Virtualization with VMware

You can use VMware vSphere virtual machines, including ESXi and vCenter, with SUSE Manager by setting up a virtual host manager (VHM).

To begin, you need to set up a VHM on your SUSE Manager Server, and inventory the available VM hosts. Taskomatic can then begin data collection using the VMs API.

1. VHM Setup

The Virtual Host Manager (VHM) runs on the SUSE Manager Server.

To run a VHM, your SUSE Manager Server needs to have port 443 open, to access the VMware API.

VMware hosts use access roles and permissions to control access to hosts and guests. Ensure that any VMware objects or resources that you want to be inventoried by the VHM have at least read-only permissions. If you want to exclude any objects or resources, mark them with no-access.

When you are adding new hosts to SUSE Manager, you need to consider if the roles and permissions that have been assigned to users and objects need to be inventoried by SUSE Manager.

For more on users, roles, and permissions, see the VMware vSphere documentation: https://docs.vmware.com/en/VMware-vSphere/index.html

Procedure: Creating a VMware VHM
  1. In the SUSE Manager Web UI, navigate to Systems  Virtual Host Managers.

  2. Click Create and select VMware-based.

  3. In the Add a VMware-based Virtual Host Manager section, use these parameters:

    • In the Label field, type a custom name for your VHM.

    • In the Hostname field, type the fully qualified domain name (FQDN) or host IP address.

    • In the Port field, type the ESXi API port to use (for example, 443).

    • In the Username field, type the username associated with the VM host.

    • In the Password field, type the password associated with the VM host user.

  4. Click Create to save your changes and create the VHM.

  5. On the Virtual Host Managers page select the new VHM.

  6. On the Properties page, click Refresh Data to inventory the new VHM.

To see which objects and resources have been inventoried, navigate to Systems  System List  Virtual Systems.

Connecting to the ESXi server from a browser using HTTPS can sometimes log an invalid certificate error. If this occurs, refreshing the data from the virtual hosts server fails. To correct the problem, extract the certificate from the ESXi server, and copy it to /etc/pki/trust/anchors. Re-trust the certificate by running the update-ca-certificates command on the command line, and restart the spacewalk services.

After your VHM has been created and configured, Taskomatic runs data collection automatically. If you want to manually perform data collection, navigate to Systems  Virtual Host Managers, select the appropriate VHM, and click Refresh Data.

SUSE Manager ships with a tool called virtual-host-gatherer that can connect to VHMs using their API, and request information about virtual hosts. virtual-host-gatherer maintains the concept of optional modules, where each module enables a specific VHM. This tool is automatically invoked nightly by Taskomatic. Log files for the virtual-host-gatherer tool are located at /var/log/rhn/gatherer.log.

2. Troubleshooting SSL Errors on VMware

If you see SSL errors while configuring your VMware installation, you need to download the CA certificate file from VMware, and trust it on SUSE Manager.

Procedure: Trusting VMware CA Certificates
  1. Download the CA Certificate from your VMware installation. You can do this by logging in to your vCenter Web UI, and clicking Download trusted root CA certificates.

  2. If the downloaded CA certificates file is in .zip format, extract the archive. The certificate files have a number as an extension. For example, certificate.0.

  3. Copy the certificate files to your SUSE Manager Server, and save them to the /etc/pki/trust/anchors/ directory.

  4. Change the filename suffix on the copied certificate to either .crt or .pem.

  5. On the SUSE Manager Server, at the command prompt, update the CA certificate record:

    update-ca-certificates