Installing the CloudPhysics Observer v2.x
The new CloudPhysics Observer allows for new features that enable customers and partners to get a richer analytics experience, expand supported vCenter configurations, and provided added security to the collection process. For most organizations, the process of deploying and configuring the CloudPhysics Observer will be less than 5 minutes. Note: An individual with VMware vSphere experience and credentials to deploy the CloudPhysics virtual appliance is required.
In the new CloudPhysics Appliance, we have made the following updates:
- Require a TOKEN per appliance during depoyment to associate each appliance with the organization. This will eliminate the primary account email address from the registration process and allow you to associate appliances with organizations instead of individuals while adding an added level of security and authentication to each appliance’s communication with CloudPhysics.
- Improved Security – The new appliance has several security updates and enhancements to reduce attack surfaces, update legacy software, and require great levels of authentication for Organizations to CloudPhysics.
- Added vCenter Platform Services Controller (PSC) for complex deployments
- Added vCenter Tag Collection to import resource tags directly from vCenter vs creating them within the CloudPhysics UI.
- Reduced the resource requirements for data collection.
- Improved vCenter 6.5/6.7 Support – The new appliance has new API interfaces to take full advantage of vCetner 6.5 and 6.7
- Optional guest process discovery
All of these are available in the new CloudPhysics Observer. New details installation and configuration instructions are below.
Installing the CloudPhysics Observer
It takes just a few minutes to create an account and deploy your CloudPhysics data collector virtual appliance (Observer). Watch the video, or read the step-by-step instructions below to learn how. If you need help, please email us for assistance.
CloudPhysics supports VMware vCenter Server 4.1 through 6.x.
Registration takes just a couple of minutes and can be accomplished online.
- Sign up and create a free account.
- You will receive an automated email to the email address you provided.
- Click the “Activate Now” in the email you received. Note: Google Chrome is the only supported browser at this time.
- Log in with your new CloudPhysics user credentials.
Deploy the Observer Virtual Appliance
Upon logging in to CloudPhysics, you will be prompted to install our Observer. The Observer establishes the metadata connection between your data center and CloudPhysics. The CloudPhysics Observer has the following resource requirements once deployed:
Observer Resource Requirements
– Download Size of OVF/OVA: Approx. 150MB
– Guest OS: Debian Linux 8 64bit
– vCPU: 2
– vRAM: 8192 MB<
– VMXNET3 Network Interfaces: 1
– Size of Deployed Volume: 12 GB
– Local vHDD1 System: 4 GB
– Local vHDD2 Data: 8 GB
– Network access to vCenter
– Internet Access to CloudPhysics via Port 443
– vCenter Account with Read Access – See Requirements below.
- Select your preferred installation media for the virtual application (OVF or OVA). To use the OVF, copy the location URL to your clipboard or active memory and use it within VMware vCenter to import a new Virtual Appliance. To use the OVA, download the OVA file to your local system or a shared storage accessible from vCenter.
OVF URL for vCenter:
- Switch to the VMware vCenter Client or Web interface.
- Using the vCenter menu, navigate to “File > Deploy OVF Template” to deploy from the OVF URL or specify the OVA file you downloaded to import the appliance from local storage.
- Proceed with vSphere Client prompts to complete the installation.
- Provide an Appliance Name and deployment location.
- Choose a Host or Cluster
- Choose a datastore with a minimum of 12GB free.
- Accept the disk configuration.
- Choose a network
- If you wish to use a Static IP Addresses, please specify the Default Gateway, DNS, Static IP Address, and network mask for the appliance from withing vCenter
- Review the settings and choose Power On After Deployment to start the Virtual Machine.
- Wait for the virtual appliance to deploy.
- When the appliance is deployed, open the console view for the virtual appliance to complete the configuration.
Configure the Observer Virtual Appliance
You’re almost done. Post-installation, you need to activate the Observer virtual appliance with a quick configuration.
- In vSphere Client inventory, select the Observer virtual appliance and power it on.
- Open the virtual appliance console view.
- Complete the configuration steps, detailed below. Note the required steps.
|EULA||Required||Click to accept|
|Platform Service Controller (PSC)||Optional||E.g. “vcenter.company.local”
This is used for vCenter 6.0 and above with a Platform Service Controller deployed.
|Select A vCenter Server||Optional||Choose an existing vCenter server name from the pick list of presented with this option. (vCenter 6.0 and Above)|
|vCenter Server, Username, and Password||Required||E.g. “Vcenter.company.local”. This may be pre-populated from the PSC selection above.
“ ******** “
Tip: Windows style credentials may requires “domain\user” format.
|Guest User and Guest Password||Optional||E.g. “company.local\guestacct”, “ ******** ”
Tip: Use the format supported by your environment. “Domain\user”, “email@example.com”, and simple user are all valid credentials depending on your environment and authentication model. It is also possible to have no local access credentials available, so this section is optional.
|HTTP Proxy Server||Optional as Needed||E.g. Proxy: 192.168.00.00
Tip: This is only needed if vCenter Server needs a proxy to reach the Internet.
|HTTP Proxy Port||Optional as Needed||E.g. 8080|
|HTTP Proxy User, Password and Domain||Optional as Needed||E.g. Proxy User “bjones”
Proxy User Password “ ******** “
Proxy Domain: “domain.company.com”
Tip: This is only needed if you have a proxy server which requires credentials. E.g. Blue Coat ProxySG.
|Organization Token||Required on initial configuration.||E.g.: ZB3D-12C4-WX9Z
This token is available from your CloudPhysics Welcome Page (https://app.cloudphysics.com/welcome) for new users and from the CloudPhysics Observer Status Page (https://app.cloudphysics.com/observer-status/vsphere/token) for existing users. This token is unique per organization and valid for only 24 hours and used for organization account selection. Optional after initial configuration and the appliance is already associated with an organization.
Account Validation and Organization Tokens
CloudPhysics now leverages an Organization Token to ensure Observers are associated with the correct organization. This adds an extra level of validity to Observers for Partners and 3rd Parties who deploy multiple observers to customer organizations. Tokens are valid for only 24 hours after being generated. A single token can be used multiple times within the 24-hour window to deploy multiple observers within an organization. This process will result in an Observer being associated with an Organization and not a single email address or individual.
The Token adds additional security in that it ensures that only data from your validated observers are sharing data with CloudPhysics.
Application Discovery Settings (Optional)
New options for guest OS application process discovery leverages a guest account and VMware tools. A guest process list is collected by requesting a list of running processes from the VM through the VMware Tools interface to vSphere. This data collection and analytics is optional to the user. Process discovery allows for automatic tagging of applications and classification of workloads. This feature will require you to provide a local guest OS account credential. This account does not need to be a vSphere Admin or a domain admin account. In simply needs local guest access to view running processes. In many cases, this may be a local guest account or a domain account.
vCenter Server Credentials
CloudPhysics recommends the creation and use of a dedicated vCenter Server service account for use with our Observer virtual appliance. For best results, the service account should have administrator-level permissions and be configured to read-only. In place of this, the vSphere administrator’s credentials will also work.
If there is sensitivity to using an administrator user credential set, a semi-privileged user role can be created for use. This role can be applied to a user credential set with minimal permissions in order to provide the access needed to use CloudPhysics. The resulting user is much less privileged than an administrative user.
This user role can be created as follows:
- In vSphere Client, go to Roles.
- Create a new role, e.g. CloudPhysicsUser.
- Edit privileges, and enable (check off) the following. Note: Depending on versions and vSphere Client versions, you may find slight variations on the permission names below
- Global Service Managers
- Host CIM Interaction (Host.Cim.CimInteraction)
- Host Advanced Configuration (Host.Config.AdvancedConfig)
- Host Configuration Patch (Host.Config.Patch)
- Datastore Browse (Datastore.Browse)
- Host Configuration Storage) Host.Config.Storage
- Permission Defaults (not visible in the vSphere Client user interface). FYI only.
- Next associate this role to the user to also have the CloudPhysicsUser role
The read-only, non-admin user now has the appropriate privileges needed to use CloudPhysics.
Most issues are common misconfigurations which are easily resolved. Refer to the table below for common issues and resolutions. If you still need assistance, please contact firstname.lastname@example.org.
|Data is not appearing in CloudPhysics||Have you completed vApp configuration less than 15 minutes ago?||Allow 15 minutes for the first upload of data to populate your CloudPhysics account.|
|Cannot connect CloudPhysics Observer to vCenter||Network Access?||Ensure the CloudPhysics Observer is on a network segment that has network access to the vCenter you wish to monitor|
|My observer will not activate||Network Access?||Ensure the CloudPhysics Observer is on a network segment that has internet access and does not block port 443. If you require a Proxy, be sure to configure the proxy settings in the Observer Config.|
|I run vCenter 6.0 or Older.||Observer Setup||Check the setup box for vCenter v6.0 and older during the setup. This will use the legacy API’s to collect data from vCenter. This will limit your ability to collect TAGS and other vCenter 6.5/6.7 specific resources.|
|I am not getting Guest Process Data||Observer Setup, Guest OS Credentials||To ensure Guest Processes are collected correctly, you will need to use a guest account that is common to either all VM’s or a domain account that has permissions to your VM’s. Many organizations have a limited access domain account for this purpose. Specify the account in the format that is required for your OS and a valid password. VAlid formats for guest user may be in the form of email@example.com, domain.local\guestuser, or simply guestuser|
|I am not getting Guest Process Data||VMware Toold Not Installed||Guest Process collection requires VMware tools to be installed and enabled in the Guest OS to collect. Ensure your VM’s have up to date VMware tools installed and enabled.|
|I need a Static IP Address||Observer Import Step Missed||You can specify a static IP Address during the Observer Import process for vCenter. Specify a Static IP Address, Default Gateway, and DNS. Be sure the IP Address you specified has not already been deployed to a different network resource.|
|I am not getting vCenter Tags||vCenter Version needs to be v6.x and above||Tag collection is only supported with vCenter v6.x and above.|
|Where do I enter my email address?||Old observer version||The 1.x versions of the CloudPhysics observers leveraged an account email address for account validation. This method is no longer supported in the v2.x observer. If you have an older version of the virtual appliance, use the latest OVF appliance at https://download.cloudphysics.com/observer/observer.ovf and switch to the token based activation.|
|The email user ID in your Observer vApp is different than the email address you registered. This creates a data mis-match.||Open your Observer VM console and confirm/change your email ID to be equal to the email address you registered with CloudPhysics.|
|The Observer data payload cannot reach the Internet.||Your organization may require a proxy to reach the Internet. View your vApp console to edit and provide a proxy server and port number.|
|The Observer data payload cannot reach the Internet.||If your organization uses a proxy server, this server may require credentials in order to allow access to the Internet. If this is the case, view your vApp console, edit and provide the proxy server credentials and domain as needed.|
|Data stopped appearing in CloudPhysics||Your vCenter Server user credentials have expired or were revoked.||Check that the password for the Observer user account is correct. Password expiration policies can be the cause.
Alternately, if a personal user credential was used, and that person no longer works for your company, this credential may have been revoked. Update with a service account or other new credentials.
|Observer vApp has been powered-off or suspended.||In vSphere Client, power the Observer vApp back on.|
|An admin for your account chose to exclude this Observer on the Observer Status page.||Email firstname.lastname@example.org for assistance. Please describe your issue in detail.|
|Your Observer IP Address is no longer valid.||This can occur for static and DHCP addresses if mismanaged. View your vApp console to check settings. Note: To change IP settings, you must first power-off the vApp before you can make changes with ‘Edit Settings > Options > IP Properties’.|
|Your vCenter Server name may have changed.||If so, view your vApp console and edit the vCenter Server name to the new name.|
|I am unable to log in to CloudPhysics||Forgot your password?||At https://app.cloudphysics.com, click on ‘I forgot my password’ to request a password reset.|
|You were removed from this account.||Your CloudPhysics admin may have removed you from this account. Please inquire with this person.|
For issues or troubleshooting not included above, please contact email@example.com