9.2.1 Configuration Requirements

This section describes the settings required to properly configure each different server virtualization product for use with Resource Orchestrator.

Configuration Requirements for Each Server Virtualization Product

The required configuration differs with each server virtualization product. For details on the configuration of each virtualization product, refer to the manual of each product.

[VMware]
Installation of VMware Tools is required to properly display the host names of guest OSs and enable their remote shutdown via the power control functions of Resource Orchestrator.
Install VMware Tools after installing an operating system in a VM guest.

[Hyper-V]

Use the following procedure to enable remote management.
1. Enable remote WMI settings.
  1. In each VM host, access the Control Panel and open the [Administrative Tools]-[Computer Management].
    The [Computer Management] window is displayed.
  2. Open [Services and Applications], right-click on [WMI Control] and select [Properties] from the displayed menu.
    The [WMI Control Properties] dialog is displayed.
  3. Open the [Security] tab, select [Root]-[virtualization] and click [Security].
    The [Security for ROOT\virtualization] window is displayed.
  4. Select the login user for the VM host, and check [Allow] from [Remote Enable].
  5. Click the [OK] button.
    When using Windows Server 2012 R2 or later, the following configuration is also needed.
  6. Select the [Security] tab, then [Root]-[virtualization]-[v2] and click [Security].
    The [Security for ROOT\virtualization\v2] window is displayed.
  7. Select the login user for the VM host, and check the "Allow" check box from "Remote Enable".
  8. Click the [OK] button.
  The remote WMI settings are enabled.
2. Configure the Windows firewall to enable remote WMI management.
  1. On each VM host, run the "GPedit.msc" command.
    The [Local Group Policy Editor] dialog is displayed.
  2. Select the following folder:
    [Computer Configuration]-[Administrative Templates]-[Network]-[Network Connections]-[Windows Firewall]
  3. If the VM host is a member of a domain, double-click [Domain Profile]; otherwise double-click [Standard Profile].
    Either one of the [Domain Profile] or [Standard Profile] screen is displayed.
  4. On the displayed window, right-click [Windows Firewall: Allow inbound remote administration exception] and select [Properties] from the displayed menu.
    The [Windows Firewall: Allow inbound remote administration exception] dialog is displayed.
  5. Select [Enabled] and click the [OK] button.
3. Configure DCOM.
  1. On each VM host, run the "Dcomcnfg.exe" command.
  2. In the [Component Services] dialog, expand [Component Services]-[Computers], right-click [My Computer] and select [Properties] from the displayed menu.
    The [My Computer Properties] window is displayed.
  3. Select the [COM Security] tab.
  4. Click the [Edit Limits] button from [Launch and Activation Permissions].
    The [Launch and Activation Permission] window is displayed.
  5. Select the VM host's user name under [Groups or user names:], and select the [Allow] checkbox for [Remote Activation] and click the [OK] button.
  6. Click the [Edit Limits] button under [Access Permissions].
    The [Access Permission] window is displayed.
  7. Select [ANONYMOUS LOGON] under [Group or user names], and check the [Allow] checkbox for [Remote Access] and then click the [OK] button.
Perform configuration so that the networks of VM hosts and VM guests are configured separately.
1. Prepare two or more physical NICs.
  The physical NIC that the VM host uses for the admin LAN and communication with external servers should only be used for physical servers. Do not configure it for virtual networks.
2. Create a virtual network for the VM guests to use for communication.
  - For Hyper-V 2.0
    Open the Hyper-V Manager, then [Virtual Network Manager] to create the virtual network. Configure the [Allow management operating system to share this network adapter] checkbox as follows: (By default, the checkbox is unselected)
    - When using ping monitoring functions of GLS
    Check the checkbox.
    - When not using ping monitoring functions of GLS
    Clear the checkbox.
  - For Hyper-V 1.0
    On each VM host, access the Control Panel and open the [Network Connections]. Configure external virtual network connections for the VM host that are displayed as [Local Area Connection] as follows:
    - When using ping monitoring functions of GLS
    Enable all relevant virtual networks.
    - When not using ping monitoring functions of GLS
    Disable all relevant virtual networks.
  Information
  With NIC redundancy using GLS, "warning" is temporarily displayed for the managed server status after server switchover. No action is necessary, since the status returns to "normal" after a while.
Installation of VMware Tools is required to properly display the host names of guest OSs and enable their remote shutdown via the power control functions of Resource Orchestrator.
Install OSs on VM guests and then install the integration service on those OSs.
[Citrix Xen]
With Citrix XenServer, perform settings to enable remote shutdown of VM guests via the power control functions of Resource Orchestrator.
Install XenServer Tools after installing an operating system in a VM guest.
[Solaris Zones]
Set SSH access permission, and enable password authentication for accounts with administrator privileges.
This setting is required for collecting VM guest information and performing power operations.
When the Logical Domains Manager daemon is enabled, VM hosts can be registered as Solaris Zones by configuring the definition files. For details, refer to "9.2.3 Definition Files of Each Product".
[OVM for SPARC]
Set SSH access permission, and enable password authentication for accounts with administrator privileges.
This setting is required for collecting VM guest information and performing power operations.
Enabling the Logical Domains Manager daemon, and then configure the definition files for enabling Solaris Zones to register VM hosts based on whether the Logical Domains Manager daemon is enabled or disabled.
For details, refer to "9.2.3 Definition Files of Each Product".

Note

When using multiple server virtualization software with the same manager, set differing names for the following on each server virtualization software.

Port Groups
Virtual Switches
Virtual Network
Virtual Bridges

[VMware]

When configuring a port group, for the name of port groups using the same VLAN ID, it is necessary to use a common name on all VM hosts.

[Hyper-V]

When configuring a virtual network, it is necessary to use a common name on all VM hosts for the name of virtual networks using the same VLAN ID.
If a VM host belongs to a domain, ensure that its host name can be properly resolved by the admin server (from the VM host IP address).
If host name resolution fails, perform the necessary DNS (or hosts file) settings to enable host name resolution.

[Xen] [Citrix Xen] [KVM]

When configuring a virtual bridge, it is necessary to use a common name on all VM hosts for the name of virtual bridges using the same VLAN ID.
Make sure that each VM host is able to resolve the host name of the admin server from its IP address (on the admin LAN).
If host name resolution fails, perform the necessary DNS (or hosts file) settings to enable host name resolution.
A resource pool of Citrix XenServer indicates multiple VM hosts grouped using Citrix XenServer.
When using a Citrix XenServer resource pool in a Citrix XenServer environment, confirm that a Home server is set for each VM guest.
If no Home server is set, Resource Orchestrator is only able to recognize active VM guests.
When using a Citrix XenServer resource pool in a Citrix Essentials for XenServer environment, high-availability should be enabled for that resource pool.
If high-availability is not enabled, and the pool master becomes unreachable, Resource Orchestrator will not be able to control or get information from the VM hosts and VM guests placed in that Citrix XenServer resource pool. If VM guest statuses become out-of-date, or operations on VM hosts or VM guests fail, check the status of the pool master. If the pool master is not reachable, resolve any communication problem that may prevent the manager from communicating with it (if necessary, change the pool master to another VM host).
For details, refer to the manual of server virtualization software.

Configuration Requirements for System Center Virtual Machine Manager

The following settings are required when registering and using System Center Virtual Machine Manager (hereafter SCVMM) as VM management software.

Install Windows PowerShell.
When Windows PowerShell 2.0 or later has not been installed on the admin server, install it.
Configure Windows Remote Management settings.
- VM management software
  Configure remote administration on VM management software registered with Resource Orchestrator.
  1. Log in to the SCVMM server as the administrator.
  2. Execute the following command from the command prompt.
    >winrm quickconfig <RETURN>
  3. Enter "y", when requested.
- Admin server
  Configure Windows Remote Management authentication settings on the admin server.
  1. Log on to the admin server as the administrator.
  2. Execute the following command to record the configuration details for TrustedHosts.
    >winrm get winrm/config/client <RETURN>
    Record the displayed details in TrustedHosts.
    Example
    When multiple SCVMMs are registered
    ***.***.***.*** , ***.***.***.***
    When a single asterisk ("*") is displayed, the following procedure is unnecessary as all hosts will be trusted in the configuration.
  3. Execute the following command.
    Enter the result obtained from b. for Recorded_content_in_b
    >winrm set winrm/config/client @{TrustedHosts="Recorded_content_in_b" , "Additionally_registered_SCVMM_address"} <RETURN>
    Example
    The command specification when multiple SCVMMs are registered
    >winrm set winrm/config/client @{TrustedHosts="***.***.***.*** , ***.***.***.*** , Additionally_registered_SCVMM_address"} <RETURN>
  4. Execute the following command to check the details for TrustedHosts.
    >winrm get winrm/config/client <RETURN>
    If the address of the SCVMM additionally registered has been added to the details recorded in b., there are no problems.
Note
- When registering multiple SCVMMs in Resource Orchestrator as VM management software, specify the IP addresses for multiple VM management software separated by commas (",") using the command for registering TrustedHosts.
- When communication from the admin server uses Windows remote management (WinRM) and is performed via a proxy server, operations such as registration of resources with Resource Orchestrator will fail.
  Therefore, perform configuration of Windows remote management (WinRM) on the admin server so that a proxy server is not used.
Configure the settings to enable communication with the admin LAN addresses of managed VM hosts.
From the server on which VM management software is operating, configure the settings to enable communication with the admin LAN IP addresses of the managed VM hosts to register in Resource Orchestrator. Even if a multi-homed VM host has multiple IP addresses, it is necessary to enable communication from SCVMM with the interface connected to the admin LAN of the VM host.

SCVMM Server Web Services for Management Settings

Resource Orchestrator controls SCVMM using PowerShell Web Services for Management (hereinafter WS-Management).

Change the following settings concerned with WS-Management on the SCVMM server.

MaxShellsPerUser
MaxMemoryPerShellMB
MaxConcurrentUsers
MaxConnections

Change the values of MaxShellsPerUser (the maximum number of processes that can start shell operations for each user) and MaxConcurrentUsers (the maximum number of users who can execute a remote operation from a remote shell at the same time). For Resource Orchestrator, change settings to enable a maximum of 31 sessions.
However, since WS-Management is used for Windows administration tools and Resource Orchestrator, set a value 31 or larger for each value.

Change the MaxShellsPerUser and MaxConcurrentUsers settings using the following procedure:

Execute Windows PowerShell as an administrator.
Change the current directory using the Set-Location commandlet.
PS> Set-Location -Path WSMan:\localhost\Shell <RETURN>

Check the current MaxShellsPerUser and MaxConcurrentUsers settings using the Get-ChildItem commandlet.

The contents displayed in MaxShellsPerUser and MaxConcurrentUsers are the current settings.

PS WSMan:\localhost\Shell> Get-ChildItem <RETURN>

Example

PS WSMan:\localhost\Shell> Get-ChildItem
 WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Shell

Name                      Value           Type
----                      -----           ----
AllowRemoteShellAccess    true            System.String
IdleTimeout               180000          System.String
MaxConcurrentUsers        5               System.String
MaxShellRunTime           2147483647      System.String
MaxProcessesPerShell      15              System.String
MaxMemoryPerShellMB       150             System.String
MaxShellsPerUser          5               System.String

Configure MaxShellsPerUser and MaxConcurrentUsers using the Set-Item commandlet.
Example
When setting MaxShellsPerUser and MaxConcurrentUsers as "36"
PS WSMan:\localhost\Shell> Set-Item .\MaxShellsPerUser 36 <RETURN>
PS WSMan:\localhost\Shell> Set-Item .\MaxConcurrentUsers 36 <RETURN>

Next, change the MaxMemoryPerShellMB setting.
For Resource Orchestrator, change the setting to over 1024 MB.

Change the MaxMemoryPerShellMB setting using the following procedure:

Check the current MaxMemoryPerShellMB setting using the Get-ChildItem commandlet.
The content displayed in MaxMemoryPerShellMB is the current setting.
PS WSMan:\localhost\Shell> Get-ChildItem <RETURN>
Configure MaxShellsPerUser using the Set-Item commandlet.
Example
When setting MaxMemoryPerShellMB as "1024"
PS WSMan:\localhost\Shell> Set-Item .\MaxMemoryPerShellMB 1024 <RETURN>

Finally, change the MaxConnections setting. In Resource Orchestrator, the maximum number of sessions is 31, so change the setting.
Since WS-Management is used for Windows administration tools and Resource Orchestrator, set a value of 32 or larger.

Change the MaxConnections setting using the following procedure:

Change the current directory using the Set-Location commandlet.
PS> Set-Location -Path WSMan:\localhost\Service <RETURN>
Check the current MaxConnections setting using the Get-ChildItem commandlet.
The content displayed in MaxConnections is the current setting.
PS WSMan:\localhost\Service> Get-ChildItem <RETURN>
Configure MaxConnections using the Set-Item commandlet.
Example
When setting MaxConnections as "46"
PS WSMan:\localhost\Shell> Set-Item .\MaxConnections 46 <RETURN>

Configuration Requirements for VM Guest Switchovers

Depending on the virtualization product being used, the following settings should be made to enable switchover of a newly created VM guest.

[VMware]
The VM guest's UUID must be changed.
Perform the following settings before switchover of a VM guest.

From the VM management client, add the following parameter to the VM guest's virtual machine configuration.

Name         Value
uuid.action  keep

For details on how to add parameters to a virtual machine configuration, refer to the help section of the VM management client.

Without this setting, a confirmation dialog is shown each time a virtual machine is started after being moved to a different VM host. Enabling this setting will prevent such confirmation dialogs from being shown, and the virtual machine will be set to always keep its UUID when moved between different servers.

[Hyper-V]
No specific configuration is required.

[Xen] [Citrix Xen] [KVM]
No specific configuration is required.

[OVM for SPARC]
VCPU and memory settings are required. For details, refer to the manual of basic software.

Starting VM Management Software Clients

[VMware]
VMware Infrastructure Client or VMware vSphere Client should be installed on the Resource Orchestrator admin client.

Note

From VMware vSphere 6.5, all installable client software has been removed. For this reason, starting of VM management software clients is not supported.
Use VMware Host Client or VMware vSphere Web Client instead.

[Hyper-V]
Hyper-V Manager or a VMM Administrator Console (*) should be installed on the Resource Orchestrator admin client.

* Note: When System Center Virtual Machine Manager (SCVMM) is registered, this VMM Administrator Console is used to control the VM hosts managed by SCVMM.

[Citrix Xen]
When using Citrix XenServer, XenCenter should be installed on the Resource Orchestrator admin client.

Configuring for Receiving SNMP Traps from VM Management Software (VMware vCenter Server)

Configure the following settings when receiving SNMP traps from VM management software (VMware vCenter Server).

SNMP trap destination configuration
Configure the IP address of the admin server as the SNMP trap destination on VM management software (VMware vCenter Server).
For details on the configuration method, refer to the VM management software (VMware vCenter Server) manual.
VM management software (VMware vCenter Server) alarm creation
Create an alarm for VM management software (VMware vCenter Server), and configure the conditions to send SNMP traps.
For details on the configuration method, refer to the VM management software (VMware vCenter Server) manual.
VM management software (VMware vCenter Server) registration
Register VM management software (VMware vCenter Server) on the admin server. At this point, register the SNMP trap source IP address of the VM management software (VMware vCenter Server).
The SNMP trap source IP address can be checked and changed using the following procedure.
1. Log in to the VM management software (VMware vCenter Server) server.
2. Access the Control Panel and open the "Network Connections".
  The [Network Connections] window is displayed.
3. From the menu, select [Advanced]-[Advanced Settings].
  The [Advanced Settings] window is displayed. The IP address in [Connections] on the [Adapters and Bindings] tab that has the highest priority and is allocated to an enabled network interface is the current SNMP trap source IP address.
4. To change the SNMP trap source IP address, select the network interface with the IP address you want to change from [Connections], and move it to the top of the list.
5. Click the [OK] button.
6. Restart the server if necessary.

Note

The traps received from VM management software (VMware vCenter Server) are always displayed as warning level for Resource Orchestrator. Therefore, configure an alarm for VM management software (VMware vCenter Server) in order to send SNMP traps when an event with a level higher than warning occurs.
When the language of the VM management software (VMware vCenter Server) and the manager are different, received SNMP trap messages may turn into garbled characters.
When using VMware vSphere 6.7, SNMP traps for hardware health alarms may not be sent from the VM management software (VMware vCenter Server).
As this may be caused by a known issue of VMware, take corrective action referring to the release notes of vCenter Server.