Using cloud proxies in VMware Aria Operations, you can collect and monitor data from your remote data centers. Typically, you need only one cloud proxy per physical data center. You can deploy one or more cloud proxies in VMware Aria Operations to create a one-way communication between your remote environment and VMware Aria Operations. Cloud proxies collect data from the end-point environment and uploads it to VMware Aria Operations. Cloud proxies can support multiple vCenter Server accounts. For more information on cloud proxies, see the topic called Cloud Proxy FAQ in the Configuring VMware Aria Operations Guide.

Prerequisites

  • Verify that you have an IP address, a DNS entry, and permissions to deploy OVF templates in vSphere.
  • Log in to vSphere and verify that you are connected to a vCenter Server system.
  • Allow outgoing HTTPS traffic for cloud proxy over port 443. For more information on firewall requirements in VMware Aria Operations see KB article 93210.
  • Allow incoming traffic to cloud proxy over ports 443, 8443, 4505, and 4506 for telegraf based application monitoring.
  • Allow incoming traffic to cloud proxy over port 443 for push model adapters or Suite-API on cloud proxy.
  • Add a vCenter cloud account and provide an account with the following read and write privileges:
    • vCenter IP address or FQDN
    • Permissions required to install a cloud proxy on the vCenter Server.

    For more information on privileges, see the topic called "Privileges Required for Configuring a vCenter Adapter Instance" in the VMware Aria Operations Configuration Guide.

  • Cloud proxies must have a proper DNS resolution to the VMware Aria Operations nodes when using short/long FQDN names. This is applicable to on-prem cloud proxy.
  • Using a firewall to restrict traffic by IP is not recommended since IPs can change without notice. Restricting traffic must be performed via FQDNs only.

Procedure

  1. Log in to VMware Aria Operations.
  2. From the left menu, click Administration > Cloud Proxies, and then click Add.
  3. Click Broadcom support portal to navigate to the Broadcom support portal, log in using your credentials. and download the cloud proxy OVA file.
  4. Navigate to your vSphere, select the name of your vCenter Server cluster, and select Deploy OVF Template from the Actions menu.
  5. Insert the ova link and then click Next.
    • Paste the cloud proxy ova link in the URL field.
    • Click the Local File option, browse, and select the downloaded OVA file.
  6. Follow the prompts to install the OVA on your vCenter Server.
    For the most current information about sizing and scaling, see Knowledge Base article 78491.
  7. When prompted to enter the Unique Registration Key in the Customize template screen, return to the Install Cloud Proxy page in VMware Aria Operations.
  8. (Optional) Activate Data Persistence to store data in the cloud proxy in case of connectivity issues. For more information, see Activating Data Persistence in Cloud Proxy.
  9. (Optional) Activate Log Forwarding to use the cloud proxy for forwarding logs from end points to VMware Aria Operations for Logs.
    Note: Log forwarding in cloud proxy is available only if you have configured a VMware Aria Operations for Logs account in VMware Aria Operations. For more information, see Configuring VMware Aria Operations for Logs with VMware Aria Operations.

    If you activate log forwarding in cloud proxy, the cloud proxy is used solely for log forwarding and cannot be used within collector groups.

  10. Click the Copy Key icon.
    The unique registration key expires 24 hours after generation. To avoid using an expired key, click Regenerate Key before proceeding. The unique registration key is used by the cloud proxy to authenticate to VMware Aria Operations.
    Note: The unique registration key is refreshed and a new key is generated if you reload the cloud proxy page. A new unique registration key generated if you activate data persistence, or log forwarding, or both.
  11. Return to vSphere and paste the key in the Unique Registration Key text box to install the VMware Aria Operations Cloud Appliance.
  12. Select Prefer IPv6 to use IPv6 for internal communications. For more information, see the topic, 'Using IPv6 with VMware Aria Operations' in the Getting Started with VMware Aria Operations Guide.
  13. (Optional) Set up a proxy server in the Customize template screen.
    1. Enter details in the Network Proxy IP Address and Network Proxy Password properties.
      Note: If you use network proxy for log forwarding, port 9543 must be open.
    2. To activate SSL, select the Use SSL connection to proxy check box.
    3. If you are using SSL, you can verify the certificate of the proxy server. Public certificate authorities are used to verify the proxy server certificate. To activate this, select the Verify proxy's SSL cert check box in the Verify SSL cert property.
    4. You can specify the IP /FQDN URL that is used to access the system when a load balancer is used.
    5. If you have a custom certificate authority, paste the root certificate authority in the Custom CA property to verify the certificate of the proxy server. The root certificate authority is passed on to the cloud proxy. Include the following lines when you copy the root certificate authority:
      "-----BEGIN CERTIFICATE-----" 
      "-----END CERTIFICATE-----"
  14. Click Finish.
    The deployment takes a few minutes to finish.
  15. Locate the cloud proxy you just installed, select the VMware Aria Operations Cloud Appliance, and click Power on.
    Note: You must power on the VMware Aria Operations Cloud Appliance within 24 hours of registering it. After 24 hours, the Unique Registration Key expires, and you must delete the VMware Aria Operations Cloud Appliance and deploy another cloud proxy.
  16. Return to the Cloud Proxy page in VMware Aria Operations to view the status of the cloud proxy you just installed. For more information, see Monitoring the Health of Cloud Proxies.
  17. To view the accounts that are using this connection, click the Cloud Proxy.
    The communication from the cloud proxy to cloud is one way. The cloud proxy initiates this connection and if necessary, it also pulls data from cloud (like the adapters configuration or upgrade pak). The cloud proxy requires a regular Internet access over the HTTPS protocol but it does not need any special firewall configuration. The cloud proxy verifies the certificate of the cloud service it connects to and if there are transparent proxy servers which do stop SSL, it might cause connectivity problems for the cloud proxy.

    The cloud proxy also supports connection through the corporate proxy server. The proxy settings are given during OVF deployment.

  18. (Optional) To delete a cloud proxy, click the vertical ellipsis and then click Delete. For more information, see Deleting Cloud Proxies.

What to do next

Upgrade your cloud proxy. For more information, see the topic called Upgrading Cloud Proxy in the Getting Started with VMware Aria Operations Guide.

The VMware vSphere solution connects VMware Aria Operations to one or more vCenter Server instances. For more information see the topic called Configure a vCenter Server Cloud Account in VMware Aria Operations in the Configuring VMware Aria Operations Guide.