Administer > Configure CSA > Cloud Service Management Console > Customize the Cloud Service Management Console Dashboard > Configure the Cloud Optimizer Tile

Configure the Cloud Optimizer Side-Bar Menu

Cloud Optimizer is a web-based analysis and visualization tool that analyzes performance trends of elements in virtualized environments. When Cloud Optimizer is integrated with CSA, Cloud Optimizer provides the ability to:

  • Monitor the performance
  • Analyze the capacity, usage, and forecast trends of the virtualized infrastructure
  • Show health status information for the CSA service subscription

The Cloud Service Management Console provides the Cloud Optimizer menu item that launches the product web page for Cloud Optimizer. To use Cloud Optimizer you need to configure the menu item to launch the Cloud Optimizer dashboard. To see the health status information in CSA, you must have a provider configured and enabled for Cloud Optimizer.

Cloud Optimizer supports the vcentre and Helion Open Stack providers.

The following roles can access the Cloud Optimizer menu in the Management Console: Administrator, Service Designer, Service Business Manager, Resource Supply Manager, and Service Operations Manager.

Prerequisites

  • You must have Cloud Optimizer installed and properly configured in your CSA environment.
  • To ensure seamless navigation between the products, make sure that the HP SSO for Cloud Optimizer is configured to enable logging on to CSA.

  • For HP SSO between CSA and Cloud Optimizer to work successfully, both products have to be installed on machines that are in the same Domain. The value of Domain and Protected Domain parameters specified for HP SSO configuration must be the same.

    •  

  • You must configure users for both CSA and Cloud Optimizer for single sign-on (each user must have the same name and password). You can also configure LDAP users for single sign-on. To enable single sign-on for LDAP users, you must either configure CSA and Cloud Optimizer to use the same LDAP source or, if CSA and Cloud Optimizer use different LDAP sources, configure the same users in both sources. In either case, the CSA user must be assigned to the appropriate role to access the menu items that launch Cloud Optimizer and the Cloud Optimizer user must be assigned a role that allows it to perform the expected functions in Cloud Optimizer.

  • Review the Cloud Optimizer online help for more information.

Note The domain name and crypto settings like initString should be the same as what is configured in the hpssoConfig.xml file in IDM container

To get the initString from hcm-idm Container on the HCM Suite Machine:

1. Log on to HCM Suite management console. Example: https://<hcm suite>:5443

2. Choose the HCM Suite's name-space from Resource and select the hcm-idm pod.

3. From the list of available environment variables, look for the environment variable 'HCM_IDM_LWSSO_INITSTRING'.

Copy the value. Example "6d4b570fa7973244cd8c2c3be01b4e89".

4. Update the value in the /opt/OV/www/webapps/PV/WEB-INF/classes/lwssofmconf.xml file in Cloud Optimizer.

 

Configure the Cloud Optimizer Menu in the Cloud Service Management Console

To configure the Cloud Optimizer menu in the Cloud Service Management Console, complete the following steps:

  1. Make a backup of the <PERSISTENT_VOLUME_PATH>/sync/csa/jboss-as/standalone/deployments/csa.war/dashboard/config.json file (where PERSISTENT_VOLUME_PATH is the directory in which HCM Suite is installed).
  2. Edit the PERSISTENT_VOLUME_PATH/jboss‑as/standalone/deployments/csa.war/dashboard/config.json file.
  3. Search for a menu item called cloud_optimizer. You can search for the occurrence of the following text: "id": "cloud_optimizer".
  4. In the data section, change the URL from the Cloud Optimizer product web page to the Cloud Optimizer dashboard URL. For example, change "http://www8.mydomain.com/us/en/software-solutions/vpv-server-virtualization-management/" to "<VPV_FQDN>:8444/PV/?CTX=CSA where <VPV_FQDN> is the fully-qualified domain name of the Cloud Optimizer installation.
  5. Save and exit the file.

  6. If you are logged in to the Cloud Service Management Console, clear the browser cache (see Clear the web browser cache for information about how to clear the web browser cache) and refresh the browser to view the changes. Clearing the browser cache is optional (a troubleshooting step).

    Note The changes do not require you to restart CSA.

 

Configure Cloud Optimizer and CSA to Monitor Health Status in CSA

CSA and Cloud Optimizer integration provides health status information for the CSA service subscription provisioned on vCenter provider.

The following two modes of communication are used between CSA and Cloud Optimizer to update the health status on CSA:

  • The first mode is through the REST API where CSA calls the REST APIs provided by Cloud Optimizer to retrieve the health of the service subscription. You can refresh the health status of a service subscription by navigating through the Operations side-bar menu in the Cloud Service Management Console.
  • The second mode is through the Cloud Optimizer notification, which notifies the health status change of a VM to CSA. CSA internally determines the service subscription to which the VM belongs to update the health status on the subscription.

Cloud Optimizer supports the following predefined health statuses: CRITICAL, MAJOR, MINOR, WARNING, NORMAL, and UNKNOWN. Cloud Optimizer also supports the power statuses: SUSPENDED and POWERED_OFF. Cloud Optimizer monitors each VM and determines the actual health status. Cloud Optimizer then reports the health status to CSA through either of the two modes mentioned above.

CSA is responsible for computing the overall health status of a service subscription based on each VM’s health status, which is provisioned as part of the subscription. The highest severity health status of any of the VMs belonging to a subscription, is the health status shown for that subscription.

Complete the following tasks to configure the Cloud Optimizer health status for CSA:

Note The commands used to configure the Cloud Optimizer are run on the Cloud Optimizer machine, which only supports Linux.

 

Configure SSL

CSA and Cloud Optimizer communication is through the SSL protocol. You must complete the following prerequisite tasks for the integration to work.

 

Configure REST API-based Communication to Integrate CSA and Cloud Optimizer

Following are the required configuration steps to integrate CSA and Cloud Optimizer. See the Cloud Optimizer Configuration Guide and Cloud Optimizer online help on the Cloud Optimizer server, for more information.

To configure REST API-based communication to integrate CSA and Cloud Optimizer, complete the following steps on the Cloud Optimizer server:

  1. Configure the data source.

    You need to add the data source such as vSphere, and configure the vCenter provider details, which are required to be monitored by Cloud Optimizer.

  2. Configure LDAP.

    Configure the LDAP details and verify that you can log in with the configured admin user account.

  3. Configure the CSA URL as follows:

    1. Configure the CSA URL address , for example: https://10.1.2.1:8444, and add the user name and password. Save the details.

    2. Configure the Server Component Type as 'CI_TYPE_SERVER,SEVER'.

      If you have created new custom server component types, then you also need to add them to the Server Component Type.

    3. By default the "CSA Component Property" name hostName is mapped to the Name property of the Cloud Optimizer Server Property.

    4. Click Edit and add new properties in the Instance Mapping Rule.

      1. Add a new "CSA Component Property" as ipAddress and select IP Address from the Cloud Optimizer Server Property property list.
      2. Add a new "CSA Component Property" as instanceId and select System ID from the Cloud Optimizer Server Property property list. (This is not required for the vCenter Data source.)

  4. Apply the Cloud Optimizer license. Contact the vendor for the license.

    A valid license determines the total number of VMs a Cloud Optimizer can monitor.

Configure the SSL Certificate

Configure the SSL certificate by exporting the Cloud Optimizer certificate and importing it into CSA's truststore.

 

Export the Cloud Optimizer Certificate

To export the Cloud Optimizer certificate, complete the following steps:

Note Use the /opt/OV/nonOV/jre/b/bin/ path used during installation to import or export the Cloud Optimizer certificate.

  1. Use the SSH protocol to go into the Cloud Optimizer system and run the following command:

    /opt/OV/nonOV/jre/b/bin/keytool -export -alias ovtomcatb -file <local_path>/co-certificate.crt -keystore /var/opt/OV/certificates/tomcat/b/tomcat.keystore

  2. When prompted for the keystore password, enter changeit.

 

Import the Cloud Optimizer Certificate into CSA

To import the Cloud Optimizer certificate into CSA, complete the following steps:

Note Import the certificate in the JRE's truststore path used during the CSA installation. For example, on Linux, the path is /usr/hpe/csa/jre/lb/security/cacerts.

  1. Go to the /opt/OV/nonOV/jre/b/bin/ folder.

  2. Copy the exported certificate file, co-certificate.crt, and place it in any folder in which CSA is installed. For example, in /tmp/co-certificate.crt.

  3. Copy the certificate to the HCM persistent volume path <PERSISTENT_VOLUME_PATH>/certs/ca.

  4. Restart the CSA pod. See Restart or redeploy individual deployments for instructions.

Configure Cloud Optimizer Notification-based Communication

Cloud Optimizer uses Kafka as a message broker service to notify the registered Kafka consumer client. In this case, the consumer is CSA.

Kafka notification service can be run either in secure or non-secure mode. The non-secure mode of communication is the default mode, which works without additional configuration for CSA. However, you do need to do a basic Kafka configuration on the Cloud Optimizer server.

Complete the following tasks to configure Cloud Optimizer notification-based communication:

Basic Cloud Optimizer Kafka Configuration

You need to configure Kafka to expose the ports and enable Cloud Optimizer to produce and consume messages through the CSA (the remote client).

To configure Kafka on Cloud Optimizer, complete the following steps:

  1. Expose port 9092 as follows:

    Note 9092 is the default port. However, you must use the port that the Kafka broker is configured to run.

    1. Run the following command:

      iptables -I INPUT -s 0/0 -p tcp --dport 9092 -j ACCEPT

    2. Or stop the firewall service using the following commands:

      Service iptables stop

      Service ip6tables stop

  2. Change the Kafka server /opt/OV/nonOV/kafka/config/server.properties file as follows:

    1. For non-secure communication, set the listener property as PLAINTEXT

      listeners=PLAINTEXT://<host name of CO machine>:9092

      For example:

      listeners=PLAINTEXT://10.2.11.195:9092

    2. For secure communication, set the listener property to SSL.

      listeners=SSL://<host name of CO machine>:9092

      For example:

      listeners=SSL://10.2.11.195:9092

  3. Configure the SSL parameters in the /opt/OV/nonOV/kafka/config/server.properties file as specified in the Cloud Optimizer’s SSL Configuration Guide.

  4. Use the following commands to enable/disable Kafka Service

    To enable Kafka :

    # /opt/OV/bin/msgbus.sh -enable
    Example output:
    ====================== Current Messagebus Configuration ========================
    HPEKafka and HPEZookeeper are disabled.
    =============================================================================
    Enabling Msgbus
    Registering HPEKafka and HPEZookeeper
    Starting HPEZookeeper and HPEKafka
    =============================================================================

    To Disable Kafka:

    # /opt/OV/bin/msgbus.sh -disable
    Example output:
    Disabling Msgbus
    Stopping HPEZookeeper and HPEKafka
    Unregistering HPEKafka and HPEZookeeper
    ====================== New Messagebus Configuration ========================
    HPEKafka and HPEZookeeper are disabled.
    =============================================================================

    To check the status:

    # /opt/OV/bin/msgbus.sh -status
    Example output:
    hpekafka    HPE Kafka Service                   CORE,SERVER  (1364)   Running
    hpezookeeper HPE Zookeeper Service               CORE,SERVER  (989)    Running

  5. Export the Cloud Optimizer certificate and import it into CSA’s truststore. See the Configure the SSL Certificate for instructions.

SSL Configuration Changes on Cloud Optimizer

For a secure mode communication, you need to configure the Cloud Optimizer Kafka services to be secure using the Java keystore certificate. These certificates need to be exported from the Cloud Optimizer and imported into CSA.

For SSL configuration on the Cloud Optimizer Kafka service, see the Kafka documentation at http://docs.confluent.io/2.0.0/kafka/ssl.html (since this link is a third-party link and could change, this link may or may not remain active).

SSL Configuration Changes on CSA

Make the following SSL configuration changes on CSA:

  • Enable SSL configuration on CSA

  • Enable SSL-Based Authentication

Enable SSL configuration on CSA

To enable SSL configuration on CSA, complete the following steps:

  1. Export the certificate from the keystore used by the Kafka broker server:

    /opt/OV/nonOV/jre/b/bin/keytool -export -alias <alias_name> -file /home/kafka-broker.crt -keystore <Path of the broker's server key store file>

  2. Import the Kafka broker's certificate into CSA as follows:

    1. Copy the Kafka_broker.crt to PERSISTENT_VOLUME_PATH>/certs/ca.

  1. Restart the CSA pod. See Restart or redeploy individual deployments for instructions.

Enable SSL-Based Authentication

If SSL-based authentication is enabled on Cloud Optimizer’s Kafka broker, complete the following steps:

  1. Log on to hcm-nginx-ingress-controller container and copy the certificate (*.pem) file from the location /etc/nginx-ssl/ and import into Cloud Optimizer.

  2. You can use the following commands to enable/disable Kafka Service:

    3. To enable Kafka :

    # /opt/OV/bin/msgbus.sh -enable

    Example output:

    ====================== Current Messagebus Configuration

    ========================

    HPEKafka and HPEZookeeper are disabled.

    =============================================================================

    Enabling Msgbus

    Registering HPEKafka and HPEZookeeper

    Starting HPEZookeeper and HPEKafka

    =============================================================================

    To Disable Kafka:

    # /opt/OV/bin/msgbus.sh -disable

    Example output:

    Disabling Msgbus

    Stopping HPEZookeeper and HPEKafka

    Unregistering HPEKafka and HPEZookeeper

    ====================== New Messagebus Configuration ========================

    HPEKafka and HPEZookeeper are disabled.

    =============================================================================

    To check the status:

    # /opt/OV/bin/msgbus.sh -status

    Example output:

    hpekafka HPE Kafka Service CORE,SERVER (1364) Running

    hpezookeeper HPE Zookeeper Service CORE,SERVER (989) Running

Configuring CSA environment variables in hcm-csa.yaml file

  1. If you want to enable the SSL-based communication between CSA and Cloud Optimizer for Kafka notifications, make the following changes:

    2. Create a new environment variable in the following format:

    Property format - <Cloud Optimizer hostname/IP Address>_ssl.enabled 
where the hostname/IP Address should match the value configured as access point 
of the CO provider
Set the value to 'true' to enable SSL or 'false' to disable.
    If the environment variable is not present, then default will be non-SSL 

    For example, if the CO provider is configured with the access point URL as https://cohostname:8444/PV, then the environment variable in the .yaml file must be as below:

    cohostname_ssl.enabled=true

  2. Optional: If the Server component in CSA has a property name which holds the host name of the deployed VM and the name is other than any of these: 'hostName', 'hostname' or 'name', then you must create a new environment variable in CSA container deployment yaml file.

    3. Example: If the new property name is 'fqdn',

    add a new environment variable in hcm-csa.yaml file as:

    CSA_PROP_SERVER_HOST_NAME=hostName, hostname, name, fqdn

    The same applies to ipAddress property on the server component where the new environment variable name would be CSA_PROP_SERVER_IP_ADDRESS.

Provider Configuration Changes in CSA

The following sections describe how to configure Cloud Optimizerproviders in CSA.

Create a Cloud Optimizer Provider

To create a Cloud Optimizer provider, complete the following steps:

  1. In the Providers menu, select By Type in the left pane.
  2. Select HPE Cloud Optimizer.
  3. In the right pane, select the Providers tab.
  4. Click the gear icon and select Create Resource Provider.

  5. Add the required fields:

    Item Description
    Display Name The name of the Cloud Optimizerprovider.
    Service Access Point

    Specify the Cloud Optimizer access URL for connecting to the provider. Use /PV as the suffix, which is mandatory.

    For example: https://10.2.13.177:8444/PV
    User ID The user ID for the Cloud Optimizer Service Access Point.
    Password The password for the Cloud Optimizer Service Access Point. Re-type the password in the Confirm Password field.
    Enabled

    This value determines whether the provider will be selected when provisioning a new service. The setting is either Enabled (when checked) or Disabled (when not checked). When Disabled, the provider will not be selected when provisioning new services. Disabling a provider will have no effect on existing services that are using that provider.

See the Cloud Service Management Console Help for more information about configuring providers.

Configure the Cloud Optimizer Provider Properties

  • CONSUMER_GROUP_ID:

    If CSA is configured in a high availability cluster mode, then create a property with the name CONSUMER_GROUP_ID and configure it in the Cloud Optimizer provider. Set a value that can be any string.

    For example: CSA_HA_CONFIG

  • BOOTSTRAP_SERVERS:

    If the Cloud Optimizer’s Kafka bootstrap server port is configured with a non-default port such as 9092, then you must create a property with the name BOOTSTRAP_SERVERS and configure it in the Cloud Optimizer provider. Set the value to <server:port>, where the server is the host address and port is the new port on which the Kafka broker server is running.

    If there is a cluster of configured Kafka bootstrap servers, then you can optionally specify a comma-separated list of host addresses <server:port>.

  • Change the properties on the providers:

    On the vCenter provider, create a new property with the name COURL and set the value of the access point of the Cloud Optimizer that is configured to monitor it.

    For example: https://10.2.13.177:8444/PV

Send Help Center feedback