AVI Load Balancer Service Mapping without Basic Authentication?

Rares Ifrim
Tera Contributor

As stated in the ServiceNow documentation about AVI Load Balancer Discovery, it says that a pre-requisite for Service Mapping is to have Basic Authentication enabled.

The security team forbids us of having Basic Authentication enabled on the AVI Controller, so at the moment we have a Serverless Discovery Schedule in place in order to use the AVI Load Balancer Session-based patter to discover the AVI Infrastructure.

Our question is the following: Is it possible to perform Service Mapping as well without Basic Authentication enabled? Similar to the Session-based Horizontal Discovery?

At the moment we were not able to get Service Mapping to work through Session-based Discovery as it returns an error stating that no valid credential could be found even though we have the AVI LB credential in place for Session-based discovery.

As extra information, the AVI LB Controller runs inside a container. When you first connect to the VIP of the AVI controller it gives you a login prompt where you just have to type "cli" and afterwards, the actual login prompt of the controller appears where you have to input the username/password.

I guess this might be a cause of the failed to found any valid credential error.

1 ACCEPTED SOLUTION

richardbrounste
ServiceNow Employee
ServiceNow Employee

If you want the AVI LB Controller in a Service Map, then it must be discovered and all the data populated in the CMDB.  This is done with a Horizontal Discovery.

During Service Mapping, then LB Controller pools and pool members are put into a data structure via a Service Mapping pre-task script and it is in the data from those pool members that the load balancer connections are made to the other nodes.

right now, ServiceNow's OOTB AVI LB Controller discovery uses REST API calls with basic authentication in order to discover the pool and pool member information and other details on the LB Controller.

So, if you want the AVI LB Controller in your service map and in the CMDB, you need basic authentication enabled.  The other option is to somehow import all the LB information into the tables or to write a new discovery pattern based on a different mechanism other than basic authentication.

View solution in original post

1 REPLY 1

richardbrounste
ServiceNow Employee
ServiceNow Employee

If you want the AVI LB Controller in a Service Map, then it must be discovered and all the data populated in the CMDB.  This is done with a Horizontal Discovery.

During Service Mapping, then LB Controller pools and pool members are put into a data structure via a Service Mapping pre-task script and it is in the data from those pool members that the load balancer connections are made to the other nodes.

right now, ServiceNow's OOTB AVI LB Controller discovery uses REST API calls with basic authentication in order to discover the pool and pool member information and other details on the LB Controller.

So, if you want the AVI LB Controller in your service map and in the CMDB, you need basic authentication enabled.  The other option is to somehow import all the LB information into the tables or to write a new discovery pattern based on a different mechanism other than basic authentication.