ServiceNow Cloud Management Certification-Orlando
runtime expressions
$(Stack.Items[network].attributes[object_id]) - this expression is evaluated at runtime. It returns the network name of the resource called Network in the Stack.Items - AWS name needed to configure another resource will not become available until the stack is executed
Definitional expressions
${parameter.CloudAccount} - evaluated before runtime returns the name of the cloud account selected from cmdb_ci_cmp_cloud_account list by the cloud account pool, resource pool
REST API return variables
1) 200 is success 2) 400 error client or 500 error server is failure
Azure Cloud products
1) Resource groups-management 2) virtual machines - virtualization 3) storage accounts - storage 3) virtual networks 4) network security groups - host based firewall 5) arm Templates 6) Azure active directory - identity and access management 7) microsoft insights -configuration management 8) subscriptions - billing
REST API components
1) Service - i.e. S3, EC2 2) method -REST verbs o perform CRUD operations - GET, POST, PUT, DELETE 3) endpoint - a url designated by cloud provider for api calls 4) header - mandatory or optional info required to setup API call between REST client and REST service 5) data-information exchanged by REST client and REST service typically JSON format 6) authentication - programmatic credentials to perform cloud tasks
Policy actions
1) enforce attribute settings 2) aborting the execution for an unapproved user 3) approvals 4) Custom workflows
Expressions used to
1) hold values for resource blocks that can be read and written 2) map input parameters in blueprints for resource block parameters 3) invoke set or override values in forms
Expression evaluated during stack execution
1) late binding during orchestration 2) allows access to values not know before orchestration - stack items, script include, conditional expressions, runtime expressions ( ), complex expressions formed by nesting expressions within expressions ( ( ) )
Endpoint operations
1) list of operations available for bound resource blocks i.e. attaching and detaching storage volume resource block from virtual server resource block
Naming new CAPI interface
1) name that reflects general function 2) suffix - Interface
Policy Action scripts
1) require Action script category to group similar scripts 2) customScripts function is only part to modify 3) two methods - userData, formData
Host Resource
1) resource block that guest resource block will run on 2) Host interface are the ports available on a server 3) Host resource block must have a guest interface that the resource block you are creating can connect to 4) virtual server resource block connects to Compute Guest interface of the AWS Datacenter Resource block. host interface of the virtual server resource block must also be the Compute interface
Blueprint composition
1) resource blocks and input values 2) operations i.e. provision is automatically broken down into steps and each step is associated with a resource block.
property override action
1) set or override value of parameters of operation 2) Action name must start with alpha character and no spaces 3) value to set is not a literal or calculated value or value only know at run-time - can use script
How cloud management works
1) setup credentials and cloud service accounts 2) compute profiles - Cloud admin -virtual hardware, OS profile setup 3) Blueprints - designing, configuring, publishing to define operating system 4) Cloud catalog items 5) Policy - stack approvals, naming conventions, configuration settings (security and compliance)
Resource Pool definition
1) static - does not change when items are selected from it 2) Diminishing - reduces items and useful for resources that can only be used once 3) Lookup table - table form which values are presented 4) Lookup field labels - ignored for scripted resource pool
Resource Block Cloud Management Object
1) ties CAPI operations and the CI class together 2) resource block executes CAPI operation. often utilizes response processor to write results of the operation to a CMDB CI 3) used to build a blueprint and blueprint will make new product\service available to end users via cloud catalog
Manage stack icon
1) toggle to stack operations view, 2) view dependency icon
Stack Lifecycle Management-Activities Window
1) track state of stake, request support, 2) Change requests & approvals, Incidents and Cloud events
Policy rule components
1) trigger - some function or user making a request to activate conditional logic 2) conditions - conditional logic to group membership or value of an atttibute 3) actions to perform
Resource Block
1) used to group CAPI operations for a particular type of Service. 2) Ties CAPI operations and CI class together- operations to a particular CI class 3) used to build a blueprint
createSnapshot() function
1) uses AWSCloudAPIBase class to create awsAPI object
Mid Server (java application on windows or linux)
1) uses port 80 or 443 (no inbound calls) 2) windows is required if running powershell scripts 3) ECC queue stores all messages between mid and servicenow instance 4) mid_server role 5) JRE installed separately 6) typically behind firewall (SSH, HTTPS, HTTP, ICMP enabled)
Software Deployment with Resource Blocks
1) Powershell scripts used to install software on Windows servers -Need windows MID server 2) shell scripts to install software on Linux 3) applications installed via a resource block are mapped to a CI class 4) fewer steps do not need to configure binding and endpoint mappings 5) hosted on a virtual server resource block
Rule actions
1) Reload 2) show 3) Hide 4) make mandatory 5) MakeNonMandatory 6) SetValue 7) SetValueByScript 8) TriggerChangeEvent 9) MakeReadOnly 10) MakeEditable
Cloud agnostic blueprints
1) Requires use of logical datacenter resource 2) property option - constraint that specifies what clouds blueprint can run on if used
Policy rule actions - on Task remediation
1) ServiceNow approval- manager or group approval 2) custom approval - returns approved or rejected as output
scripted resource pools components
1) execute resource pool filter script 2) call script include 3) run query with environment information 4) return results 5) return records 6) output records to pool
Response processor
1) format of data returned by Operations response (vendor documentation 2) data format required by CI class - CI class atributes 3) needs object_id not name
Cloud Admin portal
manage, design, govern, operate, analyze - cloud admin and system admin roles
Manage stack
need 1) Blueprint names 2) StackName
Runtime expressions
network - $(Stack.items[network].attributes[object_id]) at runtime the compute security group resources network attribute is mapped to the object id of the network attribute that is available in the executing blueprint. example is public IP address will not be available until stack is executed
Action -abort process
prevents user from launching a stack - can customize end user message for abort
Rest API error code 400
this is a client error
Policy Expressions
1) $(parameter.formData.BusinessService) - retrieves the value entered in the order form by the user 2) $(parameter.userData.userId) - captures the ID of the user filling out the form 3) $(randomNumber) - generates a 3 digit random number> It can be written next to another parameter to create a concatenated value
Budget configuration
1) group 2) budget period - weekly, monthly, quarterly, yearly 3) Group max limit-the max dollar amount the group should spend on cloud resources 4) per user limit - the max any member of the group should spend on cloud resources 5) alerting mechanism-will not prevent user or group from launching a stack
Cloud Operations dashboard
1) identify stack failures 2) placement and consumption of resources 3) Cloud Service Requests
Billing tags
1) internal created by cloud management app 2) ServiceNow tags created by Servicenow instance 3) user defined imported from Azure or AWS
AWS cloud formation templates (JSON, YAML)
text files in JSON no YAML ServiceNow support
Host Resource Block
the guest resource block may run on. Host interface similar to ports -SSH is port 22
AWSCloudAPIBase
this class uses AmazonWebServicesInvoker and inherits from CloudAPIBase. Only class required to write a REST API call to AWS. Class provides option of using an executeAction method, which is an AWS implementation of GET or the invoke method which provides all of the standard REST API verbs
Successful Rest API
Returns a code of 200
Policy rule actions - no approvals required
1) execute a script 2) Property override 3) abort process
CAPI extension
architect dependencies between CDMB, CAPI and the Resource block
endpoint operation mapping -attached to
use is reserved for special dependencies/operations required between two resources. connection between two attach points is a binding and it has properties. it also creates an additional step in blueprint
Cloud Management Resource Blocks
used to model cloud infrastructure required to deploy an application - i.e. lego blocks
Cloud management programmatically connected to target cloud provider
uses discovery to capture cloud resources and store them in CMDB and Cloud management tables- abstraction layer controls attributes display. Cloud admin manually map virtual hardware and OS to configure virtual machines
Cloud orchestration service
utilize CAPI to translate blueprint to provision stack. Code is passed to mid server to run API proxy probe against target cloud. Inbound ICMP traffic is required networking.
Resource Block operations
1) edit 2) new 3) Override - add functionality to existing operation without negatively impacting the the ability to upgrade Cloud management application
Cloud API - REST API
1) API calls are methods implemented as operations to programmatically create, configure, delete resources in the target cloud 2) resource block used to group and order the CAPI operations for a particular service 3) resource block mapps the operations to a particular CI class to ensure that the current state of the target cloud is accurately reflected.
Viewing launched stacks
1) All stacks discovered by ServiceNow (Cloud resources with ServiceNow tags) 2) Stacks with Issues 3) Discovered Stacks - stack found during discovery key name tag "ServiceNow Instance" 4) other categories automatically generated based on blueprint name of stack that is launched.
Cloud Admin - custom tag
1) Analyze>tag>tag management tab 2)must Sync Catalog item
blueprint - connecting resources
1) Attached to 2) deployed on point - most common
Azure credentials
1) Azure Service Principal - pay as you go subscription 2) Azure AE account- pay per enterprise each month
Policy rule approvals
1) Blue print provision approval - approval before provision stack based on blueprint 2) stack operation approval - operations such as stop, start stack3) stack resource operation approval - consume resources such as storage in blueprint
Cloud API components
1) CAPI providers collection of software products and cloud providers - used for billing 2) CAPI interface- framework to make rest api calls 3) CAPI API - implements the code required to make rest api calls to a product or cloud service
Root Cause analysis dashboard logs
1) Cloud API (CAPI) trail logs orchestration tasks related to cloud api calls 2) Cloud orchestration trail and Cloud root cause analysis search
CAPI interface naming
1) Cloud API interface is generic 2) name should explain function (create, list, delete, etc) 3) creating parameters - check vendor documentation and test with REST api client
definitional expressions (parameters)
1) Cloud account ($parameter.CloudAccount) - mapping the cloud account attribute of blueprint container to its cloud account parameter 2) OS profile $parameter.Virtual_Server_OSProfile 3) availability zone $parameter.Storage_Volume_AvailabilityZone - availability zone attribute of virtual server resource to availability zone of the storage volume resource
Troubleshooting - error from cloud provider
1) Cloud orchestration trail 2) look in CAPI provides info on transactions that traverse the mid-server first, then look in MID Server Logs 3) Mid server logs capture all communication between ServiceNow and cloud provider api endpoint- result of a malformed request or unavailable server can be found
IaaS cloud components
1) Compute and storage, 2) Management portals and API's 3) Monitoring and logging 4) Security and networking
Blueprint update set export
1) Dependent scripts are not included automatically and need to be explicitly selected for export 2) Metadata lists the exact order that update sets need to be imported into target instance 3) sn_cmp.cloud_service_designer required to export update sets
Cloud admin portal - add a field
1) Design>Blueprint>provision>deployment model tab 2) Sync catalog item adds to catalog item variable sets
Cloud Admin Portal - add tab
1) Design>cloud catalog item 2) variable set record name 3) tab must have variable field to show as a tab
Blueprint - Fixed values and boolean (parameters) - case sensitive
1) Device /dev/xvdf - mapping device attribute of storage volume to virtual server attach resource to a fixed value 2) DHCP enabled - True - mapping a DHCP enabled attribute of a subnet to boolean value of true
Resource Pools
1) Display a subset of records from a table 2) all of the records in a table
blueprint operations section
1) Display operation steps for inputs 2) Optimize plan will order steps in parallel to reduce deployment times
Blueprint designer - publish to catalog
1) Draft mode, checked in, and published to show up in catalog
AWS cloud products
1) EC2 (elastic cloud compute) - virtualization 2) EBS (elastic block storage) - storage 3) S3 - storage 4) VPC - networking 5) Cloud formation - AWS templates 6) IAM - identity and access management 7) SNS - simple notification services 8) config - configuration management
Stack Lifecycle Management-header & resources
1) Header -stack status, operation-stop, start, deprovision 2) resources window - green functioning, yellow resource is being modified, red resource failed, grey resource has been terminated
Resource profiles
1) OS profiles - operating systems that can be installed 2) compute profiles - virtual hardware (instance types) available to provision instances 3) application profiles- allow servicenow to use applications created by a continuous delivery tool like chef or ansible 4) schedule profiles - allow cloud admin to define operational times for virtual infrastructure 5) compute security group profiles - allows users who are deploying network stacks to create security groups to help secure their applications
Cloud management CI classes need
1) Object ID attribute for identification 2) required for CAPI extension 3) identification must take place to ensure uniqueness 4) CI's cannot be added from Cloud Management 5) all have dependency on logical data center CI 6) all have dependency on Cloud service account
CI types in CMDB
1) Physical entity - computer or virtual 2) logical entity - DB 3) conceptual - requisition service
Policy form
1) Policy group - group like policies together 2) Policy trigger - event that calls policy 3) Policy operation - applies to specific operations 4) start and end date when the policy can run 5) order of execution - no order it will run first 6) Rules - conditions and actions of the policy
Policy attributes
1) Policy trigger 2) Blueprint/catalog item/resource block 3) operation 4) moment-only shown when policy trigger is on a resource operation 5) start date 6) end date
Day 2 activities
1) Setup an additional cloud account 2) Add a datacenter to a cloud account 3) schedule discovery of all resources in a service account 4) schedule discovery of all resources in a datacenter 5) discover all resources in a data center on demand 6) discover all datacenters in a service account on-demand 7) set capacity limits on user requests for resources
blueprint operations steps
1) Steps and inputs values assigned by mapping field 2) uses regular expressions to allow for dynamic population of values - often returns sys_id for value being referenced
API Provider - Add new Product form
1) Switch from global scope to Cloud API scope 2) to add new product need new CI class 2) sn_capi_product table for cloud products
Cloud Script components
1) Template - Bash, Powershell, python script 2) Script - javascript code used by Cloud management to call and execute script contained in the template 3) Parameters - inputs or overrides used to configure the template
Quotas
1) VM count 2) vCPU count 3) storage volume size 4) Network count (VPCs)
application profile blueprint
1) WorkloadConfigProviderType - i.e. select configuration management tool chef, ansible 2) WorkloadConfigProvider - i.e. select a specific chef, ansible Tower server to connect to after provider type is chosen
Expression components
1) an expression when evaluated results in a value 2) combination of functions, identifiers, and values interpreted and evaluated to a value
application template -Cfg installables
1) ansible tower job templates 2) chef recipes
Layers to categorize resource blocks
1) application 2) platform 3) logical data center 4) virtual infrastructure 5) virtual workload
Response Processor
1) appropriate for cloud infrastructure 2) ITOM discovery may replace need for Response processors 3) consider using ITOM discovery to discover applications
Blueprint designer-Deployment model view
1) blueprint canvas 2) operations-displays lifecycle operations available for blueprint 3) resources
Policy Rule action - property (attribute value) override
1) blueprint provision trigger/catalog item launch trigger 2) controls order form data 3) replaces values with values or formatting dictated by Policy 4) Virtual Network property requires a sys id
update set content dependencies
1) blueprints (resource blocks, cloud APIs, MID scripts, resource pools, policies, script includes, cloud scripts) 2) cloud catalog items 3) resource blocks (resource pools, resource operation policies, script includes, cloud APIs, dependent resource blocks, MID scripts) 4) Cloud APIs (MID scripts
update sets move cloud management content - download icon cloud admin portal to export
1) blueprints 2) resource blocks 3) cloud APIs
Expressions used in
1) blueprints 2) resource blocks 3) policies 4) forms
application profile blueprint requires
1) bootstrap node operation -initialization of configuration management client 2) Register Node -register hostname/ip with the inventory of CMDB 3) executeConfigPackages installs software/configuration defined by chef recipe/ansible playbook
Execute a script - available using blueprint provision trigger or catalog item launch trigger
1) calls a policy action script to manipulate form data, or generate random numbers 2) userData cannot be overwritten with scripts, but is available to use. 3) cannot edit scripts in publish state
Cloud catalog item
1) catalog 2) source-cloud template 3) template type - ARM or CFT 4) picture - optional 5) validate template successfully 6) set catalog item to active
Azure two deployment models
1) classic 2) resource manager model
OS profile mapping to image template
1) cloud account 2) location (data center/AWS region) 3) image template
AWS cloud events
1) cloud admin portal>operate>Cloud activities 2) cloud activities>cloud events 3) stack has cloud activities/events 4) sent by AWS config Service
Cloud API components
1) cloud api provider 2) cloud api interface 3) cloud api api
Cloud capacity limits vs Quotas
1) cloud capacity are global limits on resources that apply to all users 2) quotas are resource limits that apply to groups and group members (users)
Resource Block binding
1) complimentary relationship of resource block. i.e. relationship between virtual machine resource block and storage volume resource block. Storage volume must be bound (mapped) to a virtual server
Azure setup
1) connect 2) profiles - compute, os for datacenters 3) Cloud alerts - alerts for azure to receive provisioning, de-provisioning, stop, and start notifications 4) Billing
policy object
1) container for policy rules 2) policy rule - trigger conditions - can have multiple policy rules 3) policy rule object is container for policy rules 4)
Schedule profiles
1) control when cloud resources are available 2) lease capability defines when stack terminates 3) Multiplier - Auto-populated value between 0 and 1: The fraction of time that a stack with this schedule is expected to be powered on
add a discovered virtual machine image
1) create or select a new OS profile 2) create OS profile mapping 3) select an image template 4) add Logon credentials for the image (valid AWS username)
Create Script Policy action
1) create policy action script-server side java script 2) create an execution step-policy rule action - not available if requires an approval 3) associate policy with policy action script
CAPI AWS requires
1) credentials - AWS secret key 2) Identity - AWS Access key id
Blueprint designer - Deployment Model
1) defines the connections and the relationships between resource blocks that make up stack
Resource Block - step operation type
1) invoke Cloud API - calls CAPI method from Mid-server script include 2) Invoke host resource operation - allows execution of an operation from a host interface that has been defined for the resource block 3) Invoke script - will execute a script 4) invoke workflow - will execute a workflow 5) resource block operation can have multiple steps
Approval policy - Cloud Governor levels
1) manager approval 2) group approval/assignment group only requires on person in group 3) individual approver/user
Cloud formation templates (CFT) AWS
1) mappings - allows AMI to be associated with the correct regions and hardware types 2) conditions - conditions control what parts of templates are executed
template components - generic
1) metadata - non AWS/Azure information specified by template author 2) resources - an object or service provided by a cloud provider 3) parameters - values use to configure resource attributes 4) outputs - values returned after template is successfully executed
Cloud accounts
1) must be published 2) can be made up of multiple cloud providers and vSphere servers 3) simplest is single datacenter(region)
Blueprint
1) native computing templating solution 2) defines relationship between resource blocks and input mappings to deploy application or cloud infrastructure 3) Blueprint container resource 4) datacenter resource
budget alert
1) notification threshold - percentage budget reached to send alert 2) notification type - alert, severe, warning
Policies on triggers
1) on Blueprint provision 2) on Blueprint provision approval -triggered before call to provision a resource- occurs when the provision workflow checks whether an approval step exits for the blueprint 3) on catalog launch 4) on catalog request end 5) on catalog item request start
Approval policy triggers
1) on blueprint provision approval 2) on stack operation approval 3) on stack resource operation approval 4) Custom approval form workflow editor
Policy triggers-2
1) on lease end 2)on resource operation - on request for an operation on the resource within a stock i.e. stopping a VM within the stack 3) on stack operation approval - approval of a non-provision operation 4) on Task remediation
Azure ARM templates
1) only written in JSON 2) functions - provide ARM templates with logic built in methods and user defined methods 3) variable - feature simplifies the process of resuing values throughout the template
user version billing Dashboards
1) organize by usage data, service category, provider, data center, tags 2) tagged resources all resources (blocks) consumed by users 3) consumed based on application, business service, cost center, project or any servicenow or cloud tag
UI events vs policy
1) policies not viewable by user - UI events are viewable 2) dynamically modify the form based on user choice - UI events 3) policy does not affect performance
Policy components
1) policy 2) policy rule 3) policy rule action
Policies are used to
1) pre-populate or hide form fields 2) complete or override request data 3) manage the approval of requests to provision or change cloud resources 4) generate notifications 5) ensure compliance and conformity 6) abort a process
Profiles
1) profile is the label and 2) template is the actual object in AWS 3) profile mappings connect the profile to the template
Policy rule actions - on resource operation
1) property override - set the value of a parameter of the operation 2) execute a script - operation parameters are available as inputs to the script 3) call cloud api - executes cloud API (CAPI)-output can be used to override parameters 4) IP address management - communicate with an external IPAM system and execute operations on it
Resource Pool filter types
1) query - defined by one or more operator, field, value records 2) script - defined by script that returns lookup value, display value pairs
Expression evaluated before stack executes
1) request submission early binding - before orchestration 2) values contained in CMDB, order form fields, resource blocks (blueprints), tables, resource pools, cloud scripts, random number 3) definitional expressions between { }
AWS billing
AWS billing reports/csv 2) S3 bucket to store billing reports 3) table sn_cmp_imp_aws_cost.list
Cloud data centers
AWS regions where infrastructure/application is located - must be associated with servicenow data center
Cloud Portal - Views button
Allows dashboard to be customized for different groups Cloud administrator, Root Administrator, System Administrator button displays option that allows the portal to display information for all users
Cloud Templates
Azure and ARM templates, AWS Cloud formation, Terraform
Continuous Delivery tools
Chef, Puppet, Ansible, Saltstack
RESTAPIException
Class is used for exception handling. AWSAPIException and AzureAPIException inherit from this class
Add Cloud catalog item to service Catalog from Admin portal
Cloud Admin portal->design cloud template->provision->click pencil icon->create new category with Title of Cloud Compute and catalog value of Service catalog. Save Category and edit its related list ot add the cloud catalog item
CloudRESTRequestSigningUtil
Cloud related signing utilities required for authorization. AmazonWebServicesRequest signer inherits from Cloud RESTRequestSigningUtil. Azure does not require this class because it is built into AzureAPIInvoker
Hybrid Cloud
Combine on-premise resources with off-premise cloud resources (AWS, Azure, Google)
IaaS - Compute and storage
Compute and Storage - virtual infrastructure that applications are deployed to. Most have an image repository for Linux and windows operating systems
SaaS Cloud
Consumer is not responsible for managing any software or hardware associated with the cloud platform. Only application configuration. ServiceNow is an example
IaaS
Consumer is responsible for creating the applicaiton and deploying and managing the virtual network, virtual servers, and the operating systems. Cloud provider provides services to provision core services and virtual machines. ServiceNow Cloud focuses on IaaS clouds
PaaS Cloud
Consumer must create the application, but do not have to manage operating systems, virtual hardware, virtual networking, or application specific services like database and identify management. Advantage is ability scale up or down quickly as required. Cloud Foundry is an example
Cloud Portal - Quota section
Four gauges indicate quota limits for user. Click view all to see comprehensive view of all user and group quotas
Code Repositories
GitHub, BitBucket,
IaaS - Security and Networking
Greatest requirement cloud users - Secure Shell (SSH Keys), host base firewalls, network ACL's, and identity management
Launch a stack>Compute>Ubuntu VM stack-AWS
Inputs 1) Virtual Server network VPC 2) Virtual Server SubnetID (blank until Virtual network is selected) 3) Virtual Server ComputeFirewallName - corresponds to the AWS security group (virtual Server subnetID blank until network is selected)
Auto Update AWS CI information
Integrate AWS Config with a Now Platform instance to receive near real-time Simple Notification Service (SNS) notifications from AWS. The AWS Config service can auto-update CI data in the CMDB whenever Cloud Provisioning and Governance or your AWS account makes a life-cycle state or configuration change to an Amazon resource. As a result, the CI data in the CMDB is updated without having to wait for Discovery to run
ServiceNow uses Java script version of Regex
Javascript version of regex
Cloud Portal-Launch a stack
Launches Cloud Service Catalog to show Cloud catalog templates
Cloud Portal - View Activities
Launches Cloud activities>requests page
Cloud Portal - Manage stacks
Launches Cloud stacks page
Cloud Portal - View Dashboard
Launches page for Billing and Tags
Cloud objects except AWS IAM roles dependent on
Logical Datacenter
VMware Private Cloud
Out of the box VMware Cloud Management
Test REST API with
Postman or Insomnia
Cloud images stored
cmdb_ci_os_template table
Cloud Resource
compute, storage, network, load balancers, security and other cloud related objects
Resource block
container that connects programmatic actions defined by cloud api to a CI class type in CMDB. Makes it possible to perform lifecycle operations (provision, manage, deprovision) against resource mapped to ci class. makes it possible to track consumption of cloud resources
Cloud account capacity limits
control consumption of virtual network, compute, storage resources. set to draft mode to modify capacity limits, schedule discovery, or add data centers
Cloud Management roles - event integration
sn_cmp.cloud_event_integration - provides access to the instance for external cloud event integration
Billing Dashboard
The billing dashboard provides Cloud management users with a visual way to quickly determine how they are consuming cloud resources. The dashboard allows users to determine the costs for stacks that they have provisioned by date, category, cloud provider, data center, user and tags
Billing dashboards
The billing dashboard provides Cloud management users with a visual way to quickly determine how they are consuming cloud resources. The dashboard allows users to determine the costs for stacks that they have provisioned by date, category, cloud provider, data center, user and tags
template (json or YAML)
Text documents 1) resources -cloud object 2) parameters - settings that are used and/or required to configure the various attributes of the resource
Cloud Management roles - Cloud Admin group
sn_cmp.cloud_group_admin - grants admin access to any group that you belong to
Cloud Management roles - Cloud Operator
sn_cmp.cloud_operator - monitors and troubleshoots the cloud management application
Cloud Management > Reports > Cost & Usage Reports.
The Cloud Management application displays a cost and usage overview report covering all providers. The report can be grouped or filtered by provider, category, or tag
Cloud Management roles - Cloud User
sn_cmp.cloud_service_user - requests and manages stacks and resources
Cloud Management roles - Cloud solution designer
sn_cmp.cloud_solution_designer - provides access to the cloud solution deployer
Rest API error code 500
This is a server error
Cloud Management roles - Governor
sn_cmp_.cloud_governor Monitors overall cloud usage and enforces compliance of the organizations rules, quotas, and policies, also manages tags and permissions to various objects
Cloud Management roles - Cloud administrator
sn_cmp_cloud_admin configures the cloud management application and sets up the cloud infrastructure
CAPI API version - new service
Use 1.1 when creating a new service. Default version is 1.0 and Cloud Management designed to support multiple versions of a cloud api for same service. Always use default javascript
Cloud templates - orlando release to replace blueprints
Use Cloud Management cloud templates to create catalog items, instead. Cloud templates enable you to ingest specification syntax from multiple cloud management system's in cloud catalog items to run your cloud deployment orchestration. You can ingest specifications from Azure Resource Manager (ARM), AWS CloudFormation (CFT), Google Deployment Manager (GDM) and Terraform. Cloud template technologies (IaC - Infrastructure as Code) are constantly updated by the cloud vendors - enabling you to specify the infrastructure environment with latest cloud vendor offerings.
Troubleshooting unresponsive stacks
Use sn_cmp_stack table to delete stacks that have become unresponsive
Data Center Resource
specifies the cloud provider that the blueprint will use. current are AWS, Azure, Google and vSphere. This is also a logical data center resource block for any supported cloud vendor
Launch a stack
stack has 2 names StackName and Virtual Server NodeName. 1)StackName is label for ServiceNow 2)Virtual Server is AWS/Azure instance VM
Schedule profile list
stack stop, start, deprovisioning Cloud admin creates schedules
CAPI itnterface before corresponding CAPI API
Yes, CAPI API must reference CAPI interface to automatically build the mappings required to map each operation to a method that will execute a REST API call
Single CAPI interface can be used to support similar services from other cloud providers
Yes- interface is not responsible for executing actual API call
Cloud events for AWS and AWS config
stored in S3 bucket, ServiceNow HTTPS SNS endpoint destination
Blueprint designer - Canvas
allows for the graphical construction of blueprints. Resources are dragged onto the canvas and connected
Stack Lifecycle Management-properties window
build date, AMI used to provision, AWS instance size, public IP, properties wind retrieves Windows server password provisioned in AWS
Policy rule conditions check properties of the operation
check attributes of 1) budget 2) request form 3) user objects
All Cloud CI's
child class of the virtual machine object parent class - 250 child classes and 690 attributes
AzureCloudAPIBase
class uses AzureAPIInvoker and inherits from CloudAPIBase. Only class required to write a REST API call to Azure. Utilizes InvokeRequest method to make REST API calls to Azure using the standard REST API verbs
Policy
defines user rights to deploy the stack and approvals, naming convention
Cloud objects - AWS IAM roles dependent on
dependency on Cloud Service Account
Blueprint - Cloud template
displays the YAML code for the blueprint on the canvas
Cloud API
executes on the mid server, runs over the common mid infrastructure ECC queue probes, but abstracted for ease of use
Cloud API Dashboard
graphical user interface with red and green for successful api calls
RITM ID tracks stack approvals - status
green, yellow -stack is launching, red failed, blue stack is waiting for approval
Resource Pools
groupings of a particular type of cloud resource (i.e. networks, image templates, security groups. Resources are either CI's in CMDB or records in a cloud management table. Typically populated during the cloud discovery process
End user Cloud Management portal
https://servicenow_instance.com/cloud_portal
SNS endpoint format for ServiceNow
https://username:pw@instancename/api/now/cloud_event
Policy Action scripts
support the manipulation and change of form parameters and provide access to user data
Stack Lease
lease date is assigned to all provisioned stacks. Notifications sent 1 day before lease end. On day of lease end stops stack and sends notification. 7 days later stack is terminated and final notification sent to stack owner
Cloud Portal - Pending requests
list of stacks that could not be launched due to errors. Click on pending request to provide details of failed stack in Cloud activities>requests
Cloud Portal - Stack Health
lists incidents raised by user and provides notification if stack becomes unavailable
IaaS - Monitoring and Logging
logging is an extension of billing to track all resources provisioned. logs are email and subscription based messaging services
Troubleshooting - script error
look in CAPI
Troubleshooting - User input error
look in sn_cmp_order table-list of orders and user input values
MID Server script include - CloudRestAPIInvoker
makes REST API call with Invoke functions: invokeGet, invokePost, - AmazonWebServiceAPIInvoker and AzureAPIInvoker inherit from CloudRestAPIInoker
Blueprint container resource
provides each stack with important settings (parameters) and metadata required to deploy and manage stack. automatically added to every blueprint. tags can be added to blueprint container
Cloud Portal - Current Month spend
provides user with costs of stacks they have launched
Cloud Portal - Budget section
provides user with visibility on used budget vs total budget
Field Validation using regular expressions
regular expressions regex string into Validation(Regex) field of the catalog property form of the form parameter and validation error wording
Remediation task created when stack fails to launch
remediation task generated for failure
Discovery, mapping process, and resource blocks are base elements (blueprint template)
required to configure a stack
Polices
rules and conditions to trigger approvals, kick off workflows, execute scripts, enforce standards and/or define configuration details for the stack
Cloud Management roles - Service Designer
service_designer - Creates blueprints, ARM and cloud formation templates, and catalog items
MID Server script include - CloudAPIBase
sets up session between mid server and cloud provider. defines headers, parameters and "this.parameter"
Cloud Portal - Recent stacks
shows last 4 to 5 stacks launched by user