VMware Virtual Center server sensor
The VMware Virtual Center server sensor discovers VMware Virtual Center servers and the elements that are managed by the servers. VMware Virtual Center is now known as VMware vCenter Server.
Sensor name that is used in the GUI and logs
Elements discovered by the sensor
- CPU resource pools
- Data centers in a virtual center
- Data store extents for VMware vSphere 4
- Data stores that are created in each data center
- Distributed virtual switches, uplinks, and port groups in each distributed virtual switch
- Memory resource pools
- Serial number of ESX servers
- Virtual switches and port groups in each virtual switch
- VMware clusters that are created in each data center
- VMware ESX servers that are managed by a virtual center
- IP Addresses for Virtual Machines
VMware ESX servers, which are discovered by the VMware ESX and Virtual Center server sensors, are merged after the discovery.
In the Discovery Management Console, a VM (virtual machine) is represented by a computer system icon that is blue and transparent.
- Attribute data that is required to match naming rules and to create a valid stand-alone VM instance
- Certain basic information that the VMware ESX server provides through the vmware-cmd command
- The attribute
primaryMACAddress, which is required to reconcile the shallow virtual instance with any physical instance that can be discovered
- The attribute
vmwareUUID, which is required to reconcile the virtual computer instances that are discovered before and after migrations using VMotion.
- All-inclusive: The discovery scope contains ESX and Virtual Center
The result displays the ESX and Virtual Center servers. ESX servers that are managed by the Virtual Center servers are displayed in one of the data centers or clusters in the virtual center. All virtual and physical instances, discovered by the Virtual Center and ESX sensors are reconciled. The physical instances have a virtual attribute set to true.
- ESX server Only: The discovery scope contains ESX servers.
The result displays the ESX servers that are discovered by the ESX sensor. ESX servers with typical attributes for example, model are displayed. The Virtual Center sensor is not started.
- Virtual Center Server Only: The discovery scope contains Virtual
The result displays the ESX servers and virtual computers that are discovered by the Virtual Center sensor.
- Virtual Center and VM: The discovery scope contains Virtual Center
servers and all virtual computers.
The results display all the virtual computers, with all the physical, and virtual attributes set to true. The virtual computers are displayed in the Virtual Systems tab of the respective ESX server.
For successful discovery of VMware vCenter Server Appliance 6, ports for Web
Services communication must be defined. By default, ports 80 and 443 are defined. If your VMware
vCenter Server Appliance 6 uses non-standard ports, modify the value of the
portList property in the discovery profile. For details, see Configuring the discovery profile.
Support discovery of Virtual Center System Appliance through web ports
This enhancement can allow you to discover VCSA using web interfaces. There is a new configuration option in Port sensor to allow the specification of VCSA listening ports (vcsaListeningPortList) to be used to trigger seeding of VirtualCenterSensor.
- If port mentioned in `vcsaListeningPortList` is opened by some process other than VCSA, the VMware Virtual Center server sensor will show error.
To discover the VMware Virtual Center server, you must set read-only permissions for the TADDM service account. The service account must have administrator privileges.
Connection to servers with SSL
- The default mode
- The default mode does not fully verify the certificate of a server. This mode allows connection even if the certificate is self-signed, expired or with an invalid host name. It rejects connection when other problems are found, like certificate chaining error. The default mode can be used with the default VMware certificates.
- The new mode
- The new mode fully verifies the certificate of a server. You can
enable this mode by setting the
strictCertificateCheckconfiguration property to true. When this mode is enabled, only valid certificates signed by trusted certificate authorities are accepted.
- Importing self-signed certificates to TADDM
- By setting the
strictCertificateCheckproperty to true, you can connect with self-signed certificates. You must first import such a certificate to TADDM. Though self-signed certificates are trusted certificates, their validity is still verified.
- To import such certificates, complete the following steps:
- Open the taddm/dist/osgi/plugins/com.ibm.cdb.discover.sys.vmware.vmwarecommon_* directory,
*is the version number of the sensor.
- Run the following command:
where ip is the IP address of the VMware Virtual Center server sensor host, and port is the SSL port of that host.
java -cp lib/vmwarecommon.jar com.ibm.cdb.discover.sys.vmware.VmCertificateCollector ip:port
- Open the taddm/dist/osgi/plugins/com.ibm.cdb.discover.sys.vmware.vmwarecommon_* directory, where
- Example: 80 TCP vCenter Server requires port 80 for direct HTTP connections. Port 80 redirects request to HTTPS port 443. This redirection is useful if you unintentionally use http://server instead of https://server.
- 443 TCP Default port that the vCenter Server system uses to listen for connections from the vSphere Web Client. To enable the vCenter Server system to receive data from the vSphere Web Client, open port 443 in the Firewall.
- Ports 80,443 are ubiquitous ports and may appear a bad choice for seeding the
VirtualCenterSensor, since they can cause many false positives for sensor invocations. It is
recommended to provision more unique port (or lists of that port's possible values in a customer
deployment) that shall be used in PortSensors `vcsaListeningPortList`.
- 514 TCP/UDP vSphere Syslog Collector port for vCenter Server on Windows and vSphere Syslog Service port for vCenter Server Appliance.
- 902 TCP/UDP Default port that the vCenter Server system uses to send data to managed hosts. Managed hosts also send a regular heartbeat over UDP port 902 to the vCenter Server system. This port must not be blocked by firewalls between the server and the hosts or between hosts.