Create External Orchestrator
A new external orchestrator can be created by clicking the Create New Configuration button in the external orchestrators main page. This leads to a modal dialog, where you can enter a name and choose an external orchestrator type. The picture below shows the basic configuration page:
The following table describes the common fields for external orchestrators. Depending on the selected type the Basic Config page requires additional parameters to be given. These will be covered by the respective section of the individual external orchestrators below.
|
Common Field |
Required |
Description |
|---|---|---|
|
Type |
Yes |
Select an external orchestrator from the list. |
|
Name |
Yes |
Name of the external orchestrator, which must be unique for the active tenant. |
|
Description |
No |
Description of the external orchestrator. |
|
Full Snapshot Interval(s) |
Yes |
Interval in seconds the external orchestrator will try to import the full snapshot of configuration from the selected Type. |
|
Accept Self-signed Cert |
No |
Check this option to accept self-signed server certificates for the HTTPS connection used by Secure Workload to retrieve configuration data from the selected Type. Default is not to allow self-signed server certificates. |
|
Secure Connector Tunnel |
No |
Check this option to set connections to the Secure Workload cluster to be tunneled through a Secure Connector tunnel. |
|
The fields Delta interval and Verbose TSDB Metrics as shown in the picture above are optional and applicable only for certain external orchestrators, which are explained in the respective description below. |
Except for the external orchestrator type AWS, the Hosts List must be given. It specifies the network address(es) of the external data source from which the external orchestrator will fetch data and generate labels. This can be done by clicking on the tab Hosts List on the left hand side, which is shown in the following picture:
In order to add new host list entry click the plus sign. Each row must contain a valid DNS host name, IPv4 or IPv6 address and a port number. Depending on the chosen external orchestrator type, you can enter multiple hosts for high availability or redundancy purposes. For more information, see the description for the chosen external orchestrator.
To set the alert for the external orchestrator, this can be done by clicking on the Alert tab on the left hand side, which is shown in the following picture:
For each external orchestrator, configuring alerts requires additional parameters to be given. These will be covered by the respective section of the individual external orchestrators below.
To enable alerts for this external orchestrator, check the Alert enabled check box.
|
|
Make sure that Connector Alerts are also enabled from page. |
Select the Alert Severity level and Disconnect Duration in minutes for configuring external orchestrator alert.
|
Field |
Description |
|---|---|
|
Severity |
Select severity level of this rule: LOW, MEDIUM, HIGH, CRITICAL or IMMEDIATE ACTION |
|
Disconnect Duration(m) |
The amount of time that a connection is disconnected. |
Click the Create button to create the new external orchestrator, whose configuration details can be viewed by clicking on the respective row in the list view:
|
|
Since the first full snapshot pull from an external orchestrator is an asynchronous operation, expect about one minute for the connection status field to be updated. |