VMware vRealize Operations Manager - 6.4 Deployment and Conﬁguration Guide

vRealize Operations Manager vApp

Deployment and Conﬁguration Guide

vRealize Operations Manager 6.4

vRealize Operations Manager vApp Deployment and Configuration Guide

You can ﬁnd the most up-to-date technical documentation on the VMware Web site at:

hps://docs.vmware.com/

The VMware Web site also provides the latest product updates.

If you have comments about this documentation, submit your feedback to:

docfeedback@vmware.com

VMware, Inc.

3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com

2 VMware, Inc.

About vApp Deployment and Conguration 5

Preparing for vRealize Operations Manager Installation 7

Complexity of Your Environment 7

vRealize Operations Manager Cluster Nodes 9

General vRealize Operations Manager Cluster Node Requirements 10

vRealize Operations Manager Cluster Node Networking Requirements 11

vRealize Operations Manager Cluster Node Best Practices 12

Using IPv6 with vRealize Operations Manager 13

Sizing the vRealize Operations Manager Cluster 14

Custom vRealize Operations Manager Certicates 14

Custom vRealize Operations Manager Certicate Requirements 15

Sample Contents of Custom vRealize Operations Manager Certicates 15

Verifying a Custom vRealize Operations Manager Certicate 17

Creating the vRealize Operations Manager Master Node 19

About the vRealize Operations Manager Master Node 19

Run the Setup Wizard to Create the Master Node 19

Scaling vRealize Operations Manager Out by Adding a Data Node 21

About vRealize Operations Manager Data Nodes 21

Run the Setup Wizard to Add a Data Node 21

VMware, Inc.

Adding High Availability to vRealize Operations Manager 23

About vRealize Operations Manager High Availability 23

Run the Setup Wizard to Add a Master Replica Node 24

Gathering More Data by Adding a vRealize Operations Manager Remote

Collector Node 27

About vRealize Operations Manager Remote Collector Nodes 27

Run the Setup Wizard to Create a Remote Collector Node 27

Continuing With a New vRealize Operations Manager Installation 29

About New vRealize Operations Manager Installations 29

Connecting vRealize Operations Manager to Data Sources 31

VMware vSphere Solution in vRealize Operations Manager 31

Add a vCenter Adapter Instance in vRealize Operations Manager 33

Congure User Access for Actions 34

vRealize Operations Manager vApp Deployment and Configuration Guide

Endpoint Operations Management Solution in vRealize Operations Manager 35

Endpoint Operations Management Agent Installation and Deployment 35

Roles and Privileges in vRealize Operations Manager 70

Registering Agents on Clusters 71

Manually Create Operating System Objects 71

Managing Objects with Missing Conguration Parameters 72

Mapping Virtual Machines to Operating Systems 73

Installing Optional Solutions in vRealize Operations Manager 73

Managing Solution Credentials 74

Managing Collector Groups 75

Migrate a vCenter Operations Manager Deployment into this Version 75

vRealize Operations Manager Post-Installation Considerations 77

About Logging In to vRealize Operations Manager 77

The Customer Experience Improvement Program 78

Join or Leave the Customer Experience Improvement Program for

vRealize Operations Manager 78

Updating Your Software 79

Obtain the Software Update PAK File 79

Create a Snapshot as Part of an Update 80

Install a Software Update 80

Index 83

4 VMware, Inc.

About vApp Deployment and Configuration

The vRealize Operations Manager vApp Deployment and Conguration Guide provides information about deploying the VMware® vRealize Operations Manager virtual appliance, including how to create and congure the vRealize Operations Manager cluster.

The vRealize Operations Manager installation process consists of deploying the vRealize Operations Manager virtual appliance once for each cluster node, and accessing the product to nish seing up the application.

Intended Audience

This information is intended for anyone who wants to install and congure vRealize Operations Manager by using a virtual appliance deployment. The information is wrien for experienced virtual machine administrators who are familiar with enterprise management applications and datacenter operations.

VMware Technical Publications Glossary

VMware Technical Publications provides a glossary of terms that might be unfamiliar to you. For denitions of terms as they are used in VMware technical documentation, go to

hp://www.vmware.com/support/pubs.

VMware, Inc.

vRealize Operations Manager vApp Deployment and Configuration Guide

6 VMware, Inc.

Preparing for vRealize Operations Manager

Installation 1

You prepare for vRealize Operations Manager installation by evaluating your environment and deploying enough vRealize Operations Manager cluster nodes to support how you want to use the product.

This chapter includes the following topics:

“Complexity of Your Environment,” on page 7

“vRealize Operations Manager Cluster Nodes,” on page 9

“Using IPv6 with vRealize Operations Manager,” on page 13

“Sizing the vRealize Operations Manager Cluster,” on page 14

“Custom vRealize Operations Manager Certicates,” on page 14

Complexity of Your Environment

When you deploy vRealize Operations Manager, the number and nature of the objects that you want to monitor might be complex enough to recommend a Professional Services engagement.

Complexity Levels

Every enterprise is dierent in terms of the systems that are present and the level of experience of deployment personnel. The following table presents a color-coded guide to help you determine where you are on the complexity scale.

Green

Your installation only includes conditions that most users can understand and work with, without assistance. Continue your deployment.

Yellow

Your installation includes conditions that might justify help with your deployment, depending on your level of experience. Consult your account representative before proceeding, and discuss using Professional Services.

Red

Your installation includes conditions that strongly recommend a Professional Services engagement. Consult your account representative before proceeding, and discuss using Professional Services.

Note that these color-coded levels are not rm rules. Your product experience, which increases as you work with vRealize Operations Manager and in partnership with Professional Services, must be taken into account when deploying vRealize Operations Manager.

VMware, Inc.

vRealize Operations Manager vApp Deployment and Configuration Guide

Table 1‑1. Effect of Deployment Conditions on Complexity

Current or New Deployment

Complexity Level

Green You run only one

Green Your deployment includes a

Yellow You run multiple instances of

Yellow Your deployment includes a

Yellow You are deploying

Yellow You are deploying a multiple-node

Yellow Your new

Yellow Your vRealize Operations Manager

Yellow You want help in understanding the

Condition Additional Notes

vRealize Operations Manager deployment.

management pack that is listed as Green according to the compatibility guide on the VMware Solutions

Exchange Web site.

vRealize Operations Manager.

management pack that is listed as Yellow according to the compatibility guide on the VMware Solutions

Exchange Web site.

vRealize Operations Manager remote collector nodes.

vRealize Operations Manager cluster.

vRealize Operations Manager instance will include a Linux or Windows based deployment.

instance will use high availability (HA).

new or changed features in vRealize Operations Manager and how to use them in your environment.

Lone instances are usually easy to create in vRealize Operations Manager.

The compatibility guide indicates whether the supported management pack for vRealize Operations Manager is a compatible 5.x one or a new one designed for this release. In some cases, both might work but produce dierent results. Regardless, users might need help in adjusting their conguration so that associated data, dashboards, alerts, and so on appear as expected.

Note that the terms solution, management pack, adapter, and plug-in are used somewhat interchangeably.

Multiple instances are typically used to address scaling or operator use

paerns.

Remote collector nodes gather data but leave the storage and processing of the data to the analytics cluster.

Multiple nodes are typically used for scaling out the monitoring capability of vRealize Operations Manager.

Linux and Windows deployments are not as common as vApp deployments and often need special consideration.

High availability and its node failover capability is a unique multiple-node feature that you might want additional help in understanding.

vRealize Operations Manager is dierent than vCenter Operations Manager in areas such as policies, alerts, compliance, custom reporting, or badges. In addition, vRealize Operations Manager uses one consolidated interface.

8 VMware, Inc.

Chapter 1 Preparing for vRealize Operations Manager Installation

Table 1‑1. Effect of Deployment Conditions on Complexity (Continued)

Current or New Deployment

Complexity Level

Red You run multiple instances of

Red Your deployment includes a

Red You are deploying multiple

Red Your current

Red Professional Services customized

Condition Additional Notes

vRealize Operations Manager, where at least one includes virtual desktop infrastructure (VDI).

management pack that is listed as Red according to the compatibility guide on the VMware Solutions

Exchange Web site.

vRealize Operations Manager clusters.

vRealize Operations Manager deployment required a Professional Services engagement to install it.

your vRealize Operations Manager deployment. Examples of customization include special integrations, scripting, nonstandard congurations, multiple level alerting, or custom reporting.

Multiple instances are typically used to address scaling, operator use paerns, or because separate VDI (V4V monitoring) and non-VDI instances are needed.

Multiple clusters are typically used to isolate business operations or functions.

If your environment was complex enough to justify a Professional Services engagement in the previous version, it is possible that the same conditions still apply and might warrant a similar engagement for this version.

vRealize Operations Manager Cluster Nodes

All vRealize Operations Manager clusters consist of a master node, an optional replica node for high availability, optional data nodes, and optional remote collector nodes.

When you install vRealize Operations Manager, you use a vRealize Operations Manager vApp deployment, Linux installer, or Windows installer to create role-less nodes. After the nodes are created and have their names and IP addresses, you use an administration interface to congure them according to their role.

You can create role-less nodes all at once or as needed. A common as-needed practice might be to add nodes to scale out vRealize Operations Manager to monitor an environment as the environment grows larger.

VMware, Inc. 9

vRealize Operations Manager vApp Deployment and Configuration Guide

The following node types make up the vRealize Operations Manager analytics cluster:

Master Node

The initial, required node in vRealize Operations Manager. All other nodes are managed by the master node.

In a single-node installation, the master node manages itself, has adapters installed on it, and performs all data collection and analysis.

Data Node

In larger deployments, additional data nodes have adapters installed and perform collection and analysis.

Larger deployments usually include adapters only on the data nodes so that master and replica node resources can be dedicated to cluster management.

Replica Node

To use vRealize Operations Manager high availability (HA), the cluster requires that you convert a data node into a replica of the master node.

The following node type is a member of the vRealize Operations Manager cluster but not part of the analytics cluster:

Remote Collector Node

Distributed deployments might require a remote collector node that can navigate rewalls, interface with a remote data source, reduce bandwidth across data centers, or reduce the load on the vRealize Operations Manager analytics cluster. Remote collectors only gather objects for the inventory, without storing data or performing analysis. In addition, remote collector nodes may be installed on a dierent operating system than the rest of the cluster.

General vRealize Operations Manager Cluster Node Requirements

When you create the cluster nodes that make up vRealize Operations Manager, you have general requirements that you must meet.

General Requirements

vRealize Operations Manager Version. All nodes must run the same vRealize Operations Manager

version.

For example, do not add a version 6.1 data node to a cluster of vRealize Operations Manager 6.2 nodes.

Analytics Cluster Deployment Type. In the analytics cluster, all nodes must be the same kind of

deployment: vApp, Linux, or Windows.

Do not mix vApp, Linux, and Windows nodes in the same analytics cluster.

Remote Collector Deployment Type. A remote collector node does not need to be the same deployment

type as the analytics cluster nodes.

When you add a remote collector of a dierent deployment type, the following combinations are supported:

vApp analytics cluster and Windows remote collector

Linux analytics cluster and Windows remote collector

Analytics Cluster Node Sizing. In the analytics cluster, CPU, memory, and disk size must be identical

for all nodes.

Master, replica, and data nodes must be uniform in sizing.

Remote Collector Node Sizing. Remote collector nodes may be of dierent sizes from each other or

from the uniform analytics cluster node size.

10 VMware, Inc.

Chapter 1 Preparing for vRealize Operations Manager Installation

Geographical Proximity. You may place analytics cluster nodes in dierent vSphere clusters, but the

nodes must reside in the same geographical location.

Dierent geographical locations are not supported.

Virtual Machine Maintenance. When any node is a virtual machine, you may only update the virtual

machine software by directly updating the vRealize Operations Manager software.

For example, going outside of vRealize Operations Manager to access vSphere to update VMware Tools is not supported.

Redundancy and Isolation. If you expect to enable HA, place analytics cluster nodes on separate hosts.

See “About vRealize Operations Manager High Availability,” on page 23.

Requirements for Solutions

Be aware that solutions might have requirements beyond those for vRealize Operations Manager itself. For example, vRealize Operations Manager for Horizon View has specic sizing guidelines for its remote collectors.

See your solution documentation, and verify any additional requirements before installing solutions. Note that the terms solution, management pack, adapter, and plug-in are used somewhat interchangeably.

vRealize Operations Manager Cluster Node Networking Requirements

When you create the cluster nodes that make up vRealize Operations Manager, the associated setup within your network environment is critical to inter-node communication and proper operation.

Networking Requirements

I vRealize Operations Manager analytics cluster nodes need frequent communication with one another. In general, your underlying vSphere architecture might create conditions where some vSphere actions aect that communication. Examples include, but are not limited to, vMotions, storage vMotions, HA events, and DRS events.

The master and replica nodes must be use static IP address, or fully qualied domain name (FQDN)

with a static IP address.

Data and remote collector nodes can use dynamic host control protocol (DHCP).

You can successfully reverse-DNS all nodes, including remote collectors, to their FQDN, currently the

node hostname.

Nodes deployed by OVF have their hostnames set to the retrieved FQDN by default.

All nodes, including remote collectors, must be bidirectionally routable by IP address or FQDN.

Do not separate analytics cluster nodes with network address translation (NAT), load balancer, rewall,

or a proxy that inhibits bidirectional communication by IP address or FQDN

Analytics cluster nodes must not have the same hostname.

Place analytics cluster nodes within the same data center and connect them to the same local area

network (LAN).

Place analytics cluster nodes on same Layer 2 network and IP subnet.

A stretched Layer 2 or routed Layer 3 network is not supported.

Do not span the Layer 2 network across sites, which might create network partitions or network

performance issues.

One-way latency between the analytics cluster nodes must be 5 ms or lower.

VMware, Inc. 11

vRealize Operations Manager vApp Deployment and Configuration Guide

Network bandwidth between the analytics cluster nodes must be one gbps or higher.

Do not distribute analytics cluster nodes over a wide area network (WAN).

To collect data from a WAN, a remote or separate data center, or a dierent geographic location, use remote collectors.

Remote collectors are supported through a routed network but not through NAT.

Do not include an underscore in the hostname of any cluster node.

vRealize Operations Manager Cluster Node Best Practices

When you create the cluster nodes that make up vRealize Operations Manager, additional best practices improve performance and reliability in vRealize Operations Manager.

Best Practices

Deploy vRealize Operations Manager analytics cluster nodes in the same vSphere cluster in a single

datacenter and add only one node at a time to a cluster allowing it to complete before adding another node.

If you deploy analytics cluster nodes in a highly consolidated vSphere cluster, you might need resource

reservations for optimal performance.

Determine whether the virtual to physical CPU ratio is aecting performance by reviewing CPU ready time and co-stop.

Deploy analytics cluster nodes on the same type of storage tier.

To continue to meet analytics cluster node size and performance requirements, apply storage DRS anti-

anity rules so that nodes are on separate datastores.

To prevent unintentional migration of nodes, set storage DRS to manual.

To ensure balanced performance from analytics cluster nodes, use ESXi hosts with the same processor

frequencies. Mixed frequencies and physical core counts might aect analytics cluster performance.

To avoid a performance decrease, vRealize Operations Manager analytics cluster nodes need

guaranteed resources when running at scale. The vRealize Operations Manager Knowledge Base includes sizing spreadsheets that calculate resources based on the number of objects and metrics that you expect to monitor, use of HA, and so on. When sizing, it is beer to over-allocate than underallocate resources.

See Knowledge Base article 2093783.

Because nodes might change roles, avoid machine names such as Master, Data, Replica, and so on.

Examples of changed roles might include making a data node into a replica for HA, or having a replica take over the master node role.

12 VMware, Inc.

Chapter 1 Preparing for vRealize Operations Manager Installation

The NUMA placement is removed in the vRealize Operations Manager 6.3 and later. Procedures related

to NUMA seings from the OVA le follow:

Table 1‑2. NUMA Setting

Action Description

Set the vRealize Operations Manager cluster status to

oine

Remove the NUMA seing 1 From the Conguration Parameters, remove the

1 Shut down the vRealize Operations Manager cluster.

2 Right-click the cluster and click Edit  >

Options > Advanced General.

3 Click  Parameters. In the vSphere

Client, repeat these steps for each VM.

seing numa.vcpu.preferHT and click OK.

2 Click OK.

3 Repeat these steps for all the VMs in the vRealize

Operations cluster.

4 Power on the cluster.

N To ensure the availability of adequate resources and continued product performance, monitor vRealize Operations performance by checking its CPU usage, CPU ready and CPU contention time.

Using IPv6 with vRealize Operations Manager

vRealize Operations Manager supports Internet Protocol version 6 (IPv6), the network addressing convention that will eventually replace IPv4. Use of IPv6 with vRealize Operations Manager requires that certain limitations be observed.

Using IPv6

All vRealize Operations Manager cluster nodes, including remote collectors, must have IPv6 addresses.

Do not mix IPv6 and IPv4.

All vRealize Operations Manager cluster nodes, including remote collectors, must be vApp or Linux

based. vRealize Operations Manager for Windows does not support IPv6.

Use global IPv6 addresses only. Link-local addresses are not supported.

If any nodes use DHCP, your DHCP server must be congured to support IPv6.

DHCP is only supported on data nodes and remote collectors. Master nodes and replica nodes still

require xed addresses, which is true for IPv4 as well.

Your DNS server must be congured to support IPv6.

When adding nodes to the cluster, remember to enter the IPv6 address of the master node.

When registering a VMware vCenter® instance within vRealize Operations Manager, place square

brackets around the IPv6 address of your VMware vCenter Server® system if vCenter is also using IPv6.

For example: [2015:0db8:85a3:0042:1000:8a2e:0360:7334]

Note that, even when vRealize Operations Manager is using IPv6, vCenter Server may still have an IPv4 address. In that case, vRealize Operations Manager does not need the square brackets.

You cannot register an Endpoint Operations Management agent in an environment that supports both

IPv4 and IPv6. In the event that you aempt to do so, the following error appears:

Connection failed. Server may be down (or wrong IP/port were used). Waiting for 10 seconds

before retrying.

VMware, Inc. 13

vRealize Operations Manager vApp Deployment and Configuration Guide

Sizing the vRealize Operations Manager Cluster

The resources needed for vRealize Operations Manager depend on how large of an environment you expect to monitor and analyze, how many metrics you plan to collect, and how long you need to store the data.

It is dicult to broadly predict the CPU, memory, and disk requirements that will meet the needs of a particular environment. There are many variables, such as the number and type of objects collected, which includes the number and type of adapters installed, the presence of HA, the duration of data retention, and the quantity of specic data points of interest, such as symptoms, changes, and so on.

VMware expects vRealize Operations Manager sizing information to evolve, and maintains Knowledge Base articles so that sizing calculations can be adjusted to adapt to usage data and changes in versions of vRealize Operations Manager.

Knowledge Base article 2093783

The Knowledge Base articles include overall maximums, plus spreadsheet calculators in which you enter the number of objects and metrics that you expect to monitor. To obtain the numbers, some users take the following high-level approach, which uses vRealize Operations Manager itself.

1 Review this guide to understand how to deploy and congure a vRealize Operations Manager node.

2 Deploy a temporary vRealize Operations Manager node.

3 Congure one or more adapters, and allow the temporary node to collect overnight.

4 Access the Cluster Management page on the temporary node.

5 Using the Adapter Instances list in the lower portion of the display as a reference, enter object and

metric totals of the dierent adapter types into the appropriate sizing spreadsheet from Knowledge

Base article 2093783.

6 Deploy the vRealize Operations Manager cluster based on the spreadsheet sizing recommendation. You

can build the cluster by adding resources and data nodes to the temporary node or by starting over.

If you have a large number of adapters, you might need to reset and repeat the process on the temporary node until you have all the totals you need. The temporary node will not have enough capacity to simultaneously run every connection from a large enterprise.

Another approach to sizing is through self monitoring. Deploy the cluster based on your best estimate, but create an alert for when capacity falls below a threshold, one that allows enough time to add nodes or disk to the cluster. You also have the option to create an email notication when thresholds are passed.

Custom vRealize Operations Manager Certificates

By default, vRealize Operations Manager includes its own authentication certicates. The default certicates cause the browser to display a warning when you connect to the vRealize Operations Manager user interface.

Your site security policies might require that you use another certicate, or you might want to avoid the warnings caused by the default certicates. In either case, vRealize Operations Manager supports the use of your own custom certicate. You can upload your custom certicate during initial master node conguration or later.

14 VMware, Inc.

Chapter 1 Preparing for vRealize Operations Manager Installation

Custom vRealize Operations Manager Certificate Requirements

A certicate used with vRealize Operations Manager must conform to certain requirements. Using a custom certicate is optional and does not aect vRealize Operations Manager features.

Requirements for Custom Certificates

Custom vRealize Operations Manager certicates must meet the following requirements.

The certicate le must include the terminal (leaf) server certicate, a private key, and all issuing

certicates if the certicate is signed by a chain of other certicates.

In the le, the leaf certicate must be rst in the order of certicates. After the leaf certicate, the order

does not maer.

In the le, all certicates and the private key must be in PEM format. vRealize Operations Manager

does not support certicates in PFX, PKCS12, PKCS7, or other formats.

In the le, all certicates and the private key must be PEM-encoded. vRealize Operations Manager does

not support DER-encoded certicates or private keys.

PEM-encoding is base-64 ASCII and contains legible BEGIN and END markers, while DER is a binary format. Also, le extension might not match encoding. For example, a generic .cer extension might be used with PEM or DER. To verify encoding format, examine a certicate le using a text editor.

The le extension must be .pem.

The private key must be generated by the RSA or DSA algorithm.

The private key must not be encrypted by a pass phrase if you use the master node conguration

wizard or the administration interface to upload the certicate.

The REST API in this vRealize Operations Manager release supports private keys that are encrypted by

a pass phrase. Contact VMware Technical Support for details.

The vRealize Operations Manager Web server on all nodes will have the same certicate le, so it must

be valid for all nodes. One way to make the certicate valid for multiple addresses is with multiple Subject Alternative Name (SAN) entries.

SHA1 certicates creates browser compatibility issues. Therefore, ensure that all certicates that are

created and being uploaded to vRealize Operations Manager are signed using SHA2 or newer.

The vRealize Operations Manager supports custom security certicates with key length up to 8192 bits.

An error is displayed when you try to upload a security certicate generated with a stronger key length beyond 8192 bits.

Sample Contents of Custom vRealize Operations Manager Certificates

For troubleshooting purposes, you can open a custom certicate le in a text editor and inspect its contents.

PEM Format Certificate Files

A typical PEM format certicate le resembles the following sample.

-----BEGIN CERTIFICATE-----

MIIF1DCCBLygAwIBAgIKFYXYUwAAAAAAGTANBgkqhkiG9w0BAQ0FADBhMRMwEQYK

CZImiZPyLGQBGRYDY29tMRUwEwYKCZImiZPyLGQBGRYFdm13Y3MxGDAWBgoJkiaJ

<snip>

vKStQJNr7z2+pTy92M6FgJz3y+daL+9ddbaMNp9fVXjHBoDLGGaLOvyD+KJ8+xba

aGJfGf9ELXM=

-----END CERTIFICATE-----

-----BEGIN RSA PRIVATE KEY-----

VMware, Inc. 15

vRealize Operations Manager vApp Deployment and Configuration Guide

MIIEowIBAAKCAQEA4l5ffX694riI1RmdRLJwL6sOWa+Wf70HRoLtx21kZzbXbUQN

mQhTRiidJ3Ro2gRbj/btSsI+OMUzotz5VRT/yeyoTC5l2uJEapld45RroUDHQwWJ

<snip>

DAN9hQus3832xMkAuVP/jt76dHDYyviyIYbmxzMalX7LZy1MCQVg4hCH0vLsHtLh

M1rOAsz62Eht/iB61AsVCCiN3gLrX7MKsYdxZcRVruGXSIh33ynA

-----END RSA PRIVATE KEY-----

-----BEGIN CERTIFICATE-----

MIIDnTCCAoWgAwIBAgIQY+j29InmdYNCs2cK1H4kPzANBgkqhkiG9w0BAQ0FADBh

MRMwEQYKCZImiZPyLGQBGRYDY29tMRUwEwYKCZImiZPyLGQBGRYFdm13Y3MxGDAW

<snip>

ukzUuqX7wEhc+QgJWgl41mWZBZ09gfsA9XuXBL0k17IpVHpEgwwrjQz8X68m4I99

dD5Pflf/nLRJvR9jwXl62yk=

-----END CERTIFICATE-----

Private Keys

Private keys can appear in dierent formats but are enclosed with clear BEGIN and END markers.

Valid PEM sections begin with one of the following markers.

-----BEGIN RSA PRIVATE KEY-----

-----BEGIN PRIVATE KEY-----

Encrypted private keys begin with the following marker.

-----BEGIN ENCRYPTED PRIVATE KEY-----

Bag Attributes

Microsoft certicate tools sometimes add Bag Aributes sections to certicate les. vRealize Operations Manager safely ignores content outside of BEGIN and END markers, including Bag Aributes sections.

Bag Attributes

Microsoft Local Key set: <No Values>

localKeyID: 01 00 00 00

Microsoft CSP Name: Microsoft RSA SChannel Cryptographic Provider

friendlyName: le-WebServer-8dea65d4-c331-40f4-aa0b-205c3c323f62

Key Attributes

X509v3 Key Usage: 10

-----BEGIN PRIVATE KEY-----

MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAKHqyfc+qcQK4yxJ

om3PuB8dYZm34Qlt81GAAnBPYe3B4Q/0ba6PV8GtWG2svIpcl/eflwGHgTU3zJxR

gkKh7I3K5tGESn81ipyKTkPbYebh+aBMqPKrNNUEKlr0M9sa3WSc0o3350tCc1ew

5ZkNYZ4BRUVYWm0HogeGhOthRn2fAgMBAAECgYABhPmGN3FSZKPDG6HJlARvTlBH

KAGVnBGHd0MOmMAbghFBnBKXa8LwD1dgGBng1oOakEXTftkIjdB+uwkU5P4aRrO7

vGujUtRyRCU/4fjLBDuxQL/KpQfruAQaof9uWUwh5W9fEeW3g26fzVL8AFZnbXS0

7Z0AL1H3LNcLd5rpOQJBANnI7vFu06bFxVF+kq6ZOJFMx7x3K4VGxgg+PfFEBEPS

UJ2LuDH5/Rc63BaxFzM/q3B3Jhehvgw61mMyxU7QSSUCQQC+VDuW3XEWJjSiU6KD

gEGpCyJ5SBePbLSukljpGidKkDNlkLgbWVytCVkTAmuoAz33kMWfqIiNcqQbUgVV

UnpzAkB7d0CPO0deSsy8kMdTmKXLKf4qSF0x55epYK/5MZhBYuA1ENrR6mmjW8ke

TDNc6IGm9sVvrFBz2n9kKYpWThrJAkEAk5R69DtW0cbkLy5MqEzOHQauP36gDi1L

WMXPvUfzSYTQ5aM2rrY2/1FtSSkqUwfYh9sw8eDbqVpIV4rc6dDfcwJBALiiDPT0

tz86wySJNeOiUkQm36iXVF8AckPKT9TrbC3Ho7nC8OzL7gEllETa4Zc86Z3wpcGF

BHhEDMHaihyuVgI=

-----END PRIVATE KEY-----

Bag Attributes

localKeyID: 01 00 00 00

16 VMware, Inc.

Chapter 1 Preparing for vRealize Operations Manager Installation

1.3.6.1.4.1.311.17.3.92: 00 04 00 00

1.3.6.1.4.1.311.17.3.20: 7F 95 38 07 CB 0C 99 DD 41 23 26 15 8B E8

D8 4B 0A C8 7D 93

friendlyName: cos-oc-vcops

1.3.6.1.4.1.311.17.3.71: 43 00 4F 00 53 00 2D 00 4F 00 43 00 2D 00

56 00 43 00 4D 00 35 00 37 00 31 00 2E 00 76 00 6D 00 77 00 61 00

72 00 65 00 2E 00 63 00 6F 00 6D 00 00 00

1.3.6.1.4.1.311.17.3.87: 00 00 00 00 00 00 00 00 02 00 00 00 20 00

00 00 02 00 00 00 6C 00 64 00 61 00 70 00 3A 00 00 00 7B 00 41 00

45 00 35 00 44 00 44 00 33 00 44 00 30 00 2D 00 36 00 45 00 37 00

30 00 2D 00 34 00 42 00 44 00 42 00 2D 00 39 00 43 00 34 00 31 00

2D 00 31 00 43 00 34 00 41 00 38 00 44 00 43 00 42 00 30 00 38 00

42 00 46 00 7D 00 00 00 70 00 61 00 2D 00 61 00 64 00 63 00 33 00

2E 00 76 00 6D 00 77 00 61 00 72 00 65 00 2E 00 63 00 6F 00 6D 00

5C 00 56 00 4D 00 77 00 61 00 72 00 65 00 20 00 43 00 41 00 00 00

31 00 32 00 33 00 33 00 30 00 00 00

subject=/CN=cos-oc-vcops.eng.vmware.com

issuer=/DC=com/DC=vmware/CN=VMware CA

-----BEGIN CERTIFICATE-----

MIIFWTCCBEGgAwIBAgIKSJGT5gACAAAwKjANBgkqhkiG9w0BAQUFADBBMRMwEQYK

CZImiZPyLGQBGRYDY29tMRYwFAYKCZImiZPyLGQBGRYGdm13YXJlMRIwEAYDVQQD

EwlWTXdhcmUgQ0EwHhcNMTQwMjA1MTg1OTM2WhcNMTYwMjA1MTg1OTM2WjAmMSQw

Verifying a Custom vRealize Operations Manager Certificate

When you upload a custom certicate le, the vRealize Operations Manager interface displays summary information for all certicates in the le.

For a valid custom certicate le, you should be able to match issuer to subject, issuer to subject, back to a self-signed certicate where the issuer and subject are the same.

In the following example, OU=MBU,O=VMware\, Inc.,CN=vc-ops-slice-32 is issued by OU=MBU,O=VMware\,

Inc.,CN=vc-ops-intermediate-32, which is issued by OU=MBU,O=VMware\, Inc.,CN=vc-ops-clusterca_33717ac0-ad81-4a15-ac4e-e1806f0d3f84, which is issued by itself.

Thumbprint: 80:C4:84:B9:11:5B:9F:70:9F:54:99:9E:71:46:69:D3:67:31:2B:9C

Issuer Distinguished Name: OU=MBU,O=VMware\, Inc.,CN=vc-ops-intermediate-32

Subject Distinguished Name: OU=MBU,O=VMware\, Inc.,CN=vc-ops-slice-32

Subject Alternate Name:

PublicKey Algorithm: RSA

Valid From: 2015-05-07T16:25:24.000Z

Valid To: 2020-05-06T16:25:24.000Z

Thumbprint: 72:FE:95:F2:90:7C:86:24:D9:4E:12:EC:FB:10:38:7A:DA:EC:00:3A

Issuer Distinguished Name: OU=MBU,O=VMware\, Inc.,CN=vc-ops-cluster-ca_33717ac0-ad81-4a15-ac4e-

e1806f0d3f84

Subject Distinguished Name: OU=MBU,O=VMware\, Inc.,CN=vc-ops-intermediate-32

Subject Alternate Name: localhost,127.0.0.1

PublicKey Algorithm: RSA

Valid From: 2015-05-07T16:25:19.000Z

Valid To: 2020-05-06T16:25:19.000Z

Thumbprint: FA:AD:FD:91:AD:E4:F1:00:EC:4A:D4:73:81:DB:B2:D1:20:35:DB:F2

Issuer Distinguished Name: OU=MBU,O=VMware\, Inc.,CN=vc-ops-cluster-ca_33717ac0-ad81-4a15-ac4e-

e1806f0d3f84

Subject Distinguished Name: OU=MBU,O=VMware\, Inc.,CN=vc-ops-cluster-ca_33717ac0-ad81-4a15-ac4e-

e1806f0d3f84

VMware, Inc. 17

vRealize Operations Manager vApp Deployment and Configuration Guide

Subject Alternate Name: localhost,127.0.0.1

PublicKey Algorithm: RSA

Valid From: 2015-05-07T16:24:45.000Z

Valid To: 2020-05-06T16:24:45.000Z

18 VMware, Inc.

Creating the vRealize Operations Manager Master

Node 2

All vRealize Operations Manager installations require a master node.

This chapter includes the following topics:

“About the vRealize Operations Manager Master Node,” on page 19

“Run the Setup Wizard to Create the Master Node,” on page 19

About the vRealize Operations Manager Master Node

The master node is the required, initial node in your vRealize Operations Manager cluster.

In single-node clusters, administration and data are on the same master node. A multiple-node cluster includes one master node and one or more data nodes. In addition, there might be remote collector nodes, and there might be one replica node used for high availability.

The master node performs administration for the cluster and must be online before you congure any new nodes. In addition, the master node must be online before other nodes are brought online. If the master node and replica node go oine together, bring them back online separately. Bring the master node completely online rst, and then bring the replica node online. For example, if the entire cluster were oine for any reason, you would bring the master node online rst.

Creating the Master Node (hp://link.brightcove.com/services/player/bcpid2296383276001?

bctid=ref:video_vrops_create_master_node)

Run the Setup Wizard to Create the Master Node

All vRealize Operations Manager installations require a master node. With a single node cluster, administration and data functions are on the same master node. A multiple-node vRealize Operations Manager cluster contains one master node and one or more nodes for handling additional data.

Prerequisites

After it is deployed, note the fully qualied domain name (FQDN) or IP address of the node.

If you plan to use a custom authentication certicate, verify that your certicate le meets the

requirements for vRealize Operations Manager. See “Custom vRealize Operations Manager

Certicates,” on page 14.

Procedure

1 Navigate to the name or IP address of the node that will be the master node of

vRealize Operations Manager.

The setup wizard appears, and you do not need to log in to vRealize Operations Manager.

VMware, Inc.

vRealize Operations Manager vApp Deployment and Configuration Guide

2 Click New Installation.

3 Click Next.

4 Enter and conrm a password for the admin user account, and click Next.

Passwords require a minimum of 8 characters, one uppercase leer, one lowercase leer, one digit, and one special character.

The user account name is admin by default and cannot be changed.

5 Select whether to use the certicate included with vRealize Operations Manager or to install one of your

own.

a To use your own certicate, click Browse, locate the certicate le, and click Open to load the le in

the Certicate Information text box.

b Review the information detected from your certicate to verify that it meets the requirements for

vRealize Operations Manager.

6 Click Next.

7 Enter a name for the master node.

For example: Ops-Master

8 Enter the URL or IP address for the Network Time Protocol (NTP) server with which the cluster will

synchronize.

For example: time.nist.gov

9 Click Add.

Leave the NTP blank to have vRealize Operations Manager manage its own synchronization by having all nodes synchronize with the master node and replica node.

10 Click Next, and click Finish.

The administration interface appears, and it takes a moment for vRealize Operations Manager to nish adding the master node.

What to do next

After creating the master node, you have the following options.

Create and add data nodes to the unstarted cluster.

Create and add remote collector nodes to the unstarted cluster.

Click Start vRealize Operations Manager to start the single-node cluster, and log in to nish

conguring the product.

The cluster might take from 10 to 30 minutes to start, depending on the size of your cluster and nodes. Do not make changes or perform any actions on cluster nodes while the cluster is starting.

20 VMware, Inc.

Scaling vRealize Operations Manager

Out by Adding a Data Node 3

You can deploy and congure additional nodes so that vRealize Operations Manager can support larger environments.

This chapter includes the following topics:

“About vRealize Operations Manager Data Nodes,” on page 21

“Run the Setup Wizard to Add a Data Node,” on page 21

About vRealize Operations Manager Data Nodes

Data nodes are the additional cluster nodes that allow you to scale out vRealize Operations Manager to monitor larger environments.

A data node always shares the load of performing vRealize Operations Manager analysis and might also have a solution adapter installed to perform collection and data storage from the environment. You must have a master node before you add data nodes.

You can dynamically scale out vRealize Operations Manager by adding data nodes without stopping the vRealize Operations Manager cluster. When you scale out the cluster by 25% or more, you should restart the cluster to allow vRealize Operations Manager to update its storage size, and you might notice a decrease in performance until you restart. A maintenance interval provides a good opportunity to restart the vRealize Operations Manager cluster.

In addition, the product administration options include an option to re-balance the cluster, which can be done without restarting. Rebalancing adjusts the vRealize Operations Manager workload across the cluster nodes.

N Do not shut down online cluster nodes externally or by using any means other than the vRealize Operations Manager interface. Shut down a node externally only after taking it oine in the vRealize Operations Manager interface.

Creating a Data Node (hp://link.brightcove.com/services/player/bcpid2296383276001?

bctid=ref:video_vrops_create_data_node)

Run the Setup Wizard to Add a Data Node

Larger environments with multiple-node vRealize Operations Manager clusters contain one master node and one or more data nodes for additional data collection, storage, processing, and analysis.

Prerequisites

Create and congure the master node.

VMware, Inc.

vRealize Operations Manager vApp Deployment and Configuration Guide

Note the fully qualied domain name (FQDN) or IP address of the master node.

Procedure

1 In a Web browser, navigate to the name or IP address of the node that will become the data node.

The setup wizard appears, and you do not need to log in to vRealize Operations Manager.

2 Click Expand an Existing Installation.

3 Click Next.

4 Enter a name for the node (for example, Data-1).

5 From the Node Type drop-down, select Data.

6 Enter the FQDN or IP address of the master node and click Validate.

7 Select Accept this  and click Next.

If necessary, locate the certicate on the master node and verify the thumbprint.

8 Verify the vRealize Operations Manager administrator username of admin.

9 Enter the vRealize Operations Manager administrator password.

Alternatively, instead of a password, type a pass-phrase that you were given by your vRealize Operations Manager administrator.

10 Click Next, and click Finish.

The administration interface appears, and it takes a moment for vRealize Operations Manager to nish adding the data node.

What to do next

After creating a data node, you have the following options.

New, unstarted clusters:

Create and add more data nodes.

Create and add remote collector nodes.

Create a high availability master replica node.

Click Start vRealize Operations Manager to start the cluster, and log in to nish conguring the

product.

The cluster might take from 10 to 30 minutes to start, depending on the size of your cluster and nodes. Do not make changes or perform any actions on cluster nodes while the cluster is starting.

Established, running clusters:

Create and add more data nodes.

Create and add remote collector nodes.

Create a high availability master replica node, which requires a cluster restart.

22 VMware, Inc.

Adding High Availability to

vRealize Operations Manager 4

You can dedicate one vRealize Operations Manager cluster node to serve as a replica node for the vRealize Operations Manager master node.

This chapter includes the following topics:

“About vRealize Operations Manager High Availability,” on page 23

“Run the Setup Wizard to Add a Master Replica Node,” on page 24

About vRealize Operations Manager High Availability

vRealize Operations Manager supports high availability (HA). HA creates a replica for the vRealize Operations Manager master node and protects the analytics cluster against the loss of a node.

With HA, data stored on the master node is always 100% backed up on the replica node. To enable HA, you must have at least one data node deployed, in addition to the master node.

HA is not a disaster recovery mechanism. HA protects the analytics cluster against the loss of only one

node, and because only one loss is supported, you cannot stretch nodes across vSphere clusters in an aempt to isolate nodes or build failure zones.

When HA is enabled, the replica can take over all functions that the master provides, were the master to

fail for any reason. If the master fails, failover to the replica is automatic and requires only two to three minutes of vRealize Operations Manager downtime to resume operations and restart data collection.

When a master node problem causes failover, the replica node becomes the master node, and the cluster runs in degraded mode. To get out of degraded mode, take one of the following steps.

Return to HA mode by correcting the problem with the master node. When a master node exits an

HA-enabled cluster, master node does not rejoin with the cluster without manual intervention. Therefore, restart the vRealize Operations Analytics process on the downed node to change its role to replica and rejoin the cluster.

Return to HA mode by converting a data node into a new replica node and then removing the old,

failed master node. Removed master nodes cannot be repaired and re-added to vRealize Operations Manager.

Change to non-HA operation by disabling HA and then removing the old, failed master node.

Removed master nodes cannot be repaired and re-added to vRealize Operations Manager.

In the administration interface, after an HA replica node takes over and becomes the new master node,

you cannot remove the previous, oine master node from the cluster. In addition, the previous node continues to be listed as a master node. To refresh the display and enable removal of the node, refresh the browser.

VMware, Inc.

vRealize Operations Manager vApp Deployment and Configuration Guide

When HA is enabled, the cluster can survive the loss of one data node without losing any data.

However, HA protects against the loss of only one node at a time, of any kind, so simultaneously losing data and master/replica nodes, or two or more data nodes, is not supported. Instead, vRealize Operations Manager HA provides additional application level data protection to ensure application level availability.

When HA is enabled, it lowers vRealize Operations Manager capacity and processing by half, because

HA creates a redundant copy of data throughout the cluster, as well as the replica backup of the master node. Consider your potential use of HA when planning the number and size of your vRealize Operations Manager cluster nodes. See “Sizing the vRealize Operations Manager Cluster,” on page 14.

When HA is enabled, deploy analytics cluster nodes on separate hosts for redundancy and isolation.

One option is to use anti-anity rules that keep nodes on specic hosts in the vSphere cluster.

If you cannot keep the nodes separate, you should not enable HA. A host fault would cause the loss of more than one node, which is not supported, and all of vRealize Operations Manager would become unavailable.

The opposite is also true. Without HA, you could keep nodes on the same host, and it would not make a dierence. Without HA, the loss of even one node would make all of vRealize Operations Manager unavailable.

When you power o the data node and change the network seings of the VM, this aects the IP

address of the data node. After this point, the HA cluster is no longer accessible and all the nodes have a status of "Waiting for analytics". Verify that you have used a static IP address.

When you remove a node that has one or more vCenter adapters congured to collect data from a HA-

enabled cluster, one or more vCenter adapters associated with that node stops collecting. You change the adapter conguration to pin them to another node before removing the node.

Administration UI shows the resource cache count, which is created for active objects only, but the

Inventory Explorer displays all objects. Therefore, when you remove a node from a HA-enabled cluster allowing the vCenter adapters collect data and rebalance each node, the Inventory explorer displays a dierent quantity of objects from that shown in the Administration UI.

Creating a Replica Node for High Availability (hp://link.brightcove.com/services/player/bcpid2296383276001?

bctid=ref:video_vrops_create_replica_node_ha)

Run the Setup Wizard to Add a Master Replica Node

You can convert a vRealize Operations Manager data node to a replica of the master node, which adds high availability (HA) for vRealize Operations Manager.

N If the cluster is running, enabling HA restarts the cluster.

If you convert a data node that is already in use for data collection and analysis, adapters and data connections that were provided through that data node fail over to other data nodes.

You may add HA to the vRealize Operations Manager cluster at installation time or after vRealize Operations Manager is up and running. Adding HA at installation is less intrusive because the cluster has not yet started.

Prerequisites

Create and congure the master node.

Create and congure a data node with a static IP address.

Note the fully qualied domain name (FQDN) or IP address of the master node.

24 VMware, Inc.

Chapter 4 Adding High Availability to vRealize Operations Manager

Procedure

1 In a Web browser, navigate to the master node administration interface.

https://master-node-name-or-ip-address/admin

2 Enter the vRealize Operations Manager administrator username of admin.

3 Enter the vRealize Operations Manager administrator password and click Log In.

4 Under High Availability, click Enable.

5 Select a data node to serve as the replica for the master node.

6 Select the Enable High Availability for this cluster option, and click OK.

If the cluster was online, the administration interface displays progress as vRealize Operations Manager congures, synchronizes, and rebalances the cluster for HA.

7 If the master node and replica node go oine, and the master remains oine for any reason while the

replica goes online, the replica node does not take over the master role, take the entire cluster oine, including data nodes and log in to the replica node command line console as a root.

8 Open $ALIVE_BASE/persistence/persistence.properties in a text editor.

9 Locate and set the following properties:

db.role=MASTER

db.driver=/data/vcops/xdb/vcops.bootstrap

10 Save and close persistence.properties.

11 In the administration interface, bring the replica node online, and verify that it becomes the master

node and bring the remaining cluster nodes online.

What to do next

After creating a master replica node, you have the following options.

New, unstarted clusters:

Create and add data nodes.

Create and add remote collector nodes.

Click Start vRealize Operations Manager to start the cluster, and log in to nish conguring the

product.

The cluster might take from 10 to 30 minutes to start, depending on the size of your cluster and nodes. Do not make changes or perform any actions on cluster nodes while the cluster is starting.

Established, running clusters:

Create and add data nodes.

Create and add remote collector nodes.

VMware, Inc. 25

vRealize Operations Manager vApp Deployment and Configuration Guide

26 VMware, Inc.

+ 60 hidden pages