By Carl Olafson
For those not familiar with vRealize Operations Manager (vROps), it delivers critical capacity management and performance monitoring capabilities. This provides a level of insight into your infrastructure that no business running on vSphere should function without. If you are going to perform a proof-of-concept, pilot or deploy vROps, the first question that needs to be addressed is “What platform to implement?”
vROps v6.x provides the ability to deploy on Linux or Windows, or use the appliance. vROps users are welcome to install any of the three flavors, and they are all functionally equivalent. The Windows and Linux deployments allow customers with concerns regarding the appliance to install on a Windows/Linux OS that meets specific requirements mandated by their company or an over-riding compliance agency. The remainder of this article is to educate folks on some common myths I’ve heard about the appliance.
Myth #1: The appliance is a general-purpose OS.
Although the vROps virtual appliance is built on a customized ‘VMware edition’ of SUSE enterprise Linux, this platform is not a general-purpose operating system, and it does not support the installation of third-party software. The vROps configuration disables unnecessary services, uses special host firewall and network interfaces, and removes local accounts except for the application’s administrators. VMware pre-hardens the vROps virtual appliance using the applicable guidelines of the UNIX SRG STIG (http://www.stigviewer.com/stig/unix_srg/2013-03-26/). Customers do not install software within the vROps virtual appliance other than updates obtained from VMware. There is no general-purpose interface to the Linux operating system. Even the ssh interface, reserved for administrators, is disabled by default. And vROps users cannot install software from the application’s web interface.
Myth #2: The appliance needs antivirus like any other general-purpose OS.
Antivirus software is not required with vROps, and VMware does not support the use of such software. Customers may ensure the integrity of software they install into vROps by downloading the software only from the HTTPS-protected VMware site (https://my.vmware.com). The installation kits (OVFs) published there are signed, and the integrity and signatures are checked by vSphere during the installation process. When updates are necessary, VMware publishes the necessary PAK files to the same download site. In the case of security updates, VMware announces updates as part of its security advisory process (https://www.vmware.com/security/advisories) and necessary patches are also placed as PAKs at the secure download site. Antivirus and malware detection are needed to mitigate risks when a user or process loads programs from untrusted sources on general-purpose computing platforms.
Myth #3: The vROps appliance does not support the same capacity as the installable versions.
There is some confusion caused by the differences between vCOps v5.x and vROps v6.x. In vCOps v5.x, the installable version was just the Analytics Engine and did not include the CapacityIQ component. The installable version did support a much larger environment, but lacked Capacity (CapacityIQ) modeling. As of vROps v6.0, the appliance and installable Linux/Windows platforms are equivalent in terms of functionality and capacity. All three platforms can support up to 64,000 objects including vCenters, clusters, hosts, virtual machines, etc. This is more than a 5X improvement from version 5.8, when the vApp had a 12,000-object limit.
The purpose of this article is not to dissuade you from installing a general purpose OS and the vROps application on that general-purpose OS. The goal is to clear up any confusion that might exist regarding the appliance, so accounts can make an informed decision on platform implementation. I recently had a conversation with an account that is a “pure” Windows shop with no appliances and no Linux OSs. They consider it a liability to have a Linux-based appliance or general-purpose Linux OS in their environment. For them, the Windows OS/vROps application installation makes perfect sense.
Carl Olafson is a VMware Technical Account Manager based out of California.
