The discovery features described in this chapter apply to NIOS Grid deployments that do not use the Discovery license and its accompanying features under Network Insight. Network Insight provides the ability to discover, query, and catalog routed and switched networks and the devices within them, including infrastructure routers, enterprise switches, security devices such as firewalls, wireless access points, end host computer systems, and more. For more information about Network Insight, see Infoblox Network Insight.
Infoblox provides IP discovery for detecting and obtaining information about active hosts in predefined networks, and vDiscovery for discovering virtual entities and interfaces (such as vSwitch and vRouter) in private, public, and hybrid clouds managed through CMPs (Cloud Management Platforms) such as VMware vCenter servers and vSphere Hypervisor, OpenStack, and AWS (Amazon Web Services). You can configure multiple discovery tasks on one or more discovering members.
- IP discovery: You execute an IP discovery (Data Management tab -> IPAM tab -> Discovery from the Toolbar) to detect active hosts on specified networks in a network view. You can configure the appliance to perform an IP discovery using one of the following protocols: ICMP (Internet Control Message Protocol), NetBIOS (Network Basic Input/Output System), and TCP (Transmission Control Protocol). For more information, see Supported IP Discovery Methods. You can start an IP discovery immediately after you configure it, schedule it for a later date and time, or configure a recurring discovery based on a recurrence pattern. For information about how to configure an IP discovery, see Configuring IP Discovery.
vDiscovery: This is an extension to the former VM discovery, in which the NIOS appliance only discovers virtual entities on VMware vCenter and vSphere servers. A vDiscovery job (from the Data Management tab -> IPAM tab -> vDiscovery from the Toolbar, or Cloud tab -> any sub tab -> vDiscovery from the Toolbar) now detects virtual entities and interfaces in private, public, and hybrid clouds that are managed through VMware vCenter servers and vSphere Hypervisor, OpenStack, Azure, or AWS. You can define vDiscovery jobs through the vDiscovery Job wizard and manage all configured vDiscovery jobs through the vDiscovery Job Manager. Note that for a specific vDiscovery job, NIOS synchronizes successive discovered data (not the associated NIOS objects) with the data in the targeted CMP. For example, if you change the IP address of a VM, this information is reflected in the next discovery of the same vDiscovery job. If you terminate a VM, the VM is deleted from the NIOS database. If you delete certain information on the CMP, the respective discovered data is removed from the NIOS database. Be aware that if you change the parameters of a vDiscovery Job, the last discovered data from this job will be automatically cleaned up so that the appliance can continue to synchronize data from one discovery to the next. If you do not want to lose discovered data for a specific vDiscovery job, you should create a new vDiscovery job for this new collection instead of modifying the current job. For information about how to configure vDiscovery jobs for specific CMPs and how to manage them, see Configuring vDiscovery Jobs and Managing vDiscovery Jobs.
For new installations, an IP discovery task is automatically created by default. You can choose to disable the IP discovery after you have set up your appliance. However, you must configure and manually schedule vDiscovery jobs in order for the appliance to detect and collect information about virtual entities in the clouds. When you upgrade from a previous NIOS release to NIOS 7.2 and later, former VM Discovery tasks are divided into separate vDiscovery jobs based on the server endpoints defined in the VM Discovery tasks. All new vDiscovery jobs inherit the same discovery schedule from the old tasks. You must manually enable the new vDiscovery schedules in order for the appliance to perform vDiscovery jobs. For information about how to enable the vDiscovery schedule, see Scheduling vDiscovery Jobs.
After a discovery, the appliance updates the database with the discovered data based on the discovery configuration. For example, you can configure the appliance to merge newly discovered data, consolidate managed data, or update unmanaged data. The appliance also identifies unmanaged and conflict data after a discovery. Unmanaged data is discovered data that is not configured for DNS or DHCP and has no associated NIOS objects. Conflict data is discovered data that is configured for DNS or DHCP and has associated NIOS object or objects, but certain key values are different than those in the NIOS database. For information about guidelines the appliance uses to update discovered data, see Guidelines Before Starting a Discovery and Guidelines for Configuring vDiscovery Jobs.
Grid Manager displays discovered data in the Discovered Data section of the IP address properties panel when you drill down to individual IPs. For information about how to view and manage discovered data, see Viewing Discovered Data and Managing Discovered Data. The appliance records admin operations in the audit log and discovery operations in the syslog.
Figure 14.1 shows a high-level perspective of the discovery processes. You can configure and initiate an IP discovery from the Discovery Manager wizard and a vDiscovery from the vDiscovery Job wizard. You must first select a Grid member that runs the discovery tasks. After you configure an IP discovery task and a vDiscovery job, the Grid Master sends the discovery requests to the selected member. Based on the configuration of the discovery tasks, the selected member runs the discovery and collects information about discovered hosts and virtual entities from the specified networks and cloud platforms. The Grid member then reports the discovered results to the Grid Master. Based on the discovery configuration, the Grid Master updates the database with discovered data.
Figure 14.1 High-Level Discovery Process
Administrative Permissi ons
You can initiate a discovery and manage discovered data based on your administrative permissions. You must have read/write permission to "Network Discovery" to initiate and manage IP discovery and vDiscovery. You must have at least read-only permission to "All Tenants" and "All Network Views" to view discovered data in the VMs (by IP Address) tab in the Cloud tab. To take actions on discovered data, such as resolving conflicts or clear unmanaged data, you must have read/write permissions. For information about how to configure admin permissions, see About Administrative Permissions.
Following are permission guidelines for initiating and controlling a discovery:
- Superusers can initiate and control a discovery on all networks and CMPs.
- Administrators with read/write permission to "Network Discovery" can initiate and control a vDiscovery job or an IP discovery. For IP discovery, only the objects with IP addresses to which the administrators have read/write permission are updated to include the discovered data.
After a discovery is completed, the following permission guidelines apply to viewing and managing discovered data:
- Superusers can view and manage all discovered data.
- Administrators with read/write permission to networks can view all discovered data. They can also add unmanaged data to existing hosts, and resolve IP address conflicts.
- Only administrators with read/write permission to a DNS zone or specific record type can convert unmanaged data to a host, fixed address, reservation, A record, or PTR record.
- Administrators with read-only permission to networks can only view discovered data. They cannot change any discovered data.