One of the security options that are available in vSphere, is the ability to configure the “High Availability” at the level of a single machine and… a single application! vSphere App HA is nothing more, than another services integrator, delivered in the form of plug-in for vSphere Web Client. It is also the only known for me option in the VMware portfolio, which allows connect a single monitored application with specific actions. This specific action is to force reboot the entire virtual machine in response to the failure of the single application from inside the machine! This is the new quality, many Administrators do not know or do not know for sure how to use it. In this post, on a running example, I’ll show how to use the functionality that provides vSphere App HA (Appliance version 1.1).
Before we use the vSphere App HA, have to meet several conditions. First of all we have in our cluster configured and enabled vSphere HA, with enabled “VM and Application Monitoring”. If this is possible, Let us enable also ” Admission Control “.
Additionally, in order to receive notifications by e-mail (alarm handling is performed by vCenter), configure in the vCenter global settings mail server and the sender (if earlier that never did).
We must also have in the environment installed and configured the vCenter Hyperic 5.8. If Hyperic agents were installed manually, they must accept not verified SSL (agent.setup.acceptUnverifiedCertificate = yes ), if they were previously installed from the vSphere Web Client, it is nothing needs to do. In the next step, install the vSphere App HA Appliance, this is a very simple and standard process . After installing the App HA, log in to the vSphere Web Client and prepare the integration with vCenter Hyperic (section Administration -> vSphere HA App -> Settings), including acceptance Hyperic certificate.
Our sample application that will be monitor is the vPostgres installed as an appliance, for the purposes of the test Horizon Workspace Portal 2.0 installation. If you prepared the vCenter server integration with Hyperic (via Infrastructure Navigator), go to the vApp Horizon Workspace and under Manage, install Hyperic agent inside our vPostgres appliance.
Then log in to the vCenter Hyperic and configure the newly added resources. Hyperic agent detects a variety of resources and services on the machine. Where we are interested in monitoring a particular service, it is best to remove (in this case detected Sendmail and Apache Tomcat) what is unnecessary. We leave the system, agent and vPostgres health monitoring.
The problem with vPostgres is that the startup scripts do not support the restart command (aurora_mon for versions 9.2 and vpostgres_mon for version 9.3). App HA supports only restart function. Therefore, we need to create a script called /etc/init.d/postgres containing one line: service aurora_mon start (or service vpostgres_mon start).
We should also remember that by default vPostgres has not statistic enabled. Proper collection of data about the performance of the vPostgres, will take place only when the track_counts=on option is enabled in the file /var/vmware/vpostgres/current/pgdata/ postgresql.conf:
vSphere App HA default supports only a portion of the servers and applications supported by vCenter Hyperic. At the start support PostgreSQL but unfortunately does not support vPostgres. You can import the needed service directly from Hyperic to the App HA. To do this, we need to be logged in App HA appliance as root and issue the following command:
The service is restarted, and after a few minutes in the vSphere Web Client we see (Monitor -> Applications Availability) the vPostgres service.
At this point, we can create our first policy for handling application state. In the case of services imported from vCenter Hyperic, it is not possible to set the detailed parameters of the access and application control policy level. Apply the settings defined for the Hyperic agent.
At this stage, an attempt to assign the policy to the service will end with “No VMware vCenter AppHA plug-in named VC is defined on the vCenter Hyperic server.” message.
This means that we need to install the Hyperic agent on a server where it is installed our vCenter (Windows or vCSA).
Log in to the vCenter Hyperic and check whether the agent has connected to the server.
After adding agent to the inventory, we need to set up a new “Server”, this server is the “VMware vCenter AppHA”.
At this point, we have configured correctly all the services needed to monitor the application from the vSphere Web Client. We can re-assign the previously created policy to our application.
Remember that polices always armed, when we plan to perform some operations on the application or virtual machine, Let us enable maintenance mode on the monitored applications. So that we have never been surprised by the sudden application restart or machine reboot. To make changes in the policy that is assigned to active service, we also have to put all of these services in the maintenance mode.
System response to the command “service aurora_mon stop” where maintenance mode is off (the first alert appears in the vCenter, see the first picture in this post):
At the end a short summary. Is it useful to install and use the vSphere App HA? If our environment is made up of the latest components, vSphere 5.5, Infrastructure Navigator, vCenter Hyperic in version 5.8, is the most worth it. vSphere App HA is the dot over and when we talk about monitor VMware vSphere whole environment. Is it a perfect solution? Of course not, but it has a high potential for development.
Was this information is helpful? Tell me, please leave a comment!