Monthly Archives: November 2019

ISO Management Pack

ISO/IEC 27001 is the standard in the ISO/IEC 27000 family of standards providing requirements for an information security management system (ISMS). To be compliant, it asks for VMware vSphere to have certain properties. vRealize Operations makes this easier by having the alerts predefined.

The first step is to download it. For convenience, the direct link is on the Compliance page itself. Click on Market Place Download link.

It will take you to the Login to download it. The management pack itself is not chargeable.

Once the .pak file is downloaded to your computer, come back to vRealize Operations screen, and click on Install.

The install wizard is pretty straight forward. If it’s your first time installing, then the above 2 check box work either way.

The process is only a few minutes, as it’s a relative small add-on. You can enable your policy at the end of the install (apology not shown on).

Once completed, you can see the alerts and symptoms that are added. Simply search for ISO in the name. You will also see that the provider is not vCenter adapter, but the ISO adapter.

To customize it, simply modify the settings or create a new set of alerts.

How to upgrade to vRealize Operations 8.0

This post was contributed by someone I respect for his dedication to vR Ops. Varghese Philipose, Staff TAM, Dubai, has done many upgrades. He is part of the awesome TAM team in Middle East, and they have successfully done >100 upgrades. I’ve been to Dubai several times and meet their customers. The enthusiasm from the customers on how vR Ops have helped them is the proof of the TAM team dedication.

Phase 1 : Running Pre-upgrade Assessment tool
Only for 6.6.1 or older. 6.7 does not need this.

  • Download upgrade assessment tool vRealize Operations 8.0 – Upgrade Assessment Tool  (Filename: APUAT-, Size of File: 6.07 MB
  • Launch a browser. Go to
    https://master-node-FQDN-or-IP-address/admin, where the address is the master node Administrator interface.
  • Click Software Update in the left panel.
  • Click Install a Software Update in the main panel.
  • Follow the steps in the wizard to locate and install your PAK file. Check Install the PAK file even if it is already installed.
  • Install the Upgrade Assessment Tool.
  • Wait for the software update to complete.
  • Access to Pre-upgrade assessment report – steps as below:
    • Navigate to the Support > Support Bundles tab.
    • Download the light support bundle that was generated from the installation of the Upgrade Assessment Tool.
    • In the downloaded support bundle, open the cluster_timestamp_nodeaddress/nodeaddress_timestamp_nodeaddress/apuat-data/report/index.html file.
    • A list of all potentially impacted user content, if any , will be displayed in the Impacted Components Summary page.

Phase 2 : Upgrading to vROps 8.0 

Make sure the “root” account password is set, and is not expired or locked (on all nodes). Check by logging into SSH console of every node with root account. If you have not logged into SSH earlier, the default password will be blank and just press enter at password prompt. After this it will ask for setting a new password.

Make sure “admin” account password is set, and is not expired or locked (On all nodes)

  1. Recommended to remove all impacted Management Packs, if any, prior to initiating the upgrade.
  2. Download the following upgrade file required for upgrade: Use the download link from myvmware portal
  3. Make sure all the vROps nodes have sufficient disk space for upgrade (Minimum 5% free disk space required for each node): Check with command “df -h” from SSH session to each node.
  4. Optional step: If you have a large vROps cluster with more than 4 nodes, speed up by pre-copying upgrade files to all nodes. Follow steps in KB 2127895
  5. Take the vR Ops cluster offline from Admin UI and shut down all nodes.
  6. Take snapshot of all the nodes.
  7. Power on vR Ops nodes in the sequence starting Master Node, Replica Node, Data Nodes and Remote Collectors.
  8. Take the cluster offline, if it comes online after powering ON. This step reduces the time taken for upgrade.
  9. Initiate vR Ops In-place upgrade from Admin UI. 
  10. Once the upgrade is completed, verify functionality. If all functionality is reported correctly, take the cluster offline, shutdown nodes and delete the snapshots. Once snapshots are removed, power on the nodes in sequence (follow same steps in Step #9 above ).
  11. Once all nodes are powered on, bring the vROps cluster Online.

Because of vR Ops 8.0 included vRealize Suite 2019 you should upgrade your vRealize Suite license from 2018 to 2019 as well.

Approach to define SLA

How do you measure your SLA if you have different classes of service? For example, your offer a higher availability for Gold, and lower one for Silver. This is common and expected.

You offer 99.99% for Gold, and 99.9% for Silver. Both are measured against the same benchmark, which is the ideal, perfect availability (No Downtime).

Just because something is up, does not mean it’s fast. A VM can be up, but if it’s so slow, it is as good as dead. So you need another kind of SLA to complement Availability SLA. You need Performance SLA.

Another reason why you need another SLA is availability is a given. It does not matter what the number is. If it’s down, you better hurry to bring up!

Performance SLA needs to follow a consistent approach with other SLA. The higher the class of service, the higher the SLA. They can’t be the same number, else it’s confusing.

So it will look something like this

Gold: Performance SLA is 99.9%
Silver: Performance SLA is 99%

Another word, a VM in Silver environment will expect that it does not get what it demands as often as a VM in Gold. If the VM Owner wants to have better or more consistent performance, then simply pay more and upgrade to gold cluster.

This approach is easier than setting up a different SLA for each tier. Take for example

Gold: VM Memory Contention: 0.5%
Silver: VM Memory Contention: 1.0%

You notice the problem already?

That’s right! It’s hard to explain why 0.5 and 1, and not other numbers. It’s also hard to explain the gaps between them.

There is a 2nd problem. If you set different standards, it is possible that Silver will perform better than Gold, because it has lower standard!

It’s much easier to set a high standard (similar to the No Downtime situation) and just measure the failure to meet. You expect Silver to fail more often.

Operationally, having a single threshold is easier to set up. No need to play with vRealize Operations policy. You can also have mixed classes of VM in the same cluster, as the SLA threshold is the same.

Hope it addresses why Operationalize Your World applies a single threshold.

BTW, I encourage you not to modify the threshold. It’s more important to establish the baseline, and see its relative movement over time. Reason is infra performance don’t have perfect correlation with the business. It’s more important to know your performance pattern, than aiming for a perfect number. Don’t be obsessed with the number.