|
Configuration
of XenGuestTest
The XenGuestTest monitors the amount of resources that each guest takes up out of the total available resources on the physical XenServer. The default parameters associated with this test are as follows:
To enable the eG agent to connect to the XenServer API for collecting statistics of interest, this test should login to the XenServer as a root user. Provide the name of the root user in the XEN USER text box. Root user privileges are mandatory when monitoring a XenServer 5.5 (or lesser). However, if you are monitoring XenServer 5.6 (or above) and you prefer not to expose the credentials of the root user, then, you have the option of configuring a user with pool-admin privileges as the XEN USER.
By default, the Xen Server is not SSL-enabled. This indicates that by default, the eG agent communicates with the XenServer using HTTP. Accordingly, the SSL flag is set to No by default. If you configure the XenServer to use SSL, then make sure that the SSL flag is set to Yes, so that the eG agent communicates with the XenServer using HTTPS. Note that a default SSL certificate comes bundled with every XenServer installation. If you want the eG agent to use this default certificate for communicating with an SSL-enabled XenServer, then no additional configuration is required. However, if you do not want to use the default certificate, then you can generate a self-signed certificate for use by the XenServer. In such a case, you need to explicitly follow the broad steps given below to enable the eG agent to communicate with the XenServer via HTTPS:
- Obtain the server-certificate for the XenServer
- Import the server-certificate into the local certificate store of the eG agent
For an elaborate discussion on each of the above-mentioned steps, refer to the Troubleshooting section in the Monitoring XenServers document.
By default, this test communicates with every VM remotely and extracts "inside view" metrics. Therefore, by default, the INSIDE VIEW USING flag is set to Remote connection to VM (Windows).
Typically, to establish this remote connection with Windows VMs in particular, eG Enterprise requires that the eG agent be configured with domain administrator privileges. In high-security environments, where the IT staff might have reservations about exposing the credentials of their domain administrators, this approach to extracting "inside view" metrics might not be preferred. In such environments therefore, eG Enterprise provides administrators the option to deploy a piece of software called the eG VM Agent on every Windows VM; this VM agent allows the eG agent on the service console to collect "inside view" metrics from the Windows VMs without domain administrator rights.To ensure that the "inside view" of Windows VMs is obtained using the eG VM Agent, set the INSIDE VIEW USING flag to eG VM Agent (Windows). Once this is done, you can set the DOMAIN, ADMIN USER, and ADMIN PASSWORD parameters to none.
-
By default, this test connects to each virtual guest remotely and attempts to collect "inside view" metrics. In order to obtain a remote connection, the test must be configured with user privileges that allow remote communication with the virtual guests. The first step towards this is to specify the DOMAIN within which the virtual guests reside. The ADMIN USER and ADMIN PASSWORD will change according to the DOMAIN specification. Discussed below are the different values that the DOMAIN parameter can take, and how they impact the ADMIN USER and ADMIN PASSWORD specifications:
- If the VMs belong to a single domain : If the guests belong to a specific domain, then specify the name of that domain against the DOMAIN parameter. In this case, any administrative user in that domain will have remote access to all the virtual guests. Therefore, an administrator account in the given domain can be provided in the ADMIN USER field and the corresponding password in the ADMIN PASSWORD field. Confirm the password by retyping it in the CONFIRM PASSWORD text box.
- If the guests do not belong to any domain (as in the case of Linux/Solaris guests) : In this case, specify "none" in the DOMAIN field, and specify a local administrator account name in the ADMIN USER below.
Prior to this, you need to ensure that the same local administrator account is available or is explicitly created on each of the virtual machines to be monitored. Then, proceed to provide the password of the ADMIN USER against ADMIN PASSWORD, and confirm the password by retyping it in the CONFIRM PASSWORD text box.
- If the guests belong to different domains - In this case, you might want to provide multiple domain names. If this is done, then, to access the guests in every configured domain, the test should be configured with the required user privileges; this implies that along with multiple DOMAIN names, multiple ADMIN USER names and ADMIN PASSWORDS would also have to be provided. To help administrators provide these user details quickly and easily, the eG administrative interface embeds a special configuration page. To access this page, simply click on the Click here hyperlink that appears just above the parameters of this test in the test configuration page.In the page that appears next, specify the following:
- First, provide the name of the Domain to which the VMs belong. If one/more VMs do not belong to any domain, then, specify 'none' here.
- The eG agent must be configured with user privileges that will allow the agent to communicate with the VMs in a particular domain and extract statistics. If 'none' is specified against Domain, then a local administrator account can be provided against Admin User. On the other hand, if a valid Domain name has been specified, then a domain administrator account can be provided in the Admin User text box.
- The password of the specified Admin User should be mentioned in the Admin Pwd text box.
- Confirm the password by retyping it in the Confirm Pwd text box.
- To add more users, click on the circled '+' button in the page. This will allow you to add one more user specification.
- In some virtualized environments, the same Domain could be accessed using multiple Admin User names. For instance, to login to a Domain named 'egitlab', the eG agent can use the Admin User name labadmin or the Admin User name jadmn. You can configure the eG agent with the credentials of both these users by adding two separate specifications - one for the labadmin and another for jadmn in our example - for the same domain name using this page. When this is done, then, while attempting to connect to the domain, the eG agent will begin by using the first Admin User name of the specification. If, for some reason, the agent is unable to login using the first Admin User name, then it will try to login again, but this time using the second Admin User name of the specification - i.e., jadmn in our example. If the first login attempt itself is successful, then the agent will ignore the second Admin User name.
- To clear all the user specifications, simply click the Clear button.
- To remove the details of a particular user alone, just click the circled '-' button corresponding to the user specification.
- To save the specification, just click on the Update button. This will lead you back to the test configuration page, where you will find the multiple domain names, user names, and passwords listed against the respective fields.
- If the INSIDE VIEW USING flag is set to 'eG VM Agent (Windows)' - In this case, the inside view can be obtained without domain administrator privileges. Therefore, set the DOMAIN, ADMIN USER, and ADMIN PASSWORD parameters to none.
-
Administrators of some high security Xen virtualized environments might not have permissions to internally monitor one/more VMs. The eG agent can be configured to ignore such 'inaccessible' VMs using the IGNORE VMS parameter. Against this parameter, you can provide a comma-separated list of VM names, or VM name patterns, for which the inside view need not be obtained. For instance, your IGNORE VMS specification can be: *xp,*lin*,win*,vista. Here, the * (asterisk) is used to denote leading and trailing spaces (as the case may be). By default, this parameter is set to none indicating that the eG agent obtains the inside view of all VMs on an XenServer by default.
Note:
While performing VM discovery, the eG agent will not discover the operating system of the VMs configured in the IGNORE VMS text box.
- By default, the eG agent does not support the inside view for VMs executing on Windows NT operating systems. Accordingly, the IGNORE WINNT flag is set to Yes by default.
While monitoring a Xen_virtual_server, the REPORT BY USER flag is set to No by default, indicating that by default, the guest operating systems on the XenServer are identified using the hostname specified in the operating system. On the other hand, while monitoring a Xen_desktop_server, this flag is set to Yes by default; this implies that in case of the XenServer VDI model, by default, the desktops will be identified using the login of the user who is accessing them. In other words, in VDI environments, this test will, by default, report measures for every username_on_virtualmachinename.
The REPORT POWERED OS flag becomes relevant only if the REPORT BY USER flag is set to ‘Yes’.
If the REPORT POWERED OS flag is set to Yes (which is the default setting), then this test will report measures for even those VMs that do not have any users logged in currently. Such guests will be identified by their virtual machine name and not by the username_on_virtualmachinename. On the other hand, if the REPORT POWERED OS flag is set to No, then this test will not report measures for those VMs to which no users are logged in currently.
You can set the REPORT POWERED ON status to YES, so that the test reports an additional measure, Powered on, revealing whether a guest OS is currently running or not. The default status of this flag is set to Yes for a Citrix XenServer. For a Citrix XenServer – VDI component on the other hand, this flag is set to No by default. This is because, in such environments, the virtual desktops will be in the powered-off state most of the time.
-
The AGGREGATE USER SESSIONS flag will appear in this page only while configuring this test for a VMware VDI(i) server. This flag is closely related to the REPORT BY USER flag. In case of the VDI model, the REPORT BY USER flag is set to Yes by default. Therefore, the status of the AGGREGATE USER SESSIONS flag gains significance in the case of the VDI server. By default, the AGGREGATE USER SESSIONS flag is set to No. This implies that if a single user is currently logged into multiple guests, then this test, by default, will report a set of measures for every username on guestname. On the other hand, if the status of this flag is changed to Yes, then, this test will report a set of (aggregated) measures for every distinct user to the virtual desktop environment. In other words, this test will report measures that are aggregated across all the currently active sessions for a user, spanning multiple VMs.
By default, in most virtualized environments, the XenServer listens on port 80 (if not SSL-enabled) or on port 443 (if SSL-enabled). This implies that while monitoring an SSL-enabled XenServer, the eG agent, by default, connects to port 443 of the server to pull out metrics, and while monitoring a non-SSL-enabled XenServer, the eG agent connects to port 80. Accordingly, the WEBPORT parameter is set to 80 or 443 depending upon the status of the SSL flag. In some environments however, the default ports 80 or 443 might not apply. In such a case, against the WEBPORT parameter, you can specify the exact port at which the XenServer in your environment listens so that the eG agent communicates with that port.
When changing the
configuration for specific servers, a “*” beside the text box
corresponding to the parameter signifies that these values have to be
manually configured by the user. The parameter values that require to
be configured will typically be prefixed with a “$” or contain a
series of “*”. A value of "none"
in the parameter value indicates that the corresponding parameter
value can be changed if required.
|