Cloud Auto-Discovery
Contents
Device42 supports auto-discovery of cloud instances (virtual devices) on Amazon AWS, Microsoft Azure, Linode, Digital Ocean, Cloudstack, Openstack, Joyent, and Outscale. Native discovery for new cloud platforms is added according to customer needs [and please do let us know!].
Device42 will auto-discover your cloud virtual machines, databases, and storage as devices. You can then work with your cloud devices just like like you would any other device. You can define application components, store passwords, create custom keys, and so on, just as you would for any other physical or virtual device.
The Tools → Auto-Discovery menu includes the option for discovery of Cloud instances. The list page shows all of your existing cloud auto-discovery jobs. You’ll typically create one job per account. As with other types of auto-discovery jobs, cloud discovery jobs can be run immediately and/or scheduled. Click the ‘Add Cloud Autodiscovery’ button [top right corner] to create a new job.
Amazon Web Services Auto-discovery
Prerequisites - To create an AWS Autodiscovery job, you will need to:
-
Prepare your AWS Account - The Minimum IAM Policy Permission/Role requirements are:
- AmazonEc2ReadOnly
- AmazonElastiCacheReadOnlyAccess
- AmazonRDSReadOnlyAccess
- AmazonS3ReadOnlyAccess
- Device42 utilizes your AWS Access Key and Secret Key to perform discovery, please have these handy
- Choose & Enter a ‘Name’ for the job
- Select the Cloud Type (Choose ‘Amazon AWS’ from the dropdown)
-
Add your Amazon Secret Key for the account to be discovered. The procedure is the same as for the Account Access Key, but will use a Second, separate entry! Do this by clicking the magnifying glass, and then clicking ‘Add Password’ in the upper right hand corner. Enter your Secret Key in the field labeled “Password:”. The USERNAME FIELD IS NOT USED by cloud discoveries - Device42 will store the Secret Key encrypted. If desired, set up access permissions for the Secret Key.
-
Choose one or more Amazon regions to search
Optionally, you can also:
- Choose a vendor [note that all vendors are user-defined - Device42 does not ship with a list of vendors].
- Choose a VRF Group. If one is selected, all discovered IPs will be placed in subnets in that VRF Group. This is useful if you have duplicate IPs in your internal network.
- Choose a remote collector to run the job [ensure the chosen remote collector can reach the target network]
- Check “Add tags as custom fields” to add discovered tags to Device42 custom fields.
- Check “Strip domain name” to have Device42 strip the discovered domain suffix from the device instance name.
- Choose a category for discovered devices [note categories are user defined]
Next, you should “Save and Continue”. You can then click ‘Run’ to run the job immediately. Or you can save it or save it and have it run on a regular schedule.
Microsoft Azure Auto-discovery
Microsoft Azure Discovery is similar to Amazon; you will need to:
- Choose & enter a ‘Name’ for the job
- Select the Cloud Type (Choose ‘Microsoft Azure’ from the dropdown)
- Enter your ‘Subscription ID’
- That’s it! Azure will now recognize the Device42 instance as secure client that is authorized to interact with your Azure account.
Device > Virtual Device will now show cloud devices as well. The Vendor shows up as the Device Host for these devices. There is a new filter on the right hand side filter bar.
Optionally, you can also:
- Choose the vendor [note that all vendors are user-defined - Device42 does not ship with a list of vendors].
- Choose a VRF Group. If one is selected, all discovered IPs will be placed in subnets in that VRF Group. This is useful if you have duplicate IPs in your internal network.
- Choose a remote collector to run the job [ensure the chosen remote collector can reach the target network]
- Check “Add tags as custom fields” to add discovered tags to Device42 custom fields.
- Check “Strip domain name” to have Device42 strip the discovered domain suffix from the device instance name.
- Choose a category for discovered devices [note that categories are user defined]
Next, you should “Save and Continue”. Then you can click ‘Run’ to run the job immediately. Or you can save it or save it and have it run on a regular schedule.
Openstack Auto-discovery
-
When you add an Openstack job, you will be prompted for a User, Password, and Project Name…
Minimum Permission Requirements for OpenStack Discovery are as follows:
- User / User Group should be attached to the project and have the following permissions described in policy.json:
- “os_compute_api:os-hypervisors”
- “os_compute_api:os-extended-server-attributes”
-
The User and Password are the ones you enter into the Openstack authentication screen…
-
When you log into Openstack, the Overview screen shows a list of projects.
-
Enter the project name you would like to access into the Device42 Project Name field.
Optionally, you can also:
- Choose the vendor. Please note that all vendors are user-defined. Device42 does not ship with a list of vendors.
- Choose a VRF Group. If you select a VRF Group, then all IPs found will be placed in subnets in that VRF Group. This is useful if you have duplicate IPs in your internal network.
- Check the “Remove unfound instances from Device42″ box. If you check this box, then each time this auto-discovery job is run, any devices that were previously created for this account but were not found by the auto-discovery job will be deleted. By checking this box, you can ensure that Device42 will remain in sync with Openstack. If you leave it unchecked, then you may end up with Device42 Cloud Instances (cloud devices) that no longer exist in Openstack.
Next, you should “Save and Continue”. Then you can click ‘Run’ to run the job immediately. Or you can save it or save it and have it run on a regular schedule.
Joyent Auto-discovery
For Joyent Discovery, you will need to:
- Enter an arbitrary name for the job
- Enter the Joyent User
- Enter the Joyent Key name
- Download a Private Key
To get the Joyent User, go to your Joyent console:
The Joyent User will be in the top right corner.
Click the down arrow and the Account option…
In the SSH section, click the Create SSH Key button. You will see 2 files downloaded. The Private Key file is the one without the .pub extension…
After the download, the new key will appear in the SSH section and the Key Name you need to enter into Device42 will be present.
Optionally, you can also:
- Choose the vendor. Please note that all vendors are user-defined. Device42 does not ship with a list of vendors.
- Choose a VRF Group. If you select a VRF Group, then all IPs found will be placed in subnets in that VRF Group. This is useful if you have duplicate IPs in your internal network.
- Check the “Remove unfound instances from Device42″ box. If you check this box, then each time this auto-discovery job is run, any devices that were previously created for this account but were not found by the auto-discovery job will be deleted. By checking this box, you can ensure that Device42 will remain in sync with Joyent. If you leave it unchecked, then you may end up with Device42 Cloud Instances (cloud devices) that no longer exist in Joyent.
Next, you should “Save and Continue”. Then you can click ‘Run’ to run the job immediately. Or you can save it or save it and have it run on a regular schedule.
Linode Auto-discovery
For access to Linode, you will need your API Key. To create a Linode API Key, go to your Linode console…
Select “My Profile” and navigate to “API Keys”
From here, you can create your API Key that Device42 needs to gain access.
Optionally, you can also:
- Choose the vendor. Please note that all vendors are user-defined. Device42 does not ship with a list of vendors.
- Choose a VRF Group. If you select a VRF Group, then all IPs found will be placed in subnets in that VRF Group. This is useful if you have duplicate IPs in your internal network.
- Check the “Remove unfound instances from Device42″ box. If you check this box, then each time this auto-discovery job is run, any devices that were previously created for this account but were not found by the auto-discovery job will be deleted. By checking this box, you can ensure that Device42 will remain in sync with Linode. If you leave it unchecked, then you may end up with Device42 Cloud Instances (cloud devices) that no longer exist in Linode.
Next, you should “Save and Continue”. Then you can click ‘Run’ to run the job immediately. Or you can save it or save it and have it run on a regular schedule.
Cloud Instance Information
The Device view and edit pages will now show “Cloud Instance Information” under the Properties tab.