可为各种 VMware Identity Manager 组件监控列出的 URL 端点,以确保环境功能正常。某些端点还可用于负载平衡器,以确保服务已启动并可正常通信。

负载平衡器的运行状况检查

组件 运行状况检查 预期返回 备注
VMware Identity Manager 服务 /SAAS/API/1.0/REST/system/health/heartbeat

字符串:ok

Http:200

频率为每 30 秒

Android 移动 SSO - Certproxy:

:5262/system/health

Http:200 频率为每 30 秒

iOS 移动 SSO - KDC:

TCP half-open to port 88

连接 频率为每 30 秒
证书适配器:

:7443/SAAS/API/1.0/REST/system/health/heartbeat

字符串:ok

Http:200

频率为每 30 秒
VMware Identity Manager Connector /hc/API/1.0/REST/system/health/allOk

字符串:true

Http:200

频率为每 30 秒
Integration Broker /IB/API/RestServiceImpl.svc/ibhealthcheck

字符串:All Ok

Http:200

频率为每 30 秒

XenApp 7.x 集成:

/IB/API/RestServiceImpl.svc/hznxenapp/admin/xenfarminfo?computerName=&xenappversion=Version7x

字符串:'SiteName'

Http:200

频率为每 5 分钟。
XenApp 6.x 集成:

/IB/API/RestServiceImpl.svc/hznxenapp/admin/xenfarminfo?computerName=&xenappversion=Version65orLater

字符串:'FarmName'

Http:200

频率为每 5 分钟。

负载平衡器的运行状况检查会返回简单的值,以供网络设备轻松解析。

要监控的其他运行状况检查

此处列出的运行状况检查可由能够解析数据和创建仪表板的监控解决方案使用。请将频率设置为每 5 分钟。

VMware Identity Manager 服务监控和运行状况

URL 调用:/SAAS/jersey/manager/api/system/health

/SAAS/API/1.0/REST/system/health

原始输出: 

{
   "AnalyticsUrl":"unknown",
   "ElasticsearchServiceOk":"true",
   "EhCacheClusterPeers":"unknown",
   "ElasticsearchMasterNode":"unknown",
   "ElasticsearchIndicesCount":"unknown",
   "ElasticsearchDocsCount":"unknown",
   "AuditPollInterval":"0",
   "AnalyticsConnectionOk":"true",
   "EncryptionServiceVerified":"unknown",
   "FederationBrokerStatus":"unknown",
   "ServiceReadOnlyMode":"false",
   "ElasticsearchUnassignedShards":"unknown",
   "AuditWorkerThreadAlive":"true",
   "BuildVersion":"3.3.0.0 Build xxxxxxx",
   "AuditQueueSize":"0",
   "DatabaseStatus":"unknown",
   "HostName":"unknown",
   "ElasticsearchNodesCount":"unknown",
   "EncryptionStatus":"unknown",
   "FederationBrokerOk":"true",
   "EncryptionConnectionOk":"true",
   "EncryptionServiceImpl":"unknown",
   "ClusterId":"22f6e089-45df-41ab-9c8a-77f3e4589230",
   "EhCacheClusterDiagnostics":"unknown",
   "ElasticsearchNodesList":"unknown",
   "DatabaseConnectionOk":"true",
   "ElasticsearchHealth":"unknown",
   "StatusDate":"2018-08-06 19:14:40 UTC",
   "ClockSyncOk":"true",
   "MaintenanceMode":"false",
   "MessagingConnectionOk":"true",
   "fipsModeEnabled":"true",
   "ServiceVersion":"3.3.0",
   "AuditQueueSizeThreshold":"null",
   "IpAddress":"unknown",
   "AuditDisabled":"false",
   "AllOk":"true"
}
"AllOk" "true","false" 汇总运行状况检查以监控 VMware Identity Manager 服务的整体运行状况
"MessagingConnectionOk" "true","false" 验证所有消息生成者和使用者是否均已连接到 RabbitMQ
"DatabaseConnectionOk" "true","false" 验证与数据库的连接
"EncryptionConnectionOk" "true","false" 验证与加密服务的连接是否正常以及主密钥存储是否正常
"AnalyticsConnectionOk" "true","false" 验证与分析服务的连接
"FederationBrokerOk" "true","false" 验证嵌入式身份验证适配器以确保其子系统正常
注: 输出中的标签 "unknown" 指示信息受到限制。默认情况下,将会隐藏敏感信息,如 IP 地址和主机名。要显示此信息,请参阅 在运行状况检查 API 中显示其他信息

URL 调用:/catalog-portal/services/health

此运行状况检查专门针对 VMware Identity Manager 的用户界面部分。

原始输出: 

{
	"status": "UP",
	"uiService": {
		"status": "UP"
	},
	"apiService": {
		"status": "UP"
	},
	"eucCacheEngine": {
		"status": "UP"
	},
	"cacheEngineClient": {
		"status": "UP"
	},
	"persistenceEngine": {
		"status": "UP",
		"database": "Microsoft SQL Server",
		"hello": 1
	},
	"tenantPersistenceEngine": {
		"status": "UP",
		"database": "Microsoft SQL Server",
		"hello": 1
	},
	"diskSpace": {
		"status": "UP",
		"total": 8460120064,
		"free": 4898279424,
		"threshold": 10485760
	}
}
"status" "UP","DOWN" 汇总运行状况检查以监控 VMware Identity Manager 用户界面 (User Interface, UI) 的整体运行状况
"uiServer.status" "UP","DOWN" 如果主 UI 服务正在运行,则为 UP
"apiService.status" "UP","DOWN" 如果主 UI API 服务正在运行,则为 UP
"eucCacheEngine.status" "UP","DOWN" 如果 Hazelcast 群集引擎正在运行,则为 UP
"cacheEngineClient.status" "UP","DOWN" 如果 UI 的 Hazelcast 客户端正在运行,则为 UP
"persistenceEngine.status" "UP","DOWN" 如果主数据库 (SQL) 正在运行,则为 UP
"tenantPersistenceEngine.status" "UP","DOWN" 如果主数据库 (SQL) 正在运行,则为 UP
"diskSpace.status" "UP","DOWN" 如果可用磁盘空间大于配置的阈值 (10 MB),则为 UP
"diskSpace.free" 字节 装有 VMware Identity Manager UI 的分区中的可用空间(以字节为单位)

VMware Identity Manager Connector 监控和运行状况

URL 调用:/hc/API/1.0/REST/system/health

原始输出: 

{
	   "HorizonDaaSSyncConfigurationStatus": "",
	   "AppManagerServiceOk": "true",
	   "DomainJoinEnabled": "false",
	   "XenAppEnabled": "true",
	   "ViewSyncConfigurationStatus": "",
	   "ThinAppServiceOk": "true",
	   "ThinAppSyncConfigurationStatus": "unknown",
	   "Activated": "true",
	   "XenAppServiceOk": "false",
	   "DirectoryServiceStatus": "Connection test successful",
 	   "BuildVersion": "2017.1.1.0 Build 5077496",
	   "ThinAppServiceStatus": "unknown",
	   "XenAppServiceStatus": "A problem was encountered Sync Integration Broker",
	   "HostName": "hostname.company.local",
	   "NumberOfWarnAlerts": "0",
	   "JoinedDomain": "true",
	   "XenAppSyncConfigurationStatus": "Sync configured (manually)",
	   "DirectorySyncConfigurationStatus": "Sync configured (manually)",
	   "NumberOfErrorAlerts": "0",
	   "DirectoryServiceOk": "true",
	   "HorizonDaaSTenantOk": "true",
	   "ThinAppDirectoryPath": "",
	   "StatusDate": "2017-06-27 10:52:59 EDT",
	   "ViewSyncEnabled": "false",
	   "ViewServiceOk": "true",
	   "HorizonDaaSEnabled": "false",
	   "AppManagerUrl": "https://workspaceurl.com/SAAS/t/qwe12312qw/",
	   "HorizonDaaSServiceStatus": "unknown",
	   "DirectoryConnection": "ldap:///ldapcall",
	   "ServiceVersion": "VMware-C2-2017.1.1.0 Build 5077496",
	   "IpAddress": "169.118.86.105",
	   "DomainJoinStatus": "Domain: customerdomainname",
	   "AllOk": "false",
	   "ViewServiceStatus": "unknown",
	   "ThinAppEnabled": "false",
	   "XenAppSyncSsoBroker": "integrationbrokersso:443 / integrationbrokersync:443"
}
"AllOk" "true","false" 汇总运行状况检查以监控 VMware Identity Manager Connector 服务的整体运行状况。
"ViewServiceOk" "true","false" 如果与 View Broker 的连接成功,则为 True。如果禁用了 View 同步,此属性将为 True。
"HorizonDaaSTenantOk" "true","false" 如果与 Horizon Cloud 的连接成功,则为 True。如果禁用了 Horizon Cloud 同步,此属性将为 True。
"DirectoryServiceOk" "true","false" 如果与目录的连接成功,则为 True。如果禁用了目录同步,此属性将为 True。
"XenAppServiceOk" "true","false" 如果与 Citrix 服务器的连接成功,则为 True。如果禁用了 Citrix 服务器,此属性将为 True。
"ThinAppServiceOk" "true","false" 如果与 ThinApp 打包应用程序服务的连接成功,则为 True。如果禁用了打包应用程序,此属性将为 True。
"AppManagerServiceOk" "true","false" 如果能够对 AppManager 正确进行身份验证,则为 True。
"NumberOfWarnAlerts" 0 - 1000 在此连接器上触发的警告警示数量。它们在连接器同步日志中记录为“备注”。它们可以指示某个已同步的资源中包含 VMware Identity Manager 中所没有的用户或组。这可能是特意设计的,具体取决于配置。计数器会在每次同步时持续递增,直到警告和错误警示数量等于 1000 并且管理员清除警示为止。
"NumberOfErrorAlerts" 0 - 1000 在此连接器上触发的错误警示数量。它们在连接器同步日志中记录为“错误”。它们可以指示同步失败。计数器会在每次同步时持续递增,直到警告和错误警示数量等于 1000 并且管理员清除警示为止。

VMware Identity Manager Integration Broker 监控和运行状况

URL 调用:/IB/API/RestServiceImpl.svc/ibhealthcheck

原始输出: 

“All Ok”

此运行状况检查验证 Integration Broker 上的所有软件是否可正常响应。它返回一个包含字符串 "All Ok" 的 200 响应。

使用 Citrix XenApp 7.x 的 VMware Identity Manager Integration Broker 监控和运行状况

URL 调用:/IB/API/RestServiceImpl.svc/hznxenapp/admin/xenfarminfo?computerName=&xenappversion=Version7x

这会从对 Citrix 的 API 调用中提取回信息。监控可确保值保持一致。

原始输出: 

[{
	 \ “ConfigurationLoggingServiceGroupUid \ “:  \ “5e2a5602 - 45a8 - 4b56 - 92e6 - 9fae5a3ff459 \ “,
	 \ “ConfigurationServiceGroupUid \ “:  \ “620d7c6e - b7c1 - 4ee7 - b192 - d00764f477e7 \ “,		 \ “DelegatedAdministrationServiceGroupUid \ “:  \ “0a59914d - 4b6e - 4cca - bbaa - a095067092e3 \ “,
	 \ “LicenseServerName \ “:  \ “xd.hs.trcint.com \ “,
	 \ “LicenseServerPort \ “:  \ “27000 \ “,
	 \ “LicenseServerUri \ “:  \ “https:  \  /  \  / xd.hs.domain.com: 8083 \  /  \ “,
	 \ “LicensingBurnIn \ “:  \ “2014.0815 \ “,
	 \ “LicensingBurnInDate \ “:  \ “8 \  / 14 \  / 2014 5: 00: 00 PM \ “,
	 \ “LicensingModel \ “:  \ “UserDevice \ “,
	\ “MetadataMap \ “:  \ “System.Collections.Generic.Dictionary `2[System.String,System.String]\“,
	\“PrimaryZoneName\“:\“\”,
	\“PrimaryZoneUid\“:\“00000000-0000-0000-0000-000000000000\“,
	\“ProductCode\“:\“XDT\“,
	\“ProductEdition\“:\“PLT\“,
	\“ProductVersion\“:\“7.6\“,
	\“SiteGuid\“:\“0c074098-02d2-47cf-aa87-7e3asdsad7c\“,
	\“SiteName\“:\“customer\“
}]

原始输出异常: 

{“ExceptionType”:“System.Management.Automation.CmdletInvocationException”,“Message”:“An invalid URL was given for the service.  The value given was ‘mit-xen751.hs.trcint.com’.\u000d\u000a    The reason given was: Failed to connect to back-end server ‘mit-xen751.hs.trcint.com’ on port 80 using binding WSHttp. The server may be off-line or may not be running the appropriate service\u000d\u000a\u0009There was no endpoint listening at http:\/\/mit-xen751.hs.trcint.com\/Citrix\/ConfigurationContract\/v2 that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.\u000d\u000a\u0009The remote name could not be resolved: ‘mit-xen751.hs.trcint.com’.“,”StackTrace”:”   at System.Management.Automation.Internal.PipelineProcessor.SynchronousExecuteEnumerate(Object input, Hashtable errorResults, Boolean enumerate)\u000d\u000a   at System.Management.Automation.Internal.PipelineProcessor.SynchronousExecute(Array input, Hashtable errorResults)\u000d\u000a   at System.Management.Automation.Runspaces.LocalPipeline.InvokeHelper()\u000d\u000a   at System.Management.Automation.Runspaces.LocalPipeline.InvokeThreadProc()“}

使用 Citrix XenApp 6.x 的 VMware Identity Manager Integration Broker 监控和运行状况

URL 调用:/IB/API/RestServiceImpl.svc/hznxenapp/admin/xenfarminfo?computerName=&xenappversion=Version65orLater

这会从对 Citrix 的 API 调用中提取回信息。监控可确保值保持一致。

原始输出: 

“[{
  	 \ “FarmName \ “:  \ “NewFarm \ “,
	 \ “ServerVersion \ “:  \ “6.5.0 \ “,
	 \ “AdministratorType \ “:  \ “Full \ “,
	 \ “SessionCount \ “:  \ “0 \ “,
	 \ “MachineName \ “:  \ “XENAPPTEST \ “
	}]”