, this command must be run as a local admin


backup.conf
datadir="T:\backup\data"
innodb_data_home_dir="T:\backup\data"
innodb_data_file_path=ibdata1:10M:autoextend
innodb_log_group_home_dir="T:\backup\data"
set-variable=innodb_log_files_in_group=2
set-variable=innodb_log_file_size=134217728 
my.conf
datadir="S:\Program Files\vizioncore\vFoglight\mysql\data"
innodb_data_home_dir="S:\Program Files\vizioncore\vFoglight\mysql\data"
innodb_data_file_path=ibdata1:10M:autoextend
innodb_log_group_home_dir="S:\Program Files\vizioncore\vFoglight\mysql\data"
set-variable=innodb_log_files_in_group=2
set-variable=innodb_log_file_size=134217728 
DoBackup.bat
REM  vFoglight database back-up script
REM   Simon Strutt   v1.1   11-Aug-09

if exist T:\backup\data\ibdata1.4 del /q T:\backup\data\ibdata1.4
if exist T:\backup\data\ibdata1.3 ren T:\backup\data\ibdata1.3 ibdata1.4
if exist T:\backup\data\ibdata1.2 ren T:\backup\data\ibdata1.2 ibdata1.3
if exist T:\backup\data\ibdata1.1 ren T:\backup\data\ibdata1.1 ibdata1.2
if exist T:\backup\data\ibdata1 ren T:\backup\data\ibdata1 ibdata1.1

if exist T:\backup\data\ibbackup_logfile.4 del /q T:\backup\data\ibbackup_logfile.4
if exist T:\backup\data\ibbackup_logfile.3 ren T:\backup\data\ibbackup_logfile.3 ibbackup_logfile.4
if exist T:\backup\data\ibbackup_logfile.2 ren T:\backup\data\ibbackup_logfile.2 ibbackup_logfile.3
if exist T:\backup\data\ibbackup_logfile.1 ren T:\backup\data\ibbackup_logfile.1 ibbackup_logfile.2
if exist T:\backup\data\ibbackup_logfile ren T:\backup\data\ibbackup_logfile ibbackup_logfile.1

"S:\Program Files\vizioncore\vFoglight\mysql\bin\ibbackup" T:\backup\config\my.conf T:\backup\config\backup.conf 

Troubleshooting

vFoglight not updating

Pages are accessible, but not updating (normally animated dials etc are grey/black). Caused by lack of data flow from VC server to the vFoglight server. To resolve, check vFoglight services on the vCenter and potentially reinstall the vFoglight agent on the VC server...

  1. On VC, browse to vFoglight server
  2. Go to Administration, then Cartridges | Component Download
  3. Install the Virtual VMware Agent (accept all default options, Next, Next, Next)
  4. Ensure vFoglight services are running on VC

On the Federation vFoglight server, the problem is caused by a lack of data to the source FMS/local vFoglight server, or a problem between that server and the master Federation server.