Execute vRO Workflow from vROPS Alert

Objective

A colleague asked if it would be possible to run a PowerShell script using vRO workflow (vRealize Orchestrator) if an alert in vROPS (vRealize Operations) was triggered. The alert object type is a self created Management Pack based on SNMP. At first I thought, since both tools (vRO and vROPS) are from the same vendor and even within the same suite, it couldn’t be that hard. There must be some kind of easy integration between those two products to start a workflow. It took me longer than expected, but I’ve managed to get it working and in the end it even made sense.

First try: Management Pack for Orchestrator

As usual after trying some things out, you start googling (duckduckgo’ing doesn’t sound that fancy) for answers. The Management Pack for vRealize Orchestrator seemed like a tool that could get things working. It turned out that this integration is only useful when you want to communicate with a vCenter object. In a little more detail:

  • You must specify a vCenter in the configuration (Management Pack setup)
  • After importing the workflow(s) you must specify an object type, which can only be a vCenter Object (virtual machine, cluster, datastore, etc..)
  • We had to change a setting in vRealize Automation to enable basic authentication which came in useful for the second try.
    Since we use vIDM /vWSA as identity provider and have the products installed on-prem that’s the only way to authenticate to vRealize Orchestration

Full instructions on installing and configuring this management pack can be found here.

Second try: Using webhooks

I reached out to our VMware TAM and received some examples using the webhook functionality. This felt more like a 3rd party kind of integration, but it makes sense. Why use a different approach in starting a workflow within vRealize Orchestrator? It is just the same way as you would have configured any other tool/product to communicate with Orchestrator.

So let’s jump in some details of the complete configuration to see how it works.

Configure in vRealize Operations:

Create an outbound instance.

  • Navigate to: Configure → Alerts → Outbound Settings
  • Click on Add
  • Fill in the fields as shown below:

    vRealize Operations Outbound Instance
    Outbound Instance


Setting up a Payload Template

  • Navigate to: Configure → Alerts → Payload Templates
  • Click on Add
  • Fill in Details as desired, make sure to select the Webhook Notification Plugin as Outbound method
    vRealize Operations Payload Template - Details
    Payload Template – Details
  • I’ll leave Object Content (where you can select an object type) empty, since we won’t use it in this notification.
  • Fill in Payload Details as shown below:
    Note: Leave the base url (as configured in the Outbound Method) away. So the URL in Outbound Method + Endpoint URL = complete URL to execute the Orchestrator workflow.
    Replace <WORKFLOW_ID> with the actual ID of the workflow.

    vRealize Operations Payload Template - Payload Details
    Payload Template – Payload Details

Making a notification

  • Give it a name
  • Specify the Criteria (Object type, Object Scope and Notify on) which is needed for your use case
  • Select the Outbound Method you just created.
  • Choose the Payload Template you created before.
    vRealize Operations Notification Settings
    Notification Settings

Symptom and an Alert

  • A duplicate of a symptom, with a lower threshold which is surely exceeded (to test)
  • A duplicate of an alert, which uses the above symptom. Remove any of the notifications to prevent anyone receiving notifications about this test.
    vRealize Operations Alert Definition
    Alert Definition

    Note:Selecting the notification from the Alert settings isn’t always working (the notification isn’t shown). In that case you can edit the Notification and select the Alert in the Criteria (Object Scope).

Configure in vRealize Automation

Within vRealize Automation I already had a workflow configured including acces to it:

  • A workflow with a scriptable task, that outputs something in the System.log (“Yes you can!”);
    vRealize Automation Simple workflow
    Simple workflow
  • A group, with a specific service account (which is also set in the Outbound Method) as user and the workflow mentioned above (on tab Items) with run permissions.
    vRealize Automation Group Settings
    Group Settings

After a few test’s and finetuning the URI in the Outbound Method and Payload Template (I certainly didn’t read the helpful messages) it worked as expected.

Concluding

Without actually using the Management Pack for vRealize Orchestrator (with the restriction towards vCenter Objects), we now can execute any vRO workflow triggered by any vROPS alert (or warning, it has the same functionality). This is opening a lot of opportunities for auto-remediation.

Since in the start of this use case I had a wrong idea about the solution and couldn’t find any useful results, it helped me decide in creating this blog. I hope that someone with the same use case /objective and idea of solution now is able to find this blog and finds the solution.

Leave a Reply

Your email address will not be published. Required fields are marked *