Virtual Hosts

Inventorying vCenter/vSphere ESXi Hosts with SUSE Manager

Foreign virtual hosts (such as vCenter and vSphere ESXi) can be inventoried using the Virtual Host Manager. From the vSphere Client you can define roles and permissions for vCenter and vSphere ESXi users allowing vSphere objects and resources to be imported and inventoried by SUSE Manager. Objects and resources are then displayed as foreign hosts on the SUSE Manager System List  Virtual Systems page.

The following sections will guide you through:

  • Requirements

  • Overview of permissions and roles

  • Adding vCenter and vSphere ESXi hosts to SUSE Manager

Requirements

This table displays the default API communication port and required access rights for inventorying objects and resources:

Ports / Permissions Description

443

Default port that SUSE Manager uses to access the ESXi API for obtaining infrastructure data

read-only

All vCenter/ESXi objects and resources that should be inventoried by the Virtual Host Manager should be at least assigned the read-only role. Mark objects and resources with no-access to exclude them from the inventory.

Permissions and Roles Overview

This section will guide you through assigning user permissions and roles in vCenter/ESXi.

A user is someone who has been authorized to access an ESXi host. The Virtual Host Manager (located on the SUSE Manager server) will inventory ESXi data defined by assigned roles and permissions on a user account.

For example: The user John has been assigned the read-only access role to all servers and datacenters in his company with one exception. John’s account has been assigned the no-access role on the company’s Financial Database server. You decide to use John’s user account and add the ESXi host to SUSE Manager. During the inventory the Financial Database server will be excluded.

Keep user access roles in mind when planning to add ESXi hosts to SUSE manager. Note that SUSE Manager will not inventory any objects or resources assigned with the no-access role on any user account.

User Roles/Permissions

When planning to add new ESXi hosts to SUSE Manager, consider if the roles and permissions assigned users require need to be inventoried by SUSE Manager.

Adding New Users and Assigning Roles

See the official vSphere documentation on adding new users and assigning roles.

Inventorying vCenter/vSphere ESXi Hosts

This procedure guides you through inventorying a VSphere ESXi host with SUSE Manager.

  1. From the SUSE Manager Web UI select Main Menu  Systems  Virtual Host Managers from the left navigation bar.

  2. From the upper right corner of the Virtual Host Managers page select Create VMWare-based.

  3. From the Add a VMware-based Virtual Host Manager page complete these fields with your ESXi host data:

    Label

    Custom name for your Virtual Host Manager

    Hostname

    Fully-qualified domain name (FQDN) or host IP address

    Port

    Default ESXi API port

    Username

    Assign a username

    Remember that only objects and resources which match a user’s defined role will be inventoried. Set the user’s role on objects and resources you want inventoried to read-only.

    Password

    ESXi users password

    systems virtual host managers vmware
  4. Click the Create button.

  5. From the Systems  Virtual Host Managers page select the new Virtual Host manager.

  6. From the Virtual Host Managers  Properties page click the Refresh button.

    If you do not refresh the data from a new Virtual Host Manager, host data will not be inventoried and therefore will not be displayed under System List  Virtual Systems.

  7. View inventoried ESXi host objects and resources by selecting System List  Virtual Systems.

Connecting to the ESXi server from a browser using HTTPS can sometimes log an invalid certificate error. If this occurs, refreshing the data from the virtual hosts server will fail. To correct the problem, extract the certificate from the ESXi server, and copy it to /etc/pki/trust/anchors. Re-trust the certificate by running the update-ca-certificates command on the command line, and restart the spacewalk services.