VMware vCenter Scanner Reference
This document provides a comprehensive reference for the VMware vCenter scanner used in NopeSight v3 network discovery. The vCenter scanner performs deep infrastructure analysis of VMware environments using the vSphere API (pyVmomi) to collect complete virtualization infrastructure data.
Overview
The vCenter scanner (vcenter_scanner.py) is the primary method for discovering and mapping VMware virtualization infrastructure. It connects to vCenter servers using the vSphere API to gather comprehensive information about datacenters, clusters, ESXi hosts, virtual machines, storage systems, and virtual networks for complete infrastructure visibility and dependency mapping.
Network Ports and Protocols
vCenter API Communication
- Port 443 (TCP) - vSphere API over HTTPS (required)
- Protocol - SOAP/REST API over TLS
- Authentication - vSphere SSO (Single Sign-On)
Discovery Trigger
The vCenter scanner is automatically triggered when:
- Port 443 is detected as open during network scanning
- Manual vCenter target is configured with credentials
Authentication Requirements
vCenter Credentials
The scanner requires vCenter credentials with appropriate permissions:
Minimum Required Permissions
- Read-Only User Role - Sufficient for discovery operations
- Global Permissions - Required at vCenter level
- Propagation - Must propagate to all child objects
Required Privileges
- System.Anonymous
- System.Read
- System.View
- Global.Licenses
- Host.Config.AdvancedConfig
- VirtualMachine.Config.AdvancedConfig
Authentication Flow
- SSL Connection - Establishes secure connection to vCenter
- SSO Login - Authenticates using provided credentials
- Session Management - Maintains session for data collection
- Graceful Logout - Properly closes session after completion
Data Collection Overview
Infrastructure Hierarchy
The scanner discovers the complete VMware infrastructure hierarchy:
vCenter Server
├── Datacenter
│ ├── Cluster
│ │ ├── ESXi Host
│ │ │ └── Virtual Machine
│ │ └── Resource Pool
│ ├── Standalone Host
│ │ └── Virtual Machine
│ ├── Datastore
│ └── Network
vCenter Server Information
Data Collected
-
Identification
- vCenter name and version
- Build number
- API version
- Instance UUID
-
Configuration
- IP address
- Operating system type
- License information
- Product name and version
vCenter Health Metrics
- Overall system health status
- Service status
- Connected hosts count
- Total VM count
Datacenter Discovery
Datacenter Information
-
Basic Properties
- Datacenter name
- Unique identifier (MoRef)
- Overall status (green/yellow/red/gray)
-
Folder Structure
- VM folder path
- Host folder path
- Network folder path
- Datastore folder path
-
Resource Counts
- Total ESXi hosts
- Total virtual machines
- Total clusters
- Total datastores
Cluster Configuration
Cluster Properties
-
Identification
- Cluster name
- Unique identifier
- Parent datacenter reference
-
Resource Configuration
- Total CPU cores
- Total memory capacity
- Current CPU usage (MHz)
- Current memory usage (MB)
- Total hosted VMs
High Availability (HA) Settings
- HA Status
- HA enabled/disabled
- Admission control enabled
- Failover level
- Host monitoring status
Distributed Resource Scheduler (DRS)
- DRS Configuration
- DRS enabled/disabled
- Automation level (manual/partially automated/fully automated)
- Migration threshold
- Power management settings
Enhanced vMotion Compatibility (EVC)
- EVC mode enabled/disabled
- Current EVC baseline
- CPU compatibility requirements
ESXi Host Discovery
Host System Information
-
Hardware Details
- Host name and domain
- Manufacturer and model
- Serial number and UUID
- BIOS version
-
CPU Specifications
- Processor model
- Number of CPU packages
- Total CPU cores
- CPU threads (logical processors)
- CPU speed (MHz)
-
Memory Configuration
- Total physical memory
- Memory modules details
- Memory usage
Host Status and State
-
Connection State
- Connected
- Disconnected
- Not Responding
- Maintenance Mode
-
Power State
- Powered On
- Powered Off
- Standby
- Unknown
-
Operational Metrics
- Boot time
- Uptime (days)
- VM count
- Overall status
Hypervisor Information
- VMware ESXi Details
- Full product name
- Version number
- Build number
- API version
- Patch level
Network Configuration
- Management Network
- Management IP addresses
- vMotion IP addresses
- Storage network IPs
- Virtual switch configuration
Virtual Machine Discovery
VM Identification
- Unique Identifiers
- VM name
- UUID (vCenter UUID)
- Instance UUID
- BIOS UUID
- MoRef ID
VM Configuration
-
Hardware Specifications
- Virtual CPU count
- Memory allocation (MB)
- Virtual hardware version
- Guest OS configured
-
Resource Allocations
- CPU reservation (MHz)
- CPU limit (MHz)
- Memory reservation (MB)
- Memory limit (MB)
VM Runtime Information
-
Power State
- Powered On
- Powered Off
- Suspended
-
Guest Information
- Guest OS detected
- Guest OS ID
- VMware Tools status
- VMware Tools version
- Guest hostname
- IP addresses (all interfaces)
VM Metadata
-
Administrative Information
- Annotations/Notes
- Custom attributes
- Tags and categories
- Creation date
- Boot time
-
File Locations
- VM configuration file path
- Virtual disk locations
- Snapshot information
Template Detection
The scanner automatically identifies and excludes VM templates:
- Templates are marked with
is_template: true - Templates are skipped during CI creation
- Prevents cluttering CMDB with unused templates
Storage Discovery
Datastore Information
-
Identification
- Datastore name
- Unique identifier
- Type (VMFS, NFS, vSAN, etc.)
- URL/Path
-
Capacity Metrics
- Total capacity (GB)
- Free space (GB)
- Used space (GB)
- Percentage used
-
Configuration
- File system version
- Block size
- Maximum file size
- Accessibility status
Datastore Properties
-
Access Information
- Multiple host access capability
- Current accessibility
- Maintenance mode status
-
Connected Resources
- Number of VMs using datastore
- Host mount information
- Mount path per host
- Read/write permissions
Network Discovery
Virtual Network Types
-
Standard Networks
- Standard vSwitch networks
- Port group configuration
- VLAN assignments
-
Distributed Networks
- Distributed vSwitch (DVS)
- Distributed port groups
- VLAN configurations
- Network I/O Control settings
Network Properties
-
Configuration
- Network name
- VLAN ID
- MTU settings
- Teaming policy
-
Connected Resources
- Number of connected VMs
- Number of connected hosts
- Active ports
- Uplink configuration
Resource Pool Information
Resource Pool Hierarchy
- Pool name and path
- Parent cluster/host
- Child pools
- VM membership
Resource Allocation
-
CPU Resources
- CPU reservation
- CPU limit
- CPU shares
- Expandable reservation
-
Memory Resources
- Memory reservation
- Memory limit
- Memory shares
- Expandable reservation
Relationship Mapping
Infrastructure Relationships
The scanner creates the following relationship types:
Hierarchical Relationships
- vCenter → manages → Datacenter
- Datacenter → contains → Cluster
- Datacenter → contains → Host
- Cluster → contains → Host
- Host → hosts → VM
- vCenter → manages → Datastore
- vCenter → manages → Network
Resource Relationships
- VM → uses → Datastore
- VM → connected to → Network
- Host → mounts → Datastore
- Host → uses → Network
Service Relationships
- VM → runs on → Host
- VM → member of → Resource Pool
- Host → member of → Cluster
Performance Considerations
Scan Performance Metrics
- Typical Scan Time - 2-10 minutes depending on infrastructure size
- API Call Optimization - Bulk property collection
- Memory Usage - 100-500 MB depending on infrastructure size
- Network Bandwidth - Minimal (API calls only)
Best Practices
- Read-Only Access - Use read-only account for safety
- API Limits - Respect vCenter API rate limits
- Property Collection - Use property collectors for efficiency
- Session Management - Properly close sessions
- Error Handling - Graceful handling of partial failures
Security Considerations
Connection Security
- TLS/SSL - All communications encrypted
- Certificate Validation - Option to verify vCenter certificate
- Credential Protection - Credentials never logged
- Session Security - Secure session token management
Access Control
- Minimal Permissions - Read-only access sufficient
- Audit Trail - All access logged in vCenter
- No Modifications - Scanner performs read-only operations
- Compliance - Supports security compliance requirements
Error Handling
Common Error Scenarios
Authentication Errors
- Invalid Credentials - Verify username/password
- Insufficient Permissions - Check role assignments
- Account Locked - Verify account status
Connection Errors
- SSL Certificate Error - Certificate validation issues
- Network Timeout - Check firewall rules
- API Version Mismatch - Verify vCenter compatibility
Data Collection Errors
- Partial Data - Some objects may be inaccessible
- Performance Impact - Large environments may timeout
- Missing Properties - Older vCenter versions may lack some data
Integration with NopeSight
Data Processing Pipeline
- Discovery Trigger - Port 443 detected or manual configuration
- vCenter Connection - Establish API connection
- Data Collection - Gather infrastructure data
- Data Upload - Send to NopeSight platform
- Processing - vCenter processor creates CIs
- Relationship Creation - Map infrastructure dependencies
- Enrichment - AI analysis of relationships
CI Types Created
- VMWare VCenter - vCenter server instances
- VCenter Datacenter - Datacenter objects
- VCenter Cluster - Cluster configurations
- ESX Server - ESXi host systems
- Server - Virtual machines (with server_type='vm')
- Storage - Datastore systems
- Network - Virtual networks
Benefits
- Complete Visibility - Full VMware infrastructure mapping
- Dependency Tracking - Understand VM-to-host relationships
- Capacity Planning - Resource utilization metrics
- Change Impact - Assess impact of infrastructure changes
- Compliance - Track VM configurations and placement
- Performance Analysis - Identify resource constraints
This comprehensive reference provides the technical details needed to understand and utilize vCenter scanning for complete VMware infrastructure discovery and management.