Versions Compared

Old Version 1

changes.mady.by.user Support

Saved on

compared with

New Version Current

changes.mady.by.user Support

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Info

This section makes frequent use of data contained in the Technical Requirements.

All relevant sections of the Technical Requirements Data collection should be completed or known before commencing with the steps in this section.

Table of Contents

Create vCenter User

VSM requires a user account to be created on vCenter, in order to run API commands which collect the status of the virtual machines running on vCenter.

vCenter users can be created via one of two options:

  1. Local User Option
  2. Active Directory Option

Local User Option

Login to the vSphere web client. You will need administrative privileges to complete these operations.

From the home menu, click on Administration.

Image Added


In "Administration", click on "Users and Groups".

Image Added


Choose the correct domain from the domain list.

Note

You can not use 'localos' Domain to Add user.

Image Added


Click the "ADD USER" link.

Image Added


Fill in the required user details as per the table below.

Anchor
User_Group_Field
User_Group_Field

FieldDescriptionMandatory / Optional
UsernameEnter Username to be used with VSMMandatory
PasswordEnter PasswordMandatory
Confirm PasswordEnter Password againMandatory
First NameEnter User First NameOptional
Last NameEnter User Last NameOptional
EmailEnter User Email AddressOptional
DescriptionEnter Description for the userOptional

Image Added

Role Assignment

Navigate to Administration >> Global Permissions

Image Added


Click on the (plus) icon.

Image Added


Enter the username created earlier in User/Group field and select 'Read-Only' from the Role dropdown list, then click ok.

Image Added


Check that what you have entered is correct, if it is then click 'OK'.

Image Added


Make sure the user appears under User/Group with Role the "Read-only".

Image Added

Active Directory Option

There are two scenarios for Active Directory:

  1. The client uses Active Directory to create a user and assign permissions via group policy to vCenter Users.
    • If so, ask the Client to create a vCenter account with Read-Only access.
  2. The client uses Active Directory for vCenter user creation only, and not assigning permissions.
    • If so, ask the Client to create a vCenter account via Active Directory, then follow the steps detailed in the Role Assignment section to assign Read-Only permission to the User.

SNMP Configuration

Configure SNMP V1/V2

This consist of the following tasks

Configure SNMP Community String

This step can be skipped if you have Community String Configured

Access the appliance shell and log in as a user who has the administrator or super administrator role

The default user with super administrator role is root.


Run the snmp.set --communities command to configure an SNMP community

For example, to configure public, VSM communities, run the following command:


snmp.set --communities public,VSM


Note

Each time you specify a community with this command, the settings you specify overwrite the previous configuration.
To specify multiple communities, separate the community names with a comma.

Additional details can be found here

Configure the SNMP Agent to Send v1 or v2c Notifications

Access the appliance shell and log in as a user who has the administrator or super administrator role

The default user with super administrator role is root.

Make sure SNMP agent is enabled, if not enable it by running snmp.enable command

 Run the snmp.set --targets  target_address@port/community command to send SNMP Notifications to VSM.

Use the following for SNMP target Parameters

FieldDescription
target_addressEnter VSM Probe IP Address
PortEnter the SNMP Port, if no value is specified then the default port 161 will be used
communityEnter the Community String to be used 

For example, run the following command for configuring the targets 192.0.2.1 with community VSM

snmp.set --targets 192.0.2.1/VSM


Note

Each time you specify a target with this command, the settings you specify overwrite all previously specified settings. To specify multiple targets, separate them with a comma.

Run snmp.test command to send a test trap to VSM.

The agent sends a warmStart trap to the configured Agent

Configure SNMP V3

Follow the following Procedure to configure SNMP V3

Configure the SNMP Engine ID

Every SNMP v3 agent has an engine ID, which serves as a unique identifier for the agent. The engine ID is used with a hashing function to generate localized keys for authentication and encryption of SNMP v3 messages.

Info
If you do not specify an engine ID before you enable the SNMP agent, when you enable the standalone SNMP agent, an engine ID is generated.

Access the appliance shell and log in as a user who has the administrator or super administrator role.

The default user with super administrator role is root.

Run the snmp.set  --engineid command to configure the target

The following example shows the required command to configure ID, where ID is a hexadecimal string between 4 and 32 characters.

snmp.set --engineid 80001adc802417e202b8613f5400000000

Additional Details can be found here

Configure SNMP Authentication and Privacy Protocols

Access the appliance shell and log in as a user who has the administrator or super administrator role.

The default user with super administrator role is root.

To Configure authentication protocol run snmp.set  --authentication (Protocol) command

The protocol can be either none, SHA1 or MD5

The following example shows the required configuration to configure authentication protocol as SHA1

snmp.set --authentication  SHA1


To configure privacy protocol run snmp.set  --privacy  (Protocol) command

The protocol can be either none or AES128

The following Example showing the required configuration to configure privacy  protocol as AES128

snmp.set --privacy AES128

Additional Details can be found here

If you are using authentication or privacy, get the authentication and privacy hash values for the user by running snmp.hash --auth_hash --priv_hash

Configure SNMP V3 Users

Access the appliance shell and log in as a user who has the administrator or super administrator role.

The default user with super administrator role is root.

If you are using authentication or privacy, get the authentication and privacy hash values for the user by running snmp.hash --auth_hash 

The following example shows the required configuration to set up secret1 as the path to the file containing the user's authentication password and secret2 as the path to the file containing the user's privacy password

snmp.hash --auth_hash secret1--priv_hash secret2

Configure the user by running snmp.set --user (userid)/(authhash)/(privhash)/(security) command

Snmp.set  --user command parameters Table

ParameterDescription
useridEnter Username
authhashEnter authentication hash value if any
privhashEnter the privacy hash value if any
Security
  • Enter auth for authentication  only
  • Enter priv for authentication and privacy
  • Enter none for no authentication and privacy

Additional Details can be found here

Configure SNMP V3 Targets

Access the appliance shell and log in as a user who has the administrator or super administrator role.

The default user with super administrator role is root.

Run snmp.set --v3targets (hostname@port)/(userid)/(seclevel)/(trap)


snmp.set --v3targets command parameters Table

ParameterDescription
hostnameEnter VSM Probe IP Address
portEnter the port you want to use, if not specified the default 161 will be used
useridEnter SNMP v3 user name
secLevel
  • Enter none if you have not configured authentication and privacy protocol
  • Enter auth if you have configured authentication only
  • Enter priv if you have configured both authentication and privacy

Additional Details can be found here


Web Portal Configuration

Add vCenter

Log in to the VSM web portal using your credentials and password.

For the particular customer, select Service Desk > Equipment Locations. Right-click on the Equipment Location that will serve this vCenter and select 'Manage Equipment':

At the bottom of the 'Manage Equipment' page, click on the 'Add Equipment' button.

Select the Vendor 'VMWare' and the Product 'vCenter '.

Image Added

If you are adding more than one piece of the same equipment type, check the 'Add another' box at the bottom of the form and the bulk of the configuration will be carried over for the next item.


Web Portal - Add vCenter Field Description

FieldSetting
VendorVMware
ProductvCenter
Equipment Name

Friendly name

UsernameAPI Username@domainname
PasswordAPI Password
IP Address / Host NameIP Address or Hostname of the vCenter server
SiteFriendly name for the site (where this server is located)

Image Added


Include Page
EX:SNMP Excerpt
EX:SNMP Excerpt


Include Page
EX:Tagging Excerpt
EX:Tagging Excerpt


Include Page
EX:Network Connectivity Excerpt
EX:Network Connectivity Excerpt


Test Access

Once all fields populated Click on the Test Access button. This will test that VSM can connect to the vCenter using the settings you have entered:

Image Added

HTTPS and SNMP should return success, If not troubleshoot the configuration.

Once testing is successful click Add.