VMware vRealize Operations

Main article: Virtualization. Classification and applications

2021

VMware vRealize Operations 8.6

On October 27, 2021, Positive Technologies announced an updated version of the solution for integrated management and monitoring of virtual infrastructure in various aspects of VMware vRealize Operations 8.6.

According to the company, in vRealize Operations 8.6 already available:

• The integration between vRealize Operations and vRealize Automation is optimized. Now vROPs can manage multi-cloud installations of vRealize Automation in the AWS, Azure and Google Cloud infrastructure. If a user uses vRA to deploy AWS, GCP, or Azure infrastructure, the vROPs can monitor the performance, status, and loads of this process. There is also the possibility of viewing the cost of vRA objects for an unlimited installation of vSphere and public cloud infrastructure.

• Optimized integration with public clouds. Now, for all AWS services, integrations have appeared that include support for casual metrics. Summary pages for AWS also appeared, which allows you to view business-critical information about services in one consolidated view. In addition, support for Azure and Google Cloud Platform services has improved, relationships between objects have been refined, and a native Management Pack for Google Cloud Platform has appeared.

• Bi-directional integration between vRealize Operations and. CloudHealth Previously, vRealize Operations Management Pack for CloudHealth made it possible data to transfer CloudHealth to vRealize Operations. As part of this version, vROPs released the second version of this package, which now transfers SDDC or VMware Cloud data from vRealize Operations to CloudHealth, creating bidirectional communication. This integration is available in both onpremise and - SaaS installation.
• Updated Management Packs for vROPs users. Now all management packs that are part of vRealize True Visibility Suite for physical servers and storage will also be available to vRealize Operations users.
• Advanced support for more than 200 applications in an unlimited installation. With the Open Source agent Telegraf Agent, you can now obtain data from more than 200 applications, which allows you to centrally monitor and solve problems for the application infrastructure of large enterprises.
• Revised navigation and interface modifications. Now the consolidated interface contains more intuitive navigation, including features such as dashboard favorites, the admin panel, and support for regular expressions in casual groups.
• Onboarding through built-in manuals. The vRealize Operations Cloud product now has built-in In-app Guides, which allows you to learn more quickly about various features and tasks, such as joining the infrastructure vSphere to cloud to VMware Cloud, configuring alerts and notifications, and creating dashboards.
• Custom email templates. email You can now customize your own email templates for alert notifications to get only the information you need at a specific time. This allows teams to focus faster on the solution^[1]

Fix Server-Side Query Spoofing Vulnerability

On April 6, 2021, Positive Technologies announced that its expert Yegor Dimitrenko identified two vulnerabilities in VMware vRealize Operations (vROps). This solution is designed to monitor, optimize, and troubleshoot virtual infrastructure performance.

A more dangerous vulnerability was discovered API in vROps. An error with ID CVE-2021-21975 and a rating of 8.6 on the CVSS v3 scale is of the SSRF vulnerability type, that is, it allows you to fake requests on the side. servers With it, any unauthorized attacker can steal data administrator accounts and access the application with maximum privileges, which allows you to change the configuration of the application and intercept any data in it.

The main risk is that administrator privileges allow you to take advantage of the second vulnerability - CVE-2021-21983 (download arbitrary file write, rating 7.2), and this will allow you to execute any commands on the server, "explains Yegor Dimitrenko. - As a result, combining two security flaws increases the danger of the situation, as it actually allows an unauthorized attacker to seize control of the server and begin further advancement in the company's infrastructure. The combination of these two vulnerabilities in terms of threat level is comparable to the CVE-2021-21972 error in VMware vCenter that we discovered earlier.

Among the causes of vulnerabilities such as CVE-2021-21975, the researcher calls the desire of developers to solve their tasks in the most convenient ways that are not always effective in terms of security. And the cause of the CVE-2021-21983 vulnerability is often insufficient filtering of input data coming from the user.

Applications of this type, such as vROps, are usually located on the internal network, but due to incorrect configuration (or in the case when you need to solve some specific tasks) they can often be found on the perimeter. For example, the number of VMware devices accessible from the Internet and containing the CVE-2021-21972 vulnerability vCenter at the time of its discovery in late February 2021 worldwide exceeded 6 thousand.

To resolve vulnerabilities, follow the guidelines provided in VMware's official notification. If it is impossible to install an update, there is a way to detect signs of penetration: this is the use of a SIEM class system that allows you to detect suspicious behavior on the server, register an incident and timely stop the promotion of attackers within the corporate network.

Mware vRealize Operations 8.3

On February 23, 2021, VMware introduced the updated product of the vRealize family - VMware vRealize Operations 8.3 (vROPs).

According to the company, in the update vROPs 8.3 appeared:

Cloud Management Assessment (COA). This function is a logical continuation of the Optimization Assessment (VOA) vSphere in vRealize Operations. COA now allows you to extend these capabilities beyond the vSphere for the following tasks:

• Preparing to migrate to VMware Cloud on AWS
• Managing VMware Cloud on AWS
• Preparing to migrate to VMware Cloud Foundation
• Managing VMware Cloud on Foundation
• Using vRealize Cloud Universal
• Public Cloud Management (AWS, Azure, etc.)
• Horizon Solution Management

To run this utility, click "+ View More" on page QuickStart and select VMware vRealize Cloud Management Assessment:

Next, select the desired subcategory:

Dashboards present cloud infrastructure in different sections and provide a lot of useful information with explanations:

Pathfinder function. Pathfinder is a collection of VMware training materials that are presented in the form of convenient 10-15 minute blocks (more than 100 pieces).

Also, the Pathfinder engine is directly integrated into the CMA:

Support for FIPS 140-2. Operations 8.3 contains cryptographic modules that have been tested by the NIST FIPS 140-2 Cryptographic Module Validation Program (CMVP). This mode (FIPS-mode) can be selected only during installation, during operation it will not be possible to change it to normal.

Metrics with a polling cycle of 20 seconds. By default, vROPs metrics are collected once every 5 minutes, due to the balance between the array of stored and analyzed data and the granularity with which the administrator receives information.

Now the data is collected once every 20 seconds, and in history the average data is stored once every 5 minutes, but obtained from averaging these 20-second values.

Sometimes it happens that averaging does not yield results, since it smooths out peak bursts that would be nice to see in real time. For this purpose, there is a near real-time metric collection mechanism that allows you to store accurate data over the past three days:

There is also a 20-second peak metrics mechanism that will show peak values ​ ​ for the necessary metrics in 20-second intervals:

VMware Cloud on AWS features. Now there are trees for the inventory of SDDC instances, which is implemented in the VMC World object. These objects unify vCenter, vSAN, and NSX-T in the context of VMC Organizations and SDDC entities.

The VMC Configuration Maximums dashboard allows you to monitor the approach to hard and soft infrastructure limits. For this, there is color coding and alerts:

Updated alerts on this topic are already 23 pieces:

You can also create a VMC Configuration Maximum Report:

Current limits are obtained through the VMC API, but not all. You can also adjust them in the Administration/Configuration/Configuration Files/ SolutionConfig/vmc_config_limits section.

vRealize Operations Cloud features. Since the last release, the data center in Frankfurt has become available:

vRealize The Operations Cloud is now certified according to SOUND2, SOUND3 and ISO 27001/17/18 standards.

The dashboard vRealize Operations Billing Usage also appeared, which shows the objects for which metrics are collected in the infrastructure:

2020: Announcements vRealize Operations 8.1

On March 17, 2020, the company VMware announced the imminent release of vRealize Operations 8.1, a management and monitoring solution. virtual infrastructures

Operations with integrated vSphere and Kubernetes infrastructure

According to the developer, vRealize Operations 8.1 allows you to discover and monitor Kubernetes clusters within a vSphere-integrated infrastructure with the ability to auto-add Supervisor Cluster objects, Namespace, Nodes (PODs), and Tanzu Kubernetes clusters as soon as the user adds them to the ad vCenter using Worklets functions.

The Summary pages will then be available to monitor the performance, capacity, resource utilization, and configuration of Kubernetes on vSphere 7.0. For example, Capacity forecasting will show infrastructure bottlenecks at the site level, and dashboards, reports, views, and alerts will be useful for daily operations.

VMware Cloud on AWS Infrastructure Operations

cloud VMware Cloud In on AWS , you can use the VMware Cloud Service Portal token to autodiscover data centers SDDC and configure monitoring tools in a few simple steps. It will also be possible to use one account to manage several SDDC objects on the VMware Cloud on AWS platform, including vCenter services, and, vSAN NSX as well as be complete integration billing with VMConAWS, emphasized in VMware.

As noted in VMware, the following dashboards can be used in the cloud:

• Track resource utilization and performance of virtual machines, including NSX Edge, Controller, and vCenter Server services.
• Monitor key resources, including CPU, memory, disk, and network for all infrastructure and virtual machines.
• Track trends in resource consumption and predict metrics such as Time Remaining, Capacity Remaining, and Virtual Machines Remaining.
• Find virtual machines that consume an unreasonable amount of resources and require reconfiguration based on historical data.

In addition, VMware NSX-T services will fully support visualization and monitoring:

Release vROPs 8.1 fully integrates VMware Cloud on AWS cost tracking functionality with vRealize Operations in the portal interface. This will allow you to monitor already made and deferred costs, as well as detail them by subscriptions, consumption and payment dates, according to VMware.

The AWS migration assessment survey mechanism has also been updated, which allows you to save several results from different scenarios for further analysis. These scenarios include various options for Reserved CPU, Reserved Memory, Fault Tolerance, Raid Level, and Discounts.

Unified Multicloud monitoring

In the announced version, monitoring tools provide even more advanced features, such as support for Google Cloud Platform, improved AWS support, and the Cloud Health Management pack.

As of March 2020, vROPS 8.1 has the following GCP services:

• Compute Engine Instance
• Storage Bucket
• Cloud VPN
• Big Query
• Kubernetes Engine

The AWS Management Pack supports the following AWS Objects:

• EFS
• Elastic Beanstalk
• Direct Connect Gateway
• Target Group
• Transit Gateway
• Internet Gateway
• Elastic Network Interface (ENI)
• EKS Cluster

The CloudHealth Management Pack has also been improved, it includes the ability to transfer the outlook and pricing data of GCP to vRealize Operations 8.1. You can also create any number of castic dashboards by combining prices for different resource ratios, public hybrid or. private clouds

vRealize Operations 8.1 is expected to be released in April 2020.^[2]

2019

VMware vRealize Operations 8.0

On November 14, 2019, it became known that the company VMware released a product release for managing and monitoring virtual infrastructures VMware vRealize Operations 8.0.

Updated initial onboarding of new users

According to the developer, VMware vRealize Operations 8.0. this workflow looks simpler:

Shared Cloud Account

Once created Cloud Account, you can use vRealize Automation and vRealize Operations. When creating an account, you will need to select vCenter, AWS, or Azure accounts. VMware noted that for vROPs, the VMware vCloud on AWS infrastructure is just another vCenter.

Intelligent Remediation Features

This section introduces the capabilities of Troubling Workbench that allow you to use machine learning tools to find the sources of problems in your infrastructure. At the same time, any components, including the components of the management pack, can be objects in which problems are sought.

There are 3 sections:

• Events are the main events and metrics that reflect unusual behavior in the infrastructure within the selected time window.
• Properties - Important configuration changes that occurred in the selected window.
• Anomalous Metrics - anomalous deviations of metrics that occurred in the selected period.

Service Discovery

In the presented version of the solution, service discovery in virtual machines works native and includes 41 known services. They are discovered without agents, through VMware Tools in guest OS, emphasized in VMware.

According to the developer's statement, Service Discovery is convenient for automatically building Applications objects:

You can also use Service Discovery to list guest OS processes:

Or run a script inside it:

Application Monitoring

VMware vRealize Operations 8.0 supports 20 elements for application monitoring (including NTPD, Java, and Websphere). Photon OS and Ubuntu are also supported for OS monitoring .

If the user wants to extend monitoring to his application, you can create a casual script for this (it starts at a given timeout):

Intent-Driven Continuous Performance Optimization Engine

vROPs constructs include Cloud Zone, Organization, User, Project, Deployment, and Blueprints.

According to the developer, vRealize Operations can optimize workflows for Cloud Zones. Cloud Zones are created in vRealize Automation, and management pack creates a reflection of the Cloud Zone object in vRealize Operations. Once integrated, vRealize Operations will be responsible for operations and vRealize Automation will be responsible for meeting the business requirements defined for the Cloud Zone.

In total, there are 4 dashboards: environment, prices for projects and deployments, resource consumption and top systems for resource consumption.

Efficient capacity management

The presented version introduced Capacity Buffer, which is designed for users who plan to reserve resources in excess of the amount reserved using VMware HA. The metric "Usable Capacity after HA and Buffer" was added:

What If Dimension

Several "what if" analyses appeared, for example, scenarios for removing VMs and hosts from vSAN clusters (including policy accounting vSAN Storage Policies).

When modeling a cluster of vSAN, you can take into account the space under the swap, the FTT parameter, the failover method, and the expected deduplication ratio. The simulation is based on the vSAN sizer utility:

The Datacenter Comparison model also appeared to compare datacenter scenarios by cost:

Value of assets

In VMware vRealize Operations 8.0, you can set different pricing for the datacenter in the driver sections for Storage, License, Maintenance, Labor, Network, and Facilities. The Network section supports different costs for different controllers.

Cluster Base Rate is calculated as useful cluster capacity beyond HA and Buffer reserves:

There are 2 dashboards for managing costs. The first is Datacenter Cost Drivers, which allows you to fail into the cost structure at the level of each driver to understand its components.

The second is Showback, which allows you to understand the cost of virtual machines based on Custom Groups, Applications, Cloud Zones, Projects and other parameters.

Dashboards also show both the costs of the current virtual environment and what is in the process of deployment, taking into account the daily costs and the total cost of deployment:

Integrated Compliance Features

There was a support of monitoring of compliance of vSAN and NSX-T (including their work on the party oblakaVMware Cloud on AWS).

Platform Improvements

In VMware vRealize Operations 8.0, the vROPs solution can be extended to 2 fault domains using Continuous Availability and Witness. The vROPs infrastructure can survive various types of failures, up to the failure of the entire site.^[3]

VMware vRealize Operations 7.5 Announcement

On April 4, 2019, it became known that the company VMware announced the quick availability of VMware vRealize Operations 7.5, designed for integrated management and monitoring. virtual infrastructures

Performance Optimization Mechanics

According to the developer, the main improvement in performance optimization mechanics lies in the mechanism for optimizing the infrastructure of failover clusters. The storages vSAN vROPs engine offers optimizations based on knowledge of synchronization/resynchronization processes, free space monitoring, and existing storage policies.

After analyzing the vSAN clusters, the administrator can select a manual optimization mode, schedule it for a specific time, or start optimization in automatic mode and see which operations are performed in the background.

Data Center Capacity Management Mechanism

The data center capacity management engine returned to the allocation model instead of the demand model. The latter turned out to be effective only for small infrastructures, and planning large data centers ones is better done according to the nominal values ​ ​ of hardware requests, BM according to VMware.

For the administrator on the Capacity dashboard, the Allocation and Demand parameters are listed below:

In addition, you can define casual profiles for virtual machines to more accurately calculate capacities in different scenarios.

According to the developer, another useful feature of vROPs 7.5 is the ability to detect orphan VMDK disks that hang apart from virtual machines. From these drives, you can return the allocated space with zero blocks towards the disk array, which will give you some more free space.

Also in this category of figures, VMware noted a comprehensive and deep "what-if" to the analyst that allows you to plan, including, as hyperconvergent infrastructure well as migrate workloads to, and clouds AWS Azure others:

VMware especially noted the possibility of comparing the cost of maintaining an unlimited infrastructure in its own data center with, and cloud infrastructures Amazon Google others in the form of cards:

Intelligent Patch Features for Virtual Infrastructure Configurations

In this category, there is an important opportunity - monitoring operating systems and applications inside virtual machines. Which, according to the developer, provides many additional tools for studying the behavior and performance of the infrastructure by applications.

vROPs automatically detects applications in the virtual infrastructure and adds them to your console. Next, the administrator can decide whether to monitor them in the vROPs or whether to transfer them to the side of the Wavefront solution from VMware, sharpened for these tasks.

Both of these monitoring methods use Telegraf agents to collect metrics and report:

In vROPs 7.5, a view appeared - a widget of object relations. It shows the application's high-level relationship to data center components. As part of this view, you can understand whether the problem is with the application itself, or whether it is caused by the underlying infrastructure components. Up to 10,000 objects are supported in a single view:

It is also possible to construct metrics correlation graphs of different nature for these objects in order to identify the root of the low performance problem at different levels:

Another addition in this category is bidirectional integration with ServiceNow, which allows you to integrate vROPs and its metrics into the workflows of the ServiceNow system, according to VMware.

Integrated Compliance

According to the developer, this is the direction of vROPs functionality, which involves the implementation of procedures to ensure compliance with industry standards such as PCI, HIPAA, DISA, ISO, CIS and FISMA. In addition to ready-made templates, you can use casual policy sets for which you can align the infrastructure and monitor deviations from a given level. For all this, there are already workflows out of the box and integration with VMware vRealize Orchestrator.

VMware also noted that vROPs can monitor the VMware Cloud on AWS cloud infrastructure - for it, this is only another instance of the vCenter environment.

As of early April 2019, VMware vRealize Operations 7.5 is not yet available for download.^[4]

Notes