All
currently installing cap planner and client has no ssh access via root but there is a login and can then SU, is it possible to setup this up within Cap Planner or is it strictly root access only
Hello,
Enabling SSH for root access for most Unix systems is against security policy. I would contact your VMware Support representative to make a feature request that does not break your security. Alternatively use a different tool that gives the same information, ie. do most of it by hand by looking at the appropriate performance variables that capacity planner does as well.
Best regards,
Edward L. Haletky
VMware Communities User Moderator
====
Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.
CIO Virtualization Blog: http://www.cio.com/blog/index/topic/168354
As well as the Virtualization Wiki at http://www.astroarch.com/wiki/index.php/Virtualization
-
Hi All, i am totally new to the capacity planner tool but have asked to investigate a large server estate that consists of MS, Linux, Solaris, UNIX systems. I need to be able to monitor all systems to get some idea of utilisation for vrtual candidate selection. One thing i need to kep in mind is security. The network is a restricted network therefore i cannot allow information about the LAN to be passed back to VMWare across the web. All recon data will have to be stored locally.I looked at platespin and although it allows data to be stored on a local database, it does not support UNIX. While capacity planner seems to support UNIX i am told that i sends its recon data back to vmware.
Can someone offer some sound advice please???
Hello,
Yes it does send the data back to VMware. You can keep that from happening but then you have to interpret the results by hand. There is a way to send sanitized data. I would contact VMware.
Best regards,
Edward L. Haletky
VMware Communities User Moderator, VMware vExpert 2009
====
Author of the book 'VMWare ESX Server in the Enterprise: Planning and Securing Virtualization Servers', Copyright 2008 Pearson Education.
Blue Gears and SearchVMware Pro Blogs -- Top Virtualization Security Links -- Virtualization Security Round Table Podcast
You can try using Lanamark Suite which supports Windows, Linux, Solaris and UNIX. Lanamark Suite gives you the flexibility not to send the data offsite and is specifically designed for virtualization solution providers.
From capacity planner help online
Capacity Planner can detect and collect data from Linux and UNIX target systems. Run standard system utilities through an SSH connection to perform data collection. i. Every Linux and UNIX target system must have the SSH server daemon running and configured properly for a successful connection. Root or sudo permissions are required for each system. Not having root or sudo permissions can result in incomplete data collection while executing the scripts. To enable remote connection to Linux and UNIX systems, Capacity Planner includes a third-party shareware package named PuTTY, which is a Win32 Telnet and SSH client that allows you to connect remotely to a Linux or UNIX system. The package is installed in the third party subfolder of the Capacity Planner installation folder on the collector system. PuTTY allows you to use either private or generated keys. Because SSH does not allow automatic approval of generated keys, you must manually approve the connection to a Linux or UNIX system one time before data collection can take place. PuTTY saves the necessary keys in the registry in HKEY_CURRENT_USER\Software\SimonTatham\PuTTY\SshHostKeys. The keys are unique to the user running the PuTTY application, who is the same user running the Data Manager.
So if you have an user in the sudoers group try running CP with that users :smileygrin:
to enable this you must edit /etc/sudoers
remember that the user must be member of the wheel group to use sudo
\aleph0
____________________________
###############
If you found this information useful, please consider awarding points for "Correct" or "Helpful". Thanks!!!
I wrote up a solution for this and published it on the VMware Communities forum: