Ensuring peak configuration for vSphere with Runecast

Back in the day when I could spend time working on vCheck (I miss those days!) I always wished there was a programmatic way to look at the data in the VMware KB articles and be able to mine the information for potential issues or be aware of enhancements to the configuration I had made with my specific version of vCenter or other VMware products.

A few weeks back, whilst at the Melbourne and Syndey VMUGs in Australia I was introduced to a pretty awesome company and product that sparked my interest.. Runecast (https://www.runecast.biz/)

Recently I managed to find time to install this in my home lab and get started, I have to say, I was impressed.

What is Runecast?

Runecast is a virtual appliance which checks your environment, vCenter, ESXi servers and VMs to ensure they are running at peak performance with no known configuration issues or security issues.

The appliance is updated from the internet or can also be updated via a ISO image attached to the virtual appliance for environments without internet access.  It is updated with information which has been mined from the VMware KB articles and is used to proactively check log and configuration for issues in the virtual environment.

Additionally the information from the security hardening guide or what is now known as the vSphere Security Configuration Guide is also added to the virtual appliance to ensure security configuration is also taken into consideration.

Installation

Installation was very easy, the Runecast virtual appliance is provided as an OVA file and is easily downloaded from their site and deployed via the UI or can be deployed in an automated fashion using the following script:

# Settings for deployment
$OVALocation    = "~\Downloads\RCapp_OVF10.ova"
$Cluster        = "Management"
$Network        = "VM Network"
$VMName         = "Runecast"
$DeploymentSize = "small"

# Networking Details (Remove for DHCP)
$IPAddress      = "192.168.1.230"
$DNSServer      = "192.168.1.1"
$Gateway        = "192.168.1.1"
$Netmask        = "255.255.255.0"

# Connect to VC
connect-viserver 192.168.1.200 -User administrator@vsphere.local -Password "VMware1!"

# Deployment Details
$VMHost = Get-Cluster $Cluster | Get-VMHost | Sort-Object MemoryGB | Select-Object -first 1
$Datastore = $VMHost | Get-datastore | Sort-Object FreeSpaceGB -Descending | Select-Object -first 1
$PG = Get-VirtualPortGroup -Name $Network -VMHost $vmhost
$config = Get-OvfConfiguration $OVALocation
$config.DeploymentOption.value = $DeploymentSize
$config.common.vami.hostname.value = $VMName
$config.vami.Runecast_analyzer.ip0.Value = $IPAddress
$config.vami.Runecast_analyzer.DNS.Value = $DNSServer
$config.vami.Runecast_analyzer.gateway.Value = $Gateway
$config.vami.Runecast_analyzer.netmask0.Value = $Netmask
$config.NetworkMapping.Network_1.Value = $PG
$RunecastVM = Import-VApp -Source $OVALocation -OvfConfiguration $config -VMHost $vmhost -Datastore $Datastore -Name $VMName
If ($RunecastVM){
    $RunecastVM | Start-VM
} else {
    Write-Host "Runecast failed to deploy"
}

(At the time of writing this post there was no configuration parameters for things like a license file or the configuration of the Runecast appliance so they need to be done via the UI)

Using the Virtual Appliance

Once logged in it was very easy to add my vCenter details and also automatically configure the syslog settings for each of my ESXi hosts and VMs, there were also PowerCLI scripts for these available but at the moment this was also unavailable due to a bug in the appliance, the friendly Runecast team promised me this would be fixed soon.

Once configured I clicked the “Analyze Now” button, (I also set this up to be scheduled later) and the appliance worked its magic to scan my environment.

Within seconds I was presented with the state of my home lab and to my surprise not only was the information for vSphere 6.5 up to date in the virtual appliance but it had also found some known issues already…

Of course I clicked the RED Critical issues area – seamed like the best place to start! and found that I did indeed have some critical known issues and configuration issues with my environment:

These could be expanded to find the full information from the KB article as seen below:

Of course in my environment I could take my time with these and fix them as needed with updates or the information in the KB but in a production environment this could save a lot of time and heartache in the future with just a few clicks and setting up the automatic checking so that issues are found quicker and reported straight to you via email from the appliance.

Security hardening was easily shown for my entire environment:

Detailed log analysis was also very easy to use so that I could narrow down issues to a timeframe or with a specific word:

Future thoughts for the company

A few comments I would make back to the company as I used the app:

  1. Clearly the bug to bring up the PowerCLI examples for configuring the hosts and VMs needs to be fixed 😉
  2. An API for full configuration and automation of the appliance would have allowed me to take the automated deployment to the next level (I suggest a REST based API)
  3. The docs could have been improved in places, the security privileges for the users were not clear.
  4. Keep doing what you are doing, this is awesome!

Conclusion

Whilst I ran the app in my home lab to try it out, even there i found misconfiguration issues and missing patches. In a corporate environment where human error and misconfiguration accounts for a large number of issues I would strongly recommend checking out this appliance and ensuring your virtual environment is running at peak performance.  Make sure you check out their site here: https://www.runecast.biz/

 

2 thoughts on “Ensuring peak configuration for vSphere with Runecast

  1. Pingback: Vendor Brief: Runecast | IT Should Just Work

  2. Pingback: Using the Runecast API with Postman - Virtu-Al.Net

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.