Hello vAdmins!
It’s nice to have you back with us. We’ve now reached our third post centered on VMware vRealize Operations. Today, we’re going to take a look at performance optimization and access control.
Performance Optimization.
To get the most out of your datacenter, you should take a look at the Quick Start page and search for applicable performance optimization suggestions. Additionally, you can go to the Workload Optimization, Rightsize, and Recommendation sections to find extra guidance.
The Workload Optimization feature in vRealize Operations works in tandem with vSphere DRS to ensure that virtual machines have the resources they need. When DRS determines that there is an imbalance in the workload, it uses vMotion to move workloads within the cluster. Moreover, vRealize Operations Workload Optimization is designed to allow virtual machines to be migrated across clusters within the same datacenter.
Let’s take a look at the Workload Placement page.
This page provides a glimpse into the optimization status of datacenters in the inventory, along with the current capacity remaining and potential cost savings opportunities per month. The optimization stats reveal if the datacenter has been optimized or not. If not, you can click ‘Optimize Now’ and watch the demonstration to learn more.
Using vRealize Operation, it is possible to schedule an optimization process to occur at predetermined intervals – once daily, weekly, or monthly – within a specific time frame. Additionally, the automation feature enables vRealize Operation to monitor your data center for optimization opportunities, resulting in continual optimization of your system.
Rightsizing Virtual Machines:
Rightsizing virtual machines is an essential requirement of getting the best performance out of a vSphere infrastructure. This is done with the Rightsize feature, which allows users to adjust the virtual machine’s CPU size and memory to an optimum level. Without this, virtual machines that are either oversized or undersized can lead to a variety of problems. Oversized virtual machines are allocated more resources than they need, leaving fewer resources available for other virtual machines and leading to unnecessary over provisioning. On the other hand, undersized virtual machines are allocated fewer resources than they require, resulting in performance issues due to the lack of resources. To prevent these problems, it is recommended to assign the appropriate resources for each virtual machine.
Optimization Potential
When you hit the button, vRealize operation wil calculate the potential cluster utilization before and after placement optimization and which virtual machines can be moved to achieve this potential.
In this scenario, there are no new optimization to apply
Operational intent vs Business Intent
The Operational Intent Wizard gives you the ability to set up workload automation policy. You have three choices: Balance, Moderate, and Consolidate. Balance will spread the workloads over the available resources, Moderate will reduce any contention among the workloads, and Consolidate will keep the workloads in as few clusters as possible. Cluster Headroom allows you to gauge the risk percentage of a cluster by providing a buffer for any CPU, memory, or disk space that may be needed in the event of a burst or sudden increase in demand.
Business Intent:
Your business intents can drive the placement of virtual machines.
Business intent is based on constrains such as license optimization or tier separation trough a tag-based placement. To define the business intent, you can configure vRealize Operations to use tags
You can enable Business Intent with Tags by the following procedure:
- Create vShere tag categories and tags from vCenter Server
- Apply tags to workload (virtual machines)
- Adjust the requirements in the Business Intent wizard
- Select cluster or host based business intent
- Apply the created tags
Workload Movement Considerations:
Remember that running a workload on VMware vSphere requires your cluster to be set up to support vMotion and Storage vMotion, meaning that shared storage is necessary and clusters must consist of the same CPU vendor and so on.
User Access Control
vRealize Operations authentication module relies on an identity source to authenticate users, establish their user identities, and establish there user group membership.
The following identity sources are supported:
LDAP, vCenter Server, Local User, SSO and VMware Identity Manager.
When you log in as a local user into vRealize Operation, the authentication is performed by vRealize Operation , if you log in bij any other source the authentication module will not look up the user in the database but delegates to the source (LDAP, vCenter, ect).
The authorization module determines objects on which a user can perform actions. Authorization can be applied to a single object, a group, or an inventory tree. This authorization module is responsible for operations that a user can perform.
Authorization
There are 2 different workflows for authorization.
1: Authorization for Local, LDAP and ViDM user:
vRealize performs determines what the users are able to do.
2: Authorization for vCenter Server User.
Authentication with vCenter Single Sign-On ensures that only users in supported identity sources can log in to vRealize Suite. Authorization ensures that only a user with corresponding privileges can view information or perform tasks. Authorization applies to both services and users.
Privilege vs Role
- A privilege is a specific acces right to perform an action
- a Role us a functional grouping of one or morge privileges.
Acces Control Page
From the Acces Control Page, you can mange user account and the associated user groups, roles, and passwords.
You can simply add a authentication source from the wizard which you can find on the administration page.
Authentication Sources
This post has come to an end, but in the future I plan to write about monitoring and creating custom dashboards. Stay tuned!
End of this post.
Disclaimer: This blog is based on my personal title and assumptions. No rights can be derived from this blog