As I mentioned in my recent newsletter, I am going to get Runecast working in my lab. I heard from others how cool it is, and while I knew that, I did not put the priority on it. Now I am. So join me while I deploy, and configure Runecast. We will make it work, and make sure it can scan successfully and that will be the end of this article. We will explore things in other articles.
Update: this article was created for 1.8.1 but was recently updated to work with 2.0. That means 1.8.1 specific information is not present any longer and some of the screenshots have been updated for specific 2.0 functionality.
Things to have ready
You should have a few things ready:
- Bits – you can download the trial, or the real bits (an OVA file) at this link. Which are the same but the license makes them work different (a little).
- The release notes and docs are available in the same portal as the bits.
- Service account that Runecast can use to talk to vCenter. It can be read only, but if you want more info it should have more rights and they list them in the User Guide – in fact they tell you what else you need and why, which is quite nice. I am going to use a domain user account with admin vCenter rights to make it easy.
- License – you also get this file in the same portal as docs and bits.
- You should have ready the FQDN, and IP info. It is a good habit to have it defined in DNS already.
- During the deploy you will get to choose Small, Medium, or Large. Be aware that the resources will be large if you select large.
Be aware that if you are doing a trial that you do not get access to all the info that you would as a licensed user (for example, none of the device specific info from ESXi hosts – like driver and firmware).
While you deploy – it is an OVA file so pretty easy, I notice that they have the wonderful extra config that includes:
keyboard.typematicMinDelay = 2000000
In case you wonder, if you are working at distance, with latency, and you are working in a VM console you can have some issues typing, and that command above fixes it. BTW, I did not see this using the HTML5 client and 2.0.1 of the appliance, not sure if it is not there, or not seen or what.
You will need the IP and FQDN info as part of deploy.
The deploy process is like all the other OVA deploys you did.
I use the Small choice as I have less than 10 hosts to worry about and want to keep resource utilization low as reasonable.
And once it is deployed, we need to power it up. When I powered it up, there was no IP or DNS name shown in the VM Summary screen. So I could not connect with the VAMI. So I restarted it again. Still no IP or DNS, so what I did was log in on the console, tabbed through the network info and save it and started again and all was good. I used two DNS servers in the OVF config and that may have been an issue. Not sure but reported to Runecast. Once it was working I realized there was no VAMI any longer.
Configuration – basic
After the OVA is deployed, and booted you can check the VM Summary screen to make sure you see the right IP and DNS info. Then check the console to see the URL to the app, as well as the admin UI. We need to do a few thing in the admin UI. Prior to 2.0 the admin UI was VAMI based, but as of 2.0 it has become console based. So access the console via the Web Client or VMRC and you will need to hit F1 and authenticate (account rcadmin password admin). You will see something like below.
I went through it to confirm my network settings and change my password.
We are done now, and can log out, but I had hoped, expected, to be able to define some NTP servers and my timezone. We will see if that works elsewhere.
Configuration – inside the UI
We now want to work inside the app so we access the application UI:
And we see the main login screen.
We can log in using the default credentials of rcuser with password of Runecast! As this is our first time logging in, and we have no vCenter connection we are prompted to make one.
In later versions this screen – above looks a little different but functionality is similar.
If it works for you, you will see something like below. I found that if it doesn’t work, it gives good error messages!
Next we do schedule.
I like doing daily scans as it helps me be proactive. BTW, did you know that they do approximately 32k worth of checks in a scan? Wow.
Some of you may not want to scan that often, but I want to know of issues sooner, particularly security related issues.
The scan completes fairly quickly and I have a number of issues to deal with. 1 Critical and 7 Major, hopefully is not too bad.
Now lets add our license. You need to reach up to the top right for the gear icon, then use the License tab. You use the Add License button and select the license file.
After you load the license file you will see a screen like below.
You will move your vCenter and hosts to the Licensed hosts box. You may be able to move all or only some depending on your license. You can use the double >> to all of your hosts at once.
Once you select the orange Assign License button you will see something like below – and be licensed!
If you leave settings, you can get back to it by selecting the gear icon in the top right corner.
Now we are going to change the password to the rcuser account. Lets select the User Profile button on the Settings bar.
You can see the gear icon above we will use to edit the password.
Changing the password was a bit harder than I expected. It always said my passwords did not match. Of course, what makes me smile is I copied and pasted the password. Turns out the issue was I had a special character in the password. So use only numbers, letters, upper case letters, and punctuation. This is still correct for 1.8.1 and 2.0.1.
I like to log out and back in here to confirm my new password works.
Now, I want to add Runecast to my vSphere Web Client. Lets do that before we do an analyze.
So back into Settings if you left, and on the vCenter Connection screen you can see an Edit button. Select it.
Once you select the Install Plugin button you see a different and bigger screen.
We will be using the big orange button. But I do like how they have a PowerCLI script too. A few moments after we hit the Install button we should see success.
We have some extra steps to do now to make it work. Note that we have to do this twice! Once in FLEX and once in HTML5. Now select API Access tokens in the orange bar.
Now use the orange Generate button. Provide a description.
Once you hit the Generate button you will see a new access token in a green bar, make sure to copy it to Notepad or somewhere safe. We will need to use it. Once you have done that select I understand. After you select it you will see something like below.
Now, log into the vSphere Web Client. If it is open, log out, and then log back in. Once back in, navigate to Administration > Runecast > Settings. Note: I was not able to do this in the HTML5 client so log into the Flex version! After it is done in FLEX you can do it in HTML5.
Now add your RuneCast FQDN, and paste the API access token. Once filled in you will see a green bar.
Use the Save Settings button, and then use the Go To Main View link.
If you did a scan when you first connected and configured you will not see the above but rather see a bunch of other things – problems most likely!
One more thing to do before our first scan. We need to configure log collection. If we are already forwarding logs to our Log Insight server – like I am, that is no problem as ESXi can handle several log destinations.
Now do this in the HTML5 client.
Back into Settings, then change to the Log Analysis tab.
I like the default config of only saving 30 days of logs. If we had to, we could use the Edit button to tweak the settings. Now expand the vC, seen above as Lefroy.
Note the little wrench seen above and with the red arrows? We use that to enable the log forwarding to Runecast. We are not going to have the VM logs forwarded to Runecast yet as I am not sure if I need that.
Lets hit the wrench for the hosts.
Now we should ignore the hint at the bottom of the screen. It confused me. Checkbox each of the hosts and hit Configure.
After you hit OK, and a few moments later it looks green.
Now, since I am careful, and maybe a tiny little bit paranoid, I will go visit Log Insight and make sure my host are still sending to it. And they do appear to be so that is good.
You may notice I did not enable the capture of VM logs, and not sure why not. I will do that later if / when I find out more about it.
Our First Scan
We do not have to wait for the scheduled scan, but lets do a manual scan to make sure things work! From the Dashboard, and in the top right hit that big blue Analyze now button.
It will take a bit of time. Maybe 2 minutes and you dashboard will update.
So it doesn’t look too good for me. But not too bad – I hope. But things are working. I love the idea of the Issue History.
This is now the end of the this deploy and configure article and I will do one soon looking at what was found.
We did a scan so that is good. But lets be sure that things are good.
- We use the HTML5 client and change to the Monitor view of a VM and see Runecast info.
- We use the FLEX client client and change to Monitor and make sure we see Runecast info.
- We do a scan and make sure we see things we know to be true. Such as old guest hardware on appliances.
So we do have a good install and see lots of useful info. Most excellent!
- 9/23/18 – I used this article with 2.0.1. In fact I had heard that there was no upgrade from 1.8.1 so I deleted it and did this install. I did reach out to people at Runecast and confirmed there is no upgrade path at this time. They made serious improvements in the appliance and it made an upgrade very tricky. Support can help you migrate notes if you have those but I don’t so was easy to delete and re-deploy.
- 8/6/18 – I used this article with 1.8.1. Worked good, but there are some slight changes that I tried to update above. Short on time as I have a dinner to be ready but will update as necessary in the future. Of note, in this version you cannot install the plug-in on 6.7.
=== END ===