Defining VMware NSX Observer jobs

The VMware NSX Observer is installed as part of the core installation procedure. Use the VMware NSX Observer when you have VMware NSX installed in your environment to define jobs that dynamically load VMware NSX data for analysis by Netcool Agile Service Manager.

Before you begin

You can use the VMware NSX Observer when you have a VMware NSX appliance in your environment.
Important: The VMware NSX Observer supports the on-premise VMware NSX version 6.3.

Ensure you have the VMware NSX service details to hand, such as username, password, SSL TrustStore and URL.

Remember: Swagger documentation for the observer is available at the following default location: https://<your host>/1.0/vmwarensx-observer/swagger

About this task

The VMware NSX Observer job extracts VMware NSX resource information via REST. The Observer loads and updates the resources and their relationships within the Netcool Agile Service Manager core topology service.

vmwarensx_observer_common.sh
The config file you use to customize VMware NSX Observer settings.
The parameters defined here are then used by the vmwarensx_observer_query_start.sh script to trigger the VMware NSX Observer jobs.
Tip: Alternatively, you can set the appropriate environment variables. If an environment variable is set, it takes precedence over the config file settings.
You define and start the following job. You must edit the parameters in the config file before running this job.
Full Topology Upload job
A transient (one-off) job that loads all requested topology data.
This job is started by the vmwarensx_observer_query_start.sh script.
The VMware NSX Observer loads the following resources and their relationship into the Netcool Agile Service Manager core topology service:
  • NSX Appliance
  • vCenter Appliance
  • NSX Controller
  • Edge Router - Logical (Distributed) Router, Edge Service Gateway
  • Virtual Machines
  • Host
  • VNIC

Procedure

To edit the parameters in the config file

  1. Open the vmwarensx_observer_common.sh config file and edit (at least) the following parameters:
    api_url
    VMware NSX REST API endpoint
    username
    VMware NSX user name for REST API
    password
    VMware NSX user password for REST API
    Must be encrypted
    tenant_name
    VMware NSX tenant
    Set to 'default' if there is no specific tenant.
    ssl_truststore_file
    VMware NSX SSL trust store file for HTTPS authentication
    JKS is the supported format and the file is relative to the $ASM_HOME/security directory.
    password_ssl_truststore_file
    Password to decrypt an encrypted VMware NSX SSL trust store file
    Must be encrypted
    For encryption: Run the encrypt_password.sh script in the ASM_HOME/bin directory: 
    ./bin/encrypt_password.sh
    Enter and then confirm the password. The encryption utility returns an encrypted version.

To acquire VMware NSX SSL certificate and build SSL truststore

  1. Use the following command to use OpenSSL to connect to VMware NSX over port 443, and extract a SSL Certificate from VMware NSX to a <certificate_file_name>.crt file. 
    echo -n | openssl s_client -connect {VMware NSX IpAddress}:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ./{certificate_file_name}.crt
  2. Use the following Java keytool command to import the VMware NSX certificate file into a keystore and encrypt the keystore with a given password. 
    keytool -import -v -trustcacerts -alias {VMware NSX Hostname} -file {certificate_file_name}.crt -keystore {keystore file name} -storepass {your password to encrypt keystore}
  3. Copy the keystore file ({keystore file name}) to the $ASM_HOME/security directory to complete the SSL setup.

To start the Load job

  1. To start the VMware NSX Observer Full Topology Upload job, use the following command: 
    $ASM_HOME/bin/vmwarensx_observer_query_start.sh
    This job loads all requested topology data. Run this job whenever you need VMware NSX topology data refreshed.

What to do next

You can also use the following scripts:
vmwarensx_observer_query_stop.sh
Stops the Full Topology Upload job
vmwarensx_observer_job_list.sh
Lists the status of current jobs
vmwarensx_observer_log_level.sh
Sets the log level
Remember: As an alternative to being configured using the Observer Configuration UI, observer jobs have scripts to start and stop all available jobs, to list the status of a current job, and to set its logging levels. These scripts can be run with -h or --help to display help information, and with -v or --verbose to print out the details of the actions performed by the script, including the full cURL command. For the on-prem version of Agile Service Manager, observer scripts are configured for specific jobs by editing the script configuration files.