A Second Look at Runecast

A couple of years back I took a look at Runecast and even though I liked what I saw I got tied up with other projects and engagements. Taking a new look at this product has been on my list for quite some time, and since a couple of weeks I've had it running in my lab

So far I'm quite happy with the product. I really like that it does what it claims to do and that it doesn't try to solve "everything". In a few areas it's stepping into vRealize Operations territory by looking for things like config issues and best practices, but it does not monitor performance. This makes the product lighter, more performant, and easier to manage.

I guess VMware wise we should also compare it to the Skyline Advisor cloud service that many VMware customers have access to. As I'm working for a partner and not many of the customers I work with utilize Skyline I'm not exposed to that service, be it with customers or in our labs. Runecast has a comparison chart which explains the differences in the offerings here

Either way, one of the key selling points for Runecast is that it combines it's finding with the corresponding KB article directly in the product which makes it really easy to get the (correct) context and resolution steps for the specific issue.

Security and Best practices analyzer

Let's take the latest critical security vulnerability (VMSA-2021-002) as an example. This Runecast instance have found that a couple of vCenters in the environment is not patched for this

Issue details

The details lists a lot of information about the issue which is fetched from the VMware KB article directly.

The findings tab shows which instances the issue is present on, and lists applicable version information

Findings

Similar stuff get's reported for Best practice findings, like this one stating that 10 GbE is recommended for vSAN

Best practice details

Security wise we can enable monitoring around compliance with CIS Benchmarks, NIST, PCI DSS, HIPAA, DISA STIG, GDPR, BSI IT-Grundschutz, Cyber Essentials, ISO 27001, and vendor guidelines (i.e. VMware)

For Best practices there's currently solutions for VMware, AWS and Kubernetes.

Hardware compatibility analyzer

Another great feature of Runecast is the Hardware compatability analzying. This gives you for example the ability to run an analysis of your hosts and I/O devices against the VMware HCL before an upgrade.

To get a clean and to-the-point listing of hosts that are compatible with a specific ESXi version or not is exciting and something that can save quite some time

Compatible hardware

Incompatible hardware

Connections

Currently Runecast can be connected to VMware vCenter, AWS and Kubernetes. VMware wise it can also analyze Horizon as well as NSX-T, and there's an Early access/beta for connecting it to vCloud Director.

For many administrators I suspect the ability to get best practices and security advisories for your specific services is a great feature which can save both time and money, as well as a more secure environment.

Runecast also ships with an Enterprise Console which is a feature that can be enabled by the click of a button. With this you can hook up multiple Runecast instances in the same dashboard.

Installing

Normally in a product runthrough the installation part comes first, but with Runecast this is ridiculously simple so I kept it to the end. Follow the deployment guide and you should be up and running in minutes.

Back to the couple of products mentioned at the start of this post it's worth mentioning that Skyline Advisor being a cloud offering is something that doesn't fit for all customers. Runecast is deployed to your infrastructure and no data leaves your environment.

To be fair there is a couple of on-premises Skyline offerings. Skyline Health is incorporated in the vSphere client for vSphere and vSAN, and last year the Skyline Health Diagnostics tool was introduced. However this is a tool for reactively examine logs. For more info check https://blogs.vmware.com/vsphere/2020/09/introducing-vmware-skyline-health-diagnostic-tool.html

Summary

Runecast still is an exciting product and I hope I can make much more use of it in the future. I'm also planning to check out the AWS and Kubernetes features in more detail.

There's also a vRealize Orchestrator plugin which can be interesting to check out for automating findings, and of course, the REST API is something to investigate

This page was modified on March 24, 2021: Runecast post