Policies and custom groups are the most critical features in vRealize Operations. They are simply indispensable to set up a customized working monitoring environment in your shop, yet they are the feature that is most ignored or misunderstood. If you install vROps out of the box it analyzes your environment with its dynamic thresholding capabilities and smart alerts, but it is not customized to your needs. At installation you answer a number of questions through an installation wizard (see further in this article) for some basic settings that apply to your whole environment. This process was created in version 6 precisely to help people use policies! And still we ignore it…
In a previous blog post I wrote about custom groups, in this new series of articles I will explain policies in a way that you will want to keep a hard copy under your pillow… In this first installment we will introduce policies. In a next posting I will show you how to create policies and work on some use cases.
In the old vCenter Operations Manager (v5.x) VMware introduced policy with v5.3, I think. It made the product suddenly useful for customers using capacity planning. A policy was kind of a configuration file, mostly for capacity calculations. You could have more than one policy – in fact VMware shipped some examples – and you could associate a policy with a custom group. In this way you could make a ‘production’ group for example, with very strict capacity settings and warnings, and a ‘test/dev’ group with relaxed settings.
A lot of people (me included) were confused when VMware extended policies in v6.0 to incorporate metrics and smart alerts. It is not simple to understand, but vital to create your own monitoring environment with least effort to operate. So I made it my noble task to reveal to you all mysteries of policies as I know them… Here we go!
What is a policy? According to the definition it is a ‘Mechanism to analyze and display data’. Great. What can we do with it? You can:
As you install more extensions or management packs in vRealize Operations, it becomes critical to control some of the alerts and metrics defined there. With the new True Visibility Suite licensing model at Blue Medora, you can install all management packs for your infrastructure in one go: Cisco UCS, Dell, HP or Lenovo servers, Cisco Nexus switches, F5 Big-IP and so on. Some management packs in the connector suite transfer data from other management tools such as Oracle Enterprise Manager or Microsoft SCOM and have a potential to add thousands of metrics and alerts. You need to control your environment!
Let’s start with an overview of where our policies live in vROps. In Administration, Policies you will find two tabs: ‘Active Policies’ and ‘Policy Library’. ‘Policy Library’ is a repository of standard policies delivered with vROps, policies installed with management packs and policies created by a user or the installation wizard.
Figure 1: Policy library in vROps.
In figure 1 you will notice some of the default VMware policies, some installed by Blue Medora and a Default Policy with a date stamp (highlighted). The Default Policy (without date) is the base policy in vROps for all objects. The one with a date stamp is the one created through the installation wizard. When you click on a policy it will show you some useful info:
The toolbar gives you all the actions to create, delete, export and import policies. Also note that the nice folks at VMware included a vSphere 5.5 hardening policy here. This policy can be used in compliance to check your whole environment for critical security settings! Use it!
The ‘Active Policies’ tab will show you which of the policies are actually active at that point in time, with priority and associated groups. This allows you to see what settings are active at any given time. Figure 2 corresponds to a newly installed vROps, where only the default policy from the installation wizard is active. The details pane at the bottom is identical to the library.
Figure 2: Active Policy panel.
In the next post we will take a detailed look at creating new policies. Until then!
For this blog post I brought together material from my own experience and following resources: