Credential-less Service Discovery functionality in vRealize Operations Manager 8.1.x and later
search cancel

Credential-less Service Discovery functionality in vRealize Operations Manager 8.1.x and later

book

Article ID: 315992

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Starting with version 8.1.x, vRealize Operations supports credential-less service discovery along with the legacy functionality available in 8.0. The credential-less service discovery is enabled by default and has higher priority than the legacy mechanism. In other words, SDMP first tries to discover services without credentials and falls back to the legacy mode (credential based mechanism) if credential-less mechanism fails for any reason.

Environment

VMware vRealize Operations 8.2.x
VMware vRealize Operations 8.1.x
VMware vRealize Operations 8.x
VMware vRealize Operations 8.3.x

Resolution

The user can always disable credential-less service discovery mechanism from SDMP configuration page (but not from cloud account configuration page) by setting the "Credential-less service discovery" to "Disabled" in the adapter instances "Advanced Settings" section.

Credential-less service discovery in vRealize Operations 8.1.x requires the use of netstat from VMware Tools.
Linux OSes running VMware Tools versions not using netstat are not supported in vRealize Operations 8.1.x.

Credential-less service discovery in vRealize Operations 8.2.x and later requires the use of ss from VMware Tools.
Linux OSes running VMware Tools versions not using ss are not supported in vRealize Operations 8.2.x and later.

Notes
  • Credential-less Service Discovery is not supported for VMware Cloud on AWS and VMware Cloud on Dell EMC.
  • For open-VM-tools, the service discovery plugin (open-vm-tools-sdmp) is a separate, optional package. There may be additional packages required, please refer to the documentation from the OS vendor or visit https://github.com/vmware/open-vm-tools for more information.
  • Some 11.1.x distributions of open-vm-tools will use ss instead of netstat.  See the Related Information section for steps on determine which command open-vm-tools is using.
There are several pre-requisites for credential-less service discovery to function correctly.
See the list below for the applicable pre-requisites in your version of vRealize Operations.

vRealize Operations 8.1.x

  • VMware Tools Service Discovery plugin is installed and enabled
  • VMware Tools version 11.1.0 or 11.1.1 (using netstat)
  • vCenter version = 7.0 or above
  • ESXi version = 7.0 and above
  • VM hardware version = 9 or above
  • vCenter user that is used to configure the SDMP adapter instance has the following Virtual Machine privileges under the Service configuration section:
   key: VirtualMachine.Namespace.Management, Localization: Service Configuration -> Manage service configurations
   key: VirtualMachine.Namespace.Query, Localization: Service Configuration -> Query service configurations
   key: VirtualMachine.Namespace.ModifyContent, Localization: Service Configuration -> Modify service configuration
   key: VirtualMachine.Namespace.ReadContent, Localization: Service Configuration -> Read service configuration

vRealize Operations 8.2.x and Later

  • VMware Tools Service Discovery plugin is installed and enabled
  • VMware Tools version 11.1.0 (using ss), 11.1.5, 11.2.0 or above for Linux VMs.
  • VMware Tools version 11.1.0 or above for Windows VMs.
  • vCenter version = 6.7u3g and above
  • ESXi version = 6.7p2, or 7.0 and above
Note: Starting with vRealize Operations 8.6.0, Service Discovery also supports ESXi hosts with versions 6.5p5 and above, 6.7p2 and above
  • VM hardware version = 9 or above
  • vCenter user that is used to configure the SDMP adapter instance has the following Virtual Machine privileges under the Service configuration section:
   key: VirtualMachine.Namespace.Management, Localization: Service Configuration -> Manage service configurations
   key: VirtualMachine.Namespace.Query, Localization: Service Configuration -> Query service configurations
   key: VirtualMachine.Namespace.ModifyContent, Localization: Service Configuration -> Modify service configuration
   key: VirtualMachine.Namespace.ReadContent, Localization: Service Configuration -> Read service configuration

Additional Information

The following commands can be used to find out if VMware Tools 11.1.0 or an open-vm-tools patch is installed on a Linux/Unix VM.

  • Use the following command to return the path of the get-versions.sh SDMP script:

rpm based

rpm -ql open-vm-tools-sdmp | grep get-versions.sh
 

debian based

dpkg -L open-vm-tools-sdmp | grep get-versions.sh
 
  • Use the following command to show the top 10 rows of the script file:
cat path_to_script/get-versions.sh | head -10 

Note: Replace path_to_script with the path returned in the previous command.
Examples:
  • Output if ss is used:
command -v ss >/dev/null 2>&1 || { echo >&2 "ss doesn't exist"; exit 1; }
command -v grep >/dev/null 2>&1 || { echo >&2 "grep doesn't exist"; exit 1; }
command -v sort >/dev/null 2>&1 || { echo >&2 "sort doesn't exist"; exit 1; }
command -v ps >/dev/null 2>&1 || { echo >&2 "ps doesn't exist"; exit 1; }
 
  • Output if netstat is used:
command -v netstat >/dev/null 2>&1 || { echo >&2 "netstat doesn't exist"; exit 1; }
command -v grep >/dev/null 2>&1 || { echo >&2 "grep doesn't exist"; exit 1; }
command -v sort >/dev/null 2>&1 || { echo >&2 "sort doesn't exist"; exit 1; }
command -v ps >/dev/null 2>&1 || { echo >&2 "ps doesn't exist"; exit 1; }