If a server falls over in the forest and no one raises an incident, does it actually go down?
As every good VMware administrator knows, there is no known good reason on earth as to why you shouldn't be using some form of monitoring solution to keep watch on your VMware platforms. As the "VMware guy" you really can't afford to waste your time keeping a constant watchful eye on things, just in case something bad were to happen. But let's face it - from time to time bad things do happen!
There are many, many options available in the market to poke and probe your infrastructure to check if it's all still there, doing what it should be doing. These range from free tools that simply ping devices and alert you if something fails to respond, to monster-sized monitoring and management solutions that cost an arm and a leg. The big comprehensive solutions are great, but they are typically very complex to design, deploy, configure and keep running, and will often only alert you to an issue once it has occurred and the phone is already ringing with your boss saying "has anything changed on the VMware platform today?". That's when panic sets in as you realise the production VMware cluster is spiralling into a full meltdown. The two options available to you are a) start troubleshooting the issue and hope you find a solution PDQ, or b) pick up your jacket, exit the building, and start getting your LinkedIn profile up to date because you're going to need a new job!
Taking a proactive approach
Wouldn't a better approach be to discover potential issues in your environment before they were about to happen? What if you could fix an issue before it brings down your entire VMware cluster? Surely that would have you rise up the ranks to demigod level and then you could spend more time playing with all the cool new things you wish you had time to try.
I've spent the last few months getting to know the Runecast Analyzer product very well. I can honestly say "Wow! I'm impressed". From the simplicity of the product to be able to quickly deploy and have it scanning your environment in minutes, to its easy-to-use and great looking web interface, it really is an excellent tool to have in your toolbox.
What makes Runecast really stand out to me, is that it is capable of looking at the setup of your VMware platform and check this against three main sources of information:
- VMware knowledge base articles
- VMware best practice guides
- VMware security hardening guides
The expert guys who developed and founded Runecast (VCDX #74, VCAP's, VCPs, etc) continuously monitor and assess new KB's, best practice guides and security recommendations, and determine how to check for them. These updates are then automatically pulled down into the Runecast Analyzer appliance on a regular basis.
Once a scheduled scan occurs and picks up a potential issue in your environment, not only does Runecast flag this issue, it provides you with a copy of the KB article directly in the web interface or a link to the best practice/security hardening guide where it came from. This means you can fully understand the issue before you decide to address it or choose to ignore it.
For example, it may be a requirement in your environment to allow certain non-standard settings such as allowing promiscuous mode on a port-group. In this instance you can simply choose to ignore this alert by way of the highly configurable filter. Runecast will continue to re-scan your environment on a regular basis (defined by you) to ensure continuous compliance and help protect you against configuration drift.
It also allows you to send the log files from vSphere hosts and Virtual Machines (the VMs VMware logs, not from inside the Virtual Machines Operating Systems/applications, just to be clear) to the Runecast Analyzer appliance and have these logged and checked for issues too. All of this can be configured in the Runecast UI (provided the account you use has sufficient permissions in vCenter to make these changes) by a couple of simple clicks. It couldn't actually be any easier than that, could it?
And... it does all this onsite, so no data is sent back from the appliance for analysis somewhere in a different country, or stored on a server that you have no control over - so there's no issues with security there.
As I said, I've been giving this VM monitoring and troubleshooting solution a really good bash around for the last few months, and I'm well impressed. If you fancy checking it out for yourself you can download a free 30-day trial, and get it up and running in your own environment in minutes. And who knows, perhaps just doing this alone could help save one tree, sorry, server from falling over.