Mission-Critical Virtualization Platform Monitoring & Incident Management Suite
vSphere Sentinel is the enterprise-grade, centralized observability, analytics, incident-management, and lifecycle administration platform for modern virtualized infrastructure. Engineered for mission-critical reliability, it empowers IT, DevOps, and operations with real-time telemetry, intelligent reporting, compliance auditing, and secure remote operations for VMware vSphere environments—on-premises, hybrid, and cloud.
vSphere Sentinel transforms infrastructure monitoring and control by providing a unified interface for operational insight, event management, analytics, and security-focused observability across your virtualization and hybrid-cloud ecosystem. Built for CTOs, IT Managers, and Operations teams, Sentinel delivers real-time visibility, automated health analytics, actionable intelligence, and robust incident-response tools—ensuring business continuity and operational excellence.
- Unified Operations Dashboard: Real-time monitoring and deep analytics for all vSphere virtual machines and hosts.
- Secure SSO/JWT Authentication: Modern authentication, role-based access (Admin & Read-Only) with audit trails.
- Centralized VM Lifecycle Management: Power, reset, guest-OS reboot/shutdown—all from secure browser UI with audit logging.
- Live & Historical Telemetry: VM health, power state, resource usage, uptime, disk pressure, and historical performance charts.
- Enterprise-Grade Reporting: Automated Excel/PDF reports (daily/on-demand) with corporate branding/logo, compliance headers, and export logs.
- Integrated Observability: System-wide operational logging, user action history, export activity, and error/event feeds.
- Configurable Settings: vCenter endpoint, credentials (encrypted at rest), report templates, branding, and automation intervals—all via secure UI.
- Auditing & Compliance: Designed for integration into audit pipelines, with full traceability of operations and actions.
- Robust Security: All secrets encrypted, LAN-isolated backend, access-controlled frontend; never exposes vCenter credentials to clients.
- Mobile-Ready UI: Responsive React SPA for desktop, tablet, and phone; themeable (dark/light).
- API Readiness: Clean RESTful backend for future integrations and custom automation.
- Enterprise IT Fleet Operations: Full lifecycle management and incident monitoring across data centers, branches, and remote hybrid nodes.
- DevOps & SRE Workflows: Secure, auditable interaction with vSphere environments—automated reporting, periodic health-checks, rapid event triage.
- Cloud/Hybrid Migration: Safe, centralized observability for organizations bridging on-prem with cloud-hosted workloads.
- Compliance & Audit: Generate signed logs, track administrative action, prove compliance for incident resolution.
+---------------------+ +---------------------+
| User Devices | <-----> | vSphere Sentinel |
| (Browser: SPA UI) | UI | (FastAPI Backend) |
+---------------------+ +---------------------+
|
| REST API (secured)
+-----------------+
| vCenter Server |
| (VMware API) |
+-----------------+
- Frontend: React + Vite + MUI, communicating over HTTPS or LAN
- Backend: Python FastAPI, responsible for all business logic, vCenter proxying, storage, and reporting
- Database: SQLite (trivially upgradable for enterprise DBMS)
- VMware Integration: pyVmomi for robust vSphere connectivity
- Platforms: Windows Server, Linux (Ubuntu, RHEL, CentOS), macOS (dev)
- VMware: vCenter 6.x, 7.x, 8.x (via pyVmomi)
- Browsers: Chrome, Edge, Firefox, Safari
- Cloud / LAN: Optimized for private cloud and hybrid/LAN deployments
- Backend: Python 3.10+, FastAPI, SQLAlchemy, pyVmomi, Uvicorn, Loguru, OpenPyXL, ReportLab
- Frontend: React 18+, TypeScript, Vite, MUI, Axios, modern React hooks & context API
- Database: SQLite (file-based), extensible to PostgreSQL/MySQL
- Security: JWT Authentication, role-based access, secret encryption at rest
- DevOps/Infra: Easily containerized; zero third-party telemetry
- Python 3.10+ (prefer 64-bit)
- Node.js 18+
- Access to your VMware vCenter from backend host
cd server
python -m venv .venv
# Windows:
.venv\Scripts\Activate.ps1
# Linux/macOS:
# source .venv/bin/activate
pip install -r requirements.txtcd web
npm installSECRET_KEY: Used to sign JWT tokens (LONG, secure, never commit!)VSPHERE_SECRET_KEY: URL-safe base64 (used to encrypt vCenter credentials)- Optional:
SQLITE_PATH,FRONTEND_ORIGIN,DEFAULT_REPORT_ROOT, etc.
Example .env:
SECRET_KEY=<jwt-signing-secret>
VSPHERE_SECRET_KEY=<base64-key>
- Start backend:
uvicorn app.main:app --host 0.0.0.0 --port 5051 --reload - Start frontend:
npm run dev -- --host 0.0.0.0 --port 5173 - Open browser at
http://<host-ip>:5173 - Call
POST /api/auth/init-admin(via API docs at/docs) to create initial Admin user - Login to UI using credentials you just set up
- Deploy Python backend as system service (
systemd, NSSM, etc.), ideally on secure LAN host. - Restrict port 5051 access via LAN-only firewall rules
- Use environment variables for all secrets—never commit secrets
- Place SQLite DB on high-integrity storage with access restrictions
- Build release assets:
cd web npm run build - Serve static files via Nginx, Caddy, IIS, or similar, reverse proxy
/apito backend - Harden HTTP headers, leverage HTTPS for production
Nginx Sample:
server {
listen 80;
server_name _;
root /opt/vsphere-sentinel/web/dist;
index index.html;
location /api/ {
proxy_pass http://127.0.0.1:5051/api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
try_files $uri /index.html;
}
}- All credentials encrypted at rest
- No vCenter secrets ever sent to browsers/clients
- Strong separation of API/UI; CORS locked to frontend origin in production
- Rate-limiting, logging, audit trails
- No inbound ports exposed to public internet
- Logs and reports written to secure, access-controlled locations
- Optional HTTPS for frontend/backend communications
- Suitable for compliance-driven environments
- Highly optimized FastAPI backend (async-capable, scalable for cores/nodes)
- No hard dependency on heavy infra (lightweight, containerizable, deploy on VMs, bare metal, cloud)
- Designed for easy horizontal scaling and swap for enterprise RDBMS
- Smart asset build & caching for ultra-fast frontend loads
- Sane defaults, configurable intervals
- Clean REST API (documented via Swagger at
/docs) - Extensible data models & endpoints
- Ready to integrate into SIEM, Service Desk, or custom dashboards
- Pluggable reporting and metrics pipeline capability
- PRs & partnerships for custom inbound/outbound connectors welcome!
- 🔲 Multi-vCenter federation
- 🔲 Third-party authentication (LDAP, SAML, OIDC)
- 🔲 Granular RBAC (role-based access controls)
- 🔲 Custom webhook & notification integration (Slack, Teams, PagerDuty)
- 🔲 Enterprise DB engines (PostgreSQL, MySQL options)
- 🔲 Extended compliance/Audit policy modules
- 🔲 Alerting & incident auto-closure automation
- 🔲 Kubernetes/Cloud-native deployment support
- 🔲 Enhanced dashboard charts, predictive insights (AI/ML-powered)
- Professional contributions welcome. Please see
CONTRIBUTING.mdor open a business inquiry. - All changes should be thoroughly tested and documented.
- All contributors must agree to maintain enterprise code and documentation standards.
vSphere Sentinel is released under the MIT License.
Developed By: Mike ROSS Business Email: mozkarci1991@gmail.com Phone / WhatsApp: +90 535 489 50 50
For partnerships, custom enterprise integrations, white-labeling, and support agreements: Contact Mike ROSS directly.