BMC Atrium Discovery Community Forum

This forum is now closed. Please check sticky posts and announcements for further information.

Links to new community:

forgot password?
   
1 of 3
1
Automating a scan
Posted: 02 November 2011 07:40 PM   [ Ignore ]  
RankRankRank
Contributor
Total Posts:  64
Joined:  2011-03-01

Obviously i know that you can schedule a scan for a static IP range that you know ahead of time, but that is not what i’m looking for.

What we’d like to do is run a single ad hoc scan of a single arbitrary IP address each time a new system is provisioned through some sort of automated process. As i understand it, the API is only for querying the datastore but can’t actually kick any scanning off. Is there something i don’t know about?

Profile
 
 
Posted: 22 November 2011 07:16 PM   [ Ignore ]   [ # 1 ]  
RankRankRank
Contributor
Total Posts:  64
Joined:  2011-03-01

I presume the lack of responses means no one has a ready solution, but i’m bumping in case someone might have an idea.

Profile
 
 
Posted: 22 November 2011 07:22 PM   [ Ignore ]   [ # 2 ]  
RankRankRankRank
Guru
Total Posts:  2740
Joined:  2008-01-25

Doing a single IP DiscoveryRun is a very bad idea, you would quickly find it very difficult to track what discovery is doing or diagnose any issues. ADDM is designed to bulk scan your environment regularly to pick up changes and is optimised for that case, which is why there is no ad hoc API to trigger discovery.

Profile
 
 
Posted: 22 November 2011 08:09 PM   [ Ignore ]   [ # 3 ]  
RankRank
Member
Total Posts:  34
Joined:  2010-02-26

Hi Charles, isn’t ADDM designed to scan a system for baselining as a helper for Changemanagement and drift management?

Thanks a lot, bye, Marco

Profile
 
 
Posted: 22 November 2011 08:17 PM   [ Ignore ]   [ # 4 ]  
RankRankRankRank
Guru
Total Posts:  2740
Joined:  2008-01-25

Indeed Marco, but I’m not sure why supporting those usecases requires you to set up an individual scan per system? ADDM is designed to give you a near enough current view of your entire estate to support those usecases.

Profile
 
 
Posted: 22 November 2011 08:20 PM   [ Ignore ]   [ # 5 ]  
RankRankRank
Contributor
Total Posts:  64
Joined:  2011-03-01

I believe the requirement is to be able to scan a new system on an arbitrary IP so that it gets transmitted to the CMDB appropriately (and without creating duplicate CIs). Presumably such a new system would eventually be added to the regular weekly scans, but in the meanwhile we’d like an automated way of getting it in there without an ad hoc scan of 800+ systems.

I’ll see if i can get a better statement of the requirement.

Profile
 
 
Posted: 22 November 2011 08:25 PM   [ Ignore ]   [ # 6 ]  
RankRankRankRank
Guru
Total Posts:  2740
Joined:  2008-01-25

Are you not doing a regular scan of your subnets to pick up new systems being deployed, including the ones that you don’t know about as they have been “unofficially” provisioned?

I’m not sure where your concern about duplicates comes from, regardless of when a system is scanned it should not create duplicates.

Philip Reed - 22 November 2011 08:20 PM
we’d like an automated way of getting it in there without an ad hoc scan of 800+ systems.

Why is collecting the deployed system details and scanning them in this way a problem? An ad hoc scan of the systems provisioned that day, say, would be the most efficient way of scanning them and the easiest to debug – as in they should all have been deployed with ADDM credentials in place, which ones failed to scan?

ADDM is not a stateless discovery service to call adhoc, it is a system to regularly scan the environment to ensure that the CMDB is up to date across the board and to keep those scans efficient it does carry a fair amount of state internally.

[ Edited: 22 November 2011 08:35 PM by Charles Oldham]
Profile
 
 
Posted: 23 November 2011 01:34 PM   [ Ignore ]   [ # 7 ]  
RankRankRankRank
Guru
Total Posts:  356
Joined:  2009-10-29

Philip Reed - 02 November 2011 07:40 PM
Obviously i know that you can schedule a scan for a static IP range that you know ahead of time, but that is not what i’m looking for.

What we’d like to do is run a single ad hoc scan of a single arbitrary IP address each time a new system is provisioned through some sort of automated process. As i understand it, the API is only for querying the datastore but can’t actually kick any scanning off. Is there something i don’t know about?

Philip,
The automation you are requesting can be provided with a product called BMC Atrium Orchestrator (BAO). Use BAO to integrate between the system that provision the system and ADDM. You can then define workflow in BAO that triggers a scan of the system from ADDM and have i populated in CMDB. This is as close to real time discovery as you can get. This is just an example of the automation workflows you can build with BAO.
http://www.bmc.com/products/product-listing/90902406-157022-1134.html

 Signature 

Monitor what matters, model what is monitored

These postings are my own and do not necessarily represent BMC’s position, strategies, or opinion.

Profile
 
 
Posted: 23 November 2011 09:08 PM   [ Ignore ]   [ # 8 ]  
Rank
Newbie
Total Posts:  2
Joined:  2011-04-12

This is an intersting topic. BAO has an API integration into Vcenter as well, hence if Vmotion triggers a VM to move to another ESX being hosted by potentially different edge switch etc. “Service model changes”. AO would then trigger ADDM to do a rescan (But how? of what?) AO is also capable of opening a change ticket to log the actual infra change (if required).

Profile
 
 
Posted: 23 November 2011 09:28 PM   [ Ignore ]   [ # 9 ]  
RankRankRankRank
Guru
Total Posts:  356
Joined:  2009-10-29
Ralph Filippelli 2 - 23 November 2011 09:08 PM
This is an intersting topic. BAO has an API integration into Vcenter as well, hence if Vmotion triggers a VM to move to another ESX being hosted by potentially different edge switch etc. “Service model changes”. AO would then trigger ADDM to do a rescan (But how? of what?) AO is also capable of opening a change ticket to log the actual infra change (if required).

What you are describing are more or less what the “Discovery SA Runbook” is doing. This is an out-of-the-box integration between vCenter -> BAO -> ADDM. In your scenarios, the ESX host and the virtual server being moved is rescanned to keep the model up to date with the relationships. The information comes from vCenter events that BAO listens for and is passed along to ADDM with the necessary information.

 Signature 

Monitor what matters, model what is monitored

These postings are my own and do not necessarily represent BMC’s position, strategies, or opinion.

Profile
 
 
Posted: 23 November 2011 09:38 PM   [ Ignore ]   [ # 10 ]  
RankRankRankRank
Guru
Total Posts:  151
Joined:  2011-04-19

Philip Reed - 02 November 2011 07:40 PM
Obviously i know that you can schedule a scan for a static IP range that you know ahead of time, but that is not what i’m looking for.

What we’d like to do is run a single ad hoc scan of a single arbitrary IP address each time a new system is provisioned through some sort of automated process. As i understand it, the API is only for querying the datastore but can’t actually kick any scanning off. Is there something i don’t know about?

You can initiate scans via SSH, tw_scan_control I believe the script is called. Just automate an SSH connection and fire of the scan that way, simple enough.

Profile
 
 
Posted: 23 November 2011 10:25 PM   [ Ignore ]   [ # 11 ]  
Rank
Newbie
Total Posts:  2
Joined:  2011-04-12
Petrus Johansson - 23 November 2011 09:28 PM
Ralph Filippelli 2 - 23 November 2011 09:08 PM
This is an intersting topic. BAO has an API integration into Vcenter as well, hence if Vmotion triggers a VM to move to another ESX being hosted by potentially different edge switch etc. “Service model changes”. AO would then trigger ADDM to do a rescan (But how? of what?) AO is also capable of opening a change ticket to log the actual infra change (if required).

What you are describing are more or less what the “Discovery SA Runbook” is doing. This is an out-of-the-box integration between vCenter -> BAO -> ADDM. In your scenarios, the ESX host and the virtual server being moved is rescanned to keep the model up to date with the relationships. The information comes from vCenter events that BAO listens for and is passed along to ADDM with the necessary information.

Agreed, but what is being passed to ADDM from BAO, is it a IP range? ADDM will then scan the entire range. Will it actually show up in the recent scan list under the discovery tab?

Profile
 
 
Posted: 24 November 2011 09:28 AM   [ Ignore ]   [ # 12 ]  
RankRankRankRank
Guru
Total Posts:  356
Joined:  2009-10-29
Ralph Filippelli 2 - 23 November 2011 10:25 PM
Petrus Johansson - 23 November 2011 09:28 PM
Ralph Filippelli 2 - 23 November 2011 09:08 PM
This is an intersting topic. BAO has an API integration into Vcenter as well, hence if Vmotion triggers a VM to move to another ESX being hosted by potentially different edge switch etc. “Service model changes”. AO would then trigger ADDM to do a rescan (But how? of what?) AO is also capable of opening a change ticket to log the actual infra change (if required).

What you are describing are more or less what the “Discovery SA Runbook” is doing. This is an out-of-the-box integration between vCenter -> BAO -> ADDM. In your scenarios, the ESX host and the virtual server being moved is rescanned to keep the model up to date with the relationships. The information comes from vCenter events that BAO listens for and is passed along to ADDM with the necessary information.

Agreed, but what is being passed to ADDM from BAO, is it a IP range? ADDM will then scan the entire range. Will it actually show up in the recent scan list under the discovery tab?

Basically IPAddresses for the ESX hosts and the virtual servers that are involved in the vMotion event is passed to ADDM so it knows what to scan. The scan will be visible in the ADDM UI just as any other scan triggered from within the UI.

Please be aware that if you have many vMotion events that triggers a rescan, CAN impact both ADDM and VMware performance.

 Signature 

Monitor what matters, model what is monitored

These postings are my own and do not necessarily represent BMC’s position, strategies, or opinion.

Profile
 
 
Posted: 24 November 2011 09:32 AM   [ Ignore ]   [ # 13 ]  
RankRankRankRank
Guru
Total Posts:  356
Joined:  2009-10-29

Philip Reed - 22 November 2011 08:20 PM
I believe the requirement is to be able to scan a new system on an arbitrary IP so that it gets transmitted to the CMDB appropriately (and without creating duplicate CIs). Presumably such a new system would eventually be added to the regular weekly scans, but in the meanwhile we’d like an automated way of getting it in there without an ad hoc scan of 800+ systems.

I’ll see if i can get a better statement of the requirement.

Philip,
This is something that can also be achieved by adding ADDM to the Change process. Say when you deploy a new system (through a Change Request ofcourse ;) you have a final task in the Change for the “ADDM Team” to scan the system once it is setup, and then populated to CMDB appropriately.
Not everything needs to be solved with technology, processes and work methods is a good tool as well ;)

 Signature 

Monitor what matters, model what is monitored

These postings are my own and do not necessarily represent BMC’s position, strategies, or opinion.

Profile
 
 
Posted: 24 November 2011 09:47 AM   [ Ignore ]   [ # 14 ]  
RankRank
Member
Total Posts:  34
Joined:  2010-02-26

Hi Petrus,
in the Change Management System a remote command could be executed. This is a great step in automation.
This task can invoke a script or command on the ADDM-box to scan something. The return of that can be attached to the command. This is not proven but it could be a way to automate a lot of stuff…

Marco

Profile
 
 
Posted: 24 November 2011 09:51 AM   [ Ignore ]   [ # 15 ]  
RankRankRankRank
Guru
Total Posts:  356
Joined:  2009-10-29

Marco Prieß - 24 November 2011 09:47 AM
Hi Petrus,
in the Change Management System a remote command could be executed. This is a great step in automation.
This task can invoke a script or command on the ADDM-box to scan something. The return of that can be attached to the command. This is not proven but it could be a way to automate a lot of stuff…

Marco

I would still recommend to involve some manual process steps here, as previously mentioned in the thread, you need to capture when new IPs or subnets should be added to the scheduled scans, not only the first initial scan of a new system.

 Signature 

Monitor what matters, model what is monitored

These postings are my own and do not necessarily represent BMC’s position, strategies, or opinion.

Profile
 
 
   
1 of 3
1