It is no secret that vRealize Operations loves applications. Whether you are looking for complete application to infrastructure monitoring or application discovery, vRealize Operations has many options. We understand the importance of applications to your business. Even the most pristine, highly optimized infrastructure does not mean much if it cannot serve the applications that your customers and users depend upon. Though, of course, vRealize Operations CAN help to optimize your infrastructure too!
For insights into the performance and key metrics of your applications, vRealize Operations offers a native Telegraf agent. Once deployed, the agent can collect data from many common applications such as Apache, IIS, Nginx, MS SQL, MySQL, Oracle DB, PostgreSQL, Active Directory, and more. And if your organization is already running Application Performance Management solutions such as Dynatrace, Datadog, New Relic, or AppDynamics then vRealize Operations Cloud can collect metrics from these existing solutions. Whether the responsibility of your organization’s applications rests on the shoulders of your team or another’s, you cannot afford to be blind to what’s happening inside your applications. Through these insights, you will be able to guarantee performance and availability SLA’s with greater confidence, troubleshoot faster with less back and forth between teams, and be proactive with dashboards, reports, and alerts.
See the power of APM integration in vRealize Operations Cloud
What if you are not quite there and just want to know where your applications reside? That is where native agent-less Service Discovery comes in. By knowing what services are running on your virtual machines, you will be able to troubleshoot more accurately, plan for disaster recovery and migrations better, and even provide greater detail to your configuration management database system. Additionally, this information can help you plan your Telegraf agent deployments and know what systems you want to collect logs from with vRealize Log Insight. vRealize Operations Service Discovery can also create application groups by analyzing dependencies between services across multiple virtual machines.
As an aside, I must quickly mention the improved integration with vRealize Network Insight. vRealize Network Insight has several ways of identifying groups of virtual machines that make up an application. Perhaps the simplest and most impressive method is by analyzing traffic flows between virtual machines. In the latest release of vRealize Operations 8.2 and vRealize Network Insight 6.0 we can now share these application constructs from Network Insight with vRealize Operations! This is yet another fantastic option if you are already using vRealize Network Insight. You can read more about this great new integration here.
Service Discovery can be enabled at the vCenter level with the click of a button and no agents are required. That is because vRealize Operations leverages VMware Tools to discover services. If you have ever configured Service Discovery, then chances are you had to provide credentials to do so. However, in the last two releases of vRealize Operations we have been able to shed the requirement for credentials. That’s right, we now offer credential-less service discovery! In vRealize Operations 8.1 we introduced support for credential-less service discovery for virtual machines running on vSphere 7 and in vRealize Operations 8.2 we are happy to include support for vSphere 6.7!
Chances are you are wondering how credential-less service discovery works and if it is secure. In VMware Tools 11.1.0 we introduced a new plugin which is responsible for collecting details on the services running within the Windows or Linux guest OS. Only after the plugin is enabled by vRealize Operations does it begin collecting information about the services running inside the guest every five minutes. The information collected by the service discovery plugin is stored in a database outside of the guest where it can be collected by vRealize Operations via private API’s.
To enable credential-less service discovery you need to first enable service discovery from within the vCenter cloud account. From there, you can enable credential-less service discovery under the advanced settings of the service discovery cloud account. Be sure to check out KB78216 for a complete list of requirements for credential-less service discovery.
Virtual machines that are using credential-less service discovery are identified under the authentication status column of the manage services page in vRealize Operations. Note that credential-based service discovery can still be used alongside credential-less. In fact, credential-based service discovery is used as a fallback if common credentials are provided. This means in cases where credential-less dependencies are not met, credential-based service discovery is used instead.
There are of course several benefits to running credential-less service discovery over credential-based. For one, you do not have to provide a set of common credentials or maintain individual account credentials for each virtual machine. This is especially helpful in environments where passwords are rotated frequently. By bringing the service discovery code directly inside VMware tools, we can execute the discovery much more efficiently as vRealize Operations does not have to authenticate with the VM every time it wants to poll for services.
Once services are discovered, you will see them as child objects of the VM. You can also enable service monitoring and collect important metrics such as the amount of CPU and memory consumed by the service plus how much disk I/O the service is generating. We can also collect the number of connections to and from the service, what ports that the service is listening on, version information, and more.
Service Discovery also includes some other features such as the ability to collect the top processes running on a virtual machine and the ability to remotely execute scripts. You can read more about these features here. How does credential-less impact these features? The short answer is that it does not. These features still require credentials. If credentials are not provided in the service discovery configuration within the vCenter cloud account, then vRealize Operations will prompt the user for credentials to use these features.
The service discovery plugin within VMware tools is an optional feature that is installed by default on Windows. For Linux systems running open-vm-tools, the service discovery plugin, open-vm-tools-sdmp is a separate package. Refer to the instructions on https://github.com/vmware/open-vm-tools for more.
Credential-less service discovery is available now in vRealize Operations and vRealize Operations Cloud. As always, we offer free trials for you to see for yourself all the things that vRealize Operations can do for you and your organization!
