Application Discovery Manager Administration Guide vCenter Application Discovery Manager 6.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.
Application Discovery Manager Administration Guide You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com Copyright © 2010 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws.
Contents About This Book 7 1 Overview 9 System Architecture 9 Single‐box Appliance 11 Distributed Appliance Solutions 11 Virtual and Physical Appliance Solutions 12 Virtual Appliance Deployment 12 Physical Appliance Deployment 13 Mirrored Network Traffic 13 vCollector 13 Mixed Environment 13 Where To Go Next 14 Installation of New or Additional ADM Components 14 Licenses 14 Upgrading ADM 14 Migrating to a New Appliance 14 Security 14 2 Installing ADM 15 ADM Installation Requirements 15 Installation Pers
Administration Guide Configuring the Root Password 24 User name and Passwords 24 Configuring Static Network Settings 25 Configuring the Timezone and Time 25 Configuring the Appliance Role 26 Post‐Installation Steps 27 Logging In to the ADM Console 27 Initiating Passive Discovery 27 4 Securing ADM 29 Changing the Root Password 29 Resetting the ADM Root Password 29 OpenSSL Self‐Signed Test Certificates 30 CA Signed Test Certificates 30 Self‐Signed Certificates 30 Copying the .key and .
Contents Preliminary Procedures 46 Backing Up WinApe Migration Files 46 Restoring WinApe Migration Files 47 Data Restoration 47 Single‐box‐Solution 47 Distributed Solutions 47 Collectors 47 WinApe 47 Aggregator 47 Distributed Solution with Remote Database 48 Collectors 48 WinApe 48 Database 48 Aggregator 48 Post‐Migration Steps 48 8 Troubleshooting ADM 49 Troubleshooting the ADM by Using the Product Support Package 49 Detail Discovery Troubleshooting 49 WMI 49 single.
Administration Guide 6 VMware, Inc.
About This Book The VMware vCenter™ Application Discovery Manager (ADM) Administration Guide provides information that the administrators are required to install and configure the ADM. Intended Audience This document is part of the VMware vCenter Application Discovery Manager documentation set, and is intended for use by system administrators and integrators responsible for installing ADM.
Administration Guide VMware Professional Services VMware Education Services courses offer extensive hands‐on labs, case study examples, and course materials designed to be used as on‐the‐job reference tools. Courses are available onsite, in the classroom, and live online. For onsite pilot programs and implementation best practices, VMware Consulting Services provides offerings to help you assess, plan, build, and manage your virtual environment.
1 1 Overview This chapter describes the different VMware vCenter Application Discovery Manager (ADM) architecture solutions and configuration. Topics include: “System Architecture” on page 9 “Virtual and Physical Appliance Solutions” on page 12 “vCollector” on page 13 “Mixed Environment” on page 13 “Where To Go Next” on page 14 System Architecture The ADM provides system architecture solutions to meet the requirements of different environments as shown in Figure 1‐1. Figure 1-1.
Administration Guide Table 1-1. ADM Components Component Description Passive Discovery Passively observes the network traffic by performing a deep‐packet analysis to discover applications and component relationships in physical and virtual environments. It also allows you to: Map dependencies. Count the activity of these dependencies. Identify services. Aggregator Receives data from the discovery components and reconciles the data before transferring it to the database component.
Chapter 1 Overview Single-box Appliance In a single‐box appliance solution architecture, the ADM components are enabled on a single Virtual Appliance (VA) as shown in Figure 1‐2. Figure 1-2.
Administration Guide Figure 1-3.
Chapter 1 Overview Collector ADM Template — A smaller OVF template that includes the Passive Collector and Active and Passive Collector and you can configure as passive and active discovery Collector and Passive Discovery Collector. Windows Collector Installer — An executable file that installs the Windows Collector component on top of the Windows 2008 R2 operating systems.
Administration Guide . NOTE All ADM appliances that participate in mixed environemnt mode must run the same 6.1 version of the ADM. Where To Go Next This section provides links that contains more information on the topics listed. Installation of New or Additional ADM Components Continue by configuring initial appliance settings as described in Chapter 2. Licenses You need a new license to use ADM after upgrading or migrating. Obtain the license from your VMware Sales representative.
2 2 Installing ADM This chapter describes installation and deployment of the ADM. Topics include: “ADM Installation Requirements” on page 15 “Disabling vMotion” on page 16 “Preparing the Environment” on page 16 “Deploying the Virtual Appliances” on page 18 “Installing Windows Collector” on page 20 ADM Installation Requirements ADM is an appliance that can run in a VMware infrastructure. This section contains requirements that must be met before you install and use the ADM appliance.
Administration Guide Installing the vSphere Client Install the vSphere client to work with VMware environment. To download and install the vSphere Client 1 Launch Internet Explorer browser. NOTE ADM supports Windows Internet Explorer 6.0 and later browsers. 2 In the address bar, type the IP number of the ESX Server where the virtual machine is installed, for example: https:// 3 Click the Download vSphere Client link, and then Save the client executable file to your local hard disk.
Chapter 2 Installing ADM Creating a New vSwitch for Passive Discovery To create a new vSwitch for Passive Discovery 1 Connect the monitor ports to available network interfaces on the ESX server. 2 Connect to the ESX server or vCenter by using vSphere client. 3 Navigate to the Configuration tab on the ESX server where you want to deploy ADM appliances. 4 Navigate to the networking configuration option. 5 Click Add Networking to open the Add network wizard.
Administration Guide d Click OK and then Close. Configuring dvSwitch for Passive Collector If a virtual machine is directly connected to the network and not through the vSwitch, the physical Collector observes the traffic, while the vSwitch does not. This is termed as VMDirectPath. Software‐based Cisco Nexus switches are supported. This procedure is relevant only for vSphere 4 and not for ESX 3.5. To create a port group in the dvSwitch 1 Log in to the vCenter server with vCenter client.
Chapter 2 Installing ADM Table 2-3.
Administration Guide 6 Type a unique virtual appliance name according to the IT naming convention of your organization and with relevance to the appliance type as described in Table 2‐3. 7 Click Next. The Datastore screen appears. NOTE If there is more than one datastore, select the datastore where you want to install the virtual machine. 8 Click Next. The Network Mapping screen appears. 9 Click Next. The Ready to Complete screen appears.
Chapter 2 Installing ADM Windows Collector unique ID NOTE This is the same identifier that was defined on the Aggregator side for WMI discovery. The default value is 200. 8 Click Next. The Installation screen appears. 9 Click Install to begin the installation. NOTE The process of installing and configuring the Windows Collector can take several minutes. 10 Click Finish to close the InstallShield Wizard screen when the installation process is complete.
Administration Guide 22 VMware, Inc.
3 Setting Up ADM 3 This chapter provides information for setting up the ADM virtual appliance deployments. Topics include: “Process” on page 23 “Post‐Installation Steps” on page 27 Process After the ADM appliance is deployed on the ESX Server, perform the following procedures: “Order of Setup” on page 23.
Administration Guide Table 3-1. Network Values Parameter Value Network IP address Network netmask Network gateway Domain Name Server (DNS) NOTE: You can enter up to three Domain Name Servers separated by comma. Fully Qualified (FQ) hostname Launching the First Boot Configuration Tool Repeat the following steps for each ADM virtual appliance: NOTE The Windows Active Collector is set up as described in “Installing Windows Collector” on page 20.
Chapter 3 Setting Up ADM To change the Root Password 1 Type a new password for the root user and press Enter. 2 Retype the password and press Enter to confirm. The wizard now asks to add network information, type yes. The wizard prompts you to add network information and you can add the network information as described in “Configuring Static Network Settings” on page 25.
Administration Guide The wizard displays all the settings that you have completed and asks for your confirmation to save the information. If you type yes, the wizard saves the settings and the system starts rebooting. After completion, the wizard displays the message to set the appliance role setting. You can configure the appliance role as described in “Configuring the Appliance Role” on page 26. NOTE If you type no, the wizard does not save anything and you must start the settings from the beginning.
Chapter 3 Setting Up ADM The appliance role is then created. This process might take some time. NOTE The Windows Active Collector role is installed by running an executable as described in “Installing Windows Collector” on page 20. Post-Installation Steps Before you login to the ADM console, clear the cache of your browser to prevent the possible appearance of incorrect information in the displays, application errors, and other error messages when opening the ADM.
Administration Guide 8 Click Update to save the settings. 9 Optionally, add a Passive Discovery Plan. 10 Restart Passive Discovery. Navigate to the Manage > System page, and click Restart Discovery. 11 Click OK in the message box that states: Starting a new Passive Discovery deletes all existing discovery data. This might take a few minutes. The system is unavailable to all users during this process. Continue? 28 12 Click OK to begin the discovery process.
4 Securing ADM 4 This chapter provides information on securing ADM appliance. Topics include: “Changing the Root Password” on page 29 “Resetting the ADM Root Password” on page 29 “OpenSSL Self‐Signed Test Certificates” on page 30 “CA Signed Test Certificates” on page 30 Changing the Root Password To change the root password 1 Log in to the ADM appliance by using a Secure Shell (SSH) client. 2 Run the passwd command: The wizard asks to enter a new password. Retype the password.
Administration Guide 6 Place your cursor at the end of the line and append the line by typing: single 7 Press Enter to commit the change. 8 Press b to start the system. Your system starts without requiring a password. 9 Type the following command to reset the password: passwd 10 Follow the prompts as they appear on the screen to set the password. 11 Type the following command to restart the system: reboot Your password is changed and restarts the system.
Chapter 4 Securing ADM To create a certificate 1 To generate the Rivest, Shamir, and Adleman (RSA) key type: cd /etc/httpd/conf/ssl.prm/ openssl genrsa 2048 > server.key chmod 400 server.key The openSSL utility can generate a Digital Signature Algorithm (DSA) key by using the gendsa option. For compatibility, VMware recommends RSA keys by using 2048‐bits as the key size. 2 Create the certificate by typing: openssl req -new -x509 -nodes -sha1 -days 365 -key server.key > server.
Administration Guide 32 VMware, Inc.
5 Maintenance 5 This chapter describes the necessary concepts and procedures to maintain an ADM deployment. Topics include: “ADM Services” on page 33 “Product Support Packages” on page 34 “Restoring an ADM Environment by Using a Product Support Package” on page 36 “Reconfiguring an ADM Deployment” on page 38 “Licenses” on page 39 ADM Services Table 5‐1 describes the main ADM services. Table 5-1. ADM Services Service name Description apache Web server service.
Administration Guide Managing Services with adm_control ADM provides the adm_control.pl script to start, stop, and monitor ADM services. You can start or stop any service, but if you stop any service all dependent services are stopped as a result. All dependent services is listed during the stop process. Table 5‐2 lists and describes the commands for the ADM services. Table 5-2. ADM Service Commands Use the Following Command To adm_control.
Chapter 5 Maintenance You can create support packages either through the ADM Console or through the Command Line Interface (CLI). NOTE Product support packages require a password for extraction. Contact VMware Customer Support to retrieve the password if you use the product support package to restore ADM or the ADM database as described in “Restoring an ADM Environment by Using a Product Support Package” on page 36.
Administration Guide Restoring an ADM Environment by Using a Product Support Package To restore an ADM configuration 1 Backup your ADM environment as described in “Product Support Packages” on page 34. 2 Contact VMware Customer Support to retrieve the password for extracting the product support package. 3 Follow the steps in “Restore the ADM Database” on page 36. 4 If necessary, “Restoring the Custom Discovery and Configuration Files” on page 37.
Chapter 5 Maintenance 12 Exit from the nlayers user. 13 Type the following adm_control.pl command to start the services: /home/nlayers/Seneca/Control/bin/adm_control.pl --start all NOTE If the ADM configuration being restored has custom configuration files or fingerprints, you must complete the steps outlined in “Restoring the Custom Discovery and Configuration Files” on page 37.
Administration Guide 15 Place the copied files to: /tmp/adkb/custom 16 Overwrite any files or folders in the destination directory if prompted to do so. 17 Type the following command to check in the custom fingerprints: /home/nlayers/Seneca/management/APIs/InSight_control.sh adkb --checkin /tmp 18 Type the following adm_control.pl command to restart the relevant services: /home/nlayers/Seneca/Control/bin/adm_control.
Chapter 5 Maintenance 3 Ensure that the database mode is set correctly, as follows: a Type the command: /home/nlayers/Seneca/tools/appliance_conf.pl --status b If the mode is not database correct it by typing: /home/nlayers/Seneca/tools/appliance_conf.pl -mode=d 4 Make a note of the IP address of the remote database. 5 Run the appliance_conf.pl script on the Aggregator appliance: a Edit the file /home/nlayers/Seneca/tools/remote.db.conf.
Administration Guide Access the Licenses Properties screen from the Manage > System > Licensing menu in the ADM UI that displays the license information, which includes the licensed feature, quantity of available licenses, and expiry date. The appropriate warning message appears on the Dashboard, Inventory and License Properties page. An ADM UI administrator can login to review license limitations and upload new licenses as required.
6 Upgrading ADM 6 This chapter describes the necessary concepts and procedures to upgrade an ADM deployment. Topics include: “Overview” on page 41 “Upgrading Appliances” on page 42 “Post‐Upgrade Steps” on page 43 Overview The following considerations apply for appliance upgrades and migration. Appliance Type You can upgrade ADM on physical ADM on virtual appliances running versions 6.1.x or later as described in “Upgrading Appliances” on page 42.
Administration Guide Upgrading Appliances This section describes the upgrading of Application Discovery Manager versions 6.0.x or later for physical appliances and 6.1.x or later for virtual appliances. Important Notes All appliances in your current environment must run ADM version 6.0.x or later. Also, upgrade all appliances to the same ADM version. Before upgrading the ADM, familiarize yourself with “Overview” on page 41.
Chapter 6 Upgrading ADM Post-Upgrade Steps Before you login to the ADM console: Clear the cache of your browser to prevent the possible appearance of incorrect information in the displays, application errors, and other error messages when opening the ADM. IMPORTANT You might be required to upload a new license if you are upgrading from 6.0.x. Before proceeding, review the criteria and if necessary, perform the steps described in“Licenses” on page 14. You can now begin using the ADM. VMware, Inc.
Administration Guide 44 VMware, Inc.
7 Migrating to a New Appliance 7 This chapter provides instructions on migration of an existing physical or virtual ADM appliance to a virtual appliance supplied by VMware. Topics include: “Overview” on page 45 “Preliminary Procedures” on page 46 “Data Restoration” on page 47 “Post‐Migration Steps” on page 48 Overview Additional documentation as described below is available at http://downloads.vmware.com/ Supported Migration Appliance migration is supported from ADM 6.0.x.
Administration Guide Migrate or upgrade all appliances to the same ADM version in the following order: 1 Remote database (for Distributed with remote database solution) 2 Collectors (for all Distributed solutions) 3 Aggregator Process The migration process is as follows: 1 Record the current appliance network settings as described in “ADM Setup Procedures” on page 23. 2 Backup your data as described in “Product Support Packages” on page 34.
Chapter 7 Migrating to a New Appliance Restoring WinApe Migration Files NOTE Backup your ADM environment as described in “Backing Up WinApe Migration Files” on page 46. The following procedures describes the restoration of WinApe migration files. 1 Log in to the WinApe appliance. 2 Copy the adkbcustom.jar backup file. 3 Navigate to the \lib folder. 4 Replace the current file in \lib folder with the copied file. 5 Run the services.msc command.
Administration Guide 3 Make the necessary changes in the Active probe configuration screen under the Manage > System menu of the ADM console to reflect the new collector appliance. The VMware vCenter Application Discovery Manager User’s Guide. Distributed Solution with Remote Database These steps apply to distributed solutions with a remote database. Perform the following steps on all appliances in the following order: Collectors, WinApe, database, Aggregator.
8 Troubleshooting ADM 8 This chapter provides instructions on troubleshooting of the ADM. Topics include: “Troubleshooting the ADM by Using the Product Support Package” on page 49 “Detail Discovery Troubleshooting” on page 49 Troubleshooting the ADM by Using the Product Support Package If you require, use the ADM product support package for troubleshooting: 1 Create an ADM product support package as described in “Product Support Packages” on page 34.
Administration Guide This utility is useful for testing the communication parameters for connecting to a host (for example, the user and password), and to find out the retrievable properties from a host without having to go through the process of defining a Detail Discovery policy in the ADM Console. Location /home/nlayers/Seneca/ActiveProbe/bin/single.sh Usage single.
Chapter 8 Troubleshooting ADM Table 8-1. single.sh Parameters (Continued) Parameter Description -p, -ports port One or more ports to use when connecting to the target host (for scanning as well). Use commas as separators. These ports applies even if the connection details are fetched from the management. -P, -accessProfile Access profile Discovery parameters or policy/access profile name to fetch from the management.
Administration Guide Name of a Detail Discovery policy. In this case the necessary information is read from a Detail Discovery policy defined in the user console. Full definition of the needed discovery details in a protocol‐specific format: protocol-name:prop1=value1,prop2=value2,... The following protocol names are supported: SSH, Telnet, SNMP, VI‐SDK and WMI. In addition, all protocols supports the ‐timeout parameter with a default value of 20000 milliseconds.
Chapter 8 Troubleshooting ADM Examples Create an snmpwalk dump for IP 1.2.3.4 and save the results into file snmpdump.1.2.3.4.txt: ./snmpdump.sh 1.2.3.4 snmpdump.1.2.3.4.txt nlcapture You can use the nlcapture utility in place of tcpdump to capture network activity. This utility supports the same default parameters as tcpdump, but sets the snaplen to be large enough so as to not truncate packets.
Administration Guide 54 VMware, Inc.
9 Uninstalling ADM 9 This chapter provides information for uninstalling the ADM appliance and includes “Uninstalling the ADM Appliance” on page 55. Uninstalling the ADM Appliance To uninstall the ADM appliance, follow the procedure of your organization for removing a virtual machine. VMware, Inc.
Administration Guide 56 VMware, Inc.
A A Time Zones This appendix lists ADM time zones as shown in Table A‐1. Table A-1. Time Zones for ADM VMware, Inc.
Administration Guide Table A-1.
B ADM API Tutorial B This appendix describes the ADM API and explains how to access and use it. Topics include: “API Features” on page 59 “Web Services API” on page 61 API Features The API of ADM allows clients to query its database and export parts of it by means of a web services API. The following cases are explained in the following sections: Writing the system status into an XML output file; “Insight_control” on page 59.
Administration Guide Sample Status Output 6.1.0-6013 09:20:15 up 7 days, 18 min, 1 user, load average: 1.36, 2.17, 1.71 Running Not Running (Purposely Stopped) Not Running (Purposely Stopped) Running Running Running Asynch API Operations in ADMʹs API are asynchronous.
Appendix B ADM API Tutorial Bulk API The Bulk API provides you with the possibility of querying the ADM with more sophisticated filters, and browsing the result set by means of pagination. The results are delivered in subsets (pages) of a predefined size and formatted in XML CIM. This API is intended for those cases where an application intends to browse on finely‐filtered segment of the ADMʹs data.
Administration Guide 62 VMware, Inc.
Index A U active_probe service 33 ADM architecture solutions 9 required time zones 57 restore 36 services 33 ADM API 59 adm_control.
Administration Guide 64 VMware, Inc.
