Archive for the ‘System Center’ Category

SCOM Netscaler pack false positive: No HA hearbeats SNMP trap

In Citrix, Netscaler, Operations Manager, System Center, Uncategorized on December 9, 2011 at 21:55

As I mentioned some time ago we use SCOM to monitor our Netscaler Load Balancers. We ran into an issue where an alert would be raised based on a SNMP trap sent by the Netscaler. Some background info:

– We have an etherchannel (Nortel Avaya SMLT if people are interested) like setup where we use 2 ethernet interfaces on the Netscalers connected to our core switches and we have all our VLAN’s trunked on those ports (including the VLAN where the NSIP’s reside).

– The other ports are not connected – but we had two interfaces enabled so  we could use those to connect to the appliances if the etherchannel config got screwded up

– HA monitoring is only enabled on the channel not on any of the individual ethernet interfaces.

What happened was that traps were sent out saying that both nodes missed HA heartbeats – but when we logged into the Netscaler GUI the HA status was fine. When taking a closer look at the snmp trap data it appeared that no HA heartbeats were seen on the two ethernet ports that were enabled but not connected – even though HA monitoring was disabled on these ports.

We couldn’t really override this because the SNMP trap could only be enabled or disabled for all interfaces, so we disabled the interfaces. The only drawback is that we’ll need to use the console port if we can’t reach the Netscalers through the “etherchanneled” interfaces.

Battle for Cloud City: Microsoft strikes back? Part II.

In Opalis, Operations Manager, SCOM 2012, SCVMM 2012, Service Manager, System Center, Virtualization, Vmware on November 16, 2011 at 22:28

Part I.

One of biggest advantages of posting on a blog when compared with writing an official proposal or something similar is that I get to ramble on about the things I feel are important. Or peculiar, alienating or just entertaining. Looking at private cloud management solutions in a more trivial way give me the opportunity to talk about factors that might or might not matter for most but do say something about how a product is perceived – a degree of brand value if you wish.

You might wonder where this will lead considering that fact that the more serious part of this series started of with some dubious analogies – but don’t worry I actually intend to make a point here. This is my comparison:

I’ve conjured five topics:

  • Names – If have to explain stuff to my boss and I’ve taken the “cloud” and “virtual” hurdles, I want to have a nice set of abbreviations or a awe inspiring product name to work with
  • Powershell – Very important. Maybe a bit overrated by some – a general sense of logic, a search engine and Powergui are all that are needed to keep you from flipping burgers.
  • “Open” Standards – In what sense can each offering be accessed, extended and customized by both vendors and end-users?
  • Citrix, Emc – Alliances – The cloud and virtualization market seems rather peaceful with what I perceive as a mutually beneficial status-quo between Microsoft and Vmware on the hypervisor front, between Microsoft and Citrix on the SBC/VDI front and Cisco and EMC working with both Microsoft and Vmware to tie everything together. However if we are talking about clouds, unification and abstraction a cloud management solution that provides more integration then the cliche “single-pane-of-glass” everyone seems to be selling might dictate the choice for a hypervisor the next time licenses expire…
  • Monitoring Sprawl? – We consolidated 200 servers into 4 pieces of hardware but need 15 servers to monitor our environment…and we might feel unsure about hosting a monitoring solution on a platform that’s monitored by that solution…or which damn web interface do I need to do this…and of course – how can be VM status be green, my server object in maintenance mode and my email stuck in my outbox?

My conclusion? If you are going “Vendor A unless” Microsoft scores the best on the “trivial” side of things. If you go “best-of-breed” vSphere, vCenter (and PowerCLI/CapacityIQ) are very strong at what they do.

Note Bene:

The success of Powershell, pre-alpha stuff from EMC like project Orion and SMI-S show that there is a need for a universal API and framework for managing infrastructure. The sad part is that those initiatives are not new and many technologies have fallen and entered the eternal cloud – or are still there and are still used by deemed unworthy by some (such as SNMP).

The question that remains is – who will bring balance to the force – the chosen but fallen Anakin or the Light’s side counteraction, Luke ?

Mini-Review: Monitoring vSphere with SCVMM and SCOM 2012

In Powershell, SCOM 2012, SCVMM 2012, System Center, Virtualization, Vmware on November 7, 2011 at 23:03

Sometime ago I posted my Vsphere monitoring shoot-out. I recently had the time to install the RC of the SCVMM 2012 and the beta of SCOM 2012. There are plenty of guides out there that describe how to get you started with both products ( SCOM 2012 beta in ten minutes , SCOM 2012 Beta step by step, SCVMM 2012 Survival Guide ) so I won’t get into that to much. Some general remarks:


  • You need the Windows 7 AIK which is only downloadable as an ISO or IMG. That annoyed me.
  • I used SQL 2008 R2 Express as a database – in hindsight it would have been better to use a full SQL trial and host both SCVMM and SCOM’s databases.
  • Besides that the install was quick and painless


  • Collation, Collation, Collation! Choose SQL_Latin1_General_CP1_CI_AS as your SQL collation otherwise SCOM won’t find your SQL instance and it will not tell you you picked the wrong collation.
  • You need .NET 4
  • I had some issues installing the SCOM agent on the SCVMM server. I got this error:

Log Name:      Application

Source:        MsiInstaller

Date:          4-11-2011 17:53:33

Event ID:      1013

Task Category: None

Level:         Error

Keywords:      Classic

User:          ****\****

Computer:      FQ.DN


Product: System Center Operations Manager 2012 Agent — Microsoft ESENT Keys are required to install this application.  Please see the release notes for more information.

Apparantly this is not a SCOM 2012 specific error but more a general SCOM error on Windows 2008 R2 boxes. Running msiexec from an elevated command prompt solved the problem.

Adding vSphere to SCVMM

This part is pretty straightforward as well. Open the Virtual Machine Manager Console, Fabric pane and choose Add ResourceVmware vCenter Server. Create a Run As account which has enough the required privileges (local admin on the vCenter server according to Technet). After you’ve added the vCenter server you need to each Resource Cluster (or individual host) as well in much the same way as you added the vCenter server. But since you’re already connected to vCenter you don’t have to enter RC or host names – you can just select them in a browsing dialog.

Strangely enough I wasn’t able to retrieve and accept the certificate for any of my hosts using a domain account – which does have root equivalent privileges on the hosts – but either the AD integration is flawed or I made a mistake configuring it. But I used a second Run As account using the default vSphere root account and I was able to retrieve and accept the certificates.

After that I was able to view all my hosts and vm’s in SCVMM. Same goes for templates and host networking. SCVMM even sees my dvSwitches and sees them as one entity – but same goes for my vSwitches…which is not really what I would like to see. Portgroups aren’t shown in the networking pane – but I was able to find them in the vm guest properties. I did a quick test to see if I could actually manage stuff – and I could but for now I’m more interested in monitoring vSphere I’ll get down to managing vSphere some other time.

Connecting SCVMM to SCOM

I followed this great post on the SCVMM blog to connect SCVMM to SCOM. Most notable improvement over the previous versions: no need to install the VMM console on the SCOM server. However you still need to install the SCOMsole on the VMM Server. Oh and creating the connection is now a simple wizard in the VMM console :). I had some issues with not being able to search the online SCOM catalog I needed to download the prequisite MP’s by hand.

Once I got that sorted out I completed the wizard and the connection was made.

And? Has it gotten any better?

Yes. Because vSphere and vCenter are represented just as vSphere and vCenter in both SCVMM and SCOM instead of weird vm’s on a mutated Hyper-V server the visibility and navigation is much better. But my SCOMsole immediatly got filled up with alerts telling me my vm’s didn’t have VSG installed – and because everything is discovered through your VMM server (which is does still seem to see as a Hyper-V server) it started complaining about the fact that I had more then 384 vm’s on a host.

Alerts are also a lot quicker. Views are a bit poor – especially when you consider that the way my vSphere datacenter hierarchy is displayed in SCVMM is pretty good. The fact that SCOM and SCVMM will allow me to view a diagram of a service as defined in SCVMM look really promising but I haven’t tested that yet. If you put a host into maintenance mode in SCVMM its status is automatically propagated to SCOM. There is still no link between the vm as an instance running on vSphere and the Windows computer object in SCOM – that’s a real shame.

There isn’t a lot of Vmware specific stuff there as well. I guess that remains as MS likes to call it a partner opportunity – or something you could develop yourself using vCenter and System Center’s common denominator Powershell. But I believe even that might be less of a challenge then before because of the improved SNMP support in SCOM 2012 (so you can just that in addition to the information exposed by vCenter). Still the biggest improvement seems to be on the managing side rather then on the monitoring side – which makes taking the monitoring shortcomings for granted much more plausible then before.

Battle for Cloud City: Microsoft strikes back? Part I.

In Opalis, Operations Manager, Service Manager, System Center, Virtualization, Vmware on November 7, 2011 at 10:57

A long, long time ago in a galaxy far away business thrived on the planet of Bespin. An almost unlimited source of revenue – clouds – secured the quiet life of Cloud City’s inhabitants 🙂

But those days are gone and The Empire is attempting to take control of the clouds with its hosts of Hyper-V fighters and the SCVDMM (System Central Virtual Destruction and Mayhem Manager) aka “Death Star”.

A day after the announcement of the GA of Vmware’s vCenter Configuration manager, Vmware’s vOperations Suite and Microsoft System Center Suite are facing off in their battle for the private cloud. Of course there are other vendors that provide similar management suites – but because both suites are directly linked with each vendor’s own hypervisor layer I think both will be an obvious choice for customers. Almost a year ago I already voiced my views on why I think that Microsoft might have an advantage here – but in this post I want take a brief look at both suites ( and related products from both vendors) to see what areas of private cloud management they cover.

The term suite implies a set of tools built upon a central framework and using a single data set – however each suite consists of several essentially different products that have been brought together with varying levels of integration. This is because of the different roots of each product but also because each product is built to be used separately as well as in combination with the rest of the suites. This and the fact that both suites are able to connect to other system management software as well means that if a feature is missing from the suite that you might be able to integrate another products with either suite just as well. Both suites have links with EMC Ionix family for instance.

I’m going to do that by comparing each offering in 3 different categories:

  • Configuration and Monitoring: the five infrastructure layers
  • Trivia 😉
  • Management and additional features

I’ve compiled a small table for each category highlighting 4 or 5 components that I believe make up that category – each category will get its own post.

This is in no way a complete or even refined comparison but its also a comparison based on documented features and aspects of both products – however I do intend to test and blogs about the two suites extensively in the near future.

When I mention a product I am talking about its most recent version – unless stated otherwise. Most of the System Center 2012 stuff is still beta or RC, some might say that that makes this comparison unfair – on both sides. But I think the fact that Microsoft might lack some features because the product isn’t finished is nullified by the fact they don’t have  to provide the quality and stability needed for a released product. And you could make the same argument the other way around.

C&M: The five infrastructure layers

First Star Wars and now this category that sounds like a Kung Fu movie..

In this part I want to look at which part of your “private cloud” infrastructure each suite can manage, configure and monitor. The layers that I have defined here are:

  • Storage
  • Network
  • Hypervisor
  • Guests
  • Applications

This leads to the following table (click to enlarage):

My conclusion: Microsoft is able to cover every layer with regard to monitoring and most with configuration/provisioning etc. Vmware is not. But if you can’t configure network devices from System Center and you need another application to do that chances are that application will also be able to monitor those devices.

Nota Bene:

  • Service Manager and Orchestrator really add value because they are the applications that really tie all the data from SCOM and SCCM together and makes it possible to use that data to build an intelligent management infrastructure.
  • As mentioned in other blogs and sources – dynamic discovery, self learning performance and capacity analysis are key features in managing a highly abstracted/virtualized infrastructure. Vmware sees this and seems to have given such features priority offer more “classical” features.


vCenter Operations Docs

vCenter Configuration Manager Docs

Nice blog post comparing Vmware with other systems management applications

SCOM 2007 R2: Monitoring vSphere Shoot Out

In Operations Manager, Virtualization on November 1, 2011 at 20:52

Update: I’ve done a mini-review on SCVMM/SCOM 2012 and vSphere monitoring

We are a Microsoft shop. And a Vmware shop. We use SCOM to monitor everything and vSphere to host all our servers. So you can imagine how crucially important it is for us to properly monitor vSphere. With SCOM. Of course Virtual Center does a great job in giving us basic information about our hypervisor environment and the state of our virtual machines. But without the information about our applications SCOM provides and no real way to relate the two sets of data we really needed a way to get that information into one system.

Of course, there are other monitoring solutions, both for vSphere and for Microsoft applications. But we want to take advantage of our investment in SCOM and we firmly believe that SCOM is the best options to monitor  a 99% Microsoft infrastructure.

We were not the first facing this challenge. Because a challenge it was. We did our best to look at as many options as we could and in the end made a choice based on both functionality and price.

In this post I want to give a short overview of the solutions we looked at and give my personal opinion on each of them.

The contenders

In no particular order:

We also expressed some interest in a management pack created by Bridgeways, but they were very slow to respond to our request for a evaluation and once we got a response the amount of information we had to provide in order to evaluate the pack was so huge we decided it was not worth the effort.

Small disclaimer: we really did our best to give each solution a fair shot, however it could be possible that additional configuration or tweaking would increase the performance or the quality of the data. On the other hand we didn’t take into account how hard to was to actually get the solutions working – because the installation process (especially under Windows 2008) wasn’t always easy though nothing we couldn’t handle.

Round 1: What do they monitor – and how?

All of the solutions work through vCenter, with the exception of QMX which is able to monitor vSphere hosts directly through SNMP and SSH. I guess you could configure Jalasoft or even SCOM itself as a generic SNMP device or build your own sets of monitors and rules but in general you will still need vCenter as a middle man to monitor your hosts.

None of them consists of just a Management Pack – they all need a service running on either a SCOM server or a separate server with access to SCOM. Jalasoft and QMX are frameworks – so its possible to monitor other devices as well which makes it easier to digest that you need to add another component to your monitoring infrastructure – SCVMM could also be used to monitor Hyper-V or to manage vSphere and Hyper-V.

Jalasoft’s Smart MP monitors just vCenter. Hosts are discovered as part of the vCenter server but aren’t represented as separate entities. SCVMM monitors both vCenter, hosts and virtual machines however it will not give you any vSphere specific data such as CPU ready times, Memory swapping etc. During our tests a vSphere host failed and we had fixed the problem before SCVMM alerted us. QMX gives you an afwul lot of options – it can monitor vmware logs, syslogs on the esx servers, esxtop data (my personal favourite) and also give you the possibility to create custom filters on log files to trigger an alert if an entry matching the filter is logged. It also is aware of vCenter alerts en events but I didn’t find any monitor or alerts relating to DRS or HA.

Veeam monitors just about everything that makes vSphere vSphere. Also a lot of work has been put in the knowledge in the alerts as well – and the alerting is really quick and accurate. Therefore Veeam wins this round.

Round 2: Pricing

vSphere is expensive – period. And since vCenter has its own monitoring capabilities it could be hard to justify another large investment. As always its hard to define a ROI on solutions that mitigate risks if it is possible at all. QMX for vSphere is free. Extensions for other devices are not and are generally somewhat more expensive then other solutions (for instance for networking devices) – but I’ll talk more about that in round three.

With Jalasoft you pay per device. If you have one vCenter server, you pay for one device. SCVMM is a a part of the System Center Suite. If you have the proper agreement with Microsoft you get it for “free” once you’ve joined the dark side.

Veeam is so closely aligned with vSphere – they even have (or at least had with vSphere 4.*) the same pricing model. And the price per socket is quite high. But you could ask yourself – if proper monitoring, performance analysis and trend based alerting can increase my consolidation ratio I will be able to host more servers per physical host and need less sockets, less vSphere licenses and less Veeam licenses.

QMX is completly free – except for the OS license for the machine you host it on – so QMX wins this round.

Round 3: Vision, Tactics, Strategy..whatever

This round is about how the solution fits in a management or monitoring vision. So the outcome is going to be very subjective. But hey – when vendors talk about a journey to the cloud they are talking about just that – a vision or even a paradigm if you want about how to manage infrastructure to properly deliver services to users.

If you are virtualizing your infrastructure you are consolidating. So one thing you don’t want to do is to introduce a monitoring server sprawl. Despite the name the current incarnation of the System Center Suite is not at all an organic whole. Still using SCVMM makes sense, especially if you also use Hyper-V in your environment – but you would still need to check vCenter regularly as well because otherwise you are going to miss crucial information about the state of your environment.

Jalasoft and QMX are frameworks. QMX also gives you the possiblity to extend System Center Configuration Manager and has the broadest support for other non-Microsoft platforms and devices. Jalasoft is very network oriented but has a great integration with another add-on to SCOM, Savision LiveMaps.

Veeam – as described in the previous rounds – is very vSphere oriented. It does vSphere, it does it very well, but you will still need something of a framework next to Veeam and SCOM to monitor the other layers of your infrastructure such as your SAN storage or your network.

I put my faith in the frameworks. And I think its inevitable that a solution like Veeam will be built by either Vmware themselves or one of the vendors that offer a monitoring framework at some point in the near future. This round goes to QMX because of the integration with SCCM and the support for just about any non-Windows platform or application out there.

So the winner is..and some final thoughts

I think QMX is the best option available today if you are looking for a solution that is very configurable, affordable and has enough promise for the future to justify investing time and money into making the framework part of your monitoring infrastructure. But….

  • There are other options – vKernel has quite a nice toolset and claims to connect to SCOM – I will be testing that soonish
  • SCVMM 2012 is said to prvoide better vSphere integration and SCOM 2012 is said to have improved network device monitoring. I will look at those two in detail as well and report back with my findings.
  • You could build your own MP – you get get all the relevant data from vCenter using Powershell and SNMP gets and traps
  • SCVMM 2008 has a nasty habit of setting custom properties on your virtual machines – but you can us Powershell (isn’t that ironic) to get rid of those properties – for more info : VCritical article
  • Since Powershell and vSphere are so compatible I’m really surprised that I haven’t found a solution based on just Powershell to link SCOM and vSphere together.

Monitoring Citrix Netscaler Load Balancers with SCOM 2007 R2 Part III.

In Citrix, Netscaler, Operations Manager on October 21, 2011 at 20:28

This is part three of my series on monitoring Citrix Netscalers with SCOM 2007 R2 ( Part I and Part II).

Now, does it work? And how? As said in my previous post the way the information is presented is a little bit different then with other MP’s. For each SNMP trap sent the pack will raise an alert – and the alert will tell nothing more then the fact that the SNMP trap has been sent 😉 If you make a config change you’ll get an alert that it has been changed..but not what has been changed. That information is shown elsewhere.

To give an example, in the picture below you can see two alerts:

I changed the configuration and saved the running config. This is the information as shown in the config change alert:

To see what has been changed we need to head over to the Events node, here two events are shown:

If you look at the details of the event we can see that a SNMP community reference was added to the Netscalers with “public” as a community string:

Then there is the Health Roll-up of the entity. The health monitored health categories are Availability and Performance. Performance is  based on some SNMP GET based performance metrics of both the appliance and the vservers. Availability is based on the state of the appliance alone and so if a vserver is down the Netscaler Device entity will still be healthy.

And last but not least – the Netscalers themselves also allow you to tune what SCOM will report because you can enable/disable and configure its SNMP traps. You can do this from the GUI by opening System\SNMP\Alarms.

Depending on the type of alarm you can define the alarm and normal thresholds, the time interval and the alarm’s severity. Whatever you configure here will direct influence the way SCOM will report about these events. Of course its also possible to override the rules and or alerts in SCOM but personally I prefer to do this at the source.

I hope this guide will help others to get this MP running in their environment and possibly even convince others to choose this method of monitoring Netscalers.

Monitoring Citrix Netscaler Load Balancers with SCOM 2007 R2 Part II.

In Citrix, Netscaler, Operations Manager on October 20, 2011 at 22:07

This is part two of my series on monitoring Citrix Netscalers with SCOM 2007 R2 ( Part I ).

In the previous post I discussed why we decided to use SCOM to monitor the Netscalers, the MP’s installation and the Netscaler’s configuration. In this post I will discuss discovering the Netscalers in SCOM and the general usage of the MP.


The Netscalers need to be discovered as generic network devices. After they’ve been discovered a scheduled discovery will discover them as Netscaler devices based on their SNMP OID. After that another discovery runs to identify the installed features and modes.

  • Open the SCOM console, choose Administration and start the Discovery wizard.
  • Choose Network Devices
  • Specify an ip range that includes both your NSIP’s.
  • Select SNMP v2, specify your community string and Management Server

  • Now start the discovery, if you’ve configured the Netscaler correctly the wizard will detect two network devices. You will be able to see them both listed under Administration/Network Devices

The discoveries that are ran automatically against all network devices run every 21600 seconds. So you can either wait until it start or override the discovery. The discovery simply discovers all SNMP devices with a certain OID (if included a screenshot of the xml as a reference):

After the Netscalers have been identified as Netscaler Devices they will show up under Monitoring/Citrix Netscaler Devices/All Devices and the following discoveries which are ttargeted at the Citrix NetScaler Device class will start to discover additional classes and some properties to the Citrix Netscaler Device class:

  • Citrix Netscaler Feature Discovery – this will detect all features and their state ( Load Balancing, Access Gateway etc)
  • Citrix Netscaler Mode Discovery – this will detect all modes and their state (L2 versus L3 etc)
  • Citrix Netscaler Device Discovery – this will add the Node State ( Primary/Secondary), Host Name, HA Peer IP and hardware version

This is the point where we ran into some issues. Discovering the Citrix Netscaler Device class went fine but the other classes weren’t discovered at all and the extra attributes weren’t populated. Looking at the evenlogs on the management server I discovered an event with the following error message:

Error Message: 91\2600\Citrix.NetScaler.VirtualServerState.vbs(44, 9) Microsoft VBScript runtime error: ActiveX component can’t create object: ‘SScripting.SNMPManager’

This leads me to the Citrix Knowledge Center article I mentioned earlier ( Case Study: When installing…Error Message ). I downloaded the MP from the Citrix Community page and installed that over the version I had downloaded from MyCitrix and after a reboot the discoveries did identify the modes, features and attributes.

Configuring the MP

When we look at the Monitoring view – the Netscaler MP has 4 main nodes:

  • The root node – this contains an alerts view, a config changes view and events view and a Network Diagram.
  • The Device state node – this shows has two views: Active Devices which lists all the primary nodes and All Devices which shows all nodes.
  • The License & Modes node – this give a state view of all the features and modes as they are configured on each appliance
  • The Performance node – this has a rather large number of performance views

Alerts seems pretty self-explanatory however it is important to note that the alerts contain little information. You’ll know  a rule has triggered an alert but not why. Same goes for the Config Changes. Both will tell you there has been a alert or a config change, but the actual data is in the events view. Here all events (be it triggered alerts or snmp traps or config saves, changes, reboot etc) are logged with all the data provided by the SNMP GET or trap.

The network Diagram was a bit of a disappointment, I would have hoped to see the Vservers and the services in there as well.

License and mode views aren’t to pretty but they do the job, Licenses:

Unfortunatly you’ll need to select a row to see to which appliance it belongs when looking at licenses. The modes view is much better:

The performance views are grouped into several categories, ACL, IP, SSL etc. None of the rules and monitors are enabled by default. Which brings me to a point of criticism – why are all rules and monitor disabled by default and then overidden with an override that’s stored in main Citirx Netscaler MP? Again something that goes against Best Pratices.

Actually most performance counters aren’t active (or have an override by default)when you install the pack – you’ll need to override them one-by-one to be able to get that data into SCOM. This is where a tool such as OverrideExplorer ( I used v3.3. ) can prove to be invaluable, since for each category there are several snmp get rules and in order to fully populate the performance views you’ll need to override all of them.

One clue – when you open the authoring pane in SCOM and limit to the scope to include only the Netscalers you can find the rules needed to each catergory by looking at their name. They will start with the name of the performance view in the monitoring pane and start with a capital. In the picture below you can see all the TCP rules, and if you look at the Override Management Pack you can see I used a custom override pack which means they weren’t enabled by default:

Using this information you can override the performance rules in bulk using Override Explorer.

Then you are ready to go. In the next part I will show the MP in action and show how you can configure and enable/disable the SNMP traps sent by the Netscalers.

Monitoring Citrix Netscaler Load Balancers with SCOM 2007 R2 Part I.

In Citrix, Netscaler, Operations Manager on October 19, 2011 at 19:19


(Part II , Part III)

We recently introduced two Citrix Netscaler clusters into our environment. The first cluster was already running as a Citrix Access Gateway cluster (as an upgrade from our Secure Gateway – needed to support Citrix receiver on IOS devices), we purchased a load balancing license for that cluster and are using it to load balance servers in our DMZ. The other cluster is used to load balance servers in our internal network.

We mainly use the load balancers to create what I call “controlled redundancy”, but we do use it for several critical applications, such as the before mentioned XenApp environment. And one of the key elements in achieving this state of controlled redundancy in my humble opinions is being able to monitor these clusters.

Citrix offers an excellent application to monitor and administer their line of networking products called “Command Center”. But our central monitoring solution is Microsoft SCOM 2007. Of course we could have decided to use both products side-by-side or try to engineer some connector between Command Center and SCOM. But since the number of management task we have to perform on our Netscalers is very small – and the fact that Citrix has a SCOM MP for the Netscalers – we are now managing the two cluster using the GUI and SSH for the time being and installed the SCOM MP.

In this series of posts I am going to show how we installed, configured and tuned the management pack. I’m also going to cover the configuration of the Netscalers and the usage of the Netscaler pack – mainly because its structure is a little different then most standard Microsoft MP’s.

We use vSphere as our virtualization platform so I have no experience with the PRO MP’s that are provided to use SCVMM PRO TIPS  – so all I can say about that is that its unfortunate that there is no comparable feature for vSphere.


The SCOM pack can be downloaded from myctrix if you have the proper licenses associated with your accounts. However – the same pack can also be obtained from the following Citrix Community blog post 🙂

I found that link in this Citrix KB article: – which discusses an issue with this pack and a x64 OS. We actually ran into this issue but more about that later.

Btw both downloads will get you the 2.0 version of the MP – there is a 1.0 version out there for older firmware builds. We have both a classic 9.2 build and a ncore 9.2 build in our environment and we use the 2.0 pack for both.

The installation is pretty straightforward. We do all SNMP based monitoring from a separate management server so it made sense for us to install the MP there. The management pack can do SNMP gets and receive SNMP traps so you’ll have to enable the built-in SNMP service on the management server.

You run the installer and then import the MP into SCOM.  Now its time to configure the Netscalers!

Netscaler Configuration

In order to configure the Netscalers to be monitored by SCOM there are a couple of things you’lll need to configure, but one of things that really bugged me was the fact that in order to properly monitor the cluster I needed to be able to add both nodes to SCOM – which basically means that you have to create your NSIPs in a routed part of your network, which is against Citrix best practices ( or somehow multi-home your management server of course).

So besides configuring your NSIP so that it’s reachable and has SNMP enabled everything you need to configure is in the System\SNMP node of the Netscaler GUI. I’m not familiar with the CLI yet however your just as easily configure it there I guess.

  • First there is the SNMP community:

To monitor the Netscalers only a GET permission is needed, choose Add and input your SNMP string en choose the permission

  • Then you’ll to add the SCOM server(s) or their IP range as SNMP Manager:

Choose Management Host to use a single IP, network for multiple. In our case we have a dedicated VLAN for our monitoring and management servers.

  • Next up are SNMP traps:

This is that part where I ran into some issues – it took me some time to figure out I needed to use Specific as the type instead of Generic. You also need to define the Trap destination and port. Before,I mentioned you needed to use the NSIP to monitor the Netscalers, but that’s only for the SNMP GETS because you are able to set a cluster wide SNIP or MIP as the source address. Minimum severity and Community name are obvious however don’t be fooled by the parenthesis in the Community Name field – you actually have to enter your own string without parenthesis!

That’s most of the configuration on the Netscalers – in the next two parts I’ll discuss discovering the Netscalers, how to tune and configure the monitoring process on both SCOM and the Netscaler and I’ll try to show a little bit about the structure and the usage of the MP – especially because its a little different then your ordinary Microsoft MP.

(Part II , Part III)

Running Powershell script as SCOM console task and passing named parameters

In Operations Manager, Powershell, System Center on May 19, 2011 at 09:54

We have a ticketing system for which there is no SCOM connector and we wanted to provide a simple way to forward an alert to the ticketing system by email. We already stumbled upon the Alert Forward Task MP by Cameron Fuller but to add some flexibility I decided to rewrite it using a powershell as the application that is being executed. Contrary to agent task there is no default functionality to specifically run a powershell script to it took some time to figure out how I should call the script from the task and how to pass the needed parameters.

The variables I wanted to get from the alert where the MonitoringObjectName,Name,Description,Severity and Time Raised. I would then use those variables as named paramters to the powershell script that actually sends the mail. This is the code for the powershell script:

# Variables
$recipient= someone@someone.local
$mailserver = mail@someone.local
$sender= someoneelse@someone.local
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<b>Managed Object:</b>$managedobject<br>
<b>Description:</b> $description<br>
<b>Time Raised:</b> $time<br>
<b>Severity:</b> $severity
$subject="Operations Manager Alert:"+"$name"
# Let's send an email
Send-MailMessage -ErrorVariable $mailerror -From $sender -To $recipient -SmtpServer $mailserver -Subject $subject -Body $body -BodyAsHtml
# If you enable output on the console task use the clause below to give some output.
#The alert: $name ,
#has been forwarded.
#if ($mailerror)
#    {
#    Write-Host $mailerror
#    }
#    {
#    Write-Host $message
#    }

As you can see it is a rather simple script that takes the input from the alert, builds an html message and uses Send-MailMessage to send the message. If you’d like to show output (error, success) you can uncomment that section and set RequireOutput to true in the XML.

Then I created a console task in the SCOM Authoring console and specificed a command line application, the paramters and working directory. Of course it took me some time to find the right syntax and looking at the xml I noticed something peculiar, all the parameters you enter in the gui are put into one <parameter> element inside the XML. Even when you edit the xml by hand and add each parameter as a separate element and open up the pack in the console and change something like the display name and save it it wraps them all up in one element again. Testing showed that with all the arguments in one element in the XML the task doesn’t work.

Here is the XML snippit of the console task:

<ConsoleTask ID="MCSE.AlertForward" Accessibility="Public" Enabled="true" Target="System!System.Entity" RequireOutput="false" Category="Alert">
<Parameter>"&amp; \\someuncpath\forward-alert.ps1"</Parameter>
<Parameter>-ManagedObject '$MonitoringObjectName$'</Parameter>
<Parameter>-Name '$Name$'</Parameter>
<Parameter>-Description '$Description$'</Parameter>
<Parameter>-Severity '$Severity$'</Parameter>
<Parameter>-Time '$TimeRaised$'</Parameter>

Easiest way to add this task would be to copy/paste the xml into an existing MP and import the MP into your SCOM environment.

I put the powershell script on a share accessible to all our SCOM operators, used powershell.exe as the application and the script path and the variables from SCOM as arguments.Notice the double quotes around the script path and the single quotes around the alert variables.

You can of course create a more elaborate email, for instance using this excellent script by Tao Yang as an example. (Tao creates his own channel to send email notification and set up subscriptions but the code used to collect the data from SCOM can also be used in a console task).

Persistence is Futile

In Opalis, System Center on November 11, 2010 at 17:43



In my earlier post I mentioned Opalis. Now what is Opalis? Opalis is an IT process automation tool. It gives you the possibility to visually design workflows that orchestrate, manage and monitor your whole process. By using integration packs Opalis is able to communicate with a host of different systems, vendors and platforms. You can get data out of systems, into systems and base your workflow’s logica on the repsonses you get from those systems.

In the breakout session I attended Opalis was compared to a mainframe run book: a formalization of all the steps involved in a process from start to end. And because of the great interoperability you can start by taking your “informal” processes and putting them into Opalis – no chance in functionality but know you let Opalis handle the execution (for instance calling Powershell), the monitoring/logging (by raising an alert in SCOM if something goes wrong or even creating an incident in Service Manager) and the decision making logic. So instead of incorperating all of that in every script you find in your environment you create a template which you can then reuse for every task.

Opalis itself was a so called third party tool vendor but is now a fully owned subsidiary of Microsoft and has been included in the System Center suite. In later posts I will try to get into the technical details of Opalis and how it relates to Microsoft Cloud management solution.