This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Definitive process for integrating MicroFocus classic NNMi, NA, and OBM with containerized OPTIC platform products and importing ca signed cert to NA

I've spent quite a bit of time reviewing the integration between classic ITOM products and OPTIC containerized.  In the documentation index I couldn't find a product called OPTIC or OPTIC Datalake or ODL and it was assumed that in the current documentation that containerized NOM offering is the product suite and is inclusive of OPTIC as the container platform but I would like to be sure.

If you don't mind I have 2 questions.

1. Can classic NNMi and/or NA integrate with OPTIC products BVD, PT, and Vertica without installing having to install kubernetes? Classic and container product version 2021.11 and up. A few of the links I've visited that imply either classic cannot integration with containerized products and at least one that does state classic NNNMi and classic NA integration with OPTIC however quickly browsing at the documentation on that page it says there is a step for installing kubernetes on NNMi which the customer won't do.I would like to give a definitive answer as soon as possible. I'm leaving just a few of the links that led to this cnclusion and saved as pdf the documentation is even richer but not more clear.

2. In the 2022.05 container NOM documentation it give steps for importing the ca signed certificate to NOM. At the top of the page it states in bold blue letters "Import your custom ca certificate" but below that in small letters it says "or" follow the procedures below. It goes on to imply that the NA server will become the root ca server for the MicroFocus products and does not give instructions to generate a server certificate and key to generate a certificate request to deliver to the certificate team. Is the implication a matter of fact or is there documentation missing? I'm not aware of an enterprise customer who would allow a root ca server to reside on the monitoring server except maybe a test environment so I would like to be sure before I piece together a certificate request to deliver to the customer's certificate team. I don't have access to an environment to test the ca certificate generated by NA in a browser to see who the root authority is.

Thank you.

  • Suggested Answer

    Hello Kenneth,

    I'm sorry that you are encountering this challenge and confusion.

    I can understand it when it is not stated clearly is difficult to find an answer.

    Let me begin by stating that I am not a NNMi or a NOM engineer, but I do have experience with Classic and Containerized products from the OpsBridge area.

    OPTIC is an acronym that stands for Operations Platform for Transformation, Intelligence and Cloud.

    It used to be called the ITOM Platform but was rebranded to OPTIC.

    You can learn more about OPTIC on the following Blog:

    Here is also a general marketing page that provides some overview of information:

    The OPTIC Platform is what is considered Shared Resources by a number of ITOM products.  These Shared Resources include OPTIC Orchestration Engine (Ex. Operations Orchestration), OPTIC Discovery, CMDB & Service Topology (Ex. UCMDB, UD & CMS), OPTIC AI, ML and Analytics, OPTIC Data Lake and OPTIC Core Services (Ex. OPTIC Management Toolkit, formerly Container Delivery Foundation or CDF).

    OPTIC Data Lake is a Shared service that can be included with Data Center Automation (DCA), Network Operations Management (NOM), and Operations Bridge (OpsB).  It is not a standalone product.

    OPTIC Data Lake can only be installed on a Containerized environment that uses Kubernetes.  Kubernetes is an Orchestration software, created by Google, to manage container environments like Docker and ContainerD.  With later versions of our products, we are using ContainerD and not Docker.

    You can install DCA, NOM and/or OpsB with OPTIC Data Lake on AWS, Azure or On-Premise.  For On-Premise installations, you would install OPTIC Management Toolkit (OMT) first and then install the other product (DCA, NOM or OpsB) on top of it.  You can also install CMS, SMAX, HCMX and OO on top of OMT for On-Premise Installations.

    You do not install Kubernetes on your Classic Software installation.  You would install it within a separate environment and then integrate the Classic Software with it.

    The most common purpose for these integrations is for the use of Reporting.  Here are the documentation links that talk about integrating OPTIC Reporting with Classic NNMi, Classic NA and Classic OBM.  You have two of these within your list above.

    Integrate OPTIC Reporting with NNMi and Smart Plugins (SPIs)

    Integrate OPTIC Reporting with NA

    Integrate NOM with Operations Bridge Manager using Operations Agent

    I hope that this helps answer your first question.

    As for your second question, I cannot find the "Import your CA Certificate" section that you are referencing.

    I did find the following page that explains how to import CA Certificates for NOM.  However, that is not related to any integrations.

    Import CA Certificates

    in order to integrate any product with OPTIC DL, you need to import certificates so that communication between the products can use TLS 1.2.  As you know, this is a requirement.

    Within the information provided for the 'Integrate OPTIC Reporting with NA', I can see that it has two options described depending on if you are using a CA signed certificate or a Self-Signed certificate for NA.   It then steps you through the steps to exchange certificates between NOM and NA.

    NA Certificate added to NOM:

    It appears that importing the NA CA certificate into NOM only requires that you place the certificate within the $HOME/nom/ directory.  My guess is that the product will automatically import it and recognize it later.  This is feature/function it is done for some other products within the ITOM portfolio.

    NOM Certificate added to NA:

    Importing the NOM certificate into NA is a little more involved and appears to be the remaining steps.  NA pushes its data into OPTIC Data Lake for reporting purposes.

    I hope that this information is helpful and clarifies the situation.

    Thank you for your questions.


    Mark Butler