Tabbed Interface with Table

Prerequisites

On Gateway

  • OpsRamp Classic Gateway(Linux) 14.0.0 and above.
  • OpsRamp Nextgen Gateway 14.0.0 and above.

Pre-requisites to be fulfilled on target cluster nodes / standalone nodes:

Starting from Windows Fail-over Cluster version 10.1.0, the option to select the connectionMode is available. The supported options are:

  • PowerShell (existing)
  • OpenSSH (new)

Pre-requisites to be implemented if “PowerShell” is selected:

  • PS Remoting and WMI remoting to be enabled on each cluster node. If the configured user is non-administrator, then the below user should have privileges on WMI remoting and on Windows Services.

  • Add OpsrampGatewayIp to the TrustedHosts list on the target machine to allow the powershell connection from gateway to the target machine.

    • To add TrustedHosts use the following command:
      • To allow any host:
        *Set-Item WSMan:\localhost\Client\TrustedHosts -Force -Value**
      • To allow a specific host:
        Set-Item WSMan:\localhost\Client\TrustedHosts -Force -Concatenate -Value <IPAddress>

  • Setup and restart the WinRM service for the changes to reflect

    • To set up: Set-Service WinRM -StartMode Automatic
    • Restart using: Restart-Service -Force WinRM

  • Windows domain user should be added to “Remote Management users” group

    net localgroup "Remote Management Users" /add <user>

  • Windows domain user should be added to “Performance monitor users” group

    net localgroup "Performance monitor users" /add <user>

Following are the specific prerequisites for non-administrator/operator level users:

Enable WMI Remoting

To enable WMI remoting:

  1. Click Start and select Run.
  2. Enter wmimgmt.msc and click OK.
  3. Right click WMI control (Local) and select Properties.
  4. Click Security tab.
  5. Expand Root.
  6. Select WMI and Click Security.
  7. Add user and select the following permissions:
    • Execute methods
    • Enable account
    • Enable remoting
    • Read security

Enable WMI Remoting – CPU, Disk, Network

  1. Click Start and select Run.
  2. Enter lusrmgr.msc and click OK.
  3. In the Groups folder, right click Performance Monitor Users and select Properties.
  4. Click Members of tab, and click Add.
  5. Add users.

Enable Windows Service Monitoring

  1. Retrieve the user SID of the User Account from the monitored device.
  2. Open Command Prompt in Administrator mode.
  3. Run the following command to retrieve the user SID.
    Note: Replace UserName with the user name for the User account.
    wmic useraccount where name="UserName" get name,sid

    Example:

    wmic useraccount where name="apiuser" get name,sid
  4. Note down the SID.
    (Ex. S-1-0-10-200000-30000000000-4000000000-500)
  5. Retrieve the current SDDL for the SC Manager.
  6. Run the following command which will save the current SDDL for the SC Manager to CurrentSDDL.txt.
    sc sdshow clussvc > CurrentSDDL.txt
  7. Edit the CurrentSDDL.txt and copy the entire content. The SDDL will look like below:
    D:(A;;CC;;;AU)(A;;CCLCRPRC;;;IU)(A;;CCLCRPRC;;;SU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)(A;;CC;;;AC)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)
  8. Update the SDDL:
    Frame new SDDL snippet for above SID
    (A;;CCLCRPWPRC;;; <SID of User> )

    Example:

    (A;;CCLCRPWPRC;;;S-1-0-10-200000-30000000000-4000000000-500)
  9. Place this snippet before “S:” of original SDDL.
    Updated SDDL will be like this:
    D:(A;;CC;;;AU)(A;;CCLCRPRC;;;IU)(A;;CCLCRPRC;;;SU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)(A;;CC;;;AC)(A;;CCLCRPWPRC;;;S-1-0-10-200000-30000000000-4000000000-500)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)
  10. Execute the following command with the updated SDDL:
    sc sdset clussvc D:(A;;CC;;;AU)(A;;CCLCRPRC;;;IU)(A;;CCLCRPRC;;;SU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)(A;;CC;;;AC)(A;;CCLCRPWPRC;;;S-1-0-10-200000-30000000000-4000000000-500)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)

Open ports and add user in all nodes and cluster

  • OpsRamp gateway should be able to access cluster and nodes.
  • Ports to be opened are 5985 and 5986.
    Note: By default, WS-Man and PowerShell remoting use port 5985 and 5986 for connections over HTTP and HTTPS, users should be present in nodes and cluster.

Pre-requisites to be implemented if “OpenSSH” is selected:

  • OpenSSH must be installed and configured on the target Windows machine.
  • Password authentication must be enabled in SSH config: PasswordAuthentication yes
    • Edit sshd_config (run PowerShell as Administrator)
    • Open: notepad C:\ProgramData\ssh\sshd_config (Note: If not this location, locate the correct path for sshd_config and perform below steps)
    • Find the line #PasswordAuthentication yes (or PasswordAuthentication no), uncomment it and set it to yes, then save.
    • Find the line AllowUsers (or add it if missing) and set it to: AllowUsers <ssh-username>
    • Restart-Service sshd
  • Ensures the sshd service startup type is Automatic.
    • Set-Service -Name sshd -StartupType Automatic
  • Use the following command to set the OpenSSH default shell to powershell.exe on all the nodes.
    • Set-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "$PSHOME\powershell.exe"; Restart-Service sshd
  • Open default ssh port 22 on all the nodes & cluster.
  • The user should be added in all the target nodes & cluster.

Ensure that the provided IP address/host name, and credentials are valid and accessible for successful integration. Verify connectivity from gateway using below steps:

  • Launch power shell using the {pwsh} command.
  • Run the following commands to establish connection, using the details of your end device.
    • {$pw = convertto-securestring -AsPlainText -Force -String "<password>"}
    • {$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist "<username>", $pw}
    • {$session = new-pssession -computername "<ipAddress>" -credential $cred -Authentication Negotiate -ErrorAction Stop}
    • {session.state}
      Note: The session state should be open.
  • If the session is not establishing, cross check that all of the pre-requisites are met on all servers and clusters.
  • If a resource is initially discovered as a Cluster and later changed to Standalone, the previously created cluster and node entities will remain, as they are not associated with the node. To reduce unnecessary noise and avoid confusion, we recommend not changing the Type from cluster to standalone.
  • Make sure the cluster and subordinate node credentials are the same, and then add them to the configuration.

Configure Windows failover cluster monitoring

Click here to Configure and Install the Windows failover cluster monitoring Integration
  1. To select your client, navigate to All Clients, and click the Client/Partner dropdown menu.
    Note: You may either type your client’s name in the search bar or select your client from the list.
  2. Navigate to Setup > Account. The Account Details screen is displayed.
  3. Click Integrations. The Installed Integrations screen is displayed with all the installed applications.
    Note: If you do not have any installed applications, you will be navigated to the Available Integrations and Apps page with all the available applications along with the newly created application with the version.
  4. Click + ADD on the Installed Integrations page.
    Note: Search for the integration either by entering the name of the integration in the search bar or by selecting the category of the integration from the All Categories dropdown list.
  5. Click ADD in the Windows Fail-over Cluster application.
  6. In the Configuration screen, click + ADD. The Add Configuration screen appears.
  7. Enter the following BASIC INFORMATION:


Field NameDescriptionField Type
NameEnter the name for the configuration.String
Windows TypeSelect the type of Windows Server instance you are integrating:
Available Options
  • Standalone – A single Windows node that operates independently without any clustering configuration.
  • Cluster – A Windows Failover Cluster instance that spans multiple nodes
Dropdown
IP Address/Host NameEnter the IP Address/Host Name of the Windows failover cluster monitoring. It should be accessible from Gateway.String
CredentialsSelect the credential associated with your Windows failover cluster monitoring account. If you want to use the existing credentials, select them from the Select Credentials dropdown. Else, click + Add to create credentials. The ADD CREDENTIAL window is displayed. Enter the following information.
  • Name: Credential name.
  • Description: Brief description of the credential.
  • User Name: User name.
  • Password: Password.
  • Confirm Password: Confirm password
Dropdown
Connection ModeChoose PowerShell or Open SSH based on the connection type with target device.
Note: PowerShell connection functionality will be deprecated in upcoming feature releases. It is recommended to migrate to OpenSSH for continued support and enhanced compatibility.		Dropdown
App Failure NotificationsWhen selected, you will be notified in case of an application failure such as Connectivity Exception, Authentication Exception.Checkbox
Connection TimeOut In MinsAdds the feasibility to input nativebridge script execution time out in minutes. The default selection is 5 mins and the other available dropdown values are 10, 15, 20, 25, and 30.Dropdown
Log File MonitoringWhen selected (checked), log file monitoring is activated, allowing the system to track specific log files for changes, errors, or specific expressions.Checkbox
Log File ConfigurationSpecifies the configuration details for the log file to be monitored. Default value:{"Name":"","Folder Path":"","File Name":"","Rotated Folder Path":"","Rotated File Name":"","Notify":[{"Monitor Type":"","Expression":"","Operator":"","Threshold":"","Severity":""}]}String
Request TimeoutsSelecting this checkbox enables you to configure the timeout settings for NativeBridge connections and script execution requests made by the integration to the end device.Checkbox
Connection Timeout In MinsSelect the maximum time, in minutes, that the integration should wait while establishing a connection with the nativeBridge.

Default value: 10 minutes.

Dropdown
Connection Request Timeout In MinsSelect the maximum time, in minutes, required to process a NativeBridge HTTP call, from sending the request to receiving the response.

Default value: 10 minutes.

Dropdown
Socket Timeout In MinsSelect the maximum allowable time of inactivity between two data packets during data exchange with the server.

Default value: 10 minutes.

Dropdown
Script Execution TimeOut In MinsSelect the maximum execution time, in minutes, to be considered by the script. The default option is 5 minutes, with other available options being 10, 15, 20, 25, and 30 minutes.Dropdown
  1. CUSTOM ATTRIBUTES: Custom attributes are the user-defined data fields or properties that can be added to the preexisting attributes to configure the integration.
Field NameDescriptionField Type
Custom AttributeSelect the custom attribute from the dropdown. You can add attributes by clicking the Add icon (+).Dropdown
ValueSelect the value from the dropdown.Dropdown

Note: The custom attribute that you add here will be assigned to all the resources that are created by the integration. You can add a maximum of five custom attributes (key and value pair).

  1. In the RESOURCE TYPE section, select:
    • ALL: All the existing and future resources will be discovered.
    • SELECT: You can select one or multiple resources to be discovered.
  2. In the DISCOVERY SCHEDULE section, select recurrence pattern to add one of the following patterns:
    • Minutes
    • Hourly
    • Daily
    • Weekly
    • Monthly
  3. Click ADD.


Windows type is available in two types - Standalone and Cluster.

Connection Mode is available in two modes - Powershell and Open SSH.

Now the configuration is saved and displayed on the configurations page after you save it.
Note: From the same page, you may Edit and Remove the created configuration.
12. Under the ADVANCED SETTINGS, Select the Bypass Resource Reconciliation option, if you wish to bypass resource reconciliation when encountering the same resources discovered by multiple applications.
Note: If two different applications provide identical discovery attributes, two separate resources will be generated with those respective attributes from the individual discoveries.
13. Click NEXT.
14. (Optional) Click +ADD to create a new collector. You can either use the pre-populated name or give the name to your collector.
15. Select an existing registered profile.

  1. Click FINISH.
    The integration is installed and displayed on the INSTALLED INTEGRATION page. Use the search field to find the installed integration.

Modify Windows failover cluster

Click here to Modify the Configuration

Discover Resources in Windows failover cluster

Click here to View the Windows failover cluster Details

The discovered resource(s) are displayed in the Infrastructure page under Infrastructure > Search > OS-High Availability > Windows Fail-over Cluster, with Native Resource Type as Windows Failover Cluster. You can navigate to the Attributes tab to view the discovery details, and Metrics tab to view the metric details for Windows Failover Cluster.

The cluster nodes are displayed under Components.