You use VMware Aria Operations to monitor the state of the components in the VMware Cloud Foundation instance. You review collected metrics by using VMware Aria Operations dashboards. You can use the self-monitoring capability of VMware Aria Operations to receive alerts about issues that are related to its operational state. You connect VMware Aria Operations with the management domain and one or more virtual infrastructure (VI) workload domain components of your VMware Cloud Foundation instance by using cloud accounts, adapters, and direct integrations.

In this validated solution, VMware Aria Operations monitors the following components:

  • SDDC Manager

  • vCenter Server

  • vSAN

  • ESXi hosts

  • NSX

  • Clustered Workspace ONE Access

Note:

This validated solution also supports monitoring of VMware Aria Operations for Logs and VMware Aria Automation. For information on solution interoperability with these components, see VMware Cloud Foundation Validated Solutions.

VMware Aria Operations Integrations for VMware Cloud Foundation

You activate and configure integrations for VMware Aria Operations to facilitate collecting data from each VMware Cloud Foundation instance and establish the necessary integration.

Table 1. Integrations

Integration

Description

Method

VMware Cloud Foundation

Includes dashboards for VMware Cloud Foundation.

Manual activation and configuration.

VMware Identity Manager

Provides metrics for Workspace ONE Access.

Configuration automated by SDDC Manager.

VMware Infrastructure Health

Provides metrics and dashboards for the health and efficiency of VMware cloud management plane applications.

Manual activation and auto-configuration.

Ping

Provides metrics on the availability of endpoints.

Manual activation and configuration.

Table 2. Design Decisions on Integrations for Intelligent Operations Management

Design Decision ID

Design Decision

Design Justification

Design Implication

IOM-VAOPS-CFG-020

Activate the VMware Cloud Foundation integration in VMware Aria Operations.

Provides the ability to configure VMware Cloud Foundation instance specific cloud accounts to gather metrics for SDDC Manager, vCenter Server, vSAN, and NSX Local Manager.

You must activate the integration manually.

IOM-VAOPS-CFG-021

Activate the VMware Identity Manager integration for VMware Aria Operations.

Provides the ability for VMware Aria Operations to communicate with Workspace ONE Access endpoints.

The integration is installed and activated by SDDC Manager.

IOM-VAOPS-CFG-022 Activate the VMware Infrastructure Health integration in VMware Aria Operations.
  • Provides a unified operations view of each VMware Cloud Foundation instance including the associated management and workload domains.
  • Provides information on the health of associated management components.
  • You must configure a VMware Cloud Foundation cloud account before activating the integration.
  • You must activate the integration manually.

IOM-VAOPS-CFG-023

Activate the Ping integration in VMware Aria Operations.

Provides metrics on the availability of endpoints.

You must activate the integration manually.

For information about the design decisions on service accounts for the VMware Aria Operations , see Service Accounts Design for VMware Aria Operations for Intelligent Operations Management for VMware Cloud Foundation.

VMware Aria Operations Cloud Accounts

You use cloud accounts to add endpoints as adapter instances, providing VMware Aria Operations with the ability to communicate with them. VMware Aria Operations can collect data from the following private cloud accounts:

Table 3. Cloud Accounts in VMware Aria Operations

cloud account

Additional Data Source

Description

VMware Cloud Foundation

SDDC Manager

Provides VMware Aria Operations with the ability to communicate with SDDC Manager to discover workload domains and their management components.

vCenter Server

Provides VMware Aria Operations with the ability to communicate with the vCenter Server for a workload domain and to gather metrics.

vSAN

Provides VMware Aria Operations with the ability to gather vSAN metrics from vCenter Server.

NSX

Provides VMware Aria Operations with the ability to gather metrics from NSX Manager.

Application Discovery

Provides VMware Aria Operations with the ability to discover applications, running on virtual machines in vCenter Server

Table 4. Design Decision on Cloud Accounts for Intelligent Operations Management

Design Decision ID

Design Decision

Design Justification

Design Implication

IOM-VAOPS-CFG-024

Remove the existing vCenter Server cloud account created by SDDC Manager.

The existing cloud account is not used when utlizing the VMware Cloud Foundation integration.

You must manually remove the existing cloud account.

IOM-VAOPS-CFG-025

Remove the existing Principal Credential for the vCenter Server created by SDDC Manager.

The existing Principal Credential is not used when utlizing the VMware Cloud Foundation integration.

You must manually remove the existing credential.

IOM-VAOPS-CFG-026

Configure a credential for each VMware Cloud Foundation instance with a service account using least privileage access.

Provides the required access when enabling the VMware Cloud Foundation integration in VMware Aria Operations to collect SDDC Manager domain and metric data.

You must maintain the life cycle, availability, and security controls for the account in Active Directory.

IOM-VAOPS-CFG-027

Configure a VMware Cloud Foundation cloud account for each VMware Cloud Foundation instance using a credential and assign to the local-instance collector group.

Provides metric collection of SDDC Manager and workload domains.

You must manually create the cloud account.

IOM-VAOPS-CFG-028

Configure a Principal Credential for each workload domain vCenter Server for each VMware Cloud Foundation instance with a service account using least privileage access.

Provides the required access when enabling the VMware Cloud Foundation integration in VMware Aria Operations to collect vCenter Server metric data.

You must maintain the life cycle, availability, and security controls for the service account in Active Directory.

IOM-VAOPS-CFG-029

Configure a vCenter Server cloud account for each workload domain vCenter Server instance using a Principal Credential and assign to the local-instance collector group.

Provides metric collection of vCenter Server.

You must manually create the cloud account.

IOM-VAOPS-CFG-030

Enable the vSAN cloud account for each workload domain in the VMware Cloud Foundation instance.

Provides metric collection from all vSAN enabled clusters in a workload domain.

Service account usage across vCenter Server instances expands the risk of losing connectivity from VMware Aria Operations in the event of an account issue.

IOM-VAOPS-CFG-031

Configure a NSX-T Client Certificate Credential for each NSX Manger instance with least privileage access.

Provides the required access when enabling the VMware Cloud Foundation integration in VMware Aria Operations to collect NSX Manager metric data.

You must manage the credentials and the life cycle of certificates and their corresponding private keys.

IOM-VAOPS-CFG-032

Configure an NSX cloud account for each workload domain NSX Manager instance for each VMware Cloud Foundation using a NSX Client Certificate credential and assign to the local-instance collector group.

Provides metric collection for an NSX Manager.

You must manually add the credentials for the cloud account.

IOM-VAOPS-CFG-033

Configure a VMware Identity Manager cloud account for the clustered Workspace ONE Access instance and assign to the default collector group.

Provides metric collection from the clustered Workspace ONE Access instance.

  • The cloud account is configured by SDDC Manager.

  • The load on the analytics cluster, though minimal, increases.

IOM-VAOPS-CFG-034

Configure a Ping cloud account for the VMware Aria Operations analytics cluster nodes and assign to the default collector group.

Provides metrics on the availability of VMware Aria Operations analytic nodes.

You must add the cloud account instance manually.

IOM-VAOPS-CFG-035

Configure a Ping cloud account for the VMware Cloud Proxy for VMware Aria Operations appliances and assign to the local-instance collector group.

Provides metrics on the availability of VMware Cloud Proxy for VMware Aria Operations appliances.

You must add the cloud account instance manually.

IOM-VAOPS-CFG-036

Configure a Ping adapter for the clustered Workspace ONE Access nodes and assign to the default collector group.

Provides metrics on the availability of the clustered Workspace ONE Access nodes.

You must add the cloud account instance manually.

VMware Aria Operations Metrics

VMware Aria Operations collects data from objects in your environment. Each piece of collected data is called a metric observation or value. VMware Aria Operations uses integrations and management packs to collect raw metrics. In addition to the metrics it collects, VMware Aria Operations calculates capacity metrics, badge metrics, and metrics to monitor the health of your system.

Table 5. VMware Cloud Foundation Metrics

Type

Description

Self-monitoring metrics for VMware Aria Operations

Collects metrics that monitor its own performance that are useful for diagnosing problems with VMware Aria Operations.

vCenter Server

Collects metrics for vSphere components that are useful to troubleshoot issues in your environment.

vSAN

Collects metrics for vSAN objects, such as disk I/O and space utilization.

NSX

Collects metrics for NSX objects, such as logical switches, edge nodes, and controller clusters.

VMware Identity Manager

Collects metrics for Workspace ONE Access, such as certificates, storage space, database connections.

VMware Cloud Foundation

Aggregates metrics from installed adapters and provides out of the box dashboards for VMware Cloud Foundation, including SDDC Manager and workload domain inventory and capacity metrics.

Ping

Verifies the availability of end points that exist in your virtual environment by using ICMP.

VMware Aria Operations Alerts

Alert definitions are a combination of symptoms and recommendations that identify problem areas in VMware Aria Operations and generate alerts on which you act for those areas.

Alert definitions are provided for various objects in your environment through integrations. You can also create your own alert definitions based on metrics and criteria specific to your environment.

Table 6. Design Decisions on Alerts for Intelligent Operations Management

Decision ID

Design Decision

Design Justification

Design Implication

IOM-VAOPS-CFG-037

Define and configure application, virtual machine, and container related alerts.

Alerts can be used to detect and notify administrators about conditions that endanger the operation of individual or groups of workloads running in your environment.

Individual alerts may need to be manually created and maintained.

IOM-VAOPS-CFG-038

Define and configure virtual infrastructure and ESXi host related alerts.

Alerts can be used to detect and notify administrators about conditions that endanger the operation of your virtual infrastructure as a whole or down to its discrete components.

Individual alerts may need to be manually created and maintained.

IOM-VAOPS-CFG-039

Define and configure software-defined networking related alerts.

Alerts can be used to detect and notify administrators about conditions that endanger the operation of NSX software-defined networking components.

Individual alerts may need to be manually created and maintained.

IOM-VAOPS-CFG-040

Define and configure storage related alerts.

Alerts can be used to detect and notify administrators about conditions that endanger the operation of vSAN or disk/file-based storage or individual storage layer components.

Individual alerts may need to be manually created and maintained.