Loading TOC...
Ops Director Guide (PDF)

Ops Director Guide — Chapter 8

Console Settings View

The Console Settings view allows you to configure role-based access control to resources, manage user accounts, manage licensing, and define telemetry settings.

This chapter covers the following topics:

Role Based Access Control (RBAC) Settings

Use the Role Based Access Control (RBAC) settings to define new roles that assign sub-roles to Resource Groups to control which users have access to the resources defined by those Resource Groups (Resource Scope). The roles you create in this view will be accessible in the Admin Interface.

When assigning Resource Groups to a role, the resources in those groups and also 'inherited' resources will be accessible to users assigned that role. For details how resource groups define access to resources, see Access Inheritance in Resource Groups.

For example, to see the cluster resources, you must create a Resource Group for this cluster and assign it to a role. A practical configuration would be to restrict access of a particular user to one cluster, which would imply access to that cluster's hosts, application servers, databases, and forests through the access inheritance mechanism in resource groups.

If you don't have permission to see a resource, that resource will be displayed as blank or, if the resource type is presented as a count, it will be displayed as 0. Additionally, if you don't have permission to see a resource that is presented in chart form, you will see charts, but those charts will have no data (lines) for the prohibited resource.

This section covers the following topics:

Roles Tab

The Roles tab lists the available roles.The columns displayed for a Role are described in the table below.

Column Description
Role name The name of the Ops Director role.
Sub-Roles (optional) The MarkLogic roles to be assigned to this role. For details, see Role-Based Security Model in the Security Guide and Appendix C: Pre-defined Roles in the Administrator's Guide.

Do not assign opsdir-admin as a sub-role, as opsdir-admin has access to view all of the resources in Ops Director, which defeats the purpose of RBAC.

Resource Scopes (optional) The resource group(s) to which this role controls access.
Description (optional) The description of this role.

You may export data from the Roles tab as a CSV (Comma Separated Values) file by clicking the Export icon in the upper right corner. The following rules apply:

  • The resulting CSV file will have the same columns as the Roles table in the UI.
  • All available columns are exported, regardless of whether they are visible or hidden in the UI.
  • All records that satisfy the set filter parameters are exported.
  • Data types of the fields in the CSV file correspond to those in the UI. In case of boolean values, Yes/No in the UI corresponds to TRUE/FALSE in the CSV file.

You may then import the CSV file into other applications (e.g. Excel) for further processing or analysis.

Resource Access Tab

The Resource Access tab lists the resource groups and their assigned roles. The columns displayed are described in the table below.

Column Description
Resource Scope The name of the resource group.
Roles The roles assigned to the resource group.

You may export data from the Resource Access tab as a CSV (Comma Separated Values) file by clicking the Export icon in the upper right corner. The following rules apply:

  • The resulting CSV file will have the same columns as the Resource Access table in the UI.
  • All available columns are exported, regardless of whether they are visible or hidden in the UI.
  • All records that satisfy the set filter parameters are exported.
  • Data types of the fields in the CSV file correspond to those in the UI. In case of boolean values, Yes/No in the UI corresponds to TRUE/FALSE in the CSV file.

You may then import the CSV file into other applications (e.g. Excel) for further processing or analysis.

Creating a Resource Group and Assigning it to a Role

The following procedure creates a Resource Group that represents all of the hosts in the Managed Clusters and then restricts access to monitor those hosts to only users with the opsdir-user role.

  1. In Ops Director, select the Console Settings view.
  2. Select Resource Group in the left-hand menu.
  3. Click on Create Group.

  4. In the Create Group dialog, enter the Group Name, Description, and select Host from the Resource Type pull-down menu.

  5. After creating the group, select the group. In the Resource Groups / Hosts page, scroll down to the Total Resources section (which will likely be out of sight until you scroll down) and select which hosts in the cluster are to belong to this group.

  6. Click Assign to assign the selected resources to the group.

  7. The Resource Group lists the assigned resources.

  8. Select Roles under from under RBAC Settings.

  9. Click on Create Role.

  10. In the Create Role dialog, enter the Role Name (HostAccess, in this example) and Description. Select opsdir-user from the Sub Roles pull-down menu.

  11. Select Hosts from the Resource Scope pull-down menu. Click ok.

Editing or Deleting a Role

To edit or delete a role, click on the Action icon next to that role and select desired action.

To delete multiple roles, mark checkboxes next to all roles you want to delete and select Delete All Selected Roles in the Actions menu.

Delete All Selected Roles option is enabled when at least one role is selected.

Resource Groups

You may want to establish roles and privileges at a finer and more ad hoc granularity than is provided by the pre-defined MarkLogic roles. It is likely that roles defined within the enterprise are fairly coarse-grained and that changing roles (in an external LDAP server, for example), may be considered too 'heavy weight' for ad hoc groupings.

Resource Groups define sets of resources to which you can assign specific roles to customize user access to those resources. For details how resource groups define access to resources, see Access Inheritance in Resource Groups.

The columns displayed are described in the table below.

Column Description
Group Name The name of the resource group.
Group type The type of resources in the group (Hosts, Databases, App Servers, Clusters).
Size The number of resources in the resource group.
Description The description of the resource group.
Action The action to take on the resource group (Edit or Delete).

You may export data from the Resource Groups tab as a CSV (Comma Separated Values) file by clicking the Export icon in the upper right corner. The following rules apply:

  • The resulting CSV file will have the same columns as the Resource Groups table in the UI.
  • All available columns are exported, regardless of whether they are visible or hidden in the UI.
  • All records that satisfy the set filter parameters are exported.
  • Data types of the fields in the CSV file correspond to those in the UI. In case of boolean values, Yes/No in the UI corresponds to TRUE/FALSE in the CSV file.

    Resource Groups CSV file, in addition to the columns from the Resource Groups table in the UI, has one additional column -- Resource Id; this column contains comma-separated list of identifiers of all resources in this group.

You may then import the CSV file into other applications (e.g. Excel) for further processing or analysis.

This section covers the following topics:

Creating a Resource Group

Do the following to create a Resource Group.

  1. Click Create Group.
  2. In the pop-up window, enter a Group Name, select a Resource Type (Host, Database, Appserver, or Cluster), and a description for the resource group.

  3. Click Save. The new Resource Group is added to the list of Resource Groups.
  4. By default, no resources are included in the Resource Group. To include resources, click on the name of the newly created Resource Group.

  5. Scroll down to the Total Resources section and select the resource to be included in the Resource Group. This view will differ, for each type of Resource Group, as described in Resource Group Views.

    By default, you can view 10 resources per page. You can adjust how many resources to view in the Resource Group page by changing the number in the pull-down menu at the bottom of the page.

  6. When you have finished selecting resources for the Resource Group, click Assign at the bottom of the page.

Editing or Deleting a Resource Group

To edit or delete a resource group, click on the Action icon next to that resource group and select desired action.

To delete multiple resource groups, mark checkboxes next to all resource groups you want to delete and select Delete All Selected Groups in the Actions menu.

Delete All Selected Groups option is enabled when at least one resource group is selected.

Resource Group Views

Click on a resource group to display the assigned and unassigned resources, as well as assign and deassign resources. The contents of each type of resource group are described in the following sections:

Host Groups

The columns displayed for a host group are described in the table below. These settings are described in the Hosts chapter in the Administrator's Guide.

Column Description
Name The hostname of the host.
Cluster The name of the cluster on which the host resides.
Group The name of the group that contains the host.
OS The name and version of the operating system on which the host runs.
Server Version The version of MarkLogic Server running on the host.
Forests The number of forests configured for the host.
Databases The number of databases configured for the host.
App Servers The number of App Servers configured for the host.
Disk Space The amount of disk space (in MB) used on the host.
Uptime The duration (Days Hrs:Min) the host has been available.
Maint. Mode The host maintenance mode (normal or maintenance). For details, see Rolling Upgrades in the Administrator's Guide.
Zone The Amazon Web Services (AWS) zone in which the host resides, if applicable.

You may export data from the Host Groups tab as a CSV (Comma Separated Values) file by clicking the Export icon in the upper right corner. The following rules apply:

  • The resulting CSV file will have the same columns as the Host Groups table in the UI.
  • All available columns are exported, regardless of whether they are visible or hidden in the UI.
  • All records that satisfy the set filter parameters are exported.
  • Data types of the fields in the CSV file correspond to those in the UI. In case of boolean values, Yes/No in the UI corresponds to TRUE/FALSE in the CSV file.

You may then import the CSV file into other applications (e.g. Excel) for further processing or analysis.

Database Groups

The columns displayed for a database group are described in the table below. These settings are described in the Databases chapter in the Administrator's Guide.

Column Description
Name The name of the database.
Cluster The name of the cluster on which the database resides.
Forests The number of forests configured for the database.
Disk Size (MB) The amount of disk space used by the database forests, in megabytes.
Documents The number of documents in the database.
Last Backup The data-time of the last backup of the database. No value, if the database has never been backed up. For details on backing up a database, see Backing Up and Restoring a Database in the Administrator's Guide.
Encryption Specifies whether or not encryption at rest should be enabled for the database. For details, see Encryption at Rest in the Security Guide.
HA Specifies whether or not shared disk failover is enabled. For details, see High Availability of Data Nodes With Failover in the Scalability, Availability, and Failover Guide.
Replication Specifies whether or not database replication is enabled (On/Off). For details, see the Database Replication Guide.
Security DB The name of the security database used by the database.
Schemas DB The name of the schema database used by the database.
Triggers DB The name of the triggers database used by the database.

You may export data from the Database Groups tab as a CSV (Comma Separated Values) file by clicking the Export icon in the upper right corner. The following rules apply:

  • The resulting CSV file will have the same columns as the Database Groups table in the UI.
  • All available columns are exported, regardless of whether they are visible or hidden in the UI.
  • All records that satisfy the set filter parameters are exported.
  • Data types of the fields in the CSV file correspond to those in the UI. In case of boolean values, Yes/No in the UI corresponds to TRUE/FALSE in the CSV file.

You may then import the CSV file into other applications (e.g. Excel) for further processing or analysis.

App Server Groups

The columns displayed for a App Server group are described in the table below. These settings are described in the HTTP Servers, ODBC Servers, XDBC Servers, and WebDAV Servers chapters in the Administrator's Guide.

Column Description
Name The name of the App Server.
Cluster The name of the cluster on which the App Server resides.
Type The App Server Type (HTTP, ODBC, XDBC, WebDAV).
Database The content database used by the App Server.
Port The App Server port number.
SSL Whether the App Server has SSL enabled (yes) or disabled (no). For details, see Configuring SSL on App Servers in the Security Guide.
Group The name of the group that contains the App Server.
Modules DB+Root The name of the modules database, or if filesystem, the root directory.
Security The type of security (internal or external).

You may export data from the App Server Groups tab as a CSV (Comma Separated Values) file by clicking the Export icon in the upper right corner. The following rules apply:

  • The resulting CSV file will have the same columns as the App Server Groups table in the UI.
  • All available columns are exported, regardless of whether they are visible or hidden in the UI.
  • All records that satisfy the set filter parameters are exported.
  • Data types of the fields in the CSV file correspond to those in the UI. In case of boolean values, Yes/No in the UI corresponds to TRUE/FALSE in the CSV file.

You may then import the CSV file into other applications (e.g. Excel) for further processing or analysis.

Cluster Groups

The columns displayed for a cluster group are described in the table below. These settings are described in the Clusters chapter in the Administrator's Guide.

Column Description
Name The name of the cluster.
Groups The number of groups in the cluster.
Hosts The number of hosts in the cluster.
Databases The number of databases in the cluster.
Forests The number of forests in the cluster.
App Server The number of App Servers in the cluster.
Server Version The version of MarkLogic Server running on the cluster's hosts.
OS The name and version of the operating system on which the host runs.
Uptime The duration (Days Hrs:Min) the cluster has been available.
Encryption Specifies whether or not encryption at rest should be enabled for the database. For details, see Encryption at Rest in the Security Guide.

You may export data from the Cluster Groups tab as a CSV (Comma Separated Values) file by clicking the Export icon in the upper right corner. The following rules apply:

  • The resulting CSV file will have the same columns as the Cluster Groups table in the UI.
  • All available columns are exported, regardless of whether they are visible or hidden in the UI.
  • All records that satisfy the set filter parameters are exported.
  • Data types of the fields in the CSV file correspond to those in the UI. In case of boolean values, Yes/No in the UI corresponds to TRUE/FALSE in the CSV file.

You may then import the CSV file into other applications (e.g. Excel) for further processing or analysis.

License Information

Use the License Information page, under Console Settings/Security & Licensing, for a summary of managed hosts running under one or more MarkLogic license editions, with a breakdown of licensed cores, used cores, and the operating system platforms on which MarkLogic is running.

The displayed columns are described in the table below.

Column Description
License Edition The type of MarkLogic License. For details, see Pricing and Licensing on the MarkLogic website.
Licensed Cores The number of licensed cores. For more information, see Scalability Considerations in MarkLogic Server in Scalability, Availability, and Forest-Level Failover.
Used Cores The number of used cores. For more information, see Scalability Considerations in MarkLogic Server in Scalability, Availability, and Forest-Level Failover.
Platform The host operating system. See Supported Platforms in the Release Notes.
Environment The type of environment, for example production, test, etc.

You may export data from the License Information tab as a CSV (Comma Separated Values) file by clicking the Export icon in the upper right corner. The following rules apply:

  • The resulting CSV file will have the same columns as the License Information table in the UI.
  • All available columns are exported, regardless of whether they are visible or hidden in the UI.
  • All records that satisfy the set filter parameters are exported.
  • Data types of the fields in the CSV file correspond to those in the UI. In case of boolean values, Yes/No in the UI corresponds to TRUE/FALSE in the CSV file.

You may then import the CSV file into other applications (e.g. Excel) for further processing or analysis.

This section covers the following topics:

License Information By Host

Select a specific MarkLogic license edition to view details, broken down by host or by license edition, such as cluster name, group membership, processor architecture, and the number of CPUs, cores, and running threads.

The displayed columns are described in the table below.

Column Description
Host The list of licensed hosts in your enterprise.
Environment The MarkLogic environment. Typically, Development or Production.
Cluster The host cluster.
Group The host group.
Architecture The type of CPU hardware on which the host is running.
CPU The number of CPUs configured on the host hardware.
Cores The number of cores configured on the host hardware.
Threads The number of threads used by the host.
Licensed CPUs The number of licensed CPUs for the host.
Licensed Cores The number of licensed cores for the host.
Options Your licensed options. For details, see Displaying License Options in the Administrator's Guide and Pricing and Licensing on the MarkLogic website.
Expiration The license expiration date.
License Key The license key. For details, see Entering a License Key in the Installation Guide.
Licensee The name of the person or organization that holds the license.

You may export data from the License Information by Host tab as a CSV (Comma Separated Values) file by clicking the Export icon in the upper right corner. The following rules apply:

  • The resulting CSV file will have the same columns as the License Information by Host table in the UI.
  • All available columns are exported, regardless of whether they are visible or hidden in the UI.
  • All records that satisfy the set filter parameters are exported.
  • Data types of the fields in the CSV file correspond to those in the UI. In case of boolean values, Yes/No in the UI corresponds to TRUE/FALSE in the CSV file.

You may then import the CSV file into other applications (e.g. Excel) for further processing or analysis.

License Information By License

Click on the By License tab to view the license information by license key.

The displayed columns are described in the table below.

Column Description
Licensee The name of the person or organization that holds the license.
Hosts The hosts in your enterprise.
Clusters The clusters in your enterprise.
Environment The MarkLogic environment. Typically, Development or Production.
Groups The groups in your enterprise.
Architecture The type(s) of CPU hardware used by your enterprise.
CPU The number of CPUs in your enterprise.
Cores The number of cores in your enterprise.
Threads The number of threads used by the enterprise.
Licensed CPUs The number of licensed CPUs for the enterprise.
Licensed Cores The number of licensed cores for the enterprise.
Options Your licensed options. For details, see Pricing and Licensing on the MarkLogic website.
Expiration The license expiration date.
License Key The license key. For details, see Entering a License Key in the Installation Guide.

You may export data from the License Information by License tab as a CSV (Comma Separated Values) file by clicking the Export icon in the upper right corner. The following rules apply:

  • The resulting CSV file will have the same columns as the License Information by License table in the UI.
  • All available columns are exported, regardless of whether they are visible or hidden in the UI.
  • All records that satisfy the set filter parameters are exported.
  • Data types of the fields in the CSV file correspond to those in the UI. In case of boolean values, Yes/No in the UI corresponds to TRUE/FALSE in the CSV file.

You may then import the CSV file into other applications (e.g. Excel) for further processing or analysis.

Managed Clusters

The Managed Clusters page, under Console Settings/Connectivity, enables you to view the list of clusters managed by Ops Director and remove clusters that are currently in the Unknown state.

This section covers the following topics:

Viewing and Filtering the List of Managed Clusters

Use the Managed Clusters page to view the list of all clusters currently managed by Ops Director, along with their health status.

The columns displayed in the Managed Clusters tab are described in the table below.

Column Description
Name The name of the cluster.
Most Recent Update The most recent date and time when the cluster status has been updated.
Hosts The number of hosts in the cluster.
OS The name and version of the operating system on the cluster's hosts.

You may export data from the Managed Clusters tab as a CSV (Comma Separated Values) file by clicking the Export icon in the upper right corner. The following rules apply:

  • The resulting CSV file will have the same columns as the Managed Clusters table in the UI.
  • All available columns are exported, regardless of whether they are visible or hidden in the UI.
  • All records that satisfy the set filter parameters are exported.
  • Data types of the fields in the CSV file correspond to those in the UI. In case of boolean values, Yes/No in the UI corresponds to TRUE/FALSE in the CSV file.

You may then import the CSV file into other applications (e.g. Excel) for further processing or analysis.

A managed cluster may become disconnected from the Ops Director, either due to temporary network unavailability or because MarkLogic Server had stopped on the hosts comprising the cluster. In this case, the cluster's state cannot be determined by Ops Director, and hence the cluster is assigned the Unknown state.

For additional reasons why a managed cluster might be assigned the Unknown state, see Security and Database Dependencies of Managed Clusters.

You may filter the list of the managed clusters, to view only those clusters that are currently in the Unknown state, by selecting ‘Show only unknown' checkbox.

Removing Unknown Managed Clusters from the List

You may remove a managed cluster that is currently in the Unknown state from the list of clusters managed by Ops Director. Perform the following steps:

  1. Click the Remove button next to the cluster you want to remove from the list.

    The Remove button is enabled only for clusters that are currently in the Unknown state.

  2. A confirmation dialog 'Do you wish to remove this cluster from the list of clusters managed by this instance of Ops Director?' pops-up.

    Select Yes.

  3. The cluster is removed, and the updated list of managed clusters is displayed by Ops Director.

Reconnecting a Managed Cluster to Ops Director

If you removed a cluster from the list of clusters managed by Ops Director, you may want to reconnect this cluster back later on, once the issue that caused the cluster's Unknown state has been resolved.

You may add the cluster back to the list of clusters managed by Ops Director from the Admin Interface. Perform the following steps:

  1. Log into the Admin Interface on the cluster to be managed by Ops Director.
  2. Click Clusters on the left tree menu.
  3. Select the local cluster. The Edit Local Cluster Configuration page appears.
  4. Select the Ops Director tab at the top of the page.
  5. The Ops Director Setup page is displayed. Select stop managing this cluster.

    At the time when you removed the cluster from the list of managed clusters in Ops Director, the cluster was not notified that it is no longer managed, because the connection between the cluster and the Ops Director was down at that point. Therefore, you first have to update the cluster's state by selecting stop managing this cluster from the cluster's Admin Interface.

  6. In the Stop Managing this Cluster page, leave the Remove Ops Director Certificate Authority box unchecked and click ok.

    You may stop managing and start managing a cluster without re-importing a certificate to it, in case the cluster will be managed by the same instance of Ops Director.

  7. The Server Restart page is displyed.The page informs you that MarkLogic Server is being restarted to load new Ops Director status configuration.

  8. When the restart is completed, the Ops Director Setup page is displayed again. Select manage this cluster.

  9. The Configure as a Managed Cluster page is displayed.

    Enter the name of the host where your Ops Director application runs.

    Select MarkLogic Ops Director Certificate Authority from the Ops Director Certificate Authority pulldown menu.

    You may optionally modify the level for log messages sent to Ops Director, as well as the frequency at which the metering data is collected.

    Click ok.

  10. In Ops Director, open the Managed Clusters page, under Console Settings/Connectivity.

    Refresh the page. The updated list of managed clusters is displayed, with the newly reconnected cluster among them.

« Previous chapter
Next chapter »