ESXi Servers and vCenter/vSphere Monitoring
IN THIS ARTICLE:
Introduction to ESXi Server and vCenter/VSphere Monitoring
LogicMonitor uses the VMware API to provide comprehensive monitoring of VMware vCenter or standalone ESXi hosts. In this support article, we outline how to set up ESXi host and/or vCenter server monitoring.
Creating a Read-only User for an ESXi Host or vCenter Server
As highlighted in the next two sections, the process of creating a user varies depending upon whether you intend to monitor standalone ESXi hosts or a vCenter server.
- Creating a user for an ESXi Host
- Creating a user for a vCenter server
Creating a User for an ESXi Host
The following set of steps walk you through the process of creating a read-only user for an ESXi host that has rights to use the VMware API.
- Using the vSphere Client, log in to the ESXi host that you would like to add to LogicMonitor as a host.
- From the Users tab, create a userid for the LogicMonitor Collector by right-clicking anywhere in the users table and clicking Add.
- From the Permissions tab, add a new permission by right-clicking and clicking Add Permission.
- In the Users section, click Add, and then select the LogicMonitor userid for this permission. Click Add, then OK.
- Select the LogicMonitor user you added. In the Assigned Role section, select the "Read-only" role from the drop-down menu. Ensure that the Propagate to Child Objects option is checked and click OK.
- You must repeat this process on each individual ESXi host you want to add to LogicMonitor for monitoring. The credentials for ESXi users that have been added at the vCenter level will not be inherited down to clustered hosts. For more information on how this is configured, please see VMware's vSphere documentation.
Note: Your credentials for ESXi hosts will be in the format of username/password (e.g. logicmonitor/pass123).
If vCenter is integrated with Active Directory (AD), you will find a group in vCenter that has a corresponding group in AD. Simply create a user with read-only permissions for your vCenter environment in AD and add it to the corresponding AD group. Your credentials for vCenter will be in the format of [email protected] (e.g. [email protected]) with its password.
If vCenter is not integrated with AD, you will create a new read-only using a process similar to that for creating an ESXi host user (described in the previous set of steps). However, it's important to note that a key difference between ESXi host and vCenter is that vCenter credentials are formatted as [email protected] (e.g. [email protected]) with password.
Configuring VMware Credentials in LogicMonitor
For LogicMonitor to provide ESXi hardware monitoring, you need to add the individual ESXi hosts to LogicMonitor - hardware status is not available by monitoring only vCenter.
No further configuration is needed to activate hardware monitoring - if you do not see hardware monitoring within LogicMonitor, check that hardware status is available from the Virtual Infrastructure client. If not, then either:
- Your hardware is not supported by ESXi for hardware monitoring. You may be able to obtain a hardware specific bundle either from VMware or your hardware vendor.
- The CIM provider is disabled - see this VMware knowledge base article.
vCenter Tag Integration
Some of the VMware DataSources are capable of pulling in vCenter tags as instance properties. This is optional and can be enabled by setting a device property named esx.tags to true. Currently the tag integration only works on DataSources applied to vCenter devices. DataSources that currently support this functionality are:
The tags will show up as instance-level properties on your VM instances, with the following format: auto.tag_category = tag.
Duplicate Cluster Naming
vCenter allows multiple clusters to have the same name as long as each cluster is in a different VMware Datacenter within the vCenter. However, within LogicMonitor, this translates to duplicate instance names which is not supported (i.e duplicate instances are not discovered).
To ensure unique instance names and therefore discovery of all relevant clusters, add the custom property of esx.instanceformat to the host and assign it a value of "dedupe" (case insensitive). This property prepends the cluster name with the VMware Datacenter name (i.e. <datacenter> / <cluster>) in order to avoid duplicate instance names.
Note: If this property is set on a host that has already been running for a while, it will force history loss on that host (and only that host).
If you are using a proxy for your Collector access, then you will need to exclude these hosts from being proxied by your Collector or the Collector will not be able to access the VMware API. This is done by adding a value to the proxy.exclude setting found in your Collector's agent.conf file that reflect these hosts, proxy.exclude=hostname1|hostname2|hostname3|..., where the various hostnames represent the IPs/hostnames for the various ESXi or vCenter hosts that have been added into LogicMonitor and are being monitored by the Collector.
If the Collector is not able to access the VMware API and your ESXi/vCenter device has been added via its hostname, edit the device to use its IP instead and repeat these configuration edits if needed.
Modifying the API Port or URI
If your vCenter or ESXi hosts are configured to expose their API on nonstandard ports, you can set the property esx.url with an appropriate URL (e.g. https://192.168.1.100:8443/sdk).
- Large queries to clusters may place an excessive load on internal DB, resulting in data collection issues. To remedy such issues, please follow the recommendations on this article: https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2107096
- You must ensure your vCenter server is sized appropriately for the numbers of hosts and VMs it is managing. See VMware's documentation for size requirements. (Note that the vCenter database requirements must be added to the vCenter server requirements if they are on the same machine.) If you are using vCenter 5.5 or lower, it is also often necessary to tune the vCenter memory configuration, as documented in VMware's knowledgebase here and here. (vCenter 6 will dynamically adjust the memory allocation to the services if the VM running vCenter is allocated more memory and rebooted.) If vCenter does not have enough resources, it may refuse some connections to the API (HTTPS) port (easily seen in the HTTPS- DataSource in LogicMonitor), or it may report a value of "-1" to some performance queries. Both of these situations will cause gaps in graphs. This is not an issue with LogicMonitor.
- If your vCenter 5-minute Statistics Collection Level is set to "Level 1" some datapoints for Resource Pool may not return data. In order to access all of the necessary counters monitored, you will need to set your vCenter Statistics Collection Level to "Level 2." This can be done within your vSphere Web Client by navigating to "Hosts and Clusters" and selecting your vCenter instance. Go to the "Manage" tab, select "Settings" and then "Edit." Change the "5 minutes" interval to Level 2.
DataSources are split into two categories, those that apply directly to the ESXi hosts and those that apply to vCenter.
Note: With the third—and current—generation, the module names have been changed, so there will be no issue importing these modules if you already have the older VMware_vSphere_* modules in your account. However, because this does mean that your hosts will be queried by the Collector more frequently, we recommend that the existing modules be disabled manually or deleted.
Over time, LogicMonitor's VMware monitoring capabilities have undergone three generations of updates in order to give you greater insight into your environment while taking advantage of newer features. In the following table, we've provided a list of DataSources included in each generation. Each row of the table represents equivalent DataSources across the generations.
Removing VMware Monitoring
Once discovered, VMware monitoring will not be automatically removed from a device, in order to prevent the loss of data due to a temporary failure. If you have removed vCenter from a windows server, or otherwise wish to remove VMware monitoring from a device in LogicMonitor, there are two options:
- Delete the device, and re-add it. Only the currently running services will be discovered, but you will lose all history about the device.
- Use a debug command on the Collector to remove the specific property that associates the VMware DataSources. This will leave non-VMware data unaffected. For example, for a device named "2012c" you could remove the property by running the following command on the responsible Collector: !hostproperty action=del host=2012c property=virtualization.