Morpheus Documentation

Morpheus Documentation
Release 2.12.4
jw
Feb 19, 2018
Contents
1
2
Getting Started
1.1 Requirements . . . . . . . . . .
1.1.1
Base Requirements . .
1.1.2
Storage . . . . . . . .
1.1.3
Network Connectivity .
1.1.4
Components . . . . . .
1.2 Installation . . . . . . . . . . .
1.2.1
Ubuntu . . . . . . . .
1.2.2
CentOS . . . . . . . .
1.2.3
RHEL . . . . . . . . .
1.2.4
Additional Options . .
1.3 Upgrading . . . . . . . . . . .
1.3.1
Debian / Ubuntu . . . .
1.3.2
CentOS / RHEL . . . .
1.4 Initial Appliance Setup . . . . .
1.4.1
Appliance Setup . . . .
1.4.2
Add a License Key . .
1.5 Advanced Configuration . . . .
1.5.1
Offline Installer . . . .
1.5.2
Proxies . . . . . . . .
1.6 High Availability Configuration
1.6.1
Overview . . . . . . .
1.6.2
Database Tier . . . . .
1.6.3
RabbitMQ Cluster . .
1.6.4
Elasticsearch . . . . .
1.6.5
Application Tier . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
1
1
1
2
2
2
3
3
4
5
7
7
8
8
8
8
9
10
10
11
13
13
15
23
24
26
Provisioning
2.1 Provisioning Concepts . . . . . . . . . . . . .
2.1.1
Instances . . . . . . . . . . . . . . .
2.1.2
Containers / Nodes / Virtual Machines
2.1.3
Hosts / Servers . . . . . . . . . . . .
2.1.4
Apps . . . . . . . . . . . . . . . . . .
2.1.5
Templates . . . . . . . . . . . . . . .
2.2 Instances . . . . . . . . . . . . . . . . . . . .
2.2.1
Creating Instances . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
29
29
29
30
30
30
30
31
31
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
i
2.3
2.4
2.5
2.6
2.7
2.8
2.9
3
ii
2.2.2
Instance Details . . . . . .
2.2.3
Instance Actions . . . . .
Apps . . . . . . . . . . . . . . . .
2.3.1
Creating Apps . . . . . . .
Templates . . . . . . . . . . . . . .
Automation . . . . . . . . . . . . .
2.5.1
Tasks . . . . . . . . . . .
2.5.2
Workflows . . . . . . . . .
Virtual Images . . . . . . . . . . .
2.6.1
Overview . . . . . . . . .
2.6.2
Image Types . . . . . . . .
2.6.3
Configuring Virtual Images
2.6.4
Provisioning Images . . .
2.6.5
Add Virtual Images . . . .
Library . . . . . . . . . . . . . . .
2.7.1
Overview . . . . . . . . .
2.7.2
Instance Types . . . . . .
2.7.3
Node Types . . . . . . . .
2.7.4
Scripts & Templates . . .
2.7.5
Layouts . . . . . . . . . .
2.7.6
Option Types . . . . . . .
2.7.7
Option List . . . . . . . .
Migrations . . . . . . . . . . . . .
2.8.1
Migration Types . . . . . .
2.8.2
Add Migration . . . . . .
2.8.3
Manually Start Migration .
2.8.4
Remove Migration . . . .
Deployments . . . . . . . . . . . .
2.9.1
Getting Started . . . . . .
2.9.2
Deploying to an Instance .
2.9.3
Offloading Storage . . . .
2.9.4
Add Deployment . . . . .
2.9.5
Edit Deployment . . . . .
2.9.6
Delete Deployment . . . .
Infrastructure
3.1 Groups . . . . . . . . . . .
3.1.1
Overview . . . . .
3.1.2
Adding Groups . .
3.1.3
Managing Groups .
3.1.4
Edit Group . . . .
3.1.5
Delete Group . . .
3.1.6
User Access . . . .
3.2 Clouds . . . . . . . . . . .
3.2.1
Overview . . . . .
3.2.2
Creating Clouds . .
3.2.3
Cloud Detail View
3.2.4
Deleting Clouds . .
3.3 Hosts . . . . . . . . . . . .
3.3.1
Overview . . . . .
3.3.2
Hosts . . . . . . .
3.3.3
Virtual Machines .
3.3.4
Bare Metal . . . .
3.4 Network . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
32
32
34
34
44
44
44
46
47
47
47
47
48
48
50
50
50
51
52
52
52
53
53
53
54
54
54
54
55
55
56
56
57
57
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
59
59
59
60
61
61
62
62
62
62
62
62
63
63
63
64
64
64
64
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
64
66
66
68
68
70
71
73
73
73
75
75
75
76
76
77
77
77
77
78
78
78
78
79
80
81
81
81
82
Administration
4.1 Tenants . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4.1.1
Overview . . . . . . . . . . . . . . . . . . . . . . . .
4.1.2
Create Tenants . . . . . . . . . . . . . . . . . . . . .
4.1.3
Edit Tenant . . . . . . . . . . . . . . . . . . . . . . .
4.1.4
Delete Tenant . . . . . . . . . . . . . . . . . . . . . .
4.1.5
Tenant Users . . . . . . . . . . . . . . . . . . . . . .
4.1.6
Configuring Tenants and Resources for Multi-Tenancy
4.2 Identity Sources . . . . . . . . . . . . . . . . . . . . . . . . .
4.2.1
Overview . . . . . . . . . . . . . . . . . . . . . . . .
4.3 Plans & Pricing . . . . . . . . . . . . . . . . . . . . . . . . . .
4.3.1
Overview . . . . . . . . . . . . . . . . . . . . . . . .
4.3.2
Create Service Plan . . . . . . . . . . . . . . . . . . .
4.3.3
Edit Service Plan . . . . . . . . . . . . . . . . . . . .
4.3.4
Delete Service Plan . . . . . . . . . . . . . . . . . . .
4.4 Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4.4.1
Role Management Overview . . . . . . . . . . . . . .
4.4.2
Role Types . . . . . . . . . . . . . . . . . . . . . . .
4.4.3
Roles and Identity Sources . . . . . . . . . . . . . . .
4.4.4
Resource Limits . . . . . . . . . . . . . . . . . . . . .
4.4.5
Users . . . . . . . . . . . . . . . . . . . . . . . . . .
4.5 Integrations . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4.5.1
Ansible . . . . . . . . . . . . . . . . . . . . . . . . .
4.5.2
Chef . . . . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
89
89
89
89
90
90
90
91
103
103
103
103
104
104
104
105
105
105
106
106
106
107
108
109
3.5
3.6
3.7
3.8
3.9
4
3.4.1
Networks . . . . . . . . . . . . .
3.4.2
Network Groups . . . . . . . . .
3.4.3
Services . . . . . . . . . . . . . .
3.4.4
IP Pools . . . . . . . . . . . . . .
3.4.5
Domains . . . . . . . . . . . . . .
3.4.6
Proxies . . . . . . . . . . . . . .
3.4.7
Security Groups . . . . . . . . . .
Load Balancers . . . . . . . . . . . . . . .
3.5.1
Overview . . . . . . . . . . . . .
3.5.2
Load Balancers . . . . . . . . . .
Storage . . . . . . . . . . . . . . . . . . .
3.6.1
Overview . . . . . . . . . . . . .
3.6.2
Supported Storage Provider Types
3.6.3
To View Storage . . . . . . . . .
3.6.4
Add Storage Provider . . . . . . .
Key Pairs & Certificates . . . . . . . . . .
3.7.1
Key Pairs . . . . . . . . . . . . .
3.7.2
Add Key Pair . . . . . . . . . . .
3.7.3
Delete Key Pair . . . . . . . . . .
PXE Boot . . . . . . . . . . . . . . . . . .
3.8.1
Overview . . . . . . . . . . . . .
3.8.2
Prerequisites . . . . . . . . . . .
3.8.3
Mapping . . . . . . . . . . . . . .
3.8.4
Answer Files . . . . . . . . . . .
3.8.5
Images . . . . . . . . . . . . . . .
Policies . . . . . . . . . . . . . . . . . . .
3.9.1
Overview . . . . . . . . . . . . .
3.9.2
Policy types . . . . . . . . . . . .
3.9.3
Creating Policies . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
iii
5
6
iv
4.5.3
Consul . . . . . . . . . . . . .
4.5.4
Docker Registry . . . . . . . .
4.5.5
Infoblox . . . . . . . . . . . .
4.6 Git . . . . . . . . . . . . . . . . . . .
4.6.1
AWS Route53 . . . . . . . . .
4.6.2
Salt . . . . . . . . . . . . . .
4.6.3
ServiceNow . . . . . . . . . .
4.7 Provisioning Settings . . . . . . . . . .
4.7.1
Settings . . . . . . . . . . . .
4.7.2
Cloud-Init Settings . . . . . .
4.7.3
PXE Boot Settings . . . . . .
4.8 Monitoring Settings . . . . . . . . . .
4.8.1
Overview . . . . . . . . . . .
4.8.2
Morpheus Monitoring Settings
4.8.3
AppDynamics . . . . . . . . .
4.8.4
Service Now . . . . . . . . .
4.8.5
New Relic . . . . . . . . . . .
4.9 Backup Settings . . . . . . . . . . . .
4.9.1
Overview . . . . . . . . . . .
4.9.2
Morpheus Backup Settings . .
4.9.3
Veeam Settings . . . . . . . .
4.9.4
Commvault Settings . . . . .
4.10 Logging Settings . . . . . . . . . . . .
4.11 Appliance Settings . . . . . . . . . . .
4.11.1 Appliance Settings . . . . . .
4.11.2 Whitelabel Settings . . . . . .
4.11.3 License . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
111
112
112
117
117
118
126
128
128
128
129
129
129
129
129
130
130
130
130
131
131
132
132
132
132
134
136
Monitoring
5.1 Checks . . . . . . . . .
5.1.1
Health . . . . .
5.1.2
Options . . . .
5.1.3
SSH Tunneling
5.1.4
Check Servers .
5.2 Groups & Apps . . . . .
5.2.1
Groups . . . .
5.2.2
Apps . . . . . .
5.3 Incidents . . . . . . . .
5.4 Alerts . . . . . . . . . .
5.4.1
Contacts . . . .
5.4.2
Alert Rules . .
5.4.3
Notifications .
5.5 Monitoring Integrations
5.5.1
AppDynamics .
5.5.2
NewRelic . . .
5.5.3
Service Now .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
139
139
139
140
140
140
140
140
141
141
141
141
142
142
142
142
142
143
Logs
6.1 Overview . . . . . . .
6.1.1
Configuration
6.1.2
Usage . . . .
6.2 Integrations . . . . . .
6.2.1
Splunk . . . .
6.2.2
LogRhythm .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
145
145
145
145
146
146
146
.
.
.
.
.
.
7
Backups
8
Operations
8.1 Dashboard . . . . . . . . . . . . . . .
8.2 Reports . . . . . . . . . . . . . . . . .
8.2.1
Overview . . . . . . . . . . .
8.2.2
Reports History . . . . . . . .
8.2.3
Generating Reports . . . . . .
8.2.4
Viewing Reports . . . . . . .
8.3 Analytics . . . . . . . . . . . . . . . .
8.4 Guidance . . . . . . . . . . . . . . . .
8.4.1
Overview . . . . . . . . . . .
8.4.2
Configuration . . . . . . . . .
8.4.3
Recommendations . . . . . .
8.4.4
Filters . . . . . . . . . . . . .
8.5 Approvals . . . . . . . . . . . . . . . .
8.5.1
Overview . . . . . . . . . . .
8.5.2
Configuring Approvals . . . .
8.5.3
Managing Approval Requests
8.6 Usage . . . . . . . . . . . . . . . . . .
8.6.1
Overview . . . . . . . . . . .
8.6.2
View Usage . . . . . . . . . .
8.6.3
API & CLI . . . . . . . . . .
8.7 Activity . . . . . . . . . . . . . . . . .
8.7.1
Activity Reports . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
149
149
149
149
150
150
150
150
150
150
151
151
151
151
152
152
153
154
154
155
155
155
155
Services
9.1 Cypher . . . . . . . . . . . . . . . . .
9.1.1
Overview . . . . . . . . . . .
9.1.2
Mountpoints . . . . . . . . . .
9.1.3
Creating Cypher Keys . . . .
9.1.4
Password . . . . . . . . . . .
9.1.5
Secret . . . . . . . . . . . . .
9.1.6
UUID . . . . . . . . . . . . .
9.1.7
Key . . . . . . . . . . . . . .
9.1.8
Using Cypher Keys in Scripts
9.2 Archives . . . . . . . . . . . . . . . .
9.2.1
Overview . . . . . . . . . . .
9.2.2
Storage Provider . . . . . . .
9.2.3
Permissions . . . . . . . . . .
9.2.4
Files . . . . . . . . . . . . . .
9.2.5
Links . . . . . . . . . . . . .
9.2.6
Scripts . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
157
157
157
157
158
158
158
158
159
159
159
159
159
160
160
160
160
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
161
161
161
161
161
162
163
163
164
164
9
10 Integration Guides
10.1 Clouds . . . . . . . . . . . . . . .
10.2 VMware vCenter . . . . . . . . . .
10.2.1 Overview . . . . . . . . .
10.2.2 Features . . . . . . . . . .
10.2.3 Getting Started . . . . . .
10.2.4 Existing Instances . . . . .
10.2.5 Service Plans . . . . . . .
10.2.6 Virtual Images / Templates
10.2.7 Docker . . . . . . . . . .
147
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
v
10.3
10.4
10.5
10.6
10.7
10.8
10.9
10.10
10.11
10.12
10.13
vi
10.2.8 Multitenancy . . . . . . . . . . . .
10.2.9 Advanced . . . . . . . . . . . . . .
AWS . . . . . . . . . . . . . . . . . . . . .
10.3.1 Overview . . . . . . . . . . . . . .
10.3.2 Features . . . . . . . . . . . . . . .
10.3.3 Requirements . . . . . . . . . . . .
10.3.4 Creating an AWS Cloud . . . . . .
10.3.5 Minimum AWS IAM Policies . . .
Azure . . . . . . . . . . . . . . . . . . . . .
10.4.1 Overview . . . . . . . . . . . . . .
10.4.2 Features . . . . . . . . . . . . . . .
10.4.3 Requirements . . . . . . . . . . . .
10.4.4 Add Azure cloud in Morpheus . . .
10.4.5 Creating Resources in Azure . . . .
10.4.6 Docker . . . . . . . . . . . . . . .
10.4.7 Multi-tenancy . . . . . . . . . . . .
Azure Stack . . . . . . . . . . . . . . . . .
10.5.1 Overview . . . . . . . . . . . . . .
10.5.2 Requirements . . . . . . . . . . . .
10.5.3 Adding an Azure Stack Cloud . . .
Openstack . . . . . . . . . . . . . . . . . .
10.6.1 Overview . . . . . . . . . . . . . .
10.6.2 Features . . . . . . . . . . . . . . .
10.6.3 Getting Started . . . . . . . . . . .
10.6.4 Existing Instances . . . . . . . . . .
10.6.5 Advanced . . . . . . . . . . . . . .
10.6.6 Docker . . . . . . . . . . . . . . .
Digital Ocean . . . . . . . . . . . . . . . . .
10.7.1 Add a Digital Ocean Cloud . . . . .
10.7.2 Advanced Options . . . . . . . . .
10.7.3 Provisioning Options . . . . . . . .
Google . . . . . . . . . . . . . . . . . . . .
10.8.1 Add a Google Cloud . . . . . . . .
Hyper-V . . . . . . . . . . . . . . . . . . .
10.9.1 Features . . . . . . . . . . . . . . .
10.9.2 Getting Started . . . . . . . . . . .
10.9.3 Adding Hyper-V as a Private Cloud
10.9.4 Service Plans . . . . . . . . . . . .
10.9.5 Docker . . . . . . . . . . . . . . .
Nutanix . . . . . . . . . . . . . . . . . . . .
10.10.1 Overview . . . . . . . . . . . . . .
10.10.2 Features . . . . . . . . . . . . . . .
10.10.3 Getting Started . . . . . . . . . . .
10.10.4 Adding a Nutanix Cloud . . . . . .
10.10.5 Service Plans . . . . . . . . . . . .
10.10.6 Docker . . . . . . . . . . . . . . .
Oracle VM . . . . . . . . . . . . . . . . . .
10.11.1 Add a Oracle VM Cloud . . . . . .
Softlayer . . . . . . . . . . . . . . . . . . .
10.12.1 Add a Softlayer Cloud . . . . . . .
ESXi . . . . . . . . . . . . . . . . . . . . .
10.13.1 VMware Fusion . . . . . . . . . . .
10.13.2 Add a VMware Fusion Cloud . . . .
10.13.3 Advanced Options . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
165
166
166
166
166
167
167
168
172
172
172
173
182
184
190
191
191
191
191
193
195
195
195
196
196
197
197
197
197
197
198
198
198
199
199
200
201
203
204
205
205
205
205
205
206
206
206
206
207
207
207
208
208
208
10.13.4 Provisioning Options . . . . . . . . . . . . . .
10.14 Virtualbox . . . . . . . . . . . . . . . . . . . . . . . .
10.14.1 Advanced Options . . . . . . . . . . . . . . .
10.14.2 Provisioning Options . . . . . . . . . . . . . .
10.14.3 Xen Server . . . . . . . . . . . . . . . . . . .
10.14.4 Add a Xen Server Cloud . . . . . . . . . . . .
10.15 Creating a CentOS 7 Morpheus Image . . . . . . . . . .
10.15.1 Overview . . . . . . . . . . . . . . . . . . . .
10.15.2 Creating a CentOS 7 Morpheus VMware Image
10.16 Identity Management . . . . . . . . . . . . . . . . . . .
10.17 Active Directory . . . . . . . . . . . . . . . . . . . . .
10.17.1 Overview . . . . . . . . . . . . . . . . . . . .
10.17.2 Adding an Active Directory Integration . . . .
10.18 SAML Integration . . . . . . . . . . . . . . . . . . . .
10.18.1 Overview . . . . . . . . . . . . . . . . . . . .
10.18.2 Adding a SAML Integration . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
209
209
209
210
210
210
211
211
211
213
213
213
213
214
214
214
11 Troubleshooting
11.1 Morpheus Agent Install Troubleshooting . . . . . . .
11.1.1 Agent Install Modes . . . . . . . . . . . . .
11.1.2 Manually Installing a Morpheus Agent . . . .
11.1.3 Restarting the Morpheus Agent . . . . . . . .
11.1.4 centOS/RHEL 7 Images . . . . . . . . . . .
11.2 Morpheus UI not loading after upgrade or reconfigure
11.3 Blank Dashboard . . . . . . . . . . . . . . . . . . . .
11.4 Unable to Provision a Custom Image . . . . . . . . .
11.5 VMware Hypervisor Console is not displaying . . . .
11.6 Variables . . . . . . . . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
219
219
220
221
221
222
222
223
224
224
225
12 Release Notes
12.1 v2.12.4 . . . . . . . . . . . . . . . . . . . .
12.1.1 New Features . . . . . . . . . . . .
12.1.2 Fixes . . . . . . . . . . . . . . . .
12.2 v2.12.3 . . . . . . . . . . . . . . . . . . . .
12.2.1 New Features . . . . . . . . . . . .
12.2.2 Fixes . . . . . . . . . . . . . . . .
12.3 v2.12.2 . . . . . . . . . . . . . . . . . . . .
12.4 v2.12.1 . . . . . . . . . . . . . . . . . . . .
12.4.1 New Features . . . . . . . . . . . .
12.4.2 Other Additions and Improvements
12.4.3 Fixes . . . . . . . . . . . . . . . .
12.5 v2.12.0 . . . . . . . . . . . . . . . . . . . .
12.5.1 2.12.0 Release Notes . . . . . . . .
12.6 v2.11.4 . . . . . . . . . . . . . . . . . . . .
12.6.1 New Features . . . . . . . . . . . .
12.6.2 Additional updates: . . . . . . . . .
12.6.3 Fixes . . . . . . . . . . . . . . . .
12.7 v2.11.3 & 2.10.8 . . . . . . . . . . . . . . .
12.7.1 New Features . . . . . . . . . . . .
12.7.2 2.11.3 and 2.10.8 Fixes . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
229
229
229
229
230
230
230
230
231
231
232
233
233
233
233
233
234
234
234
235
236
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
vii
viii
CHAPTER
1
Getting Started
1.1 Requirements
Morpheus is a software based appliance installation capable of orchestrating many clouds and hypervisors. Before an
installation is started it is important to understand some of the base requirements.
In the simplest configuration Morpheus needs one Appliance Server. The Appliance Server, by default, contains
all the components necessary to orchestrate both vm’s and containers. To get started some base requirements are
recommended:
1.1.1 Base Requirements
• Operating System: Ubuntu 14.04 / 16.04 or CentOS/RHEL greater than 7.0.
• Memory: 8 GB minimum
• Storage: 100 GB storage minimum
• Network connectivity from your users to the appliance over TCP 443 (HTTPS)
• Inbound connectivity access from provisioned vm’s and container hosts on ports 443 and 80 (needed for agent
communication)
• Internet Connectivity from Appliance (To download from Morpheus ‘ public docker repositories and virtual
image catalog)
• Superuser privileges via the sudo command for the user installing the Morpheus Appliance package.
• An Appliance URL that is accessible to all managed hosts. It is necessary for all hosts that are managed by
Morpheus to be able to communicate with the appliance server ip on port 443. This URL is configured under
Admin->Settings. Morpheus also utilizes SSH (Port 22) and Windows Remote Management (Port 5985) to
initialize a server.
• An Appliance License is required for any operations involving provisioning.
1
Morpheus Documentation, Release 2.12.4
Note: Ubuntu 16.10 and Amazon Linux are not supported.
1.1.2 Storage
Morpheus needs storage space for a few items. One is for the built-in Elasticsearch store (used for log aggregation
and stats collection metrics). Morpheus also keeps a workspace and local virtual image cache for doing virtual image
conversion and template upload. While the permanent store of these can be offloaded via a Storage Provider some
space is still recommended for dealing with non streamable virtual image formats.
In many common scenarios it might be prudent to configure a shared datastore on a storage cluster and mounted to
/var/opt/morpheus/morpheus-ui (this is where all user based data and database data is persisted). There
are several folders located within here that can be independently located as desired.
1.1.3 Network Connectivity
Morpheus primarily operates via communication with its agent that is installed on all managed vm’s or docker hosts.
This is a lightweight agent responsible for aggregating logs and stats and sending them back to the client with minimal network traffic overhead. It also is capable of processing instructions related to provisioning and deployments
instigated by the appliance server.
The Morpheus Agent exists for both linux and windows based platforms and opens NO ports on the guest operating
system. Instead it makes an outbound SSL (https / wss) connection to the appliance server. This is what is known as
the appliance url during configuration (in Admin->Settings). When the agent is started it automatically makes
this connection and securely authenticates. Therefore, it is necessary for all vm’s and docker based hosts that are
managed by morpheus to be able to reach the appliance server ip on port 443.
Morpheus also utilizes SSH (Port 22) and Windows Remote Management (Port 5985) to initialize a server. This
includes sending remote command instructions to install the agent. It is actually possible for Morpheus to operate
without agent connectivity (though stats and logs will not function) and utilize SSH/WinRM to perform operations.
Once the agent is installed and connections are established SSH/WinRM communication will stop. This is why an
outbound requirement exists for the appliance server to be able to utilize port 22 and 5985.
Note: In newer versions of morpheus this outbound connectivity is not mandatory. The agent can be installed by
hand or via Guest Process API’s on cloud integrations like VMware.
1.1.4 Components
The Appliance Server automatically installs several components for the operation of Morpheus . This includes:
• RabbitMQ (Messaging)
• MySQL (Logistical Data store)
• Elasticsearch (Logs / Metrics store)
• Redis (Cache store)
• Tomcat (Morpheus Application)
• Nginx (Web frontend)
• Guacamole (Remote console service for clientless remote console)
2
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
• Check Server (Monitoring Agent for custom checks added via UI)
All of these are installed in an isolated way using chef zero to /opt/morpheus. It is also important to note these
services can be offloaded to separate servers or clusters as desired. For details check the installation section and high
availability.
1.2 Installation
Morpheus comes packaged as a debian or yum based package. It can be installed on a single on/off premise linux
based host or configured for high availability and horizontal scaling. Morpheus is currently only supported on Ubuntu
14.04, Ubuntu 16.04 , CentOS 7.0 or newer, and RHEL 7.0 or newer based hosts (Ubuntu is recommended).
1.2.1 Ubuntu
To get started installing Morpheus on Ubuntu (14.04 currently) a few prepratory items should be addressed first.
1. First make sure the apt repository is up to date by running sudo apt-get update. It might also be advisable to
verify that the assigned hostname of the machine is self resolvable.
Important: If the machine is unable to resolve its own hostname nslookup hostname some installation
commands will be unable to verify service health during installation and fail.
2. Next simply download the relevant .deb package for installation. This package can be acquired from your
account rep or via a free trial request from https://www.morpheusdata.com{[}morheusdata.com].
Tip:
Use the wget command to directly download the package to your appliance server.
https://downloads.gomorpheus.com/path/to/package.deb
i.e.
wget
3. Next we must install the package onto the machine and configure the morpheus services:
sudo dpkg -i morpheus-appliance_x.x.x-1.amd64.deb
sudo morpheus-ctl reconfigure
4. Once the installation is complete the web interface will automatically start up. By default it will be resolvable
at https://your_machine_name and in many cases this may not be resolvable from your browser. The url can
be changed by editing /etc/morpheus/morpheus.rb and changing the value of appliance_url. After this has been
changed simply run:
sudo morpheus-ctl reconfigure
sudo morpheus-ctl stop morpheus-ui
sudo morpheus-ctl start morpheus-ui
Note: The morpheus-ui can take 2-3 minutes to startup before it becomes available.
There are additional post install settings that can be viewed in the Advanced section of the guide.
Once the browser is pointed to the appliance a first time setup wizard will be presented. Please follow the on screen
instructions by creating the master account. From there you will be presented with the license settings page where a
license can be applied for use (if a license is required you may request one or purchase one by contacting your sales
representative).
1.2. Installation
3
Morpheus Documentation, Release 2.12.4
More details on setting up infrastructure can be found throughout this guide.
Tip: If any issues occur it may be prudent to check the morpheus log for details at /var/log/morpheus/morpheusui/current.
1.2.2 CentOS
To get started installing Morpheus on CentOS/RHEL a few preparatory items should be addressed first.
1. Configure firewalld to allow access from users on port 80 or 443 (Or remove firewall if not required).
2. Make sure the machine is self resolvable to its own hostname.
For RHEL: In order for the guacamole service (remote console) to properly install some additional optional repositories
first need added.
• RHEL 7.x Amazon: yum-config-manager --enable rhui-REGION-rhel-server-optional
• RHEL 7.x: yum-config-manager --enable rhel-7-server-optional-rpms
For Amazon users a redhat subscription is not required if the appropriate yum REGION repository is added instead as
demonstrated above.
Important: If the machine is unable to resolve its own hostname (nslookup hostname) some installation commands will be unable to verify service health during installation and fail.
#. Next simply download the relevant .rpm package for installation. This package can be acquired from your account
rep or via a free trial request from https://www.morpheushub.com.
Tip: Use the wget command to directly download the package to your
appliance server. i.e. wget https://downloads.gomorpheus.com/path/to/package.rpm
1. Next we must install the package onto the machine and configure the morpheus services:
sudo sudo rpm -i morpheus-appliance-x.x.x-1.x86_64.rpm
sudo morpheus-ctl reconfigure
1. Once the installation is complete the web interface will automatically start up. By default it will be resolvable at
https://your_machine_name and in many cases this may not be resolvable from your browser. The url
can be changed by editing /etc/morpheus/morpheus.rb and changing the value of appliance_url.
After this has been changed simply run :
sudo morpheus-ctl reconfigure
sudo morpheus-ctl stop morpheus-ui
sudo morpheus-ctl start morpheus-ui
Note: The morpheus-ui can take 2-3 minutes to startup before it becomes available.
There are additional post install settings that can be viewed in the Advanced section of the guide.
Once the browser is pointed to the appliance a first time setup wizard will be presented. Please follow the on screen
instructions by creating the master account. From there you will be presented with the license settings page where a
4
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
license can be applied for use (if a license is required you may request one or purchase one by contacting your sales
representative).
More details on setting up infrastructure can be found throughout this guide.
Tip: If any issues occur it may be prudent to check the morpheus log for details at /var/log/morpheus/
morpheus-ui/current.
1.2.3 RHEL
To get started installing Morpheus on RHEL 7 a few prerequisite items are required.
The RedHat Enterprise Linux 7 server needs to be registered and activated with Redhat subscription. The server
optional rpms repo needs to be enabled as well.
To check if the server has been actived please run the subscription-manager version. Subscription manager will return
the version plus the python depency version.
If the server has not been registered and activated then the subscription manager version will return the below message.
sudo subscription-manager version server type: This system is currently not
˓→registered subscription management server: 0.9.51.24.-1 subscription-manager: 1.10.
˓→14-7.el7 python-rhsm: 1.10.12-2.el7
When a server has been registered and activated with Redhat the subscription manager will return the below message.
sudo subscription-manager version server type: Red Hat Subscription Management
˓→subscription management server: 0.9.51.24-1 subscription-manager: 1.10.14-7.el7
˓→python-rhsm: 1.10.12-2.el7
If the subscription manager re-turns the message “This system is currently not registered” please follow the below
steps to register the server.
Tip: To register the server you will need to have sudo permissions [Member of the Wheel group] or root access to
the server. You will also need your redhat registered email address and password.
subscription-manager register
sudo subscription-manager register Username: redhat@example.com Password:
˓→subscription-manager auto --attach
Note: This can take a minute to complete
sudo subscription-manager attach --auto
˓→
Installed Product Current Status: Product Name: Red Hat Enterprise Linux Server
Status: Subscribed
To check to see if the RHEL server has the Red Hat Enterprise Linux 7 Server - Optional (RPMs) repo enabled please
run the following command to return the repo status.
1.2. Installation
5
Morpheus Documentation, Release 2.12.4
Tip: To check the server repos you will need to have sudo permissions [Member of the Wheel group] or root access
to the server.
sudo yum repolist all \| grep "rhel-7-server-optional-rpms" rhel-7-server-optional˓→rpms/7Server/x86_64 disabled
If the repo status was returned as disabled then you will need to enable the repo using the subsciption manager like
below.
sudo subscription-manager repos --enable rhel-7-server-optional-rpms
Repo 'rhel-7-server-optional-rpms' is enabled for this system.
The message “Repo ‘rhel-7-server-optional-rpms’ is enabled for this system.” will appear after enabling the repo. This
will confirm that the repo has been enabled.
Next simply download the relevant .rpm package for installation. This package can be acquired from your account
rep or via a free trial request from https://www.morpheusdata.com{[}morheusdata.com].
Tip: Use the wget command to directly download the package to your appliance server. i.e. wget https://
downloads.gomorpheus.com/path/to/package.rpm
Next we must install the package onto the machine and configure the morpheus services:
sudo rpm -i morpheus-appliance_x.x.x-1.amd64.rpm
sudo morpheus-ctl reconfigure
Once the installation is complete the web interface will automatically start up. By default it will be resolvable at
https://your_machine_name and in many cases this may not be resolvable from your browser. The url can
be changed by editing /etc/morpheus/morpheus.rb and changing the value of appliance_url. After this
has been changed simply run:
sudo morpheus-ctl reconfigure
sudo morpheus-ctl stop morpheus-ui
sudo morpheus-ctl start morpheus-ui
Note:
The morpheus-ui can take 2-3 minutes to startup before it becomes available. If stopping the
morphues-ui results in timeout, kill the ui with morpheus-ctl kill morpheus-ui and then start.
There are additional post install settings that can be viewed in the Advanced section of the guide.
Once the browser is pointed to the appliance a first time setup wizard will be presented. Please follow the on screen
instructions by creating the master account. From there you will be presented with the license settings page where a
license can be applied for use (if a license is required you may request one or purchase one by contacting your sales
representative).
More details on setting up infrastructure can be found throughout this guide.
Tip: If any issues occur it may be prudent to check the morpheus log for details at /var/log/morpheus/
morpheus-ui/current.
6
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
1.2.4 Additional Options
There are several additional configuration options during installation that may be performed. For example, Morpheus
provides convenient options for uploading your own SSL certificates as well as externalizing several dependent services.
System Defaults
Morpheus follows several install location conventions. Below is a list of system defaults for convenient management:
Installation Location: /opt/morpheus
• Log Location: /var/log/morpheus ** |morpheus| -UI: /var/log/morpheus/morpheus-ui **
MySQL: /var/log/morpheus/mysql ** NginX: /var/log/morpheus/nginx ** Check Server: /
var/log/morpheus/check-server ** Elastic Search: /var/log/morpheus/elsticsearch **
RabbitMQ: /var/log/morpheus/rabbitmq ** Redis: /var/log/morpheus/redis
• User-defined install/config: /etc/morpheus/morpheus.rb
SSL Certificates
The default installation generates a self-signed SSL certificate. To implement a third-party certificate:
1. Copy the private key and certificate to /etc/morpheus/ssl/your_fqdn_name.key and /etc/
morpheus/ssl/your_fqdn_name.crt respectively.
2. Edit the configuration file /etc/morpheus/morpheus.rb and add the following entries:
NOTE: Both files should be owned by root and only readable by root, also if the server certificate is signed by an
intermediate then you should include the signing chain inside the certificate file.
Next simply reconfigure the appliance and restart nginx:
Additional Configuration Options
There are several other options available to the /etc/morpheus/morpheus.rb file that can be useful when
setting up external service integrations or high availability:
These settings allow one to externally configure and scale mysql, elasticsearch, redis, and rabbitmq which is critical
for a high availability setup.
1.3 Upgrading
Morpheus provides a very simple and convenient upgrade process. In most cases it is simply a matter of installing the
new package on top of itself and reconfiguring the services.
Important: All services except the morpheus-ui must be running during a reconfigure. The morpheus-ui also must
be restarted or stopped and started during an upgrade. Failure to do so will result in errors.
1.3. Upgrading
7
Morpheus Documentation, Release 2.12.4
1.3.1 Debian / Ubuntu
Simply download the latest package or request the latest package from your account service representative.
Then run the install process as follows:
sudo
sudo
sudo
sudo
dpkg -i morpheus-appliance_x.x.x-1.amd64.deb
morpheus-ctl stop morpheus-ui
morpheus-ctl reconfigure
morpheus-ctl start morpheus-ui
This typically is enough to complete a full upgrade. Databases will automatically be migrated upon restart of the
application and service version upgrades will automatically be applied.
1.3.2 CentOS / RHEL
Yum based package upgrades are a little different. In this case we want to run a rpm -U command as the package
manager is slightly different.
sudo
sudo
sudo
sudo
rpm -U morpheus-appliance-x.x.x-1.x86_64.rpm
morpheus-ctl stop morpheus-ui
morpheus-ctl reconfigure
morpheus-ctl start morpheus-ui
Tip: Sometimes it may be necessary to restart all appliance services on the host. In order to do this simply type sudo
morpheus-ctl restart. This will restart ALL services.
1.4 Initial Appliance Setup
1.4.1 Appliance Setup
After installation, log into the appliance at the URL presented upon completion. An initial setup wizard walks through
the first account and user creations.
1. Enter Master Account name
• Typically, the Master Account name is your Company name.
2. Create Master User
• First Name
• Last Name
• Username
• Email Address
• Password * Must be at least 8 characters longs and contain one each of the following: Uppercase letter,
lowercase letter, Number, Special Character
3. Enter Appliance Name & Appliance URL
• The Appliance Name is used for white labeling and as a reference for multi-appliance installations.
8
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
• The Appliance URL is the URL all provisioned instances will report back to. Example: https://example.
morpheusdata.com.
The Appliance URL can be changed later, and also set to different url per cloud integration.
1. Optionally Enable or Disable Backups, Monitoring, or Logs from this screen.
Note: You may adjust these settings from the Administration section.
Note: The Master Account name is the top-level admin account.
Note: The Master User is the system super user and will have full access privileges.
Upon completing of the initial appliance setup, you will be taken to the Admin -> Settings page, where you will add
your License Key.
1.4.2 Add a License Key
In order to provision anything in Morpheus , a Morpheus License Key must be applied.
If you do not already have a license key, one may be requested from https://www.morpheushub.com or from your
Morpheus representative.
In the Administration -> Settings section, select the LICENSE tab, paste your License Key and click “UPDATE”
1.4. Initial Appliance Setup
9
Morpheus Documentation, Release 2.12.4
When the license is accepted, your license details will populate in the Current License section.
If you receive an error message and your license is not accepted, please check it was copied in full and then contact
your Morpheus representative. You can also verify the License Key and expiration at https://www.morpheushub.com.
1.5 Advanced Configuration
Morpheus provides more advanced configuration capabilities, including High Availability configurations, and support
for tougher network environments with offline installation and Proxy configurations.
1.5.1 Offline Installer
For customers that have an appliance behind a firewall/proxy that does not allow downloads from our Amazon download site, you can have the offline package to add the needed packages the standard Morpheus installer would have
downloaded.
Offline Installer Requirements
• NTP should be correctly configured an the server is able to connect to the NTP server in the ntp.conf file.
• The OS package repositories should be configured to use local LAN repository servers or the server should be
able to receive packages from the configured repositories.
• The standard Morpheus and offline packages must be downloaded from another system and transferred to the
Morpheus Appliance server.
Note: The offline package is linked 1-to-1 to the appliance release. For example the offline package for 2.12.2-1
should be used with the appliance package 2.12.2-1
Offline Install
Ubuntu
1. Download both the regular Morpheus Appliance package and the Offline Installer packages on to the appliance
server:
wget http://example_url/morpheus-appliance_package_url.deb
wget http://example_url/morpheus-appliance_package_offline_url.deb
2. Install the appliance package. DO NOT run morpheus-ctl reconfigure yet.
sudo dpkg -i morpheus-appliance_version_amd64.deb
3. Install the offline package using dpkg -i morpheus-appliance-offline_2.12.2~rc1-1_all.deb.
sudo dpkg -i morpheus-appliance-offline_version_all.deb.
4. Set the Morpheus UI applaicne url (if needed, hostname will be automatically set).
sudo vi /etc/morpheus/morpheus.rb
edit appliance_url to resolvable url (if not configured correctly by default)
10
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
5. Reconfigure the appliance to install required packages
sudo morpheus-ctl reconfigure
The Chef run should complete successfully.
There is a small pause when Chef runs the resource remote_file[package_name] action create while Chef verifies the checksum. After the reconfigure is complete, the
morpheus-ui will start and be up in a few minutes.
Note: Tail the morpheus-ui log file with morpheus-ctl tail morpheus-ui and look for the Morpheus ascii
logo to know when the morpheus-ui is up.
CentOS
1. Download both the regular Morpheus Appliance package and the Offline Installer packages on to the appliance
server:
wget http://example_url/morpheus-appliance_package_url.noarch.rpm
wget http://example_url/morpheus-appliance_package_offline_url.noarch.rpm
2. Install the appliance package. DO NOT run morpheus-ctl reconfigure yet.
sudo rpm -i morpheus-appliance_version_amd64.rpm
3. Install the offline package using rpm -i morpheus-appliance-offline_2.12.2~rc1-1_all.rpm
sudo rpm -i morpheus-appliance-offline_version_all.rpm
4. Set the Morpheus UI applaicne url (if needed, hostname will be automatically set). Edit appliance_url to resolvable url (if not configured correctly by default)
sudo vi /etc/morpheus/morpheus.rb
5. Reconfigure the appliance to install required packages
sudo morpheus-ctl reconfigure
The Chef run should complete successfully.
There is a small pause when Chef runs the resource remote_file[package_name] action create while Chef verifies the checksum. After the reconfigure is complete, the
morpheus-ui will start and be up in a few minutes.
Note: Tail the morpheus-ui log file with morpheus-ctl tail morpheus-ui and look for the Morpheus ascii
logo to know when the morpheus-ui is up.
1.5.2 Proxies
Overview
In many situations , companies deploy virtual machines in proxy restricted environments for things such as PCI Compliance, or just general security. As a result of this Morpheus provides out of the box support for proxy connectivity.
Proxy authentication support is also provided with both Basic Authentication capabilities as well as NTLM for Windows Proxy environments. Morpheus is even able to configure virtual machines it provisions to utilize these proxies
1.5. Advanced Configuration
11
Morpheus Documentation, Release 2.12.4
by setting up the operating systems proxy settings directly (restricted to cloud-init based Linux platforms for now, but
can also be done on windows based platforms in a different manner).
To get started with Proxies, it may first be important to configure the Morpheus appliance itself to have access to
proxy communication for downloading service catalog images. To configure this, visit the Admin -> Settings page
where a section labeled “Proxy Settings” is located. Fill in the relevant connection info needed to utilize the proxy. It
may also be advised to ensure that the Linux environment’s http_proxy, https_proxy, and no_proxy are set
appropriately.
Defining Proxies
Proxies can be used in a few different contexts and optionally scoped to specific networks with which one may be
provisioning into or on a cloud integration as a whole. To configure a Proxy for use by the provisioning engines within
Morpheus we must go to Infrastructure -> Networks -> Proxies. Here we can create records representing connection information for various proxies. This includes the host ip address, proxy port, and any credentials
(if necessary) needed to utilize the proxy. Now that these proxies are defined we can use them in various contexts.
Cloud Communication
When morpheus needs to connect to various cloud APIs to issue provisioning commands or to sync in existing environments, we need to ensure that those api endpoints are accessible by the appliance. In some cases the appliance may
be behind a proxy when it comes to public cloud access like Azure and AWS. To configure the cloud integration to
utilize aa proxy, when adding or editing a cloud there is a setting called “API Proxy” under “Advanced Options”. This
is where the proxy of choice can be selected to instruct the Provisioning engine how to communicate with the public
cloud. Simply adjust this setting and the cloud should start being able to receive/issue instructions.
Provisioning with Proxies
Proxy configurations can vary from operating system to operating system and in some cases it is necessary for these to
be configured in the templates as a prerequisite. In other cases it can also be configured automatically. Mostly with the
use of cloud-init (which all of our out of the box service catalog utilizes on all clouds). When editing/creating a cloud
there is a setting for “Provisioning Proxy” in “Provisioning Options”. If this proxy is set, Morpheus will automatically
apply these proxy settings to the guest operating system.
Overriding proxy settings can also be done on the Network record. Networks (or subnets) can be configured in
Infrastructure -> Networks or on the Networks tab of the relevant Cloud detail page. Here, a proxy can
also be assigned as well as additional options like the No Proxy rules for proxy exceptions.
Docker
When provisioning Docker based hosts within a Proxy environment it is up to the user to configure the docker hosts
proxy configuration manually. There are workflows that can be configured via the Automation engine to make this
automatic when creating docker based hosts. Please see documentation on Docker and proxies for specific information.
Proxy setups can vary widely from company to company, and it may be advised to contact support for help configuring
morpheus to work in the proxy environment.
12
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
1.6 High Availability Configuration
1.6.1 Overview
Morpheus provides a wide array of options when it comes to deployment architectures. It can start as a simple
one machine instance where all services run on the same machine, or it can be split off into individual services per
machine and configured in a high availability configuration, either in the same region or cross-region. Naturally, high
availability can grow more complicated, depending on the configuration you want to do and this article will cover the
basic concepts of the Morpheus HA architecture that can be used in a wide array of configurations.
There are four primary tiers of services represented within the Morpheus appliance. They are the App Tier, Transactional Database Tier, Non-Transactional Database Tier, and Message Tier. Each of these tiers have their own recommendations for High availability deployments that we need to cover.
Important: This is a sample configuration only. Customer configurations and requirements will vary.
Transactional Database Tier
The Transactional database tier usually consists of a MySQL compatible database. It is recommended that a lockable
clustered configuration be used (Currently Percona XtraDB Cluster is the most recommended in Permissive Mode).
1.6. High Availability Configuration
13
Morpheus Documentation, Release 2.12.4
There are several documents online related to configuring and setting up an XtraDB Cluster but it most simply can
be laid out in a many master configuration. There can be some nodes setup with replication delay as well as some
with no replication delay. It is common practice to have no replication delay within the same region and allow some
replication delay cross region. This does increase the risk of job run overlap between the 2 regions however, the
concurrent operations typically self-correct and this is a non-issue.
Non-Transactional Database Tier
The Non-Transactional tier consists of an ElasticSearch (version 1.6) cluster. Elastic Search is used for log aggregation
data and temporal aggregation data (essentially stats, metrics, and logs). This enables for a high write throughput at
scale. ElasticSearch is a Clustered database meaning all nodes no matter the region need to be connected to each other
over what they call a “Transport” protocol. It is fairly simple to get setup as all nodes are identical. It is also a java
based system and does require a sizable chunk of memory for larger data sets. (8gb) is recommended and more nodes
can be added to scale either horizontally or vertically.
Messaging Tier
The Messaging tier is an AMQP based tier along with STOMP Protocol (used for agent communication). The primary
model recommended is to use RabbitMQ for queue services. RabbitMQ is also a clustered based queuing system
and needs at least 3 instances for HA configurations. This is due to elections in the failover scenarios rabbitmq can
manage. If doing a cross-region HA rabbitmq cluster it is recommended to have at least 3 rabbit queue clusters per
region. Typically to handle HA a RabbitMQ cluster should be placed between a load balancer and the front-end
application server to handle cross host connections. The ports necessary to forward in a Rabbit MQ cluster are (5672,
and 61613). A rabbitmq cluster can run on smaller memory machines depending on how frequent large requests bursts
occur. 4–8gb of Memory is recommended to start.
Application Tier
The application tier is easily installed with the same debian or yum repository package that Morpheus is normally
distributed with. Advanced configuration allows for the additional tiers to be skipped and leave only the “stateless”
services that need run. These stateless services include Nginx, Tomcat, and Redis (to be phased out at a later date).
These machines should also have at least 8gb of Memory. They can be configured across all regions and placed behind
a central load-balancer or Geo based load-balancer. They typically connect to all other tiers as none of the other
tiers talk to each other besides through the central application tier. One final piece when it comes to setting up the
Application tier is a shared storage means is necessary when it comes to maintaining things like deployment archives,
virtual image catalogs, backups, etc. These can be externalized to an object storage service such as amazon S3 or
Openstack Swiftstack as well. If not using those options a simple NFS cluster can also be used to handle the shared
storage structure.
14
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
1.6.2 Database Tier
Installation and configuration of Percona XtraDB Cluster on CentOS/RHEL 7
Important: This is a sample configuration only. Customer configurations and requirements will vary.
Requirements
Percona requires the following ports for the cluster nodes. Please create the appropriate firewall rules on your Percona
nodes.
• 3306
• 4444
• 4567
• 4568
1.6. High Availability Configuration
15
Morpheus Documentation, Release 2.12.4
Percona also recommends setting the selinux policy to permissive. You can temporarily set the permission to permissive by running
sudo setenforce 0
You will need to edit the selinux configuration file if you want the permission to take affect permanently which can be
found in /etc/selinux/config
Add Percona Repo
1. Add the percona repo to your Linux Distro.
sudo yum install http://www.percona.com/downloads/percona-release/redhat/0.1-4/
˓→percona-release-0.1-4.noarch.rpm
2. Check the repo by running the below command.
sudo yum list | grep percona
3. The below commands will clean the repos and update the server.
sudo yum clean all
sudo yum update -y
Installing Percona XtraDB Cluster
1. The below command will install the Percona XtraDB Cluster software and it’s dependences.
sudo yum install Percona-XtraDB-Cluster-57
NOTE:: During the installation you will receive the below message. Accept the
˓→Percona PGP key to install the software.
retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Percona
Importing GPG key 0xCD2EFD2A:
Userid
: "Percona MySQL Development Team <mysql-dev@percona.com>"
Fingerprint: 430b df5c 56e7 c94e 848e e60c 1c4c bdcd cd2e fd2a
Package
: percona-release-0.1-4.noarch (installed)
From
: /etc/pki/rpm-gpg/RPM-GPG-KEY-Percona
Is this ok [y/N]: y
2. Next we need enable the mysql service so that the service started at boot.
sudo systemctl enable mysql
3. Next we need to start mysql
sudo systemctl start mysql
4. Next we will log into the mysql server and set a new password. To get the temporary root mysql password you
will need to run the below command.The command will print the password to the screen. Copy the password.
sudo grep 'temporary password' /var/log/mysqld.log
5. Login to mysql
16
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
mysql -u root -p
password: `enter password copied above`
6. Change the root user password to the mysql db
ALTER USER 'root'@'localhost' IDENTIFIED BY 'MySuperSecurePasswordhere';
7. Create the sstuser user and grant the permissions.
mysql> CREATE USER 'sstuser'@'localhost' IDENTIFIED BY 'M0rpheus17';
Note: The sstuser and password will be used in the /etc/my.cnf configuration.
mysql> GRANT RELOAD, LOCK TABLES, PROCESS, REPLICATION CLIENT ON *.* TO 'sstuser'@
˓→'localhost';
mysql> FLUSH PRIVILEGES;
8. Exit mysql then stop the mysql services:
mysql> exit
Bye
$ sudo systemctl stop mysql.service
9. Now install the Percona software on to the other nodes using the same steps.
Once the service is stopped on all nodes move onto the next step.
Add [mysqld] to my.cnf in /etc/
1. Copy the below contents to /etc/my.cnf. The node_name and node_address needs to be unique on each of
the nodes. The first node does not require the gcomm value to be set.
$ sudo vi /etc/my.cnf
[mysqld]
wsrep_provider=/usr/lib64/galera3/libgalera_smm.so
wsrep_cluster_name=popeye
wsrep_cluster_address=gcomm:// #Leave blank for Master Node. The other nodes
˓→require this field. Enter the IP address of the primary node first then
˓→remaining nodes. Separating the ip addresses with commas like this 10.30.20.196,
˓→10.30.20.197,10.30.20.198##
wsrep_node_name=morpheus-node01
wsrep_node_address=10.30.20.57
wsrep_sst_method=xtrabackup-v2
wsrep_sst_auth=sstuser:M0rpheus17
pxc_strict_mode=PERMISSIVE
binlog_format=ROW
default_storage_engine=InnoDB
innodb_autoinc_lock_mode=2
1.6. High Availability Configuration
17
Morpheus Documentation, Release 2.12.4
2. Save /etc/my.cnf
Bootstrapping the first Node in the cluster
Important: Ensure mysql.service is stopped prior to bootstrap.
1. To bootstrap the first node in the cluster run the below command.
systemctl start mysql@bootstrap.service
Note: The mysql service will start during the boot strap.
2. To verify the bootstrap, on the master node login to mysql and run show status like 'wsrep%';
# mysql -u root -p
mysql> show status like 'wsrep%';
+----------------------------------+--------------------------------------+
| Variable_name
| Value
|
+----------------------------------+--------------------------------------+
| wsrep_local_state_uuid
| 591179cb-a98e-11e7-b9aa-07df8a228fe9 |
| wsrep_protocol_version
| 7
|
| wsrep_last_committed
| 1
|
| wsrep_replicated
| 0
|
| wsrep_replicated_bytes
| 0
|
| wsrep_repl_keys
| 0
|
| wsrep_repl_keys_bytes
| 0
|
| wsrep_repl_data_bytes
| 0
|
| wsrep_repl_other_bytes
| 0
|
| wsrep_received
| 2
|
| wsrep_received_bytes
| 141
|
| wsrep_local_commits
| 0
|
| wsrep_local_cert_failures
| 0
|
| wsrep_local_replays
| 0
|
| wsrep_local_send_queue
| 0
|
| wsrep_local_send_queue_max
| 1
|
| wsrep_local_send_queue_min
| 0
|
| wsrep_local_send_queue_avg
| 0.000000
|
| wsrep_local_recv_queue
| 0
|
| wsrep_local_recv_queue_max
| 2
|
| wsrep_local_recv_queue_min
| 0
|
| wsrep_local_recv_queue_avg
| 0.500000
|
| wsrep_local_cached_downto
| 0
|
| wsrep_flow_control_paused_ns
| 0
|
| wsrep_flow_control_paused
| 0.000000
|
| wsrep_flow_control_sent
| 0
|
| wsrep_flow_control_recv
| 0
|
| wsrep_flow_control_interval
| [ 100, 100 ]
|
| wsrep_flow_control_interval_low | 100
|
| wsrep_flow_control_interval_high | 100
|
| wsrep_flow_control_status
| OFF
|
| wsrep_cert_deps_distance
| 0.000000
|
| wsrep_apply_oooe
| 0.000000
|
| wsrep_apply_oool
| 0.000000
|
18
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
| wsrep_apply_window
| 0.000000
|
| wsrep_commit_oooe
| 0.000000
|
| wsrep_commit_oool
| 0.000000
|
| wsrep_commit_window
| 0.000000
|
| wsrep_local_state
| 4
|
| wsrep_local_state_comment
| Synced
|
| wsrep_cert_index_size
| 0
|
| wsrep_cert_bucket_count
| 22
|
| wsrep_gcache_pool_size
| 1320
|
| wsrep_causal_reads
| 0
|
| wsrep_cert_interval
| 0.000000
|
| wsrep_ist_receive_status
|
|
| wsrep_ist_receive_seqno_start
| 0
|
| wsrep_ist_receive_seqno_current | 0
|
| wsrep_ist_receive_seqno_end
| 0
|
| wsrep_incoming_addresses
| 10.30.20.196:3306
|
| wsrep_desync_count
| 0
|
| wsrep_evs_delayed
|
|
| wsrep_evs_evict_list
|
|
| wsrep_evs_repl_latency
| 0/0/0/0/0
|
| wsrep_evs_state
| OPERATIONAL
|
| wsrep_gcomm_uuid
| 07c8c8fe-a998-11e7-883e-06949cfe5af3 |
| wsrep_cluster_conf_id
| 1
|
| wsrep_cluster_size
| 1
|
| wsrep_cluster_state_uuid
| 591179cb-a98e-11e7-b9aa-07df8a228fe9 |
| wsrep_cluster_status
| Primary
|
| wsrep_connected
| ON
|
| wsrep_local_bf_aborts
| 0
|
| wsrep_local_index
| 0
|
| wsrep_provider_name
| Galera
|
| wsrep_provider_vendor
| Codership Oy <info@codership.com>
|
| wsrep_provider_version
| 3.22(r8678538)
|
| wsrep_ready
| ON
|
+----------------------------------+--------------------------------------+
67 rows in set (0.01 sec)
A table will appear with the status and rows.
3. Next Create the Database you will be using with morpheus.
mysql> CREATE DATABASE morpheusdb;
mysql> show databases;
4. Next create your morpheus database user. The user needs to be either at the IP address of the morpheus application server or use @’%’ within the user name to allow the user to login from anywhere.
mysql> CREATE USER 'morpheusadmin'@'%' IDENTIFIED BY 'Cloudy2017';
5. Next Grant your new morpheus user permissions to the database.
mysql> GRANT ALL PRIVILEGES ON * . * TO 'morpheusadmin'@''%' IDENTIFIED BY
˓→'Cloudy2017' with grant option;
mysql> FLUSH PRIVILEGES;
6. Checking Permissions for your user.
1.6. High Availability Configuration
19
Morpheus Documentation, Release 2.12.4
SHOW GRANTS FOR 'morpheusadmin'@''%'';
Bootstrap the Remaining Nodes
1. To bootstrap the remaining nodes into the cluster run the following command on each node:
sudo systemctl start mysql.service
The services will automatically connect to the cluster using the sstuser we created earlier.
Note: Bootstrap failures are commonly caused by misconfigured /etc/my.cnf files.
Verification
1. To verify the cluster, on the master login to mysql and run show status like 'wsrep%';
$ mysql -u root -p
mysql>
show status like 'wsrep%';
+----------------------------------+---------------------------------------------˓→---------+
| Variable_name
| Value
˓→
|
+----------------------------------+--------------------------------------------˓→----------+
| wsrep_local_state_uuid
| 591179cb-a98e-11e7-b9aa-07df8a228fe9
˓→
|
| wsrep_protocol_version
| 7
˓→
|
| wsrep_last_committed
| 4
˓→
|
| wsrep_replicated
| 3
˓→
|
| wsrep_replicated_bytes
| 711
˓→
|
| wsrep_repl_keys
| 3
˓→
|
| wsrep_repl_keys_bytes
| 93
˓→
|
| wsrep_repl_data_bytes
| 426
˓→
|
| wsrep_repl_other_bytes
| 0
˓→
|
| wsrep_received
| 10
˓→
|
| wsrep_received_bytes
| 774
˓→
|
| wsrep_local_commits
| 0
˓→
|
| wsrep_local_cert_failures
| 0
˓→
|
| wsrep_local_replays
| 0
˓→
|
20
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
| wsrep_local_send_queue
|
| wsrep_local_send_queue_max
˓→
|
| wsrep_local_send_queue_min
˓→
|
| wsrep_local_send_queue_avg
˓→
|
| wsrep_local_recv_queue
˓→
|
| wsrep_local_recv_queue_max
˓→
|
| wsrep_local_recv_queue_min
˓→
|
| wsrep_local_recv_queue_avg
˓→
|
| wsrep_local_cached_downto
˓→
|
| wsrep_flow_control_paused_ns
˓→
|
| wsrep_flow_control_paused
˓→
|
| wsrep_flow_control_sent
˓→
|
| wsrep_flow_control_recv
˓→
|
| wsrep_flow_control_interval
˓→
|
| wsrep_flow_control_interval_low
˓→
|
| wsrep_flow_control_interval_high
˓→
|
| wsrep_flow_control_status
˓→
|
| wsrep_cert_deps_distance
˓→
|
| wsrep_apply_oooe
˓→
|
| wsrep_apply_oool
˓→
|
| wsrep_apply_window
˓→
|
| wsrep_commit_oooe
˓→
|
| wsrep_commit_oool
˓→
|
| wsrep_commit_window
˓→
|
| wsrep_local_state
˓→
|
| wsrep_local_state_comment
˓→
|
| wsrep_cert_index_size
˓→
|
| wsrep_cert_bucket_count
˓→
|
| wsrep_gcache_pool_size
˓→
|
| 0
˓→
1.6. High Availability Configuration
| 1
| 0
| 0.000000
| 0
| 2
| 0
| 0.100000
| 2
| 0
| 0.000000
| 0
| 0
| [ 173, 173 ]
| 173
| 173
| OFF
| 1.000000
| 0.000000
| 0.000000
| 1.000000
| 0.000000
| 0.000000
| 1.000000
| 4
| Synced
| 1
| 22
| 2413
21
Morpheus Documentation, Release 2.12.4
| wsrep_causal_reads
| 0
|
| wsrep_cert_interval
| 0.000000
˓→
|
| wsrep_ist_receive_status
|
˓→
|
| wsrep_ist_receive_seqno_start
| 0
˓→
|
| wsrep_ist_receive_seqno_current | 0
˓→
|
| wsrep_ist_receive_seqno_end
| 0
˓→
|
| wsrep_incoming_addresses
| 10.30.20.196:3306,10.30.20.197:3306,10.30.
˓→20.198:3306 |
| wsrep_desync_count
| 0
˓→
|
| wsrep_evs_delayed
|
˓→
|
| wsrep_evs_evict_list
|
˓→
|
| wsrep_evs_repl_latency
| 0/0/0/0/0
˓→
|
| wsrep_evs_state
| OPERATIONAL
˓→
|
| wsrep_gcomm_uuid
| 07c8c8fe-a998-11e7-883e-06949cfe5af3
˓→
|
| wsrep_cluster_conf_id
| 3
˓→
|
| wsrep_cluster_size
| 3
˓→
|
| wsrep_cluster_state_uuid
| 591179cb-a98e-11e7-b9aa-07df8a228fe9
˓→
|
| wsrep_cluster_status
| Primary
˓→
|
| wsrep_connected
| ON
˓→
|
| wsrep_local_bf_aborts
| 0
˓→
|
| wsrep_local_index
| 1
˓→
|
| wsrep_provider_name
| Galera
˓→
|
| wsrep_provider_vendor
| Codership Oy <info@codership.com>
˓→
|
| wsrep_provider_version
| 3.22(r8678538)
˓→
|
| wsrep_ready
| ON
˓→
|
+----------------------------------+--------------------------------------------˓→----------+
˓→
2. Verify that you can login to the MSQL server by running the below command on the Morpheus Application
server(s).
mysql -u morpheusadmin -p
-h 192.168.10.100
Note: This command requires mysql client installed. If you are on a windows machine you can connect to the
22
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
server using mysql work bench which can be found here https://www.mysql.com/products/workbench/
1.6.3 RabbitMQ Cluster
RabbitMQ Installation and Configuration
Important: This is a sample configuration only. Customer configurations and requirements will vary.
Prerequisites
yum install epel-release
yum install erlang
Install RabbitMQ on the 3 nodes
wget https://dl.bintray.com/rabbitmq/rabbitmq-server-rpm/rabbitmq-server-3.6.12-1.el7.
˓→noarch.rpm
rpm --import https://www.rabbitmq.com/rabbitmq-release-signing-key.asc
yum -y install rabbitmq-server-3.6.12-1.el7.noarch.rpm
chkconfig rabbitmq-server on
rabbitmq-server -detached
On Node 1:
cat /var/lib/rabbitmq/.erlang.cookie
Copy this value
On Nodes 2 & 3:
1. Overwrite /var/lib/rabbitmq/.erlang.cookie with value from previous step and change its permissions using the
follow commands.
chown rabbitmq:rabbitmq /var/lib/rabbitmq/*
chmod 400 /var/lib/rabbitmq/.erlang.cookie
2. edit /etc/hosts file to refer to shortname of node 1
example:
10.30.20.100 rabbit-1
1.6. High Availability Configuration
23
Morpheus Documentation, Release 2.12.4
3. Run the commands to join each node to the cluster
rabbitmqctl stop
rabbitmq-server -detached
rabbitmqctl stop_app
rabbitmqctl join_cluster rabbit@<<node 1 shortname>>
rabbitmqctl start_app
On Node 1:
rabbitmqctl add_user <<admin username>> <<password>>
rabbitmqctl set_permissions -p / <<admin username>> ".*" ".*" ".*"
rabbitmqctl set_user_tags <<admin username>> administrator
On All Nodes:
rabbitmq-plugins enable rabbitmq_stomp
1.6.4 Elasticsearch
Install 3 node Elasticsearch Cluster on Centos 7
Important: This is a sample configuration only. Customer configurations and requirements will vary.
Requirements
1. Three Existing CentOS 7+ nodes accessible to the Morpheus Appliance
2. Install Java on each node
You can install the latest OpenJDK with the command:
sudo yum install java-1.8.0-openjdk.x86_64
To verify your JRE is installed and can be used, run the command:
java -version
The result should look like this:
Output of java -version
openjdk version "1.8.0_65"
OpenJDK Runtime Environment (build 1.8.0_65-b17)
OpenJDK 64-Bit Server VM (build 25.65-b01, mixed mode)
24
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
Installation
1. Download and Install Elasticsearch
Elasticsearch can be downloaded directly from elastic.co in zip, tar.gz, deb, or rpm packages. For CentOS, it’s
best to use the native rpm package which will install everything you need to run Elasticsearch. Download it in
a directory of your choosing with the command:
wget https://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-1.7.3.
˓→noarch.rpm
Then install it in the usual CentOS way with the rpm command like this:
sudo rpm -ivh elasticsearch-1.7.3.noarch.rpm
This results in Elasticsearch being installed in /usr/share/elasticsearch/ with its configuration files placed in
/etc/elasticsearch and its init script added in /etc/init.d/elasticsearch.
To make sure Elasticsearch starts and stops automatically, add its init script to the default runlevels with the
command:
sudo systemctl enable elasticsearch.service
2. Configuring Elastic
Now that Elasticsearch and its Java dependencies have been installed, it is time to configure Elasticsearch.
The Elasticsearch configuration files are in the /etc/elasticsearch directory. There are two files:
sudo vi /etc/elasticsearch/elasticsearch.yml
elasticsearch.yml Configures the Elasticsearch server settings. This is where all options, except those for
logging, are stored, which is why we are mostly interested in this file.
logging.yml Provides configuration for logging. In the beginning, you don’t have to edit this file. You can leave
all default logging options. You can find the resulting logs in /var/log/elasticsearch by default.
The first variables to customize on any Elasticsearch server are node.name and cluster.name in elasticsearch.yml.
As their names suggest, node.name specifies the name of the server (node) and the cluster to which the latter is
associated.
Node 1
cluster.name: morpheusha1
node.name: "morpheuses1"
discovery.zen.ping.unicast.hosts: ["10.30.20.91","10.30.20.149","10.30.20.165"]
Node 2
cluster.name: morpheusha1
node.name: "morpheuses2"
discovery.zen.ping.unicast.hosts: ["10.30.20.91","10.30.20.149","10.30.20.165"]
Node 3
cluster.name: morpheusha1
node.name: "morpheuses3"
discovery.zen.ping.unicast.hosts: ["10.30.20.91","10.30.20.149","10.30.20.165"]
For the above changes to take effect, you will have to restart Elasticsearch with the command:
1.6. High Availability Configuration
25
Morpheus Documentation, Release 2.12.4
sudo service elasticsearch restart
3. Testing
By now, Elasticsearch should be running on port 9200. You can test it with curl, the command line client-side
URL transfers tool and a simple GET request like this:
[~]$ sudo curl -X GET 'http://10.30.20.149:9200'
{
"status" : 200,
"name" : "morpheuses1",
"cluster_name" : "morpheusha1",
"version" : {
"number" : "1.7.3",
"build_hash" : "05d4530971ef0ea46d0f4fa6ee64dbc8df659682",
"build_timestamp" : "2015-10-15T09:14:17Z",
"build_snapshot" : false,
"lucene_version" : "4.10.4"
},
1.6.5 Application Tier
Morpheus configuration is controlled by a configuration file located at /etc/morpheus/morpheus.rb. This file is read
when you run morpheus-ctl reconfigure after installing the appliance package. Each section is tied to a deployment
tier: database is mysql, message queue is rabbitmq, search index is elasticsearch. There are no entries for the web and
application tiers since those are part of the core application server where the configuration file resides.
1. Download and install the Morpheus Appliance Package
2. Next we must install the package onto the machine and configure the morpheus services:
sudo sudo rpm -i morpheus-appliance-x.x.x-1.x86_64.rpm
1. After installing and prior to reconfiguring, edit the morpheus.rb file
sudo vi /etc/morpheus/morpheus.rb
Change the values to match your configured services:
Note: The values below are examples. Update hosts, ports, usernames and password with your specifications.
Only include entries for services you wish to externalize.
mysql['enable'] = false
mysql['host'] = {'10.30.20.139' => 3306, '10.30.20.153' => 3306,
˓→=> 3306}
mysql['morpheus_db'] = 'morpheusdb'
mysql['morpheus_db_user'] = 'morpheusadmin'
mysql['morpheus_password'] = 'morpheus4admin!'
rabbitmq['enable'] = false
rabbitmq['vhost'] = 'morph'
rabbitmq['queue_user'] = 'lbuser'
rabbitmq['queue_user_password'] = 'morpheus4admin'
rabbitmq['host'] = 'morpheus-ha-mq-lb-1.den.morpheusdata.com'
rabbitmq['port'] = '5672'
rabbitmq['stomp_port'] = '61613'
26
'10.30.20.196'
Chapter 1. Getting Started
Morpheus Documentation, Release 2.12.4
rabbitmq['heartbeat'] = 50
elasticsearch['enable'] = false
elasticsearch['cluster'] = 'morpheusha1'
elasticsearch['es_hosts'] = {'10.30.20.91' => 9300, '10.30.20.149' => 9300, '10.
˓→30.20.165' => 9300}
2. Reconfigure Morpheus
sudo morpheus-ctl reconfigure
1.6. High Availability Configuration
27
Morpheus Documentation, Release 2.12.4
28
Chapter 1. Getting Started
CHAPTER
2
Provisioning
There are several capabilities in the Morpheus provisioning engine. Things ranging from application / service deployments via containers, virtual machines, and even bare metal. Deployment management and app template construction
are also core aspects of the provisioning engine. Take advantage of custom tasks and workflows within any environment by building tasks and workflows from those tasks. There is a lot of information to cover with regards to
provisioning but Morpheus makes it intuitive and smooth.
2.1 Provisioning Concepts
Morpheus is a powerful infrastructure agnostic Cloud Application Management Platform. As a result of this there are
some differing concepts compared to other CMP platforms in the space. It is here that it is important to notice the
qualification difference between Morpheus and other platforms.
Morpheus refers to itself as a CAMP (Cloud Application Management Platform) as opposed to a (Cloud Management
Platform). While that may seem minor, it actually is a big deal. Many CMP based applications start at the IaaS layer
and work up to the application layer (often needing additional PaaS) architectures to fill out the model. Morpheus was
designed from a middle-ground perspective. As such some concepts are a bit different. This provides a more complete
platform that allows for greater capabilities out of the box as will be seen when these concepts are covered.
2.1.1 Instances
Morpheus starts with provisioning Instances. In some platforms an Instance is representative of a singular object like
a “Virtual Machine” in Amazon. In Morpheus , this concept was rethought. An Instance is more of a representation
of a Resource or Service. This service may involve several virtual machines or even several docker containers.
For example, in the morpheus Instance wizard Mongo is an option and contains several “Instance Configurations”. One
of these configurations is a full Mongo cluster consisting of either seven virtual machines or seven docker containers.
Rather than representing these directly as seven individual “instances”, Morpheus groups them together into a singular
instance of a service that contains multiple containers or virtual machines. This even allows for instance actions that
can be performed to expand capacity on an instance (either horizontally or vertically). In the past, a database server
may have been representative of a singular server, but this model has drastically changed in a big data world. This
29
Morpheus Documentation, Release 2.12.4
same concept also can apply to something like a simple Apache web server where there are 10 copies of a web server
horizontally scaled out to handle traffic.
When viewing an instance detail page, one is able to look at details/statistics specific to a virtual machine or container.
Morpheus simply helps simplify the management model for tracking these services.
2.1.2 Containers / Nodes / Virtual Machines
In relation to Instances, an instance can have many nodes. A node is a generic representation of a container or
a virtual machine. In most cases, Morpheus will represent a node as a Container or Virtual Machine depending on
the provisioning engine used for the instance. Node is just a generic naming representation when referring to these
types of items. The public developer API, however, often refers to both virtual machines and docker containers as
Containers. The UI was since updated to better deliniate this concept for easier understanding but In essence the
name is valid for both concepts of containerized environments as well as Virtual Machines. In fact, one can even think
of a Docker Host as a Hypervisor (which we do).
2.1.3 Hosts / Servers
This concept is mostly tailored to users of morpheus responsible for managing and maintaining the underlying infrastructure integrations. A Host typically refers to a Docker Host in which a container in an instance is running, or a
hypervisor virtual machines can be provisioned onto. A Server is the underlying general representation of a physical
or virtual server. It could be a Host representation , a Virtual Machine, or even a Bare Metal delineation.
When a user provisions a vm based instance, a corresponding server record is created to represent the link to the actual
resource via the underlying provisioning engine. This may seem a bit odd but provides an aspect of Morpheus that
is quite powerful. This singular concept is what allows Morpheus to injest “Brownfield” environments. We do not
need to start clean. Morpheus can be integrated into existing environments and manage existing virtual machines.
The way Morpheus does this is by periodically syncing existing vms from the added cloud integrations. A server
record will be created and periodically updated (5 minutes typically) with realtime information and changes. This,
in essence, provides CMDB based capabilities as well. When a server is discovered, the user (given the appropriate
access) can convert the virtual machine to a managed instance. When this is done a corresponding Instance is made in
the provisioning section of Morpheus and the Morpheus Agent can also optionally be installed to provide more refined
guest operating system level statistics and logging.
2.1.4 Apps
On top of all the previous concept, Morpheus provides an Apps layer. An App is a collection of Instances linked
together via application tiers. Tiers allow the user to define segregated sections of connectivity between the various
elements / instances within an application. Once these instances are all linked together in an application concept,
this may affect Instance environments and provide service discovery capabilities for them to cross connect. There are
several service discovery aspects within morpheus as well as integrations with services like Consul.
2.1.5 Templates
A template is typically referred to as an Application Template. It allows a user to define an application structure for
easy reproducibility and deployment into various environments. They can be used to mix and match various instance
types to provision an application dependent on multiple layers of services.
30
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
2.2 Instances
Instances is a great starting point for taking advantage of self service features and spinning up both VM’s and containers. In Morpheus it may be advisable to cover the definition of a few terms used within the application so as to reduce
confusion.
Instance A set of containers or virtual machines that can correlate to a single horizontally scalable entity or a service
suite like a database. (It is important to note that an instance can contain one or more containers/vms depending
on the instance type and configuration).
Container Typically a docker container provisioned via a Morpheus Docker host.
Virtual Machine A virtualized compute server provisioned onto various hypervisor hosts.
The top of the main Instances page shows overall statistic for the listed Instances, including count, status, and resource
utilization. You can search for instances by name, or filter by group, instance type, or category.
Note: Instances listed are determined by group access and role permissions.
The Instance list contains important information about each instance, including the instance name, environment tag,
instance type icon, ip and port info, instance version, the number of virtual machines or containers in the instance, the
group the instance is in, and the cloud or clouds the instance is in.
2.2.1 Creating Instances
The instance catalog is the one stop shop for selecting items to be provisioned and pieced together. It contains not
only basic container and vm options but also tailored services for SQL databases, NoSQL databases, cache stores,
message busses, web servers, and even full fledged apps. The list contains a lot of items to choose from and they are
represented to the user based on what provisioning engines are enabled and integrated in the Morpheus environment.
To get started, simply click the + Add Instance button in the upper right of the Provisioning ->
Instances section. A modal will display allowing the catalog to be searched. Once an item is selected it is just a
matter of following the steps through the wizard.
Tip: The instance catalog can be customized via role based access control thereby restricting access to non sanctioned
catalog items, as well as added to via the Provisioning -> Library section. It is completely customizable.
The next step will ask for a Group and Cloud to be selected. The Group is an abstract representation that can contain
multiple cloud integrations. These cloud integrations can also be in multiple groups and is also useful for using
role based access control to restrict provisioning access and set retainment policies. If the environment is new and
these do not yet exist, It may be advisable to refer to the main section on Getting started by setting up some cloud
integrations and infrastructure first. The wizard continues by allowing us to choose a name for the instance as well as
an environment.
Note: Currently the Environment option is mostly useful for presenting the user with informative metadata around
the instance when coming back to it later.
Moving on, it is now time to configure the Instance. Depending on the option that was chosen and the Instance
Configuration that is chosen fields will change. This can include cloud specific fields (i.e. Datastore for VMware or
Network). There will also be options like initial username. Some of these fields are optional and will be represented
as such.
2.2. Instances
31
Morpheus Documentation, Release 2.12.4
Configuration options provided in this screen are very powerful. An example is Mysql where a Master/Slave or
Master/Master layout can be selected. These configurations will automatically deploy two MySQL VMs or containers
and link them together to provide replication. These types of configurations exist for a wide range of instance types
and are optimized for high performance and scale. It is even possible to provision entire sharded Mongo clusters.
One last step before the instance can be provisioned is the Automation step. This wizard step may or may not
appear depending on the capabilities of the instance type or previous configurations in the account. It is here one can
easily select a post provisioning workflow to run ( see more on Tasks and Workflows), assign a load balancer, or even
configure the backup job that gets created.
Now that the steps are completed for provisioning the selected instance type , simply review your selections and
complete. The instance will automatically show up in the instances list and its provisioning state will be represented.
Depending on what was provisioned this step can range from seconds to minutes (typically a container configuration
will be rather quick if the instance type has previously been provisioned before.)
2.2.2 Instance Details
The instance detail page is where you can view and fully manage an instance. To get to an instance detail page,
navigate to provisioning, instances, and click on an instance. Please note instance details and actions differ between
instance types and user permissions.
There are several sections within an Instance page that provide useful capabilities to the user.
Summary Stats and status information
Deploy Track deployment history for instance types that support deployments or manually kick off a deployment
(only visible for instance types that support deployments)
Settings Some instance types support custom configuration settings (i.e. mysql presents the my.ini)
Network Useful for configuring security groups and access to the instance.
Monitoring Quick summary of the monitoring system and all checks that were configured to test the state of the
instance
Backups Quick backup dashboard. Useful for viewing historical backups as well as kicking off new ones.
Logs View all aggregated logs from the containers or VM’s representing the instance.
Environment View the environment variables presented to the instances or exported by the instances via Apps (more
on this in the Apps section). Even see Imported environment variables that may be referenced by the running
instance.
Scale For instances that support load balancing and auto scaling. Easily configure auto scaling thresholds and load
balancer settings that pertain to a particular instance.
Console Access the instance or container via a client-less Console supporting SSH, RDP, VNC, and even hypervisor
level remote consoles.
2.2.3 Instance Actions
Instance actions allow you to perform numerous management tasks on instances. The actions available depend on the
instance type, hypervisor, roles permissions, and instance state.
Edit Edit the Name, Description, Environment, or Group for the Instance.
Delete Deletes the Instance.
32
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
Important: Deleting an Instance will delete associated VM’s or Containers and cannot be undone. To delete instances
without deleting associated VM’s, delete the VM from the Infrastructure section and uncheck “Remove Infrastructure”
while checking “Remove Associated Instances” in the delete modal options.
Actions
Available options in the Actions dropdown can include:
Suspend Puts the VM in a suspended state without shutting down the OS.
Stop/Start/Restart Service Stops, Starts or Restarts the service associated with the Instance Type.
Stop/Start/Restart Server Stops, Starts or Restarts the Virtual Machine.
Lock/Unlock Instance A locked instance cannot be deleted until it is unlocked.
Import As Image Creates a Virtual Image template from the Instance at its current state and adds it to the Virtual
Image library with corresponding metadata.
Reconfigure The Reconfigure action allows service plan, disk, cpu, ram, networks and storage controller changes.
Available options depend on the instance type and service plan configuration. Some resize actions require an
instance restart.
Clone Creates a new Instance from the Instance at its current state.
Backup Immediately executes a backup of the Instance. Only available for Instances with backups enabled.
Run Workflow Presents workflow options and then immediately runs selected Workflow on the Instance. Workflows
can be created in the Provisioning -> Automation section.
Run Script Presents Script options and immediately executes selected Script on the Instance. Scripts can be created
in the Provisioning -> Library section.
Apply Template Presents Template options and immediately applies selected Template to the Instance. Templates
can be created in the Provisioning -> Library section.
Add Node Adds an additional node to the configuration. Additional options and configurations are required in the
add node wizard depending on instance configuration and type.
Eject Disk Ejects attached disk/iso.
Add Slave Adds a database slave in the Instance.
Change Master Changes the database Master node in an Instance.
Tip: Scrolling down in the Actions dropdown may be necessary to see all options.
Performing Instance Actions
1. Select the Provisioning link in the navigation bar.
2. Click the Instance from the list of instances you wish to perform an action on.
3. Click the Actions drop down button and select an Action.
2.2. Instances
33
Morpheus Documentation, Release 2.12.4
Notes
Every Instance has a Notes section for adding useful information about the Instance. Notes can be added by selecting
the ADD NOTES button on the bottom of Instance Detail pages. Existing notes can be edited by selecting the EDIT
NOTES
Tip: Markdown Syntax is supported in Instance Notes.
2.3 Apps
Apps allow instances having general relationships to be grouped in a clean and organized manner. App functionality
enables full control of which instances belong in an app as well setting Firewall and Access Control List (ACL) rules.
Use Apps to structure all necessary components into a single place. Add checks and groups for web servers, database
nodes, etc.
2.3.1 Creating Apps
To create and App, click “+ADD APP” on the right side of the main Apps section in Provisioning.
Next fill in the Setup tab with your App name, optional description, and select a resource group:
34
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
In the LAYOUT tab, you have the option of selecting a Template (created in the Templates section) or Add Tiers. To
use a Template, select a Template from the dropdown and your app will populate in the layout section. You can add
to, modify, edit your template, or simply click next of the Template is fully configured:
2.3. Apps
35
Morpheus Documentation, Release 2.12.4
To create an app without a Template, start by adding a Tier by clicking “+ ADD TIER”. Name the Tier by selecting
pre-populated, recently used, or add a new/custom Tier name:
36
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
For each Tier added, a new Tier container is created, and the Tier is added to the Tier list:
2.3. Apps
37
Morpheus Documentation, Release 2.12.4
Next click +Add Instance to add a new instance, or select from existing instances using the Existing tab. Multiple
instances can be added to a single container as well:
38
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
After adding all instances, click out of the Add Instance pop up to return to the layout page. Continue to add all Tiers
and instances for your App:
2.3. Apps
39
Morpheus Documentation, Release 2.12.4
To configure new or existing instances, hover over the instance name in the Tier List and click the Settings gear icon.
(Instances can also be fully configured/edited in the Configure tab by clicking next in the bottom right):
40
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
To link Tiers, hover over a Tier, click the blue circle at the top of a Tier and drag the arrow over the top of the Tier you
would like to link:
2.3. Apps
41
Morpheus Documentation, Release 2.12.4
To remove a Tier or Instance, click the trash icon. Once your App is built, click Next in the bottom right.
In the Configure tab, you can fully configure your instances if they are not configured yet, or edit the configurations.
If the app was built with Existing instances, no configuration options are presented:
42
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
Once your App is ready, click Complete in the bottom right and your App will be created, appear in the App section,
and if new instances were used, the instances will be provisioned:
2.3. Apps
43
Morpheus Documentation, Release 2.12.4
2.4 Templates
2.5 Automation
Provisioning -> Automation
The Automation section is composed of Tasks and Workflows. Tasks can be scripts added directly, scripts and templates from the Library section, recipes, playbooks, salt states, puppet agent installs, or http (api) calls. These Tasks
are are combined into workflows, which can be selected to run at provision time or executed on existing instances via
Actions -> Run Workflow.
2.5.1 Tasks
Available Task Types:
• Ansible Playbook
• Chef Bootstrap
• Groovy Script*
• HTTP
• Javascript*
• jRuby Script*
44
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
• Library Script: Adds an existing script from the Library section as a task
• Library Template: Adds an existing script from the Library section as a task
• Puppet Agent Install
• Python Script (jython)*
• Shell Script
• SSH Script
• WinRM Script
• Restart: Executes a restart on the Instance. Morpheus will wait until the restart is complete to execute the next
task in the workflow phase.
Note:
• executes locally
To Add Tasks:
1. Select the Provisioning link in the navigation bar.
2. Select Automation from the sub-navigation menu.
3. Click the Add Task button.
4. From the New Task Wizard input a name for the task.
5. Select the type of task from from the type dropdown.
6. Input the appropriate details dependent on the task type you selected from the dropdown.
7. Save
Edit Task
1. Select the Provisioning link in the navigation bar.
2. Select Automation from the sub-navigation menu.
3. Click the Edit icon on the row of the task you wish to edit.
4. Modify information as needed.
5. Click the Save Changes button to save.
Delete Task
1. Select the Provisioning link in the navigation bar.
2. Select Automation from the sub-navigation menu.
3. Click the Delete icon on the row of the task you wish to delete.
2.5. Automation
45
Morpheus Documentation, Release 2.12.4
2.5.2 Workflows
Add Workflow
To Add Workflows:
1. Select the Provisioning link in the navigation bar.
2. Select Automation from the sub-navigation menu.
3. Click the Workflows tab to show the Workflows tab panel.
4. Click the Add Workflow button.
5. From the New Workflow Wizard input a name for the workflow.
6. Optionally input a description.
7. Expand the execution phases to add tasks to, and type the name of a created task and click the task when it
appears to add.
8. If multiple tasks are added to the same execution phase, their execution order can be changed by selecting the
grip icon and dragging the task to the desired execution order.
9. For multi-tenant environments, select Public or Private visibility for the Workflow.
10. Click the Save Changes button to save.
Workflow Execution Phases
For VM’s, Pre-Provision and Provision execute after the VM is running. Pre-Provision can be used for a template so
it is added before a script set at the Provision phase executes. Pre-Provision for scripts is mainly for Docker as you
can execute on the host before the container is up. Post-Provision will execute after the entire provisioning process is
complete.
Edit Workflow
To Edit Workflows:
1. Select the Provisioning link in the navigation bar.
2. Select Automation from the sub-navigation menu.
3. Click the Workflows tab to show the workflows tab panel.
4. Click the Edit icon on the row of the workflow you wish to edit.
5. Modify information as needed.
6. Click the Save Changes button to save.
Delete Workflow
To Delete Workflows:
1. Select the Provisioning link in the navigation bar.
2. Select Automation from the sub-navigation menu.
3. Click the Workflows tab to show the workflows tab panel.
4. Click the Delete icon on the row of the workflow you wish to delete.
46
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
2.6 Virtual Images
Provisioning -> Virtual Images
2.6.1 Overview
The Virtual Image section displays a list of all images, local and synced, that are available to deploy. Morpheus
includes a rich catalog of pre-configured System Images available for every cloud type. User Images are automatically
synced from Cloud Integrations and added to the Virtual Images section. Images can also be uploaded directly into
Morpheus via local file or url. Amazon and Azure Marketplace images can also be added to the Virtual Images Section.
2.6.2 Image Types
Morpheus provides a vast System Image repo with pre-configured images for every Cloud. All other images are
User Images. User images can be added directly to Morpheus , or automatically synced from integrated clouds. It
is important to configure synced User Images for metadata, including specifying the Platform and User Credentials,
prior to provisioning. Provisioning a User Image that has not been configured may result in failed provisioning.
Important: Synced User Images need to be configured prior to provisioning.
2.6.3 Configuring Virtual Images
System Images
System Images are pre-configured with metadata and have Cloud-Init or Cloudbase-Init installed. These images are
ready to be provisioned with no configuration necessary. It is highly recommended to populated the Administration
-> Provisioning -> Cloud-Init section with user data prior to provisioning, as the user and password/key will be
added to all Instances provisioned from System Images. Users can also be added during provisioning in the Add User
provisioning wizard section.
Note: Editing System Images is disabled.
User Images
Typically Morpheus does not have sufficient metatdata to successfully provision synced User Images. After integrating
clouds and User Images have synced, it is highly recommended to configure the images prior to provisioning.
To edit and configure an existing Virtual Image:
1. Select Actions - Edit in the Virtual Images list, or Edit on a Virtual Image detail page.
2. Configure the following on the Image:
Name Name of the Virtual Image in Morpheus . This can be changed from the name of the Image, but editing will
not change the name of the actual Image.
Operating System Specifies the Platform and OS of the image. All Windows images will need to have Operating
System specified on the Virtual Image, as Morpheus will assign Linux as the Platform for all Images without
Operating System specified.
2.6. Virtual Images
47
Morpheus Documentation, Release 2.12.4
Cloud Init Enabled? On by default, uncheck for any Image that does not have Cloud-Init or Cloudbase-Init installed.
Install Agent On by default, uncheck to skip Agent install. Note this will result in the loss of utilization statistics,
logs, script execution, and monitoring. (Some utilization stats are collected for agent-less hosts and vm’s from
VMware and AWS clouds).
Username Existing Username on the Image. This is required for authentication, unless Morpheus is able to add user
data via Cloud-Init, Cloudbase-Init, or guest processes (VMware).
Password Password for the Existing User on the image.
Cloud-Init User Data Accepts what would go in runcmd and can assume bash syntax.
Permissions Set Tenant permissions in a multi-tenant Morpheus environment. No impact on single-tenant environments.
Auto Join Domain? Enable to have instances provisioned with this image auto-join configured domains (Windows
only).
VirtIO Drivers Loaded? Enable if VirtIO Drivers are installed on the image for provisioning to KVM based Hypervisors.
Force Guest Customization? VMware only, forces sys-prep on image during provisioning.
Trial Version Enable to automatically re-arm the expiration on Windows Trial Images during provisioning.
3. Save Changes
Note: Cloud-Init is enabled by default on all Images. Images without Cloud-Init or Cloudbase-Init installed must
have the cloud-init flag disabled on the Virtual Image setting or Provisioning may fail.
2.6.4 Provisioning Images
When provisioning a System Image for the first time, Morpheus will download and stream the image from S3 to the
source Cloud if the image is not local to the Cloud. The Image will also be cached on the Morpheus Appliance under
/var/opt/morpheus/vm/vmcache. Subsequent provisions of the image will use the created template in the Cloud or the
cached local Image if the images does not exist in the selected Cloud, in which case the cached Image will be copied
to the Cloud.
When using Images that already exist in the destination cloud, such as synced, marketplace, or previously copied
images, no image transfer between the Morpheus Appliance and destination cloud will take place.
Note: The Morpheus Appliance must be able to download from Amazon S3 when provisioning System Images for
the first time.
Note: The Morpheus Appliance must be able reach and resolve the destination Host when provisioning System
Images or uploaded Images for the first time. This included being able to resolve ESXi host names in VMware
vCenter clouds, and reach the destination ESXi host over port 443.
2.6.5 Add Virtual Images
Virtual Images can be upload to Morpheus from local files or URL’s. Amazon and Azure Marketplace metadata can
also be added to the Virtual Images library, enabling the creation of custom catalog Instance Type from Marketplace
48
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
images (no image is transferred to Morpheus when adding Marketplace images).
To Add Virtual Image:
1. Select + Add Virtual Image in the Virtual Images page.
2. Select Image format:
• Amazon AMI
• Azure Marketplace
• Digital Ocean
• ISO
• PXE Boot
• QCOW2
• RAW
• VHD
• VirtualBox
• VirtualBox (vdi)
• VMware (vmdk/ovf/ova)
3. Configure the following on the Virtual Image:
Name Name of the Virtual Image in Morpheus . This can be changed from the name of the Image, but editing will
not change the name of the actual Image.
Operating System Specifies the Platform and OS of the image. All Windows images will need to have Operating
System specified on the Virtual Image, as Morpheus will assign Linux as the Platform for all Images without
Operating System specified.
Cloud Init Enabled? On by default, uncheck for any Image that does not have Cloud-Init or Cloudbase-Init installed.
Install Agent On by default, uncheck to skip Agent install. Note this will result in the loss of utilization statistics,
logs, script execution, and monitoring. (Some utilization stats are collected for agent-less hosts and vm’s from
VMware and AWS clouds).
Username Existing Username on the Image. This is required for authentication, unless Morpheus is able to add user
data via Cloud-Init, Cloudbase-Init, or guest processes (VMware).
Password Password for the Existing User on the image.
Storage Provider Location where the Virtual Image will be stored. Default Virtual Image Storage location is
/var/opt/morpheus/morpheus-ui/vms. Additional Storage Providers can be configured in Infrastructure -> Storage.
Cloud-Init User Data Accepts what would go in runcmd and can assume bash syntax.
Permissions Set Tenant permissions in a multi-tenant Morpheus environment. No impact on single-tenant environments.
Auto Join Domain? Enable to have instances provisioned with this image auto-join configured domains (Windows
only).
VirtIO Drivers Loaded? Enable if VirtIO Drivers are installed on the image for provisioning to KVM based Hypervisors.
Force Guest Customization? VMware only, forces sys-prep on image during provisioning.
Trial Version Enable to automatically re-arm the expiration on Windows Trial Images during provisioning.
2.6. Virtual Images
49
Morpheus Documentation, Release 2.12.4
Note: Default Storage location is /var/opt/morpheus/morpheus-ui/vms. Additional Storage Providers can be configured in Infrastructure -> Storage. Ensure local folders are owned by morpheus-app.morpheus-app if used.
4. Upload Image
Images can be uploaded by File or URL:
File Drag and Drop the image file, or select “Add File” to select the image file.
Url Select the URL radio button, and enter URL of the Image.
Note: Morpheus provides a file upload progress. The Virtual Image configuration can be saved while the upload is in
progress, and the upload will finish in the background.
2.7 Library
2.7.1 Overview
The Library section is used to add virtual images as custom instances to the provisioning catalog. The Library Section
is composed of:
• Instance Types
• Layouts
• Node Types
• Option Types
• Option Lists
• Templates
• Scripts
Uploaded or synced images from the virtual images section are added to nodes, a node or multiple nodes are added
to layouts, and layouts are added to Instance Types. Scripts and Templates can be attached to nodes, with phased
execution options for scripts.
2.7.2 Instance Types
Adding an Instance Type creates a new Library Item category. Multiple layouts can be added to an instance type, and
these layout can have different nodes attached. The instance wizard will present the layout options compatible with
the selected cloud. If cloud selection is turned off, all layouts will be presented for all cloud types accessible by the
user.
Name Name of the Instance Type in the Provisioning Library
Code Useful shortcode for provisioning naming schemes and export reference.
Description The description of the Instance Type shown in the Provisioning Library. (255 characters max)
Category
For filtering in Instance sections and Provisioning Wizard
• Web
50
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
• SQL
• NoSLQ
• Apps
• Network
• Messaging
• Cache
• OS
• Cloud
• Utility
Icon Suggested Dimensions: 150 x 51
Visibility
• Private- Only accessibly by assigned Accounts/Tenants
• Public- accessible by all Accounts/Tenants
Environment Prefix Used for exportable environment variables when tying instance types together environment Variables in app contexts. If not specified a name will be generated
Enable Scaling (Horizontal) Enables load balancer assignment and auto-scaling features
Supports Deployments Enables deployment features (Requires a data volume be configured on each version. Files
will be copied into this location)
Upon saving, this Instance Type will be available in the Provisioning Catalog, per user role access. However we still
need to add layouts to the Instance Type, and prior to creating a layout, we will add a node type.
2.7.3 Node Types
The following fields are for all node technology types:
• Name
• Short Name
• Version
• Category
• Technology
** Azure ** Docker ** Google ** Hyper-V ** KVM ** Nutanix ** OpenStack ** VMware ** Xen * Environment
Variables
The Options fields will change depending on the Technology option selected.
For VM provisioning technology options, select an image from the VM Image dropdown, which is populated from the
Virtual Images Section and will include images uploaded into Morpheus, and synced images from added clouds.
Note: Amazon and Azure Marketplace Images can be added in the Virtual Images section for use as node types in
custom library items.
For Docker, type in the name and version of the Docker Image and select the integrated registry.
2.7. Library
51
Morpheus Documentation, Release 2.12.4
Expose Ports To open port on the node, select “Add Port” and enter the name and port to expose. The Load Balancer
http, https or tcp setting is only required when attaching to load balancers.
2.7.4 Scripts & Templates
To attach scripts and templates that have been added to the Library to a node type, start typing the name and then select
the script(s) and/or template(s).
• Multiple scripts and templates can be added to a node type
• Scripts and Templates can be added/shared among multiple node types
• The Execution Phase can be set for scripts in the Scripts section.
• Search will populate Scripts or Templates containing the characters entered anywhere in their name, not just the
first letter(s) of the name.
Upon save the Node Type will be created, and available for adding to layouts.
2.7.5 Layouts
Layouts are added to Instance types, and will be presented under the Configuration Options dropdown in the Provisioning Wizard for that Instance type.
Instance Type Select the Instance Type to add the new Layout to. Custom Instance Types must already be created
and one layout cannot be added to multiple instance types, or change Instance Types after creation.
Note: Layouts cannot be added to Morpheus provided library items at this time.
Name The name the layout will present as in the Configuration Options dropdown in the provisioning wizard
Version The version number or name for the Layout. Layouts in an Instance Type with the same version will all show
under the Configuration Options dropdown when that version in selected while provisioning.
Description Description of the layout
Technology Technology determines which cloud this layout will be available for.
Environment Variables Custom evars to be added to the instance when provisoned.
Nodes Single or multiple nodes can be added to a Layout by searching for and selecting the node(s). An example of a
layout with multiple nodes is the Hyper-V MySQL Master/Slave layout pictured below (note this is the Layout
detail screen after the layout has been created.)
..Multi-node Layout example:
Upon save, the layout will be attached to the selected Instance Type, and available when provisioning that Instance
Type for the appropriate cloud technology.
2.7.6 Option Types
Option Types allow you to create additional fields within the provisioning wizard.
These field entries can then be used in scripts and templates using our variable naming convention (more here).
52
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
2.7.7 Option List
Much like Option Types, Option Lists allow you to give the user more choices during provisioning to then be passed
to scripts and/or automation. Option Lists, however, are pre-defined insofar as they are not free-form. They can either
be manually entered CSV or JSON or they can be dynamically compiled from REST calls via GET or POST requests.
Your new Library Item is now ready for provisioning. Multiple Layouts, Versions and Technology types can be added
to a single Instance Type.
2.8 Migrations
2.8.1 Migration Types
Hypervisor to Hypervisor
Store Morpheus will create a snapshot of existing VM and upload the snapshot to virtual image directory. Images
that have been uploaded to the Virtual Images library can be converted to VHD, QCOW2, RAW and VMDK
formats and then re-provisioned.
New Morpheus will create a snapshot of an existing VM, convert from source format to required destination format,
and then provision the VM into the target environment.
Source VMWare, Openstack, Xen, ESXi, Nutanix* Azure* Hyper-V* (*planned)
Destination Softlayer, Openstack, Metapod, Xen, Amazon, VMWare, ESXi, Nutanix, Hyper-V
Supported OS Type Windows or Linux
Service Impact Disruptive Migration
Virtual Image Extract
The Virtual Image extract capabilities allow for a virtual image to be extracted and stored in the virtual image repository
or the image can be migrated into a cloud.
Source Any Cloud
Destination SoftLayer (Only)
Supported OS Type Windows
Service Impact Non Disruptive
Requirements Requires a separate disk or network share to store the image during conversion process. Capacity of
the disk or network share should be sized appropriately to support the data that will be exported.
Live Stream
Live Stream is a linux only streaming process that will take a snapshot of a volume and allow it to be streamed to a
destination linux system that is either existing or new. The destination linux must already exist and it can either be a
managed or unmanaged VM in Morpheus . The destination will be overwritten from a root level perspective.
Source Any Cloud
Destination Morpheus
Supported OS Type Linux (Only)
2.8. Migrations
53
Morpheus Documentation, Release 2.12.4
Service Impact Non Disruptive
Requirements Requires the Linux host/guest to be configured for LVM and that free space of the capacity to be
streamed is available. A destination linux host/guest must be available to receive the stream.
2.8.2 Add Migration
1. Select the Provisioning link in the navigation bar.
2. Select the Migrations link in the sub-navigations bar.
3. Click the Add Migration button.
4. From the Create Migration Wizard select the type of migration, then click the Next button.
Depending on the Migration Type selected input the following, then click the Next button.
• Hypervisor to Hypervisor * Select Cloud, and Server * Input Host, Remote Port, Username, and Password
• Virtual Image Extract * Select Platform, Existing or New, Cloud, and Server. * Input Host, WinRM Port,
WinRM User, WinRM Password, and Snapshot path.
• Live Stream * Select Platform, Existing or New, Cloud, and Server * Input Host, SSH Port, SSH User, SSH
Password, Public Key, and Logical Volume Device. * Enter Destination details, then click the Next button.
5. Finalize your configuration if needed, then click the complete button.
2.8.3 Manually Start Migration
If you chose to not run your migration in the Create Migration Wizard then you will be able to manually start the
migration.
1. Select the Provisioning link in the navigation bar.
2. Select the Migrations link in the sub-navigations bar.
3. Click the actions dropdown of the row of the migration you wish start, and select Run.
2.8.4 Remove Migration
1. Select the Provisioning link in the navigation bar.
2. Select the Migrations link in the sub-navigations bar.
3. Click the actions dropdown of the row of the migration you wish remove, and select Remove.
2.9 Deployments
The deployments section provides very useful PaaS like capabilities when it comes to deploying applications into the
newly provisioned environment. These can be uploaded directly from the UI, pulled from a build server, pulled from
a public or private Git repository or even via the API and the various plugins created, such as Jenkins, and Gradle to
support continuous build / integration workflows.
A deployment can be considered a set of versions that relate to a particular project or application being deployed. This
allows one to keep track of a history of versions and easily reuse these deployment versions across instances that may
exist in different environments. An example might be to deploy a version from a deployment to a staging instance and
(once approved) also deployed into production.
54
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
2.9.1 Getting Started
Getting started with deployments is easy. They can vary slightly for the application stack being deployed but the
simplest phase of a deployment is adding a version and adding the appropriate files to the deployment archive that are
needed for the application to run. This could be a single file like a WAR file for Tomcat, or it could be hundreds of files
for stacks like Ruby on Rails.
There are a few ways to create a deployment. The first is to use the Provisioning -> Deployments section of the
application to create them. Simply add a new deployment and give it a name representing the application that is being
deployed. Once a deployment is created select the deployment to view its versions (which will be empty to start).
Next, its time to add a version.
When adding a version there are several options. There are 3 types represented by the UI. These include File, Fetch,
and Git respectively. A File deployment allows the user to simply drag their files into the file explorer presented
by the dialog. This file explorer can take single files or entire file trees (If files exist in subfolders then only the
Chrome browser is supported due to browser limitations at the time of this writing). This is also the common type
that is represented when files are uploaded via the CLI, or available build tool integration plugins. Once the files have
completed their upload simply save the version for use.
Git
For performing git based deploys Morpheus supports both public and private repositories. To utilize a private git
repository the add version dialog will display a public keypair that can be added to the git service for authentication
purposes. Currently this keypair is shared across the account and not specifically scoped to the user so it may be
advisable to connect this integration to a deployment account in git. From here either a ssh or https git url can be
entered along with a git branch or tag name. Once the version is saved, this repository will be copied down into the
deployment archive for use.
Fetch
Fetch based deployments are pretty straightforward. Simply enter a url to a file representing the deployment. This can
be a single file (in which case it will just be added to the deployment archive singularly) or it can be a zip file (which
will automatically be expanded into the archive). HTTP Authentication options can also be entered if the url requires
some form of basic authentication scheme for access by the appliance.
2.9.2 Deploying to an Instance
Now that a version has been added to a deployment it is easy to push that deploy out to any instance provisioned within
Morpheus . Simply navigate to the specific Instance that needs deployed to. On the Instance detail page there is a tab
called Deploy. From here simply add a deploy. The dialog will ask firstly from which deployment the deploy is from
(or allow you to create a new one on the spot) , and secondly which version to deploy (also with the option to add one
on the fly). The next step of the wizard will display any configuration options that might be specific to the instance
type being deployed to (i.e. CATALINA_OPTS for Tomcat or Java Command for java) as well as the file explorer
and deployment type selections for review (or use when creating a new version on the fly). Fill in the required items
then simply hit complete. The deploy will now be asynchronously sent off to all of the virtual machines or containers
within the instance in a rolling restart and the deployment status will be represented.
Tip: When deploying to an instance, the custom configuration options that were entered during the previous deployment are automatically carried forward allowing one to edit them or leave them as is.
2.9. Deployments
55
Morpheus Documentation, Release 2.12.4
Rolling Backwards and Forwards
Because of the tracked history of deployments kept within Morpheus , the deploy tab of instance detail makes it easy
to choose a previously run deployment and jump back to it in the event of a failed deployment. The history will
automatically be updated and the configuration, as well as data from the previous deployment state of the instance will
be restored.
2.9.3 Offloading Storage
Since a full history of the backup builds are kept in Morpheus , as the appliance grows it becomes necessary to change
where these are stored. On a fresh install these are stored on the local appliance in /var/opt/morpheus or wherever the
master account may have changed the configuration to point to. It is also possible to adjust the deployment archive
store by creating a Storage Provider tied to an S3 compatible object store, Openstack Swift object store, or any other
type of mountpoint provided. This option can be adjusted in Admin->Provisioning once a storage provider is created
within the account.
2.9.4 Add Deployment
Add Deployment
1. Select the Provisioning link in the navigation bar.
2. Select the Deployments link in the sub-navigation bar.
3. Click the Add Deployment button.
4. Enter a Name for the deployment and a description (optional)
5. Click the Save Changes button to save.
Add Version
1. Select the Provisioning link in the navigation bar.
2. Select the Deployments link in the sub-navigation bar.
3. Click the Name of the deployment you would like to add a version to.
4. Click the Add Version button.
5. From the Add Version Wizard select the deployment type.
6. Input the Version of the deployment.
7. Depending on the type of deployment selected perform one of the following:
Files Drag files into the file explorer presented by the dialog. This file explorer can take single files or entire file trees.
Fetch Enter a url to a file representing the deployment.
Git The add version dialog will display a public key pair that can be added to the git service for authentication
purposes. Either a ssh or https git url can be entered along with a git branch or tag name.
Click the Save Changes button to save.
56
Chapter 2. Provisioning
Morpheus Documentation, Release 2.12.4
2.9.5 Edit Deployment
To Edit Deployment:
1. Select the Provisioning link in the navigation bar.
2. Select the Deployments link in the sub-navigation bar.
3. Click the Edit Deployment icon on the row of the deployment you wish to edit.
4. Modify information as needed
5. Click the Save Changes button to save.
2.9.6 Delete Deployment
To Delete Deployment:
1. Select the Provisioning link in the navigation bar.
2. Select the Deployments link in the sub-navigation bar.
3. Click the Delete Deployment icon on the row of the deployment you wish to delete.
2.9. Deployments
57
Morpheus Documentation, Release 2.12.4
58
Chapter 2. Provisioning
CHAPTER
3
Infrastructure
The heart of Morpheus is the ability to manage provisioning across any infrastructure, from bare metal to virtualized
clouds and all the way to public infrastructure.
3.1 Groups
3.1.1 Overview
Groups are used to organize clouds, roles, and hosts.
The Groups view displays all current groups, includes search feature, and also enables the addition of new groups.
To View Groups:
1. Select the Infrastructure link in the navigation bar
2. Click the Groups link
59
Morpheus Documentation, Release 2.12.4
3.1.2 Adding Groups
To add a group:
1. Select the Infrastructure link in the navigation bar
2. Click the Groups link
3. Click the Create Group button
4. Input out the Name and Location (optional) fields
5. Click the Save Changes button to save
60
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
3.1.3 Managing Groups
To view a Group:
1. Select the Infrastructure link in the navigation bar
2. Click the Groups link
3. Click the Group name to view/modify
Available tabs in group view
Hosts Lists available hosts in the group and displays power, os, name, type, cloud, ip address, nodes, disc space,
memory, and status. You can add a host from this tab panel by clicking Add Host.
Virtual Machines List all Virtual Machines in the Group.
Bare Metal List all Bare Metal Hosts added to the Group
Clouds Lists Clouds added to the Group. Existing Clouds or new Clouds can be added from the Group by clicking
Add Cloud.
Policies Lists and allows creation ro managment of Policies applied to the Group.
3.1.4 Edit Group
To edit a group:
1. Select the Infrastructure link in the navigation bar.
3.1. Groups
61
Morpheus Documentation, Release 2.12.4
2. Click the Groups link.
3. Click the name of the group you wish to edit.
4. Click the Edit button.
5. From the Edit Group Wizard modify information as needed.
6. Click the Save Changes button to save.
3.1.5 Delete Group
To delete a group:
1. Select the Infrastructure link in the navigation bar.
2. Click the Groups link.
3. Click the name of the group you wish to delete.
4. Click the Delete button.
5. Confirm
3.1.6 User Access
Important: User access to Groups is determing by their user Role(s). Group access for Roles can be configured in
the Group Access section of a Roles Settings.
3.2 Clouds
3.2.1 Overview
Clouds are integrations or connections to public, private, hybrid clouds, or bare metal servers. Clouds can belong to
many groups and contain many hosts. The clouds view a includes search feature and provides the option to edit, delete,
and add new clouds. Morpheus supports most Public Clouds and Private Clouds.
3.2.2 Creating Clouds
Clouds can be added from Infrastructure -> Clouds or in Infrastructure -> Groups -> (select Group) -> Clouds.
Details on required credentials and settings can be found in the Cloud integrations guides.
3.2.3 Cloud Detail View
In the Cloud List View, select the name of a Cloud to display the clouds Detail View.
EDIT Edit the setup configuration of the Cloud.
REFRESH Force a sync with the Cloud. Last sync date, time and duration is shown under the Cloud name.
DELETE Delete the Cloud from Morpheus IMPORTANT: All Instances and managed Hosts and VM’s must be
removed prior to deleting a cloud.
62
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
Note: Not all tabs are available for all Cloud Types.
Hosts The hosts tab panel displays available hosts in the cloud and displays power, os, name, type, cloud, ip address,
nodes, disc space, memory, and status. You can add a container host from this by clicking the Container Hosts
button, add a hypervisor host by clicking the HyperVisor button, or perform actions actions by click the Actions
button.
Virtual Machine Displays an Inventory of Existing Instances in your cloud configuration and provides details such
as power, os, name, type, cloud, ip address, nodes, disc space, memory, and status.
Bare Metal Setup PXE Boot in the Boot section to add bare metal servers. Once setup you can view information
such as power, os, name, type, cloud, ip address, nodes, disc space, memory, and status.
Security Groups The Security Groups tab panel displays a list of existing Security groups in the cloud. You can add
a security group to this cloud by clicking the Edit Security Groups button.
Load Balancers The load balancers tab panel displays available load balancers in the cloud and displays the name,
description, type, cloud and host. You can add a load balancer from this tab by clicking the Add Load Balancer
button.
Networks Displays Networks synced or added to the Cloud.
DataStores Displays Datastores synced or added to the Cloud.
Resource Pools Displays Resource Pools synced from the Cloud.
Policies Manages Policies enforced on the Cloud.
• Container Host Provisions a Docker host into the Cloud, or adds an existing Docker Host (manual) to the Cloud.
KVM hosts are also available for Morpheus and Bare Metal cloud types.
• Hypervisor Add an existing Hypervisor to the Cloud. Not available for all Cloud types.
3.2.4 Deleting Clouds
To delete a cloud:
1. Select the Infrastructure link in the navigation bar.
2. Select the Clouds link in the sub navigation bar.
3. Click the Delete icon of the cloud to delete.
Important: All Instances and managed Hosts and VM’s must be removed prior to deleting a cloud. To remove
Instances, Hosts and VM’s from Morpheus without deleting them in the actual Cloud, select Delete on the Host or
VM, unselect “Remove Infrastructure” and select “Remove Associated Instances” if Instance are associated with the
Hosts or VMs.
3.3 Hosts
3.3.1 Overview
The Infrastructure -> Hosts section provides a universal stage for viewing and managing Hosts and Virtual Machines
from all of your Clouds.
3.3. Hosts
63
Morpheus Documentation, Release 2.12.4
In this section you can:
• View & Manage all Hosts, Virtual Machines & Bare Metal
• Provision Docker & KVM Hosts
• Convert existing hosts to Docker & KVM Hosts
• Add Hypervisors
• Convert Hosts, Virtual Machines and Bare Metal to Managed
3.3.2 Hosts
Hosts in Morpheus are Hypervisors and Docker Hosts that your VM’s and Container are hosted on, such as ESXi,
Hyper-V and Docker Hosts. These Hosts are populated from integrated clouds, hosts provisioned form Morpheus, or
manually added Hosts.
3.3.3 Virtual Machines
The Virtual Machines tab lists all Managed and Unmanaged VM’s across Morpheus . Managed VM’s are either
provisioned by Morpheus, or inventoried VM’s that were converted to managed. Unmanaged VM’s are from Cloud
integrations with “Inventory Existing Instances” enabled in the Cloud settings.
3.3.4 Bare Metal
Bare Metal hosts are from PXE Boot or manually added in this section. Bare Metal hosts that are also Hypervisors
will be listed in both the Bare Metal and Hypervisor sections.
3.4 Network
3.4.1 Networks
Infrastructure -> Network -> Networks
Overview
The Networks section is for configuring networks across all clouds in Morpheus . Existing networks from the Clouds
added in Morpheus will auto-populate in the Networks section.
Networks can be configured for DHCP or Static IP assignment, assigned IP pools, and configured for visibility and
account assignment for multi-tenancy usage. Networks can also be set as inactive and unavailable for provisioning
use.
Configuring Networks
DHCP
To configure a network for DHCP:
1. Navigate to Infrastructure -> Network -> Networks
64
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
2. Search for the target network
3. Edit the Network by either:
• Select Actions -> Edit
• Select the Network, then select Edit
4. In the Network Config modal, set the DHCP flag as Active (default)
5. Save Changes
Important: The DHCP flag tells Morpheus this network has a DHCP server assigning IP Addresses to hosts. Morpheus does not act as the DHCP server, and provisioning to a network that has the DHCP server flag active in Morpheus
, but no DHCP server actually on the network will in most cases cause the instance to not receive an IP address.
Note: When selecting a network with DHCP enabled during provisioning, “DHCP” will populate to the right of the
selected network:
Static and IP Pools
To configure a network for Static IP Assignment:
1. Navigate to Infrastructure -> Network -> Networks
2. Search for the target network
3. Edit the Network by either:
• Select Actions -> Edit
• Select the Network, then select Edit
4. In the Network Config modal, add the following:
• Gateway
• DNS Primary
• DNS Secondary
• CIDR ex 10.10.10.0/22
• VLAN ID (if necessary)
• Network Pool * Leave as “choose a pool” for entering a static IP while provisioning * Select a Pool to use
a pre-configured Morpheus or IPAM Integration IP Pool
• The Permissions settings are used for Multi-Tenant resource configuration
– Leave settings as default if used in a single-tenant environment (only one Tenant in your Morpheus
appliance)
– To share this network across all accounts in a multi-tenant environment, select the Master Tenant and
set the Visibility to Public
– To assign this network to be used by only one account in a multi-tenant environment, select the account
and set visibility to Private
• Active
3.4. Network
65
Morpheus Documentation, Release 2.12.4
– Leave as enabled to use this network
– Disable the active flag to remove this network from available network options
5. Save Changes
Note: When selecting a network with DHCP disabled and no IP Pool assigned during provisioning, an IP entry field
will populate to the right of the selected network(s):
Note: When selecting a network with an IP Pool assigned during provisioning, the name of the IP pool will populate
to the right of the selected network(s). IP Pools override DHCP.
3.4.2 Network Groups
Overview
Network Groups are useful for grouping networks during provisioning and scaling or grouping availability subnets
together such that during provisioning, vm’s within an instance can be round robin provisioned across availability
zones.
Adding Network Groups
1. Navigate to Infrastructure -> Network -> Networks Groups
2. Click btn:[ADD]
3. Enter the following: * Group info:
• Name: Name of the Network Group in Morpheus
• Description: Details of the
3.4.3 Services
Overview
The Network Services section allows you to add and manage IPAM, DNS, and Service Registry integrations. These
services can also be added in the Administration -> Integrations section.
The following integrations are currently supported:
IPAM
• Infoblox
• Bluecat (2.11)
DNS
• Microsoft DNS
• Power DNS
• Route 53
• Bind DNS
66
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
Service Registry
• Consul
Add a Service
To configure any of the services, select ADD SERVICE, and fill out the required fields.
Infoblox
• Name
• URL (wapi url + version)
– example https://x.x.x.x/wapi/v2.2.1
• Username
• Password
Bluecat
• Name
• URL
• Username
• Password
Microsoft DNS
• Name
• DNS Server
• Username
• Password
• Zone
PowerDNS
• Name
• API Host
• Token
BindDNS
• Host
• Username
• Password
• BindKey
Route 53
• Region
• Access Key
• Secret Key
3.4. Network
67
Morpheus Documentation, Release 2.12.4
After Saving, your Network Service integrations will be available for use. These integrations must be scoped to the
appropriate sections in Morpheus :
Scoping Services
IPAM IPAM integrations will populate pools in the IP Pool section, which are available for assignment to networks
in the NETWORK POOL dropdown when configuring a network.
DNS DNS integrations will populate domains in the Infrastructure -> Network -> Domains section, and are available
in the DOMAIN dropdown located under the Advanced Options section in Cloud, Group, and Network configurations, as well as in the Configure section of the Create Instance wizard. DNS integrations are also available in
the DNS SERVICE dropdown located under the Advanced Options section in Cloud and Group configurations.
Service Registry Service Registry integrations are available in the SERVICE REGISTRY dropdown located under the
Advanced Options section in Cloud and Group configurations.
3.4.4 IP Pools
Infrastructure -> Network -> IP Pools
Overview
The Networks IP Pools sections allows you to create Morpheus IP Pools, which is an IP Range Morpheus can use to
assign available static IP addresses to instances. The IP Pool section also displays pools from IPAM integrations like
Infoblox and Bluecat.
To add a Morpheus Network Pool
1. Select + ADD in the Infrastructure -> Network -> IP Pools section
2. Enter the following:
Name Name of the IP Pool in Morpheus . The name is presented when selecting an IP Pool for a Network,
so use a name that easily identifies the IP Pool.
Starting Address The starting IP address of the IP Pool address range. ex: 192.168.0.2
Ending Address: The ending IP address of the IP Pool address range. ex: 192.168.0.255
3. Save Changes
Note: Multiple Address Ranges can be added to a pool by selecting the + icon to the right of the first address range.
After saving the IP pool will be available for assignment to networks in the NETWORK POOL dropdown when adding
or editing a network.
3.4.5 Domains
Infrastructure -> Network -> Domains
68
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
Overview
The Domains section is for creating and managing domains for use in Morpheus . Domains are used for setting
FQDNs, joining Windows Instances to Domains, and creating A Records with DNS Integrations. The Domains
section is also a multi-tenant endpoint for managing domain settings across multiple accounts
• Added and synced Domains are available for selection in the Domain dropdown when provisioning an Instance.
• Default domains can be set for Clouds and Networks in their Advanced Options sections.
• Images can be flagged to Auto-Join Domains in the Provisioning -> Virtual Images section.
Important: For an Instance to auto-join a Domain, a Domain must set in the Advanced Options section of the Cloud
or Network used when provisioning.
Adding Domains
Adding Domains
1. Navigate to Infrastructure -> Network -> Domains
2. Select + Add
3. Enter the following:
Domain Name Example demo.example.com
Description Descriptive meta-data for use in Morpheus
Public Zone Check for Public Zones, leave uncheck for Private Zones.
Join Domain Controller Enable to have Windows instances join a Domain Controller
Username Admin user for Domain Controller
Password Password for DC Username
DC Server (optional) Specify the URL or Path of the DC Server
OU Path (optional) Enter the OU Path for the connection string.
Permissions Configure Tenant permissions in Morpheus for the Domain (only applicable in Multi-tenant Morpheus setups)
Tenant Select the Tenant to set permissions to for the Domain.
Visibility
• Private: Only Accessible by the select Tenant
• Public: Available for use by all Tenants.
4. Save Changes
The Domain has been added and will be selectable in Domain dropdown during provisioning, and in Cloud and
Network settings.
Note: Only resources assigned to the Master Tenant can be set as Publicly visible. If the Tenant assigned is not the
master tenant, visibility will automatically change to private.
3.4. Network
69
Morpheus Documentation, Release 2.12.4
Editing and Removing Domains
• Domains can be edited by selecting the Actions dropdown for the Domain and selecting Edit.
• Added Domains can be removed from Morpheus by selecting the Actions dropdown for the Domain and selecting Remove.
Setting the default domain on a Cloud
1. Navigate to Infrastructure -> Clouds.
2. Edit the target Cloud.
3. Expand Advanced Options section.
4. In the Domain dropdown, select the Domain.
5. Save Changes
Setting the default domain on a Network
1. Navigate to Infrastructure -> Network.
2. Edit the target Network.
3. Expand Advanced Options section.
4. In the Domain dropdown, select the Domain.
5. Save Changes
Selecting a Domain while provisioning an instance
1. While creating an instance, in the Configure section, expand the DNS Options.
2. Select Domain from the Domain dropdown.
3.4.6 Proxies
Overview
In many situations , companies deploy virtual machines in proxy restricted environments for things such as PCI Compliance, or just general security. As a result of this Morpheus provides out of the box support for proxy connectivity.
Proxy authentication support is also provided with both Basic Authentication capabilities as well as NTLM for Windows Proxy environments. Morpheus is even able to configure virtual machines it provisions to utilize these proxies
by setting up the operating systems proxy settings directly (restricted to cloud-init based Linux platforms for now, but
can also be done on windows based platforms in a different manner).
To get started with Proxies, it may first be important to configure the Morpheus appliance itself to have access to proxy
communication for downloading service catalog images. To configure this, visit the Admin -> Settings page where a
section labeled “Proxy Settings” is located. Fill in the relevant connection info needed to utilize the proxy. It may also
be advised to ensure that the Linux environment’s http_proxy, https_proxy, and no_proxy are set appropriately.
70
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
Defining Proxies
Proxies can be used in a few different contexts and optionally scoped to specific networks with which one may be
provisioning into or on a cloud integration as a whole. To configure a Proxy for use by the provisioning engines within
Morpheus we must go to Infrastructure -> Networks -> Proxies. Here we can create records representing connection
information for various proxies. This includes the host ip address, proxy port, and any credentials (if necessary) needed
to utilize the proxy. Now that these proxies are defined we can use them in various contexts.
Cloud Communication
When morpheus needs to connect to various cloud APIs to issue provisioning commands or to sync in existing environments, we need to ensure that those api endpoints are accessible by the appliance. In some cases the appliance may
be behind a proxy when it comes to public cloud access like Azure and AWS. To configure the cloud integration to
utilize a proxy, when adding or editing a cloud there is a setting called “API Proxy” under “Advanced Options”. This
is where the proxy of choice can be selected to instruct the Provisioning engine how to communicate with the public
cloud. Simply adjust this setting and the cloud should start being able to receive/issue instructions.
Provisioning with Proxies
Proxy configurations can vary from operating system to operating system and in some cases it is necessary for these to
be configured in the templates as a prerequisite. In other cases it can also be configured automatically. Mostly with the
use of cloud-init (which all of our out of the box service catalog utilizes on all clouds). When editing/creating a cloud
there is a setting for “Provisioning Proxy” in “Provisioning Options”. If this proxy is set, Morpheus will automatically
apply these proxy settings to the guest operating system.
Overriding proxy settings can also be done on the Network record. Networks (or subnets) can be configured in
Infrastructure -> Networks or on the Networks tab of the relevant Cloud detail page. Here, a proxy can also be
assigned as well as additional options like the No Proxy rules for proxy exceptions.
Docker
When provisioning Docker based hosts within a Proxy environment it is up to the user to configure the docker hosts
proxy configuration manually. There are workflows that can be configured via the Automation engine to make this
automatic when creating docker based hosts. Please see documentation on Docker and proxies for specific information.
Proxy setups can vary widely from company to company, and it may be advised to contact support for help configuring
morpheus to work in the proxy environment.
3.4.7 Security Groups
Infrastructure -> Network - Security Groups
Overview
A security group acts as a virtual firewall that controls the traffic for one or more instances. When you launch an
instance, you associate one or more security groups with the instance. You add rules to each security group that allow
traffic to or from its associated instances. You can modify the rules for a security group at any time; the new rules are
automatically applied to all instances that are associated with the security group.
3.4. Network
71
Morpheus Documentation, Release 2.12.4
Important: The Host Level Firewall must be enabled for Security Groups to be applied. The Host Level Firewall
can be enabled in Administration -> Settings -> Host Level Firewall Enable/Disable
Add Security Group
1. Navigate to Infrastructure -> Network - Security Groups
2. Click the + Add Security Group button.
3. From the Security Group Wizard input a name, and description.
4. Save Changes
Add Security Group Rule
1. Navigate to Infrastructure -> Network - Security Groups
2. Click the name of the security group you wish to add a rule to.
3. From the security group page click the + Add Rule button.
4. From the Rule Wizard select the rule type and input source and depending on the type selected protocol and
input a port range.
5. Save Changes
Edit security group rule
1. Navigate to Infrastructure -> Network - Security Groups
2. Click the name of the security group you wish to edit a rule in.
3. Click the edit icon on the row of the security group rule you wish to edit.
4. Modify information as needed.
5. Save Changes
Delete security group rule
1. Navigate to Infrastructure -> Network - Security Groups
2. Click the name of the security group you wish to delete a rule from.
3. Click the delete icon on the row of the security group rule you wish to delete.
Add Cloud Security Group
To add Cloud security group
1. Navigate to Infrastructure -> Clouds
2. Click the name of the cloud to add an ACL.
3. Click the Security Groups tab.
4. Click the Edit Security Groups button.
72
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
5. Click the + (Add) button next to the Security Group(s) in the Available Security Groups list to add to Added
Security groups list.
6. Save Changes
Remove Cloud Security Group
1. Navigate to Infrastructure -> Clouds
2. Click the name of the cloud to remove the Security Group from.
3. Click the Security Groups tab.
4. Click the Edit Security Groups button.
5. Click the - (Minus) button of the Security Group from the Added Security groups list to remove.
6. Save Changes
3.5 Load Balancers
Infrastructure -> Load Balancers
3.5.1 Overview
Morpheus can provision VM or Container HaProxy Load Balancers, Amazon Elastic and Application Load Balancers,
Azure Load Balancers, and integrates with several external Load Balancers, including F5, A10, Citrix, and AVI.
Once created or integrated, Load Balancers are available as an option to be added during provision time or postprovisioning.
Once a Load Balancer is added to an instance, you can manually scale or configure auto-scaling based on thresholds
or schedules, and burst across clouds with cloud priority.
Note: HaProxy VM Load Balancer option, Load Balancer detail pages, Balance Mode, Sticky Mode and Shared VIP
address option are available in Morpheus 2.11.3+.
In the Load Balancers page there are two sections:
Load Balancers View or edit existing Load Balancers, add new Load Balancers.
Virtual Servers View and link to Instances that are attached to load balancers.
3.5.2 Load Balancers
The Load Balancers tab list currently available Load Balancers, which you can select, edit or delete, and is where you
can create new or integrate with external Load Balancers.
Select + LOAD BALANCER, chose an option, and fill in the required information:
A10 (aXAPI v3)
• API Host
• API Port
3.5. Load Balancers
73
Morpheus Documentation, Release 2.12.4
• Username
• Password
• Internal IP
• Public IP
• VIP Address
• VIP Port
Amazon ALB
• Scheme
• Internal
• Internet-Facing
• Amazon Subnets (Select + to add additional) * Specify the subnets to enable for your load balancer. You
can specify only one subnet per Availability Zone. You must specify subnets from at least two Availability
Zones to increase the availability of your load balancer.
• Amazon Security Groups (Select + to add additional)
AVI
• API Host
• API Port
• Username
• Password
• Internal IP
• Public IP
• VIP Address
• VIP Port
Azure Load Balancer
• Cloud
• Resource Group * Populated from cloud selection
Citrix NetScaler
• API Host
• API Port
• Username
• Password
F5 BigIP (v11.4+)
• API Host
• API Port
• Username
• Password
• Managment URL
74
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
F5 LineRate
• API Host
• API Port
• Username
• Password
• Internal IP
• Public IP
• VIP Address
• VIP Port
HaProxy Container (Internal, will create a HaProxy container, must have available docker host to provision to)
• Group
• Cloud
• Name
• Description
• Plan * Select the size of HaProxy container to be provisioned
Upon saving your new Load Balancer will be added to the Load Balancers list and available in the Load Balancer
dropdown in the Provisioning Wizard Automation Section for Instance Types that have scaling enabled.
In the main Load Balancer page, select an existing Load Balancer to go to that Load Balancers Details Page, which
lists Stats, Settings, Actions and Virtual Servers for that load balancer.
3.6 Storage
3.6.1 Overview
The default Storage path for Virtual Images, Backups, Deployment Archives, Archive Server, and Archived Snapshots
is var/opt/morpheus. Additional Storage providers can be added and mapped for these targets in the Infrastructure ->
Storage section. Adding Storage providers are also required for scenarios like AWS migrations.
3.6.2 Supported Storage Provider Types
• Local
• NFSv3
• CIFS (Samba Windows File Sharing)
• Amazon S3
• Azure
• Rackspace CDN
• OpenStack Swift
3.6. Storage
75
Morpheus Documentation, Release 2.12.4
3.6.3 To View Storage
1. Select the Infrastructure link in the navigation bar.
2. Select the Storage link in the sub navigation bar.
3.6.4 Add Storage Provider
To Add Storage Provider:
1. Select the Infrastructure link in the navigation bar.
2. Select the Storage link in the sub navigation bar.
3. Click the Add Storage Provider button.
4. From the New Storage Provider Wizard input the following:
Name Name of the storage provider.
Provider Type
• Local Storage * Storage Path
• NFSv3 * Host * Export Folder
• CIFS (Samba Windows File Sharing) * Host * Username * Password * Share Path
• Amazon S3 * Access Key * Secret Key * Bucket Name * Endpoint URL (Optional endpoint URL if
pointing to an object store other than amazon that mimics the Amazon S3 APIs.)
• Azure * Storage Account * Storage Key * Share Name
• Rackspace CDN * Username * API Key * Region * Bucket Name
• OpenStack Swift * Username * API Key * Region * Bucket Name * Identity URL
Targets
• Default Backup Target
– Update existing backups
• Archive Snapshots
• Default Deployment Archive Target
• Default Virtual Image Store
5. Click the Save Changes button to save.
Edit Storage Provider
To Edit Storage Provider:
1. Select the Infrastructure link in the navigation bar.
2. Select the Storage link in the sub navigation bar.
3. Click the Edit pencil icon on row of the Storage Provider to edit.
4. Edit required information.
5. Click the Save Changes button to save.
76
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
Delete Storage Provider
To Delete Storage Provider:
1. Select the Infrastructure link in the navigation bar.
2. Select the Storage link in the sub navigation bar.
3. Click the Delete icon on row of the Storage Provider to delete.
3.7 Key Pairs & Certificates
3.7.1 Key Pairs
The Key Pairs section enables the following actions: Add and Delete key pairs. Key Pairs are commonly used by
Morpheus for accessing instances via SSH. Morpheus stores key pairs to simplify administration and access across
both private and public clouds.
To navigate to the Key Pairs section:
1. Select the Infrastructure link in the navigation bar.
2. Select the Key Pairs link in the sub navigation bar.
3.7.2 Add Key Pair
To Add Key Pair:
1. Select the Infrastructure link in the navigation bar.
2. Select the Key Pairs link in the sub navigation bar.
3. Click the Add Key Pair button.
4. From the Add Key Pair Wizard input the following:
• Name
• Public Key
• Private Key
Note: Certain features do not require storage of the private key.
3.7.3 Delete Key Pair
To Delete Key Pair:
1. Select the Infrastructure link in the navigation bar.
2. Select the Key Pairs link in the sub navigation bar.
3. Click the Delete icon on the row of the Key Pair to delete.
3.7. Key Pairs & Certificates
77
Morpheus Documentation, Release 2.12.4
3.8 PXE Boot
3.8.1 Overview
Morpheus includes a built in PXE Server to enable easy and rapid bare metal provisioning. Simply map your TFTP
server port to the Morpheus server port 6969 and you are ready to PXE boot from the provided images and answer
files, or add your own to bring up Bare metal Hosts with ease.
3.8.2 Prerequisites
Your network must be configured for PXE boot, and the TFTP server port need to mapped to the Morpheus TFT server
port, UDP 6969.
• Network configured for network boot
• Router UDP 69 mapped to {morpheus} server UDP port 6969
• Router TFT Server set to {morpheus} server IP or resolvable Hostname.
• Mac or IP addresses of PXE target mapped in {morpheus} Infrastructure -> Boot - Mapping
• Target host configured for Network boot in BIOS
Note: The {morpheus} PXE port is set in opt/morpheus/conf/application.yml
3.8.3 Mapping
Add Mapping
1. Select the Mapping tab then click the Add Mapping button.
2. From the New Mapping Wizard input the following information:
Match Pattern Mac address separated by ‘:’ or an ip address filter
Description(optional) Description of the new mapping.
Active Flag to denote the mapping as active or disabled.
Operating System List of operating systems for the mapping.
Boot Image Lists available PXE boot images.
Answer File Lists available answer files.
Cloud Lists the available clouds.
Server Mode List of server modes:: unmanaged, Managed, Bare metal host, Container host, VM host, and
Container & VM host.
3. Save
Once the mapping is added, and the target host is powered on, the {morpheus} PXE menu will load and PXE boot will
start.
78
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
Edit Mapping
1. Click the edit icon on the row of the mapping you wish to edit.
2. Modify information as needed.
3. Click the Save Changes button to save.
Delete Mapping
1. Click the delete icon on the row of the mapping you wish to delete.
3.8.4 Answer Files
Answer files are like lists of answers for questions that you know the setup program is going to ask but the user is not
prepared to answer. They contain one or more sections, and each section contains one or more properties in the form
name=value. Morpheus provides Answer Files for ESXi, CentOS, Ubuntu and XenServer, and user can add their own.
Add Answer Files
1. Click the Infrastructure link in the navigation bar.
2. Click the Boot link in the sub navigation bar
3. Select the Answer Files tab then click the Add Answer File button.
4. From the New Answer File Wizard input the following information
Name Name of the answer file.
Description(optional) Description of the new answer file.
Active Flag to denote the mapping as active or disabled.
Script Name Name of the new answer file.
Script Version Version of the new answer file.
Script The script for the new answer file.
5. Save
Edit Answer File
1. Click the Infrastructure link in the navigation bar.
2. Click the Boot link in the sub navigation bar
3. Select the Answer Files tab
4. Click the edit icon on the row of the answer file you wish to edit.
5. Modify information as needed.
6. Save Changes
3.8. PXE Boot
79
Morpheus Documentation, Release 2.12.4
Delete Answer File
1. Click the Infrastructure link in the navigation bar.
2. Click the Boot link in the sub navigation bar
3. Select the Answer Files tab.
4. Click the delete icon on the row of the answer file you wish to delete.
3.8.5 Images
Morpheus provides Images for ESXi, CentOS, Ubuntu and XenServer, and user can add their own Images.
Add Images
1. Click the Infrastructure link in the navigation bar.
2. Click the Boot link in the sub navigation bar
3. Select the Images tab then click the Add Image button.
4. From the Upload Virtual Image Wizard input the following information
Name Name of the Image.
Operating System List of available operating systems.
Storage Provider List of available storage providers.
Image Path Path of the image.
Visibility Private or Public
Account List of accounts to allow permission to this image.
5. Save Changes
Edit Image
1. Click the Infrastructure link in the navigation bar.
2. Click the Boot link in the sub navigation bar
3. Select the Images tab
4. Click the actions drop down and select edit.
5. Modify information as needed.
6. Click the Save Changes button to save.
Convert Image
1. Click the Infrastructure link in the navigation bar.
2. Click the Boot link in the sub navigation bar.
3. Select the Images tab
4. Click the Actions drop and select Convert.
80
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
Download Image
1. Click the Infrastructure link in the navigation bar.
2. Click the Boot link in the sub navigation bar.
3. Select the Images tab
4. Click the Actions drop and select Download.
Remove Image
1. Click the Infrastructure link in the navigation bar.
2. Click the Boot link in the sub navigation bar.
3. Select the Image tab.
4. Click the Actions drop and select Remove.
3.9 Policies
3.9.1 Overview
Policies are new feature that add more governance, ease of use, cost-saving and auditing features to Morpheus .
Policies can be created in the Policies tabs in Groups and Clouds. Policy generation is also a role permission.
Policies apply towards any instance provisioned into a group or cloud with active policies. Cloud policies will override
matching or conflicting group policies during provisioning.
3.9.2 Policy types
Available Policy types include:
• Approval
• Expiration
• Shutdown
• Host Name
• Hostname
• Instance Name
• Max Containers
• Max Cores
• Max Hosts
• Max Memory
• Max Storage
• Max VMs
3.9. Policies
81
Morpheus Documentation, Release 2.12.4
3.9.3 Creating Policies
Policies can be created, edited, and set to active or inactive in the a group or cloud detail pane under the Policies tab.
Group Policies tab:
Cloud Policies Tab:
82
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
To create a new policy, select ADD POLICY and choose from the available policy types:
3.9. Policies
83
Morpheus Documentation, Release 2.12.4
Expiration Policies
Expiration policies set an expiration timeframe for any instance provisioned into the cloud or group the policy is added
to. When an instance expires, it is terminated and deleted.
Configuration options for expiration policies:
EXPIRATION TYPE
• User Configurable - expiration timeframe is editable during provisioning
• Fixed Expiration - user cannot change expiration timeframe
EXPIRATION DAYS Configures the number of days the instance is allowed to exist before being removed.
RENEWAL DAYS If the instance is renewed, this is the number of day increments the expiration date is increased
by.
NOTIFICATION DAYS This allows an email notice to be sent out x days before the instance is going to expire.
NOTIFICATION MESSAGE Customizable message for notification email. Default message is “Instance ${instance?.name} is set to expire on ${instance?.expireDate}”
AUTO APPROVE EXTENSIONS Enable this to auto-approve extension requests. Please note approval workflows
will be available in upcoming Morpheus release.
84
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
3.9. Policies
85
Morpheus Documentation, Release 2.12.4
Instances with expirations show the time until expiration in the instance detail pane. Instances with active expiration
policies can be extended by selecting the EXTEND NOW button in the instance detail pane. The extension length is
set in the policy by the RENEWAL DAYS field.
Expirations can also be added to any instance during provisioning by entering the number of days in the EXPIRATION
DAYS field in the Lifecycle section of the automation section of the provisioning wizard. Expiration can be added to
any instance even if no policies have been created.
Naming Policies
Naming Policies will populate a fixed or editable name for instances, hosts and hostnames. The Name Pattern field
uses ${variable} string interpolation.
Available Variables for naming patterns are:
${groupName}
${groupCode}
86
Chapter 3. Infrastructure
Morpheus Documentation, Release 2.12.4
${cloudName}
${cloudCode}
${type}
${accountID}
${account}
${accountType}
${platform}
${userID}
${userName}
${userInitials}
${provisionType}
${sequence}
And example for an instance name policy using a naming pattern with users initials, cloud code, instance type, and
adds a sequential number starting at 100 is:
${userInitials}-${cloudCode}-${type}-${sequence+100}
Naming policies can be configure to be user configurable or static, and to auto-resolve naming conflicts.
Hint:
${sequence} can be modified to start at a higher number by adding the starting value, such as
${sequence+1000} to being at 1000, and the amount of digit´s in the sequence can specified with ${sequence.
toString().padLeft(5,'0')} for a sequence starting at 0001, for example.
3.9. Policies
87
Morpheus Documentation, Release 2.12.4
88
Chapter 3. Infrastructure
CHAPTER
4
Administration
There are several administrative integrations built into Morpheus that make it great to work with within any organization ranging from small to large. Especially, with its built in white label support and multitenancy capabilities,
managed service providers have a wide range of capabilities when it comes to managing customer accounts and users.
4.1 Tenants
4.1.1 Overview
The Tenants page displays a list of all Tenants. This page enables users to Create, Edit, and Delete Tenants. The list
of Tenants displays the Tenant Name, Role, Total Instances, Total Users, and the Created Date.
Click the Tenant Name to drill into the Tenant View where you can again Edit, Delete, as well as Create Users, Edit
Users, and Delete Users users belonging to the Tenant.
4.1.2 Create Tenants
To create Tenants
1. Select the Administration link in the navigation bar.
2. Select the Tenants link in the sub navigation bar.
3. Click the Create Tenant button.
4. From the New Tenant wizard input:
• Name
• Description (optional)
• Base Role Primary role of the Tenant. All User roles within the Tenant cannot exceed the permission of
this Role.
• Limits Restricts the amount of Storage and Memory allocated to the Tenant
89
Morpheus Documentation, Release 2.12.4
5. Click the Save Changes button.
4.1.3 Edit Tenant
To edit a Tenant:
1. Select the Administration link in the navigation bar.
2. Select the Tenants link in the sub navigation bar.
3. Click the Edit pencil icon on the row of the Tenant to edit.
4. Edit the Edit Tenant settings.
4.1.4 Delete Tenant
To delete a Tenant:
1. Select the Administration link in the navigation bar.
2. Select the Tenants link in the sub navigation bar.
3. Click the Delete trashcan icon on the row of the Tenant to delete.
4. Confirm
4.1.5 Tenant Users
The Tenant View displays a list of users belonging to the Tenant and their Name, Username, Email, and Role.
From this page: Create, Edit, and Delete users within the Tenant.
Create Tenant User
To create a Tenant User:
1. Select the Administration link in the navigation bar.
2. Select the Tenants link in the sub navigation bar.
3. Click the Tenant Name on the row of the Tenant where the user will be added.
4. Click the Create User button.
5. From the New User wizard input the fields below
• First Name of the user being created
• Last Name of the user being created
• Username used to login
• Email address of the new user
• Role to be inherited by the user
• Password
• Limits
– Restricts the amount of Storage and Memory the user can provision.
90
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
• Save Changes.
Edit a Tenant User
To edit a User:
1. Select the Administration link in the navigation bar.
2. Select the Tenants link in the sub navigation bar.
3. Click the Tenant Name on the row of the Tenant containing the user to be edited.
4. Click the Edit pencil icon of the row of the to edit.
5. Edit User information
Note: Name, Username, Passwords and e-mail addresses cannot be edited on Users created from Identity
Source Integrations.
6. Save Changes.
Delete Tenant User
To delete a Tenant User
1. Select the Administration link in the navigation bar.
2. Select the Tenants link in the sub navigation bar.
3. Click the Tenant Name on the row of the Tenant containing the user.
4. Click the Delete trashcan icon of the row of the user to delete.
5. Confirm
4.1.6 Configuring Tenants and Resources for Multi-Tenancy
A very common scenario for Managed Service Providers is the need to provide access to resources on a customer by
customer basis. Several administrative features are available in Morpheus to ensure customer resources are properly
scoped and isolated. With its built multi-tenancy capabilities and white label support, managed service providers have
a wide range of capabilities when it comes to managing customer Tenants and users.
Tenants
There are essentially two types of Tenants in Morpheus
• Master Tenant
• Sub Tenants
During the initial setup of a Morpheus Appliance, the Master Tenant is created. All Tenants created in addition to
this Master Tenant are sub-Tenants. There can only be one Master Tenant, and sub-Tenants cannot become the Master
Tenant. The delineation between the Master Tenant and sub-Tenants is important to understand for properly scoping
resources across Tenants.
4.1. Tenants
91
Morpheus Documentation, Release 2.12.4
Creating Tenants
The Master Tenant is created during the initial appliance setup. Additional sub-Tenants can be created in the Administration -> Tenants section.
The Tenants page displays a list of all Tenants. This page enables users to: Create, Edit, and Delete Tenants. The list
of Tenants displays the Tenant Name, Role, Total Instances, Total Users, and the Created Date. Click the Tenant Name
to drill into the Tenant View where you can again Edit, Delete, as well as Create Users, Edit Users, and Delete Users
users belonging to the Tenant.
Note: At least one Tenant in addition to the Master Tenant is required to scope resources across Tenants.
To create a new sub-Tenant
1. Select the Administration link in the navigation bar.
2. Select the Tenants link in the sub navigation bar.
3. lick the Create Tenant button.
4. From the New Tenant wizard input * Name * Description(optional) * Base Role- Primary role of the Tenant.
All roles created within the Tenant must inherit this role as the base role. * Currency (for pricing) * LimitsThese restrict the amount of Storage, Memory, and CPUs that can be collectively provisioned by all users in the
Tenant. The default is 0 for these limits, which means no limits will be applied.
5. Click the Save Changes button.
Viewing Tenants
To View an individual Tenant page, select the Tenant name from the main Tenants section.
92
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
From inside this Tenant view, the Tenant settings can be edited, existing users can be viewed or edited, and new users
for this Tenant can be created.
Tenant Users
To create a new user for an Tenant (Note: Users are specific to each Tenant. Users created in the Master Tenant or
other sub-Tenants will only have access to the Tenant they are created in.)*
. Click the CREATE USER button . From the New User wizard input the fields below. * First Name of the user being
created * Last Name of the user being created * Username used to login * Email address of the new user * Role to be
inherited by the user * Password * Storage, Memory and CPU limits for this specific user, if any (0 is no limit)
. Click Save Changes.
4.1. Tenants
93
Morpheus Documentation, Release 2.12.4
Impersonate Tenant User
“Impersonate User” enables administrators to login as sub-Tenant users directly from the master Tenant.
To impersonate a user, you must be logged in as a user with the “Impersonate User” feature enabled in assigned role.
Navigate to Tenants, select an Tenant, and in the specific user ACTIONS drop down, select “Impersonate”
This will log you in as that user in their respective Tenant. To log out of the impersonate users Tenant, select the
username in the top right, and then select “Quit Impersonating”
94
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
Resources
In the Master Tenant, resources can be configured with private or public visibility:
• Private Visibility: Only available to the assigned Tenant.
• Public Visibility (master Tenant only): Available across all Tenants
Resources in the Master Tenant can also be assigned directly to sub-Tenants. When a resource is assigned to a subTenant, it is only available for that sub-Tenant, and its visibility is automatically set to private. Public Visibility is not
an option for any resource assigned to or created in a sub-Tenant.
From the master Tenant, the following resources can be configured for public visibility across all Tenants, or assigned
to individual sub-Tenants
• Clouds
• Hosts
• Virtual Machines
• Networks
• Datastores
• Resource Pools
• Folders
• Virtual Images
• Library Instance Types
• Pricing
• Policies
• Workflows
• Roles
Note: Virtual Image Templates can also be made available to multiple select Tenants when set to private.
Cloud Visibility & Assignment
Edit Visibility of a Cloud
To set the Visibility of cloud to Public (shared across all Tenants) or Private (only available to the assigned Tenant):
1. Navigate to Infrastructure, Clouds
2. Select either the pencil/edit icon on the far right of the cloud row, or click the name of the cloud and select
“Edit” in the top right of the cloud page.
4.1. Tenants
95
Morpheus Documentation, Release 2.12.4
3. From the “Visibility” drop down, select either “Public” or “Private”
4. Select “Save Changes” in the lower right of the Edit Cloud modal.
When a cloud is set to Public visibility, it is available to be added to sub Tenants. All sub-Tenants created after a
master Tenant cloud is set to public will automatically have clouds with public visibility added, and a group will be
created for each available cloud matching the cloud name in the new sub Tenant(s).
For Tenants created prior to a Master Tenant cloud being set to public visibility, the sub Tenant will have the option to
add that cloud but it will not automatically be added.
While the cloud will be available for Sub-Tenants, the resources available in that cloud to the sub-Tenant(s) depends
on the visibility or assignment of the individual resources.
Note: A sub-Tenant user must have sufficient role permissions/cloud access to add publicly available clouds. Master
Tenant clouds settings cannot be edited from sub Tenants.
Assign a Cloud to an Tenant
Important: When assigning a Cloud to an Tenant, all resources for that Cloud will only be available to the assigned
Tenant. If a cloud is created in the Master Tenant and assigned to a sub-Tenant, it will no longer be available for use
by the Master Tenant or any other sub-Tenants, although it can be assigned back to the Master Tenant, or to another
sub-Tenant.
96
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
It may be preferable for service providers to share or assign their cloud resources, such as specific hosts, networks,
resources pools and datastores, across sub-Tenants, rather than an entire cloud.
To assign a cloud from the Master Tenant to a Sub-Tenant
1. Navigate to Infrastructure, Clouds
2. Select either the pencil/edit icon on the far right of the cloud row, or click the name of the cloud and select
“Edit” in the top right of the cloud page.
3. From the “Tenant” drop down, select the Tenant to assign the cloud to. The visibility will automatically be set
to “Private” when a cloud is assigned to a sub-Tenant.
4. Select “Save Changes” in the lower right of the Edit Cloud modal.
When a cloud is assigned to a sub-Tenant, or assigned to the Master Tenant with private visibility, that cloud and all
of its resources are only available to the assigned Tenant. The Master Tenant still maintains control and visibility, and
can edit the cloud settings or re-assign the cloud.
Individual Resource Visibility & Assignment
Similar to clouds, individual resources from the Master Tenant can be set to public and available to sub-Tenants, or
assigned to sub-Tenants.
By default, any host, virtual machine, bare metal server, network, resource pool, datastore or template added, created
or inventoried by an Tenant is assigned to that Tenant. If these resources are in the Master Tenant, they can be assigned
to sub Tenants. Assigning one of these resources will make it unavailable to the Master Tenant, but it will still be
4.1. Tenants
97
Morpheus Documentation, Release 2.12.4
visible and editable by the Master Tenant. This allows Master Tenant resources to be isolated for use by sub-Tenants
while still under the control of the Master Tenant.
Resources assigned to sub-Tenants from the Master Tenant will be visible and available for use by that sub-Tenant,
however they cannot be edited or re-assigned by the sub-tenant.
Set the Visibility of a Host, Virtual Machine or Bare metal Server to Public or Private
1. From the Master Tenant, navigate to Infrastructure, Hosts
2. Select either the Hosts, Virtual Machines or Bare Metal tab
3. Click the name of the resource
4. Select “Edit” in the top right of the resource page to bring up the config modal.
5. From the “Visibility” drop down, select either “Public” or “Private”
6. Select “Save Changes” in the lower right of the modal
Assigning a Host, Virtual Machine, or Bare Metal server to an Tenant
1. From the Master Tenant, navigate to Infrastructure, Hosts
2. Select either the Hosts, Virtual Machines or Bare Metal tab
3. Click the name of the resource
4. From the “Actions” dropdown in the top right of the resource page, select Assign Tenant
5. In the Assign Tenant modal, select the Tenant to assign the resource to.
6. Select “Execute” in the lower right of the modal
98
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
The resource will now be assigned and available for use by the assigned Tenant. If assigned to a sub-Tenant, the
Master Tenant will maintain visibility and control.
Set the Visibility of a Network to Public or Private
1. From the Master Tenant, navigate to Infrastructure, Network
2. Select either the pencil/edit icon on the far right of the network row, or click the name of the network and select
“Edit” in the top right of the network page.
3. From the “Visibility” drop down, select either “Public” or “Private”
4. Select “Save Changes” in the lower right of the modal
4.1. Tenants
99
Morpheus Documentation, Release 2.12.4
Assign a Network to an Tenant
1. From the Master Tenant, navigate to Infrastructure, Network
2. Select either the pencil/edit icon on the far right of the network row, or click the name of the network and select
“Edit” in the top right of the network page.
3. From the “Tenant” drop down, select an Tenant to assign the network to.
4. Select “Save Changes” in the lower right of the modal
100
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
The Network will now be assigned and available for use by the assigned Tenant. If assigned to a sub-Tenant, the
Master Tenant will maintain visibility and control.
Set the Visibility or assign a datastore to an Tenant
1. From the Master Tenant, navigate to Infrastructure, Storage
2. Select the “Data Stores” tab
3. Select Edit from the “Actions” dropdown on the far right of the datastores row
4. From the “Visibility” drop down, select either “Public” or “Private”
5. From the “Tenant” drop down, select the Tenant to assign the datastore to.
Note: If assigned to a sub-tenant, the visibility will be automatically set to private.
6. Select “Save Changes” in the lower right of the modal
4.1. Tenants
101
Morpheus Documentation, Release 2.12.4
Set the Visibility or assign a Virtual Image to an Tenant
1. From the Master Tenant, navigate to Provisioning, Virtual Images
2. Select Edit from the “Actions” dropdown on the far right of the Virtual Images row
3. From the “Visibility” drop down, select either “Public” or “Private”. Public will share the
4. From the “Tenant” field, start typing the name of the Tenant to assign the Virtual Image to. Matching Tenants
will populate, then select the Tenant to add.
Note: Virtual Images can be set to Private, but accessible to more that one Tenant
#. Repeat step 4 for all Tenants requiring access to the virtual image. .. To remove access for an Tenant, click the “x”
next to the Tenant name #. Select “Save Changes” in the lower right of the modal
102
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
The Virtual Image will now be available for use by the assigned Tenants.
4.2 Identity Sources
4.2.1 Overview
There are several built in single sign-on integrations included with Morpheus . These can be configured via the
Identity Sources button in Admin -> Accounts. These integrations include linking capabilities with
LDAP, Active Directory, Okta, and Jump Cloud. One can even map these sign on tools to equivalent roles in Morpheus
so at first log in users are assigned the appropriate role.
image::administration/identity_sources.png[caption=”Figure 1: “, title=”Identity Source Management Integrations”,
alt=”Identity Source Management Integrations”]
4.3 Plans & Pricing
4.3.1 Overview
The Plans & Pricing page displays a list of all of your available service plans. From the service plans page you will be
able to Create, Edit, and Delete service plans, as well as review basic plan details. The list of plans displayed on this
page displays planName, Description, Instances Layout, Memory, Storage, and Cost, as well as an action column to
edit and delete. A default set of Service Plans are created in Morpheus . They provide a means to set predefined tiers
on memory, storage, cores, and cpu. Price tables can also be applied to these so estimated cost per virtual machine can
be tracked as well as pricing for customers.
4.2. Identity Sources
103
Morpheus Documentation, Release 2.12.4
4.3.2 Create Service Plan
To create service plan
1. Select the Administration link in the navigation bar.
2. Select the Plans & Pricing link in the sub navigation bar.
3. Click the Create Service Plan button.
4. From the New Service Plan wizard, input:
• Name
• Code used as a unique identifier in the API and CLI.
• Storage size in megabytes.
• Memory size in megabytes.
• Cost is internal cost of plan.
• Price is what the service offering will be priced at.
• Instance Types that will be associated with this plan.
• Click the Save Changes button to save.
4.3.3 Edit Service Plan
By default, these options are fixed sizes but can be configured for dynamic sizing. A service plan can be configured to
allow a custom user entry for memory, storage, or cpu. To configure this, simply edit an existing Service Plan. These
all can be easily managed from the Admin -> Service Plans section.
To edit service plan:
1. Select the Administration link in the navigation bar.
2. Select the Plans & Pricing link in the sub navigation bar.
3. Click the Edit pencil icon on the row of the plan to edit.
4. Edit the following Edit Service Plan.
5. Click the Save Changes button to save.
4.3.4 Delete Service Plan
To delete service plan
1. Select the Administration link in the navigation bar.
2. Select the Plans & Pricing link in the sub navigation bar.
3. Click the Delete trashcan icon on the row of the# plan to delete.
4. Confirm
104
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
4.4 Roles
4.4.1 Role Management Overview
Within Morpheus is a wide array of role based access control capabilities. These roles can be managed within the
Admin -> Roles section of the morpheus UI as well as through the API or CLI. They are designed to be robust enough
to fit within a wide array of enterprise and managed service provider scenarios so they can be a bit hard to grasp at
first, but should make sense once a few simple concepts are explained. There are two types of roles within Morpheus
called Tenant and User based roles. Both sets of roles allow restrictions to be imposed on a user at the feature access
level. Entire sections within the appliance UI can be hidden based on the specified access levels for features within
morpheus. Features have different access scopes that can be selected from and can range depending on the specific
feature. The most common scope set involves none, read, and full. Instance Type access is also common among both
role types which allow the administrator to restrict which service catalog items they are allowed to provision within
Morpheus .
There are several handy tricks for creating new roles within morpheus and users can be assigned more than one role.
When a user is assigned more than one role, permissions are granted by the role with the highest level of scope
access. This allows roles to be built with small subsets of features and combined to grant different individuals relevant
permission control.
Note: Feature access control not only applies to the Morpheus UI but also applies to the public developer API. It is
sometimes necessary to logout and back in for changes to a users feature access level to be respected.
4.4.2 Role Types
Tenant Roles
A Tenant based role (formerly called an Account based role) is used to ensure access control enforcement across an
entire tenant with many sub-users. This allows the subtenant to manage their own set of internal user based roles
without worrying master tenant involvement in setting them up. The master tenant is the only tenant able to create and
manage these types of roles. When editing a Tenant, a singular tenant role can be assigned to the account. Users within
the tenant can be assigned roles but those user based roles will never be able to supersede the level of access granted
by the tenant role. This allows a super administrator the ability to restrict access at the department or organization
level without having to worry about per user access control within said tenant.
Tenant roles also have an additional section not in User based roles related to Cloud Access. Cloud Access allows
the master tenant the ability to assign cloud integration resources to specific subtenants or groups of subtenants. An
example would be granting access to a specific VMware cluster only to a subset of tenants using the tenant based role
control.
User Roles
User roles can be created by any tenant given permission at the tenant role level. These allow tenants to manage their
own sets of users and their levels of access. They also allow tenants to control which users have access to specific
“Groups” for provisioning into within morpheus. Groups are not cross tenant and therefore need to be controlled
within the individual tenant in Morpheus .
Master tenants are able to create a special type of user role called a multi-tenant user role. A multi-tenant user role
is copied / duplicated down to all subtenants within morpheus. These can be viewed as pre-canned role templates
available to new tenants when their account is first created. Any changes made to the main role are propagated down
to the subtenants version of the shared role so long as the subtenant has not previously adjusted/changed that role. The
4.4. Roles
105
Morpheus Documentation, Release 2.12.4
moment a subtenant makes adjustments to the shared role within their account, it is unlinked from the parent role and
treated entirely independently.
Another note about user roles is that when a user role is copied down to a subtenant, the permission scopes cannot
supersede the tenants assigned tenant role. If they do they are automatically downgraded when propagated to the
specific tenant. Any changes made to the tenant role will automatically ensure roles within the tenant are downgraded
appropriately.
4.4.3 Roles and Identity Sources
It is very common for large enterprises to have an existing identity source that they would like to plugin to morpheus
for authentication. This includes services like LDAP, Active Directory, OKTA, Jump Cloud, One Login, and SAML.
When using these services it becomes important to configure a role mapping between the morpheus role assignments
to the equivalent identity source groups/roles the user belongs to. This is configurable within the identity source
management UI. Sections are provided allowing things like LDAP groups to be directly mapped to specific roles
within morpheus. If a user matches more than one LDAP/role group then both sets of roles are applied to the user
automatically. Configuring Identity Sources is done in Tenant management found in Admin -> Tenants, and has to be
configured on a per tenant basis.
4.4.4 Resource Limits
While it is possible to restrict usages by roles assigned to a tenant or role with max memory utilizations and max
storage utilizations, it is preferred to now control this at the Policy level within a group or cloud. Morpheus provides
a large swatch of policy types that can be assigned globally or to specific tenants both globally, and per cloud/group
entity.
4.4.5 Users
Overview
The Users page displays a list of all users. From the users page: Create, Edit, and Delete users. The list of users
displayed on this page displays Account, Name, Username, Email, and Role.
Note: User data from Users created via an Identity Source Integration is not editable in Morpheus .
Create User
To create a User:
1. Select the Administration link in the navigation bar.
2. Select the Users link in the sub navigation bar.
3. Click the Create User button.
4. From the New User Wizard input
• First Name
• Last Name
• Username used to login.
106
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
• Email address of the new user.
• Role to be inherited by the user.
• Password
• Storage size set in megabytes. (0.0 is unlimited, this is the amount of storage a role can provision.)
• Memory size set in megabytes. (0.0 is unlimited, this is the amount of memory a role can provision.)
5. Click the Save Changes button.
Edit User
To edit a User:
1. Select the Administration link in the navigation bar.
2. Select the Users link in the sub navigation bar.
3. Click the Edit pencil icon on the row of the user to edit.
4. From the User Wizard input:
• First Name
• Last Name
• Username used to login.
• Email address of the new user.
• Role to be inherited by the user.
• Password
• Storage size set in megabytes. (0.0 is unlimited, this is the amount of storage a role can provision.)
• Memory size set in megabytes. (0.0 is unlimited, this is the amount of memory a role can provision.)
5. Click the Save Changes button.
Delete User
To delete a User:
1. Select the Administration link in the navigation bar.
2. Select the Users link in the sub navigation bar.
3. Click the Delete trashcan icon on the row of the user to delete.
4. Confirm
4.5 Integrations
Administration -> Integrations
4.5. Integrations
107
Morpheus Documentation, Release 2.12.4
4.5.1 Ansible
Overview
Morpheus appliance supports Ansible integration for configuration management. Morpheus accomplishes this by
integrating with an existing repository of playbooks as the master in a master-slave Ansible architecture.
To get started the only requirement is an existing repository for playbooks in a very simple structure.
Add Ansible Integration
1. Navigate to Administration -> Integrations and select + New Integration
2. Select Integration Type “Ansible”
3. Populate the following fields:
• Name: Name of the Ansible Integration in Morpheus
• Enabled: Enabled by default Ansible Git URL:: https or git url format of the Ansible Git repo to use
• Keypair: For private Git repos, a keypair must be added to Morpheus and the public key added to the git
account.
• Playbooks Path: Path of the Playbooks relative to the Git url.
• Roles Path: Path of the Roles relative to the Git url.
• Group Variable Path: Path of the Group Variables relative to the Git url.
• Host Variables Path: Path of the Host Variables relative to the Git url.
4. Save Changes
Once you have completed this section and saved your changes you can set up a Cloud or Group to utilize this integration.
Scope Ansible Integration to a Cloud
1. Navigate to Infrastructure -> Clouds
2. Edit the target Cloud
3. Expand the Advanced Options section
4. In the Config Managment dropdown, select the Ansible Integration.
5. Save Changes
Once an Ansible integration is added to a Cloud, a new “ANSIBLE” tab will appear on the Cloud details page,
populated with the Ansible integrations Playbook and Roles, as well as an editable Inventory list.
Scope Ansible Integration to a Group
1. Navigate to Infrastructure -> Groups
2. Edit the target Group
3. Expand the Advanced Options section
4. In the Config Managment dropdown, select the Ansible Integration.
108
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
5. Save Changes
Once an Ansible integration is added to a Group, a new “ANSIBLE” tab will appear on the Group details page,
populated with the Ansible integrations Playbook and Roles, as well as an editable Inventory list.
Provisioning Options
When provisioning Instances into a Cloud or Group with a Ansible Integration added, an Ansible section will appear
in the Config section of the provisioning wizard. By default, Ansible is enabled, but can be disabled by expanding the
Ansible section and unchecking Enable Ansible.
Ansible Integration Provisioning options:
Enable Ansible Select to bootstrap
Ansible Group Ansible Inventory Group. Use existing group or enter a new group name to create a new group.
Leaving this field blank will place instance in the “unassigned” inventory group.
Playbook Playbook(s) to run. The .yml extension is optional.
Running Playbooks
Playbooks can also be ran on all inventory groups, individual groups, or added as a task and ran with workflows.
To run ansible on all or a single inventory group, in the Ansible tab of the Morpheus Group page, select the Actions
dropdown and click Run.
In the Run Ansible modal, you can then select all or an individual group, and then all or a single Playbook, as well as
add custom tags.
Playbook’s can also be added as tasks to workflows in the Provisioning -> Automation section, and then selected in
the Automation pane during provisioning of new instances, when creating app templates, or ran on existing instances
using the Actions -> Run Workflow on the Instance or Host pages.
4.5.2 Chef
Overview
Morpheus can integrate with one or multiple chef servers to be used for bootstrapping wile provisioning or as tasks
in workflows in the Automation section. These workflows can then be ran during provisioning in the provisioning
wizard Automation pane, or on an exiting instance by selecting Actions- Run Workflow. Workflows can also be added
to instances in the template and app sections.
Add Chef Integration
1. Navigate to Administration -> Integrations and select + New Integration
2. Select Integration Type “Chef”
3. Populate the following fields:
• Name: Name of the Chef Integration in Morpheus
• Chef Endpoint: url of chef server api endpoint in https://api.example.com format. Do not add /organization/xxxx here, which is populated in the Chef Organization field
• Chef Version: 12.3.0 by default, can be changed to use a different/more recent version of chef
4.5. Integrations
109
Morpheus Documentation, Release 2.12.4
• Chef Organization: Chef Server Organization
• Chef User: Chef Server User
• User Private Key: The private key of the user with access to this chef server
• Organization Validator: Validator key for the organization
4. Save Changes
The added Chef Integration is now available for use in Morpheus . The Chef Integration can be added to Clouds
or Groups to auto-bootstrap nodes and specify Environment, Node ID, Runlist, Attributes and Tags when creating
instances. The Chef integration can also be selected in the Chef Server dropdown when creating a Chef Bootstrap type
task.
Scope Chef Integration to a Cloud
1. Navigate to Infrastructure -> Clouds
2. Edit the target Cloud
3. Expand the Advanced Options section
4. In the Config Managment dropdown, select the Chef Integration.
5. Save Changes
Scope Chef Integration to a Group
1. Navigate to Infrastructure -> Groups
2. Edit the target Group
3. Expand the Advanced Options section
4. In the Config Managment dropdown, select the Chef Integration.
5. Save Changes
Provisioning Options
When provisioning Instances into a Cloud or Group with a Chef Integration added, a Chef section will appear in the
Config section of the provisioning wizard. By default, Chef is enabled, but can be disabled by expanding the Chef
section and unchecking Enable Chef.
Chef Integration Provisioning options:
Enable Chef Select to bootstrap
Chef Environment Populate Chef environment, or leave as _default
Chef Node ID Defaults to instance name, configurable.
Chef Runlist Add Runlist
CHEF ATTRIBUTES Add Chef Attributes
CHEF TAGS Add Chef tags
110
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
4.5.3 Consul
Morpheus can integrate with Consul to automatically install the Consul Agent in Client Mode on Instances and configure communication with the Consul host.
Add Consul Integration
1. Navigate to Administration -> Integrations and select + New Integration
2. Select Integration Type Consul Service Registry
3. Populate the following fields:
Name Name of the Consul Integration in Morpheus
Enabled Enabled by default
Consul Host IP or Url of the Consul Host
Consul Http Port Http port of the Consul Host
Username Consul Host User
Password Consul Host User Password
Datacenter ID Validator key for the organization
4. Save Changes
The added Consul Integration is now available for use in Morpheus , but must be scoped to a Cloud or Group to
automatically install the Consul Agent while provisioning.
Scope Consul Integration to a Cloud
1. Navigate to Infrastructure -> Clouds
2. Edit the target Cloud
3. Expand the Advanced Options section
4. In the Service Registry dropdown, select the Consul Integration.
5. Save Changes
Scope Consul Integration to a Group
1. Navigate to Infrastructure -> Groups
2. Edit the target Group
3. Expand the Advanced Options section
4. In the Service Registry dropdown, select the Consul Integration.
5. Save Changes
And that’s it. After your integration is set up, all containers deployed within the Group or Cloud integrated will
provision with the Consul Agent in Client Mode, gossiping to your Consul Server!
4.5. Integrations
111
Morpheus Documentation, Release 2.12.4
4.5.4 Docker Registry
Overview
Without any additional configuration Morpheus can provision images from Docker’s public hub at https://hub.docker.
com/ using their public api at https://index.docker.io/v1/
However, many organizations maintain private Docker registries for security measures. Additional public and private
Docker registries can be added to Morpheus.
Adding a Docker Registry Integration
1. Navigate to Administration -> Integrations
2. Click “New Integration”
3. Select the Docker Repository Type
4. Add the following:
Name Name for the Registry in Morpheus
Repository url Docker Registry url or IP address
Username Username if private registry
Password Password if private registry
5. Save Changes
Note: You must either have signed certificates for your registry or configure your docker host(s) to accept insecure
registries
Provisioning an Instance from Docker Registry
Docker images from the Integrated Registry can be provisioned using the generic Docker Instance Type, or by adding
images to Node Types for custom Library Instance Types.
//add provisioning info and creating docker node types
4.5.5 Infoblox
Morpheus can integrate with Infoblox for IP address assignment. To add a Infoblox integration into Morpheus :
1. Add Infoblox as a Network Service integration
2. Add Infoblox IP Pool(s) to your network(s)
3. Configure your cloud(s) domain
4. When provisioning, select Network with Infoblox pool added
112
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
Add Infoblox as a Network Service Integration
1. Navigate to Infrastructure -> Networks and select the Services tab
2. In the Services tab, select +ADD SERVICE, select Infoblox, and provide the following:
• Add Pool Server
– Name
– URL (wapi url + version) example https://x.x.x.x/wapi/v2.2.1
– Username
– Password
Tip: You can find your Infoblox wapi version in the wapi doc on your Infoblox server at https://x.x.x.x/
wapidoc
4.5. Integrations
113
Morpheus Documentation, Release 2.12.4
3. Save Changes and your Infoblox networks will be populated and available in the Network -> IP Pools section
of Morpheus .
Next we will need to add an Infoblox Network pool to a network in order to use the pool(s) during provisioning.
Add Infoblox IP Pool(s) to your network(s)
1. Navigate to In Infrastructure - Networks, and in the Networks tab:
2. Find and edit the network you want to assign an Infoblox pool to.
3. For static IP assignment, Populate the Gateway, DNS, and CIDR info for the network, and deselect DHCP
server.
114
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
4. In the NETWORK POOL drop down, select the Infoblox network to assign IPs from.
5. Save Changes
Configure your cloud(s) domain
The domain entered in you cloud(s) settings needs to match an Infoblox zone. To add a domain to your cloud(s)
1. Under Infrastructure - Clouds, edit your cloud settings
2. In the domain field, enter your domain
• In v2.9.x and prior, the domain field is at the top of the Cloud Config modal.
/images/administration/infoblox-ebde8.png
..
image::
• In v2.10, the domain field is under Advanced Settings in the Cloud Config modal.
/images/administration/infoblox-976bd.png
..
image::
• In v2.10.1 and later, a Domains section has been added in the Infrastructure -> Networks Section, and there is
now a Domain dropdown to select a domain from the Networks section in the Cloud Config modal.
Infrastructure -> Network -> Domains
4.5. Integrations
115
Morpheus Documentation, Release 2.12.4
Cloud Configuration
Provisioning with Infoblox Pool
Once the Infoblox integration has been configured, while provisioning you can now select networks that have the
Network Pools added, and the name of the Infoblox IP Pool will populate to the right of the selected network:
116
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
The during provisioning, your instance IP will be assigned by Infoblox:
[[git]]
4.6 Git
add
4.6.1 AWS Route53
Overview
Morpheus integrates directly with Amazon Route 53 to automatically create DNS entries for Instances provisioned to
a configured Cloud or Group. Morpheus also syncs in Route 53 Domains for easy selection while provisioning, or
setting as the default Domain on a Cloud or Network.
Add Route 53 Integration
Route 53 can be added in the Administration or Infrastructure sections:
1. In Administration -> Integrations, select + New Integration
2. In Infrastructure -> Networks -> Services, select Add Service
3. Provide the following:
TYPE Route 53
NAME Name for the Integration in Morpheus
REGION AWS Region for the Integration
ACCESS KEY AWS User IAM Access Key
SECRET KEY AWS User IAM Secret Key
4. Once saved the Integration will be added and visible in both Administration -> Integrations and Infrastructure
-> Networks -> Services
Note: All fields can be edited after saving.
Domains
Once the integration is added, Route 53 Domains will sync and listed under Infrastructure -> Networks -> Domains.
Note: Default Domains can be set on Networks and Clouds, and can be selected when provisioning. Additional
configuration options are available by editing a domain in Networks -> Domains
4.6. Git
117
Morpheus Documentation, Release 2.12.4
Configuring Route 53 with Clouds and Groups
DNS Integrations are available in the DNS Integration dropdown in Cloud and Group settings.
Morpheus will register Instances with the DNS provider when provisioned into a Cloud or Group with a DNS Integration added.
1. In Infrastructure → Clouds edit the target Cloud.
2. Expand the Advanced Options section.
3. In the DNS Integration dropdown, select an available DNS Integration.
4. Save Changes
1. In Infrastructure → Groups select the target Group.
2. Select the Edit button for the Group
3. Expand the Advanced Options section.
4. In the DNS Integration dropdown, select an available DNS Integration.
5. Save Changes
Note: Instances provisioned into a Cloud or Group with a DNS Integration added will be registered as instancename.domain with the DNS Provider during provisioning, and de-registered at teardown.
4.6.2 Salt
Overview
Morpheus integrates with an existing Salt Master for seamless deployment of Salt States to Minions provisioned from
Morpheus .
Add Salt Integration
To get started browse to Admin -> Integrations from within Morpheus .
Once there simply add a New Integration
118
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
And then scope the integration to your existing Salt Master by ip address. Make sure that the username entered is one
with proper escalation privileges for running Salt, and point the Working Directory at the directory on your Master
where your States live.
Note: Morpheus will allow you to run States from a git backend, but in v2.10 you will not see states from a git
backend within Morpheus
4.6. Git
119
Morpheus Documentation, Release 2.12.4
120
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
Scope Salt Integration to Group Or Cloud
Configuration Management integrations like Saltstack apply to the Infrastructure Group abstraction in Morpheus . To
ties yours in, browse to Infrastructure -> Groups in Morpheus and select the group that you would like to
tie to your Salt Master.
From here select Edit
And from the options toggle Advanced Options and select your Saltstack integration in the Config Management dropdown.
4.6. Git
121
Morpheus Documentation, Release 2.12.4
After a page refresh you should see your Saltstack tab in your group page
Clicking on it will reveal a page that includes:
122
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
1. An interface to run Salt Master commands
2. Parsed Top File
3. Available States
The classic example of running
salt '*' test.ping
will return empty unless there are existing Minions with accepted keys on the Master. However, provisioning Minions
via Morpheus is extremely easy.
Provisioning with Saltstack
To do so, provision as usual and Instances within the Group tied to the Saltstack Integration will now show additional
options on the Configure pane
4.6. Git
123
Morpheus Documentation, Release 2.12.4
Minion ID defaults to the hostname, and a State can be applied directly at provision time.
Note: Only States served from the Master’s Working Directory can be applied at provision, not States from a git
backend
Once your instance is provisioned and key negotiation has completed you will be able to access it and run commands
via the integrated Salt command center in your Group.
124
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
If you did not apply a state at provision time now you will be able to run State commands through Morpheus .
In our example the Apache State from a git backend was applied successfully to our newly created vm.
4.6. Git
125
Morpheus Documentation, Release 2.12.4
4.6.3 ServiceNow
Add ServiceNow Integration
1. Navigate to Administration -> Integrations
2. Select + NEW INTEGRATION
3. Select ServiceNow from the TYPE dropdown.
4. Add the following:
NAME Name of the Integration in Morpheus.
ENABLED Leave checked to enable the Integration.
HOST Url of the ServiceNow Instance ex: https://your.instance.service-now.com
USER A user in ServiceNow that is able to access the REST interface and create/update/delete incidents,
requests, requested items, item options, catalog items, workflows, etc.
PASSWORD Above ServiceNow user’s password
5. Save Changes
Add ServiceNow Provision Approval Policy to a Cloud
Note: Any Instance provisioned into a Cloud with an Approval Policy enabled will require approval.
To add a ServiceNow Approval policy to a Cloud:
126
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
1. Navigate to Infrastructure -> Clouds
2. Select a Cloud by clicking on the Cloud Name link
3. Select the POLICIES tab
4. Select + ADD POLICY
5. Select Provision Approval
6. Optionally enter a description for the Policy
7. Configure the following:
APPROVAL INTEGRATION Select the ServiceNow Integration already configured in Administration
-> Integrations to use for the Approval Policy.
WORKFLOW Select the ServiceNow workflow for the Approval workflow in ServiceNow. Note these workflows are configured and synced in from the ServiceNow Integration.
TENANTS (if applicable) Only required for multi-tenant permission scoping. For the policy to apply to a
sub-tenant, type the name of the tenant(s) and select the Tenant(s) from the list.
8. Save Changes
Add ServiceNow Provision Approval Policy to a Group
Note: Any Instance provisioned into a Group with an Approval Policy enabled will require approval.
To add a ServiceNow Approval policy to a Group:
1. Navigate to Infrastructure -> Groups
2. Select a Group by clicking on the Group Name link
3. Select the POLICIES tab
4. Select + ADD POLICY
5. Select Provision Approval
6. Optionally enter a description for the Policy
7. Configure the following:
APPROVAL INTEGRATION Select the ServiceNow Integration already configured in Administration
-> Integrations to use for the Approval Policy.
WORKFLOW Select the ServiceNow workflow for the Approval workflow in ServiceNow. Note these workflows are configured and synced in from the ServiceNow Integration.
TENANTS (if applicable) Only required for multi-tenant permission scoping. For the policy to apply to a
sub-tenant, type the name of the tenant(s) and select the Tenant(s) from the list.
8. Save Changes
Using Approval Policies
Any Instance provisioned into a Cloud or Group with an Approval Policy enabled will be in a PENDING state until
the request in Approved.
4.6. Git
127
Morpheus Documentation, Release 2.12.4
Instances pending a ServiceNow approval will show “Waiting for Approval” with the Requested Item number and
Request number, ex: Waiting for Approval [RITM0010002 - REQ0010002].
ServiceNow Approval requests are displayed in Operations -> Approvals. Instances pending a ServiceNow
approval must be Approved in ServiceNow for provisioning to initiate. Approval requests from a ServiceNow Approval Policy cannot be approved in Morpheus, only Internal Approvals.
ServiceNow Approval requests are displayed in Morpheus under Operations -> Approvals. Pending ServiceNow Approval requests can be cancelled in Morpheus by selecting the request and then selecting ACTIONS ->
Cancel.
Once a pending ServiceNow Approval request is Approved in ServiceNow, the Instance(s) will begin to provision in
Morpheus within 5 minutes of being approved in ServiceNow.
4.7 Provisioning Settings
Administration -> Provisioning
Settings Configure Global Provisioning, Cloud-init and PXE Boot settings.
Environments Create and manage Environment Tags
Licenses Add License to apply to Windows Instances during Provisioning.
4.7.1 Settings
Allow Cloud Selection Displays or hides Cloud Selection dropdown in Provisioning wizard.
Allow Host Selection Displays or hides Host Selection dropdown in Provisioning wizard.
Show Pricing Displays or hides Pricing in Provisioning wizard and Instance and Host detail pages.
Deployment Archive Store Default Storage Provider for storing Deployment Archives.
Note: Storage Providers can be configured and managed in the Infrastructure -> Storage section.
4.7.2 Cloud-Init Settings
Morpheus can add Global users for Linux and Windows at provision time. Cloud-init/Cloudbase-Init or Vmware Tools
installed on the provisioned Virtual Images is required.
Linux
• Username: Enter User to be added to Linux Instances during provisioning.
• Password: Enter password to be set for the above Linux user.
• KeyPair: Select KeyPair to be added for the above Linux user.
Note: Either a Password, KeyPair, or both can be populated for the Linux User. KeyPairs can be added in the
Infrastructure -> Key Pairs section.
Windows
128
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
• Administrator Password: Enter password to be set for the Windows Administrator User during provisioning.
4.7.3 PXE Boot Settings
Default Root Password Enter the default password to be set for Root during PXE Boots.
4.8 Monitoring Settings
4.8.1 Overview
The Administration -> Monitoring section is for configuring Morpheus Monitoring and Monitoring Integrations.
4.8.2 Morpheus Monitoring Settings
Auto Create Checks When enabled a Monitoring Check will automatically be create for Instances and Apps.
Availability Time Frame The number of days availability should be calculated for. Changes will not take effect until
your checks have passed their check interval.
Availability Precision The number of decimal places availability should be displayed in. Can be anywhere between
0 and 5.
Default Check Interval The default interval to use when creating new checks.
Note: Monitoring Checks can be manually configured if Auto Create Checks is disabled.
4.8.3 AppDynamics
AppDynamics Monitoring Integration Settings
Enabled Enables the AppDynamics Integration
Controller Host This is the host name or the IP address of the AppDynamics Controller. This is the same host that
you use to access the AppDynamics browser-based user interface.
Controller Port This is the HTTP(S) port of the AppDynamics Controller. This is the same port that you use to
access the AppDynamics browser-based user interface. If the Controller SSL Enabled property is set to true,
specify the HTTPS port of the Controller; otherwise specify the HTTP port.
Controller SSL Enabled This property specifies whether the agent should use SSL (HTTPS) to connect to the Controller. If SSL Enabled is true, set the Controller Port property to the HTTPS port of the Controller.
Tenant Name This is the account name used to authenticate with the Controller.
Access Key This is the account access key used to authenticate with the Controller.
Controller Version This is the controller version and can be obtained at the bottom of the controller login page.
Application Name This is the name of the logical business application. Note that this is not the deployment
name(ear/war/jar) on the application server. (Maximum of 30 numbers or letters)
Tier Name This is the name of the logical tier. (Maximum of 30 numbers or letters)
4.8. Monitoring Settings
129
Morpheus Documentation, Release 2.12.4
Controller User A user that can login to the Controller ui and upload a dashboard.
Controller Password Password for the Controller User.
4.8.4 Service Now
ServiceNow Monitoring Integration Settings
Note: A ServiceNow Integration must be already configured in Administration -> Integrations to enable the ServiceNow Monitoring Integration.
Enabled Enables the ServiceNow Monitoring Integration
Integration Select from a ServiceNow Integration added in Administration -> Integrations
New Incident Action The Service Now action to take when a Morpheus incident is created.
Close Incident Action The Service Now action to take when a Morpheus incident is closed.
Incident Severity Mapping
Morpheus Severity
Info
Warning
Critical
ServiceNow Impact
Low/Medium/High
Low/Medium/High
Low/Medium/High
4.8.5 New Relic
New Relic Integration Settings
Enabled Enables the New Relic Monitoring Integration
License Key License Key to be used when installing the New Relic agent in order for the agent to report data to your
New Relic account
Note: The License Key is the 40-character hexadecimal string that New Relic provides when you sign up for your
account.
4.9 Backup Settings
Administration -> Backups
4.9.1 Overview
The Backups Settings page allows you enable or disableScheduled Backups, and select a Default Backup Storage
Provider Backups within Morpheus can always be run manually. However the scheduled backups toggle must be
enabled to run jobs automatically. Configure the default storage provider to select the target location for all new
backups. (This does not affect existing backups.)
130
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
4.9.2 Morpheus Backup Settings
Options:
Scheduled Backups Enable automatic scheduled backups for provisioned instances.
Create Backups When enabled, Morpheus will automatically configure instances for manual or scheduled backups.
Copy Snapshots to Store Copy VMware snapshots to selected Backup
Storage Provider Default Backups Storage Provider
Backup Appliance When enabled, a Backup will be created to backup the Morpheus appliance database. Select the
Backup text link to edit Appliance Backup Settings and view existing Appliance Backups.
Default Backup Provider Enable/Disable Morpheus as the default backup provider.
Default Backup Storage Provider Storage Providers can be configured and managed in the Infrastructure Storage
section.
Backup Retention Count Default maximum number of successful backups to retain.
4.9.3 Veeam Settings
Enabled Enable the Veeam integration
Default Backup Provider Sets Veeam as the Default Backup Provider in Morpheus . Backup Providers can also be
configured per Backup.
Visibility Sets visibility in multi-tenant Morpheus environments:
• Public: Accessible by all Tenants
• Private: Accessible only to the Tenant the Veeam integration is added.
Host Host name or the IP address of the Veeam Backup Enterprise Manager. This is the same host that you use to
access the Veeam Backup Enterprise Manager browser-based user interface.
Port The HTTP(S) port of the Veeam Backup Enterprise Manager API. The default is 9399.
Username The username used to authenticate with the Veeam Backup Enterprise Manager.
Password The password used to authenticate with the Veeam Backup Enterprise Manager.
Backup Repositories Once credentials are authenticated, search will populate available Veeam Repositories to select
from.
Backup Job Templates The backup jobs configured in the Veeam Backup and Replication Console that can be cloned
when creating new backup jobs.
Refresh Available Jobs Use to sync newly created Jobs in Veeam.
Important: Once a Veeam Integration has been enabled, a VEEAM SERVER``setting will be available
in VMware and Hyper-V cloud settings (``Infrastructure -> Clouds -> Edit a
Cloud). To enabled backups on a Cloud, a Veeam Server must be selected in the VEEAM SERVER dropdown in
the Cloud settings and saved. Failure to do so will result in blank Backup Repositories and Backup Job
Templates options when configuring Veeam Backups during provisioning´´.
4.9. Backup Settings
131
Morpheus Documentation, Release 2.12.4
4.9.4 Commvault Settings
Enabled Enable the Commvault integration
Default Backup Provider Sets Commvault as the Default Backup Provider in Morpheus . Backup Providers can be
configured per Instance backup settings.
Host IP or Hostname of the Commvault server.
Port Port configured to access the
Commvault server Username Admin Username for Commvault
Password Password for Username provided (encrypted in Morpheus )
4.10 Logging Settings
Morpheus contains a built-in logging solution that aggregates logs from hosts and services. Logs are displayed,
searchable, and filterable in the Instance, App, Host and overall Logs sections. Logs can also be forwarded using
Syslog Forward rules to any external solution that supports syslogs.
Morpheus also has built in Integrations with 3rd Party solutions. When configured, the Morpheus agent will forward
logs to the integrated platforms automatically.
Logging Settings for the build-in Logging, Syslog forwards, and 3rd Party Integrations are configurable in the Administration -> Logs section.
Morpheus contains a built-in logging solution that aggregates logs from hosts and services. Logs are displayed,
searchable, and filterable in the Instance, App, Host and overall Logs sections. Logs can also be forwarded using
Syslog Forward rules to any external solution that supports syslogs.
To configure Splunk simply create a syslog listener configuration in Splunk. Then it is simply a matter of expanding
the section in Logging settings pertaining to Splunk and filling out the host and port of the appender. Once saved, all
hosts managed by Morpheus will be configured to forward logs to the target Splunk listener.
Configuring LogRhythm is much like configuring Splunk. Simply toggle the enabled flag in the LogRhythm section
to enabled and fill in the Host, and Port information for the LogRhythm listener.
4.11 Appliance Settings
The Administration -> Settings section sets global configuration parameters for the Appliance, Tenant Registration,
Email, Proxy and sets which Cloud types are enabled.
4.11.1 Appliance Settings
Host Level Firewall Enabled Enables or Disables the host level firewall. This must be Enabled to use Morpheus
Security Groups.
Appliance URL The default URL used for Agent install and Agent functionality. All Instances and Hosts must be
able to resolve and reach this URL over 443 for successful agent install and communication.
Note: Alternate Appliance URLs can be configured per Cloud in the Edit Cloud -> Advanced Options section.
132
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
Internal Appliance URL (PXE) For PXE-Boot your appliance needs to be routable directly with minimal NAT masquerading. This allows one to override the default appliance url endpoint for use by the PXE Server. If this is
unset, the default appliance url will be used instead.
API Allowed Origins Specifies which origins are allowed to access the Morpheus API.
Tenant Management Settings
Registration Enabled If enabled, the appliance login screen will have a “NEED AN ACCOUNT? SIGN UP HERE”
link added, enabling new Tenant registration.
Default Tenant Role Sets the default Tenant Role applied to Tenants created from Tenant Registration.
Default User Role Sets the default User Role applied to the User created from a Tenant Registration.
Email Settings
Morpheus has a built in SMTP server for email notifications and alerts. An alternate SMTP server can be specified
below:
Add an alternate SMTP Server:
• From Address
• SMTP Server
• SMTP Port
• SSL Enabled
• TLS Encryption
• SMTP User
• SMTP Password
Proxy Settings
The Morpheus Appliance can be configured to communicate through a Proxy server for Cloud API’s and Agent
communication back to the Appliance.
Note: Additional Proxy configuration is available in the Infrastructure -> Network -> Proxies section. Added Proxies
can be scoped to Clouds in the Edit Cloud -> Advanced Options section of the Cloud.
Add a Global Proxy server by entering the following:
• Proxy Host
• Proxy Port
• Proxy User
• Proxy Password
• Proxy Domain
• Proxy Workstation
4.11. Appliance Settings
133
Morpheus Documentation, Release 2.12.4
Enabled Clouds
Cloud types can be Enabled or Disabled in this section. When a Cloud type is disabled, it will be removed from the
available options when adding new clouds in the Infrastructure section.
Available Cloud types:
• Morpheus
• OpenStack
• Amazon
• Metacloud
• VMware vCenter
• VMware vCloud Air
• SoftLayer
• Google Cloud
• Azure (Public)
• Azure Stack (Private)
• DigitalOcean
• VirtualBox
• VMware Fusion
• VMWare ESXi
• Nutanix
• UCS
• XenServer
• Hyper-V
• MacStadium
• Oracle VM
• HP
• Supermicro
• Dell
4.11.2 Whitelabel Settings
Overview
Morpheus Tenants can be WhiteLabeled with custom Logos, Colors, Copy, and custom CSS. Sub-Tenants can be
individually white-labeled, or the Master Tenant Whitelabel can apply to all Sub-Tenants.
Enable Whitelabel Turns on the configured Whitelabel settings. Disabling will return the Appliance to the default
colors and logos, but the configured options will remain saved and will apply if Whitelabel is re-enabled.
Appliance Name Replaces Morpheus in page titles.
Header Logo Top left header logo. Preferred Image Size (500x76)
134
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
Footer Logo Footer Logo in bottom left. Preferred Image Size (264x54)
Login Logo Logo shown on Login screen. Preferred Image Size (228x280)
Favicon Must be a .ico file type.
Reset When selected and Whitelabel settings are saved, associated logo is returned to blank default value.
Colors
Update Colors by entering HEX value or selecting the Color Selector pop-up next to each filed and selecting a color.
• Header Background
• Header Foreground
• Nav Background
• Nav Foreground
• Nav Hover
• Primary Button Bg
• Primary Button Fg
• Primary Button Hover Bg
• Primary Button Hover Fg
• Footer Background
• Footer Foreground
• Login Background
Override CSS
Override CSS settings by entering CSS in Override CSS field.
Example: (this will add one continues background image to the Header)
header #topHeader {
background-image: url(http://image_url.png);
}
header {
background-image: url(http://image_url.png);
}
Copy
Add custom Copyright String, Terms of Use, Privacy Policy contained in the Footer text and links in the App and on
the login page and emails.
Available Copy fields
• Copyright String
• Terms of Use
• Privacy Policy
4.11. Appliance Settings
135
Morpheus Documentation, Release 2.12.4
Note: Terms of Use and Privacy Policy Footer links will load internal pages at https://applaince_url/privacy-policy
and https://applaince_url/terms-of-use displaying the entered info as plain text.
UI Loading Page ^^^^^^^^^^^^^^^
When the Morpheus UI is restarted or loading, a default “Morpheus is Loading” page is displayed. This page can be
changed by adding the following to /etc/morpheus/morpheus.rb and adjusting the values.
Note: morpheus-ctl reconfigure must be ran for any chnages to /etc/morpheus/morpheus.rb to take effect.
nginx['web_root_internal'] = “/opt/morpheus/embedded/nginx/html"
nginx['loading_pages']['max_loops'] = 6 * 10 # 10 secs per loop x 6 times to get 60
˓→seconds * 10 to get to 10 minutes
nginx['loading_pages']['timeout_page'] = '/timeout.html'
nginx['loading_pages']['iteration_time'] = 10_000
nginx['loading_pages']['loading_page_title'] = 'Morpheus Loading'
nginx['loading_pages']['loading_page_h1'] = 'Morpheus is Loading...'
nginx['loading_pages']['loading_page_h2'] = 'please wait'
nginx['loading_pages']['timout_page_title'] = 'Morpheus timeout, please try again...'
nginx['loading_pages']['timout_page_h1'] = 'Timeout waiting for Morpheus to load,
˓→click below to try again.'
nginx['loading_pages']['failure_page_title'] = 'Morpheus Server Error'
nginx['loading_pages']['failure_page_h1'] = 'Morpheus Server Error'
nginx['loading_pages']['failure_page_h2'] = 'Please contact your system administrator
˓→for assistance.'
4.11.3 License
Overview
Morpheus requires a valid license for provisioning new Instances, Apps and Hosts, and converting existing Instances
and Hosts to managed. Licenses can be applied and updated in this section, and the current license status can be
checked.
Current License
If a License Key has already been applied, the License status is shown in the Current License section:
Tenant Name Company name the License was generated for.
Start Date Date and time the current License started.
End Date Date and time the current License expires.
Space Amount of used and unused Managed RAM under the current License.
EXAMPLE: On a 1 TB License with 182 GB of RAM under management, the Space section will show Used Space
182.9GB Unused Space 841.0GB
Note: Once a current License expires or has reached its Space limit, users will no longer be able to provision
new Instances, Apps, Hosts, or Bare Metal, or convert existing Hosts, Virtual Machines, or Bare Metal to managed.
Morpheus will otherwise continue to function.
136
Chapter 4. Administration
Morpheus Documentation, Release 2.12.4
Upgrade License Key
To add a new or update an existing License:
1. Copy the License Key into the License Key field
2. Click UPDATE
If valid, the new License will be applied.
Request new License
Licenses can be requested at https://morpheushub.com, or by contacting support@ or sales@ morpheusdata.com.
4.11. Appliance Settings
137
Morpheus Documentation, Release 2.12.4
138
Chapter 4. Administration
CHAPTER
5
Monitoring
Morpheus provides great monitoring features out of the box. Anything provisioned within Morpheus automatically
gets a check created in the monitoring service. These checks are organized hierarchically in “Groups” and “Apps”.
This makes it easy to gain a perspective as to what a customer or full stack facing impact is in the event of a particularly
instance failure. This also takes into account redundancy layers when it comes to calculating the applications overall
uptime percentage.
There are also several integrations built into the monitoring subsystem of Morpheus including App Dynamics , New
Relic, and even Service Now integration.
5.1 Checks
The Monitoring system is composed of individual checks. A check is created for every container or vm that is provisioned through Morpheus . One interesting thing about these checks is they are type aware. There are several different
built in check types that are selected based on the service or instance type that is being provisioned. These range from
database type checks to web checks and message checks. They are highly configurable and also feature fallback check
types for those more generic use cases.
Checks can be customized to run custom queries, check queue sizes, or even adjust severity levels and check intervals.
All of these things can be controlled from the Checks sub tab within Monitoring.
5.1.1 Health
A check can have 3 health states. They are Failed, Warning (Recovering), and Healthy. When a check test fails the
system automatically reattempts the check after 30 seconds to eliminate false positives. This will convert the check
into a Failed state and raise the appropriate severity incident depending on the grouping of the check. When a check
recovers it automatically goes into a Warning state. This will remain in the warning state until 10 successful check
runs have completed.
139
Morpheus Documentation, Release 2.12.4
5.1.2 Options
All check types have several core options and some of these default options can be configured in Admin -> Monitoring.
This includes the default check interval time. By default a check is run every 5 minutes. This can however be changed
to run as frequently as once every minute.
• Max Severity: The maximum severity level impact for a created incident that can occur if the check fails (defaults
to Critical).
• Check Interval: The frequency with which a check is run (default 5 minutes).
• Affects Availability: Whether or not this check impacts overall system availability calculations.
5.1.3 SSH Tunneling
In many cases when it comes to monitoring databases, and services they may not be fronted on the public ip’s for
external monitoring. To reach these safely, and securely Morpheus provides an SSH Tunneling mechanism for its
check servers. This allows the check to be confirmed via an ssh port tunnel securely using a keypair.
5.1.4 Check Servers
On a base installation of Morpheus a single check server is installed on the appliance. This is used for running any
custom user checks. This services connects to the provided rabbitmq services and can be moved off or even scaled
horizontally onto sets of check servers. All other checks that are related to provisioned containers or VMs are executed
by the installed agent on the guest OS or Docker host.
5.2 Groups & Apps
One great feature of the monitoring system is the ability to organize checks by groups and apps. This provides a
nice convenient way to determine what a customer facing impact might be for a single failure as well as representing
redundancy via groupings.
It is important to note the relationship of apps, groups, and even checks with regards to instances provisioned within
Morpheus . For every Instance that is provisioned: A monitoring Group is created and a Check is added to that group
for every Container or Virtual Machine within that Instance. This makes sense such that as an Instance is scaled out
horizontally (containers/vms added to it) The monitoring system accurately represents the layers of redundancy. An
App simply maps to a Provisioning App and should be pretty straightforward to understand.
5.2.1 Groups
It is also possible to organize custom checks in this hierarchical structure by manually adding or editing a Group or
App. Groups can only contain checks and can be edited or created in Monitoring -> Groups. Besides simply adding
and removing checks to a group there are a few other useful options that can be customized in a group.
Min Checks This specifies the minimum number of checks within the group that must be happy to keep the group
from becoming unhealthy.
Max Severity The maximum severity incident a failed check may create. This setting overrides a checks Max Severity
setting.
Affects Availability Whether or not a failed group impacts system wide availability calculations.
Some useful information can also be seen on the detail page of a check. For example, the average response time of all
checks within the group, or an aggregated check history can be viewed.
140
Chapter 5. Monitoring
Morpheus Documentation, Release 2.12.4
5.2.2 Apps
Apps are very useful for seeing an aggregation of failures, or impact based on a set of checks and groups. Apps
typically correlate to apps created in provisioning but can also be manually created and organized. They can be great
for visualizing the customer impact a failure might have or even keeping up on a screen in a NOC. There are a few
useful options as well with regards to Apps:
Max Severity The maximum severity incident a failed app may create. This setting overrides check and group Max
Severity settings.
Affects Availability Whether or not a failed app impacts system wide availability calculations.
5.3 Incidents
Incident management is very important in any IT Operations environment. The ability to notify the appropriate people of an outage that requires immediate attention is critical to reducing recovery time and even preventing potential
customer facing impacts. Because of this, Morpheus provides incident management features as well as external integrations out of the box.
Incidents can be found in the Monitoring->Incidents section. When a check fails, an incident is automatically raised.
These can vary in severity based on the user configured check severities as well as the group hierarchy (representative
of redundancy).
Incidents are also grouped. If an application is impacted and multiple checks fail for that application they automatically
get grouped together in one Incident that can fluctuate or escalate in severity as time progresses. These incidents can
be muted so as not to affect availability and they can also be resolved manually with an option to detail resolution
information.
There are also integrations and API’s for integrating with existing corporate workflows when it comes to incident
management.
5.4 Alerts
There are several ways to configure alerts and notifications within Morpheus . Users can be notified via Email or SMS
as well as several other direct integrations. These integrations include PagerDuty, Alert Ops, Victor Ops, and even
Slack chat Channel notifications (or optionally via the ServiceNow integration).
5.4.1 Contacts
To configure user notifications a contact must first be created in Monitoring -> Contacts. These contacts can be one
of a few types:
• Contact: Used for either Email or SMS
• Web Hook: Used for posting a notification to a web endpoint or Alert Ops.
• Slack Hook: Used for posting notifications to a https://slack.com/{[}Slack] channel.
• VictorOps: Provides a web post format consistent with the required notification format for Victor Ops.
Most of these options provide convenient examples and information when configuring the contact. Once they are
configured contacts can freely be used to build Alert Rules.
5.3. Incidents
141
Morpheus Documentation, Release 2.12.4
5.4.2 Alert Rules
Alert Rules provide a powerful means to configure who gets notified in various scenarios. These scenarios include
targetting specific checks, groups, or apps , and adding the appropriate recipients to be notified during a situation in
which those filters are impacted.
• Min Duration: This setting delays notification to the recipients by the entered number of minutes required for
the incident to be opened.
• Min Severity: Some executives might want to be notified of an outage but only if the severity impact goes above
a certain level. This is very useful for scoping escalations.
To add recipients to a rule just start typing their name in the Recipients section towards the button of the edit form. An
auto-complete list will start populating with contact names. Once one is selected a delivery method can be selected as
well as whether or not they should be notified of any escalation changes and/or closed incidents.
Tip: A recipient can be in multiple alert rules and can even be configured to be notified via different methods
depending on the rule. A useful example might be to alert someone via email for lower severity incidents but SMS for
critical severity levels.
5.4.3 Notifications
Configuring Notification Services
By default Morpheus provides email notification services using the morpheusdata.com email address. It may be
advisable to customize these services to use another mail delivery service.
5.5 Monitoring Integrations
While Morpheus provides a fantastic means for determining uptime and availability of both services and VMs sometimes more is needed. A good example of this is performance application monitoring. To solve this several external
integrations are provided out of the box. Even some external integrations with regards to incident management are
provided.
5.5.1 AppDynamics
AppDynamics is a very powerful performance and application monitoring tool. It features advanced correlation features and profiling capabilities for a very wide range of application platforms including native Docker support. Due
to the level of capabilities of AppDyanmics there are more required settings to integrate it with Morpheus . To get
started expand the section in Admin -> Monitoring related to AppDynamics and toggle it to Enabled. There are several
fields here that need filled out. Once completed hit save and all hosts will automatically be configured to install the
AppDynamics agent.
AppDynamics is capable of begin run as a paid SaaS based service as well as an on premise installation and Morpheus
supports both configurations. Most input fields related to connecting to AppDynamics provide helpful tips as to what
information exactly needs provided and where to acquire it.
5.5.2 NewRelic
New Relic is a very popular service based performance monitoring tool. It supports a wide variety of application
platforms and is a breeze to configure with Morpheus . Another great feature of new relic is its ability to monitor the
142
Chapter 5. Monitoring
Morpheus Documentation, Release 2.12.4
server applications run on and provide additional stats. To do this an agent needs to be installed and configured on
each server. Fortunately, this is performed automatically for every vm and docker host provisioned within Morpheus
. To turn on the integration simply go to Admin -> Monitoring and expand the section titled “New Relic”. There it is
simply a matter of toggling the Enabled setting to on and entering the New Relic account API Key.
5.5.3 Service Now
Service now integration is provided out of the box with Morpheus . To add a service now integration simply visit the
‘Monitoring Settings’ section in Admin -> Monitoring. This allows one to map incident severity levels to equivalent
severities in ServiceNow.
To enable service now simply expand the section labelled “ServiceNow” in Admin -> Monitoring. Toggle the enabled
flag and enter the Host, User, and Password information required to connect to ServiceNow. The other options below
include behaviors upon new incidents being opened and old incidents closing. It also includes a table for mapping
Morpheus incident severity levels to their ServiceNow counterparts.
There are several other useful service now integrations planned for future releases and will be discussed as those
features come out.
5.5. Monitoring Integrations
143
Morpheus Documentation, Release 2.12.4
144
Chapter 5. Monitoring
CHAPTER
6
Logs
6.1 Overview
The logging architecture backing Morpheus uses the latest and greatest technologies and standards to be able to service
large amounts of log traffic as well as facilitate easy viewing. Utilizing elasticsearch behind the scenes and buffered
log transmission protocols Morpheus provides a highly efficient and highly scalable solution for capturing log data
from anything provisioned via the system. By utilizing common formats (syslog) it is also very easy to forward logs
to external third party log services.
6.1.1 Configuration
Logging configuration can be setup in the Admin -> Logs section. There are a couple useful settings here including
customizing the retainment policy (by default 7 days). This could be expanded to years for PCI Compliance purposes
or other potential requirements an organization might have.
Note: When increasing the retainment policy of the logging system it may be necessary to scale out the elasticsearch
cluster. Please refer to the relevant information with regards to scaling elasticsearch and advanced installation options
for externalizing the elasticsearch cluster.
This area of administration also provides options for setting custom syslog forward rules. These rules are applied on
each individual host therefore keeping the Morpheus appliance itself out of the data plane. For information on different syslog formatting rules please refer to the http://www.rsyslog.com/sending-messages-to-a-remote-syslog-server/
{[}rsyslog] documentation.
6.1.2 Usage
Morpheus automatically sets up and configures logging for all of the standard catalog items provisioned through
morpheus. This includes both Docker containers as well as virtual machines. Simple view instance specific logs in
instance detail via the “Logs” tab.
145
Morpheus Documentation, Release 2.12.4
There are several filtering capabilities built into the logging ui with more being added continually. Easily toggle log
level filters from the dropdown or change the date range filter using the handy date filter component. A chart is also
displayed above logs representing the log counts by level over the selected time range (default last 24 hours). A handy
pattern search is also available with some rather capable features based on Lucene search syntax.
Tip: It may be useful to review the Lucene search query syntax for powerful use cases: https://lucene.apache.org/
core/2_9_4/queryparsersyntax.html{[}Syntax Guide]
There are several other places logs can be viewed. Not only can they be viewed across an application in app detail but
also across all instances in the account. The main level Logs section provides an ability to query all logs produced
by the system. It is also possible to view host specific logs on a docker host by viewing the host detail page via
Infrastructure.
Note: New features are on the roadmap for the main logs section including saved searches, and handy charting
dashboards for garnering insights out of log data.
6.2 Integrations
While the built in logging solution provided by Morpheus is sufficient for most, there are some scenarios in which a
more advanced logging system may be desired or already in place. To facilitate this Morpheus makes it easy to add
custom syslog rules as well as built in direct integrations with Splunk and LogRhythm. All integrations pertaining to
logging can be configured in the Administration -> Logging section.
6.2.1 Splunk
To configure Splunk simply create a syslog listener configuration in Splunk. Then it is simply a matter of expanding
the section in Logging settings pertaining to Splunk and filling out the host and port of the appender. Once saved, all
hosts managed by Morpheus will be configured to forward logs to the target Splunk listener.
6.2.2 LogRhythm
Configuring LogRhythm is much like configuring Splunk. Simply toggle the enabled flag in the LogRhythm section
to enabled and fill in the Host, and Port information for the LogRhythm listener.
146
Chapter 6. Logs
CHAPTER
7
Backups
include::managing_backups.rst
147
Morpheus Documentation, Release 2.12.4
148
Chapter 7. Backups
CHAPTER
8
Operations
8.1 Dashboard
The Dashboard is a single pane of glass showing quick, easy to read performance and configuration information about
the Morpheus Environment.
Status There are four gauges across the top of the dashboard page showing quick system stats for Instances, Monitoring Status, Log Errors, and Backups. Each gauge also serves as a quick link for each section.
My Instances The My Instances section shows quick information about 5 favorite instances like Type, IP and Port.
Click View All to be taken directly to the instances page.
Monitoring The Monitoring section displays an overall health, availability statistics, as well as response time and any
open incidents requiring action.
Recent Activity Recent Activity is displayed on the right side of the dashboard page. Items like instance provisioning
and deletion, backups, and alerts are displayed here.
Logs All Morpheus logs are application aware. Log information from hypervisors, servers, and applications are
pushed up into the Morpheus controller node and made searchable and actionable. Choose a timeframe from
the Logs pane to view statistics or click List to view all log information.
Backups The backup pane at the bottom of the page shows statistics about Morpheus backups. Information about
success and failure rates and the number of backups run versus scheduled is available here. Click on the List
button to be taken directly to the backups page where you can view and configure backups.
8.2 Reports
8.2.1 Overview
Customizable Cloud, App and Instance usage reports can be generate in the Operations -> Reports section.
149
Morpheus Documentation, Release 2.12.4
8.2.2 Reports History
The landing page of the reports section gives a selection of report types to generate and a history view of generated
reports.
8.2.3 Generating Reports
To generate a new Report
1. Select a Report type
2. Set Start and End dates for the report
3. Select Cloud(s)
4. Select other options depending on report type
5. Select run and the report will be generated
8.2.4 Viewing Reports
To view a report, select the Name of the report after the status changes to ready. Generated Reports are available from
the Reports History page or in their respective Section.
Note: All reports are saved and accessible until deleted.
8.3 Analytics
Overview
The Morpheus Analytics engine analyzes resource utilization and costs across clouds. This functionality helps users
make decisions on where instances and workloads should be provisioned.
Analytics Reports
• Instance Types
** By Cloud * Count * Total Memory * Total Storage * Total CPUs/Cores ** By Group * Count * Total Memory
* Total Storage * Total CPUs/Cores * Instances ** By Cloud * Count * Total Memory * Total Storage * Total
CPUs/Cores ** By Group * Count * Total Memory * Total Storage * Total CPUs/Cores * Utilization ** CPU vs
Price * Hosts * Virtual Machines * Bare Metal ** Overall vs Price * Hosts * Virtual Machines * Bare Metal **
RAM vs Price * Hosts * Virtual Machines *** Bare Metal
8.4 Guidance
8.4.1 Overview
The Operations -> Guidance section show recommendations for Resource and Costs Utilization optimization. By
analyzing the CPU, RAM, and Storage activity of Instances and Hosts, Morpheus can recommend actions for Sizing
and Power State.
150
Chapter 8. Operations
Morpheus Documentation, Release 2.12.4
8.4.2 Configuration
Guidance is configured per Cloud and is set to off by default.
To turn on Guidance for a Cloud:
1. Navigate to Infrastructure -> Clouds.
2. Select the Edit icon of the Cloud to configure Guidance for.
3. Expand the Advanced Options section in the Edit Cloud modal.
4. In the Guidance dropdown, select Manual.
5. Select Save Changes.
Guidance recommendations will begin to appear in the guidance section when generated.
8.4.3 Recommendations
To view and act on Guidance recommendations, navigate to Operations -> Guidance.
The Guidance list contains the following details:
Severity Icon Indicates the severity of the recommended action.
Type Recommended action Type
Metric Guidance Metric used for recommended action.
Action Recommended Action for the Instance or Host, such as “Reduce Host memory” or “Shutdown Instance”
RESOURCE The Instance or Host targeted
SAVINGS Shows projected Monthly Costs savings if recommended action is taken.
DATE Date and Time stamp the recommended action was generated.
Information Link Click to view details on the recommendation.
Note: Guidance Actions are not automatically triggered at this time.
8.4.4 Filters
Search Search for Guidance recommendations
Type Filter by Sizing or Shutdown Guidance Types.
Severity Filter by Guidance Severity of All, Info, Warning, or Critical.
Metric Filter by All, Memory, CPU, or Power Guidance Metrics.
8.5 Approvals
Morpheus and Service Now Approvals
8.5. Approvals
151
Morpheus Documentation, Release 2.12.4
8.5.1 Overview
Policies can be created for Groups and Clouds to require approvals for actions with the built-in Morpheus approvals
engine, or via a ServiceNow integration. Approvals can be configured for Provisioning and Lifecycle extensions.
8.5.2 Configuring Approvals
Configuring Morpheus for Approvals
To configure Morpheus for approvals:
1. Configure Roles for Approval access
2. Optionally configure a ServiceNow Integration for ServiceNow approvals.
• Please note ServiceNow integration is not required for Internal Approvals.
3. Create approvals policies for: * Internal Approvals * SNOW Approvals
Configure Roles
Configure User Role access settings in Administration -> Roles -> (Role) -> Operations: Approvals.
• All Users with a Role applied containing Operations: Approvals set to Full will have approval authority, and be
able to Approve, Deny or Cancel approval requests.
• All Users with a Role applied that has Operations: Approvals set to Read will be able to view Approval requests
and history, but will not be able to Approve, Deny or Cancel approval requests.
• All Users with a Role applied that has Operations: Approvals set to None will not have access to the Operations:
Approvals section, and such will not be able to see or act on approval requests.
• Regardless of Role settings, any instance or app provisioned by any user to a group or cloud with an active
Approval policy applied will require approval before the instance or app will provision.
ServiceNow Approvals
Configure ServiceNow integration for SNOW Approvals
1. Navigate to Admin -> Integrations
2. Select + NEW INTEGRATION
3. Select ServiceNow from the Type dropdown in the Integration modal and enter:
• Name Name of the integration in Morpheus
• Enabled Leave checked to enable the integration.
• Host URL of the ServiceNow host (ex: https://ven0000.service-now.com)
• User A User in ServiceNow that is able to access the REST interface and create/update/delete incidents,
requests, requested items, item options, catalog items, workflows, etc.
• Password Password for User above
4. Save Changes
Morpheus then configures the integration with ServiceNow, syncs ServiceNow workflows which are available when
creating approvals policies. (This process can take up to 5 minutes depending on the size of the workflow table in
ServiceNow.)
152
Chapter 8. Operations
Morpheus Documentation, Release 2.12.4
Create Approval Policies
• Policies applied to a Group are created in Infrastructure -> Groups -> (group) -> Policies tab.
• Policies applied to a Cloud are created in Infrastructure -> Clouds -> (cloud) -> Policies tab.
To create an Approval policy:
1. Navigate to the Policies tab in the Group or Cloud to which the policy will apply.
2. Select + ADD POLICY to open the New Policy wizard
3. Select Provision Approval from the Type dropdown
4. Add an optional description
5. Leave Enabled selected for this Policy to be active once saved. *Enabled can be deselected to disable to policy.
6. In the config section, select either Internal Approvals or ServiceNow Approvals:
• Internal Approvals Approval requests will be managed within Morpheus via the Operations: Approvals
section.
• ServiceNow Approvals Approval requests will be managed with ServiceNow (SNOW). Please note a
ServiceNow integration (Admin: Integrations) must be configured prior to SNOW Approval policy
generation.
– For ServiceNow Approvals, select the appropriate ServiceNow workflow for this policy. Please
note the workflows presented are created in ServiceNow and synced with Morpheus .
7. Add the Morpheus Accounts to which this policy will apply, or leave the Accounts field blank to apply to all
accounts.
8. Save
Upon saving, a new policy is created in the Group or Cloud Policies tab.
Note: SNOW Approvals will take a few moments to save as the policy is generated.
8.5.3 Managing Approval Requests
Once Instance Approval policies are added to a group or cloud, any Instance or App provisioned into that group or
cloud will create an approval request entry in the Operations -> Approvals section.
Note: User Role permission Operations: Approvals -> FULL required to manage Approvals.
• To Approve, Deny, or Cancel an internal Approval request, select the request and use the Actions dropdown.
• To Cancel a ServiceNow Approval request, select the request and use the Actions dropdown. ServiceNow
approvals are managed in ServiceNow.
Note: Instances requiring provisioning approval will have a PENDING status until approved.
Each Approval Request will have:
• Request: What is being requested
• Type: The type of the approval request
8.5. Approvals
153
Morpheus Documentation, Release 2.12.4
• Request For: Name and link to Instance
• Status
• Date Created
• Requested By
• Actions dropdown * For Internal Approval Requests
– Approve
– Deny
– Cancel
– For ServiceNow Approval Requests * Cancel
Internal approval requests
To Approve, Deny or Cancel an Internal approval request:
1. Navigate to Operations -> Approvals
2. Select the Name of the Approval request
3. Select Actions on the far right of the request
4. Select Approve, Deny, or Cancel from the Actions dropdown
5. Select OK on the confirmation modal
• When an Internal request is approved, the related instance will begin to provision immediately and the request
will show approved.
• When an Internal request is denied, the related instances status will change to Denied and the request will show
Rejected in the Approvals section.
• When an Internal request is canceled, the related related instances status will change to Cancelled and the request
will be canceled.
ServiceNow Approval requests
ServiceNow approval request are managed in ServiceNow. The process of approving or rejecting requests is determined by the ServiceNow Workflow selected when configuring the SNOW Approval policy. These Workflows are
configured in ServiceNow.
Important: Morpheus syncs with ServiceNow every 5 minutes. Once an Approval Request is Approved or Rejected
in Service Now, it will take up to 5 minutes for the instance to respond accordingly, and the status for the approval
request in the Approvals section in Morpheus to update.
8.6 Usage
8.6.1 Overview
The Operations -> Usage section shows Billing information for Instances and Hosts that have pricing configured on
their Service Plan.
154
Chapter 8. Operations
Morpheus Documentation, Release 2.12.4
Important: Pricing must be enabled ins Administration -> Provisioning and Service Plans configured with Prices
sets in Administration -> Plans & Pricing for Pricing to show in the Usage section.
8.6.2 View Usage
All Instances are listed by default, with the most recent usage information showing first.
Usage details can be filtered by Cloud and Date:
Cloud Default view is for all Clouds. Select a Cloud to show Instance and Host Usage for only one Cloud.
Date Default view shows most current Usage. Select the Date filter to scope to a different date range.
8.6.3 API & CLI
Usage information can also be extracted via the Morpheus API and CLI, including the ability to extract usage per
Tenant.
Note: Appropriate Role permissions for Operations: Usage are required to view the Usage section.
8.7 Activity
The Activity section displays a recent activity report for Auditing. Morpheus defines an activity as any major action
performed on an instance or server, such as, but not limited to adding a server, deleting a server, provisioning an
instance, deleting an instance, creating a backup, etc. . . This view can be searched and filtered by type, user, and date
range.
8.7.1 Activity Reports
There are 5 types of activities that are displayed in the Activity Reports:
• Provisioning
• Monitoring
• Alert
• Backups
• Logs
To View a Recent Activity report:
1. Select the Reports link in the navigation bar.
2. Click the tab Recent Activity.
Recent activity is displayed in order from recent to oldest. This view can be searched and filtered by type, user, and
date range.
Review
8.7. Activity
155
Morpheus Documentation, Release 2.12.4
To review the item the activity occurred on, click the name of the activity and it will go to a new page and display that
item.
Note: Deleted activities are displayed as an alert and do not contain a link to the event item. If the activity is not a
deletion event we provide a link on the activity name to go to the item the activity occurred on.
To Filter:
1. Click the filter drop down of type of filter you want to apply.
2. Select the appropriate filter.
156
Chapter 8. Operations
CHAPTER
9
Services
9.1 Cypher
9.1.1 Overview
Cypher at its core is a secure Key/Value store. But what makes cypher useful is the ability to securely store or generate
credentials to connect to your instances. Not only are these credentials encrypted but by using a cypher you don’t have
to burn in connection credentials between instances into your apps.
Cypher keys can be revoked, either through lease timeouts or manually. So even if somebody were to gain access to
your keys you could revoke access to the keys and generate new ones for your applications.
Keys can have different behaviors depending on the specified mountpoint.
9.1.2 Mountpoints
password Generates a secure password of specified character length in the key pattern (or 15) with symbols, numbers,
upper case, and lower case letters (i.e. password/15/mypass generates a 15 character password).
secret This is the standard secret module that stores a key/value in encrypted form.
uuid Returns a new UUID by key name when requested and stores the generated UUID by key name for a given lease
timeout period.
key Generates a Base 64 encoded AES Key of specified bit length in the key pattern (i.e. key/128/mykey generates a
128-bit key)
• Key lease times are entered in milliseconds and default to 32 days (2764800000 ms).
– Quick MS Time Reference:
– Day: 86400000
– Week: 604800000
– Month (30 days): 2592000000
157
Morpheus Documentation, Release 2.12.4
– Year: 31536000000
9.1.3 Creating Cypher Keys
1. Navigate to Services - Cypher and select “+ ADD KEY”
2. Configure one of the following types of Keys:
9.1.4 Password
A Cypher password generates a secure password of specified character length in the key pattern (or 15) with symbols,
numbers, upper case, and lower case letters (i.e. password/15/mypass generates a 15 character password).
Key:: Pattern password/character_length/key
Example: password/10/mypassword
Value:: Leave the Value filed blank for a password, as it will be generated.
Lease: Enter lease time in milliseconds (ex. 604800000 for one week)
Save changes and the password will be generated and available for use.
If your user role has Cypher: Decrypt permissions, a “DECRYPT” button will be available in the Cypher section to
view the generated password.
To delete the password key, select Actions -> Remove and confirm.
9.1.5 Secret
A Cypher secret is the standard secret module that stores a key/value in encrypted form.
Key Pattern “secret/key”
• EXAMPLE: secret/mysecret
Value Add the secret value to be encrypted
Lease Enter lease time in milliseconds (ex. 604800000 for one week)
Save changes and the secret will be encrypted and available for use.
If your Morpheus user role has Cypher: Decrypt permissions, a “DECRYPT” button will be available in the Cypher
section to view the secret.
To delete the secret, select Actions -> Remove and confirm.
9.1.6 UUID
A Cypher UUID Returns a new UUID by key name when requested and stores the generated UUID by key name for
a given lease timeout period.
Key Pattern “uuid/key”
• Example: uuid/myuuid
Value Leave the Value filed blank for UUID, as it will be generated.
Lease Enter lease time in milliseconds (ex. 604800000 for one week)
158
Chapter 9. Services
Morpheus Documentation, Release 2.12.4
Save changes and the UUID will be generate and available for use.
If your user role has Cypher: Decrypt permissions, a “DECRYPT” button will be available in the Cypher section to
view the generate UUID.
To delete the UUID, select Actions -> Remove and confirm.
9.1.7 Key
A Cypher Key generates a Base 64 encoded AES Key of specified bit length in the key pattern (i.e. key/128/mykey
generates a 128-bit key).
Key Pattern “key/bit_length/key”
• Example: key/256/mykey
Value Leave the Value filed blank for key, as it will be generated.
Lease Enter lease time in milliseconds (ex. 604800000 for one week)
Save changes and the AES Key will be generate and available for use.
If your user role has Cypher: Decrypt permissions, a “DECRYPT” button will be available in the Cypher section to
view the generate AES Key.
To delete the UUID, select Actions -> Remove and confirm.
9.1.8 Using Cypher Keys in Scripts
To use a cypher Key in a script, use the following syntax:
<%=cypher.read(‘var_name’)%>
Example: PASSWORD=<%=cypher.read('secret/myuserpassword')%>
9.2 Archives
9.2.1 Overview
Archives provides a way to store your files and make them available for download by your Scripts and Users. Archives
are organized by buckets. Each bucket has a unique name that is used to identify it in URLs and Scripts.
9.2.2 Storage Provider
Archive buckets are assigned a Storage Provider (Object Store). This is where the bucket will write its files. A Storage
Provider can be configured to use the local appliance file system (Local), an Amazon S3 bucket, etc.
Every archive bucket generates and uses a random File Path to store its files under. This ensures two different archive
buckets will not contend for the same backend storage location.
9.2. Archives
159
Morpheus Documentation, Release 2.12.4
9.2.3 Permissions
Visibility
Visibility determines whether your files are secure or not.
Private This secures your files. Only authorized users of the Owner and Tenants account may view the bucket and
download its files. This is the default.
Public This makes your files available to the public. Anyone, including anonymous users/scripts can download these
files without any authentication.
Warning: Be careful not to store sensitive files in a Public archive.
Users of the Owner account may fully manage the files in a bucket.
Tenants
Users of the Owner account may fully manage the files in a bucket. Users of the Tenant account(s) will have read-only
access. The may browse and download files in the bucket.
Both Owner and Tenants must have the Services: Archives permission to access a Private bucket. READ level access
allows browsing and downloading files in the bucket.
FULL access allows full management of the bucket and its files. This includes modifying files and links, bucket
settings and deleting it.
9.2.4 Files
To add a file to a bucket, click on the bucket name, and then click the + ADD FILE button. Once added, click on the
file name to access the links, history and script section for the file.
9.2.5 Links
You can create a Link to download a Private file without any authentication. Links may be configured to expire after a
period of time.
9.2.6 Scripts
Morpheus automatically generates syntax for creating a link to a file in your Scripts. When the Script is generated, it
will create a temporary link to download the file and return the URL of that link. This link is made available to the
public. It is accessible to any user or script that can reach the appliance. Downloading the file only requires knowing
the URL, which includes a secret token parameter. You can specify the number of seconds before the link expires.
The default value is 1200 (20 minutes).
160
Chapter 9. Services
CHAPTER
10
Integration Guides
10.1 Clouds
10.2 VMware vCenter
10.2.1 Overview
VMware is a very common cloud integration choice supported by Morpheus . They have provided a top notch virtualization solution and one might argue pioneered the virtualization space altogether. As such, many companies utilize
this technology and all the features that come with it, so Morpheus covers a broad feature set in vCenter.
10.2.2 Features
• Virtual Machine Provisioning
• Backups / Snapshots
• Resource Groups
• Datastores and DRS Clusters
• Distributed Switches
• Datacenter / Cluster scoping
• Brownfield VM management and migration
• VMware to VMware migrations
• VMDK/OVF image conversion support
• Hypervisor Remote Console
• Periodic Synchronization
• Veeam Backup Integration
161
Morpheus Documentation, Release 2.12.4
• Lifecycle Management and Resize
On top of all these features, Morpheus also adds additional features to VMware that do not exist out of the box to
make it easier to manage in multitenant environments as well as hybrid cloud environments:
• Cloud-Init Support
• VHD to VMDK Image Conversion
• QCOW2 to VMDK Image Conversion
• Multitenancy resource allocation
• Virtual Image management (Templates)
• Auto-scaling and recovery
10.2.3 Getting Started
To get started with vmware, simply start by adding a Cloud in the Infrastructure -> Clouds section.
To start adding a VMware cloud there will be some things you will need:
Vcenter API Url Typically this is the url to the Vcenter web client with a /sdk in the path
Username/Password A set of credentials with high level access to VMware (ensure the account has Datacenter level
access)
Once these fields are entered, some selections will start pre-populating. A cloud integration must be scoped to a
specific data center and cluster. If the drop downs do not populate, please verify the api url and provided credentials
have access to Vcenter.
162
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
Another cool feature provided with the cloud integration is optional Resource Pool scoping. One can choose to allow
the cloud to provision into All Resource Pools or a singular Resource Pool. When choosing All, these Resource Pools
can be managed from a sub-account and visibility perspective via the Cloud Detail page (multi-tenancy).
The VMware cloud integration provides a few additional options including allowing users to make host selections or
keeping that aspect hidden such that the best host is automatically chosen for the requested provision.
The RPC Mode feature can be configured to allow Morpheus to install its agent on the Guest operating system via
either SSH/WinRM or Vmware Tools Guest Process feature. The VMware tools Guest Execution API can be tricky so
it is recommended to use SSH/WinRM if possible. However, if it is not possible for the Appliance to have outbound
access to all networks in which VMs are being provisioned to the SSH/WinRM ports (22, 5985 respectively) then
Guest Execution is the only option.
The Use VNC console option on the VMware cloud requires special configuration on each ESXI host but allowed
hypervisor level remote console support. (See the Advanced Section for details)
When following this add cloud wizard an option will be presented to create a group or add to an existing group. These
groups can be given provisioning permission via role based access control. It is normally recommended that groups are
organized such that one cloud exists in one group unless the networks are setup such that internal routing is possible
between the clouds. This is very useful for bursting, or hybrid cloud configurations.
10.2.4 Existing Instances
Morpheus provides several features regarding pulling in existing virtual machines and servers in an environment. Most
cloud options contain a checkbox titled ‘Inventory Existing Instances’. When this option is selected, all VMs found
within the specified scope of the cloud integration will be scanned periodically and Virtual Machines will be synced
into Morpheus . By default these virtual machines are considered ‘unmanaged’ and do not appear in the Provisioning
-> Instances area but rather Infrastructure -> Hosts -> Virtual Machines. However, a few features are provided with
regards to unmanaged instances. They can be assigned to various accounts if using a multitenant master account,
however it may be best suited to instead assign the ‘Resource Pool’ to an account and optionally move all servers with
regards to that pool (more on this later). A server can also be made into a managed server. During this process remote
access is requested and an agent install is performed on the guest operating system. This allows for guest operations
regarding log acquisition and stats. If the agent install fails, a server will still be marked as managed and an Instance
will be created in Provisioning, however certain features will not function. This includes stats collection and logs.
Note: All Cloud data is resynchronized on a 5 minute interval. This includes Datastores, Resource Pools, Networks,
Templates, and Virtual Machines.
10.2.5 Service Plans
A default set of Service Plans are created in Morpheus for the VMware provisioning engine. These Service Plans can
be considered akin to AWS Flavors or Openstack Flavors. They provide a means to set predefined tiers on memory,
storage, cores, and cpu. Price tables can also be applied to these so estimated cost per virtual machine can be tracked
as well as pricing for customers. By default, these options are fixed sizes but can be configured for dynamic sizing.
A service plan can be configured to allow a custom user entry for memory, storage, or cpu. To configure this, simply
edit an existing Service Plan tied to VMware or create a new one. These all can be easily managed from the Admin ->
Plans & Pricing section.
10.2. VMware vCenter
163
Morpheus Documentation, Release 2.12.4
10.2.6 Virtual Images / Templates
Morpheus will automatically take an inventory of all templates configured in Vcenter and present them as options
during provisioning. However, in order for Morpheus to properly provision these virtual machines and provide accurate
stats and health of these virtual machines, an agent must be installed during virtual machine startup. This means remote
access needs to be granted at the guest operating system level to Morpheus . To properly configure these virtual images,
find the relevant images in Provisioning -> Virtual Images and edit the entry. On this form, a few options are presented.
The first is a check box asking whether or not cloud-init is enabled. If cloud-init is enabled, simply provide the default
OS username configured (for Ubuntu the username is ubuntu and for CentOS the username is centos). For those
looking to add cloud-init to existing templates Morpheus requires no special configuration and can use the default
cloud.cfg settings.
A global cloud-init username/password can also be configured per account as well as a keypair via the Admin>Provisioning settings section. The great benefit of utilizing cloud-init is default templates do not need common
credential sets thereby increasing provisioning security.
Windows systems do not typically support cloud-init. So simply turn this checkbox off and provide the Administrator
credentials. It should be noted that these credentials are encrypted in the database. If using WinRM for the RPC Mode
instead of VMware tools, a Local or Domain Administrator account credential set can be provided instead.
10.2.7 Docker
So far this document has covered how to add the VMware cloud integration and has enabled users the ability to
provision virtual machine based instances via the Add Instance catalog in Provisioning. Another great feature provided
by Morpheus out of the box is the ability to use Docker containers and even support multiple containers per Docker
164
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
host. To do this a Docker Host must first be provisioned into VMware (multiple are needed when dealing with
horizontal scaling scenarios).
To provision a Docker Host simply navigate to the Cloud detail page or Infrastructure->Hosts section. From there
click the + Container Host button to add a VMware Docker Host. This host will show up in the Hosts tab next to
other ESXi servers that were inventoried by the VMware cloud integration. Morpheus views a Docker host just like
any other Hypervisor with the caveat being that it is used for running containerized images instead of virtualized ones.
Once a Docker Host is successfully provisioned a green checkmark will appear to the right of the host marking it as
available for use. In the event of a failure click into the relevant host that failed and an error explaining the failure will
be displayed in red at the top.
Some common error scenarios include network connectivity. For a Docker Host to function properly, it must be able
to resolve the Morpheus appliance url which can be configured in Admin -> Settings. If it is unable to resolve and
negotiate with the appliance than the agent installation will fail and provisioning instructions will not be able to be
issued to the host.
10.2.8 Multitenancy
A very common scenario for Managed Service Providers is the need to provide access to VMware resources on
a customer by customer basis. With VMware several administrative features have been added to ensure customer
resources are properly scoped and isolated. For VMware it is possible to assign specific Networks, Datastores, and
Resource Pools to customer accounts or even set the public visibility of certain resources, therefore allowing all sub
accounts access to the resource.
10.2. VMware vCenter
165
Morpheus Documentation, Release 2.12.4
10.2.9 Advanced
There are several advanced features provided within Morpheus that can leverage some cool aspects of VMware. One
of these features is Remote Console support directly to the hypervisor. To enable this feature a few prerequisites must
be met. First, the Morpheus appliance must have network access to the ESXi hosts within VCenter. Secondly, firewall
settings need to be adjusted on each ESXi host. This can be done in VSphere under firewall configuration on the host.
Simply check the gdbserver option, which will open up the necessary ports (starting at 5900 range).
Now that the ESXi hosts are ready to utilize remote console, simply edit the cloud in Morpheus via Infrastructure ->
Clouds. Check the option that says Use VNC. It is important to note that currently this functionality only works for
newly provisioned vm’s provisioned directly via Morpheus . This should change soon however.
It is also possible to import vm snapshots for backup or conversion purposes from VCenter and also an ESXi host.
However, this does require that the ESXi host license has an enterprise level license as it will not allow the appliance
to download a virtual image if it is not a paid VMware license.
10.3 AWS
10.3.1 Overview
AWS is the Amazon public cloud, offering a full range of services and features across the globe in various datacenters.
AWS provides businesses with a flexible, highly scalable, and low-cost way to deliver a variety of services using open
standard technologies as well as proprietary solutions. This section of documentation will help you get Morpheus and
AWS connected to utilize the features below:
10.3.2 Features
• Virtual Machine Provisioning
• Containers
• Backups / Snapshots
• Resources Groups
• Migrations
• Auto Scaling
• Load Balancing
• AWS Marketplace Search and Provisioning
• Remote Console
• Periodic Synchronization
• Lifecycle Management and Resize
• Restore from Snapshots
• EC2
• RDS
• S3
• ELBs
• ALBs
166
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
• Route53
• IAM Pofiles
• Network Sync
• Security Group Sync
• Pricing Sync
• Assign Elastic IP’s
• Network Pools
Morpheus can provide a single pane of glass and self-service portal for managing instances scattered across both AWS
and private cloud offerings like VMWare and Hyper-V.
10.3.3 Requirements
• AWS IAM Security Credentials * Access Key * Secret Key * Sufficient User Privileges (see Required IAM
Policies section for more info)
• Security Groups * Typical Inbound ports open from Morpheus Appliance: 22, 5985, 3389 * Typical Outbound
to Morpheus Appliance: 80, 443
– These are required for Morpheus agent install, communication, and remote console access for windows
and linux. Other configurations, such as docker instances, will need the appropriate ports opened as well.
*Cloud-init Agent Install mode does not require access to port 22.
• Network(s) * Public IP assignment required for Agent install, Script Execution, and Console if the Morpheus
Appliance is not able to communicate with AWS instances private ip’s.
Note: Each AWS Cloud in Morpheus is scoped to an AWS Region, and multiple AWS Clouds can be added and even
Grouped. Verify Security groups are properly configured in all Regions Morpheus will scope to.
10.3.4 Creating an AWS Cloud
1. Navigate to Infrastructure -> Clouds
2. Select + Create Cloud
3. Select AWS
4. Enter the following:
Name Name of the Cloud in Morpheus
Location Description field for adding notes on the cloud, such as location.
Visibility For setting cloud permissions in a multi-tenant environment. Not applicable in single tenant environments.
Region Select AWS Region for the Cloud
Access Key Access Key ID from AWS IAM User Security Credentials.
Secret Key Secret Access Key associate with the Access Key ID.
Inventory Existing Instances If enabled, existing EC2 Instances will be inventoried and appear as unmanaged
Virtual Machines in Morpheus .
10.3. AWS
167
Morpheus Documentation, Release 2.12.4
5. The AWS cloud is ready to be added to a group and saved. Additional configuration options available:
Advanced Options
IMAGE TRANSFER STORE S3 bucket for Image transfers, required for migrations into AWS.
Note: All fields and options can be edited after the Cloud is created.
10.3.5 Minimum AWS IAM Policies
Below are the AWS IAM Policies for EC2, RDS, and S3 covering the minimum access for Morpheus applying to all
resources.
See http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html for more information.
EC2
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:AllocateAddress",
"ec2:AssignPrivateIpAddress",
"ec2:AttachVolume",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CancelExportTask",
"ec2:CancelImportTask",
"ec2:CopyImage",
"ec2:CreateImage",
"ec2:CopySnapshot",
"ec2:CreateInstanceExportTask",
"ec2:CreateKeyPair",
"ec2:CreateNetworkAcl",
"ec2:CreateNetworkAclEntry",
"ec2:CreateNetworkInterface",
"ec2:CreateSecurityGroup",
"ec2:CreateSnapshot",
"ec2:CreateTags",
"ec2:CreateVolume",
"ec2:DeleteKeyPair",
"ec2:DeleteNetworkAcl",
"ec2:DeleteNetworkAclEntry",
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:DeleteSnapshot",
"ec2:DeleteTags",
"ec2:DeleteVolumes",
"ec2:DeregisterImage",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeClassicLinkInstances",
168
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
"ec2:DescribeConversionTasks",
"ec2:DescribeExportTasks",
"ec2:DescribeImageAttribute",
"ec2:DescribeImages",
"ec2:DescribeImportImageTasks",
"ec2:DescribeImportSnapshotTasks",
"ec2:DescribeInstances",
"ec2:DescribeInstanceStatus",
"ec2:DescribeKeyPairs",
"ec2:DescribeNetworkAcls",
"ec2:DescribeNetworkInterfaceAttribute",
"ec2:DescribeNetworkInterfaces",
"ec2:DescribeRegions",
"ec2:DescribeSecurityGroupReferences",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSnapshotAttribute",
"ec2:DescribeSnapshots",
"ec2:DescribeStaleSecurityGroups",
"ec2:DescribeSubnets",
"ec2:DescribeTags",
"ec2:DescribeVolumeAttribute",
"ec2:DescribeVolumes",
"ec2:DescribeVolumeStatus",
"ec2:DescribeVpcAttribute",
"ec2:DescribeVpcClassicLink",
"ec2:DescribeVpcClassicLinkDnsSupport",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeVpcEndpointsServices",
"ec2:DescribeVpcs",
"ec2:DetachNetworkInterface",
"ec2:DetachVolume",
"ec2:DisassociateAddress",
"ec2:ImportImage",
"ec2:ImportInstance",
"ec2:ImportKeyPair",
"ec2:ImportSnapshot",
"ec2:ImportVolume",
"ec2:ModifyImageAttribute",
"ec2:ModifyInstanceAttribute",
"ec2:ModifyNetworkInterfaceAttribute",
"ec2:ModifySnapshotAttribute",
"ec2:ModifyVolumeAttribute",
"ec2:RebootInstances",
"ec2:RegisterImage",
"ec2:ReleaseAddress",
"ec2:ReplaceNetworkAclAssociation",
"ec2:ReplaceNetworkAclEntry",
"ec2:ResetImageAttribute",
"ec2:ResetInstanceAttribute",
"ec2:ResetNetworkInterfaceAttribute",
"ec2:ResetSnapshotAttribute",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress",
"ec2:RunInstances",
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:TerminateInstances",
"ec2:UnassignPrivateIpAddresses"
10.3. AWS
169
Morpheus Documentation, Release 2.12.4
],
"Resource": "*"
}
]
}
RDS:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"rds:AddRoleToDBCluster",
"rds:AddTagsToResource",
"rds:ApplyPendingMaintenanceAction",
"rds:AuthorizeDBSecurityGroupIngress",
"rds:CopyDBClusterParameterGroup",
"rds:CopyDBClusterSnapshot",
"rds:CopyDBSnapshot",
"rds:CreateDBCluster",
"rds:CreateDBClusterSnapshot",
"rds:CraeteDBInstance",
"rds:CreateDBInstnaceReadReplica",
"rds:CreateDBSecurityGroup",
"rds:CreateDBSnapshot",
"rds:DeleteDBCluster",
"rds:DeleteDBInstance",
"rds:DeleteDBSecurityGroup",
"rds:DeleteDBSnapshot",
"rds:DescribeAccountAttributes",
"rds:DescribeCertificates",
"rds:DescribeDBClusterParameterGroups",
"rds:DescribeDBClusterParameters",
"rds:DescribeDBClusters",
"rds:DescribeDBClusterSnapshotAttributes",
"rds:DescribeDBClusterSnapshots",
"rds:DescribeDBEngineVersions",
"rds:DescribeDBInstances",
"rds:DescribeDBLogFiles",
"rds:DescribeDBParameterGroups",
"rds:DescribeDBParameters",
"rds:DescribeDBSecurityGroups",
"rds:DescribeDBSnapshotAttributes",
"rds:DescribeDBSnapshots",
"rds:DescribeDBSubnetGroups",
"rds:DescribeEngineDefaultClusterParameters",
"rds:DescribeEngineDefaultParameters",
"rds:DescribeEventCatagories",
"rds:DescrbieEvents",
"rds:DescribeOptionGroupOptions",
"rds:DescribeOptionGroups",
"rds:DescribeOrderableDBInstanceOptions",
"rds:DescribeSourceRegions",
"rds:ListTagsForResource",
170
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
"rds:ModifyDBCluster",
"rds:ModifyDBClusterParameterGroup",
"rds:ModifyDBClusterSnapshotAttribute",
"rds:ModifyDBInstance",
"rds:ModifyDBParameterGroup",
"rds:ModifyDBSnapshot",
"rds:ModifyDBSnapshotAttribute",
"rds:PromoteReadReplica",
"rds:PromoteReadReplicaDBCluster",
"rds:RebootDBInstance",
"rds:RemoveRoleFromDBCluster",
"rds:RemoveTagsFromResource",
"rds:RestoreDBClusterFromS3",
"rds:RestoreDBClusterFromSnapshot",
"rds:RestoreDBClusterToPointInTime",
"rds:RestoreDBInstanceFromDBSnapshot",
"rds:RestoreDBInstanceToPointInTime",
"rds:RevokeDBSecurityGroupIngress"
],
"Resource": "*"
}
]
}
S3
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "access-1",
"Effect": "Allow",
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject",
"s3:DeleteObjectVersion",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:GetObjectVersion”,
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:ListBucketVersions",
"s3:ListMultipartUploads",
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::bucketname",
"arn:aws:s3:::bucketname/*"
]
}
]
}
10.3. AWS
171
Morpheus Documentation, Release 2.12.4
Resource Filter
If you need to limit actions based on filters you have to pull out the action and put it in a resource based policy since
not all the actions support resource filters.
See http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-iam-actions-resources.html for more info
on limiting resources by filter.
Resource filter example:
{
"Effect": "Allow",
"Action": [
"ec2:StopInstances",
"ec2:StartInstances"
],
"Resource": *
},
{
"Effect": "Allow",
"Action": "ec2:TerminateInstances",
"Resource": "arn:aws:ec2:us-east-1:123456789012:instance/*",
"Condition": {
"StringEquals": {
"ec2:ResourceTag/purpose": "test"
}
}
}
10.4 Azure
10.4.1 Overview
Azure is Microsoft’s public cloud offering. Offering a full range of services and features across the globe in various
datacenters. It is the equivalent of AWS for Microsoft running primarily on the Hyper-V based hypervisor. While it is
a great public cloud offering, it can be somewhat difficult to get integrated with which is what this guide aims to cover.
10.4.2 Features
• Virtual Machine Provisioning
• Azure SQL Database
• Backups / Snapshots
• Resource Group Sync & Selection
• Network Sync & Selection
• Security Group Sync & Selection
• Storage Account Sync & Selection
• Marketplace Search and Provisioning
• Azure Marketplace Custom Library Item Support
• Remote Console
172
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
• Periodic Synchronization
• Lifecycle Management and Resize
• Availability Set Support
• Azure Load Balancers
• Azure Storage
• Docker Host Provisioning & Management
• Service Plan Sync
• Pricing Sync with markup options
• Cost Estimator
Combine these features with on premise solutions like Azure-Stack and Morpheus can provide a single pane of glass
and self service portal for managing instances scattered across both public Azure and private Azure Stack offerings.
Note: Morpheus even supports integrating with CSP based accounts in Azure (typically used by managed service
providers).
10.4.3 Requirements
• Azure Active Directory Application & Credentials
– Client ID (old portal) / Application ID (new portal)
– Client Secret (old portal) / Key Value (new portal)
– Tenant ID (old Portal) / Directory ID (new portal)
– Azure Subscription ID
• Above Active Directory App added as owner of this Azure Subscription
• Existing Azure Resources
– Network Security Group(s) * Typical Inbound ports open from Morpheus Appliance: 22, 5985, 3389
* Typical Outbound to Morpheus Appliance: 80, 443
· These are required for Morpheus agent install, communication, and remote console access for
windows and linux. Other configurations, such as docker instances, will need the appropriate
ports opened as well.
– Virtual Network(s)
* Public IP assignment required for instances if Morpheus Appliance is not able to communicate with
Azure instances private ip’s.
– Resource Group(s)
– Storage Account(s)
Note: Morpheus v2.10.3 added support for multiple Resource Groups and Storage Accounts per cloud, making our
Azure integration more capable and easier to configure. Prior versions of Morpheus supported one resource group and
one storage account per cloud, with the security group and network selection limited to the scoped Resource Group.
10.4. Azure
173
Morpheus Documentation, Release 2.12.4
If you are on an earlier version of Morpheus , please note you will need to add an Azure cloud integration for each
Resource Group and Storage Account you would like to use.
Azure Active Directory Credentials
If you do not already have the Azure Active Directory credentials required to add an Azure cloud to Morpheus , use
the steps below to obtain them.
Important: Microsoft recently added support for Active Directory application configuration in the new Azure portal.
Previously, users had to use the old portal to get the required credentials to integrate Azure with Morpheus . The
instructions below are updated for the new portal. Microsoft also changed the naming conventions of the credentials:
Old and New Portal Naming Conventions:
Old Azure Portal Name
Tenant ID
Client ID
New Azure Portal Name
Directory ID
Application ID
Creating an Azure Active Directory Application
If you do not have an existing Azure Active Directory application for Morpheus , you will need to create a new on by:
1. Log into the Azure portal
2. Select “Azure Active Directory”
3. Select “App Registrations”
4. Select “New Application Registration”
174
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
5. Next, give your new AD app a name, specify Web app / API for the type (default) and enter any url for the
Sign-on URL:
6. Click Create and your new Azure Active Directory Application will be created.
Now that we have (or already had) our AD app, we will gather the credentials required for the Morpheus Azure
integration.
10.4. Azure
175
Morpheus Documentation, Release 2.12.4
Tenant ID/Directory ID
While still in the Active Directory Section:
1. Select Properties
2. Copy the Directory ID
3. Store/Paste for use as the Tenant ID when Adding your Azure cloud in Morpheus
Client ID/Application ID
1. Select App Registrations
2. Select your Active Directory Application
3. Copy the Application ID
4. Store/Paste for use as the Client ID when Adding your Azure cloud in Morpheus
176
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
Client Secret/Key Value
While still in your Active Directory Application:
1. Select Keys in the Settings pane
2. Enter a name for the key
3. Select a duration
4. Select save
5. Copy the Key Value
6. Store/Paste for use as the Client ID when Adding your Azure cloud in Morpheus
Important: Copy the key value. You won’t be able to retrieve after you leave this blade.
10.4. Azure
177
Morpheus Documentation, Release 2.12.4
You now have the 3 Active directory credentials required for Morpheus Azure cloud integration.
Subscription ID
The last credential required for the Morpheus Azure cloud integration is the Azure Subscription ID
1. Select Resource Groups
2. Select a Resource Group (instruction below if you do not have an existing resource group)
3. Copy the Subscription ID
4. Store/Paste for use as the Subscription ID when Adding your Azure cloud in Morpheus
178
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
Make Azure Active Directory Application owner of Subscription
The Active Directory Application used needs to be an owner of the subscription used for the Azure Morpheus cloud
integration.
1. In the Subscription pane, select “Access Control (IAM)”
10.4. Azure
179
Morpheus Documentation, Release 2.12.4
2. Click “+ Add”, in the pane to the right, select “1 Select a role” and then select “Owner”
180
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
3. Select “2. Add Users” and in the search box begin to type the name of the AD Application created earlier.
Note: the AD Application will not display by default and must be searched for.
4. Select the Application, then click “Select” at the bottom of the Add Users pane, and the select “OK” at the
bottom of the Add Access pane.
Important: Be sure to select “OK” at the bottom of the Add Access pane or the user addition will not save.
10.4. Azure
181
Morpheus Documentation, Release 2.12.4
You now have the required Credentials to add an Azure cloud integration into Morpheus .
Important: You will also need to have existing Network Security Group(s), Virtual Networks(s) and Storage Accounts(s). Instructions for creating these can be found later in this article.
10.4.4 Add Azure cloud in Morpheus
Azure is now ready to be added into Morpheus . Ensure you have the noted Subscription ID, Tenant ID, Client ID,
and Client Secret accessible.
1. In Infrastructure - Clouds, select “+ Create Cloud” and select Azure from the cloud widget.
OR
2. In Infrastructure, Groups- you can select the Clouds tab of a Group and click “+ ADD” next to Azure in the
Public Cloud section
3. Enter the following:
• Name
• Location (optional)
• Domain (if not localdomain)
• Scale Priority
• Subscription ID (from step 18)
• Tenant ID (from step 16)
182
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
• Client ID (from step 13)
• Client Secret (from step 13)
If everything is entered correctly, the Location dropdown will populate.
4. Select the Location/Region to scope the cloud to (additional Clouds can be added for multiple regions)
5. Select All or specify a Resource Group to scope this cloud to
6. Optionally select “Inventory Existing Instances” (This will inventory your existing vm’s in Azure and list them
in Morpheus as unmanaged instances.)
7. Click “Save Changes”
Your Azure Cloud will be created.
10.4. Azure
183
Morpheus Documentation, Release 2.12.4
10.4.5 Creating Resources in Azure
If you do not have existing Network Security Groups, Virtual Networks, or Storage Accounts, you can create them by
following the steps below:
Create a Network Security Group
1. In the main Azure toolbar, select the right arrow at the bottom of the toolbar (if collapsed) and search for and
select Network Security Groups.
184
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
2. Click “+ Add” at the top of the Network security groups pane
10.4. Azure
185
Morpheus Documentation, Release 2.12.4
3. Enter a unique name for the security group, select the correct subscription, and either select the resource group
being used, or create a new one as shown below. Also verify the Location is the same, and then click “Create”
at the bottom of the pane.
4. Configure inbound and outbound rules for the security group. Ports 80 (http), 443 (https) 22 (ssh) and 5985
(winrm) need to be open to and from the Morpheus appliance.
Create a Virtual Network
1. In the main Azure toolbar, select the right arrow at the bottom of the toolbar (if collapsed) and search for and
select Virtual Networks.
186
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
2. Click “+ Add” at the top of the Virtual Networks pane
10.4. Azure
187
Morpheus Documentation, Release 2.12.4
3. Enter a unique name for the virtual network, the correct subscription, select “Use existing” and select the same
resource group as the Network Security Group. Also verify the Location is the same, and then click “Create” at
the bottom of the pane.
Create a Storage Account
1. In the main Azure toolbar, select the right arrow at the bottom of the toolbar (if collapsed) and search for and
select Storage Accounts.
188
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
2. Click “+ Add” at the top of the Storage accounts pane
image::images/newazure-7947e.png[]
3. Enter a unique name for the storage account, select “Locally-redundant storage (LRS) for Replication, select the
correct subscription, select “Use existing” and select the same resource group as the Network Security Group
and Virtual Network. Also verify the Location is the same, and finally click “Create” at the bottom of the pane.
10.4. Azure
189
Morpheus Documentation, Release 2.12.4
10.4.6 Docker
So far this document has covered how to add the Azure cloud integration and has enabled users the ability to provision
virtual machine based instances via the Add Instance catalog in Provisioning. Another great feature provided by
Morpheus out of the box is the ability to use Docker containers and even support multiple containers per Docker host.
To do this a Docker Host must first be provisioned into Azure (multiple are needed when dealing with horizontal
scaling scenarios).
To provision a Docker Host simply navigate to the Cloud detail page or Infrastructure?Hosts section. From there click
the + Container Host button to add a Azure Docker Host. This host will show up in the Hosts tab. Morpheus views
a Docker host just like any other Hypervisor with the caveat being that it is used for running containerized images
instead of virtualized ones. Once a Docker Host is successfully provisioned a green checkmark will appear to the right
of the host marking it as available for use. In the event of a failure click into the relevant host that failed and an error
explaining the failure will be displayed in red at the top.
Some common error scenarios include network connectivity. For a Docker Host to function properly, it must be able to
resolve the Morpheus appliance url which can be configured in Admin|Settings. If it is unable to resolve and negotiate
with the appliance than the agent installation will fail and provisioning instructions will not be able to be issued to the
host.
190
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
10.4.7 Multi-tenancy
A very common scenario for Managed Service Providers is the need to provide access to Azure resources on a customer
by customer basis. With Azure several administrative features have been added to ensure customer resources are
properly scoped and isolated. For Azure it is possible to assign specific Networks, and Resource Groups to customer
accounts or even set the public visibility of certain resources, therefore allowing all sub accounts access to the resource.
10.5 Azure Stack
10.5.1 Overview
Azure Stack is Microsoft’s Azure Cloud for on-premises environments. Azure Stack contains the core Azure services,
allowing organizations to take advantage of Azure’s offerings with the security, compliance, and financial benefits of
hosting it in their own data-centers.
• Virtual Machine Provisioning
• Backups / Snapshots
• Resource Group Sync & Selection
• Network Sync & Selection
• Security Group Sync & Selection
• Storage Account Sync & Selection
• Marketplace Search and Provisioning
• Remote Console
• Periodic Synchronization
• Lifecycle Management and Resize
• Availability Set Support
• Azure Load Balancers
• Azure Storage
• Docker Host Provisioning & Management
• Service Plan Sync
• Pricing Sync with markup options
• Cost Estimator
Combine these features with public Azure and Morpheus can provide a single pane of glass and self service portal for
managing instances scattered across both Azure offerings.
10.5.2 Requirements
Azure Stack Accessibility
By default, the Azure Stack management url’s are not accessible from an external network. Port mappings and DNS
must be configured for communication between the Morpheus Appliance and Azure Stack.
10.5. Azure Stack
191
Morpheus Documentation, Release 2.12.4
Important: In order to communicate with Azure Stack, Morpheus must be able to reach the internal Azure Stack
network. The Azure Stack Portal needs to be exposed to the Morpheus Appliances’ network with corresponding
entries added to DNS.
One option to expose the Internal Azure Stack network to the Morpheus Appliances’ network is to
use the ‘Expose-AzureStackPortal.ps1’ powershell script from https://gallery.technet.microsoft.com/scriptcenter/
Expose-the-Azure-Stack-7ef68b19. An Azure Stack Port Mapping Tool is also available.
Below is a sample output from the script for reference:
[Admin Portal] Created port mappings on 10.30.23.120 to 192.168.102.8
[Admin Portal] Ports: 13011 30015 13001 13010 13021 13020 443 13003 12646 12647 12648
˓→12649 12650 12495 13026 12499
[Admin Portal] DNS: 10.30.23.120 - adminportal.local.azurestack.external
˓→adminmanagement.local.azurestack.external
[Tenant Portal] Created port mappings on 10.30.23.121 to 192.168.102.10
[Tenant Portal] Ports: 13011 30015 13001 13010 13021 13020 443 13003 12646 12647
˓→12648 12649 12650 12495 13026 12499
[Tenant Portal] DNS: 10.30.23.121 - portal.local.azurestack.external management.local.
˓→azurestack.external
[Blob Storage] Created port mappings on 10.30.23.122 to 192.168.102.4
[Blob Storage] Ports: 80 443
[Blob Storage] DNS: 10.30.23.122 *.blob.local.azurestack.external
VERBOSE: DNS delegation/forwarding is optional, change the DNS records on MAS-DC01
˓→manually (dnsmgmt.msc from Host).
[DNS Delegation] Created port mappings on 10.30.23.120 to 192.168.200.224
[DNS Delegation] Ports: 53 (TCP/UDP)
[DNS Delegation] DNS: local.azurestack.external NS 10.30.23.120
[DNS Delegation] Change records on MAS-DC01 manually if you plan to use DNS
˓→forwarding.
[DNS Delegation] Change records back to the original internal IPs before running this
˓→script again.
VERBOSE: App
[App Service
[App Service
[App Service
Service detected and external IP's specified, creating mappings....
API] Created port mappings on 10.30.23.123 to 192.168.102.17
API] Ports: 443
API] DNS: 10.30.23.123 api.appservice.local.azurestack.external
[App Service Apps] Created port mappings on 10.30.23.124 to 192.168.102.15
[App Service Apps] Ports: 80 443 21 990
[App Service Apps] DNS: 10.30.23.124 *.appservice.local.azurestack.external
Azure Stack Resources
The following resources need to be created and configured inside Azure Stack for successful provisioning:
• Resource Group(s)
• Virtual Network(s)
• Storage Account(s)
• Network Security Group(s) * Inbound ports open from Morpheus Appliance: 22, 5985, 3389 * Outbound ports
open to Morpheus Appliance: 80, 443
192
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
Note: Proper Network and Network Security Group configuration is required for Morpheus agent install, communication, and remote console access. Other configurations, such as docker instances, will need the appropriate ports
opened as well.
Required Credentials & Permissions
Credentials to integrate Morpheus with Azure Stack are located in both the public Azure Portal and the Private Azure
Stack Portal. The Azure Active Directory Application used must be an owner of the Azure Stack subscription.
• Azure Portal: * Azure Active Directory Application Credentials
– Directory ID
– Management URL
– Identity Resource URL
– Application ID
– Key Value
• Azure Stack Portal: * Azure Stack Subscription ID * Active Directory App from Azure portal added as owner
of the Azure Stack Subscription in Azure Stack.
10.5.3 Adding an Azure Stack Cloud
Configure
1. In the Morpheus UI, navigate to Infrastructure -> Clouds and Select + CREATE CLOUD
2. Select AZURE STACK (PRIVATE) from the Clouds list and select NEXT
3. In the Configure section, enter:
NAME Internal name for the Cloud in Morpheus
LOCATION (Optional) Can be used to specify the location of the Cloud or add a description.
VISIBILITY
Determines Tenant visibility for the Cloud.
• Private: Access to the Cloud is limited to the assigned Tenant (Master Tenant by default)
• Public: Access to the Cloud can be configured for Tenants in their Tenant Role permissions.
IDENTITY URL https://login.microsoftonline.com
MANAGEMENT URL* Azure AD Azure Stack Administrator app or Microsoft Azure Stack Administrator
app url. Example: https://adminmanagement.local.azurestack.external/
IDENTITY RESOURCE URL Azure AD Azure Stack Administrator App ID URI Example: https://
adminmanagement.xxxxxxx.onmicrosoft.com/4a80e607-4259-4ac6-83e2-2fabeaf2eh83
BASE DOMAIN This should match the base domain in your Management url.
cal.azurestack.external
Example:
lo-
SUBSCRIPTION ID Subscription ID from Azure Stack portal (this is different from the Subscription ID in
you Azure portal used when configuring Azure Stack)
TENANT ID This is the Directory ID from the Azure AD directory
10.5. Azure Stack
193
Morpheus Documentation, Release 2.12.4
CLIENT ID Application ID of Azure AD app with Azure Stack permissions granted, and has been added as
an owner of the Azure Stack subscription (in the Azure Stack portal).
CLIENT SECRET Key Value of Application ID used above
4. Once all credentials are entered and validated, the Location and Resource Group fields will populate.
Location Select an Azure Stack region for the cloud to scope to. This typically will be “local”.
Resource Group Select All or a single Resource Group to scope the cloud to. Selecting a single Resource
Group will only sync resources in that Resource Group and disable Resource Group selection during
provisioning. All will sync all resources and allow specifying the Resource Group during provisioning.
Inventory Existing Instances If enabled, existing Virtual Machines will be inventoried and appear as unmanaged Virtual Machines in Morpheus .
5. The Azure Stack cloud is ready to be added to a group and saved. Additional configuration options available:
Note: All fields and options can be edited after the Cloud is created.
Advanced Options
DOMAIN Specify a default domain for instances provisioned to this Cloud.
SCALE PRIORITY Specifies the priority with which an instance will scale into the cloud. A lower priority
number means this cloud integration will take scale precedence over other cloud integrations in the group.
APPLIANCE URL Alternate Appliance url for scenarios when the default Appliance URL (configured in
admin -> settings) is not reachable or resolvable for Instances provisioned in this cloud. The Appliance
URL is used for Agent install and reporting.
TIME ZONE Configures the time zone on provisioned VM’s if necessary.
DATACENTER ID Used for differentiating pricing among multiple datacenters. Leave blank unless prices are
properly configured.
HYPER-CONVERGED ENABLED Not applicable for Azure Stack
DNS INTEGRATION Records for instances provisioned in this cloud will be added to selected DNS integration.
SERVICE REGISTRY Services for instances provisioned in this cloud will be added to selected Service Registry integration.
CONFIG MANAGEMENT Select a Chef, Salt, Ansible or Puppet integration to be used with this Cloud.
AGENT INSTALL MODE
• SSH / WINRM: Morpheus will use SSH or WINRM for Agent install.
• Cloud-Init (when available): Morpheus will utilize Cloud-Init or Cloudbase-Init for agent install when
provisioning images with Cloud-Init/Cloudbase-Init installed. Morpheus will fall back on SSH or
WINRM if cloud-init is not installed on the provisioned image.
API PROXY Required when a Proxy Server blocks communication between the Morpheus Appliance and the
Cloud. Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
Provisioning Options
API PROXY Required when a Proxy Server blocks communication between an Instance and the Morpheus
Appliance. Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
Bypass Proxy for Appliance URL Enable to bypass proxy settings (if added) for Instance Agent communication to the Appliance URL.
194
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
USER DATA (LINUX) Add cloud-init user data using bash syntax.
Once all options are configured, select NEXT to add the cloud to a Group.
Group
A Group must be specified or created for the new Cloud to be added to. Clouds can be added to additional Groups or
removed from Groups after being created.
USE EXISTING Add the new Cloud to an exiting Group in Morpheus .
CREATE NEW Creates a new Group in Morpheus and adds the Cloud to the Group.
Review
Confirm all settings are correct and select COMPLETE. The Azure Stack Cloud will be added, and Morpheus will
perform the initial cloud sync of:
• Virtual Machines (if Inventory Existing Instances is enabled)
• Networks
• Virtual Images/Templates
• Network Security Groups
• Storage Accounts
• Marketplace Catalog
• Availability Sets
Tip: Synced Networks can be configured or deactivated from the Networks section in this Clouds detail page, or in
the Infrastructure -> Networks section.
10.6 Openstack
10.6.1 Overview
Openstack is becoming a widely used on-premise infrastructure orchestration platform. It has a wide array of contributors and enterprise sponsorships. There are several variations on openstack as well ranging from HP’s Helion Cloud
to Cisco’s Metapod / Metacloud offering. Morpheus supports integration with all the various platform offerings and
ranges in support all the way back to Openstack Icehouse. It leverages the APIs and provides full functionality as a
self service portal in front of Openstack.
10.6.2 Features
• Virtual Machine Provisioning
• Backups / Snapshots
• Security Group Management
• Disk Mode support Local/Image (via Ceph)
• Floating IP Assignment support
• Brownfield VM management and migration
• Lifecycle Management and Resize
10.6. Openstack
195
Morpheus Documentation, Release 2.12.4
• Docker Host management / configuration
On top of all these features, Morpheus also adds additional features to Openstack that do not exist out of the box to
make it easier to manage in multitenant environments as well as hybrid cloud environments:
• Image to QCOW2 Image Conversion
• QCOW2 to RAW Image Conversion
• Multitenancy resource allocation
• Virtual Image management (Templates)
• Auto-scaling and recovery
10.6.3 Getting Started
Adding an Openstack cloud to Morpheus is one of the simpler cloud integrations to get started with. First go to the
Infrastructure -> Clouds section and click add cloud. From here there are several options including Metapod, Helion,
and general Openstack. Any of these options will actually work and for the most part the branded Openstack options
are represented to make it clearer to the user as to the capabilities of Morpheus .
Most of the information in the dialog can be acquired from the openstack dashboard. under Project -> Access &
Security -> API Access. The API Url that is needed is the one tied to Identity. The Domain and Project inputs
typically correlate to the multitenant domain setup within openstack (sometimes just left at default) as well as the
project name given to instances. Morpheus allows multiple integrations to the same openstack cluster scopable to
domains and projects as needed. The remaining options help Morpheus determine what api capabilities exist in the
selected openstack environment. Hence the need for the Openstack version and image format. If a newer openstack
cluster is being used then exists in the dropdown, simply select the most recent version in the dropdown and this should
function sufficiently until the new version is added.
Tip: Some Openstack environments do not support QCOW2 and force RAW image formats (like metapod). This
is due to some network overhead in Ceph created by using QCOW2. Morpheus keeps 2 copies of openstack image
templates for this exact purpose.
Saving this cloud integration should perform a verification step and close upon successful completion.
10.6.4 Existing Instances
Morpheus provides several features regarding pulling in existing virtual machines and servers in an environment. Most
cloud options contain a checkbox titled ‘Inventory Existing Instances’. When this option is selected, all VMs found
within the specified scope of the cloud integration will be scanned periodically and Virtual Machines will be synced
into Morpheus . By default these virtual machines are considered ‘unmanaged’ and do not appear in the Provisioning
-> Instances area but rather Infrastructure -> Hosts -> Virtual Machines. However, a few features are provided with
regards to unmanaged instances. They can be assigned to various accounts if using a multitenant master account,
however it may be best suited to instead assign the ‘Resource Pool’ to an account and optionally move all servers with
regards to that pool (more on this later). A server can also be made into a managed server. During this process remote
access is requested and an agent install is performed on the guest operating system. This allows for guest operations
regarding log acquisition and stats. If the agent install fails, a server will still be marked as managed and an Instance
will be created in Provisioning, however certain features will not function. This includes stats collection and logs.
Note: All Cloud data is resynchronized on a 5 minute interval. This includes Datastores, Resource Pools, Networks,
Templates, and Virtual Machines.
196
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
10.6.5 Advanced
There are a few advanced features when it comes to provisioning on top of Openstack. Most of these present themselves in the provisioning wizard. They include OS Volume Type (Local or Volume). This basically dictates wether
the main OS disk is copied and run off the hypervisor or remotely mounted as a volume via Glacier. Some openstack
setups only configure hypervisors with minimal local disks so Volume type is needed.
Another option during provisioning is “Assign Floating IP”. This option does exactly what it says and is similar to the
feature on the Openstack instances dashboard itself. It should be noted that this will attempt to acquire a floating IP
from the project and if out of capacity will attempt to increase capacity to the project if the cloud credentials provided
have sufficient administrative privileges to do so.
10.6.6 Docker
So far this document has covered how to add the Openstack cloud integration and has enabled users the ability to
provision virtual machine based instances via the Add Instance catalog in Provisioning. Another great feature provided
by Morpheus out of the box is the ability to use Docker containers and even support multiple containers per Docker
host. To do this a Docker Host must first be provisioned into Openstack (multiple are needed when dealing with
horizontal scaling scenarios).
To provision a Docker Host simply navigate to the Cloud detail page or Infrastructure->Hosts section. From there
click the + Container Host button to add a Openstack Docker Host. This host will show up in the Hosts tab. Morpheus
views a Docker host just like any other Hypervisor with the caveat being that it is used for running containerized
images instead of virtualized ones. Once a Docker Host is successfully provisioned a green checkmark will appear to
the right of the host marking it as available for use. In the event of a failure click into the relevant host that failed and
an error explaining the failure will be displayed in red at the top.
Some common error scenarios include network connectivity. For a Docker Host to function properly, it must be able
to resolve the Morpheus appliance url which can be configured in Admin -> Settings. If it is unable to resolve and
negotiate with the appliance than the agent installation will fail and provisioning instructions will not be able to be
issued to the host.
10.7 Digital Ocean
10.7.1 Add a Digital Ocean Cloud
DigitalOcean Cloud Integration Detail fields:
Name Name of the Cloud in Morpheus
Location Description field for adding notes on the cloud, such as location.
Visibility For setting cloud permissions in a multi-tenant environment. Not applicable in single tenant environments.
Username DigitalOcean Username
API Key Personal access tokens/Key from the DigitalOcean API -> Tokens/Keys section.
Data Center Select DigitalOcean DataCenter Region
The Cloud can now be added to a Group or configured with additional Advanced options.
10.7.2 Advanced Options
DOMAIN Specify a default domain for instances provisioned to this Cloud.
10.7. Digital Ocean
197
Morpheus Documentation, Release 2.12.4
SCALE PRIORITY Specifies the priority with which an instance will scale into the cloud. A lower priority number
means this cloud integration will take scale precedence over other cloud integrations in the group.
APPLIANCE URL Alternate Appliance url for scenarios when the default Appliance URL (configured in admin ->
settings) is not reachable or resolvable for Instances provisioned in this cloud. The Appliance URL is used for
Agent install and reporting.
TIME ZONE Configures the time zone on provisioned VM’s if necessary.
DATACENTER ID Used for differentiating pricing among multiple datacenters. Leave blank unless prices are properly configured.
DNS INTEGRATION Records for instances provisioned in this cloud will be added to selected DNS integration.
SERVICE REGISTRY Services for instances provisioned in this cloud will be added to selected Service Registry
integration.
CONFIG MANAGEMENT Select a Chef, Salt, Ansible or Puppet integration to be used with this Cloud.
AGENT INSTALL MODE
• SSH / WINRM: Morpheus will use SSH or WINRM for Agent install.
• Cloud-Init (when available): Morpheus will utilize Cloud-Init or Cloudbase-Init for agent install when
provisioning images with Cloud-Init/Cloudbase-Init installed. Morpheus will fall back on SSH or WINRM
if cloud-init is not installed on the provisioned image.
API PROXY Required when a Proxy Server blocks communication between the Morpheus Appliance and the Cloud.
Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
10.7.3 Provisioning Options
API PROXY Required when a Proxy Server blocks communication between an Instance and the Morpheus Appliance. Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
Bypass Proxy for Appliance URL Enable to bypass proxy settings (if added) for Instance Agent communication to
the Appliance URL.
USER DATA (LINUX) Add cloud-init user data using bash syntax.
10.8 Google
10.8.1 Add a Google Cloud
Tip: All of the required Goole Cloud credentials can be found in the .json file created when generating a key for a
Google Cloud service account.
1. Navigate to Infrastructure -> Clouds
2. Select + CREATE CLOUD, select Google Cloud, and then click Next.
3. Enter the following into the Create Cloud modal:
Name Name of the Cloud in Morpheus
Location Description field for adding notes on the cloud, such as location.
198
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
Visibility For setting cloud permissions in a multi-tenant environment. Not applicable in single tenant environments.
Project ID Google Cloud Project ID
Private Key Service Account Private key, begging with —–BEGIN PRIVATE KEY—–‘ and ending with
‘—–END PRIVATE KEY—–
Client Email Service Account Client Email. ex: morpheus@morpheus.iam.gserviceaccount.com
Region Regions will auto-populate upon successful authentication with the above credentials. Select appropriate region for this Cloud.
Inventory Existing Instances If enabled, existing Google Instances will be inventoried and appear as unmanaged Virtual Machines in Morpheus .
Note: Morpheus scopes clouds to single regions. Multiple clouds can be added for multi-region support, and then
optionally added to the same group.
The Cloud can now be added to a Group or configured with additional Advanced options.
Finally, add Google Cloud to an existing Group or create a new Group, and you have now integrated Morpheus with
Google Cloud!
10.9 Hyper-V
Hyper-V is the virtualized server computing environment introduced by Microsoft. Hyper-V is consumed by Morpheus
as a private cloud offering and is a common hypervisor technology in data centers. Morpheus provides and avenue to
aggregate Hyper-V resources together to allow efficient and seamless deployment of applications as a virtual machine
(VM) or Docker host in the world of Hyper-V.
10.9.1 Features
• Virtual Machine Provisioning
• Containers
• Backups / Snapshots
• Resources Groups
• Migrations
• Auto Scaling
• Load Balancing
• Remote Console
• Periodic Synchronization
• Veeam Integration
• Lifecycle Management and Resize
• Unique Kerberos Authentication
Morpheus can provide a single pane of glass and self-service portal for managing instances scattered across both
Hyper-V and public cloud offerings like Azure.
10.9. Hyper-V
199
Morpheus Documentation, Release 2.12.4
10.9.2 Getting Started
To get started this a few prerequisites must first be met. The Hyper-V host most be installed with its firewall enabled
and it can either be joined to a domain or standalone. The Hyper-V host must also have the external network of HyperV configured and it can share this network with the management operating system. This document covers Hyper-V
2008 and Hyper-V 2012.
A user account that is part of the local administrators group on the Hyper-V host is also required.
Understand WinRM
Morpheus uses WinRM to communicate to the Hyper-V host for deployment of the Morpheus agent. The Morpheus
agent allows for the host dashboard to be populated with information in the form of graphs that cover CPU, Network,
Storage, and memory consumption. Furthermore, this agent provides logging and monitoring capabilities.
If Windows Remote Management (WinRM) is not installed and configured, WinRM scripts do not run and the WinRM
command-line tool cannot perform data operations or allow for the Morpheus agent to be installed. WinRM uses Http
port 5985 or Https port 5986 for communications.
To better understand all of the default settings of WinRM please refer to the below Microsoft link:
https://msdn.microsoft.com/en-us/library/aa384372(v=vs.85).aspx
Native Authentication
To configure WinRM with default settings (WINRM_NATIVE)
Type the following command at a command prompt:
$ winrm quickconfig
If you are not running under the local computer Administrator account, you must either select Run as Administrator
from the Start menu or use the Runas command at a command prompt.
When the tool displays Make these changes [y/n]?, type y.
If configuration is successful, the following output is displayed:
$
$
$
$
WinRM has been updated for remote management.
WinRM service type changed to delayed auto start.
WinRM service started.
Created a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this
˓→machine.
Keep the default settings for client and server components of WinRM, or customize them. By default Kerberos is
enabled and if domain authentication is not being used we want to disable that. Issue the below commands to setup
basic authentication:
$ winrm set winrm/config/service/Auth @{Basic="true"}
$ winrm set winrm/config/service @{AllowUnencrypted="true"}
$ winrm set winrm/config/service/Auth @{Kerberos="false"}
Domain Authentication
To configure WinRM with Domain Authentication (WINRM_INTERNAL)
Type the following command at a command prompt
200
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
$ winrm quickconfig
If you are not running under the local computer Administrator account, you must either select Run as Administrator
from the Start menu or use the runas command at a command prompt.
When the tool displays Make these changes [y/n]?, type y.
If configuration is successful, the following output is displayed:
$
$
$
$
WinRM has been updated for remote management.
WinRM service type changed to delayed auto start.
WinRM service started.
Created a WinRM listener on HTTP://* to accept WS-Man requests to any IP on this
˓→machine.
Keep the default settings for client and server components of WinRM, or customize them. Issue the below commands
to setup domain authentication:
$ winrm set winrm/config/service/Auth @{Basic="true"}
$ winrm set winrm/config/service @{AllowUnencrypted="false"}
$ winrm set winrm/config/service/Auth @{Kerberos="true"}
Kerberos authentication will also need to be configured on the Morpheus appliance to support Windows domain
accounts to access the remote host with WINRM_INTERNAL connection type.
On the Morpheus appliance the krb5-user package must be installed. For Ubuntu the command is as follows:
$ sudo apt-get install krb5-user
Create a file in /etc called krb5.conf and replace the domain name with the name of the domain to be used. In this case
we used Morpheus .com as the domain.
[libdefaults]
default_realm = |morpheus| .COM
dns_lookup_kdc = true
verify_ap_req_nofail = false
default_tgs_enctypes = rc4-hmac
default_tkt_enctypes = rc4-hmac
[realms]
|morpheus| .COM = {
kdc = win-ad.|morpheus| .COM:88
admin_server = win-ad.|morpheus| .COM:749
}
[domain_realm]
.|morpheus| .COM = |morpheus| .COM
|morpheus| .COM = |morpheus| .COM
[login]
krb4_convert = true
krb4_get_tickets = false
After creation of the krb5.conf a keytab file is also required. See below on instructions on how to create a keytab file.
http://www.itadmintools.com/2011/07/creating-kerberos-keytab-files.html
10.9.3 Adding Hyper-V as a Private Cloud
The Hyper-V host is prepared for Morpheus to communicated with it via WinRM so the Hyper-V private cloud is
ready to be configured. Create a group and then create a Morpheus cloud for Hyper-V. Populated the information as
10.9. Hyper-V
201
Morpheus Documentation, Release 2.12.4
show in Figure 1: specific for the environment being configured.
Note: The working path, vm path, and disk path should be created on the Hyper-V host by the Hyper-V administrator.
If these paths are not created they will need to be setup and the Hyper-V settings will need to adjusted to reference
them.
202
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
10.9.4 Service Plans
A default set of Service Plans are created in Morpheus for the VMware provisioning engine. These Service Plans can
be considered akin to AWS Flavors or Openstack Flavors. They provide a means to set predefined tiers on memory,
storage, cores, and cpu. Price tables can also be applied to these so estimated cost per virtual machine can be tracked
as well as pricing for customers. By default, these options are fixed sizes but can be configured for dynamic sizing.
A service plan can be configured to allow a custom user entry for memory, storage, or cpu. To configure this, simply
edit an existing Service Plan tied to Hyper-V or create a new one. These all can be easily managed from the Admin |
Service Plans & Pricing section.
10.9. Hyper-V
203
Morpheus Documentation, Release 2.12.4
10.9.5 Docker
So far this document has covered how to add the Hyper-V cloud integration and has enabled users the ability to
provision virtual machine based instances via the Add Instance catalog in Provisioning. Another great feature provided
by Morpheus out of the box is the ability to use Docker containers and even support multiple containers per Docker
host. To do this a Docker Host must first be provisioned into Hyper-V (multiple are needed when dealing with
horizontal scaling scenarios).
To provision a Docker Host simply navigate to the Cloud detail page or Infrastructure | Hosts section. From there
click the + Container Host button to add a Hyper-V Docker Host. Morpheus views a Docker host just like any other
Hypervisor with the caveat being that it is used for running containerized images instead of virtualized ones. Once a
Docker Host is successfully provisioned a green checkmark will appear to the right of the host marking it as available
for use. In the event of a failure click into the relevant host that failed and an error explaining the failure will be
displayed in red at the top.
Some common error scenarios include network connectivity. For a Docker Host to function properly, it must be able
to resolve the Morpheus appliance url which can be configured in Admin | Settings. If it is unable to resolve and
negotiate with the appliance than the agent installation will fail and provisioning instructions will not be able to be
issued to the host.
204
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
10.10 Nutanix
10.10.1 Overview
Nutanix simplifies datacenter infrastructure by integrating server and storage resources allowing applications to run at
scale. Morpheus provides and avenue to enhance the Nutanix resources to allow efficient and seamless deployment of
applications as a virtual machine (VM) or as a container on a Docker host.
10.10.2 Features
• Virtual Machine Provisioning
• Containers
• Backups / Snapshots
• Resources Groups
• Migrations
• Auto Scaling
• Load Balancing
• Remote Console
• Periodic Synchronization
• Lifecycle Management and Resize
Morpheus can provide a single pane of glass and self-service portal for managing multiple Nutanix Clusters and
allowing the seamless deployment of applications.
10.10.3 Getting Started
To get started this a few prerequisites must first be met. The Nutanix cluster should be provisioned and available on the
network. Morpheus will look login to the Nutanix cluster with the Nutanix admin credentials and is typically located
at the https://fqdn:9440 url.
10.10.4 Adding a Nutanix Cloud
The Nutanix cluster should be available and responding to the https://fqdn:9440 url for authentication by Morpheus .
API URL example: https://10.30.21.220:9440
USERNAME Nutanix admin username
PASSWORD Nutanix admin password
Inventory Existing Instances If enabled, existing Virtual Machines will be inventoried and appear as unmanaged
Virtual Machines in Morpheus .
10.10. Nutanix
205
Morpheus Documentation, Release 2.12.4
10.10.5 Service Plans
A default set of Service Plans are created in Morpheus for the VMware provisioning engine. These Service Plans can
be considered akin to AWS Flavors or Openstack Flavors. They provide a means to set predefined tiers on memory,
storage, cores, and cpu. Price tables can also be applied to these so estimated cost per virtual machine can be tracked
as well as pricing for customers. By default, these options are fixed sizes but can be configured for dynamic sizing.
A service plan can be configured to allow a custom user entry for memory, storage, or cpu. To configure this, simply
edit an existing Service Plan tied to Nutanix or create a new one. These all can be easily managed from the Admin |
Service Plans & Pricing section.
10.10.6 Docker
So far this document has covered how to add the Nutanix cloud integration and has enabled users the ability to
provision virtual machine based instances via the Add Instance catalog in Provisioning. Another great feature provided
by Morpheus out of the box is the ability to use Docker containers and even support multiple containers per Docker
host. To do this a Docker Host must first be provisioned into Nutanix (multiple are needed when dealing with horizontal
scaling scenarios).
To provision a Docker Host simply navigate to the Cloud detail page or Infrastructure Hosts section. From there
click the + Container Host button to add a Nutanix Docker Host. Morpheus views a Docker host just like any other
Hypervisor with the caveat being that it is used for running containerized images instead of virtualized ones. Once a
Docker Host is successfully provisioned a green checkmark will appear to the right of the host marking it as available
for use. In the event of a failure click into the relevant host that failed and an error explaining the failure will be
displayed in red at the top.
Some common error scenarios include network connectivity. For a Docker Host to function properly, it must be able to
resolve the Morpheus appliance url which can be configured in Admin Settings. If it is unable to resolve and negotiate
with the appliance than the agent installation will fail and provisioning instructions will not be able to be issued to the
host.
10.11 Oracle VM
10.11.1 Add a Oracle VM Cloud
Name Name of the Cloud in Morpheus
Location Description field for adding notes on the cloud, such as location.
Visibility For setting cloud permissions in a multi-tenant environment. Not applicable in single tenant environments.
API URL Oracle VM API URL. ex: https://10.20.30.40:7002/ovm/core/wsapi/rest
USERNAME Oracle VM User
PASSWORD Oracle VM User Password
REPOSITORY Available repositories will auto-populate upon successful authentication with the above credentials.
Select appropriate repository for this Cloud.
SERVER POOL Available server pools will auto-populate upon successful authentication with the above credentials.
Select appropriate server pool for this Cloud.
Inventory Existing Instances If enabled, existing Virtual Machines will be inventoried and appear as unmanaged
Virtual Machines in Morpheus .
The Cloud can now be added to a Group or configured with additional Advanced options.
206
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
10.12 Softlayer
10.12.1 Add a Softlayer Cloud
Name Name of the Cloud in Morpheus
Location Description field for adding notes on the cloud, such as location.
Visibility For setting cloud permissions in a multi-tenant environment. Not applicable in single tenant environments.
Username Softlayer Username
API Key Softlayer User API Key, accessible in the Softlayer Portal under Account -> Users -> View API Key
Datacenter Datacenters will auto-populate upon successful authentication with the above credentials. Select appropriate Datacenter for this Cloud.
Object Store Select the destination Object Store
Inventory Existing Instances If enabled, existing Softlayer Instances will be inventoried and appear as unmanaged
Virtual Machines in Morpheus .
The Cloud can now be added to a Group or configured with additional Advanced options.
10.13 ESXi
Important: The VMware ESXi integration is for adding a single ESXi / vSphere Hypervisor host. If you have
vCenter please use the VMWare vCenter cloud type.
To get started with VMware ESXi, simply add a VMware ESXi Cloud in either the Infrastructure -> Clouds or Infrastructure -> Groups section.
1. Select + Create Cloud Button
2. Select ESXi from the Add Cloud modal
3. Select NEXT
4. Provide the following information.
• Cloud Name
• ESXi Host name or IP address
• Username ( This is normally root )
• Password
Note: If you receive the message “Error! Invalid cloud config” Please ensure you have ssh enabled on the vSphere
Hypervisor / ESXi. To do this please follow the these instructions on how to set-up ssh on vSphere Hypervisor / ESXi
10.12. Softlayer
207
Morpheus Documentation, Release 2.12.4
10.13.1 VMware Fusion
10.13.2 Add a VMware Fusion Cloud
1. Navigate to Infrastructure -> Clouds
2. Select + CREATE CLOUD, select VMware Fusion, and then click Next.
3. Enter the following into the Create Cloud modal:
Name Name of the Cloud in Morpheus
Location Description field for adding notes on the cloud, such as location.
Visibility For setting cloud permissions in a multi-tenant environment. Not applicable in single tenant environments.
VMWARE FUSION HOST IP or URL of VMware Fusion Host
WORKING PATH Existing folder Morpheus will write to on Host
USERNAME Host Username
PASSWORD Host Password
BRIDGE NAME Will auto-populate upon successful authentication with the Fusion Host (E.X. ‘EN0: ETHERNET’)
4. The Cloud can now be added to a Group or configured with additional Advanced options.
10.13.3 Advanced Options
DOMAIN Specify a default domain for instances provisioned to this Cloud.
SCALE PRIORITY Specifies the priority with which an instance will scale into the cloud. A lower priority number
means this cloud integration will take scale precedence over other cloud integrations in the group.
APPLIANCE URL Alternate Appliance url for scenarios when the default Appliance URL (configured in admin ->
settings) is not reachable or resolvable for Instances provisioned in this cloud. The Appliance URL is used for
Agent install and reporting.
TIME ZONE Configures the time zone on provisioned VM’s if necessary.
DATACENTER ID Used for differentiating pricing among multiple datacenters. Leave blank unless prices are properly configured.
DNS INTEGRATION Records for instances provisioned in this cloud will be added to selected DNS integration.
SERVICE REGISTRY Services for instances provisioned in this cloud will be added to selected Service Registry
integration.
CONFIG MANAGEMENT Select a Chef, Salt, Ansible or Puppet integration to be used with this Cloud.
AGENT INSTALL MODE
• SSH / WINRM: Morpheus will use SSH or WINRM for Agent install.
• Cloud-Init (when available): Morpheus will utilize Cloud-Init or Cloudbase-Init for agent install when
provisioning images with Cloud-Init/Cloudbase-Init installed. Morpheus will fall back on SSH or WINRM
if cloud-init is not installed on the provisioned image.
API PROXY Required when a Proxy Server blocks communication between the Morpheus Appliance and the Cloud.
Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
208
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
10.13.4 Provisioning Options
API PROXY Required when a Proxy Server blocks communication between an Instance and the Morpheus Appliance. Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
Bypass Proxy for Appliance URL Enable to bypass proxy settings (if added) for Instance Agent communication to
the Appliance URL.
USER DATA (LINUX) Add cloud-init user data using bash syntax.
10.14 Virtualbox
1. Navigate to Infrastructure -> Clouds
2. Select + CREATE CLOUD, select Virtual Box, and then click Next.
3. Enter the following into the Create Cloud modal:
Name Name of the Cloud in Morpheus
Location Description field for adding notes on the cloud, such as location.
Visibility For setting cloud permissions in a multi-tenant environment. Not applicable in single tenant environments.
VIRTUALBOX HOST IP or URL of the VirtualBox Host
WORKING PATH Path Morpheus will write to. ex: ~/virtualbox
USERNAME Host Username
PASSWORD Host Password
BRIDGE NAME Will auto-populate upon successful authentication with the VirtualBox Host (E.X. ‘EN0:
ETHERNET’)
VBOXMANAGE EXECUTABLE Defaults to /urs/local/bin/vboxmanage if left blank
4. The Cloud can now be added to a Group or configured with additional Advanced options.
10.14.1 Advanced Options
DOMAIN Specify a default domain for instances provisioned to this Cloud.
SCALE PRIORITY Specifies the priority with which an instance will scale into the cloud. A lower priority number
means this cloud integration will take scale precedence over other cloud integrations in the group.
APPLIANCE URL Alternate Appliance url for scenarios when the default Appliance URL (configured in admin ->
settings) is not reachable or resolvable for Instances provisioned in this cloud. The Appliance URL is used for
Agent install and reporting.
TIME ZONE Configures the time zone on provisioned VM’s if necessary.
DATACENTER ID Used for differentiating pricing among multiple datacenters. Leave blank unless prices are properly configured.
DNS INTEGRATION Records for instances provisioned in this cloud will be added to selected DNS integration.
SERVICE REGISTRY Services for instances provisioned in this cloud will be added to selected Service Registry
integration.
CONFIG MANAGEMENT Select a Chef, Salt, Ansible or Puppet integration to be used with this Cloud.
10.14. Virtualbox
209
Morpheus Documentation, Release 2.12.4
AGENT INSTALL MODE
• SSH / WINRM: Morpheus will use SSH or WINRM for Agent install.
• Cloud-Init (when available): Morpheus will utilize Cloud-Init or Cloudbase-Init for agent install when
provisioning images with Cloud-Init/Cloudbase-Init installed. Morpheus will fall back on SSH or WINRM
if cloud-init is not installed on the provisioned image.
API PROXY Required when a Proxy Server blocks communication between the Morpheus Appliance and the Cloud.
Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
10.14.2 Provisioning Options
API PROXY Required when a Proxy Server blocks communication between an Instance and the Morpheus Appliance. Proxies can be added in the Infrastructure -> Networks -> Proxies tab.
Bypass Proxy for Appliance URL Enable to bypass proxy settings (if added) for Instance Agent communication to
the Appliance URL.
USER DATA (LINUX) Add cloud-init user data using bash syntax.
10.14.3 Xen Server
10.14.4 Add a Xen Server Cloud
1. Navigate to Infrastructure -> Clouds
2. Select + CREATE CLOUD, select Xen, and then click Next.
3. Enter the following into the Create Cloud modal:
Name Name of the Cloud in Morpheus
Location Description field for adding notes on the cloud, such as location.
Visibility For setting cloud permissions in a multi-tenant environment. Not applicable in single tenant environments.
API URL IP or URL of Xen Host. ex: xenserver.domain.com
USERNAME Xen Host Username
PASSWORD Xen Host Password
Inventory Existing Instances If enabled, existing Google Instances will be inventoried and appear as unmanaged Virtual Machines in Morpheus .
Note: Morpheus scopes clouds to single regions. Multiple clouds can be added for multi-region support, and
then optionally added to the same group.
4. The Cloud can now be added to a Group or configured with additional Advanced options.
210
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
10.15 Creating a CentOS 7 Morpheus Image
10.15.1 Overview
Morpheus comes out of the box with a default set of templates for use in many modern deployment scenarios. These
consist mostly of base operating system images with a few additional adjustments. These adjustments typically include the addition of cloud-init (which is highly recommended to be used in most environments, but not mandatory).
However, in many on-premise deployments there are custom image requirements as well as networking requirements.
This guide will go over how to create a base CentOS 7 Image for use within Morpheus .
10.15.2 Creating a CentOS 7 Morpheus VMware Image
VMWare
When running in VMWare it is highly recommended that VMware Tools be installed. Without it, Morpheus will have
difficulty assessing the host ip address and performing some additional automation tasks for the operating system.
Cloud-Init
To get started with a base CentOS image we first install cloud-init. This is a relatively simple process using yum:
yum -y install epel-release
yum -y install git wget ntp curl cloud-init dracut-modules-growroot
rpm -qa kernel | sed 's/^kernel-//' | xargs -I {} dracut -f /boot/initramfs-{}.img {}
There are two parts to this yum installation. We are first ensuring some core dependencies are installed for automation
as well as cloud-init. git for example is installed for use by ansible playbook automation down the line and is therefore
optional if not using ansible. The dracut-modules-growroot is responsible for resizing the root partition upon first boot
to match the virtual disk size that was potentially adjusted during provisioning.
A great benefit to using cloud-init is credentials don’t have to be locked into the template. It is advisable, within
Morpheus , to configure the default cloud-init user that gets created when the vm boots automatically by cloud-init.
This is located in the Administration -> Provisioning -> Cloud-Init Settings section.
Network Interfaces
A slightly annoying change with centOS 7 is that the network interfaces have changed naming convention. You may
notice when running ifconfig that the primary network interface is set to something like ens2344 or some other random
number. This naming is dynamic typically by hardware id and we don’t want this to fluctuate when provisioning the
template in various VMware environments. Fortunately, there is a way to turn this functionality off and restore the
interface back to eth0.
Firstly we need to adjust our bootloader to disable interface naming like this.
sed -i -e 's/quiet/quiet net.ifnames=0 biosdevname=0/' /etc/default/grub
grub2-mkconfig -o /boot/grub2/grub.cfg
The above command adds a few arguments to the kernel args list (namely net.ifnames=0 and biosdevname=0.
It may be useful to view the /etc/default/grub file and ensure these settings were indeed applied.
The next step is to adjust the network-scripts in centOS. we need to ensure we have a file called /etc/sysconfig/
network-scripts/ifcfg-eth0
10.15. Creating a CentOS 7 Morpheus Image
211
Morpheus Documentation, Release 2.12.4
Below is a script that we run on our packer builds to prepare the machines network configuration files.
export iface_file=$(basename "$(find /etc/sysconfig/network-scripts/ -name 'ifcfg*' ˓→not -name 'ifcfg-lo' | head -n 1)")
export iface_name=${iface_file:6}
echo $iface_file
echo $iface_name
sudo mv /etc/sysconfig/network-scripts/$iface_file /etc/sysconfig/network-scripts/
˓→ifcfg-eth0
sudo sed -i -e "s/$iface_name/eth0/" /etc/sysconfig/network-scripts/ifcfg-eth0
sudo bash -c 'echo NM_CONTROLLED=\"no\" >> /etc/sysconfig/network-scripts/ifcfg-eth0'
This script tries to ensure there is a new ifcfg-eth0 config created to replace the old ens config file. Please do verify
this config exists after running. If it does not you will have to be sure to build one on your own.
TYPE=Ethernet
DEVICE=eth0
NAME=eth0
ONBOOT=yes
NM_CONTROLLED="no"
BOOTPROTO="dhcp"
DEFROUTE=yes
Gotyas
SELinux can cause issues with cloud-init when in enforced mode. It may be advisable to set this to permissive unless
it is mandatory within your organization to use an enforced SELinux configuration. If that is the case please see the
documentation for the cloud_init_t security policies.
A Note on Proxies
Proxy configurations are known to vary in some organizations and makes building a base template a little more difficult.
In order to fully configure proxies a few environment variables must be set in the /etc/environment file (This can be
done automatically in a default user-data script for cloud-init as well in edit cloud).
http_proxy="http://myproxyaddress:8080"
https_proxy="http://myproxyaddress:8080"
ftp_proxy="http://myproxyaddress:8080"
no_proxy=127.0.0.1,localhost,applianceUrl
https_no_proxy=127.0.0.1,localhost,applianceUrl
Important: It is very important to properly set the no_proxy list (applianceUrl) should be replaced with the actual
appliance url. In future releases, morpheus plans to automatically take care of this.
Note: If using cloud-init agent install mode these settings need to be set in the custom Cloud-Init User data section
of “Edit Cloud” or “Edit Virtual Image”
Important: If using this virtual machine as a docker host, proxy settings must also be configured in the docker config.
See Docker guides for instructions on how to properly set this. If necessary this can be wrapped in a task automation
workflow for your own use.
212
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
10.16 Identity Management
10.17 Active Directory
10.17.1 Overview
Active Directory is Microsoft’s primary authentication service widely used in Enterprise organizations and even via
Microsoft’s cloud services. While Active Directory also supports LDAP protocol support (which Morpheus can integrate with as well), the main Active Directory integration can also be utilized. It is even possible to map Active
Directory groups to equivalent Roles within Morpheus .
Note: To use Active Directory, a valid / trusted SSL certificate must be in place on the Active Directory services (self
signed will not work).
10.17.2 Adding an Active Directory Integration
1. Navigate to Administration -> Tenants
2. Select a Tenant
3. Select Identity Sources
4. Select + Identity Source
5. Choose “Active Directory”
6. Populate the following:
Name Unique name for authentication type.
AD Server Hostname or IP address of AD Server.
Domain Domain name of AD Domain.
Binding Username Service account username for bind user.
Binding Password Password for bind service account.
Required Group The AD group users must be in to have access (optional)
Default Role The default role a user is assigned if no group is listed under AD user that maps under Role
Mappings section.
Service Account Holder This is the admin account type in Morpheus and an AD group can be created and
populated to a user that this role should be assigned. Roles are assigned dynamically based on group
membership.
Now allowed AD users can login to Morpheus via their Active Directory credentials and a User will be automatically
generated to Morpheus with matching metadata and mapped Role permissions.
Note: Only the username is required with password, not the username@domain.
Note: Sub-tenant Morpheus API authentication for Active Directory generated users is not currently supported.
10.16. Identity Management
213
Morpheus Documentation, Release 2.12.4
10.18 SAML Integration
10.18.1 Overview
The Morpheus SAML identity source integration allows customers to add user SSO to Morpheus , authenticated by
external login SAML providers.
10.18.2 Adding a SAML Integration
To add a SAML integration:
1. Navigate to Settings - Accounts
2. Select an account.
3. Select IDENTITY SOURCES in the Account detail page
4. Select + ADD IDENTITY SOURCE.
5. Select SAML (external login) from the TYPE field
6. Add a Name and optional Description for the SAML integration
214
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
There are 3 sections with fields that need to be populated depending on the desired configuration:
• SAML Configuration
• Role Mappings
• User Attribute Names
SAML Configuration
LOGIN REDIRECT URL This is the SAML endpoint Morpheus will redirect to when a user signs into Morpheus
via SAML.
LOGOUT POST URL The url morpheus will post to when a SAML user log out of Morpheus to log out of the
SAML provider as well.
SIGNING PUBLIC KEY Add the X.509 Certificate public key from the SAML provider.
Role Mappings
DEFAULT ROLE Role a saml user will be assigned by default when no role is mapped
ROLE ATTRIBUTE NAME The name of the attribute filed that will map to morpheus roles, such a MemberOf
10.18. SAML Integration
215
Morpheus Documentation, Release 2.12.4
REQUIRED ROLE ATTRIBUTE VALUE Role attribute value that a user must be assigned/a member of to be
authorized, such as group or role in the SAML SP.
The rest of the Role Mapping Fields will be the existing Roles in morpheus with a Role Attribute Value field.
User Attribute Names
GIVEN NAME ATTRIBUTE NAME SAML SP field value to map to Morpheus user First Name
SURNAME ATTRIBUTE NAME SAML SP field value to map to Morpheus user Last Name
EMAIL ATTRIBUTE NAME SAML SP field value to map to Morpheus user email address
216
Chapter 10. Integration Guides
Morpheus Documentation, Release 2.12.4
10.18. SAML Integration
217
Morpheus Documentation, Release 2.12.4
Once populated, select SAVE CHANGES and the SAML identity source integration will be added.
In the Identity Sources section, important information for configuration of the SAML integration is provided. Use the
SP ENTITY ID and SP ACS URL for configuration on the external login SAML provider side.
• SP ENTITY ID
• SP ACS URL*
• IDP LOGIN REDIRECT URL
• IDP LOGOUT POST URL
• SP METADATA
Sample Metadata code output:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><EntityDescriptor entityID=
˓→"https://someip.com/saml/CDWPjmZt" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
˓→<SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true"
˓→protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><NameIDFormat>
˓→urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>
˓→<AssertionConsumerService index="0" isDefault="true" Binding=
˓→"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://someip.com/
˓→externalLogin/callback/CDWPjmZt"/></SPSSODescriptor></EntityDescriptor>
Note: Different SAML providers will have different field names and requirements. A onelogin SAML Test Connector
(IdP w/attr) was used for the example integration this article.
Onelogin SAML SSO
For Onelogin SAML integration, the following fields are mapped:
• LOGIN REDIRECT URL : SAML 2.0 Endpoint (HTTP)
• LOGOUT POST URL : SLO Endpoint (HTTP)
• SIGNING PUBLIC KEY : X.509 Certificate
• SP ENTITY ID: ACS (Consumer) URL Validator
• SP ACS URL: ACS (Consumer) URL
218
Chapter 10. Integration Guides
CHAPTER
11
Troubleshooting
11.1 Morpheus Agent Install Troubleshooting
When provisioning and instance, there are some network and configuration requirements to successfully install the
morpheus agent. Typically when a vm instance is still in the provisioning phase long after the vm is up, the instance is
unable to reach Morpheus , or depending on agent install mode, Morpheus is unable to reach the instance.
The most common reason an agent install fails is the provisioned instance cannot reach the Morpheus Appliance via
the appliance_url set in Admin -> Settings over both 443 and 80. When an instance is provisioned from Morpheus, it
must be able to reach the Morpheus appliance via the appliance_url or the agent will not be installed.
In addition to the main appliance_url in Admin -> Settings, additional appliance_urls can be set per cloud in the
Advanced options of the cloud configuration pane when creating or editing a cloud. When this field is populated, it
will override the main appliance url for anything provisioned into that cloud.
Tip: The Morpheus UI current log, located at /var/log/morpheus/morpheus-ui/current, is very helpful when trou-
219
Morpheus Documentation, Release 2.12.4
bleshooting agent installations.
11.1.1 Agent Install Modes
There are 3 Agent install modes:
• ssh/winrm
• VMware Tools
• cloud-init
For All Agent Install modes
When an instance is provisioned and the agent does not install, verify the following for any agent install mode:
• The Morpheus appliance_url (Admin -> Settings) is both reachable and resolvable from the provisioned node.
• The appliance_url begins with to https://, not http://.
Note: Be sure to use https:// even when using an ip address for the appliance.
• Inbound connectivity access to the Morpheus Appliance from provisioned VM’s and container hosts on port 443
(needed for agent communication)
• Private (non-morpheus provided) vm images/templates must have their credentials entered. These can be entered/edited in the Provisioning - Virtual Images section but clicking the Actions dropdown of an image and
selecting Edit.
Note: Administrator user is required for Windows agent install.
• The instance does not have an IP address assigned. For scenarios without a dhcp server, static IP information
must be entered by selecting the Network Type: Static in the Advanced section during provisioning. IP Pools
can also be created in the Infrastructure -> Networks -> IP Pools section and added to clouds network sections
for IPAM.
• DNS is not configured and the node cannot resolve the appliance. If dns cannot be configure, the ip address of
the Morpheus appliance can be used as the main or cloud appliance.
SSH/Winrm
Linux Agent
• Port 22 is open for Linux images, and ssh is enabled
• Credentials have been entered on the image if using custom or synced image. Credentials can be entered on
images in the Provisioning -> Virtual Images section.
220
Chapter 11. Troubleshooting
Morpheus Documentation, Release 2.12.4
Windows Agent
• Port 5985 must be open and winRM enabled for Windows images.
• Credentials have been entered on the image if using custom or synced image. Credentials can be entered on
images in the Provisioning -> Virtual Images section.
Note: Administrator user is required for Windows agent install.
VMware tools (vmtools) rpc mode
• VMware tools is installed on the template(s)
• Credentials have been entered on the image if using custom or synced image. Credentials can be entered on
images in the Provisioning -> Virtual Images section.
Cloud-Init agent install mode
• Cloud-Init is configured in Admin -> Provisioning section
• Provisioned image/template has Cloud-Init (linux) or Cloudbase-Init (windows) installed
11.1.2 Manually Installing a Morpheus Agent
While it should not be necessary to manually install an agent if the requirements are met, it is possible to manually
install an agent on an instance. This can also be handy when troubleshooting an agent install.
Linux
1. In Morpheus , go to the VM’s host detail page in Infrastructure->Hosts->Virtual Machines you will see an API
Key that is unique to that host.
2. As root user, run: (replacing ${} with the relevant information)
curl -k -s "${opts.applianceUrl}api/server-script/agentInstall?apiKey=${opts.
˓→apiKey}" | bash
3. This will pull the Morpheus Agent install script from the Morpheus appliance and run it.
4. Once the agent is installed, run morpheus-node-ctl reconfigure to complete the manual process.
11.1.3 Restarting the Morpheus Agent
In some situations is may necessary to restart the morpheus agent on the host to re-sync communication from the agent
to the Morpheus appliance.
Linux
On the target host, run sudo morpheus-node-ctl restart morphd and the Morpheus agent will restart.
morpheus-node-ctl status will also show the agent status.
11.1. Morpheus Agent Install Troubleshooting
221
Morpheus Documentation, Release 2.12.4
Windows
The Morpheus Windows Agent service can be restarted in Administrative Tools -> Services.
Tip: The Morpheus Remote Console is not dependent on agent communication and can be used to install or restart
the Morpheus agent on an instance.
Uninstall Morpheus Agent
You can use the following to uninstall the linux agent:
sudo
sudo
sudo
sudo
sudo
sudo
sudo
sudo
rm /etc/apt/sources.list.d/morpheus.list
morpheus-node-ctl stop rsyslogd
apt-get -y purge morpheus-vm-node
rm -rf /opt/morpheus-node
usermod -l morpheus-old morpheus-node
killall runsv
killall runsvdir
killall morphd
11.1.4 centOS/RHEL 7 Images
For custom centOS 7 images we highly recommend setting up cloud-init and fixing the network device names. More
information for custom centOS images can be found in the centOS 7 image guide.
11.2 Morpheus UI not loading after upgrade or reconfigure
Problem The Morpheus ui does not load after performing an upgrade.
Causes
• The morpheus-ui has not finished loading
• The morpheus-ui was not fully stopped before reconfigure, or not started after reconfigure
• Morpheus was forced to restart or shut down while the database schema was being migrated during an
upgrade
Solutions
Cause The morpheus-ui has not finished loading.
Note: After running morpheus-ctl start morpheus-ui, the Morpheus ui takes around 3 minutes to run
depending on hardware.
Solution An easy way to see when the ui is finished loading and running is to tail the ui current file and look
for the morpheus logo with version and start time
morpheus-ctl tail morpheus-ui
Cause The morpheus-ui was not fully stopped before reconfigure, or not started after reconfigure
The morpheus ui must be stopped prior to running morpheus-ctl reconfigure when upgrading. Sometimes
running morpheus-ctl stop morpheus-ui will timeout and the ui is not actually stopped. If stopping the ui
222
Chapter 11. Troubleshooting
Morpheus Documentation, Release 2.12.4
does timeout, run morpheus-ctl kill morpheus-ui prior to reconfigure, and be sure to run morpheus-ctl start
morpheus-ui after reconfigure is completed.
Solution
If you ran a reconfigure before stopping the ui, run:
sudo morpheus-ctl kill morpheus-ui
sudo morpheus-ctl reconfigure
sudo morpheus-ctl start morpheus-ui
Wait for the ui to come up.
Cause Morpheus was forced to restart or shut down while the database schema was being migrated during
an upgrade
If the ui fails to start and you see the error Invocation of init method failed;
nested exception is liquibase.exception.LockException: Could not
acquire change log lock. Currently locked by morpheus it likely means
morpheus was forced to restart or shut down while the database schema was being migrated during
an upgrade, and the lock was not released.
Solution To release the lock, you will need to run a mysql query. You will need to install mysql-client
on the morpheus appliance, and grab the password for morpheus mysql. The username and db
name are both morpheus. The password to login to mysql can be found in the application.yml file
located at /opt/morpheus/conf/application.yml
Then run the following:
mysql -u morpheus -p -h 127.0.0.1 morpheus
At the prompt, enter the mysql password from the application.yml
Then run:
DELETE FROM DATABASECHANGELOGLOCK;
Then restart morpheus-ui:
sudo morpheus-ctl restart morpheus-ui
If the restart timesout, run:
sudo morpheus-ctl kill morpheus-ui
sudo morpheus-ctl start morpheus-ui
11.3 Blank Dashboard
Problem A blank dashboard or 500 error after installing morpheus
Note: A blank or 500 error on just the dashboard is different than the entire morpheus-ui not loading. Please see UI
note loading article for troubleshooting the ui not loading after an upgrade.
Cause Elasticsearch restarting prior to being fully bootstrapped during the initial install.
Solution To fix, purge elasticsearch by running the following on the Morpheus Appliance:
11.3. Blank Dashboard
223
Morpheus Documentation, Release 2.12.4
curl -XDELETE http://localhost:9200/*" rel="nofollow noreferrer">http://
˓→localhost:9200/*
morpheus-ctl restart elasticsearch
morpheus-ctl restart morpheus-ui
Another option is:
sudo rm -rf /var/opt/|morpheus| /elasticsearch/data/morpheus
morpheus-ctl restart elasticsearch
morpheus-ctl restart morpheus-ui
If you get a term/timeout on ui restart, run
Note: The morpheus-ui may take a few minutes to load and be available after being restarted
11.4 Unable to Provision a Custom Image
Prior to provisioning an custom image, the image must be configured in the Provisioning -> Virtual Images section by
selecting Edit on the Actions dropdown of the Virtual Image.
In the Edit Virtual Image pane:
1. Select “Cloud Init Enabled?” only if the Virtual Image is a linux image with cloud init installed.
2. Enter the username and password that are set on the Virtual Image.
Note: When using Static IP’s or IP Pools in VMware, VMware tools must also be installed on the template in order
for Morpheus to set the static IP address when provisioning.
Note: Morpheus agents only support 64-bit vm’s prior to versions 2.12.3 and 3.0.2
11.5 VMware Hypervisor Console is not displaying
Morpheus features Remote Console support directly to VMware ESXi hypervisors. To enable this feature a few
prerequisites must be met:
• The Morpheus appliance must have network access to the ESXi hosts within vCenter.
• Firewall settings need to be adjusted on each ESXi host. This can be done in vSphere under firewall configuration
on the ESXi hosts. Simply check the gdbserver option for each required host, which will open up the necessary
ports (starting at the 5900 range).
• The Morpheus must be able to resolve the ESXi hostnames.
Now that the ESXi hosts are ready to utilize remote console, simply edit the cloud in Morpheus via Infrastructure
→ Clouds. Check the option that says Use Hypervisor Console. Morpheus is now able to use the VMware Remote
Console without opening any ports on the Virtual Machines.
Restart a Morpheus Installation
224
Chapter 11. Troubleshooting
Morpheus Documentation, Release 2.12.4
If the initial reconfigure is stopped or your installation is damaged beyond reconfiguring again, it may be necessary to
start over.
On the Morpheus appliance:
1. Run morpheus-ctl cleanse
2. Remove the Morpheus package
• deb: `dpkg --purge morpheus-appliance... using the appropriate package name.
• rpm: rpm -e (morpheus-appliance...) using the appropriate package name.
Then Run
rm
rm
rm
rm
rm
-rf
-rf
-rf
-rf
-rf
/etc/morpheus
/var/opt/morpheus
/var/run/morpheus
/var/log/morpheus
/opt/morpheus
Re-install Morpheus
If the elasticsearch cluster is unhealthy and needs purged, run:
sudo morpheus-ctl stop elasticsearch`
sudo rm -rf /var/opt/morpheus/elasticsearch/data/morpheus`
sudo morpheus-ctl reconfigure`
If eleasticsearch does not restart during reconfigure:
sudo morpheus-ctl start elasticsearch
11.6 Variables
The following are the map structures passed to scripts and templates during provisioning. They can currently be used
inside of a <%= %> block.
Important: Variables are case sensitive
PowerShell Example: $app_id = "<%= instance.metadata.app_id %>"
Bash Example: HOSTNAME="<%= container.server.hostname %>"
Note: customOptions are user defined as Option Types or Option Lists in custom Library items.
instance {
instanceTypeName,
instanceTypeCode,
provisionType,
instanceVersion,
plan,
name,
displayName,
description,
11.6. Variables
225
Morpheus Documentation, Release 2.12.4
environmentPrefix,
hostname,
domainName,
firewallEnabled,
status,
userStatus,
networkLevel,
instanceLevel,
deployGroup,
instanceContext,
autoScale,
statusMessage,
expireDate,
tags,
storage,
memory,
cores,
configId,
configGroup,
configRole
containers:[],
metadata:[],
evars:[]
}
container {
containerTypeName,
containerTypeCode,
containerTypeShortName,
provisionType,
dataPath,
logsPath,
configPath,
planCode,
dateCreated,
status,
environmentPrefix,
version,
image,
internalHostname,
hostname,
domainName,
storage,
memory,
cores,
internalIp,
externalIp,
sshHost,
hostMountPoint,
configId,
configGroup,
configRole,
serverId,
server:{}
}
226
Chapter 11. Troubleshooting
Morpheus Documentation, Release 2.12.4
server {
serverTypeName,
serverTypeCode,
parentServerId,
plan,
visibility,
osTypeCode,
sourceImageId,
name,
displayName,
internalName,
category,
description
internalId,
externalId,
platform,
platformVersion,
agentVersion,
nodePackageVersion,
sshHost,
sshPort,
sshUsername,
consoleType,
consoleHost,
consolePort,
consoleUsername,
internalSshUsername,
internalIp,
externalIp,
osDevice,
dataDevice,
lvmEnabled,
apiKey,
softwareRaid,
status,
powerState,
dateCreated,
lastAgentUpdate,
serverType,
osType,
commType,
managed,
agentInstalled,
toolsInstalled,
hostname,
domainName,
statusMessage,
maxStorage,
maxMemory,
maxCores,
macAddress,
serverVendor,
serverModel,
serialNumber,
tags,
configId,
configGroup,
configRole
11.6. Variables
227
Morpheus Documentation, Release 2.12.4
}
cloud {
name,
code,
location,
cloudTypeName,
cloudTypeCode,
domainName,
scalePriority,
firewallEnabled,
regionCode,
agentMode,
datacenterId
}
group {
code,
name,
location,
datacenterId
}
customOptions {
customOptions.fieldName
}
Important: Variables are case sensitive
228
Chapter 11. Troubleshooting
CHAPTER
12
Release Notes
12.1 v2.12.4
12.1.1 New Features
• Performance Improvements including optimization of Monitoring Availability Service
• Ansible Windows Support
• Error handling and tracking of Ansible runs in Instance History
• Forced sync on Identity Source logins such as Active Directory
• Policies added to CLI
• Optimizations for Tenant creation via API
• HAProxy Load Balancer restrictions for Tenants.
• Identity Sources: Mapped Roles - Users now get default role & mapped role
• <%=instance.createdByUsername%> variable added
12.1.2 Fixes
• Ansible provision - Instance warning status no longer shown when Ansible is not enabled during provisioning.
• API account creation optimizations
• Fix for Active Directory Group Role removal
• Fix for Trial Version setting on Virtual Image not saving
• Network Services: Bind DNS - wont load
• Fix for Policy:
Fixed Host Name not being enforced
• Fix for Delete Tenant nested error messages
229
Morpheus Documentation, Release 2.12.4
• Instance Shutdown: Extend Now styling fix
• Usage host status fixes
• Softlayer: Environment Variables IP Address fix
• Fix for OVM Bug when base image contains more disks than are configured in provision wizard
• Fix for Permissions: Instance Types not respected account level role
12.2 v2.12.3
v2.12.3 release date 10/24/2017
12.2.1 New Features
32-bit Agent Support Morpheus Agent now supports 32-bit images
Cypher User Permission New Roles Permission CYPHER -> USER allows user level decrypt permissions.
Improved VMware vCenter Session Management. Connections pools significantly reduce vCenter API sessions
from Morpheus.
Other Improvements
• Parallel Instance Delete Improvements
• Provisioning Status Task Improvements
• Tenant Delete Improvements
• Security Improvements
12.2.2 Fixes
• Fix for VMware Datastore selection not populating during provisioning in certain circumstances
• Fix for System AMI Virtual Image region sync
• Approval and Workflow inputs restored on shutdown policy form.
Morpheus v2.12.3 is available in the Downloads section of ‘morpheushub.com<https://morpheushub.com/>‘_.
12.3 v2.12.2
v2.12.2 release date 10/9/2017
Morpheus v2.12.2 adds the ServiceNow CMDB Integration, improvements to existing Features and Integrations, and bug fixes and enhancements.
• ServiceNow CMDB Integration: The Morpheus ServiceNow CMDB integration creates a CMDB record upon
Instance provision, updates the CMDB state when an instance is removed, and syncs changed Instance states
nightly.
• Additional ServiceNow Plugin Improvements
• “Disable Management of Firewall by Agent” option added to Cloud settings.
230
Chapter 12. Release Notes
Morpheus Documentation, Release 2.12.4
• Editing existing Environment Variables support added for Windows
• VMware Folder support added to apps and templates
• Nutanix Unmanaged Network Static IP support added
• Script Variables added for Volumes: id: vol.id, name: vol.name, deviceName: vol.
deviceName, maxStorage: vol.maxStorage, unitNumber: vol.unitNumber,
displayOrder: vol.displayOrder, rootVolume: vol.rootVolume
• vmxnet3 set as default VMware Network Adapter type.
• Chef bootstrap process output added to Instance History
• Improved Tenant Deletion
• Improved VMware Folder and Resource Pool sync
• Mobile layout improvements
• Local Chef install url for windows msi added.
• Email layout improvements for broader email client support.
• Chef Integration now determines when FQDN should not be added.
• Improved Provisioning error outputs
• Improvements to User scoped permissions for monitoring, logs and backups.
Fixes:
• Fix for Bulk Network Edit
• Fix for DHCP flag being reset on Nutanix networks upon cloud sync.
• Fix for Agent timestamp handling
• Fix for Dashboard 500 error when user Role Permissions = Monitoring : User
• Fix for Netscaler SSL cert upload
• Fix for server stop/start when inventoried server is converted to managed and Instance Type is applied.
• Additional character handling in Automation Scripts
• Fix for Remove Shutdown Instance Action hanging
• Fix for Instance History purge
• Various other bug fixes and improvements
Morpheus v2.12.2 is available in the Downloads section of ‘morpheushub.com<https://morpheushub.com/>‘_.
12.4 v2.12.1
Morpheus v2.12.1 adds Console Copy & Paste, VMware Folders, expanded User Scoping Permissions, Nutanix additions, Infoblox additions, and many other Improvements and Fixes.
12.4.1 New Features
Console Copy & Paste
• Copy button added to copy selected text to local Clipboard.
12.4. v2.12.1
231
Morpheus Documentation, Release 2.12.4
• Paste field added to paste text from local Clipboard. Right click in console to then paste to target.
Additional User Scoping
• Role permissions can now be set to User for Monitoring, Backup, and Logs sections.
• Users will only see information related to their Instances in the corresponding sections, as well as on the
Dashboard, when Role permission is set to User
VMware
• VMware Folders now sync and can be targeted for VM and Image destinations, set to active/inactive, and
assigned Tenant permissions.
• Storage Type can now be set to Thick or Thin in VMware Cloud settings.
• Boot from ISO support added. ISO’s can now be selected to boot from for VMware provisioning, and can
fully be installed using the Hypervisor Console.
• Eject Disk Action also added for VMware technology Instance Types.
Nutanix
• Instances can now be converted to Images in Nutanix using the Import as Image Action. A Virtual Image
record with matching meta-data will also be automatically created.
• Disk and Network type selection added to Nutanix technology Instance Types.
• Network Interface Type Selection can be enabled in Nutanix Cloud settings.
Infoblox
• Display Name column added to IP Pools to better identify IP Pools synced from Nutanix.
• Network Filter field added to Infoblox settings. Allows for filtering by field, exact match or regular expression, as well as searching on extended attributes. EX: [ network_view=default&*Building=work ]
• Tenant Match Attribute field added to Infoblox settings. Allow for auto-assignment of IP pool Groups and
individual IP Pools to a tenant.
12.4.2 Other Additions and Improvements
• Trial Version flag added under Virtual Images -> Edit Virtual Image -> Advanced Options. Flagging a Windows
Image as Trial Version will re-arm the trial during provisioning.
• F5 Load Balancer improvements
• HA Proxy Load Balancer improvements
• Citrix Load Balancer improvements
• Chef improvements
• Provisioning: Allow Force Delete
• UI/API/CLI Security Improvements
• Process Service Improvements
• Add Node Action will now only show compatible clouds as target options.
• Windows 2012 R2 AMI System Image improvements.
• Redis System Images improvements.
• New Role Permission: Provisioning: Allow Force Delete
232
Chapter 12. Release Notes
Morpheus Documentation, Release 2.12.4
12.4.3 Fixes
• Fix for browser language settings adding commas in Plans & Pricing -> Pricing.
• Fix for Hyper-V and Openstack technology types in Library -> Node Type -> Image dropdown.
• Fix for File Upload in Virtual Images and Archives when using NFSv3 Storage Provider target.
• Fixes for synced Image Record duplication.
• Fix for extra Sub-Tenant Groups automatically being created during Sub-Tenant creation.
• Fix for Nutanix - Windows- Create Additional user.
• Fix for respecting Xen Custom Cores value.
• Fix fir CentOS 6 agent install when using multiple LVM based volumes.
• Fix for Infrastructure -> Network -> Services -> Add Service -> Consul modal.
• Fix for Morpheus Wordpress Images: Load Balancer - no port available.
• Fix for Dual name fields in Networks -> Services -> add Microsoft DNS
12.5 v2.12.0
12.5.1 2.12.0 Release Notes
Contains everything from 2.11.4 release, plus:
• Azure Custom Image Support: Morpheus users can now upload private images into Morpheus , and then provision those onto an Azure cloud.
• User Provisioning Notifications: Provisioning e-mail notifications are configurable in user settings.
• Fix for removing Clouds from Groups
• Fix for Puppet agent install for Tasks and Group/Cloud integrations
• Fix for Nutanix backup and restore when using custom library items
• Additional Openstack ssl support
12.6 v2.11.4
12.6.1 New Features
Network IP Override Networks can now be configured to allow overriding IP configuration and selecting between
DHCP, Static IP entry, or IP Pools at provision time.
Windows License Management Windows license can now be assigned to virtual images a applied during provisioning. License can be managed in the new Licenses section under Admin - Provisioning.
Salt Windows Support Salt Minions can now be installed on Windows Operating Systems via the Automation Engine. The source repo can also be customized and the minions can be successfully registered to both syndic
master layouts as well as standard master layouts
Xen Reconfigure Memory, Cores, Disk Size, Disks, and Networks can now be reconfigure on Xen instances and
Hosts.
12.5. v2.12.0
233
Morpheus Documentation, Release 2.12.4
Debian 8 OS Support Support for Debian 8 and 9 added to Agent. Debian 8.8 vmdk added to Morpheus Catalog.
Cloud Sync Update 90%+ reduction in VMware cloud sync time. Last Sync date and Sync Duration added to cloud
detail pages.
Agent time normalization Logging and stats data is now converted to appliance time in the cases VM time is offset.
Added support for querying ESXi hosts for Virtual Switch UUID:: vCenter user used for VMware cloud integration no longer requires propagating datacenter permissions for provisioning.
Hostname routing added for Amazon ALB’s Allows multiple hosts to share the same port
Shutdown renewals Shutdown policy extension lease timeframe now begins at the time of extension approval for
instances already shut down by the policy, rather than from the end of the previous lease.
12.6.2 Additional updates:
• Source column added to Virtual Images list page
• Tenants columns added to Networks list view
• Cloud Status column added to Cloud list view
• Improvements to host cpu, power and memory statistics.
• SEK currency support added
• Asynchronous cloud delete added
12.6.3 Fixes
• Fix for agent install and stop/start in inventoried AWS instances that are converted to Managed.
• Fix for Openstack disabled forced SSL validation
• Fix for Nutanix image sync issue with region codes
• Scaling improvements
• Windows agent install improvements
• Fix for editing Appliance Backup settings
• Fix for Role Permissions: Apps = User
• Fix for Max Storage policy enforcement
• Fix for uploaded OVA’s Virtual Image type
• Linux ssh console aspect ratio change in 2.11.3 reverted
• Network Groups improvements
• Security Improvements
12.7 v2.11.3 & 2.10.8
Important: ACCOUNTS has been renamed to TENANTS in v2.11.3
234
Chapter 12. Release Notes
Morpheus Documentation, Release 2.12.4
12.7.1 New Features
Task phase execution Set phase and execution order for tasks in Workflows. Workflow detail pages added. Drag n’
drop reordering added to scripts in node types. Restart task type added.
Load Balancer improvements New Balance mode, sticky mode, shared VIP address options, Load Balancer Detail
Pages
ServiceNow Plugin Add Morpheus clouds and Instance types for complete provisioning within Service now
Archives Service Archives provides a way to store your files and make them available for download by your Scripts
and Users.
Network Groups Network Groups provide round robin network pooling capabilities when provisioning instances.
These are most useful when scaling multiple vms across various subnets or availability zones.
Groups Access added to Networks Networks can now be assigned to individual Groups and set as the default choice
for a group.
Featured Instance Types Instance types in the Library can now be flagged as Featured to be added to the new Featured Instance Types filter in the Provisioning wizard. Please note once at least one Instance Type is featured,
the provisioning wizard will default to the Featured filter. Simply click the All Instance Types filter to see your
entire catalog.
Group Lifecycle Policies Now apply to instances that are converted from unmanaged to managed
New Reports section Completely rebuilt reports section. Customizable capacity and usage reports with versioning.
Cost Tracking Instance and host cost reporting available via UI and API. Prices added to instance and host detail
pages.
Refreshed Instances Section Instance list makeover with new charts, cloud, group and health info added.
Instance Locking Instances can now be locked to prevent deletion.
Move Instances Instances can now be moved between groups by editing the instance and selecting the group dropdown to assign the instance to a new group.
“User” Provisioning permission added to Roles Allows permitting a user to only see their own instances.
“Remote Console Auto-Login” permission added to Roles Please note NLA must be disabled in Windows RPD
settings if auto-login is set to “no”. This permission does not apply when using VMware hypervisor console
option.
New storage Provider types NFSv3 and CIFS (Windows Samba File Sharing) added
Expanded variable support Custom variables can now be used in Naming policies, including variables from options
types.
Process output added to instance history See process output per action in new Instance History detail modal.
Instance notes section Add custom notes to instances, with markdown support.
Expanded Inventorying Inventory Existing Instance option added to Softlayer and VMware fusion cloud types
Salt, Ansible and Chef improvements Includes Ansible and Salt integration detail pages.
Integration detail page Detail pages added for all integration with added functionality per integration.
Timezone option added to cloud settings Users can now specify which timezone to set during guest customization.
Force guest customization added Flag added for vmdk Virtual Images configuration (Advanced Settings- Force
Guest Customization)
Enable Settings Flag on library items configuration This setting exposes the Settings tab for appropriate instance
types in the Instance Detail page.
12.7. v2.11.3 & 2.10.8
235
Morpheus Documentation, Release 2.12.4
• Deployment option added to Provisioning wizard
• IBMid support added to Softlayer*
• Windows 2012 AMI option added to default Windows Instance Type*
• Starting, stopping phases added to Instance status
• Manage Network Interfaces from Instance and Host detail pages
• Advanced Options- Status selection for Instances
• White Label mobile formatting improvements
• Source Image info and link added to Instance and Host detail pages
• Restart task type added (restarts target)
• API Allowed Origins support added
• Accounts renamed to tenants
• Multi-select added for tenant network assignment*
• Inventory Level setting added for Azure clouds with Basic and Full (API Heavy)
• Xen NFS, Multi-network support added
• KVM Multi-Network support added, Multi-network driver
• ESXi Multi-Network support added
12.7.2 2.11.3 and 2.10.8 Fixes
• Fixed issue with deleted Tenants stuck in removing due to Openstack cloud security groups not flushing
• Fixed Nutanix- Virtual Image duplication and cleanup
• Fixed Nutanix images not available in Node Type image dropdown
• Fixed Hostname field in Apps and Templates not applying to Windows instances.
• Fixed fields Apps Wizard Layout section not saving when custom Service Plan was selected.
• Fix for Chef bootstrap on Windows instances in Azure
• Instance list layout fixes.
• Xen Image sync fix
• Fix for instance list for sub-accounts
• Fix for Bluecat network query
• Dashboard- Recent Activity now only shows activity from Groups the user has access to
• User permission fixes
• Stopping an Azure instance now deallocates it in Azure
• Fix for Group user permission when Clouds permission is set to “none”
• Digital Ocean Naming Fixes
• Fix for duplicate price entries on public cloud price sync
236
Chapter 12. Release Notes
Download PDF
Similar pages