Application Discovery Manager Administration Guide

vCenter Application Discovery Manager 6.1

This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions of this document, see http://www.vmware.com/support/pubs.

EN-000451-00

Application Discovery Manager Administration Guide

You can find the most up-to-date technical documentation on the VMware Web site at: http://www.vmware.com/support/ The VMware Web site also provides the latest product updates. If you have comments about this documentation, submit your feedback to: docfeedback@vmware.com

Copyright 2010 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.

VMware, Inc. 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com

VMware, Inc.

Contents

AboutThisBook

1 Overview 9
SystemArchitecture 9 SingleboxAppliance 11 DistributedApplianceSolutions 11 VirtualandPhysicalApplianceSolutions 12 VirtualApplianceDeployment 12 PhysicalApplianceDeployment 13 MirroredNetworkTraffic 13 vCollector 13 MixedEnvironment 13 WhereToGoNext 14 InstallationofNeworAdditionalADMComponents 14 Licenses 14 UpgradingADM 14 MigratingtoaNewAppliance 14 Security 14

2 InstallingADM 15
ADMInstallationRequirements 15 InstallationPersonnel 15 ESXResources 15 InstallingthevSphereClient 16 DisablingvMotion 16 PreparingtheEnvironment 16 PreparinganESXConfiguration 16 CreatingaNewvSwitchforPassiveDiscovery 17 ConfiguringthevSwitchGeneralSettingsforPassiveDiscovery 17 ConfiguringthevSwitchforPassiveCollector 17 ConfiguringdvSwitchforPassiveCollector 18 DeployingtheVirtualAppliances 18 DeployingtheADMVirtualAppliances 18 BeforeYouBegin 19 DeploymentProcedure 19 InstallingWindowsCollector 20 BeforeYouBegin 20 Deployment 20 Uninstall 21

3 SettingUpADM 23
Process 23 OrderofSetup 23 ADMSetupProcedures 23 LaunchingtheFirstBootConfigurationTool 24

VMware, Inc.

Administration Guide

ConfiguringtheRootPassword 24 UsernameandPasswords 24 ConfiguringStaticNetworkSettings 25 ConfiguringtheTimezoneandTime 25 ConfiguringtheApplianceRole 26 PostInstallationSteps 27 LoggingIntotheADMConsole 27 InitiatingPassiveDiscovery 27

4 SecuringADM 29
ChangingtheRootPassword 29 ResettingtheADMRootPassword 29 OpenSSLSelfSignedTestCertificates 30 CASignedTestCertificates 30 SelfSignedCertificates 30 Copyingthe.keyand.crtFiles 31

5 Maintenance 33
ADMServices 33 ManagingServiceswithadm_control 34 ProductSupportPackages 34 UsingtheADMConsole 35 UsingtheCLI 35 RestoringanADMEnvironmentbyUsingaProductSupportPackage RestoretheADMDatabase 36 RestoringtheCustomDiscoveryandConfigurationFiles 37 ReconfiguringanADMDeployment 38 AddingaRemoteDatabasetoanExistingADMDeployment 38 ConvertingaSingleboxorAggregatortoaRemoteDatabase 38 MovingaDatabasetoaRemoteAppliance 39 Licenses 39 UploadingaLicense 40

36

6 UpgradingADM 41
Overview 41 ApplianceType 41 MixedEnvironments 41 Licenses 41 ApplianceMigration 41 BackingUpData 41 UpgradingAppliances 42 ImportantNotes 42 PreliminaryProcedures 42 UpgradingAppliancesUsingCLI 42 PostUpgradeSteps 43

7 MigratingtoaNewAppliance 45
Overview 45 SupportedMigration 45 Licenses 45 SystemArchitecture 45 Process 46

VMware, Inc.

Contents

PreliminaryProcedures 46 BackingUpWinApeMigrationFiles 46 RestoringWinApeMigrationFiles 47 DataRestoration 47 SingleboxSolution 47 DistributedSolutions 47 Collectors 47 WinApe 47 Aggregator 47 DistributedSolutionwithRemoteDatabase 48 Collectors 48 WinApe 48 Database 48 Aggregator 48 PostMigrationSteps 48

8 TroubleshootingADM 49
TroubleshootingtheADMbyUsingtheProductSupportPackage 49 DetailDiscoveryTroubleshooting 49 WMI 49 single.sh 49 Location 50 Usage 50 Examples: 51 snmpdump 52 Location 52 Usage 52 Examples 53 nlcapture 53 Location 53 Usage 53

9 UninstallingADM 55
UninstallingtheADMAppliance 55

A TimeZones 57 B ADMAPITutorial 59
APIFeatures 59 Insight_control 59 AsynchAPI 60 DumpAPI 60 BulkAPI 61 WebServicesAPI 61

Index 63

VMware, Inc.

Administration Guide

VMware, Inc.

About This Book

TheVMwarevCenterApplicationDiscoveryManager(ADM)AdministrationGuideprovidesinformation thattheadministratorsarerequiredtoinstallandconfiguretheADM.

Intended Audience
ThisdocumentispartoftheVMwarevCenterApplicationDiscoveryManagerdocumentationset,andis intendedforusebysystemadministratorsandintegratorsresponsibleforinstallingADM. TheinstallationproceduresinthisdocumentmustbeperformedbyITprofessionalsfamiliarwith virtualizationandVMwaretechnologiessuchasVMwareESXserversandrelatedvirtualandphysical equipment.

VMware Technical Publications Glossary

VMwareTechnicalPublicationsprovidesaglossaryoftermsthatmightbeunfamiliartoyou.Fordefinitions oftermsastheyareusedinVMwaretechnicaldocumentationgotohttp://www.vmware.com/support/pubs.

Document Feedback
VMwarewelcomesyoursuggestionsforimprovingourdocumentation.Ifyouhavecomments,sendyour feedbacktodocfeedback@vmware.com.

Technical Support and Education Resources

Thefollowingsectionsdescribethetechnicalsupportresourcesavailabletoyou.Toaccessthecurrentversion ofthisbookandotherbooks,gotohttp://www.vmware.com/support/pubs.

Online and Telephone Support

Touseonlinesupporttosubmittechnicalsupportrequests,viewyourproductandcontractinformation,and registeryourproducts,gotohttp://www.vmware.com/support. Customerswithappropriatesupportcontractsshouldusetelephonesupportforthefastestresponseon priority1issues.Gotohttp://www.vmware.com/support/phone_support.

Support Offerings
TofindouthowVMwaresupportofferingscanhelpmeetyourbusinessneeds,goto http://www.vmware.com/support/services.

VMware, Inc.

Administration Guide

VMware Professional Services

VMwareEducationServicescoursesofferextensivehandsonlabs,casestudyexamples,andcoursematerials designedtobeusedasonthejobreferencetools.Coursesareavailableonsite,intheclassroom,andlive online.Foronsitepilotprograms andimplementationbestpractices,VMwareConsultingServicesprovides offeringsto helpyouassess,plan,build,andmanageyourvirtualenvironment.Toaccessinformationabout educationclasses,certificationprograms,andconsultingservices,gotohttp://www.vmware.com/services.

VMware, Inc.

Overview

ThischapterdescribesthedifferentVMwarevCenterApplicationDiscoveryManager(ADM)architecture solutionsandconfiguration.Topicsinclude:

SystemArchitectureonpage 9 VirtualandPhysicalApplianceSolutionsonpage 12 vCollectoronpage 13 MixedEnvironmentonpage 13 WhereToGoNextonpage 14

System Architecture
TheADMprovidessystemarchitecturesolutionstomeettherequirementsofdifferentenvironmentsas showninFigure 11. Figure 1-1. ADM Components
Passive Discovery

Database

Aggregator

Active Discovery-Unix

Active Discovery-Windows

VMwareprovidesADMononeormoreappliances.Themodeoftheappliancedetermineswhichcomponent isrunning.ADMcomponentsaredescribedinTable 11. Table 1-1. ADM Components

Component ActiveDiscovery UNIX Description Collectsdatafromtheconfigurationobjectsinyourdatacenter.Thefollowingdiscoverytypesapply:

IPdiscoveryAmethodfordetectinghostsorotherconfigurationitemswithaspecificIPaddress whenPassiveDiscoveryfailstodiscoverthem. DetaildiscoveryExtendstheinformationobtainedusingPassiveandIPDiscovery.Itusescommon networkprotocolstoremotelyqueryserversinthemanagednetworkandobtainssupplementary informationaboutnetworkhostswhichisaddedtothedatabase.

ActiveDiscovery Windows

AdiscoveryenginethatusesWMIbaseddiscoverypoliciesforperformingactivediscoveryonWindows machines.

VMware, Inc.

Administration Guide

Table 1-1. ADM Components

Component PassiveDiscovery Description Passivelyobservesthenetworktrafficbyperformingadeeppacketanalysistodiscoverapplicationsand componentrelationshipsinphysicalandvirtualenvironments. Italsoallowsyouto:

Mapdependencies. Counttheactivityofthesedependencies. Identifyservices.

Aggregator

Receivesdatafromthediscoverycomponentsandreconcilesthedatabeforetransferringittothedatabase component.TheaggregatoralsoprovidestheuserinterfaceforusingADMandistheintegrationpointfor variousintegrations,forexample,ERDB. AnOracleRDBMSusedforstoringdiscovereddataandADMconfiguration.

Database

10

VMware, Inc.

Chapter 1 Overview

Single-box Appliance
Inasingleboxappliancesolutionarchitecture,theADMcomponentsareenabledonasingleVirtual Appliance(VA)asshowninFigure 12. Figure 1-2. Single-box Appliance Architecture
ESX1 vSwitch

ADM VM2 Role=Windows collector (running Win2008 on any ESX) Active DiscoveryWindows

ADM VM1 Role = single-box Aggregator

Database

Active DiscoveryUnix Passive Discovery

Physical switch 1

Physical switch 2

Runs on (Virtualization) Logical monitoring port connectivity ADM Connectivity

Chapter 3providestheconfigurationinstructions.

Distributed Appliance Solutions

ThedistributedappliancesolutionhasatleastonedesignatedapplianceenabledasaCollector,andanother applianceenabledasanAggregatorandDatabaseasshowninFigure 13.

VMware, Inc.

11

Administration Guide

Figure 1-3. Distributed Appliance Solution

ESX2 vSwitch ADM VM4 Role = Passive collector ESX3 vSwitch ADM VM4 Role = Collector Active DiscoveryUnix Passive Discovery Passive Discovery ESX1 vSwitch

ADM VM3 Role = collector Active DiscoveryUnix Passive Discovery

ADM VM1 Role = Aggregator Aggregator

Database

ESX4 vSwitch ADM VM6 Role = Windows Collector (running Win2008 on any ESX) Active DiscoveryWindows Runs on (Virtualization) Logical monitoring port connectivity ADM Connectivity

Physical switch 1

Physical switch 2

NOTEInaDistributedwithremotedatabasesetup,thereisadesignatedappliancetohostthedatabase.Also, PassiveandDetailDiscoverycanrunonsingleormultipleCollectors.

Virtual and Physical Appliance Solutions

YoucansetupADMeither:

OnyourESXorESXiserversasdescribedinVirtualApplianceDeploymentonpage 12 OnexistingIBMphysicalappliances,onlyupgradingissupportedasdescribedinUpgradingADMon page 14.

Virtual Appliance Deployment

ADMversion6.1isdeliveredasVA,whichisavirtualmachineimagethatincludesanoperatingsystemand therelevantADMsoftwarecomponentsinstalledonit.AVAcanrunoneormultipleADMcomponents dependingontheapplianceroleselected. DeployingavirtualmachinetemplateinanOpenVirtualizationFormat(OVF)ontotheESXorESXiserver createsanADMVirtualAppliance.Afterdeployment,poweruptheVAandthenconfigurethestandard appliancesettings,network,anduserinformation. DownloadthefollowingartifactsfromtheVMwareWebsite:
http://downloads.vmware.com/Application Discovery Manager

CoreADMTemplateAnOVFtemplatethatincludesallADMcomponentsexceptfortheWindows CollectorandyoucanconfigureasAggregator,Aggregatorwithremotedatabase,Database,or Singlebox.

12

VMware, Inc.

Chapter 1 Overview

CollectorADMTemplateAsmallerOVFtemplatethatincludesthePassiveCollectorandActiveand PassiveCollectorandyoucanconfigureaspassiveandactivediscoveryCollectorandPassiveDiscovery Collector. WindowsCollectorInstallerAnexecutablefilethatinstallstheWindowsCollectorcomponentontop oftheWindows2008R2operatingsystems.

Physical Appliance Deployment

ADMsupportstheupgradingofexistingIBMsingleboxandDistributedsolutions(includingthosethatuse aremotedatabase).

Mirrored Network Traffic

Themethodinwhichtheapplianceperformspassivediscoveryisbyanalyzingmirroredtrafficfromaswitch orrouter.Networkdevicesthathavetheabilitytoconfigureamirroredport(sometimescalledasaSwitched PortAnalyzer,spanportormonitorport)canforwardacopyofallthenetworktrafficfromall(orselected) portstooneormoremirroredports.Typically,eachnetworkdevicehasallitsportsmirroredtooneport.These mirroredportsarethenconnecteddirectlytooneofthenetworkinterfacesontheESXserver. IMPORTANTConsultITprofessionalsofyourorganizationtoensurethattheappropriateswitchesorrouters thatcontainsthenetworktrafficisusedforDiscoveryareconfiguredproperlyforportmirroringandare accessibletotheADMappliance. Performoneofthefollowingstepsifyouhavetoconnectmultiplemonitorports:

Connectthemonitorportstoanaggregateswitch(ASwitch),whichisalsoconfiguredwithamonitor port.PlugthemirroredportoftheASwitchintotheESXservernetworkinterface. ContactyourVMwareSalesRepresentativeifyourequireanASwitch.

AddfewmorenetworkinterfacestoESXserver. InstallanotherADMPassiveCollectoronadifferentESXserver.

NOTETheADMPassiveCollectorcanworkwithmaximumofthreemonitorports.Ifyouhavetoconnect morethanthreemonitorports,youmustaddanotherADMPassiveCollector.

vCollector
TheADMusesavirtualcollector(vCollector)tolistentocommunicationbetweenvirtualmachinesthatrun onthesameVMwareESXServer.AvCollectorispresentinsideavirtualmachineanditslistenercollectsthe informationaboutthevirtualmachinesdeployedontheESXServer.BydeployingavCollector,theADMis abletopassivelydiscoverdependenciesinavirtualizedenvironment.Youcanthenviewinformationabout thevirtualmachinesthataredeployedonthesameESXServerincluding:

Dependencymapsbetweenvirtualmachines. Activitycountsofthedependencies. Servicesrunningonthevirtualmachines. Additionalinformationthatisofferedbythelistener.

Mixed Environment
TheADM6.1releaseintroducesADMasavirtualappliance,butitalsosupportsupgradingfrom6.0ona physicalIBMappliances.Youcanupgradeyourphysicalenvironmentwithadditionalvirtual6.1appliances likemixedenvironment.ThisadditionalvirtualappliancecanplayaroleofPassiveCollectors(vCollectors) oranadditionalPassiveandActiveCollectors.

VMware, Inc.

13

Administration Guide

NOTEAllADMappliancesthatparticipateinmixedenvironemntmodemustrunthesame6.1versionofthe ADM.

Where To Go Next
Thissectionprovideslinksthatcontainsmoreinformationonthetopicslisted.

Installation of New or Additional ADM Components

ContinuebyconfiguringinitialappliancesettingsasdescribedinChapter 2.

Licenses
YouneedanewlicensetouseADMafterupgradingormigrating.ObtainthelicensefromyourVMwareSales representative.Formoreinformation,seeLicensesonpage 39.

Upgrading ADM
ContinuewithupgradeproceduresasdescribedinChapter 6.

Migrating to a New Appliance

ContinuewithmigrationproceduresasdescribedinChapter 7.

Security
FormoreinformationonADMsecurity,seeChapter 4..

14

VMware, Inc.

Installing ADM

ThischapterdescribesinstallationanddeploymentoftheADM.Topicsinclude:

ADMInstallationRequirementsonpage 15 DisablingvMotiononpage 16 PreparingtheEnvironmentonpage 16 DeployingtheVirtualAppliancesonpage 18 InstallingWindowsCollectoronpage 20

ADM Installation Requirements

ADMisanappliancethatcanruninaVMwareinfrastructure.Thissectioncontainsrequirementsthatmust bemetbeforeyouinstallandusetheADMappliance.

Installation Personnel
TheinstallationproceduresinthisdocumentmustbeperformedbyITprofessionalsfamiliarwith virtualizationandVMwaretechnologiessuchasESXserversandrelatedvirtualandphysicalequipment.

ESX Resources
TousetheADMappliance,youmustinstalltheADMapplianceonaVMwareESXserverversion3.5orlater. ConfigurethevirtualmachineonyourESXserveraccordingtothedeploymentmodelwithresourcesas describedinTable 21. Table 2-1. Virtual Appliance Deployments
ADM Virtual Appliance (VA) Singlebox Aggregator+DB Aggregator Database PassiveCollector LinuxActive+PassiveCollector WindowsActiveDiscovery Collector Memory (GB) 4 4 3 3 2 4 2 Number of vCPUs 4 4 2 2 1 2 1 NICs 4 1 1 1 4 4 1 Disk (GB) 80 80 80 80 8 8 20 OVF Template Core Core Core Core Collector Collector Windows2008R2 Standard

NOTEVMwaredoesnotprovideOVFtemplateforlocalwindowsmachinethathoststheWinApe.

VMware, Inc.

15

Administration Guide

Installing the vSphere Client

InstallthevSphereclienttoworkwithVMwareenvironment. To download and install the vSphere Client 1 LaunchInternetExplorerbrowser. NOTEADMsupportsWindowsInternetExplorer6.0andlaterbrowsers. 2 Intheaddressbar,typetheIPnumberoftheESXServerwherethevirtualmachineisinstalled,for example: https://<ESX Server IP> 3 4 5 6 7 8 9 ClicktheDownloadvSphereClientlink,andthenSavetheclientexecutablefiletoyourlocalharddisk. Runtheexecutablefile. AcceptthelicenseandclickNext. Typetheusernameandorganizationdetailsiftheydonotappearbydefault.ClickNext. Atthenextscreen,clickNextwithoutselectingInstallvSphereHostUpdateUtility. Ifdifferentfromthedefault,specifytheinstallationfolder,andthenclickNext. ClickInstall. NOTEThevSphereclientinstallationcantakeseveralminutes. 10 ClickFinishtoclosethewizard.

Disabling vMotion
IMPORTANTADMvirtualappliancesarenotsupportedbyvMotion.IftheADMvirtualapplianceisinstalled onaVMwareDRScluster,performthefollowingstepstodisableautomaticvMotion. To disable automatic vMotion 1 2 3 4 5 InthevSphereclient,selectthecluster,rightclickonitandselectEditSettings. IntheVMwareDRSsection,selectVirtualMachineOptions. SelecttheADMvirtualappliances. SelectDisablefromtheAutomationLevellistbox. ClickOK.

Preparing the Environment

PerformthefollowingproceduresbeforeyousetuptheADM.

Preparing an ESX Configuration

CreateandconfigureanewvSwitchforeachphysicalspanport.Repeatthefollowingproceduresforeachnew vSwitch.

16

VMware, Inc.

Chapter 2 Installing ADM

Creating a New vSwitch for Passive Discovery

To create a new vSwitch for Passive Discovery 1 2 3 4 5 6 7 8 9 ConnectthemonitorportstoavailablenetworkinterfacesontheESXserver. ConnecttotheESXserverorvCenterbyusingvSphereclient. NavigatetotheConfigurationtabontheESXserverwhereyouwanttodeployADMappliances. Navigatetothenetworkingconfigurationoption. ClickAddNetworkingtoopentheAddnetworkwizard. SelectconnectiontypeasVirtualMachine,andclickNext. SelectthevmnicthatisconnectedtothemonitorportonthephysicalswitchandclickNext. Specifyanetworklabel,forexample,spanport,forthenewportgroupandclickNext. ClickFinish.

Configuring the vSwitch General Settings for Passive Discovery

To configure the vSwitch general settings for Passive Discovery 1 2 3 4 5 6 OpenthenewvSwitchPropertieswindow. SelectthevSwitchandclickEdit. NavigatetotheSecuritytabandchangethePromiscuousModefromRejecttoAcceptandclickOK. Clickthenetworkadapterstab,selecttherelevantvmnicandclickEdit. ChangetheConfiguredSpeed,Duplexto10MB,FullDuplex. ClickOKandthenClose.

Configuring the vSwitch for Passive Collector

Connect the Passive Collector to a port group. To define a port group 1 CreateaportgroupinthevSwitchasfollows: a b c LogintotheESXServerorvCenterusingvCenterClient.TheVirtualInfrastructureClientscreen appears. ClicktheConfigurationtab. SelectNetworkingfromtheHardwarelist. IMPORTANTPerformthefollowingstepstoconnecttovSwitchesthatspantheinternaltraffic betweenvirtualmachinesrunningontheESXServer. d e f g h 2 Fromtheprecedingscreen,selectProperties. SelectPortsandclickAdd. SelectVirtualMachineandclickNext. SettheNetworkLabel,forexample,ADMspanportandclickNext. Verifythattheportgroupislisted,andclickFinish.

ChangethePromiscuousModetoAccept.ThisvalueissettoRejectbydefault. a b c Selecttheportgroupthatyoucreated;forexample,ADMspanport. ClickEditandselectSecuritytab. SelectPromiscuousMode,andthenselectAcceptfromthelistbox.

VMware, Inc.

17

Administration Guide

ClickOKandthenClose.

Configuring dvSwitch for Passive Collector

IfavirtualmachineisdirectlyconnectedtothenetworkandnotthroughthevSwitch,thephysicalCollector observesthetraffic,whilethevSwitchdoesnot.ThisistermedasVMDirectPath.

SoftwarebasedCiscoNexusswitchesaresupported. ThisprocedureisrelevantonlyforvSphere4andnotforESX3.5.

To create a port group in the dvSwitch 1 2 3 4 5

.

LogintothevCenterserverwithvCenterclient. ClickConfigurationandthenselectNetworkingfromtheInventorytab. SelectDistributedvSwitch. OntheConfigurationtab,selectNewPortGroup. ConfiguresupportforallVLANsbyenteringthedetailsontheCreateDistributedVirtualPortGroup windowasshowninTable 22. Table 2-2. VLAN Support
Parameter Name Numberofports VLANtype VLANID Value Specified Anameforportgroup(ADMspanport).ThenamemustbesameasinvSwitchprocedure. OneforeachESXindatacenter VLANTrunking 04094

6 7 8 9 10

ClickNexttofinishandreturntothedvSwitchNetworkConfigurationscreen. SelecttheADMspanportgroupandclickProperties. ClicktheSecuritytabontheADMspanportPropertieswindow. SelectPromiscuousMode,andthenselectAcceptfromthelistbox. ClickOKandthenClose.

Deploying the Virtual Appliances

TheADMvirtualappliancecontainsandrunsoneormoreofthefollowingcomponents:

Aggregator Database ActiveDiscoveryUNIX PassiveDiscovery

SystemArchitectureonpage 9describestheappliancearchitecture. PerformthefollowingproceduresbyusingaWindowsmachinewithremoteaccesstotheESXserver.

Deploying the ADM Virtual Appliances

VirtualappliancesareinstalledontheESXserveraccordingtheconfigurationsinTable 23.

18

VMware, Inc.

Chapter 2 Installing ADM

Table 2-3. Virtual Appliance Configuration

Appliance Type Aggregator OVF Template ADMCore Includes Component(s) Aggregator Database Singlebox ADMCore Aggregator Database PassiveDiscovery UNIXActiveDiscovery Database Aggregatorwithremote database PassiveDiscoveryCollector PassiveandActive DiscoveryCollector ADMCore ADMCore ADMCollector ADMCollector Database Aggregator PassiveDiscovery UNIXActiveandPassiveDiscovery

NOTEInstallaseparateWindowsCollectorusinganinstallationwizardasdescribedin InstallingWindowsCollectoronpage 20. IMPORTANTPerformanceofADMCollectorsisaffectedbydistanceandnetworklatencybetweenthe Collectorsandobjectsbeingdiscovered.Formoreinformation,seeVMwarevCenterApplicationDiscovery ManagerPeformanceandScalabilityGuide.

Before You Begin

EnsureallrequirementsaremetasdescribedinESXResourcesonpage 15. NOTEYoucandeployADMcomponentsinanyorderorevensimultaneouslybyusingthevSphereclient.

Deployment Procedure
RepeatthefollowingstepsoneachADMvirtualappliance,excepttheWindowsCollectorthatisinstalled separatelyasdescribedinInstallingWindowsCollectoronpage 20: 1 DownloadtheADMvirtualappliancefilesfromVMwareWebsiteandextractthefilestoalocalfolder. TheextractedZipfilesincludeanOVFandaVMDKfile. TheVAfilesareinZipformatwiththefollowingnamingconvention:
OVF Template-build number

where: OVFTemplateisasdescribedinTable 23. buildnumberistheADMversionandbuildnumber. IMPORTANTEnsurethatthebuildnumberisidenticalforallappliancesdeployed. 2 LogintotheESXserverbyusingthevSphereclient. NOTEIfanSSLCertificateWarningmessageappears,clickIgnore. 3 4 5 IntheFilemenu,selectDeployOVFTemplate.BrowsetotheOVFfileandselectit. ClickNext.TheOVFTemplateDetailsscreenappears. ClickNext.TheNameandLocationscreenappears.

VMware, Inc.

19

Administration Guide

6 7

TypeauniquevirtualappliancenameaccordingtotheITnamingconventionofyourorganizationand withrelevancetotheappliancetypeasdescribedinTable 23. ClickNext.TheDatastorescreenappears. NOTEIfthereismorethanonedatastore,selectthedatastorewhereyouwanttoinstallthevirtual machine.

8 9

ClickNext.TheNetworkMappingscreenappears. ClickNext.TheReadytoCompletescreenappears.ItdisplaysdetailsabouttheOVFfile,sizefor downloadandsizewhenextracted,virtualappliancename,hostorcluster,datastoreandnetwork mapping. ClickFinishtoconfirmthesettingsandbeginthedeployment. NOTETheprocessofcopyingandconfiguringtheADMcomponentcantakeseveralminutes.The deploymentandconfigurationstatusappearsinamessagedialogboxandtheRecentTaskspane.

10

11 12

ClickCloseinthemessagedialogboxwhendeploymentsuccessfullycompletes. Repeatthisprocedureuntilallcomponentsaredeployed,andthencontinuewithInstallingWindows Collectoronpage 20.

Installing Windows Collector

Before You Begin
EnsurethattheWindowsmachineonwhichtheCollectorisbeinginstalledmeetstheminimumrequirements asdescribedinESXResourcesonpage 15.

Deployment
To deploy Windows Collector on a Windows machine 1 2 DownloadtheVMwarevCenterADMWindowsCollectorexecutablefilefromVMwareWebsitetoyour localWindowsmachine. Doubleclicktheexecutablefile. NOTEIfawarningappearsaboutanunknownpublisher,clickRuntoproceed. TheInstallShieldWizardscreenappears. 3 ClickNext.TheLicenseAgreementscreenappears. NOTEUsethescrollbartoviewallofthelicensetext.Ifyoudonotwanttoacceptthelicense,youwill bepromptedtoconfirmthisbeforetheinstallationprogramcloses. 4 Readthelicense,selectIacceptthetermsofthelicenseagreement,andclickNext.TheChoose InstallationFolderscreenappears. NOTEThedefaultinstallationpathis:C:\Program Files\VMware\ADM. 5 6 7 Ifyouwanttochangethedefaultinstallationlocation,clickChangeandselectthepreferredinstallation directory. ClickNext.TheHostInformationscreenappears. TypethefollowinginformationtoconfiguretheWindowsCollector:

AggregatorIPAddress

20

VMware, Inc.

Chapter 2 Installing ADM

WindowsCollectoruniqueID NOTEThisisthesameidentifierthatwasdefinedontheAggregatorsideforWMIdiscovery.The defaultvalueis200.

8 9

ClickNext.TheInstallationscreenappears. ClickInstalltobegintheinstallation. NOTETheprocessofinstallingandconfiguringtheWindowsCollectorcantakeseveralminutes.

10

ClickFinishtoclosetheInstallShieldWizardscreenwhentheinstallationprocessiscomplete.

Uninstall
To uninstall the ADM Windows Collector 1 2 3 OpentheWindowsControlPanel. IntheControlPanelwindow,selectProgram>UninstallaProgram.TheUninstallorchangeaporgram screenappears. DoubleclickorrightclickandselectUninstalltoinitiateremovaloftheADMWindowsCollector. NOTETheremovaloftheWindowsCollectorcantakeseveralminutes. 4 ClickFinishtoclosetheInstallShieldWizardscreenwhentheuninstallationprocessiscomplete.

VMware, Inc.

21

Administration Guide

22

VMware, Inc.

Setting Up ADM

ThischapterprovidesinformationforsettinguptheADMvirtualappliancedeployments. Topicsinclude:

Processonpage 23 PostInstallationStepsonpage 27

Process
AftertheADMapplianceisdeployedontheESXServer,performthefollowingprocedures:

OrderofSetuponpage 23. ADMSetupProceduresonpage 23 ConfiguringtheRootPasswordonpage 24 ConfiguringStaticNetworkSettingsonpage 25 NOTEADMonlysupportsusingastaticIPaddressfortheADMvirtualmachine.

ConfiguringtheApplianceRoleonpage 26 UploadingaLicenseonpage 40

Order of Setup
RepeatthesetupproceduresforallADMcomponentsinthefollowingorderforallvirtualappliances: 1 2 3 Database(whereremotedatabaseisused) Aggregator Collectors(Passive,ActiveandPassiveCollector)

TheWindowsCollectorissetupasdescribedinInstallingWindowsCollectoronpage 20.

ADM Setup Procedures

Beforeyoubeginensurethatyouhaveperformedthefollowing. 1 2 EnsureallrelevantcomponentsaredeployedasdescribedinDeployingtheVirtualApplianceson page 18. ObtaintherequiredinformationforeachappliancedeployedinStep 1andrecordthesevaluesasshown inTable 31.

VMware, Inc.

23

Administration Guide

Table 3-1. Network Values

Parameter NetworkIPaddress Networknetmask Networkgateway DomainNameServer(DNS) NOTE:YoucanenteruptothreeDomainNameServers separatedbycomma. Value

FullyQualified(FQ)hostname

Launching the First Boot Configuration Tool

RepeatthefollowingstepsforeachADMvirtualappliance: NOTETheWindowsActiveCollectorissetupasdescribedinInstallingWindowsCollectoronpage 20. 1 Whileselectingthevirtualappliance,poweritupbyeither:

clickingthetoolbaricon Or

rightclickingandselectingPower>PowerOn

NOTEStatusofvarioustasksappearintheRecentTaskspaneonthebottomofthevSphereClientmain screen. 2 RightclicktherelevantapplianceandselectOpenConsoletabtomonitorthisprocedure. Theapplianceandrelevantservicesstartup.AWelcomemessagefortheADMfirstbootconfiguration tool(wizard)appears. 3 Tolaunchthetoolandconfiguretheinitialappliancesettings,typeyes.Thewizardasksyoutochange thedefaultpassword.Youcanchangethedefaultpasswordbyfollowingtheinstructionsdescribedin ConfiguringtheRootPasswordonpage 24.

NOTEIfyoutypenofortheinitialappliancesettingsmessage,youcanruntheinitialconfigurationlaterby runningthesystem_setupcommand. NOTEIfyoutypenoforthechangepasswordmessage,thewizardpromptsyoutoaddnetworkinformation. YoucanaddthenetworkinformationasdescribedinConfiguringStaticNetworkSettingsonpage 25.

Configuring the Root Password

Performthefollowingproceduretochangetherootpassword.

User name and Passwords

Passwordsmustcontainaminimumofeightcharactersanditisrecommendedtoincludethefollowing charactertypes:

numeric uppercase lowercase nonalphanumericsuchas#or!

24

VMware, Inc.

Chapter 3 Setting Up ADM

To change the Root Password 1 2 TypeanewpasswordfortherootuserandpressEnter. RetypethepasswordandpressEntertoconfirm.Thewizardnowaskstoaddnetworkinformation,type yes.Thewizardpromptsyoutoaddnetworkinformationandyoucanaddthenetworkinformationas describedinConfiguringStaticNetworkSettingsonpage 25.

NOTEIfyoutypeno,youcanaddthenetworkinformationbyrunningthesystem_setupcommandanda messagetosetupthetimezoneappears.YoucansetupthetimezoneasdescribedinConfiguringthe TimezoneandTimeonpage 25.

Configuring Static Network Settings

TheADMonlysupportsusingastaticIPaddressfortheADMvirtualappliance. NOTEDefaultvaluesappearinparenthesis.Someofthesevaluesmustbechangedaccordingtothefollowing steps. BeginningwiththeIPaddress,typethevaluesthatarerecordedinADMSetupProceduresonpage 23,as describedinTable 32. Table 3-2. Network Settings
CLI prompt IPaddress Netmask Gateway DNS Hostname Notes and Values TypetheIPaddress. Typethenetmask. Typethegateway. TypetheDNS. FullyqualifiedhostnametobeusedbyADM,forexample localhost.localdomain.com

Ifallthenetworkinformationiscorrect,thewizardpromptsyoutosetupthetimezone.Youcansetupthe timezoneasdescribedinConfiguringtheTimezoneandTimeonpage 25.

Configuring the Timezone and Time

Thispromptasksyoutosetupthetimezone,typeyes.Thewizarddisplaysthecurrenttimezoneandprompts youtosetupthetimezonebyclickingthenumberofyourchoice.Theoptionsavailableareasfollows: 1 Fromzonelist:Ifyouselect1,allpossiblezonesarelistedandyoucanenterthenumberoftimezonethat youwanttoset.Thewizarddisplaystheselectedtimezoneandasksforconfirmation.Ifyoutypeyes,the timezoneisselectedandamessagetosetupthelocaltimeappears. Or 2 Manually:Ifyouselect2,amessagethatasksyoutoentermajorworldcityincontinent/cityformat appears.EnterthedetailsaspertheformatandpressEnter.Ifthetimezoneenteredispresentinthe database,thetimezoneisselectedandamessagetosetupthelocaltimeappears. Or 3 ExitTimeZonesettings:Ifyouselect3,thewizardexitsthetimezoneconfigurationandamessagetoset upthelocaltimeisdisplayed.

Formoreinformationabouttimezones,seeAppendix A,TimeZones,onpage 57. Thewizarddisplaysthecurrenttimeandaskstosetupthelocaltime.Enterthecurrentdateandlocaltimein YYYY/MM/DDHH:MM:SSformat,andpressEnter.

VMware, Inc.

25

Administration Guide

Thewizarddisplaysallthesettingsthatyouhavecompletedandasksforyourconfirmationtosavethe information.Ifyoutypeyes,thewizardsavesthesettingsandthesystemstartsrebooting.Aftercompletion, thewizarddisplaysthemessagetosettheappliancerolesetting.Youcanconfiguretheapplianceroleas describedinConfiguringtheApplianceRoleonpage 26. NOTEIfyoutypeno,thewizarddoesnotsaveanythingandyoumuststartthesettingsfromthebeginning.

Configuring the Appliance Role

NOTEIfyoutypeno forappliancerolesetup,youmustruntherole_setupcommandtosetupthe appliancerole. ForCoreappliancesdeployedinDeployingtheVirtualAppliancesonpage 18,theappliancerolechoicesare showninTable 33. Table 3-3. Core Appliance Roles
Select 1 2 3 4 5 Role Aggregator Singlebox Database Aggregatorwith remotedatabase Remindmelater Configures CombinedAggregatoranddatabaseapplianceindistributedsolution. Singleboxsolution. DatabaseapplianceinDistributedwithremotedatabasesolution. AggregatorapplianceinDistributedwithremotedatabasesolution. Skipsapplianceroleconfigurationfornow.Youmustruntherole_setup commandtosetuptheappliancerole.

To configure the appliance role for Core 1 2 TypeyesattheappliancerolepromptandpressEnter. TypetherolenumberandpressEnter. NOTEIfyouselect4,thewizardalsoaskstoenterthedatabaseIP. Thewizardstartsconfiguringapplianceroleandcreatestheinitialdatabaseschema.Thisprocessmighttake sometime. Theapplianceroleisthencreated.Thisprocessmighttakesometime. ForCollectorappliancesdeployedinDeployingtheVirtualAppliancesonpage 18,theappliancerole choicesareshowninTable 34. Table 3-4. Collector Appliance Roles
Select 1 2 3 Role PassiveandActive DiscoveryCollector PassiveDiscovery Collector Remindmelater Configures SingleCollectorforactiveandpassivediscovery ThisoptionalsoconfiguresPassiveCollectorInternal. Skipsapplianceroleconfigurationfornow.Youmustruntherole_setup commandtosetuptheappliancerole.

To configure the appliance role for Collector 1 2 3 4

26

TypeyesattheappliancerolepromptandpressEnter. TypetherolenumberandpressEnter. Ifyouselect1,youhavetoentertheCollectorIDofyourchoiceandpressEnter.Thedefaultvalueis100. TypetheAggregatorIPandpressEnter.

VMware, Inc.

Chapter 3 Setting Up ADM

Theapplianceroleisthencreated.Thisprocessmighttakesometime. NOTETheWindowsActiveCollectorroleisinstalledbyrunninganexecutableasdescribedinInstalling WindowsCollectoronpage 20.

Post-Installation Steps
BeforeyoulogintotheADMconsole,clearthecacheofyourbrowsertopreventthepossibleappearanceof incorrectinformationinthedisplays,applicationerrors,andothererrormessageswhenopeningtheADM. NOTEAdditionalADMUIadministratorsandthemorelimitedoperatorusersarelaterdefinedbythedefault ADMadminuser.TheVMwarevCenterApplicationDiscoveryManagerUsersGuideprovidesmoredetails.

Logging In to the ADM Console

Afteryoucompletetheapplianceinstallation,logintothesystembyusingthebrowserandperformthe followingsteps: 1 2 3 TypetheIPaddressofthemanagementapplianceintheaddressbarandclickGo.Theloginscreen appears. TypeadminintheUsernamefieldanddefaultpassword123456inthePasswordfield. ClickLogin. IMPORTANTYoumightberequiredtouploadanewlicense.Beforeproceeding,reviewthecriteriaand ifnecessary,performthestepsdescribedinLicensesonpage 39.

Initiating Passive Discovery

OnlyonePassiveDiscoveryPolicyDefinitionpresentintheADM.ThefirsttimeyouuseADM,youmustset upthepolicydefinitionandstartit. To initiate Passive Discovery 1 2 3 ClickManage,andthenselectthePassiveDiscoverymenu. SelectthecomponentsonwhichADMperformsPassiveDiscoveryfromtheScopeComponentfield. Basedonyourselection,typetheappropriateIPinformation:

IPrangeUseNotationtotypeagroupofhostswithsimilarIPaddresses.Forexample,192.0.2.* includesallhostswithIPsstartingwith192.0.2.Youcanalsosearchallhostsbytypinganasteriskin eachfield.UseIPrangetoincludeagroupofhostswithinadefinedIPrange. IPAddasinglespecifichosttothegrouptoincludeorexcludefromthescope. SubnetNetMaskConfiguretheIPaddressscopebyprovidingthebasenetworkaddresswiththe fulldotteddecimalnotationforthesubnetmask, SubnetSlashNotationConfiguretheIPaddressscopebyprovidingthebasenetworkaddresswith theClasslessInterDomainRouting(CIDR)notationforthesubnetmask.

4 5 6

ClickIncludetoincludethecomponentsinthediscoveryorExcludetoexcludethemfromit. RepeatStep 2throughStep 4foreachcomponentthatyouareincludingorexcludingfromdiscovery. Optionally,usetherulesandruletemplatestofurtherdefinethescopecriteria:

YInstructsADMtoincludethecomponentsinthePassiveDiscovery. NExcludesthecomponentsfromdiscovery. IAllowsyoutoignoretherule.

7
VMware, Inc.

Ifyouselectaruletemplate,clickthebluelinktocustomizetherule.
27

Administration Guide

8 9 10 11

ClickUpdatetosavethesettings. Optionally,addaPassiveDiscoveryPlan. RestartPassiveDiscovery.NavigatetotheManage>Systempage,andclickRestartDiscovery. ClickOKinthemessageboxthatstates: StartinganewPassiveDiscoverydeletesallexistingdiscoverydata.Thismighttakeafewminutes.The systemisunavailabletoallusersduringthisprocess.Continue?

12 13

ClickOKtobeginthediscoveryprocess.ThedashboardreappearswiththeDiscoverystatus(initially Discovering)inthetopstatusbaroftheADMConsole. YoucannowbeginusingtheADM.TheVMwarevCenterApplicationDiscoveryManagerUsersGuide providesanoverviewofPassiveDiscovery,andtheonlinehelpprovidesmoredetailontheactionsthat youcanperform.

28

VMware, Inc.

Securing ADM

ThischapterprovidesinformationonsecuringADMappliance.Topicsinclude:

ChangingtheRootPasswordonpage 29 ResettingtheADMRootPasswordonpage 29 OpenSSLSelfSignedTestCertificatesonpage 30 CASignedTestCertificatesonpage 30

Changing the Root Password

To change the root password 1 2 LogintotheADMappliancebyusingaSecureShell(SSH)client. Runthepasswdcommand:

Thewizardaskstoenteranewpassword. Retypethepassword.

Ifboththepasswordsmatch,thepasswordischangedandallauthenticationtokensgetsupdated.

Resetting the ADM Root Password

To reset the ADM root password 1 2 UsingtheVMwarevSphereclient,startorrestartthevirtualmachine. Afterthevirtualmachinerestarts,clickanykeyintheconsolewindow. NOTEIfyoudonotclickanykeyintheconsolewindowimmediatelyafterthevirtualmachinerestarts, youmustrestartthevirtualmachineandperformstep2again. Togiveyouadditionaltimewhenclickingakeyintheconsolewindow,youcanmanuallyaddalineto theVMXfile.AddingthelinetothefilecausestheBIOStodelay.Forexample,tocausea10seconddelay, powerdownthevirtualmachine,opentheVMXfileinatexteditor,typethefollowinglineintheVMX file:
bios.bootDelay=10000

Thebootscreenappears. 3 PressetoentertheGRUBbootmenu. TheGNUGRUBloaderscreenappears. 4 5

VMware, Inc.

Highlight(2.6.24.79.smp.pae.gcc3.4.x86.i686),andpresse. Selectthekernellineandpressetoedittheentry.
29

Administration Guide

Placeyourcursorattheendofthelineandappendthelinebytyping:
single

7 8

PressEntertocommitthechange. Pressbtostartthesystem. Yoursystemstartswithoutrequiringapassword.

Typethefollowingcommandtoresetthepassword:
passwd

10 11

Followthepromptsastheyappearonthescreentosetthepassword. Typethefollowingcommandtorestartthesystem:
reboot

Yourpasswordischangedandrestartsthesystem. NOTEYoucanalsoresettheADMrootpasswordbyrunningsystem_setupcommand.

OpenSSL Self-Signed Test Certificates

TheVMwarevCenterApplicationDiscoveryManagerdefaultinstalledcertificateiscreatedduringthe installationandisvalidforoneyeartousetheapplianceuntilyouacquirealocalCertificateAuthority(CA). PublicfacingsecureWebsitesmustuseathirdpartyCA.Ifyouwanttousetheapplianceintestenvironment andthendeploythatappliancetoaproductionenvironment,youmustnotchangethehostnameastheADM doesnotsupportchangingthehostname.Instead,youcansetupanaliasintheDNStoresolvetheappliance hostname.

CA Signed Test Certificates

TocreateCAsignedcertificates,youmustgenerateacertificaterequestfile(csr).Thecertificaterequestfile providesdetailsabouttherequesterofthecertificateandthecertificateissignedbytheprivatekeyaboveto yourtrustedcertificateauthority. Createthecertificaterequestbytyping:
openssl req -new -key server.key -out server.csr

FillintheX.509attributesasspecifiedpreviously.FormoredetailsconsultyourCA. ToinstallthecertificateprovidedbyyourCA,performthestepsdescribedinCopyingthe.keyand.crtFiles onpage 31. FreeCAproviders,ashttp://www.cacert.orgexist.

Self-Signed Certificates
Useselfsignedcertificatesonlyinthetestenvironments,orwhereonlyalimitednumberofconnectionsis established.Forexample,peertopeerrelationshipscanbeacustomVPNorAS2linkbetweentwocompanies, orbetweentwodifferentsitesofthesamecompany.Selfsignedcertificatesbecomeimpracticalasthenumber ofcertificatesnecessarytomanagegrowslinearlywiththenumberofpeeringrelationships.AlocalCA,while morecomplextosetup,reducesthenumberofkeysrequiredtobedistributedforverification,andreplicates arealworldcertificateenvironment.ACAcancostlesstomanagethanhundredsorthousandsofindividual certificatesoneachpeersystem. NOTEDonotusetheselfsignedcertificatesinproductionenvironments. Certificatecreationrequirestheopensslutility.TheopensslutilityislocatedintheADMappliancefolder.
/usr/bin/openssl

30

VMware, Inc.

Chapter 4 Securing ADM

To create a certificate 1 TogeneratetheRivest,Shamir,andAdleman(RSA)keytype:

cd /etc/httpd/conf/ssl.prm/ openssl genrsa 2048 > server.key chmod 400 server.key

TheopenSSLutilitycangenerateaDigitalSignatureAlgorithm(DSA)keybyusingthegendsaoption. Forcompatibility,VMwarerecommendsRSAkeysbyusing2048bitsasthekeysize. 2 Createthecertificatebytyping:

openssl req -new -x509 -nodes -sha1 -days 365 -key server.key > server.crt

The-new,-x509,and-nodesargumentsarerequiredtocreateanunencryptedcertificate.The-days argumentspecifiesthelengthoftimethecertificateisvalid. Forencryptedcertificates,everytimeyouarerequiredtotypethepassworduntilthekeyisloaded. NOTEInmostcases,encryptedcertificatesarenotworththeoperationalburden,aseachprocessrestart orsystemrestartrequiresyoutomanuallytypeapassword. YoucanaskquestionstocompleteX.509attributescertificate.Adjusttheanswerstoyourlocalsettings.If frequentlytyped,youcanupdatethesystemopenssl.cnffile(inthe/usr/share/ssl/directory)withthe correctdefaults. Table 41listsX.509attributesamplepromptsandanswers. Table 4-1. X.509 Sample Prompts and Answers
Prompt Countryname(2lettercode)[AU]: Stateorprovincename(fullname)[SomeState]: Localityname(eg,city)[]: Organizationname(forexample,company)[InternetWidgitsPtyLtd]: Organizationalunitname(forexample,section)[]: Commonname(forexample,YOURname)[]: Emailaddress[]: Answer US Massachusetts Boston YourCompanyOrg hostname.domain postmaster@yourcompany.org

Forwebservices,thecommonnamefieldmustexactlymatchthehostname(orVIPname,forhostsassociated withaloadbalancer)ofthesystemcertificateisusedon;otherwise,acertificatetohostnamemismatchcan occur.InpeertopeersetupsforAS2,thisfieldcanusuallybesettoadescriptivestring. Thecertificatedataintheserver.crtfilemustbetransferredtoallclientsystemsthatneedtoverifythekey oftheservertowhichitisconnected.Ifthismethoddoesnotscale,setupaCA,anddistributethesigning certificatetotheclientsinsteadofeachselfsignedcertificate.Optionally,youcanextractthemetadata.

Copying the .key and .crt Files

Typethefollowingcommandstocopythe.keyand.crtfiles:
cp server.crt /etc/httpd/conf/ssl.crt cp server.key /etc/httpd/conf/ssl.key

Tomakethecertificateeffective,restarttheApacheservicebytyping
adm_control.pl --restart apache

VMware, Inc.

31

Administration Guide

32

VMware, Inc.

Maintenance

ThischapterdescribesthenecessaryconceptsandprocedurestomaintainanADMdeployment.Topics include:

ADMServicesonpage 33 ProductSupportPackagesonpage 34 RestoringanADMEnvironmentbyUsingaProductSupportPackageonpage 36 ReconfiguringanADMDeploymentonpage 38 Licensesonpage 39

ADM Services
Table 51describesthemainADMservices. Table 5-1. ADM Services
Service name apache active_probe Description Webserverservice. ServiceresponsibleforperformingDetailDiscoveryandrunsonLinuxCollectorsandtheWindows virtualmachine.Thisserviceperforms:

WMIbaseddiscoveryontheWindowsCollector SSH,SNMP,VISDK,andTelnetbaseddiscoveryontheUNIXCollector

engine

ThecoreofADMandincludesthefollowingcomponents:

Userinterface Management Reconciliations Analytic

listener oracle vnc

ServiceresponsibleforthePassiveDiscoverymechanisms. Databaseservice. PhysicalIBMCollectorsonly. ThevncserviceenablesVNCaccesstotheWindowsinstancesothattheIPaddresscanbeconfigured.

vmware

PhysicalIBMCollectorsonly. TheWindowsinstanceontheapplianceisinstalledonavirtualmachine.Thevmwareservicestarts VMwaresothattheWindowsinstancecanstart.

watchdog

Servicethatmonitorsthehealthoftheotherservices.Ifanotherservicehasaproblem,watchdog servicetriestoidentifytheserviceandresolvetheproblem.

VMware, Inc.

33

Administration Guide

Managing Services with adm_control

ADMprovidestheadm_control.plscripttostart,stop,andmonitorADMservices.Youcanstartorstopany service,butifyoustopanyservicealldependentservicesarestoppedasaresult.Alldependentservicesis listedduringthestopprocess.Table 52listsanddescribesthecommandsfortheADMservices. Table 5-2. ADM Service Commands
Use the Following Command adm_control.plstatus<servicename> adm_control.plstop<servicename> adm_control.plstart<servicename> adm_control.plrestart<servicename> adm_control.plhelp adm_control.plcommandall To DisplaythestatusoftheADMservice. StoptheADMservice. StartastoppedADMservice. StopandrestarttheADMservice. Displayallofthecommandoptions. Applythecommandtoallservices.

ServicenameisanameofServicedefinedinTable 51. NOTEEveryappliancehasonlyrelevantservicesstartedandalltheothersaredisableddependingontherole. To run an adm_control.pl command 1 2 Logintotheapplianceasuserroot. Typetheadm_control.plcommandasdemonstratedinTable 52,forexample:

adm_control.pl --stop all

AllservicesthatarelistedinTable 51stop.

Product Support Packages

Createtheproductsupportpackagestobackup,restore,ortroubleshoottheADM. ProductsupportpackagescontainarealtimecaptureoftheADMdatabase,configurationfiles,customization files,andlogs.Table 53describesthefilestheproductsupportpackagecontainsanditsuse. Table 5-3. Product Support Packages Files and Uses
File Databasedata ActiveProbeandPassiveListenerdefinitionfiles DetaildiscoveryandPassiveDiscoveryfingerprints Logs Licensefile Use BackupandrestoreoftheADMdatabase. BackupandrestoreoftherequiredADMconfigurations. BackupandrestoreofthecustomADMconfigurations. Troubleshooting. Serialnumberusedformanagedserverhost.

VMwarerecommendsthatyoucreateandsaveasupportpackagepriortoperforminganymaintenance procedures,suchasanupgrade,restore,andfreshinstallationsorbeforecontactingVMwareCustomer Support. SupportpackagesarebackupsoftheADMandrelevantconfigurationfiles.Thesepackagescontain troubleshootinglogfilesandareusedtorestoreyourADMenvironment.

34

VMware, Inc.

Chapter 5 Maintenance

YoucancreatesupportpackageseitherthroughtheADMConsoleorthroughtheCommandLine Interface (CLI). NOTEProductsupportpackagesrequireapasswordforextraction.ContactVMwareCustomerSupportto retrievethepasswordifyouusetheproductsupportpackagetorestoreADMortheADMdatabaseas describedinRestoringanADMEnvironmentbyUsingaProductSupportPackageonpage 36. CAUTIONReimagingremovesallfiles(includingthesupportpackage)fromtheappliance,sosavethe supportpackageelsewhere.

Using the ADM Console

UsetheADMConsoletocreateaproductsupportpackageinanSingleboxsetupdeploymentandtocreatea productsupportpackagefortheAggregatorinanytypeofADMdeployment.Chapter 2describesthe differentADMdeploymentoptions: NOTETheUIoptionisrelevantonlytotheapplianceswithAggregatorcomponent. 1 2 3 4 LogintotheADMConsole. NavigatetoManage>System>CreateProductSupportPackage. WaitforafewminutesandthenrefreshthepagetoseeiftheStatushaschangedfromPendingtoSuccess. ClicktheappropriateproductsupportpackageZipfiledisplayedinthetableanddownloadit. Bydefault,thefilenamesarelistedfromthemostcurrentbackdate.EachproductsupportpackageZip filenameincludestheADMdatabaseschemaversion,date,andtimestampforeasyrecognition. 5 ClickSave. NOTEBydefault,theADMsavestheproductsupportpackagesonlyforsevendays.Ensuretosaveto theproductsupportpackagetoanotherlocationifyouwanttosavetheinformationforlongerduration.

Using the CLI

UsetheCLItocreatesupportpackagesforeachcollectorordatabaseinadistributedADMdeployment,orfor theAggregator,database,orsingleboxdeploymentwhentheAggregatorisnotavailablethroughtheADM Console.Chapter 1describesthedifferentADMdeploymentoptions: 1 LogintotheCollectororAggregatorapplianceasuserroot. NOTELogintotheAggregatortocreateabackupoftheADMdatabase.Youarenotrequiredtologinto theremotedatabaseappliancetocreateabackupofthedatabasefiles. 2 3 Changethedirectorytothe/home/nlayers/Seneca/management/APIsdirectory. Typethefollowingcommand:
./InSight_control.sh supportpackage --get --output filename filename.zip is created at the same location.

CopyandsavethezipfilefromtheADMappliancetoadifferentlocation. NOTEEnsuretosavetotheproductsupportpackagetoanotherlocationifyouwanttosavethe informationforlongerduration.TheADMsavesthepackageonlyforsevendaysifyouselectthedefault location.

VMware, Inc.

35

Administration Guide

Restoring an ADM Environment by Using a Product Support Package

To restore an ADM configuration 1 2 3 4 BackupyourADMenvironmentasdescribedinProductSupportPackagesonpage 34. ContactVMwareCustomerSupporttoretrievethepasswordforextractingtheproductsupportpackage. FollowthestepsinRestoretheADMDatabaseonpage 36. Ifnecessary,RestoringtheCustomDiscoveryandConfigurationFilesonpage 37.

IMPORTANTIfyouaremigratingtoanewappliance,followtheinstructionsinMigratingtoaNew Applianceonpage 45. NOTEInthefollowingsections,thedirectoryinwhichtheproductsupportpackagefilesareextractedis calledassupportpackagedir.

Restore the ADM Database

ThefollowingstepsdescribesrestorationoftheADMdatabaseinansingleboxanddistributeddeployment. Chapter 1describesthedifferentADMdeploymentoptions: 1 LogintotheAggregatororsingleboxapplianceasuserroot. NOTEDistributeddeploymentonlyInadistributeddeploymentthedatabaseorremotedatabaseis restoredthroughtheAggregator. 2 Createatemporarydirectory:
mkdir supportpackagedir

3 4

CopythesupportpackageintothetemporarydirectorythatyoucreatedinStep 2. Extractthesupportpackageintothetemporarydirectory:
unzip support_package__version_date_and_timestamp.zip

whereversion_date_and_timestampistheuniqueidentifierofthepackage. 5 6 Whenpromptedforthepassword,typethepasswordyouretrievedfromVMwareCustomerSupport. Afterextractioncompletes,copythedatabasebackupfile:

supportpackagedir/supportpackage/backup.db_dump-main-db_schema_build-db_dump.gz

wheredb_schema_buildisthedatabaseschemaversionandbuildnumber. 7 Placethecopiedfileinthefollowingdirectory:
/home/nlayers/Seneca/Control/bin/home/nlayers/Seneca/db_scripts/oracle

Typethefollowingcommandtostoptheengineservice:
/adm_control.pl --stop engine

Typethefollowingcommandtoswitchtothenlayersuser:
su - nlayers

10

Changedirectoryto:
cd /home/nlayers/Seneca/db_scripts/oracle

11

Typethefollowingcommandtorestorethedbbackup:
./db_restore.sh backup.db_dump-main-db_schema_build-db_dump.gz prod

wheredb_schema_build isthedatabaseschemaversionandbuildnumber. NOTEThedatabaserestoreprocesscantakeupto30minutes.

36

VMware, Inc.

Chapter 5 Maintenance

12 13

Exitfromthenlayersuser. Typethefollowingadm_control.plcommandtostarttheservices:
/home/nlayers/Seneca/Control/bin/adm_control.pl --start all

NOTEIftheADMconfigurationbeingrestoredhascustomconfigurationfilesorfingerprints,youmust completethestepsoutlinedinRestoringtheCustomDiscoveryandConfigurationFilesonpage 37.

Restoring the Custom Discovery and Configuration Files

ADMcustomconfigurationfilescontainrestoreinformationforPassiveDiscoverycustomfingerprints, PassiveDiscoverycustomconfiguration,DetailDiscoverycustomfingerprints,andDetailDiscoverycustom configuration. 1 LogintotheCollectororsingleboxsetupasuserroot. IMPORTANTFordistributedsolutionsonlyThecustomfilesmustresideontheCollectorappliance.In thiscasecompletethefollowingstepsoneachCollectorinthedeployment. Ifthefeaturecanbecustomized,the./custom/*directorycontainsthefiles.Ifthedirectoryisempty,no customizationfilesareassociatedwiththefeature. 2 Createatemporarydirectory:
mkdir supportpackagedir

3 4

CopythesupportpackageintothetemporarydirectoryyoucreatedinStep 2. Extractthesupportpackageintothetemporarydirectory:
unzip support_package__version_date_and_timestamp.zip

whereversion_date_and_timestampistheuniqueidentifierofthepackage. 5 6 Whenpromptedforthepassword,typethepasswordyouretrievedfromVMwareCustomerSupport. Copyallfilesfrom:

supportpackagedir/supportpackage/listener/custom/conf

Placethecopiedfilesto:
/home/nlayers/Seneca/probe

Copyallfilesfrom:
supportpackagedir/supportpackage/listener/custom/kb

Placethecopiedfilesto:
/home/nlayers/Seneca/probe/resources

10

Copyallfilesfrom:
supportpackagedir/supportpackage/active_discovery/custom/conf

11

Placethecopiedfilesto:
/home/nlayers/Seneca/ActiveProbe/conf

12

Changedirectoryto:
/home/nlayers/Seneca/management/APIs

13

Typethefollowingcommand:
./InSight_control.sh adkb --checkout /tmp

14

Copyallfilesandsubdirectoriesfrom:
supportpackagedir/supportpackage/active_discovery/custom/kb/custom

VMware, Inc.

37

Administration Guide

15

Placethecopiedfilesto:
/tmp/adkb/custom

16 17

Overwriteanyfilesorfoldersinthedestinationdirectoryifpromptedtodoso. Typethefollowingcommandtocheckinthecustomfingerprints:
/home/nlayers/Seneca/management/APIs/InSight_control.sh adkb --checkin /tmp

18

Typethefollowingadm_control.plcommandtorestarttherelevantservices:
/home/nlayers/Seneca/Control/bin/adm_control.pl --restart all

NOTEDistributeddeployment:RepeatStep 1throughStep 18foreachcollectorintheADM deployment.

Reconfiguring an ADM Deployment

YoucanreconfiguredeploymentofphysicalIBMallinone,Aggregatoranddatabaseappliancesasfollows:

AddingaRemoteDatabasetoanExistingADMDeploymentonpage 38 ConvertingaSingleboxorAggregatortoaRemoteDatabaseonpage 38.Noteimportantrestrictions. MovingaDatabasetoaRemoteApplianceonpage 39

VirtualcomponentsmustberedeployedasdescribedinInstallingADMonpage 15.

Adding a Remote Database to an Existing ADM Deployment

To add a remote database to the ADM deployment 1 2 3 4 EnsurethatallcomponentsarerunningADMversion6.0orlaterbeforeaddingtheremotedatabaseto yourADMdeployment.Allappliancesmustbeonthesameversion. Ifyouhaveanexistingdatabase,backitupusingthestepsdescribedinProductSupportPackageson page 34. AfterensuringthatallcomponentsarerunningthesameADMversion,followtheinstructionsdescribed inUpgradingAppliancesonpage 42. RestorethebackedupdatabasetothenewdatabaseapplianceasdescribedinRestoretheADM Databaseonpage 36.

Converting a Single-box or Aggregator to a Remote Database

Bewareofthefollowingbeforeconvertinganexistingcomponenttoaremotedatabase: CAUTIONYoucannotrestorethedatafromacomponentthatyouareconverting.Allofthedataonthe singleboxorAggregatorcomponentthatyouareconvertingtoaremotedatabaseislostduringconversion.

YoucanonlyconvertanAggregatorcomponentthatisnotpartoftheADMdeploymentintoaremote database.Forexample,ifyouhaveanAggregatorappliancethatyouareusinginatestenvironment,and anotherthatyouareusinginyourproductionenvironment,youcanconvertthetestcomponentintoa remotedatabase. YoucanconvertanAggregatorcomponentintoaremotedatabasewhenyoualreadyhavemorethanone Aggregatorappliance. Youcanconvertanappliancethatisrunningansingleboxsetupintoaremotedatabase.

To convert the component to a remote database 1 2

38

SetupthedatabaseapplianceasdescribedintheADMSetupProceduresonpage 23. Logintothedatabaseapplianceasuserroot.

VMware, Inc.

Chapter 5 Maintenance

Ensurethatthedatabasemodeissetcorrectly,asfollows: a Typethecommand:
/home/nlayers/Seneca/tools/appliance_conf.pl --status

Ifthemodeisnotdatabasecorrectitbytyping:
/home/nlayers/Seneca/tools/appliance_conf.pl -mode=d

4 5

MakeanoteoftheIPaddressoftheremotedatabase. Runtheappliance_conf.plscriptontheAggregatorappliance: a b c Editthefile /home/nlayers/Seneca/tools/remote.db.conf. ReplacetheexistingIPaddresswiththeremotedatabaseapplianceIPaddress. Runtheappliance_conf.plscriptwiththemode=goptionbytyping:

/home/nlayers/Seneca/tools/appliance_conf.pl -mode=g

6 7

Restarttheappliance. Clearthecacheofyourbrowsertopreventthepossibleappearanceofincorrectinformationinthe displays,applicationerrors,andothererrormessageswhenopeningtheADM.

Moving a Database to a Remote Appliance

To move a database to a remote appliance 1 2 3 4 5 BackupthedatabasefromtheexistingdatabaseasdescribedinProductSupportPackagesonpage 34. Copythedatabasebackupfilebackup.db_dump-main-db_scheme_version-db_dump.gztotheRemote Databaseappliance. RestorethedatabaseontheRemoteDatabaseapplianceasdescribedinRestoretheADMDatabaseon page 36. Logintothedatabaseapplianceasuserroot. Typethefollowingcommandtoensurethatthedatabasemodeissettothecorrectmode:
/home/nlayers/Seneca/tools/appliance_conf.pl --status

Ifthemodeisdatabase,continuewiththefollowingstep.Ifthemodeisnotdatabase,typethefollowing commandtochangethemode:
/home/nlayers/Seneca/tools/appliance_conf.pl -mode=d

7 8

NotetheIPaddressoftheremotedatabase. ContinuetoperformthestepsdescribedinAddingaRemoteDatabasetoanExistingADMDeployment onpage 38.

Licenses
Youmustrenewthelicenseswhen:

reachingtheexpirationdate expandingthecustomerdiscoverednetworkscope.

Thisprocedureforuploadinganewlicensemustbeperformedfollowingeach:

initialinstallation migrationofADMfor6.1release. upgradefromADM6.0.x

ItisnotnecessarytoperformthisprocedurewhenupgradingfromADMversions6.1.xorlater.

VMware, Inc.

39

Administration Guide

AccesstheLicensesPropertiesscreenfromtheManage>System>LicensingmenuintheADMUIthat displaysthelicenseinformation,whichincludesthelicensedfeature,quantityofavailablelicenses,andexpiry date. TheappropriatewarningmessageappearsontheDashboard,InventoryandLicensePropertiespage.An ADMUIadministratorcanlogintoreviewlicenselimitationsanduploadnewlicensesasrequired.

Uploading a License
IMPORTANTBeforeyoubegin,obtaintheserialnumberformanagedserverhost. Performthefollowingproceduretouploadalicense. 1 2 3 4 LogintotheADMUIasanadminuser. NavigatetotheManage>SystemscreenandclickLicensing.TheLicensePropertiesscreenappears ClickUploadanewLicense.TheUploadanewlicensescreenappears. EntertheserialnumberandclickApply.Iftheserialnumberisvalid,theserialnumberisuploadedand LicensePropertiespageisdisplayed.

40

VMware, Inc.

Upgrading ADM

ThischapterdescribesthenecessaryconceptsandprocedurestoupgradeanADMdeployment.Topics include:

Overviewonpage 41 UpgradingAppliancesonpage 42 PostUpgradeStepsonpage 43

Overview
Thefollowingconsiderationsapplyforapplianceupgradesandmigration.

Appliance Type
YoucanupgradeADMonphysicalADMonvirtualappliancesrunningversions6.1.xorlaterasdescribedin UpgradingAppliancesonpage 42.

Mixed Environments
Somesitescanhaveacombinationofphysicalandvirtualappliances.Youmustupgradethemtothesame ADMversionbyusingtheproceduresdescribedinUpgradingAppliancesonpage 42.Formore informationaboutmixedenvironment,seeMixedEnvironmentonpage 13.

Licenses
YouneedanewlicensetouseADMafterupgradingfrom6.0.X.ObtainthelicensefromyourVMwareSales representative.Licensesonpage 14providesmoreinformation.

Appliance Migration
Chapter 7describesproceduresformigrationtovirtualappliances.

Backing Up Data
Backupthedatatopreventlossduringthemigrationandupgradeprocess.ProductSupportPackageson page 34describesbackupandrestoreprocedures.

VMware, Inc.

41

Administration Guide

Upgrading Appliances
ThissectiondescribestheupgradingofApplicationDiscoveryManagerversions6.0.xorlaterforphysical appliancesand6.1.xorlaterforvirtualappliances.

Important Notes

AllappliancesinyourcurrentenvironmentmustrunADMversion6.0.xorlater.Also,upgradeall appliancestothesameADMversion.BeforeupgradingtheADM,familiarizeyourselfwithOverview onpage 41. Fordistributedsolutions,performtheupgradesinthefollowingorder: a b c Remotedatabaseappliance(whereoneexists) Collectors Aggregator

Repeatthefollowingproceduresforallappliancesandarchitecturesolutions,unlessotherwiseindicated.

Preliminary Procedures
1 2 BackupyourdataasdescribedinProductSupportPackagesonpage 34(performedonAggregatoror singleboxapplianceandcollectorsifcustomfingerprintsexists). LogintotheapplianceandopenanSSHsessionandtypethefollowingcommandtomonitortheprogress ofupgrade:
tail -f /var/log/nlayers/update.log

ThisSSHsessionisinadditiontoanyothersessionopenedforthepurposeofupgrading.Theabovescript alsoprintssuccessorfailuremessagesalongwithotherusefulinformationtostdout. 3 PerformallupgradesbyusingtheCLIproceduresasdescribedinUpgradingAppliancesUsingCLIon page 42.

Upgrading Appliances Using CLI

To upgrade all appliances by using CLI 1 Downloadtheupdate_runner.plandInSightUpdate-version.updfilesfrom http://downloads.vmware.com/ApplicationDiscoveryManagerinto:
/home/nlayers/rpms/versionX.x/

Changefileaccess:
chmod 744 update_runner.pl

UpgradeVMwareADMservices:
./update_runner.pl -u -f InSightUpdate-version-build.upd

Waitfortheupgradetocomplete.Fordistributedsolutions,repeattheupgradeproceduresforall remainingappliancesasdescribedinUpgradingAppliancesonpage 42. NOTETheupgradeprocesscantakeseveralminutestocomplete.YoucannotaccesstheADMConsole whiletheupgradeisinprogress.

ProceedwithPostUpgradeStepsonpage 43. NOTEWinApeisupgradedaspartofaggregatorupgradeandyouarenotrequiredtoupgradeit separately.

42

VMware, Inc.

Chapter 6 Upgrading ADM

Post-Upgrade Steps
BeforeyoulogintotheADMconsole: Clearthecacheofyourbrowsertopreventthepossibleappearanceofincorrectinformationinthedisplays, applicationerrors,andothererrormessageswhenopeningtheADM. IMPORTANTYoumightberequiredtouploadanewlicenseifyouareupgradingfrom6.0.x.Before proceeding,reviewthecriteriaandifnecessary,performthestepsdescribedinLicensesonpage 14. YoucannowbeginusingtheADM.

VMware, Inc.

43

Administration Guide

44

VMware, Inc.

Migrating to a New Appliance

ThischapterprovidesinstructionsonmigrationofanexistingphysicalorvirtualADMappliancetoavirtual appliancesuppliedbyVMware.Topicsinclude:

Overviewonpage 45 PreliminaryProceduresonpage 46 DataRestorationonpage 47 PostMigrationStepsonpage 48

Overview
Additionaldocumentationasdescribedbelowisavailableathttp://downloads.vmware.com/

Supported Migration
AppliancemigrationissupportedfromADM6.0.x.Upgradeearlierversionstothelatest6.0.xversionbyusing theproceduresdescribedintheUpgradingADMonpage 41. NOTEPartoftheupgradeproceduretoADM6.0.xcanincludeupgradingcustomfingerprintscreatedin earlierversion.AdditionalinformationonfingerprintsisavailableintheVMwarevCenterApplicationDiscovery ManagerFingerprintDevelopersGuide.

Licenses
YouneedanewlicensetouseADMaftermigratingtoanewappliance.ObtainthelicensefromyourVMware Salesrepresentative.MoreinformationisprovidedinLicensesonpage 14.

System Architecture
DetaileddescriptionsareprovidedinSystemArchitectureonpage 9.Migrationstepsdifferfordifferent appliancesetups:

Singlebox Distributed Distributedwithremotedatabase IMPORTANTThenewvirtualappliancesolutionsfeatureseparatevirtualappliancecomponentsfor Collectors,Database,andtheAggregator.Initialsetupanddatarestorationisthereforeperformed separatelyforeachcomponent.

VMware, Inc.

45

Administration Guide

MigrateorupgradeallappliancestothesameADMversioninthefollowingorder: 1 2 3 Remotedatabase(forDistributedwithremotedatabasesolution) Collectors(forallDistributedsolutions) Aggregator

Process
Themigrationprocessisasfollows: 1 2 RecordthecurrentappliancenetworksettingsasdescribedinADMSetupProceduresonpage 23. BackupyourdataasdescribedinProductSupportPackagesonpage 34. IMPORTANTThebackupproceduresinvolvecopyingcustomADMfiles.Ensurethatthefilesmaintain theoriginalnLayersownershipaftercopying.Editingthefilesasrootmightchangetheownershipofthe files. 3 4 5 6 7 8 BackupUNIXCollectorsifcustomfingerprintsexist. BackupWindowsCollectorfingerprintsasdescribedinBackingUpWinApeMigrationFilesonpage 46 andshutdownalloldappliances. InstallanddeploythenewvirtualapplianceasdescribedinDeployingtheVirtualApplianceson page 18. RestarttheapplianceandperforminginitialsetuptasksasdescribedinChapter 3. RestoreUNIXCollectorfingerprints. RestoreWindowsCollectorfingerprintsasdescribedinRestoringWinApeMigrationFilesonpage 47.

Preliminary Procedures
CAUTIONBackupofexistingdataisessentialtopreventdatalossduringthemigrationprocess.

Forallsolutions,backupfilesareneededforWinApemigrationtoanothercomputerasshownintable Table 71. ThefollowingtabledescribestheWinApemigrationsfiles.Forvirtualappliance,thedefaultlocationis C:\Program Files\VMware\ADM.Forphysicalappliance,thedefaultlocationisC:\Program Files\nLayers\InSightActiveDiscovery. Table 7-1. WinApe Migration Files
File \lib\java\adkbcustom.jar Remark Always

Backing Up WinApe Migration Files

NOTEYoucanonlymanuallybackuptheWinApemigrationfiles. 1 2 3 LogintotheWinApeappliance. NavigatetothefolderwhereWinApeisinstalled. Createthebackupofadkbcustom.jarfilepresentin\lib\javafolder.

46

VMware, Inc.

Chapter 7 Migrating to a New Appliance

Restoring WinApe Migration Files

NOTEBackupyourADMenvironmentasdescribedinBackingUpWinApeMigrationFilesonpage 46. ThefollowingproceduresdescribestherestorationofWinApemigrationfiles. 1 2 3 4 5 6 LogintotheWinApeappliance. Copytheadkbcustom.jar backupfile. Navigatetothe\libfolder. Replacethecurrentfilein\libfolderwiththecopiedfile. Runtheservices.msccommand. RestarttheserviceVMwarevCenterADMWindowsCollector.

Data Restoration
ThissectionprovidesinformationaboutdatarestorationforSinglebox,distributed,anddistributedwith remotedatabasesolution.

Single-box-Solution
1 2 3 RestoretheADMdatabaseasdescribedinRestoringanADMEnvironmentbyUsingaProductSupport Packageonpage 36. RestorethecustomdiscoveryandconfigurationfilesasdescribedinRestoringtheCustomDiscovery andConfigurationFilesonpage 37. ForWinApe,firstcreatethebackupasdescribedinBackingUpWinApeMigrationFilesonpage 46and thenrestoreitasdescribedinRestoringWinApeMigrationFilesonpage 47.

Distributed Solutions
Thesestepsapplytodistributedsolutionswithoutaremotedatabase.Performthefollowingstepsonall appliancesinthefollowingorder:Collectors,WinApe,andAggregator.

Collectors
RepeatthefollowingstepsforeachCollectorappliance: 1 2 LogintotheCollectorvirtualappliance. RestorethecustomdiscoveryandconfigurationfilesasdescribedinRestoringtheCustomDiscovery andConfigurationFilesonpage 37.

WinApe
RepeatthefollowingstepsforeachWindowsappliance: 1 2 3 LogintotheWinApeappliance. BackuptheWinApemigrationfilesasdescribedinBackingUpWinApeMigrationFilesonpage 46. RestoretheWinApemigrationfilesasdescribedinRestoringWinApeMigrationFilesonpage 47.

Aggregator
1 2 LogintotheAggregatorvirtualappliance. RestoretheADMdatabaseasdescribedinTroubleshootingtheADMbyUsingtheProductSupport Packageonpage 49.

VMware, Inc.

47

Administration Guide

MakethenecessarychangesintheActiveprobeconfigurationscreenundertheManage>Systemmenu oftheADMconsoletoreflectthenewcollectorappliance.TheVMwarevCenterApplicationDiscovery ManagerUsersGuide.

Distributed Solution with Remote Database

Thesestepsapplytodistributedsolutionswitharemotedatabase.Performthefollowingstepsonall appliancesinthefollowingorder:Collectors,WinApe,database,Aggregator.

Collectors
RepeatthefollowingstepsforeachCollectorappliance: 1 2 LogintotheCollectorvirtualappliance. RestorethecustomdiscoveryandconfigurationfilesasdescribedinRestoringtheCustomDiscovery andConfigurationFilesonpage 37.

WinApe
RepeatthefollowingstepsforeachWindowsappliance: 1 2 3 LogintotheWinApeappliance. BackuptheWinApemigrationfilesasdescribedinBackingUpWinApeMigrationFilesonpage 46. RestoretheWinApemigrationfilesasdescribedinRestoringWinApeMigrationFilesonpage 47

Database
1 2 Logintothedatabasevirtualappliance. RestoretheADMdatabaseasdescribedinRestoringanADMEnvironmentbyUsingaProductSupport Packageonpage 36.

Aggregator
1 2 LogintotheAggregatorvirtualappliance. MakethenecessarychangesintheActiveprobeconfigurationscreenundertheManage>Systemmenu oftheADMconsoletoreflectthenewcollectorappliance.TheVMwarevCenterApplicationDiscovery ManagerUsersGuide.

Post-Migration Steps
BeforeyoulogintotheADMconsole: Clearthecacheofyourbrowsertopreventthepossibleappearanceofincorrectinformationinthedisplays, applicationerrors,andothererrormessageswhenopeningtheADM. NOTEADMdefaultgroupsdoesnotgetrefreshedduringtheupgrade.TheManagementchapterofthe VMwarevCenterApplicationDiscoveryManagerUsersGuideprovidesmoreinformationongroups administration. YoucannowbeginusingtheADM.

48

VMware, Inc.

Troubleshooting ADM

ThischapterprovidesinstructionsontroubleshootingoftheADM.Topicsinclude: TroubleshootingtheADMbyUsingtheProductSupportPackageonpage 49 DetailDiscoveryTroubleshootingonpage 49

Troubleshooting the ADM by Using the Product Support Package

Ifyourequire,usetheADMproductsupportpackagefortroubleshooting: 1 2 CreateanADMproductsupportpackageasdescribedinProductSupportPackagesonpage 34. ContactyourVMwareCustomerSupportrepresentativeandprovidethemwiththeproductsupport packagethatyougeneratedinStep 1.

Detail Discovery Troubleshooting

Thissectiondescribesutilitiesandprogramsthathelpwithtroubleshooting.

WMI
WMIDetailDiscoveryrequiresspecificpermissionsandconfigurationonthetargethost.Microsoftincludes atestingtool,calledWBemTest,oneverycomputerthathasWMIinstalled.Thistooltestsforthesame permissionandconfigurationsthatADMrequires.Forexample,ifanaccessdeniedfailureoccurswhile connectingtothetargethost,theWbemTesttoolraisesasimilarerrorindicatingaproblemwiththetargethost configuration. Troubleshooting is performed in the following order 1 CheckpermissionsandconfigurationusingtheWBemTesttool.Moreinformationisavailableonthe MicrosoftWebsite: http://technet.microsoft.com/enus/library/cc785775.aspx 2 CheckADMDiscoveryusingtheutilitiesdescribedinthefollowingsections.

single.sh
Thesingle.shutilityisastandalonecommandlineutilitythatrunsDetailDiscoveryonaspecifichost.The single.shutilitycreatesasupportpackagethatcontainstheDetailDiscoveryresultsandmoreuseful information.VMwareCustomerSupportcanusethissupportpackagetoanalyzetheproblemsoffsite. NOTEThissectionreferstosupportpackagesusedspecificallyforDetailDiscoverytroubleshooting.Other supportpackagesareusedforbackingup,restoring,upgrading,andtroubleshootingoftheADMapplication andaredescribedinChapter 10.

VMware, Inc.

49

Administration Guide

Thisutilityisusefulfortestingthecommunicationparametersforconnectingtoahost(forexample,theuser andpassword),andtofindouttheretrievablepropertiesfromahostwithouthavingtogothroughtheprocess ofdefiningaDetailDiscoverypolicyintheADMConsole.

Location
/home/nlayers/Seneca/ActiveProbe/bin/single.sh

Usage
single.sh [-A Attribute Artifacts] [-a address] [--AddExU Additional Unix Exclude Directories] [--AddExW Additional Windows Exclude Directories] [--AddIncU Additional Unix Search Scope] [--AddIncW Additional Windows Search Scope] [-c host] [-d port] [-D Configuration Items] [-e Management IP] [--ExU Unix Exclude Directories] [--ExW Windows Exclude Directories] [-G CI Groups] [-h] [-i] [--IncU Unix Search Scope] [--IncW Windows Search Scope] [-j classpath] [-l] [-M maxdepth] [-n path] [-p ports] [-P Access profile] [-r filename] [-t timeout] [-T Discovery result translator class] [-v] [-w]

Table 81listsanddescribesparametersforthesingle.shutility.

Table 8-1. single.sh Parameters

Parameter -A,--planArtifacts Attribute Artifacts -a, -address address -AddExU Additional UNIX Exclude Description Attributeartifactstodiscover. Address(es)ofthediscoverytarget.Usecommasasseparators. AdditionalExcludedirectoriesfromsearchintheUNIXfile system. AdditionalExcludedirectoriesfromsearchintheWindowsfile system. AdditionalScopeforsearchintheUNIXfilesystem. AdditionalScopeforsearchintheWindowsfilesystem. SpecifiestheCollectorthatrunstheactualdiscovery. StartJVMwithenabledremotedebuggingonthespecifiedport andwaitforENTERkeybeforecontinuing. Configurationitemstodiscover. SpecifiesthemanagementIPtouseifanaccessprofileisreadfrom themanagement(usingthe-Poption). ExcludedirectoriesfromsearchinUNIXfilesystem. ExcludedirectoriesfromsearchinWindowsfilesystem. ConfigurationItemgroupstodiscover. Briefhelpmessage. Interactivemodethatallowsyoutotypeprotocolspecific commands. ScopeforsearchinUNIXfilesystem. ScopeforsearchinWindowsfilesystem. Addsadditionalpathtotheclasspath.Thisadditionalpathwill havethehighestpriority. Printsinformationaboutavailableartifactsandartifactgroups. Maximumdepthforsearchinfilesystem. Specifiesthepathprefixoftheoutputfile(forexample, /tmp/). Note:Thedirectorypathmustendwithabackslash(/).Ifthis optionisnotused,apredefinedfilenameisused,andthefileis createdinthecurrentworkingdirectory.

Directories
-AddExW Additional Windows Exclude

Directories
-AddIncU Additional UNIX Search Scope -AddIncW Additional Windows Search Scope -c, -Collector host -d, -debug port -D, -planCis Configuration Items -e, -management Management IP -ExU UNIX Exclude Directories -ExW Windows Exclude Directories -G, -planCiGroups CI Groups -h, -help -i, -interactive -IncU UNIX Search Scope -IncW Windows Search Scope -j, -classpath classpath -l, planhelp -M, -maxdepth maxdepth -n, -outputPrefix path

50

VMware, Inc.

Chapter 8 Troubleshooting ADM

Table 8-1. single.sh Parameters (Continued)

Parameter -p, -ports port Description Oneormoreportstousewhenconnectingtothetargethost(for scanningaswell).Usecommasasseparators.Theseportsapplies eveniftheconnectiondetailsarefetchedfromthemanagement. Discoveryparametersorpolicy/accessprofilenametofetchfrom themanagement. Readfromaplaybackorsnmpdumpfileinsteadofgoingouttothe network. Connecttimeouttousewhenconnectingtothetargethost.If connectiondetailsarefetchedfromthemanagement,theywill overridethisparameter. Specifythediscoveryresulttranslatorclass.Predefinedtranslators areavailablethroughtheiraliases,forexample:

-P, -accessProfile Access profile -r, -read filename -t, -timeout timeout

-T, -translator Discovery result

translator class

class com.nlayers.seneca.ap.mediation.DoNothingDiscoveryResult Translatoradm class com.nlayers.seneca.ap.mediation.cim.AdmToCimXmlDiscove ryResultTranslatorcimxml class com.nlayers.seneca.ap.mediation.cim.AdmToCimDiscoveryR esultTranslatorcimareavailable

Valuesinbracketsarealiases -v, verbosehelp -w, -wait Printverbosehelp. Slowsdownplaybacktobethesamedurationastheoriginal execution.

Examples:
To probe target IP 1.2.3.4 on UNIX using protocol SSH
./single.sh -P \"ssh:username=root,password=54321\" -a 1.2.3.4 ./single.sh -P \"ssh:username=root\" -a 1.2.3.4

(Apasswordwillberequestedbytheapplicationinteractivelywithoutechoing.) To probe target IP 1.2.3.4 on UNIX using protocol TELNET

./single.sh -P \"telnet:username=root,password=54321\" -a 1.2.3.4

To probe target IP 1.2.3.4 on UNIX using protocol SNMP

./single.sh -P \"snmp:communityString=public\" -a 1.2.3.4

To probe target IP 1.2.3.4 on Windows using protocol WMI

single.bat -P \"wmi:domain=il.nlayers.com,username=administrator,password=54321\" -a 1.2.3.4

(defaultlocatorcredentialswillbeusedfrompropertiesfile) To probe target IP 1.2.3.4 using protocol VI-SDK

./single.sh -P \"visdk:username=administrator,password=54321\" -a 1.2.3.4

Createdebugpackage:
single.sh -a address -P Access profile

Readfromplaybackfile:
single.sh -r filename

Accessprofilecanhaveoneofthefollowingformats:

VMware, Inc.

51

Administration Guide

NameofaDetailDiscoverypolicy.InthiscasethenecessaryinformationisreadfromaDetailDiscovery policydefinedintheuserconsole. Fulldefinitionoftheneededdiscoverydetailsinaprotocolspecificformat:

protocol-name:prop1=value1,prop2=value2,...

Thefollowingprotocolnamesaresupported:SSH,Telnet,SNMP,VISDKandWMI. Inaddition,allprotocolssupportsthetimeoutparameterwithadefaultvalueof20000milliseconds.Theports parameterissupportedforallprotocolsexceptWMIandVISDK,withdefaultportsof22forSSH,23for Telnet,and161forSNMP. Notethefollowing:

Escapeddoublequotessurroundtheprotocolinformationthesemustbeused. Unknownargumentsareignored. Omittedpasswordfieldsarerequestedbytheapplicationinteractivelywithoutechoing.

Defaultsearchscopefordifferentplatforms:

Windows:

Include:[/Program Files] Exclude: [/Documents and Settings, /WINDOWS]

UNIX:

Include:
[/bin, /sbin, /usr/bin, /usr/sbin, /usr/local, /usr/local/bin, /usr/local/sbin, /usr, /opt]

Exclude:
[/boot, /dev, /devices, /proc, /unix, /kernel, /platform, /cdrom, /CDROM, /sd_cdrom, /SD_CDROM, /Mail, /mail, /nsmail, /vol, /lost+found, /media, /tmp, /mnt, /jumpstart, /pcfs, /sys, /usr/kvm/sys, /stand, /var/news, /var/log, /var/run, /var/lock, /var/www, /var/cache, /var/tmp, /etc/gconf]

snmpdump
ThesnmpwalkprogramisbundledwithLinux,whichrunsSNMPonagivenIPaddressandcreatesatextual dumpofthewholetreeofresults.ThisprogramisoftenusedwhileextendinganddebuggingtheSNMP portionoftheDetailDiscoveryknowledgebase. AnewDetailDiscoveryfeatureallowsVMwareCustomerSupporttorecordacompletesnapshotoftheSNMP responsesofanetworkhost,usingsnmpwalk.YoucanusetheresultingdumpfiletofixSNMPDetail DiscoveryproblemsencounteredbyVMwareCustomerSupport. Astandardizedscriptcalledsnmpdump.shisnowsuppliedwithADMtocreatethissnmpwalkdumpfile.

Location
/home/nlayers/Seneca/ActiveProbe/bin/snmpdump.sh

Usage
Runningsnmpdump.shonthecommandlineyieldsthefollowingusageinformation:
./snmpdump.sh host_ip output_file

ThefirstparameteristhehostIPtoquery. Thesecondparameteristhenameofthefileinwhichtosavetheresults.

52

VMware, Inc.

Chapter 8 Troubleshooting ADM

Examples
CreateansnmpwalkdumpforIP1.2.3.4andsavetheresultsintofilesnmpdump.1.2.3.4.txt:
./snmpdump.sh 1.2.3.4 snmpdump.1.2.3.4.txt

nlcapture
Youcanusethenlcaptureutilityinplaceoftcpdumptocapturenetworkactivity.Thisutilitysupportsthe samedefaultparametersastcpdump,butsetsthesnaplentobelargeenoughsoastonottruncatepackets. Inaddition,thisutilityprovidesaparameternotsupportedbytcpdump:R,whichfilterspacketsbasedon theirprotocol(forexample,HTTP)orbasedonprotocolspecificattributes. Similartotcpdump,youcanusenlcapturetofilteranexistingcapturefileandtransformittoanew,filtered file.Seeusagebelow.

Location
/home/nlayers/Seneca/tools/nlcapture.pl

Usage
Runningnlcaptureonthecommandlineyields:
nlcapture.pl tcpdump options [-R ethereal display filter string]

Forexample: Tolistenoneth1andcaptureallHTTPandICMPpacketsintothefilebla.dump:
nlcapture.pl -i eth1 -R "http||icmp" -w myoutput.dump

Asexplainedearlier,nlcapturesupportsallcommontcpdumpparameterssuchasi.Additionally,it supportsthe-Rparametertofilteronthenetworkprotocoloraccordingtothevalueofspecificprotocolfields. Protocolnamesarewritteninlowercase.ThefollowingURLprovidesdetailsonthefiltersthatyoucanuse: http://www.ethereal.com/docs/manpages/etherealfilter.4.html Thefiltersofnlcaptureutilityaredifferentfromthetcpdumpfilters.Theyareeasiertouseandunderstand.

VMware, Inc.

53

Administration Guide

54

VMware, Inc.

Uninstalling ADM

ThischapterprovidesinformationforuninstallingtheADMapplianceandincludesUninstallingtheADM Applianceonpage 55.

Uninstalling the ADM Appliance

TouninstalltheADMappliance,followtheprocedureofyourorganizationforremovingavirtualmachine.

VMware, Inc.

55

Administration Guide

56

VMware, Inc.

Time Zones

A
Asia/Tel_Aviv Etc/Greenwich Asia/Tel_Aviv Asia/Istanbul Asia/Makassar Asia/Macau Asia/Macao Asia/Jerusalem Asia/Hong_Kong Asia/Dhaka Asia/Dacca Asia/Chungking Asia/Chongqing Asia/Ashkhabad Asia/Ashgabat Atlantic/Cape_Verde Atlantic/Azores Atlantic/Bermuda Atlantic/Canary Atlantic/South_Georgia Atlantic/Faeroe Atlantic/Madeira Atlantic/St_Helena Atlantic/Stanley Atlantic/Reykjavik Atlantic/Jan_Mayen Australia/Lindeman Australia/West Australia/LHI Australia/Perth Etc/GMTIndian/Reunion Etc/GMT Europe/Amsterdam Europe/Andorra Europe/Athens Europe/Belfast Europe/Berlin Europe/Brussels Europe/Bucharest Europe/Budapest Europe/Copenhagen Europe/Gibraltar Europe/Helsinki Europe/Kaliningrad Europe/Kiev Europe/Luxembourg Europe/Madrid Europe/Malta Europe/Minsk Europe/Monaco Europe/Paris Europe/Riga Europe/Samara Europe/Simferopol Europe/Sofia Europe/Stockholm Europe/Tallinn Europe/Tirane Europe/Uzhgorod Mexico/BajaNorte US/Aleutian Mexico/BajaNorte Mexico/General Mexico/BajaSur Mideast/Riyadh89 Mideast/Riyadh88 Mideast/Riyadh87 Pacific/Enderbury Pacific/Apia Pacific/Efate Pacific/Funafuti Pacific/Fakaofo Pacific/Fiji Pacific/Port_Moresby Pacific/Galapagos Pacific/Guadalcanal Pacific/Guam Pacific/Johnston Pacific/Kiritimati Pacific/Kosrae Pacific/Majuro Pacific/Marquesas Pacific/Midway Pacific/Nauru Pacific/Niue Pacific/Norfolk Pacific/Noumea Pacific/Palau Pacific/Ponape

ThisappendixlistsADMtimezonesasshowninTable A1. Table A-1. Time Zones for ADM

Asia/BakuAsia/Nicosia Asia/Baku Asia/Bangkok Asia/Beirut Asia/Bishkek Asia/Brunei Asia/Kuala_Lumpur Asia/Choibalsan Asia/Colombo Asia/Damascus Asia/Dili Asia/Dubai Asia/Dushanbe Asia/Gaza Asia/Harbin Asia/Hovd Asia/Irkutsk Asia/Jakarta Asia/Jayapura Asia/Kabul Asia/Kamchatka Asia/Karachi Asia/Kashgar Asia/Katmandu Asia/Krasnoyarsk Asia/Novosibirsk Asia/Kuching Asia/Kuwait Asia/Magadan

VMware, Inc.

57

Administration Guide

Table A-1. Time Zones for ADM (Continued)

Asia/Manila Asia/Muscat Asia/Phnom_Penh Asia/Omsk Asia/Oral Asia/Yekaterinburg Asia/Pontianak Asia/Pyongyang Asia/Qatar Asia/Qyzylorda Asia/Rangoon Asia/Riyadh Asia/Saigon Asia/Sakhalin Asia/Samarkand Asia/Tashkent Asia/Tbilisi Asia/Urumqi Asia/Vientiane Asia/Vladivostok Asia/Yakutsk Asia/Ulaanbaatar Asia/Yerevan Asia/Ujung_Pandang Asia/Ulan_Bator Asia/Tokyo Asia/Thimphu Asia/Thimbu Asia/Tehran Asia/Taipei Asia/Singapore Asia/Shanghai Asia/Seoul Asia/Riyadh89 Asia/Riyadh88 Asia/Riyadh87 Asia/Nicosia Australia/Victoria Australia/ACT Australia/Melbourne Australia/Lord_Howe Australia/Tasmania Australia/Hobart Australia/North Australia/Darwin Australia/Yancowinna Australia/Broken_Hill Australia/Queensland Australia/Brisbane Australia/South Australia/NSW Australia/Adelaide Australia/Canberra Australia/Sydney Brazil/DeNoronha Brazil/East Brazil/Acre Brazil/West Canada/Newfoundland Canada/Central Canada/Yukon Canada/Pacific Canada/Saskatchewan Canada/Atlantic Canada/Eastern Canada/Mountain Chile/EasterIsland Chile/Continental Etc/Universal Etc/Zulu Etc/UCT Etc/UTC Etc/GMT0 Etc/Greenwich Europe/Vaduz Europe/Vienna Europe/Vilnius Europe/Zaporozhye Europe/Zurich Europe/Warsaw Europe/San_Marino Europe/Vatican Europe/Moscow Europe/Rome Europe/London Europe/Lisbon Europe/Tiraspol Europe/Oslo Europe/Chisinau Europe/Prague Europe/Bratislava Europe/Ljubljana Europe/Sarajevo Europe/Skopje Europe/Zagreb Europe/Dublin Europe/Nicosia Europe/Belgrade Europe/Istanbul Europe/Mariehamn Indian/Antananarivo Indian/Chagos Indian/Christmas Indian/Cocos Indian/Comoro Indian/Kerguelen Indian/Mahe Indian/Maldives Indian/Mauritius Indian/Mayotte Indian/Reunion Pacific/Samoa Pacific/Rarotonga Pacific/Saipan Pacific/Tahiti Pacific/Tarawa Pacific/Tongatapu Pacific/Truk Pacific/Wake Pacific/Wallis Pacific/Yap Pacific/Pitcairn Pacific/Auckland Pacific/Pago_Pago Pacific/Gambier Pacific/Chatham Pacific/Kwajalein Pacific/Honolulu Pacific/Easter US/Samoa US/Hawaii US/Arizona US/Eastern US/Pacific US/Michigan US/Mountain US/Central US/Alaska US/Aleutian

58

VMware, Inc.

ADM API Tutorial

ThisappendixdescribestheADMAPIandexplainshowtoaccessanduseit.Topicsinclude:

APIFeaturesonpage 59 WebServicesAPIonpage 61

API Features
TheAPIofADMallowsclientstoqueryitsdatabaseandexportpartsofitbymeansofawebservicesAPI. Thefollowingcasesareexplainedinthefollowingsections:

WritingthesystemstatusintoanXMLoutputfile;Insight_controlonpage 59. SynchronizationofCMDBapplicationswithdataofADM;AsynchAPIonpage 60. PopulationofthirdpartyapplicationswithdataofADM. DumpingofentiredatabasetablesanduploadingtoanFTPserver;DumpAPIonpage 60. Accesstofiltereddatabybulk(paginated);BulkAPIonpage 61.

YoucandividetheAPIintothreesections,wheretwoarededicatedtoqueryingtheADM(DumpandBulk), andthethirdisinchargeoftrackingthosequeries(Asynch).

Insight_control
TheInsight_controlutilitywritesthesystemstatusintoanXMLoutputfile. To run Insight_control utility 1 2 Logintotheapplianceasuserroot. Changethedirectorybytyping:
cd /home/nlayers/Seneca/management/APIs

Typethefollowingcommandtogenerateasystemstatusoutputfile:
./InSight_control.sh systemstatus --get --output /tmp/systemstatus

NOTEYoucansubstituteadifferentfileandpathfor /tmp/systemstatus. Service Status Servicestatuscanbe:

RunningTheserviceisrunning. DisabledTheADMintentionallystopstheservice. NotRunning(PurposelyStopped)Theservicewasstoppedintentionally,forexample,aservicewas manuallystoppedbytheadm_control.pl --stopcommand.

59

VMware, Inc.

Administration Guide

Sample Status Output

<SystemStatus> <version>6.1.0-6013</version> <uptime> 09:20:15 up 7 days, 18 min, 1 user, load average: 1.36, 2.17, 1.71</uptime> <engine>Running</engine> <listener>Not Running (Purposely Stopped)</listener> <active_probe>Not Running (Purposely Stopped)</active_probe> <oracle>Running</oracle> <apache>Running</apache> <watchdog>Running</watchdog> </SystemStatus>

Asynch API
OperationsinADMsAPIareasynchronous.Theclienthastotracktheprogress(orlackthereof)ofthistask andretrieveitsresults. NOTETheoperationswithinthecontextofthewebserviceclientaresynchronic,thatis,thecallingofthe functionthatdoestheactualdeliveryofthequeryissynchronic,andtheclientblocksuntilthatoperationis completed. TasksareuniquelyidentifiedbyaUniversalUniqueIdentifier,whosestringrepresentationisreturnedupon ataskcreation.Futurereferencestoataskmustbedoneusingthissamestring. Taskshavepredefinedparametersregardingtheirlifespanineverystate,forexample,afinishedtaskwaits inthesystemfor24hoursbeforeitsresourcesarerecalledandthetaskisdeleted.Ataskcanhaveanyofthe followingstates,whichyoucanretrievebyusinggetTaskState(Stringid):

PENDINGThetaskiscreatedandinitializedandiswaitingtobeexecutedbyADM. RUNNINGAgetTaskProgress()returnsanIntegerbetween0and100. CANCELLEDSystemcancancelataskifittakestoolongtoexecute. RUNNINGThetaskisbeingexecuted.YoucantracktheprocessbycallinggetTaskProgress(Stringid ).Ataskcanbeinthisstateforalimitedamountoftime;systemcancelsalltheoffendingtasks. FINISHEDThetaskhasfinishedrunningsuccessfully,anditsproduceisreadyandwaitingtobe collectedbytheclient. ERROR/CANCELThetaskhaseitherfailedorbeencanceled(usingcancelTask(Stringid)).

Dump API
TheDumpAPIprovidesyouwiththepossibilityofdumpingthecompletecontentsofatable(orsmallsetof tables)thatcorrespondstoagivenentity(HOSTS,SERVICES,CONNECTIONS,andsoon.).InthisAPI, flexibilityhasbeentradedforspeed,anditisintendedforthosecaseswhereanapplicationintendstomirror ADMsdata,andperiodicallysynchronizewithit. TheDumpAPIworksasfollows: 1 2 3 4 5 Selectthetypeofentitiesthatitneedsandadiscoverydate(optional)forthoseentities. Calldump()withthoseparameters,andobtainthetaskUUIDinastringform. TracktheprogressofthetaskusingtheAsynchAPI(getTaskState()andgetTaskProgress()). RepeatStep 3untilthetaskreachestheFINISHEDorERRORstate. IfthetaskisintheFINISHEDstate,thenthefilescontainingthedumpeddatabasetablesarereadyand waitingtobecollected(eitherusingSSHorintheFTPserverifsupplied).Thefilesarestoredina subdirectorywhosenameisidenticaltothetaskID.

60

VMware, Inc.

Appendix B ADM API Tutorial

Bulk API
TheBulkAPIprovidesyouwiththepossibilityofqueryingtheADMwithmoresophisticatedfilters,and browsingtheresultsetbymeansofpagination.Theresultsaredeliveredinsubsets(pages)ofapredefined sizeandformattedinXMLCIM.ThisAPIisintendedforthosecaseswhereanapplicationintendstobrowse onfinelyfilteredsegmentoftheADMsdata. The Bulk API works as follows 1 2 3 4 Createthefilterobjectandselectthelevelofgranularityoftheresults. Callquery( )withthefilterobjectandobtainthetaskUUIDinstringform. AfterthetaskisFINISHED,youcanretrievethemaximumamountofpagesavailableinthisresultsetby callinggetPageAmount( ). Atthismoment,thereisaniteratorinADMthatyoucancontrolbythefollowingcalls,andtheresults retrievedfromthem: a b 5 hasNextPage( ) getNextPage()

Afterfinishingretrievalofallthedatawiththespecificquery,youmustcallcloseQuery() toreleaseall resourcesassociatedwiththisquery.

Web Services API

ThepreferredmethodtoaccessADMsAPIisthroughthewebservicesAPI,whichprovidesfora standardizedwayofcommunicationandhighinteroperability.ThisAPIisnotlockedinagivenprogramming language. ADMoffersadescriptionoftheAPIinamachinereadabledocumentformattedinWebServicesDescription Language(WSDL).Withthisdocument,automatedtoolsavailableforthepopularprogramminglanguages cancreatethelowlevelcodenecessarytoaccesstransparentlythefunctionalityprovidedbytheADM.

VMware, Inc.

61

Administration Guide

62

VMware, Inc.

Index

A
active_probe service 33 ADM architecture solutions 9 required time zones 57 restore 36 services 33 ADM API 59 adm_control.pl script 34 Apache service 33 Asynch API 60

U
upgrading ADM 34

V
virtual appliance 11 VNC service 33

W
Watchdog service 33 Web services API 61

B
Bulk API 61

C
converting components into a remote database 38

D
Dump API 60

E
Engine service 33

I
installation backup 35

L
Listener service 33

M
managing services 34

O
Oracle service 33

P
performing an installation backup 35

R
restore 36 ADM database 36

S
services 33

T
time zones 57
VMware, Inc. 63

Administration Guide

64

VMware, Inc.