In cloud automation it is important that the life-cycle and state of the virtual machine should be monitored. Cisco Cloud Portal or any other portal for that matter should have knowledge of the actual state of the VM. Even if cloud user show down or power on VM directly from the VNC or through RDP.
This can be achieved by using SNMP. SNMP trap is a powerful mechanisn to track not only the state of the VM but also any other object within vCenter. And this is true for any element manager that supports SNMP traps.
CPO (Cisco Process Orchestrator) can trigger workflow based on the SNMP trap it recieves and can informa Cisco Cloud Portal (CCP) via API. Lets assume a user doesn't use portal but goes directly in the VM via RDP and power it off. Now vCenter trap will be sent to CPO and CPO will send the status back to CCP. CCP will then update the VM property and show that VM is actually powered-off on the Portal. This way portal user will always get the real-time stats from the VM.
This could be valid for other scenarios as well for example if a VM get deleted, you want to have a trap received in CPO and then run some scripts accordingly to delete DHCP reservation or clean up other database table.
Make sure UDP ports 161 and 162 are open for SNMP trap to receive by the orchestrator.
VMware Configuration Steps
Global SNMP Configuration
172.21.54.228 is the IP address for the CPO (Cisco Process Orchestrator) server. It will receive SNMP traps based on the alter criteria that we will see in the later section.
Up to 5 SNMP receiver system can be defined in vCenter
vCenter Alarm Setting To Generate SNMP trap
Alarms can be configured and defined at various objects in vCenter. It is the responsibility of vCenter admin to define these alarm condition. It will depend on what trap vCenter admin wants to send to CPO server and on the use case.
Alarm should be carefully configured for all the objects in the vCenter otherwise a wrong configuration might create SNMP traffic storm on the network
Alarm definition must be very specific and not too generic
We will look at the example of defining an alarm so that we can trap Power ON and Power Off state of a VM.
In vCenter go to the folder object that would contain the VM that you want to monitor. And create a new alarm
This new alarm will now show under the folder-object as shown below
Following screen shot is take from CPO server for a power-on event. CPO will receive the trigger and based on the trigger CPO workflow will be started
CPO configuration will be shown in the following sections.
Repeat Steps for PowerOff
Similarly you can create the SNMP alerts for many actions available in vCenter Alarm configuration section.
Process Orcehstrator Workflow Development
In the following screen shot notice that community string must match the string that was configured on the vCenter SNMP properties.
First part of the workflow will read the SNMP trap. Save it in XML format. Read table from XML and put it in a local table. It will then run SQL query to find the state of the VM.
In the second part it will collect the name of the VM and other properties.
Workflow SNMP Trigger
The workflow will be triggered based on a specific OID (184.108.40.206.4.1.68220.127.116.11.203 ) in the trap that it receives from vCenter
Lets take a look at the properties and logic to build this workflow
Breakdown of Various Activities and Their Properties
CPO automatically captures the SNMP trap data in XML. We will save it in a local variable for further processing.
Now select the "Row" XML element from the saved value and put them in a table format.
Select for the OID (18.104.22.168.4.1.6822.214.171.1246.0) value. This would have information if the event was for a VM Power ON or VM Power OFF.
Now use the condition branch to check the value and set the variables accordingly
Now select a different OID ('126.96.36.199.4.1.68188.8.131.527.0') to pick the name of VM and its associated properties.
Workflow will be executed based on the SNMP trigger automatically.
Hello,I have "ACI Essential SW license for a 10/25/40G+ Nexus 9K Leaf (ACI-ES-XF)". I have a question: Does this license supports the usage of all 48 ports without any additional license on switch LEAF 93180YC-EX?Thanks for your response. n...
We are repurposing the Hyperflex Servers in our environment and we need to do a cleanup to release the disks. We are doing bare metal installs of Ubuntu on the nodes. I was in touch with TAC and they suggested this. The device in UCS Manager was claimed b...
Hello experts!I need your support to understand why the FW service is not working in my lab installation.In my lab the Bridge Domain (BD), subnet, VRF, contract and L3Out are all configured in the Tenant common while the endpoint groups (EPGs) are configu...
Dears, If I have two DCs with two fabrics in each fabric there is two EPG with VNID 10000 and another one with VNID 20000 (maybe EPG VNID 10000 for VDI users and EPG VNID 20000 for Application) and we create Contract between them. in DR DC ...