Merge branch 'release-0.4.1'

.github/workflows/check-wip-pr.yml

@@ -0,0 +1,14 @@
+# Perform "exit 1" if PR title starts with "WIP" to block accidental merges
+name: Check "WIP" in PR Title
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened, edited]
+
+jobs:
+  WIP:
+    runs-on: ubuntu-latest
+    if: startsWith(github.event.pull_request.title, 'WIP')
+    steps:
+      - name: Must Exit
+        run: exit 1

.github/workflows/create-docker-prerelease.yml

@@ -0,0 +1,38 @@
+name: Build and push VMware Event Router Pre-Release Image to Docker Hub
+
+on:
+  push:
+    branches:
+      - release-*
+
+defaults:
+  run:
+    shell: bash
+    working-directory: ./vmware-event-router
+
+jobs:
+  build-push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout source (this.release branch)
+        uses: actions/checkout@master
+      - name: get the version from ref without prefixes
+        id: get_version
+        run: echo ::set-output name=VERSION::$(echo $GITHUB_REF | cut -d / -f 3)
+      - name: log in to Docker
+        env:
+          DOCKER_USER: ${{ secrets.DOCKER_USER }}
+          DOCKER_SECRET: ${{ secrets.DOCKER_SECRET }}
+        run: echo "${DOCKER_SECRET}" | docker login -u "${DOCKER_USER}" --password-stdin
+      - name: test and build pre-release image
+        env: 
+          VERSION: ${{ steps.get_version.outputs.VERSION }}        
+        run: |
+          echo "Building pre-release of vmware-event-router with version $VERSION"        
+          make
+          docker tag vmware/veba-event-router:latest vmware/veba-event-router:$VERSION
+      - name: push just the pre-release image
+        env: 
+          VERSION: ${{ steps.get_version.outputs.VERSION }}        
+        run: |
+          docker push vmware/veba-event-router:$VERSION

.github/workflows/protect-master.yml

@@ -0,0 +1,19 @@
+# Even though branch protection rules might be in place, this is an additional
+# safety net to protect against unwanted pull requests against "master"
+name: Protect Master Branch
+
+# This workflow is triggered on PRs to the master branch
+on:
+  pull_request:
+    branches:
+      - master
+
+jobs:
+  protect:
+    name: Reject
+    runs-on: ubuntu-latest
+    # sanity check
+    if: github.event_name == 'pull_request' && github.base_ref == 'master'
+    steps:
+      - name: Must reject PR
+        run: exit 1

.github/workflows/router-unit-tests.yml

@@ -0,0 +1,23 @@
+name: VMware Event Router Unit Tests
+
+# triggered on PRs but only when changes inside vmware-event-router (sub)dir(s)
+on:
+  pull_request:
+    paths:
+      - 'vmware-event-router/**'
+
+# run all jobs with these defaults, unless specified otherwise
+defaults:
+  run:
+    shell: bash
+    working-directory: ./vmware-event-router
+
+jobs:
+  unit-tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout source
+        uses: actions/checkout@master
+      - name: run unit tests
+        run: make test
+

VERSION

@@ -1 +1 @@
-v0.4.0
+v0.4.1

docs/README.md

@@ -24,7 +24,7 @@ The website is hosted using [Github Pages](https://help.github.com/en/github/wor
 └── Gemfile                   > Plugins required for the website to be built by Jekyll
 ```
 
-In order for Jekyll to process the MD files and render them as html, you'll need to add the below to the beginning of the each MD file. 
+In order for Jekyll to process the MD files and render them as html, you'll need to add the below to the beginning of the each MD file.
 
 ```yaml
 ---
@@ -62,6 +62,8 @@ rbenv install 2.6.3
 gem install bundler
 ```
 
+*Note: if you hit a permissions error for the `gem install bundler` follow advice from the [bundler docs](https://bundler.io/doc/troubleshooting.html#permission-denied-when-installing-bundler)*
+
 ### Dependencies for Linux
 If you are running a build on Ubuntu you will need the following packages:
 * ruby
@@ -88,7 +90,7 @@ bundle install
 * Serve the site and watch for markup/sass changes `jekyll serve --livereload --incremental`. You may need to run `bundle exec jekyll serve --livereload --incremental`.
 * View your website at http://127.0.0.1:4000/
 * Commit any changes and push everything to your fork.
-* Once you're ready, submit a PR of your changes. 
+* Once you're ready, submit a PR of your changes.
 
 ## Troubleshooting
 * If you don't see your updates reflected on the website when running locally, try the following steps

docs/_data/default.yml

@@ -3,7 +3,7 @@ toc:
     subfolderitems:
       - page: About
         id: intro-about
-        url: /kb 
+        url: /kb/
       - page: Architecture
         id: intro-architecture
         url: /kb/architecture
@@ -64,7 +64,10 @@ toc:
       - page: Using Harbor with VEBA
         id: site-resources
         external_url: https://rguske.github.io/post/using-harbor-with-the-vcenter-event-broker-appliance/
-
+      - page: Monitoring VEBA with vROps
+        id: site-resources
+        external_url: https://rguske.github.io/post/monitoring-the-vmware-event-broker-appliance-with-vrealize-operations-manager/
+
   - title: Troubleshoot
     subfolderitems:
       - page: Troubleshooting Appliance

docs/_data/resources.yml

@@ -16,15 +16,15 @@ links:
       author_name: Partheeban Kandasamy (PK)
       excerpt: Uptime and Reliability is more important now than ever during these times when Technology and Infrastructure is enabling us fight a global pandemic with work from home policies. It is no wonder that eyes lit up when you say PagerDuty and vCenter integration...
 
-  - title: Using Harbor with the vCenter Event Broker Appliance
+  - title: Monitoring the VMware Event Broker Appliance with vRealize Operations Manager
     display: true
-    details: 
+    details:
       url_text: blog post
-      external_url: https://rguske.github.io/post/using-harbor-with-the-vcenter-event-broker-appliance/
-      external_image: https://rguske.github.io/img/veba_harbor_cover.jpg
+      external_url: https://rguske.github.io/post/monitoring-the-vmware-event-broker-appliance-with-vrealize-operations-manager/
+      external_image: https://rguske.github.io/img/posts/202005_vropsveba/CapturFiles-20200512_041624.jpg
       author_name: Robert Guske
-      excerpt: ...I wanted to use Harbor this time. In order to implement this, I have to replace the original image specification in the stack.yml and point to my Harbor instance, the corresponding project and the image with tag...
-  
+      excerpt: ...Let me demonstrate you how we can prepare VEBA to send the desired data (metrics) to vROPs and how we import a custom dashboard that provides you with plenty of interesting and useful information...
+
   - title: vCenter Event Broker Appliance Updates – VMworld, Fling, Community & Open Source
     display: true
     details: 
@@ -74,6 +74,9 @@ otherlinks:
   - title: Blog post walkthrough of VEBA deployment
     url: https://www.patrickkremer.com/veba/
     display: true
+  - title: Using Harbor with the vCenter Event Broker Appliance
+    url: https://rguske.github.io/post/using-harbor-with-the-vcenter-event-broker-appliance/
+    display: true
   - title: Automate host maintenance with vCenter
     url: https://doogleit.github.io/2019/11/automate-host-maintenance-with-the-vcenter-event-broker-appliance/
     display: true

docs/kb/contribute-functions.md

@@ -11,13 +11,13 @@ cta:
 
 # Writing your own functions
 
-The VMware Event Broker Appliance uses OpenFaaS as a Function-as-a-Service (FaaS) platform. If you are looking to understand the basics of functions, start [here](kb/functions).
+The VMware Event Broker Appliance uses OpenFaaS as a Function-as-a-Service (FaaS) platform. If you are looking to understand the basics of functions, start [here](functions).
 
 You can also get started quickly with these quickstart [templates](https://github.com/pksrc/vebafn){:target="_blank"}.
 
 ## Instructions
 
-> **ASSUMPTION:** The following steps assume VMware Event Broker Appliance has been [installed (configured with OpenFaaS)](/kb/install-openfaas) and is running.
+> **ASSUMPTION:** The following steps assume VMware Event Broker Appliance has been [installed (configured with OpenFaaS)](install-openfaas) and is running.
 
 
 * Create a directory for your function and set up the secret config file

docs/kb/contribute-start.md

@@ -8,10 +8,10 @@ cta:
  title: Join our community 
  description: Earn a place amongst our top contributors [here](/community#contributors-veba)
  actions:
-    - text: Learn how you can contribute to our Appliance build process [here](/kb/contribute-appliance)
-    - text: Learn how you can contribute to our VMware Event Router [here](/kb/contribute-eventrouter)
-    - text: Learn how you can contribute to our Pre-built Functions [here](/kb/contribute-functions)
-    - text: Learn how you can contribute to our Website [here](/kb/contribute-site).
+    - text: Learn how you can contribute to our Appliance build process [here](contribute-appliance)
+    - text: Learn how you can contribute to our VMware Event Router [here](contribute-eventrouter)
+    - text: Learn how you can contribute to our Pre-built Functions [here](contribute-functions)
+    - text: Learn how you can contribute to our Website [here](contribute-site).
 ---
 
 # Contributing

docs/kb/install-eventbridge.md

@@ -40,16 +40,17 @@ Customers looking to seamlessly extend their vCenter through native AWS componen
   * NTP Server - NTP Server(s) for proper time synchronization. If you have multiple DNS Servers, input needs to be **space separated**.
 
 #### **Proxy Settings** (Optional)
-  * HTTP Proxy Server - HTTP Proxy Server followed by the port and without typing http:// before (e.g. proxy.provider.com:3128)
-  * HTTPS Proxy - HTTPS Proxy Server followed by the port and without typing https:// before (e.g. proxy.provider.com:3128)
+  * HTTP Proxy Server - HTTP Proxy Server followed by the port (e.g. http://proxy.provider.com:3128)
+  * HTTPS Proxy - HTTPS Proxy Server followed by the port (e.g. http(s)://proxy.provider.com:3128)
   * Proxy Username - Optional Username for Proxy Server
   * Proxy Password - Optional Password for Proxy Server
   * No Proxy - Exclude internal domain suffix. Comma separated (localhost, 127.0.0.1, domain.local)
 
 #### **OS Credentials** (**Required**)
   * Root Password - This is the OS root password for the VMware Event Broker Appliance
+  * Enable SSH - Check the box to allow SSH to the Appliance (SSH to the appliance is disabled by default)
 
-#### vSphere* (**Required**)
+#### **vSphere** (**Required**)
 
   * vCenter Server - This FQDN or IP Address of your vCenter Server that you wish to associate this VMware Event Broker Appliance to for Event subscription
   * vCenter Username - The username to login to vCenter Server, as mentioned earlier, readOnly account is sufficient

docs/kb/install-openfaas.md

@@ -38,14 +38,15 @@ Customers looking to seamlessly extend their vCenter by either deploying our pre
   * NTP Server - NTP Server(s) for proper time synchronization. If you have multiple NTP Servers, input needs to be **space separated**.
 
 #### **Proxy Settings** (Optional)
-  * HTTP Proxy Server - HTTP Proxy Server followed by the port and without typing http:// before (e.g. proxy.provider.com:3128)
-  * HTTPS Proxy - HTTPS Proxy Server followed by the port and without typing https:// before (e.g. proxy.provider.com:3128)
+  * HTTP Proxy Server - HTTP Proxy Server followed by the port (e.g. http://proxy.provider.com:3128)
+  * HTTPS Proxy - HTTPS Proxy Server followed by the port (e.g. http(s)://proxy.provider.com:3128)
   * Proxy Username - Optional Username for Proxy Server
   * Proxy Password - Optional Password for Proxy Server
   * No Proxy - Exclude internal domain suffix. Comma separated (localhost, 127.0.0.1, domain.local)
 
 #### **OS Credentials** (**Required**)
   * Root Password - This is the OS root password for the VMware Event Broker Appliance
+  * Enable SSH - Check the box to allow SSH to the Appliance (SSH to the appliance is disabled by default)
 
 #### **vSphere** (**Required**)
 

docs/kb/intro-about.md

@@ -3,7 +3,7 @@ layout: docs
 toc_id: intro-about
 title: VMware Event Broker Appliance - Introduction
 description: VMware Event Broker Appliance - Introduction
-permalink: /kb
+permalink: /kb/
 cta:
  title: Getting Started
  description: Get started with VMware Event Broker Appliance and extend your vSphere SDDC in under 60 minutes

docs/kb/troubleshoot-appliance.md

@@ -179,7 +179,7 @@ The SSH daemon will run but not automatically start with the next reboot. You ca
 
 Edit the configuration file with vi
 ```bash
-vi /root/event-router-config.json
+vi /root/config/event-router-config.json
 ```
 
 The editor will open with output similar to this (truncated)

docs/site/faq.md

@@ -18,6 +18,10 @@ faqs:
     A: Instantaneous to a few seconds! The function execution itself is not considered in this answer since that is dependent on the logic that is being implemented.
   - Q: Can I setup the VMware Event Broker Appliance components on Kubernetes?
     A: Yes! Follow the steps provided [here](/kb/advanced-deploy-k8s).
+  - Q: Can I use a private registry like e.g. [Harbor](https://goharbor.io/) to have a source of truth for my functions (images)?
+    A: Yes! Follow the steps provided [here](https://rguske.github.io/post/using-harbor-with-the-vcenter-event-broker-appliance/).
+  - Q: How can I monitor the Appliance, the Kubernetes components as well as the functions (pods) in terms of utilization, performance and state?
+    A: vRealize Operations Manager provides these capabilities as described [here](https://rguske.github.io/post/monitoring-the-vmware-event-broker-appliance-with-vrealize-operations-manager/).
 - title: Common Questions - Functions
   id: function
   items: 

examples/powercli/datastore-usage-email/README.md

@@ -16,7 +16,15 @@ git checkout master
 
 Step 2 - Update `stack.yml` and `vc-datastore-config.json` with your environment information
 
-> **Note:** leave SMTP_USERNAME and SMTP_PASSWORD blank if you do not want to use authenticated SMTP
+> **Note:**
+ Leave SMTP_USERNAME and SMTP_PASSWORD blank if you do not want to use authenticated SMTP
+
+The function supports pulling a To: email address from a custom attribute in vCenter. This allows administrators with vCenter access to configure email notifications without having to alter the JSON script configuration. To enable this feature, do the following:
+- Create a custom attribute in vCenter, assign it to a datastore and give it an email address. For example, create a custom attribute named `NotifyEmail` and assign it a value of `[email protected]`
+- In `vc-datastore-config.json`, add the name of the custom attribute `NotifyEmail` as the value for `DATASTORE_CUSTOM_PROP_EMAIL_TO`
+- Add a vCenter URL and credentials to `VC`, `VC_USERNAME`, and `VC_PASSWORD`
+
+When this is configured, an email address found in the custom attribute will be added to the email already defined in the `EMAIL_TO` section of the JSON file. 
 
 Step 3 - Login to the OpenFaaS gateway on VMware Event Broker Appliance
 

examples/powercli/datastore-usage-email/handler/script.ps1

@@ -36,25 +36,85 @@ if( ("$alarmName" -match "$($VC_CONFIG.VC_ALARM_NAME)") -and ([bool]($VC_CONFIG.
     } elseif($alarmStatus -eq "green") {
         $subject = "$($VC_CONFIG.EMAIL_SUBJECT)"
         $threshold = "normal"
-    }
+	}
 
     $Body = "$alarmName $datastoreName has reached $threshold threshold.`r`n"
-
-    if ( $threshold -ne "normal" ) {
-        $Body = $Body + "Please log in to your VMware Cloud on AWS environment and ensure that everything is operating as expected.`r`n"
-    }
+
+	if ( $threshold -ne "normal" )
+	{
+		$Body = $Body + "Please log in to your VMware Cloud on AWS environment and ensure that everything is operating as expected.`r`n"
+	}
 
-    $Body = $Body + @"
-        vCenter Server: $vcenter
+	$Body = $Body + @"
+	    vCenter Server: $vcenter
         Datacenter: $datacenter
         Datastore: $datastoreName	
 "@
-    if ($VC_CONFIG.SMTP_PASSWORD.length -gt 0 -and $VC_CONFIG.SMTP_USERNAME.length -gt 0) {
-        $password = ConvertTo-SecureString "$($VC_CONFIG.SMTP_PASSWORD)" -AsPlainText -Force
-        $credential = New-Object System.Management.Automation.PSCredential($($VC_CONFIG.SMTP_USERNAME), $password)
-        Send-MailMessage -From $($VC_CONFIG.EMAIL_FROM) -to $($VC_CONFIG.EMAIL_TO) -Subject $Subject -Body $Body -SmtpServer $($VC_CONFIG.SMTP_SERVER) -port $($VC_CONFIG.SMTP_PORT) -UseSsl -Credential $credential -Encoding UTF32
-    } else {
-        Send-MailMessage -From $($VC_CONFIG.EMAIL_FROM) -to $($VC_CONFIG.EMAIL_TO) -Subject $Subject -Body $Body -SmtpServer $($VC_CONFIG.SMTP_SERVER) -port $($VC_CONFIG.SMTP_PORT) -Encoding UTF32
+
+    $emailTo = $VC_CONFIG.EMAIL_TO 
+
+    # If the JSON file has a custom property email field defined, log into vCenter to find the value
+    # This is used to allow admins within vCenter to add an email address for storage alarms independent of the EMAIL_TO value
+    if ($VC_CONFIG.DATASTORE_CUSTOM_PROP_EMAIL_TO.length -gt 0)
+    {
+        Set-PowerCLIConfiguration -InvalidCertificateAction Ignore  -DisplayDeprecationWarnings $false -ParticipateInCeip $false -Confirm:$false | Out-Null
+
+        # Connect to vCenter Server
+        Write-Host "Connecting to vCenter Server ..."
+        Connect-VIServer -Server $($VC_CONFIG.VC) -User $($VC_CONFIG.VC_USERNAME) -Password $($VC_CONFIG.VC_PASSWORD)
+
+        # This objet has all defined custom fields in the vCenter
+        $customFieldMgr = Get-View ($global:DefaultVIServer.ExtensionData.Content.CustomFieldsManager)
+
+        $datastoreView = Get-View -ViewType Datastore -Property Name, Value -Filter @{"name"=$datastoreName}
+
+        # Build 2 hash tables for the key-value pairs in the Custom Fields Manager, one to search by Custom Field ID and one to search by Name
+        $customKeyLookup = @{}
+        $customNameLookup = @{}
+        $customFieldMgr.Field | ForEach-Object {
+            $customKeyLookup.Add($_.Key, $_.Name)          
+            $customNameLookup.Add($_.Name, $_.Key)
+        }
+
+        # This is the custom field that we're looking to pull an email address out of
+        $emailKey = $customNameLookup[$($VC_CONFIG.DATASTORE_CUSTOM_PROP_EMAIL_TO)]
+
+        #If we find one, this is the email address we will add to the "To" field in the email
+        $addEmailAddress = ""
+        foreach ($row in $datastoreView.Value) {
+            if ($env:function_debug -eq "true") {
+                Write-Host "`Datastore:" $datastoreName "has Custom Field:" $customKeyLookup[$row.Key] "with value:" $row.Value "`n"
+            }
+            if ($row.Key -eq $emailKey) 
+            {
+                if ($env:function_debug -eq "true") {
+                    write-host "Found key" $emailKey "with value" $row.value
+                }
+                $addEmailAddress = $row.value
+            }
+
+        }
+
+        if ($addEmailAddress.length -gt 0){
+            $emailTo = $emailTo + $addEmailAddress
+        }
+        else {
+            Write-Host "DATASTORE_CUSTOM_PROP_EMAIL_TO value '"$VC_CONFIG.DATASTORE_CUSTOM_PROP_EMAIL_TO "' found in JSON config but not found on datastore"
+        }
+        Write-Host "Disconnecting from vCenter Server ..."
+        Disconnect-VIServer * -Confirm:$false
+
     }
-}
 
+    # If defined in the config file, send via authenticated SMTP, otherwise use standard SMTP
+	if ($VC_CONFIG.SMTP_PASSWORD.length -gt 0 -and $VC_CONFIG.SMTP_USERNAME.length -gt 0)
+	{
+		$password = ConvertTo-SecureString "$($VC_CONFIG.SMTP_PASSWORD)" -AsPlainText -Force
+		$credential = New-Object System.Management.Automation.PSCredential($($VC_CONFIG.SMTP_USERNAME), $password)
+		Send-MailMessage -From $($VC_CONFIG.EMAIL_FROM) -to $($emailTo)  -Subject $Subject -Body $Body -SmtpServer $($VC_CONFIG.SMTP_SERVER) -port $($VC_CONFIG.SMTP_PORT) -UseSsl -Credential $credential -Encoding UTF32
+	}
+	else
+	{
+		Send-MailMessage -From $($VC_CONFIG.EMAIL_FROM) -to $($emailTo) -Subject $Subject -Body $Body -SmtpServer $($VC_CONFIG.SMTP_SERVER) -port $($VC_CONFIG.SMTP_PORT) -Encoding UTF32
+	}
+}