Proactively manage your vSphere environment with Runecast Analyzer

I’ve got the opportunity to test Runecast Analyzer. Runecast Analyzer Proactively use VMware KBs, best practices and security hardening guidelines to identify problems in your VMware environment. In this blogpost you find my experience of testing Runecast Analyzer.

Deployment

The deployment of Runecast Analyzer is easy. It’s an on-premises deployment on you’re vSphere environment. Within a couple of minutes the Runecast is up and running. First download and deploy the virtual appliance OVA in an existing vSphere 5 or higher environment. During the deployment 3 appliance configuration sizes options are available:

DeploymentvCPUMemory (GB)Storage (GB)Network
Small2490100Mbit=>
Medium4890100Mbit=>
Large83290100Mbit=>
After choosing the appliance size and set the IP address you’re ready to access the appliance using a web browser.
Updating
After the appliance is deployed, the updating of the KB definitions, updates, application and OS updates can be configured in the VA admin interface of the appliance. When using the automatic updating you’re always up-to-date.
When the appliance has no internet connection, offlines updates are available on the RuneCast website.
Scan the vSphere environment
Add one ore more vCenter Server(s) and you’re ready to fire you’re first scan of the VMware environment. The scan can be manually performed of scheduled.
After the scan of the environment the issues are displayed in a dashboard.  The issues are categorized in critical, major and medium.

Version 1.7 adds a new dashboard called “issues by layer”. This dashboard categories the issues in 5 main layers: Management, VM, Compute, Network and Storage.

The detected issues are added in the five layers. This dashboard is interactive. By selecting the layer and issue you can drill-down and find the affected component and root cause.

It is possible to integrate RuneCast in the vSphere Web client. The plugin displays all issues detected by RuneCast Analyzer with the details and their root causes.

The vSphere Web Client HTML5 page looks awesome.

Meltdown and Spectre

Runecast is continuously monitoring the VMware KB articles and is able to detect Spectre and Meltdown issues. The great thing is that when VMware is updating or adding a Spectre or Meltdown KB issue, Runecast monitors that and alert you when the vSphere environment is affected. In the following example the Spectre/Meltdown issues are found.

You can drill down to see what hosts are effected.

Log Analytics

Runecast Analyzer includes log analytics. Runecast collects the syslogs from the ESXi hosts and do a smart analytics to discover possible problems found in KBs.

Hardening

Runecast Analyzer uses VMware Security checks (https://www.vmware.com/security/hardening-guides.html) and DISA STIG 6 to check the compliance of the vSphere environment. The results are reports in a dashboard.

vSAN support

Version 1.7 adds support for VMware vSAN environments. It scans vSAN clusters and test their configurations against VMware KB articles and best practices. When issues are found guides are added how to fix them.

For example in a customer vSAN environment Runcast Analyzer found the following vSAN problem:

When drilling down the guide tells me that this issue is fixed in ESXi 6.5 Update 1 (vSAN 6.6.1). After patching  the issue was solved without occurring in the vSAN environment. This is what you called “proactive management”.

Conclusion

With Runecast Analyzer every VMware vSphere admin can proactively identify possible (security) problems in there vSphere environment. The installation is easy and fast. As VMware consultant I use Runecast on frequently basis which gives me a great overview of the state of the vSphere environment i’m working with.

Every new release has great features are added such as vSAN and vSphere Web Client HTML5 support .

In my opinion Runecast Analyzer is a must have tool for every VMware vSphere admin to proactively monitor there environment.

Wanna try?

There is a 14-day free trial available from this link.

Tested: VDI End User Experience monitoring tools

The success  and effectiveness of a VDI environment depends on the End User Experience (UX). When the End User Experience isn’t good, users will complain and the VDI project will fail. So the ability to analyze, report and troubleshoot when a problem occurs is critical in a VDI environment. To get this insight I tested ControlUp v6 and VMware vRealize Operations for Horizon v6.3. Both tools are tested against the following subjects:

  • Architecture
  • Troubleshoot performance problems
  • Reporting
  • End User Experience monitoring
  • Supporting End-Users
  • Licensing

The features of ControlUp and VMware vRealize Operations for Horizon are tested against a VMware Horizon View 7 environment.

Architecture

ControlUp

In the on-premises datacenter reside two components:

  • ControlUp Management Console. This is a .NET Windows  application which connects to the vCenter Server/vSphere clusters and VDI desktops.
  • ControlUp Monitor Service. This Windows service is responsible for alerting, reporting and uploading historical data to the Insight database which resides in the ControlUp Cloud.

The ControlUp installation is very simple. On a management server simply execute a single executable (ControlUpConsole.exe). It runs in memory, so there is no installation needed. For alerting and uploading data the ControlUp Monitor Service is needed. Here is an overview how a ControlUp hybrid (cloud and in-prem) infrastructure looks like:

architecture

On the left is the Enterprise Network displayed. This is the on-premises datacenter where the hypervisors and Horizon environment resides and where the ControlUp Monitor and Console are installed. There is a very minimal infrastructure needed for deploying ControlUp. All the backend components are hosted in ControlUp cloud that is  hosted on Amazon Web Services (AWS).

It’s possible to have the backend  components installed on-premises with a special version of ControlUp if you have special compliance requirements. With this version everything runs on-premises.

VMware vRealize Operations for Horizon

VMware vRealize Operations for Horizon is a monitoring solution that extends the capability of VMware vRealize Operations Manager to troubleshoot, monitor, and manage the health, capacity, and performance of VMware Horizon View environments. The architecture of vROps looks like:

architecture

The main components are:

  • VMware vRealize Operations (vROps). vROps can be deployed on Windows, Linux or when using the appliance.
  • VMware vRealize Operations Horizon management pack (PAK). After the vROps is installed and configured add the VMware vRealize Operations Horizon management pack to vROps.
  • vRealize Operations for Horizon broker agent. On one Horizon View Connection Server install the agent and pair this with vROps Horizon adapter.
  • vRealize Operations for Horizon Desktop Agent. In the Horizon View Agent enable this feature.

After installing and configuring these main components the gathering of statistics, events and performance data can begin. All the components are installed in the on-premises datacenter. Besides the VMware vRealize Operations Horizon management pack there are other management packs available that can be imported in vROps such as the Virtual SAN and NSX management pack. This improves the end-to-end visibility and monitoring.

User Interface

ControlUp

When executing the ControlUp Management Console the following UI is displayed after adding the central vCenter server.

CU Management Console1

This is a real-time performance dashboard.

On the left the managed hypervisor(s), vCenter(s) and servers and desktops are listed. On the managed Windows desktops a lightweight agent is pushed.

The following dashboards are available:

  • Folders
  • Hosts
  • Computers
  • Sessions
  • Processes
  • Accounts
  • Applications

You can easily search, filter, sort, group by,  customize and organize the columns that will be displayed in each dashboard.

vROPS for Horizon

The User Interface (UI) for vROps is accessible from the internet browser.

webportal webportal1

After logging-in there are Horizon specific dashboards available such as:

  • Horizon Overview
  • Horizon Help Desk
  • Horizon Infrastructure
  • Horizon User Sessions
  • Horizon VDI Pools
  • Horizon RDS Pools
  • Horizon Applications
  • Horizon Desktop Usage
  • Horizon User Session details
  • Horizon RDS Host Details
  • Horizon End User Experience

These are the default dashboards but it is possible to create own personalized dashboards with widgets and metrics you need.

Troubleshoot performance problems

To demonstrate performance troubleshooting with both products we use a Windows 10 VDI desktop and run the tool “Heavyload.exe” to generate 100% CPU utilization.

heavy

ControlUp

With ControlUp Management Console we can troubleshoot performance problems on hosts, computers and,-sessions in real-time and  identify the process that is causing the 100% CPU utilization.

1 2a

vROPS for Horizon

With vROps we filter on “Percent Processor Time%”, select the session and perform a manual “Get Desktop Processes”.

3High CPU 1

The “Get Desktop Processes” task takes between 10-30 seconds to generate a list of process information per desktop. In ControlUp getting the processes list is in real-time. Besides identifying high CPU utilization other performance counters can be identified with both products.

Reporting

ControlUp Insights

With ControlUp v5 ControlUp Insights was introduced. ControlUp Insights is historical reporting and analytics platform in the cloud. In v6 ControlUp Insights is extended with new reports. Each month new reports are added to the portal. The portal is accessible from the following URL:

  • https://insights.controlup.com

When logging-in there are three main sections with a couple of sub-sections:

  • User Activity
    • Session Count
    • Session Activity
    • Session Details
    • Session Resources
    • Logon Durationreports
    • Protocol Latency
  • System Health
    • Computer Trends
    • Computer Statistics
    • Host Trends
    • Top Windows Errors
  • Application Usage
    • App Usage Details
    • Citrix License Usage

Each section has a several reports with information about user activity, user experience, resource consumption, application activity, system health and license information. The reports are simple, interactive and good-looking.  In addition, where applicable, ControlUp Insights presents global benchmark values for performance and user experience metrics. These metrics are calculated based on anonymize metadata sent to ControlUp Insights from the customers that use this platform

Here are 4 examples reports of Insights:

Computer Trends Host Trends Resource usage Toperrors

The report data can be exported as CSV files.

export

vROPS for Horizon

There are several predefined Horizon reports that can be run or scheduled on regular basis. These reports provide information about remote desktop and application usage, desktop and application pool configuration details, and license compliance. Here are some examples:

2016-08-15_15h39_39 2016-08-15_15h50_12 2016-08-15_15h50_30 2016-08-15_15h50_50

The reports aren’t as fancy and interactive as in ControlUp. The reports can be exported as CSV or PDF files.

End User Experience (UX) monitoring

Besides performance metrics User Experience (UX) metrics are very important in a VDI and SBC environment.

ControlUp UX metrics

  • PCoIP Session bandwidth usage and latency.
  • Desktop Load Time.
  • Group Policy Load Time.

Protocol LatencyUX metrics

  • Application Load Time.

appl load time

vROps for Horizon

  • PCoIP and Blast extreme protocol metrics
  • Profile Load Time
  • Shell Load Time

UX

Both products offer UI metrics. The Application Load Time is a new cool feature in ControlUp 6 that measures the time that it takes that an application become available for the end user. This is good indicator for the User Experience.

Supporting End-Users

ControlUp

Besides monitoring and reporting there are other features built-in to support the End-users. The following screenshot show some of these features:

2016-08-15_16h34_23

Script-Based Actions (SBA) allows the admin to extend ControlUp functionality. Scripts (either developed internally or by the community and then sanitized by ControlUp before being published), can be written using Batch, VBScript or PowerShell.
These scripts can be used and executed on one or more target computers. This following SBA list the PCoIP bandwidth usage for example

sba pcoip

The Application usage report lists the number of concurrent   instances and named users for the selected application.

2

This helps identifying who is using what application(s) and licensing applications.

The “top 10 Windows errors” report shows the most frequently occurring errors on all managed computers. If the error is known, it has a link with a possible solution and how to fix it.

1

All the errors are benchmarkend against other organizations.

vROps for Horizon

vROps focuses primarily on monitoring and reporting. So no other end-user supporting features are available as  in ControlUp. Other unique features are:

  • Horizon VDI and application pool indicator metrics
  • Besides PCoIP Blast Extreme protocol metrics are available in vROps for Horizon 6.3
  • Management Packs.  There is a lot (VMware and third party) management packs available such as Virtual SAN and NSX. This improves the end-to-end visibility and monitoring with there own metrics.

Licensing

ControlUp

ControlUp is available as Pro, Enterprise, or Platinum edition. The main differences between these versions are in:

  • Insights retention data (1 Day for Pro, 1 Month for Enterprise, 1 Year for Platinum)
  • Multi Tenancy Support (Enterprise and above)
  • Multi AD support (Enterprise and above)

vROPS for Horizon

vROps for Horizon is licensed as:

  • standalone product.
  • Included in the Horizon Enterprise license

Conclusion

In this blogpost I tried to give a impression of both products. ControlUp and VMware vRealize Operations for Horizon are both great products for monitoring and reporting on your Horizon environment.  Each products has several pros against the other such as:

ControlUp:

  • Less infra structure is needed than vROps for Horizon.
  • Simplicity of the product with an easy learning curve.
  • Great tool for real-time troubleshooting. Process information is available is real-time.
  • Pre-defined interactive reports available for troubleshooting and management information.
  • Offers other functions such as: killing services, Script Based Actions, chatting, managing the file system and registry, application usage, top Windows events etc.

VMware vRealize Operations for Horizon:

  • Besides the VMware vRealize Operations Horizon management pack, there are other management packs (VMware and third party) available that can be imported in vROps such as the Virtual SAN and NSX management pack. Such components become more and more common in a VMware Horizon environment. Adding these management packs improves the end-to-end visibility and monitoring.
  • Ability to create personalized dashboards.
  • vSphere and Horizon Infrastructure related counters such as VDI and Horizon applications pool information.

What product do I need for Horizon environment? This depends on your requirements, use case and what licenses you already have. For example when having a Horizon Enterprise license, vROps for Horizon is included. Even when having a vROps environment, ControlUp adds great value by it’s unique features such as the interactive ControlUp Insights reports and complement vROps.

Tested: VMware snapshot management with Snapwatcher

To monitor and manage VMware Virtual Machine Snapshots Opvizor has released a tool called Snapwatcher.  As consultant I see often that admins don’t have an overview of all the snapshots that exists in their environment. The main concerns with Virtual Machine snapshots are:

  • Snapshots are created and forgot to remove
  • Snapshots can very quickly grow in size
  • Snapshots filling datastore space
  • Delta files may cause decreased Virtual Machine and host performance

In this review Opvizor Snapwatcher is tested. With the Snapwatcher tool it is possible to centrally monitoring and managing snapshots one on more more vCenter server environments.

Installation

The installation of Snapwatcher is simple. Before installing make sure the requirements are met:

  • Windows Installer 4.5
  • Microsoft .NET Framework 4 (x86 and x64)
  • VMware vCenter 4.1 or higher

Download and  installation the Snapwatcher application.  The installation downloads the latest bits from opvizor.com and installs Snapwatcher.

1_InstallNew Update

Every time Snapwatcher is started it checks for the latest updates. So Snapwather is always up-t0-date.

Configuration

The first configuration step is adding one or more vCenter Servers:

add vcenter

After adding the vCenter Server(s), thresholds on warning and error levels can be set, for example:

  • Size and age of the snapshot
  • Size and percentage of the datastore
  • Amount of snapshots for a Virtual Machine

thresholds

Monitor

The dashboard is divided in seperate windows. The screenshot below lists the dabboard with all the 5 windows:

dashboard

Each window can be resized and re-ordered. The 5 windows displays the following information:

1. Overview of the 5 largest snapshots. The amount of snapshots displayed is configurable.

2. Snapshot Disk Waste History (GB). Displays how much disk space is wasted over a period of time.

3. Overview of all the snapshot. All the snapshots are listed with there status.  Snapshots can be sorted on VM or snapshot name, description, status, Size (GB) and created Date. Actions can performed against snapshots such as delete, fix it and exclude.

4. General overview information. Display information about the number of vCenters, ESXi servers, VMs, VMs with snapshots added, the total snapshots and snapshot size.

general info

5. Work History. Displays information about the deleted snapshots and sizes.

Manage

From the dashboard the following actions can be performed against snapshots:

Buttons

Refresh: Refreshes the dashboard and perform an updated inventory of the snapshots.

Delete: Remove the snapshot from the VM.

delete

Exclude: Snapshots can be excluded in the dashboard from displaying. This can be handy for template VM with snapshots or VMware Horizon View Linked Clones.

Fix It: Fix It repairs broken snapshots are snapshots that are not managed by the vCenter Server but are still getting used by the Virtual Machine. In the vSphere Web/Client this status is showed as “Virtual Machine disks consoldition is needed”. In Snapwatcher the status is invalid.

lx250 01 Snapshot

Licensing

When the trail period (7 days) is expired it is still possible to use Snapwatcher. The following Enterprise Edition features will not work when the trail period is over:

  • Fix broken and inconsistent snapshots with our patent pending technology
  • Ignore certain VM snapshots
  • Track your VMware snapshot history

Conclusion

Opvizor Snapwatcher is a great tool for a VMware admin to centrally monitor and manage all the snapshots that exists in there VMware environment. Want to try Snapwatcher? Use this link.