VCF Operations¶
Overview¶
| Field | Value |
|---|---|
| Name | vrops |
| Archetype Group ID | com.vmware.pscoe.vrops.archetypes |
| Archetype Artifact ID | package-vrops-archetype |
| Package extension | vrops |
| Product compatibility | VCF Operations (9.x) Aria Operations (8.x) |
VCF Ops projects are called vrops projects in Build Tools for VMware Aria. The project type is a representation of VCF Ops content into human friendly format saved into different file types - JSON, XML, properties, ZIP. The project consist of content descriptor and content container.
- Content Descriptor defines what part of the VCF Ops server content will be part of this project -
content.yaml. - Content Container holds the actual content representation -
./srcfolder.
Supported Content¶
viewdashboardalert-definitionsymptom-definitionpolicydefault-policyrecommendationsuper-metricmetric-configreportcustom-group
Create New VCF Ops Project¶
Build Tools for VMware Aria provides ready to use VCF Ops project templates (maven archetypes).
To create a new VCF Ops project from archetype use the following command:
mvn archetype:generate \
-DinteractiveMode=false \
-DarchetypeGroupId=com.vmware.pscoe.vrops.archetypes \
-DarchetypeArtifactId=package-vrops-archetype \
-DarchetypeVersion= # (1)! \
-DgroupId=com.company.bu # (2)! \
-DartifactId=project.type # (3)!
- This parameter is optional. Default value is 2.38.1. Note that archetype contents change so usually an up-to-date version is preferred.
- The groupId in Maven is a distinctive identifier specifically used for a project. It acts as a namespace, ensuring that project names don't clash with each other. It is recommended to choose a groupId that reflects your organization or project.
- The artifactId is a unique identifier for a specific project or module within a project. It represents the name of the artifact that is generated by the project. It is recommended to choose a artifactId that reflects the project type.
Content Structure¶
The result of this command will produce the following project file structure:
operations
├── README.md
├── content.yaml
├── pom.xml
├── release.sh
└── src
└── main
└── resources
└── alert_definitions
└── Cluster is disbalanced.json
└── custom_groups
└── vCenter Folder Tag.json
└── dashboards
└── metadata
└── dashboardGroupActivationMetadata.vrops.json
└── dashboardSharingMetadata.vrops.json
└── dashboardUserActivationMetadata.vrops.json
└── resources
└── resources.properties
└── Assess Cost.json
└── metricconfigs
└── vSAN Savings
└── policies
└── policiesMetadata.vrops.json
└── Policy for Virtual Machines - Risk Profile 1.zip
└── recommendations
└── Bring the VMware Cloud Foundation Operations Node back online.json
└── reports
└── Cluster Cost Report
└── resources
└── resources.properties
└── content.xml
└── supermetrics
└── Group CPU Average.json
└── symptom_definitions
└── Cloud Proxy is down.json
└── views
└── resources
└── content.properties
└── Cluster Basic Inventory.xml
Content¶
Content Descriptor¶
Content Descriptor is implemented by content.yaml file with the following structure:
view:
dashboard:
alert-definition:
symptom-definition:
policy:
default-policy:
recommendation:
super-metric:
metric-config:
report:
custom-group:
Note
VCF Ops Project supports only content types outlined into Content Descriptor.
To capture the state of your VCF Ops environment simply fill in the names of the content objects and follow the Pull Content section.
Note
All object types are list of string values except for default-policy which is a single policy name string.
Note
Due to limitation of the VCF Ops CLI the import / export of report definitions is not currently supported.
Note
The import of the symptoms definitions defined for all the adapter types is not currently supported.
Content Filtering¶
Contents are managed by different rules.
Import Rules for content types¶
- Only objects explicitly defined in the
content.yamlare imported. default-policydoes not actually import a policy - it only sets an existing policy with the given name as default.
Export Rules for content types¶
- Only objects explicitly defined in the
content.yamlare exported. default-policyis not exported. If you want to export the policy set as default it needs to be added to thepolicylist.
Example¶
Content
view:
- Cluster Basic Inventory
dashboard:
- Assess Cost
alert-definition:
- Cluster is disbalanced
symptom-definition:
- Automation service is down
- Cloud Proxy is down
recommendation:
- Bring the VMware Cloud Foundation Operations Node back online
super-metric:
- Group CPU Average
report:
- Cluster Cost Report
metric-config:
- vSAN Savings
custom-group:
- VCF World
policy:
- Policy for Virtual Machines - Risk Profile 1
default-policy: Default Policy
Environment Connection Parameters¶
The following need to be added to the profile that you intend to use:
<!-- (1)! -->
<profile>
<!-- ..... OTHER DIRECTIVES ..... -->
<vrops.host>flt-ops01a.corp.internal</vrops.host>
<vrops.port>443</vrops.port>
<vrops.sshPort>22</vrops.sshPort>
<vrops.username>admin</vrops.username>
<vrops.password>someSecurePassword</vrops.password>
<vrops.restUser>admin</vrops.restUser>
<vrops.restPassword>someSecurePassword</vrops.restPassword>
<vrops.dashboardUser>admin</vrops.dashboardUser>
<vrops.importDashboardsForAllUsers>true|false</vrops.importDashboardsForAllUsers>
<vrops.restAuthSource>local</vrops.restAuthSource>
<vrops.restAuthProvider>BASIC|AUTH_N</vrops.restAuthProvider>
</profile>
- The location of settings.xml for MacOS is ~/.m2 and C:\Users\username\.m2 for Windows
Note
Some VCF Ops content is managed via in-guest CLI commands instead of REST API which requires credentials for REST API (vrops.restUser and vrops.password) and SSH communication (vrops.username and vrops.password) with sufficient privileges.
-
vrops.dashboardUser- User account to which to assign the ownership of a dashboard when importing it. -
vrops.importDashboardsForAllUsers- If parameter is missing or set to true, the dashboards are imported to all users. If parameter is set to false, the dashboards are imported only for the user specified in vrops.dashboardUser. -
vrops.restAuthSource- Authentication source used for acquiring a token for REST API communication. -
vrops.restAuthProvider- Defines the type of authentication used for REST API communication.- Supported values:
BASIC,AUTH_N(token based authentication - supported since version 2.8.0). - Default value:
AUTH_N.
- Supported values:
Use the profile by passing it with -P, e.g.:
mvn vrops:pull -Ptarget-env
Operations¶
Build Project¶
Overview¶
Maven goal for compiling the code into a deployment ready package.
Usage¶
mvn clean package
The output of the command will result in com.company.bu.project.type-1.0.0-SNAPSHOT.vrops file generated in the target folder of the project.
Bundle Project¶
Overview¶
Maven goal for producing an installation bundle containing the solution package, all its dependencies and scripts for deploying to target environment.
Usage¶
mvn clean package -Pbundle-with-installer
For more information refer to Installer documentation.
Pull Content¶
Overview¶
When working on a VCF Ops project, you mainly make changes on a live server using the VCF Ops UI and then you need to capture those changes in the maven project on your filesystem to be able to store the content, track changes, collaborate, etc.
Usage¶
To support this use case, the a custom maven goal vrops:pull is used. The following command will pull the content outlined into Content Descriptor file to the current project from a specified server and expand its content in the local filesystem overriding any local content:
mvn vrops:pull -Ptarget-env
Note
The command will fail if the content.yaml is empty or it cannot find some of the described content on the target VCF Ops server.
Wildcard Support¶
The content descriptor supports wildcard for most of the asset types. This means that you can specify a wildcard (*) symbol in the asset names defined in the content.yaml file exporting all assets matching the wildcard expression. E.g.
report:
- "*reports"
Note
Due to limitation of VCF Ops REST API wildcard is currently NOT supported for the dashboard and metric-config asset types.
Note
If you specify a wildcard in the asset name defined in the content.yamlfile, it needs to be enclosed with quotes ("). You can also enclose the asset name with quotes (") in the content.yaml file, even if you specify it with its full name.
Push Content¶
Overview¶
Maven goal for deploying the solution to target environment.
Usage¶
mvn clean package vrops:push -Ptarget-env
Include Dependencies¶
By default, the vrealize:push goal will deploy all dependencies of the current project to the target environment. You can control that by the -DincludeDependencies flag. The value is true by default, so you skip the dependencies by executing the following:
mvn package vrealize:push -Ptarget-env -DincludeDependencies=false
Note
Dependencies will not be deployed if the server has a newer version of the same package deployed. For example, if the current project depends on com.vmware.pscoe.example-2.4.0 and on the server there is com.vmware.pscoe.example-2.4.2, the package will not be downgraded. You can force that by adding the `-Dvra.importOldVersions flag:
mvn package vrealize:push -Ptarget-env -Dvra.importOldVersions
Ignore Certificates¶
This section describes how to bypass a security feature in development/testing environment. Do not use those flags when targeting production servers. Instead, make sure the certificates have the correct CN, use FQDN to access the servers and add the certificates to Java's key store (i.e. cacerts).
You can ignore certificate errors the certificate is not trusted and the CN does not match the actual hostname by appending the following parameters to the target profile in your maven settings.xml file:
...<!--# (1)! -->
<profiles>
...
<profile>
<id>target-env</id>
<properties>
...
<vrealize.ssl.ignore.hostname>true</vrealize.ssl.ignore.hostname>
<vrealize.ssl.ignore.certificate>true</vrealize.ssl.ignore.certificate>
</properties>
</profile>
</profiles>
- The location of settings.xml for MacOS is ~/.m2 and C:\Users\username\.m2 for Windows
You can ignore certificate error, i.e. the certificate is not trusted, by adding the flag -Dvrealize.ssl.ignore.certificate:
mvn package {projectGoal}:push -Ptarget-env -Dvrealize.ssl.ignore.certificate
You can ignore certificate hostname error, i.e. the CN does not match the actual hostname, by adding the flag -Dvrealize.ssl.ignore.certificate:
mvn package {projectGoal}:push -Ptarget-env -Dvrealize.ssl.ignore.hostname
Clean Up Content¶
Clean up is not supported for the current project type.
Project Type Support for vrealize clean¶
| Archetype | Supported | Comment |
|---|---|---|
| vro | Yes | - |
| vcd | Partial | It does not support dryRunning |
| abx | No | Not implemented |
| vrops | No | Not implemented |
| vra-ng | Partial | Does not support dryRunning |
| vrli | No | vRLI does not provide native package support |
| cs | No | Code Stream Services does not provide native support for packages |
Troubleshooting¶
- If maven error does not contain enough information re-run it with -X debug flag.
mvn -X <rest of the command> - Sometimes maven might cache old artifacts. Force fetching new artifacts with -U. Alternatively remove
/.m2/repository folder.mvn -U <rest of the command>