The vRealize Operations Tenant App for vCloud Director can be set up in two different ways, as a standalone App or as a plug-in for the vCloud Dirctor HTML5 UI. With this article I will show the basic steps and the components which need to be configured to get the plug-in for vCloud Director up and running.
This diagram provides an overview of the components of the vRealize Operations Manager Tenant App for vCloud Director as a plug-in:
vCloud Director – AMQP Broker
The AMQP Broker for a vCloud Director instance is a message broker based on RabbitMQ. As the VMware docs in the section Installing and Configuring a RabbitMQ AMQP Broker only points to the original RabbitMQ installation instructions I will provide the basic installation steps within this chapter.
RabbitMQ Guest OS
Update guest OS:
Install additional packages:
yum install open-vm-tools net-tools
The only dependency of RabbitMQ 3.6.3 is the Erlang package as a supported version. There are a few options to install this package in the Install Guide listed. I chose the zero dependency Erlang RPM package for running RabbitMQ.
yum install https://github.com/rabbitmq/erlang-rpm/releases/download/v20.2.2/erlang-20.2.2-1.el7.centos.x86_64.rpm
yum install https://dl.bintray.com/rabbitmq/all/rabbitmq-server/3.7.2/rabbitmq-server-3.7.2-1.el7.noarch.rpm
Enable and start RabbitMQ service:
systemctl enable rabbitmq-server.service systemctl start rabbitmq-server.service
Enable Management Plugin:
rabbitmq-plugins enable rabbitmq_management systemctl stop rabbitmq-server.service systemctl start rabbitmq-server.service
For this use case and setup it was not necessary to change anything from the default configuration parameters. But for further use cases I created the rabbitmq.conf example file with all the default configuration parameters as a template (file path: /etc/rabbitmq/rabbitmq.conf ).
More details about the configuration parameters can be found in the RabbitMQ Configuration Documentation.
Change guest user password:
rabbitmqctl change_password guest <A Secret>
Create new user (vcloud):
rabbitmqctl add_user vcloud <A Secret>
Set Administrator Tag für the new user:
rabbitmqctl set_user_tags vcloud administrator
Grant full access für the new user:
rabbitmqctl set_permissions -p / vcloud ".*" ".*" ".*"
After the next step you can also check (and manage) the permissions of the new user via the web based management interface.
firewall-cmd --zone=public --permanent --add-port=5672/tcp firewall-cmd --zone=public --permanent --add-port=15672/tcp firewall-cmd --reload
Now you should be able to connect to management interface (http://<RabbitMQ IP>:15672) and authenticate with the newly created user vcloud.
vCloud Director AMQP Broker Settings
As the RabbitMQ server setup is done, we are now able to add the AMQP Broker to the vCloud Director instance.
Since this is a test environment, I do not use SSL encryption. For a production setup it is highly recommended to use SSL!
vRealize Operations Manager vCloud Director Adapter
The data source for vRealize Operations Tenant App for vCloud Director is the vRealize Operations Management Pack for vCloud Director. Therefore, a properly configured vCloud Adapter version 4.5 or newer is one of the prerequirements of the Tenant App.
vRealize Operations Tenant App for vCloud Director – deployment
As you can see in the diagram at the beginning of the article, the Tenant App ships as a separate instance. The Tenant App itself is a PhotonOS appliance with a preconfigured docker image. The OVA can be downloaded from the VMware Solutions Exchange as part of the vCloud Director management pack for vRealize Operations Manager. The design as a separate Appliance with a small footprint makes it possible to realize secure publishing of the Operations Manager data.
All the AMQP settings must match the vCloud Director setup, but they will not be verified at these point.
After the first boot of the appliance the “Provider Site” should be available (https://<Tenant App IP>). The available login types are depending on the vRealize Operations Manager configuration.
With this interface the provider has a lightweight version of the vRealize Operations Manager specialized in vCloud Director Ops Metrics. A possible audience for this interface is the user help desk.
If the Provider Site is not available you can do some basic troubleshooting steps:
Is the Tenant App Docker container running?
If the uptime (STATE) of the container is resetting in a loop, there is maybe something wrong.
Any errors in the Docker log for the Docker container?
A possible issue is a failed connection to the AMQP Broker or a missing permission for the RabbitMQ user.
Is the connection to AMQP Broker established?
Is the extension registered in vCloud Director?
I have used the vcd-cli to verify the vrops-vcd extension (will be registered in the next step):
vcd system extension info vrops-vcd
Tenant App plug-in registration
If we would like to use the app only as standalone, we would be done at this point. But for the fully integrated experience with vCloud Director we still need to do the plug-in registration.
The appliance ships with the python script to get the plug-in registered into vCloud Director as a extension:
cd /opt/vmware/plugin/ python publish.py -H vcd.mycloudrevolution.com -u '[email protected]' -p 'admin password'
Tenant App user guides:
- User Guide: vROps for Tenant App for a Tenant Admin
- User Guide: vROps for Tenant App for a Service Provider
Access vRealize Operations Tenant App for vCloud Director
After the successful registration all tenants are able to see the Operations Manager plug-in in the vCloud Director HTML5 interface. To grant access to the Tenant App, the provider needs to create or import users for the individual tenants. Imported users are OpenLDAP or ActiveDirectory users that are available via the vRealize Operations Manager authentication source. These users do not need any permission in the vRealize Operations Manager itself.
Tenant App login:
Tenant App Org summary:
Tenant App vApp summary:
Tenant App all metrics:
If we check our browser sources list at the point where the plug-in is loaded in vCloud Director we can see how the plug-in work in vCloud Director- The Tenant App is a dedicated source. And that is the reason why we need an additional external URL and a valid SSL certificate for the Tenant App.
These diagram should visualize the access of the individual resources of the vRealize Operations Tenant App for vCloud Director in a production environment:
vRealize Operations Tenant App for vCloud Director API
As you were able to see in the extension details comes the plug-in with an additional API subset, but unfortunately I was not able to find any details about that API. If you have further details about the API and the future plans for please contact me via any channel.
These are my only findings regarding the API, a response which contains the vRealize Operations Tenant App URL: