Using the Ops Manager Interface

This topic describes key features of the Pivotal Cloud Foundry (PCF) Operations Manager interface.

Installation Dashboard Page

The Installation Dashboard is the central Ops Manager interface for managing your PCF deployment. It displays the BOSH Director configuration for your IaaS and product tiles for your PCF deployment.

The following screenshot shows the Installation Dashboard. Each section is labeled with a red letter. Click the image to see it at full size.

Screenshot of the Ops
                                 Manager Installation
                                 Dashboard. For a description
                                 of each labeled section, see
                                 the list below

The following list describes each labeled section of the Installation Dashboard:

  • AImport a Product: Click this button to add a new product to Ops Manager. You can download PCF-compatible product files from Pivotal Network.

    • If you have configured a Pivotal Network API token in the Settings section of Ops Manager, a list of the latest versions of already imported products appears automatically.
  • BDelete All Unused Products: Click this link to delete any unused products.

  • CInstallation Dashboard: Click this link to return to the Installation Dashboard page from other Ops Manager pages.

  • DStemcell Library: Click this link to open the Stemcell Library. In the Stemcell Library you can import stemcells, stage stemcells, and review your stemcell version numbers. For more information, see Importing and Managing Stemcells.

  • EChange Log: Click this link to view and search a log of your previous installations. See the Change Log Page section of this topic for details.

  • FUser Account Menu: Click the arrow next to your username to view the menu. Use this menu to navigate to your Settings page, view My Account to change your email and password, or log out of the Installation Dashboard. See My Account of this topic for details on account information. See the Settings Page section of this topic for details on available Ops Manager settings.

  • GRevert: Click the revert button to return to the previous successful installation. Any pending changes you have made to the current installation settings will be lost.

  • HReview Pending Changes: Click the button to go to the Review Pending Changes page, which organizes pending changes by tile. You are able to enable or disable each tile to selectively deploy individual tiles and their dependencies. For more information, see Reviewing Pending Product Changes.

  • IOrange Bar: Indicates that additional configuration for the product tile is required before deployment. Click the product tile to complete its configuration.

  • JMissing Stemcell Link: If an imported product is missing a required stemcell, a Missing Stemcell link appears on the tile. Click this link to open the Stemcell Library. For more information, see Importing and Managing Stemcells.

  • KAPI Docs: Click this link to go to the Ops Manager API documentation, which details how you can manage Ops Manager through the API rather than with the user interface. For more information about the Ops Manager API, see Using the Ops Manager API.

Change Log Page

Navigate to the Change Log page by clicking the corresponding link in the dashboard header. This page shows Ops Manager’s deployment history, a record of all of its Apply Changes actions.

The table lists the following top-level attributes for each deployment:

Label Type Description
STATUS Icon Whether the deployment succeeded or failed
DEPLOYMENT ID Text A sequentially-numbered identifier for the deployment
USER Username The user who initiated the deployment

A LOGS button for each deployment opens the deployment’s full Installation Log.

Within each deployment listing, a table details for the individual products deployed in or deleted from each installation.

The details listed for each product are as follows:

Label Type Description
PRODUCT Text The name of the product
ACTION One of the following labels: ADDED, UPDATED, DELETED, NO CHANGES, FAILED The action, if any, that the deployment took with the product
STARTED UTC timestamp When Ops Manager began deploying the product
FINISHED UTC timestamp When Ops Manager stopped deploying or attempting to deploy the product
DURATION Time, in minutes How long Ops Manager took to deploy or attempt to deploy the product

A Total row, below the individual product rows, lists all-product totals for the STARTED, FINISHED, AND DURATION fields.

Using the Change Log Page

Configure the Change Log page by modifying the following fields:

  • Installation Dashboard—Click Installation Dashboard to return to Ops Manager’s Installation Dashboard. Alternatively, click the Back button in your web browser.

  • Show X entries—Click the number displayed in the Show X entries dropdown to choose between 10, 25, 50, and 100 entries.

  • Search—Type in the search box to sort the Change Log page by text or integer matches. As you type, matching entries appear on the screen.

  • Previous / Next—Click Previous, Next, or the number between them to load older or newer entries.

Settings Page

Navigate to the Settings page by clicking on your user name located at the upper right corner of the screen and selecting Settings.

The 'User account menu'
          page is indicated by a drop down arrow next to the logged in user account.
          The user account displays at the upper right corner of the Ops Manager
screen. As the first option of this menu, you can select 'Settings' to access the Settings
Page. Below 'Settings' you can access 'My Account' to view account information or 'Log
out' to log out of the existing user account.

The Settings configuration screen displays.

The 'Settings' page is
          indicated by a header that says 'Settings' in large type at the top of the
page. Below the header, on the left-hand side, there is a tabular layout. From top to
bottom, the tabs are 'Change Decryption Passphrase,' 'SAML Settings', 'LDAP Settings', 'SSL Certificate', 'Pivotal Network Settings,' 'Proxy Settings', 'Custom Banner', 'Export Installation Settings', 'Syslog', and 'Advanced Options'. The top tab, 'Change Decryption Passphrase' is highlighted in gray to indicate that it is selected. To the right, the body shows fields that correspond to 'Change Decryption Passphrase.'

The following section describes each configuration pane:

Note: Modifying these settings does not require you to return to the Installation Dashboard and click Apply Changes. These settings apply to the Ops Manager VM. The BOSH Director does not apply them to your PCF deployment.

Change Decryption Passphrase

Use this pane to reset your decryption passphrase.

SAML Settings

To change your Identity Provider (IdP) to SAML, configure the following fields:

  • Current Decryption Passphrase: Enter your decryption passphrase.
  • SAML IDP Metadata: Enter the full URL or XML SAML IdP metadata.
  • BOSH IDP Metadata: (Optional) Enter the full URL or XML BOSH IdP metadata. If left blank, the default is the same metadata as the field above.
  • SAML Admin Group: Enter the name of the SAML group that contains all of the Ops Manager administrators. This field is case-sensitive.
  • Groups Attribute: Enter the groups attribute tag name with which you configured the SAML server. This field is case-sensitive.
  • Provision an admin client in the Bosh UAA: Enable if you want to provision an admin client in the BOSH UAA. For more information, see Provision Admin Client in the Creating UAA Clients for BOSH Director topic.

LDAP Settings

Use this pane to change your IdP to LDAP.

For more information about changing your IdP to SAML or LDAP, view the following instructions for your IaaS configuration:

The 'Settings' page shows the 'SSL
      Certificate' pane highlighted on the left-hand tabular layout to indicate selection. The body shows a header titled 'SSL Certificate' with an option to 'Revert to self-signed certificate' followed by help text and two required fields: 'Certificate' and 'Private key'. The 'Add Certificate' button is at the bottom of the body.

SSL Certificate

Configure Ops Manager to use a custom SSL certificate for all Ops Manager traffic both through the UI and API.

If you leave the fields blank, Ops Manager uses an auto-generated self-signed certificate rather than your own custom certificate and private key. If you wish to replace a custom certificate with a self-signed certificate, select Revert to self-signed certificate.

The 'Settings' page shows the
          'Pivotal Network Settings' pane highlighted on the left-hand tabular layout to
indicate selection. The body shows a header titled 'Pivotal Network Settings' with help
text beneath and one field: 'Set API Token'. A button labeled 'Add Token' is at the bottom of the body.

Pivotal Network Settings

Enter your Pivotal Network API token and click Add Token to connect your Installation Dashboard to Pivotal Network.

Proxy Settings

If you are using a proxy to connect to Ops Manager, update your Proxy Settings by providing a HTTP proxy, HTTPS proxy, or No proxy.

Below, the Settings page
shows the 'Custom Banner' pane highlighted in the tabulated menu to indicate selection. In
the body, from top to bottom, you find the 'Custom Banner' header with optional
text fields 'UI Bannner' and 'SSH Banner' beneath. A 'Save' button is at the bottom of the body.

Custom Banner

Create a custom text banner to communicate important messages to operators. For UI Banner, enter the text you want to be shown on each page of the Ops Manager UI. For SSH Banner, enter the text that appears when an operator shells into Operations Manager.

Export Installation Settings

Exports the current installation with all of its assets. When you export an installation, the exported file contains references to the base VM images, necessary packages, and configuration settings.

Syslog

Viewable by administrators only. Configure a custom Syslog server for Ops Manager. When you select Yes and fill the following fields, Ops Manager produces and sends all Ops Manager logs to the configured syslog endpoint.

  1. Select Syslog. At the top of the image is the header 'Settings' to the right of an image of a dark gray lock. Below this header is a list of panes on the far left of the image, labeled, from top to bottom: 'Change Decryption Passphrase', 'SAML Settings', 'LDAP Settings', 'SSL Certificate', 'Pivotal Network Settings', 'Proxy Settings', 'Custom Banner', 'Export Installation Settings', 'Syslog', and 'Advanced Options'. The Syslog pane is highlighted in dark gray to show that it is selected. To the right of this list and underneath the Settings header is the header 'Syslog' with a horizontal line underneath. Below the line is the text 'Syslog settings may take up to 1 min to take effect.' Below this text is the larger-font text 'Do you want to configure Syslog for OpsManager'? Below this text are two options: one radio button labeled 'No', and one selected radio button labeled 'Yes'. Below these are two text fields labeled, from top to bottom, 'Address' and 'Port'. Both fields have red asterisks, to denote that they are required. To the right of the Address field is the help text 'The address or host for the syslog server'. Below the Port field is a dropdown labeled 'Transport Protocol', with a red asterisk and the 'TCP' option selected. Below this dropdown is a selected checkbox labeled 'Enable TLS'. Below this checkbox is a text field labeled 'Permitted Peer' with a red asterisk. Below this field is a text area labeled 'SSL Certificate' with a red asterisk. Below this text area is a text field labeled 'Queue Size', containing the grayed-out example text '100000'. Below this text field is a checkbox labeled 'Forward Debug Logs'. Below this checkbox is a text area labeled 'Custom rsyslog Configuration'. At the bottom of the image is a blue, rectangular button labeled 'Save Syslog Settings'.

  2. (Optional) Select Yes to send BOSH Director system logs to a remote server.

  3. Enter the IP address or DNS name for the remote server in Address.

  4. Enter the port number that the remote server listens on in Port.

  5. Select TCP or UDP from the Transport Protocol dropdown. This selection determines which transport protocol is used to send the logs to the remote server.

  6. (Optional) Select the Enable TLS checkbox to send encrypted logs to remote server with TLS. After you select the checkbox, do the following:

    1. Enter either the name or SHA1 fingerprint of the remote peer in Permitted Peer.
    2. Enter the SSL certificate for the remote server in SSL Certificate.

      Note: Pivotal strongly recommends that you enable TLS encryption when you are forwarding logs. Logs can contain sensitive information, such as cloud provider credentials.

  7. (Optional) Enter an integer in Queue Size. This value specifies the number of log messages held in the buffer. The default value is 100,000.

  8. (Optional) Select the checkbox to Forward Debug Logs to an external source. This option is deselected by default. If you select it, you may generate a large amount of log data.

  9. (Optional) Enter configuration details for rsyslog in the Custom rsyslog Configuration field. This field requires the rainerscript syntax.

  10. Click Save Syslog Settings.

Advanced Options

  • Download Activity Data: Downloads a directory containing the config file for the installation, the deployment history, and version information.
  • Download Root CA Cert: Use this to download the root CA certificate of your deployment as an alternative to curling the Ops Manager API.
  • View Diagnostic Report: Displays various types of information about the configuration of your deployment.
  • Delete This Installation: Deletes your Ops Manager installation permanently.

My Account Page

To change your email and password, navigate to the My Account page by clicking on your user name located at the upper right corner of the screen and selecting My Account.

This example 'Account Settings' page shows
          two subheadings titled 'Profile' and 'Third Party Access'. Under 'Profile'
is an email 'admin@test.org' and an obscured password using asterisks. The email and
  password have two corresponding links to the right: 'Change Email' and 'Change
Password'. Under 'Third Party Access' is a paragraph that says 'You have not yet
authorized any third party applications.'

Create a pull request or raise an issue on the source for this page in GitHub