Administration

There are several administrative integrations built into Morpheus that make it great to work with within any organization ranging from small to large. Especially, with its built in white label support and multitenancy capabilities, managed service providers have a wide range of capabilities when it comes to managing customer accounts and users.

Tenants

Overview

The Tenants page displays a list of all Tenants. This page enables users to Create, Edit, and Delete Tenants. The list of Tenants displays the Tenant Name, Role, Total Instances, Total Users, and the Created Date.

Click the Tenant Name to drill into the Tenant View where you can again Edit, Delete, as well as Create Users, Edit Users, and Delete Users users belonging to the Tenant.

Create Tenants

To create Tenants

  1. Select the Administration link in the navigation bar.
  2. Select the Tenants link in the sub navigation bar.
  3. Click the Create Tenant button.
  4. From the New Tenant wizard input:
    • Name
    • Description (optional)
    • Base Role Primary role of the Tenant. All User roles within the Tenant cannot exceed the permission of this Role.
    • Limits Restricts the amount of Storage and Memory allocated to the Tenant
  5. Click the Save Changes button.

Edit Tenant

To edit a Tenant:

  1. Select the Administration link in the navigation bar.
  2. Select the Tenants link in the sub navigation bar.
  3. Click the Edit pencil icon on the row of the Tenant to edit.
  4. Edit the Edit Tenant settings.

Delete Tenant

To delete a Tenant:

  1. Select the Administration link in the navigation bar.
  2. Select the Tenants link in the sub navigation bar.
  3. Click the Delete trashcan icon on the row of the Tenant to delete.
  4. Confirm

Tenant Users

The Tenant View displays a list of users belonging to the Tenant and their Name, Username, Email, and Role.

From this page: Create, Edit, and Delete users within the Tenant.

Important

In versions 3.1.1 and 2.12.5 and later, a multi-tenant user role must be create prior to adding sub-tenant users or the user will not save. In previous versions a default multi-tenant role was seeded, but due to customer requests the seeded role was removed and a multi-tenant role must be created by the master tenant for sub-tenant users.

Create Tenant User

To create a Tenant User:

  1. Select the Administration link in the navigation bar.
  2. Select the Tenants link in the sub navigation bar.
  3. Click the Tenant Name on the row of the Tenant where the user will be added.
  4. Click the Create User button.
  5. From the New User wizard input the fields below
    • First Name of the user being created
    • Last Name of the user being created
    • Username used to login
    • Email address of the new user
    • Role to be inherited by the user
    • Password
    • Limits
      • Restricts the amount of Storage and Memory the user can provision.
    • Save Changes.

Important

In versions 3.1.1 and 2.12.5 and later, a multi-tenant user role must be create prior to adding sub-tenant users or the user will not save. In previous versions a default multi-tenant role was seeded, but due to customer requests the seeded role was removed and a multi-tenant role must be created by the master tenant for sub-tenant users.

Edit a Tenant User

To edit a User:

  1. Select the Administration link in the navigation bar.

  2. Select the Tenants link in the sub navigation bar.

  3. Click the Tenant Name on the row of the Tenant containing the user to be edited.

  4. Click the Edit pencil icon of the row of the to edit.

  5. Edit User information

    Note

    Name, Username, Passwords and e-mail addresses cannot be edited on Users created from Identity Source Integrations.

  6. Save Changes.

Delete Tenant User

To delete a Tenant User

  1. Select the Administration link in the navigation bar.
  2. Select the Tenants link in the sub navigation bar.
  3. Click the Tenant Name on the row of the Tenant containing the user.
  4. Click the Delete trashcan icon of the row of the user to delete.
  5. Confirm

Configuring Tenants and Resources for Multi-Tenancy

A very common scenario for Managed Service Providers is the need to provide access to resources on a customer by customer basis. Several administrative features are available in Morpheus to ensure customer resources are properly scoped and isolated. With its built multi-tenancy capabilities and white label support, managed service providers have a wide range of capabilities when it comes to managing customer Tenants and users.

Tenants

There are essentially two types of Tenants in Morpheus

  • Master Tenant
  • Sub Tenants

During the initial setup of a Morpheus Appliance, the Master Tenant is created. All Tenants created in addition to this Master Tenant are sub-Tenants. There can only be one Master Tenant, and sub-Tenants cannot become the Master Tenant. The delineation between the Master Tenant and sub-Tenants is important to understand for properly scoping resources across Tenants.

Creating Tenants

The Master Tenant is created during the initial appliance setup. Additional sub-Tenants can be created in the Administration -> Tenants section.

The Tenants page displays a list of all Tenants. This page enables users to: Create, Edit, and Delete Tenants. The list of Tenants displays the Tenant Name, Role, Total Instances, Total Users, and the Created Date. Click the Tenant Name to drill into the Tenant View where you can again Edit, Delete, as well as Create Users, Edit Users, and Delete Users users belonging to the Tenant.

Note

At least one Tenant in addition to the Master Tenant is required to scope resources across Tenants.

To create a new sub-Tenant

  1. Select the Administration link in the navigation bar.
  2. Select the Tenants link in the sub navigation bar.
  3. lick the Create Tenant button.
  4. From the New Tenant wizard input * Name * Description(optional) * Base Role- Primary role of the Tenant. All roles created within the Tenant must inherit this role as the base role. * Currency (for pricing) * Limits- These restrict the amount of Storage, Memory, and CPUs that can be collectively provisioned by all users in the Tenant. The default is 0 for these limits, which means no limits will be applied.
  5. Click the Save Changes button.
../_images/configuring_multi_tenancy-09a1e.png
Viewing Tenants

To View an individual Tenant page, select the Tenant name from the main Tenants section.

../_images/configuring_multi_tenancy-fa0d8.png

From inside this Tenant view, the Tenant settings can be edited, existing users can be viewed or edited, and new users for this Tenant can be created.

Tenant Users

To create a new user for an Tenant (Note: Users are specific to each Tenant. Users created in the Master Tenant or other sub-Tenants will only have access to the Tenant they are created in.)*

. Click the CREATE USER button . From the New User wizard input the fields below. * First Name of the user being created * Last Name of the user being created * Username used to login * Email address of the new user * Role to be inherited by the user * Password * Storage, Memory and CPU limits for this specific user, if any (0 is no limit)

. Click Save Changes.

../_images/configuring_multi_tenancy-e194d.png
Impersonate Tenant User

“Impersonate User” enables administrators to login as sub-Tenant users directly from the master Tenant.

To impersonate a user, you must be logged in as a user with the “Impersonate User” feature enabled in assigned role.

Navigate to Tenants, select an Tenant, and in the specific user ACTIONS drop down, select “Impersonate”

../_images/configuring_multi_tenancy-9583a.png

This will log you in as that user in their respective Tenant. To log out of the impersonate users Tenant, select the username in the top right, and then select “Quit Impersonating”

../_images/configuring_multi_tenancy-d229b.png

Resources

In the Master Tenant, resources can be configured with private or public visibility:

  • Private Visibility: Only available to the assigned Tenant.
  • Public Visibility (master Tenant only): Available across all Tenants

Resources in the Master Tenant can also be assigned directly to sub-Tenants. When a resource is assigned to a sub-Tenant, it is only available for that sub-Tenant, and its visibility is automatically set to private. Public Visibility is not an option for any resource assigned to or created in a sub-Tenant.

From the master Tenant, the following resources can be configured for public visibility across all Tenants, or assigned to individual sub-Tenants

  • Clouds
  • Hosts
  • Virtual Machines
  • Networks
  • Datastores
  • Resource Pools
  • Folders
  • Virtual Images
  • Library Instance Types
  • Pricing
  • Policies
  • Workflows
  • Roles

Note

Virtual Image Templates can also be made available to multiple select Tenants when set to private.

Cloud Visibility & Assignment

Edit Visibility of a Cloud

To set the Visibility of cloud to Public (shared across all Tenants) or Private (only available to the assigned Tenant):

  1. Navigate to Infrastructure, Clouds
  2. Select either the pencil/edit icon on the far right of the cloud row, or click the name of the cloud and select “Edit” in the top right of the cloud page.
  3. From the “Visibility” drop down, select either “Public” or “Private”
  4. Select “Save Changes” in the lower right of the Edit Cloud modal.
../_images/configuring_multi_tenancy-349e2.png

When a cloud is set to Public visibility, it is available to be added to sub Tenants. All sub-Tenants created after a master Tenant cloud is set to public will automatically have clouds with public visibility added, and a group will be created for each available cloud matching the cloud name in the new sub Tenant(s).

For Tenants created prior to a Master Tenant cloud being set to public visibility, the sub Tenant will have the option to add that cloud but it will not automatically be added.

While the cloud will be available for Sub-Tenants, the resources available in that cloud to the sub-Tenant(s) depends on the visibility or assignment of the individual resources.

Note

A sub-Tenant user must have sufficient role permissions/cloud access to add publicly available clouds. Master Tenant clouds settings cannot be edited from sub Tenants.

Assign a Cloud to an Tenant

Important

When assigning a Cloud to an Tenant, all resources for that Cloud will only be available to the assigned Tenant. If a cloud is created in the Master Tenant and assigned to a sub-Tenant, it will no longer be available for use by the Master Tenant or any other sub-Tenants, although it can be assigned back to the Master Tenant, or to another sub-Tenant.

It may be preferable for service providers to share or assign their cloud resources, such as specific hosts, networks, resources pools and datastores, across sub-Tenants, rather than an entire cloud.

To assign a cloud from the Master Tenant to a Sub-Tenant

  1. Navigate to Infrastructure, Clouds
  2. Select either the pencil/edit icon on the far right of the cloud row, or click the name of the cloud and select “Edit” in the top right of the cloud page.
  3. From the “Tenant” drop down, select the Tenant to assign the cloud to. The visibility will automatically be set to “Private” when a cloud is assigned to a sub-Tenant.
  4. Select “Save Changes” in the lower right of the Edit Cloud modal.
../_images/configuring_multi_tenancy-c907d.png

When a cloud is assigned to a sub-Tenant, or assigned to the Master Tenant with private visibility, that cloud and all of its resources are only available to the assigned Tenant. The Master Tenant still maintains control and visibility, and can edit the cloud settings or re-assign the cloud.

Individual Resource Visibility & Assignment

Similar to clouds, individual resources from the Master Tenant can be set to public and available to sub-Tenants, or assigned to sub-Tenants.

By default, any host, virtual machine, bare metal server, network, resource pool, datastore or template added, created or inventoried by an Tenant is assigned to that Tenant. If these resources are in the Master Tenant, they can be assigned to sub Tenants. Assigning one of these resources will make it unavailable to the Master Tenant, but it will still be visible and editable by the Master Tenant. This allows Master Tenant resources to be isolated for use by sub-Tenants while still under the control of the Master Tenant.

Resources assigned to sub-Tenants from the Master Tenant will be visible and available for use by that sub-Tenant, however they cannot be edited or re-assigned by the sub-tenant.

Set the Visibility of a Host, Virtual Machine or Bare metal Server to Public or Private

  1. From the Master Tenant, navigate to Infrastructure, Hosts
  2. Select either the Hosts, Virtual Machines or Bare Metal tab
  3. Click the name of the resource
  4. Select “Edit” in the top right of the resource page to bring up the config modal.
  5. From the “Visibility” drop down, select either “Public” or “Private”
  6. Select “Save Changes” in the lower right of the modal
../_images/configuring_multi_tenancy-d738d.png

Assigning a Host, Virtual Machine, or Bare Metal server to an Tenant

  1. From the Master Tenant, navigate to Infrastructure, Hosts
  2. Select either the Hosts, Virtual Machines or Bare Metal tab
  3. Click the name of the resource
  4. From the “Actions” dropdown in the top right of the resource page, select Assign Tenant
  5. In the Assign Tenant modal, select the Tenant to assign the resource to.
  6. Select “Execute” in the lower right of the modal
../_images/configuring_multi_tenancy-3c39f.png

The resource will now be assigned and available for use by the assigned Tenant. If assigned to a sub-Tenant, the Master Tenant will maintain visibility and control.

Set the Visibility of a Network to Public or Private

  1. From the Master Tenant, navigate to Infrastructure, Network
  2. Select either the pencil/edit icon on the far right of the network row, or click the name of the network and select “Edit” in the top right of the network page.
  3. From the “Visibility” drop down, select either “Public” or “Private”
  4. Select “Save Changes” in the lower right of the modal
../_images/configuring_multi_tenancy-bc333.png

Assign a Network to an Tenant

  1. From the Master Tenant, navigate to Infrastructure, Network
  2. Select either the pencil/edit icon on the far right of the network row, or click the name of the network and select “Edit” in the top right of the network page.
  3. From the “Tenant” drop down, select an Tenant to assign the network to.
  4. Select “Save Changes” in the lower right of the modal
../_images/configuring_multi_tenancy-9f15c.png

The Network will now be assigned and available for use by the assigned Tenant. If assigned to a sub-Tenant, the Master Tenant will maintain visibility and control.

Set the Visibility or assign a datastore to an Tenant

  1. From the Master Tenant, navigate to Infrastructure, Storage

  2. Select the “Data Stores” tab

  3. Select Edit from the “Actions” dropdown on the far right of the datastores row

  4. From the “Visibility” drop down, select either “Public” or “Private”

  5. From the “Tenant” drop down, select the Tenant to assign the datastore to.

    Note

    If assigned to a sub-tenant, the visibility will be automatically set to private.

  6. Select “Save Changes” in the lower right of the modal

../_images/configuring_multi_tenancy-1e978.png

Set the Visibility or assign a Virtual Image to an Tenant

  1. From the Master Tenant, navigate to Provisioning, Virtual Images

  2. Select Edit from the “Actions” dropdown on the far right of the Virtual Images row

  3. From the “Visibility” drop down, select either “Public” or “Private”. Public will share the

  4. From the “Tenant” field, start typing the name of the Tenant to assign the Virtual Image to. Matching Tenants will populate, then select the Tenant to add.

    Note

    Virtual Images can be set to Private, but accessible to more that one Tenant

#. Repeat step 4 for all Tenants requiring access to the virtual image. .. To remove access for an Tenant, click the “x” next to the Tenant name #. Select “Save Changes” in the lower right of the modal

../_images/configuring_multi_tenancy-d9abe.png

The Virtual Image will now be available for use by the assigned Tenants.

Identity Sources

Administration -> Tenants -> Select Tenant -> Identity Sources

Overview

There are several built in single sign-on integrations included with Morpheus . These can be configured via the Identity Sources button in Admin -> Accounts. These integrations include linking capabilities with LDAP, Active Directory, Okta, and Jump Cloud. One can even map these sign on tools to equivalent roles in Morpheus so at first log in users are assigned the appropriate role.

Active Directory

Overview

Active Directory is Microsoft’s primary authentication service widely used in Enterprise organizations and even via Microsoft’s cloud services. While Active Directory also supports LDAP protocol support (which Morpheus can integrate with as well), the main Active Directory integration can also be utilized. It is even possible to map Active Directory groups to equivalent Roles within Morpheus .

Note

To use Active Directory, a valid / trusted SSL certificate must be in place on the Active Directory services (self signed will not work).

Adding an Active Directory Integration

  1. Navigate to Administration -> Tenants

  2. Select a Tenant

  3. Select IDENTITY SOURCES

  4. Select + IDENTITY SOURCE

  5. Choose “Active Directory”

  6. Populate the following:

    Name

    Unique name for authentication type.

    AD Server

    Hostname or IP address of AD Server.

    Domain

    Domain name of AD Domain.

    Binding Username

    Service account username for bind user.

    Binding Password

    Password for bind service account.

    Required Group

    The AD group users must be in to have access (optional)

    Default Role

    The default role a user is assigned if no group is listed under AD user that maps under Role Mappings section.

    Service Account Holder

    This is the admin account type in Morpheus and an AD group can be created and populated to a user that this role should be assigned. Roles are assigned dynamically based on group membership.

  7. Select SAVE CHANGES.

Now allowed AD users can login to Morpheus via their Active Directory credentials and a User will be automatically generated to Morpheus with matching metadata and mapped Role permissions.

Note

Only the username is required with password, not the username@domain.

Note

Sub-tenant Morpheus API authentication for Active Directory generated users is not currently supported.

T

OneLogin

Adding OneLogin Identity Source Integration

  1. Navigate to Administration -> Tenants

  2. Select the Tenant to add the Identity Source Integration

  3. Select IDENTITY SOURCES

  4. Select + IDENTITY SOURCE

  5. Enter the following:

    TYPE

    OneLogin

    NAME

    Name of the Identity Source Integration in Morpheus

    DESCRIPTION

    Optional Description of the Identiry Source

    ONELOGIN SUBDOMAIN
    example: morpheus-dev

    Warning

    Please verify the subdomain carefully. An invalid subdomain will cause authentication attempts by OneLogin users to fail.

    ONELOGIN REGION

    Speciify US or EU region

    API CLIENT SECRET

    OneLogin API Client Secret from the Settings - API section in OneLogin portal

    API CLIENT ID

    OneLogin API Client ID from the Settings - API section in OneLogin portal

    REQUIRED ROLE

    Enter a role if OneLogin users logging into morpheus must have at least this OneLogin role to gain access to Morpheus.

    DEFAULT ROLE

    The default Morpheus Role applied to users created from OneLogin Integration if no other role mapping is specified below

    ROLE MAPPINGS

    Existing Morpheus Roles will be listed with fileds to enter OneLogin Roles to map to. Users with OneLogin roles matching the role mappings will be assigned the approprie Role(s) in Morpheus when sigining in.

  6. Select SAVE CHANGES and the OneLogin Integraitnn will be added.

Users can now login to Morpheus with OneLogin credentials. The first Login will create a user in Morpheus matching the Username, email and Password from OneLogin. If a REQUIRED ROLE is specified in the Identiry Source settings, only users with that Role in OneLogin will be able to login to Morpheus.

Important

OneLogin users will not authenticate in Morpheus if there is an existing Morpheus User with matching username or email address.

Plans & Pricing

Overview

The Plans & Pricing page displays a list of all of your available service plans. From the service plans page you will be able to Create, Edit, and Delete service plans, as well as review basic plan details. The list of plans displayed on this page displays planName, Description, Instances Layout, Memory, Storage, and Cost, as well as an action column to edit and delete. A default set of Service Plans are created in Morpheus . They provide a means to set predefined tiers on memory, storage, cores, and cpu. Price tables can also be applied to these so estimated cost per virtual machine can be tracked as well as pricing for customers.

Create Service Plan

To create service plan

  1. Select the Administration link in the navigation bar.
  2. Select the Plans & Pricing link in the sub navigation bar.
  3. Click the Create Service Plan button.
  4. From the New Service Plan wizard, input:
    • Name
    • Code used as a unique identifier in the API and CLI.
    • Storage size in megabytes.
    • Memory size in megabytes.
    • Cost is internal cost of plan.
    • Price is what the service offering will be priced at.
    • Instance Types that will be associated with this plan.
    • Click the Save Changes button to save.

Edit Service Plan

By default, these options are fixed sizes but can be configured for dynamic sizing. A service plan can be configured to allow a custom user entry for memory, storage, or cpu. To configure this, simply edit an existing Service Plan. These all can be easily managed from the Admin -> Service Plans section.

To edit service plan:

  1. Select the Administration link in the navigation bar.
  2. Select the Plans & Pricing link in the sub navigation bar.
  3. Click the Edit pencil icon on the row of the plan to edit.
  4. Edit the following Edit Service Plan.
  5. Click the Save Changes button to save.

Delete Service Plan

To delete service plan

  1. Select the Administration link in the navigation bar.
  2. Select the Plans & Pricing link in the sub navigation bar.
  3. Click the Delete trashcan icon on the row of the# plan to delete.
  4. Confirm

Roles

Role Management Overview

Within Morpheus is a wide array of role based access control capabilities. These roles can be managed within the Admin -> Roles section of the morpheus UI as well as through the API or CLI. They are designed to be robust enough to fit within a wide array of enterprise and managed service provider scenarios so they can be a bit hard to grasp at first, but should make sense once a few simple concepts are explained. There are two types of roles within Morpheus called Tenant and User based roles. Both sets of roles allow restrictions to be imposed on a user at the feature access level. Entire sections within the appliance UI can be hidden based on the specified access levels for features within morpheus. Features have different access scopes that can be selected from and can range depending on the specific feature. The most common scope set involves none, read, and full. Instance Type access is also common among both role types which allow the administrator to restrict which service catalog items they are allowed to provision within Morpheus .

There are several handy tricks for creating new roles within morpheus and users can be assigned more than one role. When a user is assigned more than one role, permissions are granted by the role with the highest level of scope access. This allows roles to be built with small subsets of features and combined to grant different individuals relevant permission control.

Note

Feature access control not only applies to the Morpheus UI but also applies to the public developer API. It is sometimes necessary to logout and back in for changes to a users feature access level to be respected.

Role Types

Tenant Roles

A Tenant based role (formerly called an Account based role) is used to ensure access control enforcement across an entire tenant with many sub-users. This allows the subtenant to manage their own set of internal user based roles without worrying master tenant involvement in setting them up. The master tenant is the only tenant able to create and manage these types of roles. When editing a Tenant, a singular tenant role can be assigned to the account. Users within the tenant can be assigned roles but those user based roles will never be able to supersede the level of access granted by the tenant role. This allows a super administrator the ability to restrict access at the department or organization level without having to worry about per user access control within said tenant.

Tenant roles also have an additional section not in User based roles related to Cloud Access. Cloud Access allows the master tenant the ability to assign cloud integration resources to specific subtenants or groups of subtenants. An example would be granting access to a specific VMware cluster only to a subset of tenants using the tenant based role control.

User Roles

User roles can be created by any tenant given permission at the tenant role level. These allow tenants to manage their own sets of users and their levels of access. They also allow tenants to control which users have access to specific “Groups” for provisioning into within morpheus. Groups are not cross tenant and therefore need to be controlled within the individual tenant in Morpheus .

Master tenants are able to create a special type of user role called a multi-tenant user role. A multi-tenant user role is copied / duplicated down to all subtenants within morpheus. These can be viewed as pre-canned role templates available to new tenants when their account is first created. Any changes made to the main role are propagated down to the subtenants version of the shared role so long as the subtenant has not previously adjusted/changed that role. The moment a subtenant makes adjustments to the shared role within their account, it is unlinked from the parent role and treated entirely independently.

Another note about user roles is that when a user role is copied down to a subtenant, the permission scopes cannot supersede the tenants assigned tenant role. If they do they are automatically downgraded when propagated to the specific tenant. Any changes made to the tenant role will automatically ensure roles within the tenant are downgraded appropriately.

Roles and Identity Sources

It is very common for large enterprises to have an existing identity source that they would like to plugin to morpheus for authentication. This includes services like LDAP, Active Directory, OKTA, Jump Cloud, One Login, and SAML. When using these services it becomes important to configure a role mapping between the morpheus role assignments to the equivalent identity source groups/roles the user belongs to. This is configurable within the identity source management UI. Sections are provided allowing things like LDAP groups to be directly mapped to specific roles within morpheus. If a user matches more than one LDAP/role group then both sets of roles are applied to the user automatically. Configuring Identity Sources is done in Tenant management found in Admin -> Tenants, and has to be configured on a per tenant basis.

Resource Limits

While it is possible to restrict usages by roles assigned to a tenant or role with max memory utilizations and max storage utilizations, it is preferred to now control this at the Policy level within a group or cloud. Morpheus provides a large swatch of policy types that can be assigned globally or to specific tenants both globally, and per cloud/group entity.

Users

Users

Overview

The Users page displays a list of all users. From the users page: Create, Edit, and Delete users. The list of users displayed on this page displays Account, Name, Username, Email, and Role.

Note

Some User data from Users created via an Identity Source Integration such as Active Directory is not editable in Morpheus, as it is synced with the Identity Source.

Create User

To create a User:

  1. Select the Administration link in the navigation bar.

  2. Select the Users link in the sub navigation bar.

  3. Select + CREATE USER.

  4. From the New User Wizard input

    Username & Email
    • First Name
    • Last Name
    • Username
    • Email address
    Receive Notifications

    Enable to receive Provisioning and Policy email notifications.

    Roles

    Role(s) to be inherited by the user. If multiple roles are selected, the higher permission levels of one role will override the other role(s).

    Password

    Password must contain at least one uppercase letter, one lowercase letter, a number, and a symbol.

    LINUX SETTINGS

    Creates a User with the supplied Username, Password and/or Key-pair on Linux Instances when “Create my User” is selected during provisioning, or a User Group is added to an Instance of which this Morpheus user is a member of.

    WINDOWS SETTINGS

    Creates a User with the supplied Username, Password and/or Key-pair on Windows Instances when “Create my User” is selected during provisioning, or a User Group is added to an Instance of which this Morpheus user is a member of.

    Important

    Please ensure password entered is allowable by Windows.

    Limits

    Combined Instance Resource Limits for the User. When a limit is reached, the User will not be able to provision more Instances

    • STORAGE
      • Total amount of Storage the user can Provision, set in GiB. 0.0 is unlimited.
    • MEMORY
      • Total amount of RAM the user can Provision, set in MiB. 0.0 is unlimited.
    • CPU COUNT
      • Total combined Cores the user can Provision. 0 is unlimited.
  5. Select SAVE CHANGES.

Edit User

To edit a User:

  1. Select the Administration link in the navigation bar.
  2. Select the Users link in the sub navigation bar.
  3. Click ACTIONS on the row of the user to edit.
  4. Select EDIT in the ACTIONS dropdown.
  5. Make changes.
  6. Select SAVE CHANGES.

Delete User

To delete a User:

  1. Select the Administration link in the navigation bar.
  2. Select the Users link in the sub navigation bar.
  3. Select ACTIONS on the row of the user to edit.
  4. Select REMOVE in the ACTIONS dropdown.
  5. Confirm

User Groups

Overview

User Groups can be selected during provisioning to add each group members credentials to the Instance. User Groups can be configured for sudo access and in Linux will assign Group members to a groupId in linux.

Creating User Groups

  1. Navigate to Administration -> Users

  2. Select the USER GROUPS tab.

  3. Select + CREATE USER GROUP.

  4. Enter the following:

    NAME

    Name of the User Group

    DESCRIPTION

    Optional User Group Description

    SERVER GROUP

    Name of the groupId to assign Group members to in linux.

    SUDO ACCESS

    Enable to give Group members sudo access

    USERS

    Search for and select existing Users to add to the User Group.

  5. Select SAVE CHANGES.

Editing User Groups

  1. Navigate to Administration -> Users
  2. Select the USER GROUPS tab.
  3. Select the ACTIONS dropdown next to the target User Group.
  4. Select EDIT
  5. Make changes, add or remove users from the group.
  6. Select SAVE CHANGES.

Adding a User Group when Provisioning

  1. When provisioning, in the CONFIG section expand the USER section.
  2. Select an existing Group from the USER GROUP dropdown.
  3. Users will be created for members in the selected User Group on the provisioned Instance(s).

Integrations

Administration -> Integrations

Ansible

Overview

Morpheus appliance supports Ansible integration for configuration management. Morpheus accomplishes this by integrating with an existing repository of playbooks as the master in a master-slave Ansible architecture.

To get started the only requirement is an existing repository for playbooks in a very simple structure.

Add Ansible Integration

  1. Navigate to Administration -> Integrations and select + New Integration
  2. Select Integration Type “Ansible”
  3. Populate the following fields:
    • Name: Name of the Ansible Integration in Morpheus
    • Enabled: Enabled by default Ansible Git URL:: https or git url format of the Ansible Git repo to use
    • Keypair: For private Git repos, a keypair must be added to Morpheus and the public key added to the git account.
    • Playbooks Path: Path of the Playbooks relative to the Git url.
    • Roles Path: Path of the Roles relative to the Git url.
    • Group Variable Path: Path of the Group Variables relative to the Git url.
    • Host Variables Path: Path of the Host Variables relative to the Git url.
  4. Save Changes

Once you have completed this section and saved your changes you can set up a Cloud or Group to utilize this integration.

Scope Ansible Integration to a Cloud

  1. Navigate to Infrastructure -> Clouds
  2. Edit the target Cloud
  3. Expand the Advanced Options section
  4. In the Config Managment dropdown, select the Ansible Integration.
  5. Save Changes

Once an Ansible integration is added to a Cloud, a new “ANSIBLE” tab will appear on the Cloud details page, populated with the Ansible integrations Playbook and Roles, as well as an editable Inventory list.

Scope Ansible Integration to a Group

  1. Navigate to Infrastructure -> Groups
  2. Edit the target Group
  3. Expand the Advanced Options section
  4. In the Config Managment dropdown, select the Ansible Integration.
  5. Save Changes

Once an Ansible integration is added to a Group, a new “ANSIBLE” tab will appear on the Group details page, populated with the Ansible integrations Playbook and Roles, as well as an editable Inventory list.

Provisioning Options

When provisioning Instances into a Cloud or Group with a Ansible Integration added, an Ansible section will appear in the Config section of the provisioning wizard. By default, Ansible is enabled, but can be disabled by expanding the Ansible section and unchecking Enable Ansible.

Ansible Integration Provisioning options:

Enable Ansible
Select to bootstrap
Ansible Group
Ansible Inventory Group. Use existing group or enter a new group name to create a new group. Leaving this field blank will place instance in the “unassigned” inventory group.
Playbook
Playbook(s) to run. The .yml extension is optional.

Running Playbooks

Playbooks can also be ran on all inventory groups, individual groups, or added as a task and ran with workflows.

To run ansible on all or a single inventory group, in the Ansible tab of the Morpheus Group page, select the Actions dropdown and click Run.

In the Run Ansible modal, you can then select all or an individual group, and then all or a single Playbook, as well as add custom tags.

Playbook’s can also be added as tasks to workflows in the Provisioning -> Automation section, and then selected in the Automation pane during provisioning of new instances, when creating app templates, or ran on existing instances using the Actions -> Run Workflow on the Instance or Host pages.

Chef

Overview

Morpheus can integrate with one or multiple chef servers to be used for bootstrapping wile provisioning or as tasks in workflows in the Automation section. These workflows can then be ran during provisioning in the provisioning wizard Automation pane, or on an exiting instance by selecting Actions- Run Workflow. Workflows can also be added to instances in the template and app sections.

Add Chef Integration

  1. Navigate to Administration -> Integrations and select + New Integration
  2. Select Integration Type “Chef”
  3. Populate the following fields:
    • Name: Name of the Chef Integration in Morpheus
    • Chef Endpoint: url of chef server api endpoint in https://api.example.com format. Do not add /organization/xxxx here, which is populated in the Chef Organization field
    • Chef Version: 12.3.0 by default, can be changed to use a different/more recent version of chef
    • Chef Organization: Chef Server Organization
    • Chef User: Chef Server User
    • User Private Key: The private key of the user with access to this chef server
    • Organization Validator: Validator key for the organization
  4. Save Changes

The added Chef Integration is now available for use in Morpheus . The Chef Integration can be added to Clouds or Groups to auto-bootstrap nodes and specify Environment, Node ID, Runlist, Attributes and Tags when creating instances. The Chef integration can also be selected in the Chef Server dropdown when creating a Chef Bootstrap type task.

Scope Chef Integration to a Cloud

  1. Navigate to Infrastructure -> Clouds
  2. Edit the target Cloud
  3. Expand the Advanced Options section
  4. In the Config Managment dropdown, select the Chef Integration.
  5. Save Changes

Scope Chef Integration to a Group

  1. Navigate to Infrastructure -> Groups
  2. Edit the target Group
  3. Expand the Advanced Options section
  4. In the Config Managment dropdown, select the Chef Integration.
  5. Save Changes

Provisioning Options

When provisioning Instances into a Cloud or Group with a Chef Integration added, a Chef section will appear in the Config section of the provisioning wizard. By default, Chef is enabled, but can be disabled by expanding the Chef section and unchecking Enable Chef.

Chef Integration Provisioning options:

Enable Chef
Select to bootstrap
Chef Environment
Populate Chef environment, or leave as _default
Chef Node ID
Defaults to instance name, configurable.
Chef Runlist
Add Runlist
CHEF ATTRIBUTES
Add Chef Attributes
CHEF TAGS
Add Chef tags

Consul

Morpheus can integrate with Consul to automatically install the Consul Agent in Client Mode on Instances and configure communication with the Consul host.

Add Consul Integration

  1. Navigate to Administration -> Integrations and select + New Integration

  2. Select Integration Type Consul Service Registry

  3. Populate the following fields:

    Name

    Name of the Consul Integration in Morpheus

    Enabled

    Enabled by default

    Consul Host

    IP or Url of the Consul Host

    Consul Http Port

    Http port of the Consul Host

    Username

    Consul Host User

    Password

    Consul Host User Password

    Datacenter ID

    Validator key for the organization

  4. Save Changes

The added Consul Integration is now available for use in Morpheus , but must be scoped to a Cloud or Group to automatically install the Consul Agent while provisioning.

Scope Consul Integration to a Cloud

  1. Navigate to Infrastructure -> Clouds
  2. Edit the target Cloud
  3. Expand the Advanced Options section
  4. In the Service Registry dropdown, select the Consul Integration.
  5. Save Changes

Scope Consul Integration to a Group

  1. Navigate to Infrastructure -> Groups
  2. Edit the target Group
  3. Expand the Advanced Options section
  4. In the Service Registry dropdown, select the Consul Integration.
  5. Save Changes

And that’s it. After your integration is set up, all containers deployed within the Group or Cloud integrated will provision with the Consul Agent in Client Mode, gossiping to your Consul Server!

Docker Registry

Overview

Without any additional configuration Morpheus can provision images from Docker’s public hub at https://hub.docker.com/ using their public api at https://index.docker.io/v1/

However, many organizations maintain private Docker registries for security measures. Additional public and private Docker registries can be added to Morpheus.

Adding a Docker Registry Integration

  1. Navigate to Administration -> Integrations

  2. Click “New Integration”

  3. Select the Docker Repository Type

  4. Add the following:

    Name

    Name for the Registry in Morpheus

    Repository url

    Docker Registry url or IP address

    Username

    Username if private registry

    Password

    Password if private registry

  5. Save Changes

Note

You must either have signed certificates for your registry or configure your docker host(s) to accept insecure registries

Provisioning an Instance from Docker Registry

Docker images from the Integrated Registry can be provisioned using the generic Docker Instance Type, or by adding images to Node Types for custom Library Instance Types.

//add provisioning info and creating docker node types

Infoblox

Morpheus can integrate with Infoblox for IP address assignment. To add a Infoblox integration into Morpheus :

  1. Add Infoblox as a Network Service integration
  2. Add Infoblox IP Pool(s) to your network(s)
  3. Configure your cloud(s) domain
  4. When provisioning, select Network with Infoblox pool added

Add Infoblox as a Network Service Integration

  1. Navigate to Infrastructure -> Networks and select the Services tab

    ../_images/infoblox-adb0f.png
  2. In the Services tab, select +ADD SERVICE, select Infoblox, and provide the following:

    ../_images/infoblox-b991b.png
  3. Save Changes and your Infoblox networks will be populated and available in the Network -> IP Pools section of Morpheus .

Next we will need to add an Infoblox Network pool to a network in order to use the pool(s) during provisioning.

../_images/infoblox-2867a.png

Add Infoblox IP Pool(s) to your network(s)

  1. Navigate to In Infrastructure - Networks, and in the Networks tab:
  2. Find and edit the network you want to assign an Infoblox pool to.
  3. For static IP assignment, Populate the Gateway, DNS, and CIDR info for the network, and deselect DHCP server.
  4. In the NETWORK POOL drop down, select the Infoblox network to assign IPs from.
  5. Save Changes
../_images/infoblox-93281.png

Configure your cloud(s) domain

The domain entered in you cloud(s) settings needs to match an Infoblox zone. To add a domain to your cloud(s)

  1. Under Infrastructure - Clouds, edit your cloud settings
  2. In the domain field, enter your domain
  • In v2.9.x and prior, the domain field is at the top of the Cloud Config modal. .. image:: /images/administration/infoblox-ebde8.png
  • In v2.10, the domain field is under Advanced Settings in the Cloud Config modal. .. image:: /images/administration/infoblox-976bd.png
  • In v2.10.1 and later, a Domains section has been added in the Infrastructure -> Networks Section, and there is now a Domain dropdown to select a domain from the Networks section in the Cloud Config modal.
Infrastructure -> Network -> Domains
../_images/infoblox-af626.png
Cloud Configuration
../_images/infoblox-a9e41.png

Provisioning with Infoblox Pool

Once the Infoblox integration has been configured, while provisioning you can now select networks that have the Network Pools added, and the name of the Infoblox IP Pool will populate to the right of the selected network:

../_images/infoblox-40fdb.png

The during provisioning, your instance IP will be assigned by Infoblox:

../_images/infoblox-fcc33.png

AWS Route53

Overview

Morpheus integrates directly with Amazon Route 53 to automatically create DNS entries for Instances provisioned to a configured Cloud or Group. Morpheus also syncs in Route 53 Domains for easy selection while provisioning, or setting as the default Domain on a Cloud or Network.

Add Route 53 Integration

Route 53 can be added in the Administration or Infrastructure sections:

  1. In Administration -> Integrations, select + New Integration

  2. In Infrastructure -> Networks -> Services, select Add Service

  3. Provide the following:

    TYPE

    Route 53

    NAME

    Name for the Integration in Morpheus

    REGION

    AWS Region for the Integration

    ACCESS KEY

    AWS User IAM Access Key

    SECRET KEY

    AWS User IAM Secret Key

  4. Once saved the Integration will be added and visible in both Administration -> Integrations and Infrastructure -> Networks -> Services

Note

All fields can be edited after saving.

Domains

Once the integration is added, Route 53 Domains will sync and listed under Infrastructure -> Networks -> Domains.

Note

Default Domains can be set on Networks and Clouds, and can be selected when provisioning. Additional configuration options are available by editing a domain in Networks -> Domains

Configuring Route 53 with Clouds and Groups

DNS Integrations are available in the DNS Integration dropdown in Cloud and Group settings.

Morpheus will register Instances with the DNS provider when provisioned into a Cloud or Group with a DNS Integration added.

  1. In Infrastructure → Clouds edit the target Cloud.
  2. Expand the Advanced Options section.
  3. In the DNS Integration dropdown, select an available DNS Integration.
  4. Save Changes
  1. In Infrastructure → Groups select the target Group.
  2. Select the Edit button for the Group
  3. Expand the Advanced Options section.
  4. In the DNS Integration dropdown, select an available DNS Integration.
  5. Save Changes

Note

Instances provisioned into a Cloud or Group with a DNS Integration added will be registered as instancename.domain with the DNS Provider during provisioning, and de-registered at teardown.

Salt

Overview

Morpheus integrates with an existing Salt Master for seamless deployment of Salt States to Minions provisioned from Morpheus .

Add Salt Integration

To get started browse to Admin -> Integrations from within Morpheus .

Once there simply add a New Integration

../_images/salt-af3ca.png

And then scope the integration to your existing Salt Master by ip address. Make sure that the username entered is one with proper escalation privileges for running Salt, and point the Working Directory at the directory on your Master where your States live.

Note

Morpheus will allow you to run States from a git backend, but in v2.10 you will not see states from a git backend within Morpheus

../_images/salt-a41c9.png

Scope Salt Integration to Group Or Cloud

Configuration Management integrations like Saltstack apply to the Infrastructure Group abstraction in Morpheus . To ties yours in, browse to Infrastructure -> Groups in Morpheus and select the group that you would like to tie to your Salt Master.

From here select Edit

../_images/salt-991dd.png

And from the options toggle Advanced Options and select your Saltstack integration in the Config Management dropdown.

../_images/salt-be548.png

After a page refresh you should see your Saltstack tab in your group page

../_images/salt-b5b6f.png

Clicking on it will reveal a page that includes:

  1. An interface to run Salt Master commands
  2. Parsed Top File
  3. Available States
../_images/salt-ccaca.png

The classic example of running

salt '*' test.ping

will return empty unless there are existing Minions with accepted keys on the Master. However, provisioning Minions via Morpheus is extremely easy.

Provisioning with Saltstack

To do so, provision as usual and Instances within the Group tied to the Saltstack Integration will now show additional options on the Configure pane

../_images/salt-413c5.png

Minion ID defaults to the hostname, and a State can be applied directly at provision time.

Note

Only States served from the Master’s Working Directory can be applied at provision, not States from a git backend

Once your instance is provisioned and key negotiation has completed you will be able to access it and run commands via the integrated Salt command center in your Group.

../_images/salt-f8e4e.png

If you did not apply a state at provision time now you will be able to run State commands through Morpheus .

../_images/salt-71b7c.png

In our example the Apache State from a git backend was applied successfully to our newly created vm.

../_images/salt-bf299.png

ServiceNow

Add ServiceNow Integration

  1. Navigate to Administration -> Integrations

  2. Select + NEW INTEGRATION

  3. Select ServiceNow from the TYPE dropdown.

  4. Add the following:

    NAME

    Name of the Integration in Morpheus.

    ENABLED

    Leave checked to enable the Integration.

    HOST

    Url of the ServiceNow Instance ex: https://your.instance.service-now.com

    USER

    A user in ServiceNow that is able to access the REST interface and create/update/delete incidents, requests, requested items, item options, catalog items, workflows, etc.

    PASSWORD

    Above ServiceNow user’s password

  5. Save Changes

Add ServiceNow Provision Approval Policy to a Cloud

Note

Any Instance provisioned into a Cloud with an Approval Policy enabled will require approval.

To add a ServiceNow Approval policy to a Cloud:

  1. Navigate to Infrastructure -> Clouds

  2. Select a Cloud by clicking on the Cloud Name link

  3. Select the POLICIES tab

  4. Select + ADD POLICY

  5. Select Provision Approval

  6. Optionally enter a description for the Policy

  7. Configure the following:

    APPROVAL INTEGRATION

    Select the ServiceNow Integration already configured in Administration -> Integrations to use for the Approval Policy.

    WORKFLOW

    Select the ServiceNow workflow for the Approval workflow in ServiceNow. Note these workflows are configured and synced in from the ServiceNow Integration.

    TENANTS (if applicable)

    Only required for multi-tenant permission scoping. For the policy to apply to a sub-tenant, type the name of the tenant(s) and select the Tenant(s) from the list.

  8. Save Changes

Add ServiceNow Provision Approval Policy to a Group

Note

Any Instance provisioned into a Group with an Approval Policy enabled will require approval.

To add a ServiceNow Approval policy to a Group:

  1. Navigate to Infrastructure -> Groups

  2. Select a Group by clicking on the Group Name link

  3. Select the POLICIES tab

  4. Select + ADD POLICY

  5. Select Provision Approval

  6. Optionally enter a description for the Policy

  7. Configure the following:

    APPROVAL INTEGRATION

    Select the ServiceNow Integration already configured in Administration -> Integrations to use for the Approval Policy.

    WORKFLOW

    Select the ServiceNow workflow for the Approval workflow in ServiceNow. Note these workflows are configured and synced in from the ServiceNow Integration.

    TENANTS (if applicable)

    Only required for multi-tenant permission scoping. For the policy to apply to a sub-tenant, type the name of the tenant(s) and select the Tenant(s) from the list.

  8. Save Changes

Using Approval Policies

Any Instance provisioned into a Cloud or Group with an Approval Policy enabled will be in a PENDING state until the request in Approved.

Instances pending a ServiceNow approval will show “Waiting for Approval” with the Requested Item number and Request number, ex: Waiting for Approval [RITM0010002 - REQ0010002].

ServiceNow Approval requests are displayed in Operations -> Approvals. Instances pending a ServiceNow approval must be Approved in ServiceNow for provisioning to initiate. Approval requests from a ServiceNow Approval Policy cannot be approved in Morpheus, only Internal Approvals.

ServiceNow Approval requests are displayed in Morpheus under Operations -> Approvals. Pending ServiceNow Approval requests can be cancelled in Morpheus by selecting the request and then selecting ACTIONS -> Cancel.

Once a pending ServiceNow Approval request is Approved in ServiceNow, the Instance(s) will begin to provision in Morpheus within 5 minutes of being approved in ServiceNow.

Provisioning Settings

Administration -> Provisioning

Settings
Configure Global Provisioning, Cloud-init and PXE Boot settings.
Environments
Create and manage Environment Tags
Licenses
Add License to apply to Windows Instances during Provisioning.

Settings

Allow Cloud Selection
Displays or hides Cloud Selection dropdown in Provisioning wizard.
Allow Host Selection
Displays or hides Host Selection dropdown in Provisioning wizard.
Show Pricing
Displays or hides Pricing in Provisioning wizard and Instance and Host detail pages.
Deployment Archive Store
Default Storage Provider for storing Deployment Archives.

Note

Storage Providers can be configured and managed in the Infrastructure -> Storage section.

Cloud-Init Settings

Morpheus can add Global users for Linux and Windows at provision time. Cloud-init/Cloudbase-Init or Vmware Tools installed on the provisioned Virtual Images is required.

Linux
  • Username: Enter User to be added to Linux Instances during provisioning.
  • Password: Enter password to be set for the above Linux user.
  • KeyPair: Select KeyPair to be added for the above Linux user.

Note

Either a Password, KeyPair, or both can be populated for the Linux User. KeyPairs can be added in the Infrastructure -> Key Pairs section.

Windows
  • Administrator Password: Enter password to be set for the Windows Administrator User during provisioning.

PXE Boot Settings

Default Root Password
Enter the default password to be set for Root during PXE Boots.

Monitoring Settings

Overview

The Administration -> Monitoring section is for configuring Morpheus Monitoring and Monitoring Integrations.

Morpheus Monitoring Settings

Auto Create Checks
When enabled a Monitoring Check will automatically be create for Instances and Apps.
Availability Time Frame
The number of days availability should be calculated for. Changes will not take effect until your checks have passed their check interval.
Availability Precision
The number of decimal places availability should be displayed in. Can be anywhere between 0 and 5.
Default Check Interval
The default interval to use when creating new checks.

Note

Monitoring Checks can be manually configured if Auto Create Checks is disabled.

AppDynamics

AppDynamics Monitoring Integration Settings

Enabled
Enables the AppDynamics Integration
Controller Host
This is the host name or the IP address of the AppDynamics Controller. This is the same host that you use to access the AppDynamics browser-based user interface.
Controller Port
This is the HTTP(S) port of the AppDynamics Controller. This is the same port that you use to access the AppDynamics browser-based user interface. If the Controller SSL Enabled property is set to true, specify the HTTPS port of the Controller; otherwise specify the HTTP port.
Controller SSL Enabled
This property specifies whether the agent should use SSL (HTTPS) to connect to the Controller. If SSL Enabled is true, set the Controller Port property to the HTTPS port of the Controller.
Tenant Name
This is the account name used to authenticate with the Controller.
Access Key
This is the account access key used to authenticate with the Controller.
Controller Version
This is the controller version and can be obtained at the bottom of the controller login page.
Application Name
This is the name of the logical business application. Note that this is not the deployment name(ear/war/jar) on the application server. (Maximum of 30 numbers or letters)
Tier Name
This is the name of the logical tier. (Maximum of 30 numbers or letters)
Controller User
A user that can login to the Controller ui and upload a dashboard.
Controller Password
Password for the Controller User.

Service Now

ServiceNow Monitoring Integration Settings

Note

A ServiceNow Integration must be already configured in Administration -> Integrations to enable the ServiceNow Monitoring Integration.

Enabled
Enables the ServiceNow Monitoring Integration
Integration
Select from a ServiceNow Integration added in Administration -> Integrations
New Incident Action
The Service Now action to take when a Morpheus incident is created.
Close Incident Action
The Service Now action to take when a Morpheus incident is closed.

Incident Severity Mapping

Morpheus Severity ServiceNow Impact
Info Low/Medium/High
Warning Low/Medium/High
Critical Low/Medium/High

New Relic

New Relic Integration Settings

Enabled
Enables the New Relic Monitoring Integration
License Key
License Key to be used when installing the New Relic agent in order for the agent to report data to your New Relic account

Note

The License Key is the 40-character hexadecimal string that New Relic provides when you sign up for your account.

Backup Settings

Administration -> Backups

Overview

The Backups Settings page allows you enable or disableScheduled Backups, and select a Default Backup Storage Provider Backups within Morpheus can always be run manually. However the scheduled backups toggle must be enabled to run jobs automatically. Configure the default storage provider to select the target location for all new backups. (This does not affect existing backups.)

Morpheus Backup Settings

Options:

Scheduled Backups
Enable automatic scheduled backups for provisioned instances.
Create Backups
When enabled, Morpheus will automatically configure instances for manual or scheduled backups.
Copy Snapshots to Store
Copy VMware snapshots to selected Backup
Storage Provider
Default Backups Storage Provider
Backup Appliance
When enabled, a Backup will be created to backup the Morpheus appliance database. Select the Backup text link to edit Appliance Backup Settings and view existing Appliance Backups.
Default Backup Provider
Enable/Disable Morpheus as the default backup provider.
Default Backup Storage Provider
Storage Providers can be configured and managed in the Infrastructure Storage section.
Backup Retention Count
Default maximum number of successful backups to retain.

Veeam Settings

Enabled
Enable the Veeam integration
Default Backup Provider
Sets Veeam as the Default Backup Provider in Morpheus . Backup Providers can also be configured per Backup.
Visibility

Sets visibility in multi-tenant Morpheus environments:

  • Public: Accessible by all Tenants
  • Private: Accessible only to the Tenant the Veeam integration is added.
Host
Host name or the IP address of the Veeam Backup Enterprise Manager. This is the same host that you use to access the Veeam Backup Enterprise Manager browser-based user interface.
Port
The HTTP(S) port of the Veeam Backup Enterprise Manager API. The default is 9399.
Username
The username used to authenticate with the Veeam Backup Enterprise Manager.
Password
The password used to authenticate with the Veeam Backup Enterprise Manager.
Backup Repositories
Once credentials are authenticated, search will populate available Veeam Repositories to select from.
Backup Job Templates
The backup jobs configured in the Veeam Backup and Replication Console that can be cloned when creating new backup jobs.
Refresh Available Jobs
Use to sync newly created Jobs in Veeam.

Important

Once a Veeam Integration has been enabled, a VEEAM SERVER setting will be available in VMware and Hyper-V cloud settings (Infrastructure -> Clouds -> Edit a Cloud). To enabled backups on a Cloud, a Veeam Server must be selected in the VEEAM SERVER dropdown in the Cloud settings and saved. Failure to do so will result in blank Backup Repositories and Backup Job Templates options when configuring Veeam Backups during provisioning´´.

Commvault Settings

Enabled
Enable the Commvault integration
Default Backup Provider
Sets Commvault as the Default Backup Provider in Morpheus . Backup Providers can be configured per Instance backup settings.
Host
IP or Hostname of the Commvault server.
Port
Port configured to access the
Commvault server Username
Admin Username for Commvault
Password
Password for Username provided (encrypted in Morpheus )

Logging Settings

Morpheus contains a built-in logging solution that aggregates logs from hosts and services. Logs are displayed, searchable, and filterable in the Instance, App, Host and overall Logs sections. Logs can also be forwarded using Syslog Forward rules to any external solution that supports syslogs.

Morpheus also has built in Integrations with 3rd Party solutions. When configured, the Morpheus agent will forward logs to the integrated platforms automatically.

Logging Settings for the build-in Logging, Syslog forwards, and 3rd Party Integrations are configurable in the Administration -> Logs section.

Morpheus contains a built-in logging solution that aggregates logs from hosts and services. Logs are displayed, searchable, and filterable in the Instance, App, Host and overall Logs sections. Logs can also be forwarded using Syslog Forward rules to any external solution that supports syslogs.

To configure Splunk simply create a syslog listener configuration in Splunk. Then it is simply a matter of expanding the section in Logging settings pertaining to Splunk and filling out the host and port of the appender. Once saved, all hosts managed by Morpheus will be configured to forward logs to the target Splunk listener.

Configuring LogRhythm is much like configuring Splunk. Simply toggle the enabled flag in the LogRhythm section to enabled and fill in the Host, and Port information for the LogRhythm listener.

Appliance Settings

The Administration -> Settings section sets global configuration parameters for the Appliance, Tenant Registration, Email, Proxy and sets which Cloud types are enabled.

Appliance Settings

Host Level Firewall Enabled
Enables or Disables the host level firewall. This must be Enabled to use Morpheus Security Groups.
Appliance URL
The default URL used for Agent install and Agent functionality. All Instances and Hosts must be able to resolve and reach this URL over 443 for successful agent install and communication.

Note

Alternate Appliance URLs can be configured per Cloud in the Edit Cloud -> Advanced Options section.

Internal Appliance URL (PXE)
For PXE-Boot your appliance needs to be routable directly with minimal NAT masquerading. This allows one to override the default appliance url endpoint for use by the PXE Server. If this is unset, the default appliance url will be used instead.
API Allowed Origins
Specifies which origins are allowed to access the Morpheus API.

Tenant Management Settings

Registration Enabled
If enabled, the appliance login screen will have a “NEED AN ACCOUNT? SIGN UP HERE” link added, enabling new Tenant registration.
Default Tenant Role
Sets the default Tenant Role applied to Tenants created from Tenant Registration.
Default User Role
Sets the default User Role applied to the User created from a Tenant Registration.

Email Settings

A default installation of Morpheus uses a online service called postmarkapp. Morpheus api requests to the postmarkapp service to send notification e-mails.

To add your own SMTP server you will need to go to the Administration and Settings of your Morpheus appliance. You will then need to provide Morpheus the following information, your mail server systems administrator should provide you with the below information and the preferred encryption method.

  • From Address
  • SMTP Server
  • SMTP Port
  • SSL Enabled
  • TLS Encryption
  • SMTP User
  • SMTP Password

We recommend that you add your Morpheus server to your SMTP white list as well as using user authentication as an additional security measure.

Once you have added your SMTP server information into Morpheus scroll down the Administration and Settings page and press the blue save button which can be found under enabled clouds.

When you have saved your SMTP server settings in the Morpheus appliance you will then need to restart the Morpheus-ui. To restart the Morpheus-ui connection to your Morpheus server via ssh and run the below command.

sudo morpheus-ctl restart morpheus-ui

Important

If you do not restart the Morpheus-ui the notifications will be sent by the original notification service postmarkapp. Please note it can take up to 3 minutes for the ui to become reachable again. has a built in SMTP server for email notifications and alerts. An alternate SMTP server can be specified below:

Add an alternate SMTP Server:

  • From Address
  • SMTP Server
  • SMTP Port
  • SSL Enabled
  • TLS Encryption
  • SMTP User
  • SMTP Password

Proxy Settings

The Morpheus Appliance can be configured to communicate through a Proxy server for Cloud API’s and Agent communication back to the Appliance.

Note

Additional Proxy configuration is available in the Infrastructure -> Network -> Proxies section. Added Proxies can be scoped to Clouds in the Edit Cloud -> Advanced Options section of the Cloud.

Add a Global Proxy server by entering the following:

  • Proxy Host
  • Proxy Port
  • Proxy User
  • Proxy Password
  • Proxy Domain
  • Proxy Workstation

Enabled Clouds

Cloud types can be Enabled or Disabled in this section. When a Cloud type is disabled, it will be removed from the available options when adding new clouds in the Infrastructure section.

Available Cloud types:

  • Morpheus
  • OpenStack
  • Amazon
  • Metacloud
  • VMware vCenter
  • VMware vCloud Air
  • SoftLayer
  • Google Cloud
  • Azure (Public)
  • Azure Stack (Private)
  • DigitalOcean
  • VirtualBox
  • VMware Fusion
  • VMWare ESXi
  • Nutanix
  • UCS
  • XenServer
  • Hyper-V
  • MacStadium
  • Oracle VM
  • HP
  • Supermicro
  • Dell
  • SCVMM
  • UpCloud
  • Kubernetes
  • Cloud Foundry

Whitelabel Settings

Overview

Morpheus Tenants can be WhiteLabeled with custom Logos, Colors, Copy, and custom CSS. Sub-Tenants can be individually white-labeled, or the Master Tenant Whitelabel can apply to all Sub-Tenants.

Enable Whitelabel
Turns on the configured Whitelabel settings. Disabling will return the Appliance to the default colors and logos, but the configured options will remain saved and will apply if Whitelabel is re-enabled.
Appliance Name
Replaces Morpheus in page titles.
Header Logo
Top left header logo. Preferred Image Size (500x76)
Footer Logo
Footer Logo in bottom left. Preferred Image Size (264x54)
Login Logo
Logo shown on Login screen. Preferred Image Size (228x280)
Favicon
Must be a .ico file type.
Reset
When selected and Whitelabel settings are saved, associated logo is returned to blank default value.

Colors

Update Colors by entering HEX value or selecting the Color Selector pop-up next to each filed and selecting a color.

  • Header Background
  • Header Foreground
  • Nav Background
  • Nav Foreground
  • Nav Hover
  • Primary Button Bg
  • Primary Button Fg
  • Primary Button Hover Bg
  • Primary Button Hover Fg
  • Footer Background
  • Footer Foreground
  • Login Background

Override CSS

Override CSS settings by entering CSS in Override CSS field.

Example: (this will add one continues background image to the Header)

header #topHeader {
        background-image: url(http://image_url.png);
        }
header {
        background-image: url(http://image_url.png);
        }

Copy

Add custom Copyright String, Terms of Use, Privacy Policy contained in the Footer text and links in the App and on the login page and emails.

Available Copy fields

  • Copyright String
  • Terms of Use
  • Privacy Policy

Note

Terms of Use and Privacy Policy Footer links will load internal pages at https://applaince_url/privacy-policy and https://applaince_url/terms-of-use displaying the entered info as plain text.

​ UI Loading Page ^^^^^^^^^^^^^^^

When the Morpheus UI is restarted or loading, a default “Morpheus is Loading” page is displayed. This page can be changed by adding the following to /etc/morpheus/morpheus.rb and adjusting the values.

Note

morpheus-ctl reconfigure must be ran for any chnages to /etc/morpheus/morpheus.rb to take effect.

nginx['web_root_internal'] = “/opt/morpheus/embedded/nginx/html"
nginx['loading_pages']['max_loops'] = 6 * 10 # 10 secs per loop x 6 times to get 60 seconds * 10 to get to 10 minutes
nginx['loading_pages']['timeout_page'] = '/timeout.html'
nginx['loading_pages']['iteration_time'] = 10_000
nginx['loading_pages']['loading_page_title'] = 'Morpheus Loading'
nginx['loading_pages']['loading_page_h1'] = 'Morpheus is Loading...'
nginx['loading_pages']['loading_page_h2'] = 'please wait'
nginx['loading_pages']['timout_page_title'] = 'Morpheus timeout, please try again...'
nginx['loading_pages']['timout_page_h1'] = 'Timeout waiting for Morpheus to load, click below to try again.'
nginx['loading_pages']['failure_page_title'] = 'Morpheus Server Error'
nginx['loading_pages']['failure_page_h1'] = 'Morpheus Server Error'
nginx['loading_pages']['failure_page_h2'] = 'Please contact your system administrator for assistance.'

License

Overview

Morpheus requires a valid license for provisioning new Instances, Apps and Hosts, and converting existing Instances and Hosts to managed. Licenses can be applied and updated in this section, and the current license status can be checked.

Current License

If a License Key has already been applied, the License status is shown in the Current License section:

Tenant Name
Company name the License was generated for.
Start Date
Date and time the current License started.
End Date
Date and time the current License expires.
Space
Amount of used and unused Managed RAM under the current License.

EXAMPLE: On a 1 TB License with 182 GB of RAM under management, the Space section will show Used Space 182.9GB Unused Space 841.0GB

Note

Once a current License expires or has reached its Space limit, users will no longer be able to provision new Instances, Apps, Hosts, or Bare Metal, or convert existing Hosts, Virtual Machines, or Bare Metal to managed. Morpheus will otherwise continue to function.

Upgrade License Key

To add a new or update an existing License:

  1. Copy the License Key into the License Key field
  2. Click UPDATE

If valid, the new License will be applied.

Request new License

Licenses can be requested at https://morpheushub.com, or by contacting support@ or sales@ morpheusdata.com.