Syslog Proxy
Syslog proxy functionality is supported at the following levels:
-
UCS server hardware
-
OpenStack services
-
UAS software modules
-
VNFM, UEM, and CF VNF components
NOTES:
-
This functionality is currently supported only with Ultra M UGP VNF deployments based on OSP 10 or OSP 13 and that leverage the Hyper-Converged architecture.
-
You must configure a remote collection server to receive and filter log files sent by the Ultra M Manager Node.
-
Take note of the TCP and UDP ports configured on the server for syslogging as the syslog proxy functionality on Ultra M must be configured with the same ports.
-
Ensure that the collection server's IP table rules are configured to accept TCP/UDP connection on the configured port.
-
-
Though you can configure syslogging at any severity level your deployment scenario requires, it is recommended that you only configure syslog levels with severity levels 0 (emergency) through 4 (warning). If the severity level is not set, then by default, the severity level 6 is used.
Important |
If you wish to enable syslogging for the components that comprise the Ultra M solution but do not wish to use the syslog proxy functionality (e.g. send syslogs directly to an external collection server), refer to Configuring Syslogging to an External Collection Server. |
Configuring Syslog Proxy for UCS Server Hardware
AutoIT can be configured to serve as a proxy for UCS server hardware syslogs.
Important |
AutoIT must be configured with information for the syslog collection server at the time it is deployed. Refer to the Ultra Services Platform Deployment Automation Guide for more information. |
The UCS server list is based on the configuration specified in the VIM Orchestrator and VIM NSD configuration file. As such, syslog proxy functionality for the hardware must be performed after the VIM has been deployed.
Syslog proxy functionality is configured through a fault management descriptor (FMD) configuration file that is comprised of the required NETCONF parameters. Refer to Sample FMD Configuration File for a sample configuration file.
Important |
Though the FMD configuration can be included in the network service descriptor (NSD) for your VNF, it is recommended that the configuration for this functionality be maintained in a separate, FMD-specific NSD configuration file. |
To configure syslog proxy functionality for UCS server hardware:
-
Log on to the primary AutoIT VM as the root user.
-
Prepare the FMD configuration file for your deployment scenario. Your file should include the following parameters:
domain hardware syslog uas-proxy syslog severity <severity_level>
Note that the severity parameter is optional. The default severity level is 6.
For more information on the syslog severity supported, refer to the Cisco Ultra Services Platform NETCONF API Guide.
Refer to Sample FMD Configuration File for a sample configuration file.
-
Login to the ConfD CLI as the admin user.
confd_cli -u admin -C
-
Enter the admin user password when prompted.
-
Enter the ConfD configuration mode.
config
-
Load the FMD configuration file.
load merge <your_fmd_file_name>.cfg
commit
end
-
Activate the FMD configuration.
activate nsd-id <nsd_name> fmd <fmd_name>
Important
The output of this command is a transaction-id which can be used to monitor the deployment progress. If need be, the FMD configuration can be deactivated using the deactivate variant of this command.
-
Monitor the progress of the FMD creation by viewing transaction logs:
show log <transaction_id> | display xml
transaction_id is the ID displayed as a result of the activate command executed in step 7.
Configuring Syslog Proxy for OpenStack Services
AutoIT can be configured to serve as a proxy for OpenStack service syslogs.
Important |
AutoIT must be configured with information for the syslog collection server at the time it is deployed. Refer to the Ultra Services Platform Deployment Automation Guide for more information. |
The list of servers on which OpenStack is running is based on the configuration specified in the VIM Orchestrator and VIM NSD configuration file. As such, syslog proxy functionality for the hardware must be performed after the VIM has been deployed.
If syslogging is enabled, syslogs for the following OpenStack services are proxied:
-
Nova
-
Cinder
-
Keystone
-
Glance
-
Ceph monitor (Controller nodes only)
-
Ceph OSD (OSD Compute nodes only)
Syslog proxy functionality is configured through a fault management descriptor (FMD) configuration file that is comprised of the required NETCONF parameters. Refer to Sample FMD Configuration File for a sample configuration file.
Important |
Though the FMD configuration can be included in the network service descriptor (NSD) for your VNF, it is recommended that the configuration for this functionality be maintained in a separate, FMD-specific NSD configuration file. |
To configure syslog proxy functionality for UCS server hardware:
-
Log on to the primary AutoIT VM as the root user.
-
Prepare the FMD configuration file for your deployment scenario. Your file should include the following parameters:
domain vim syslog uas-proxy syslog severity <severity_level>
Note that the severity parameter is optional. The default severity level is 6.
For more information on the syslog severity supported, refer to the Cisco Ultra Services Platform NETCONF API Guide.
Refer to Sample FMD Configuration File for a sample configuration file.
-
Login to the ConfD CLI as the admin user.
confd_cli -u admin -C
-
Enter the admin user password when prompted.
-
Enter the ConfD configuration mode.
config
-
Load the FMD configuration file.
load merge <your_fmd_file_name>.cfg
commit
end
-
Activate the FMD configuration.
activate nsd-id <nsd_name> fmd <fmd_name>
Important
The output of this command is a transaction-id which can be used to monitor the deployment progress. If need be, the FMD configuration can be deactivated using the deactivate variant of this command.
-
Monitor the progress of the FMD creation by viewing transaction logs:
show log <transaction_id> | display xml
transaction_id is the ID displayed as a result of the activate command executed in step 7.
Configuring Syslogging for UAS Software Modules
Each UAS software module can be configured to send logs and syslogs to one or more external collection servers.
AutoDeploy and AutoIT
Logs and syslogs are sent directly to one or more external syslog collection servers configured when these modules are first installed. The configured collection servers are also the receivers for UCS server hardware and OpenStack services for which AutoIT is a proxy.
The following logs are sent:
-
AutoDeploy:
-
/var/log/upstart/autodeploy.log
-
/var/log/syslog
-
-
AutoIT:
-
/var/log/upstart/autoit.log
-
/var/log/syslog
-
In order to support syslogging functionality, additional operators were added to the boot_uas.py script used to install these modules:
-
--syslog-ip<ext_syslog_server_address>
-
--port<syslog_port_number>
-
--severity<syslog_severity_to_send>
Refer to the Ultra Services Platform Deployment Automation Guide for more information on deploying AutoIT and AutoDeploy.
AutoVNF
AutoVNF serves as the syslog proxy for the VNFM, UEM, and CF VNF components (VNFCs). It also sends its own logs to the same external syslog collection server:
-
/var/log/upstart/autovnf.log
-
/var/log/syslog
Syslogging for the AutoVNF module is configured through the AutoVNF VNFC configuration within the VNF Rack and VNF NSD configuration file. Refer to the Ultra Services Platform Deployment Automation Guide for more information.
AutoVNF should always configure the external syslog server. For AutoVNF, the information and instructions provided in those sources also remain identical but with the exception of the parameters used in the corresponding VNFC section of the VNF Rack and VNF NSD configuration file.
syslog server <ip_address>
syslog port <tcp_udp_port>
syslog severity <severity_level>
Note that the port and severity parameters are optional. The default values of port and severity parameters are 514 and 6 respectively.
For more information on the syslog severity supported, refer to the Cisco Ultra Services Platform NETCONF API Guide.
Configuring Syslog Proxy for the VNFM, UEM, and CF VNFCs
AutoVNF can be configured as the syslog proxy for the following VNFM, UEM, and CF VNF component (VNFC) logs:
-
VNFM (ESC): /var/log/messages
Important
escmanager and mona logs are not configured as part of syslog automation. ESC can be manually configured to send these logs to the syslog proxy or to an external syslog collection server. Refer to Manual ESC escmanager and mona Log Configuration for more information.
-
UEM:
-
/var/log/em/vnfm-proxy/vnfm-proxy
-
/var/log/em/ncs/ncs-java-vm
-
/var/log/em/zookeeper/zookeeper
-
/var/log/syslog
-
-
CF: All syslogs configured within the StarOS-based VNF.
Syslogging for the VNFM, UEM, and CF is configured through their respective VNFC configurations within the VNF Rack and VNF NSD configuration file. Refer to the Ultra Services Platform Deployment Automation Guide for more information.
The following parameters should be configured for each VNFC:
syslog uas-proxy
syslog severity <severity_level>
Note that the severity parameter is optional. The default severity level is 6.
For more information on the syslog severity supported, refer to the Cisco Ultra Services Platform NETCONF API Guide.
Configuring Syslogging to an External Collection Server
Syslogging for the Ultra M solution components can be enabled without leveraging the syslog proxy functionality. In this scenario, syslogs are sent directly from each component to an external collection server.
Important |
Regardless of the domain level at which you're configuring syslogging functionality for, you must ensure that the external collection server to which your sending syslogs is reachable over the network by the component sending the syslog. |
UCS Server Hardware
The instructions for configuring UCS servers to send syslogs to an external collection server are identical to those described in Configuring Syslog Proxy for UCS Server Hardware with the exception of the parameters used in the FMD configuration file.
To configure external collection servers for UCS server hardware, use the following parameters:
domain hardware
syslog server <ip_address>
syslog port <tcp_udp_port>
syslog severity <severity_level>
Note that the port and severity parameters are optional. The default values of port and severity parameters are 514 and 6 respectively.
For more information on the syslog severity supported, refer to the Cisco Ultra Services Platform NETCONF API Guide.
Important |
Though multiple external collection servers can be configured, the UCS server hardware support a maximum of two servers. If more than two servers are configured in the FMD, only the first two are configured on the UCS servers. Additionally, only one severity level can be configured on the UCS servers. It is used for both configured collection servers. |
OpenStack Services
The instructions for configuring OpenStack services to send syslogs to an external collection server are identical to those described in Configuring Syslog Proxy for OpenStack Services with the exception of the parameters used in the FMD configuration file.
To configure external collection servers for OpenStack services, use the following parameters:
domain vim
syslog server <ip_address>
syslog port <tcp_udp_port>
syslog severity <severity_level>
Note that the port and severity parameters are optional. The default values of port and severity parameters are 514 and 6 respectively.
For more information on the syslog severity supported, refer to the Cisco Ultra Services Platform NETCONF API Guide.
UAS Software Modules
The information and instructions provided in Configuring Syslogging for UAS Software Modules and in the Ultra Services Platform Deployment Automation Guide that pertain to AutoDeploy and AutoIT configure them to communicate with external collection servers.
To configure external collection servers for the AutoVNF, use the following parameters:
syslog server <ip_address>
syslog port <tcp_udp_port>
syslog severity <severity_level>
Note that the port and severity parameters are optional. The default values of port and severity parameters are 514 and 6 respectively.
For more information on the syslog severity supported, refer to the Cisco Ultra Services Platform NETCONF API Guide.
VNFM, UEM, and CF VNF Components
The instructions for configuring the VNFM, UEM, and CFs to send syslogs to an external collection server are identical to those described in Configuring Syslog Proxy for the VNFM, UEM, and CF VNFCs and in the Ultra Services Platform Deployment Automation Guide with the exception of the parameters used in the corresponding VNFC section of the VNF Rack and VNF NSD configuration file.
To configure external collection servers for the VNFCs, use the following parameters for each VNFC:
syslog server <ip_address>
syslog port <tcp_udp_port>
syslog severity <severity_level>
Important |
|
Manual ESC escmanager and mona Log Configuration
ESC's escmanager and mona logs are not configured as part of syslog automation. However, ESC can be manually configured to send these logs to either the syslog proxy server (i.e. AutoVNF) or to an external collection server.
To manually configure ESC to send these logs:
-
Log on to the active ESC VNFM VM as the user admin.
-
Navigate to the /etc/rsyslog.d directory.
cd /etc/rsyslog.d
-
Create a configuration file for the escmanager log called 00-escmanager.conf. The file should have the following configuration information which includes the IP address of the syslog server (either the syslog proxy server or the external collection server):
$ModLoad imfile $InputFileName /var/log/esc/escmanager.log $InputFileTag escmanager: $InputFileStateFile stat-escmanager $InputRunFileMonitor $template escmanager_log, "%syslogtag:::% %msg%" if $programname == 'escmanager' then @@<syslog-server-ip>:<port-number>;escmanager_log if $programname == 'escmanager' then stop
<syslog-server-ip> is the one of the following:
-
AutoVNF HA VIP address if you want the logs sent to the syslog proxy server, OR
-
IP address of the external syslog collection server.
<port-number> is the TCP/UDP port used for syslog. For the syslog proxy functionality, the default port of 514 is used.
Important
The server IP address and port number must be identical to those configured at the VNFC-level for the VNFM.
-
-
Create a configuration file for the mona log called 02-mona.conf. The file should have the following configuration information which includes the IP address of the syslog server (either the syslog proxy server or the external collection server):
$ModLoad imfile $InputFileName /var/log/esc/mona/mona.log $InputFileTag mona: $InputFileStateFile stat-mona $InputRunFileMonitor $template mona_log, "%syslogtag:::% %msg%" if $programname == 'mona' then @@<syslog-server-ip>:<port-number>;mona_log if $programname == 'mona' then stop
<syslog-server-ip> is the one of the following:
-
AutoVNF HA VIP address if you want the logs sent to the syslog proxy server, OR
-
IP address of the external syslog collection server.
<port-number> is the TCP/UDP port used for syslog. For the syslog proxy functionality, the default port of 514 is used.
Important
The server IP address and port number must be identical to those configured at the VNFC-level for the VNFM.
-
-
Change the file permissions for the escmanager.log file.
ls -al /var/log/esc/escmanager.log -rw-r--r--. 1 esc-user esc-user 12671993 Sep 12 23:32 /var/log/esc/escmanager.log sudo chmod 666 /var/log/esc/escmanager.log ls -al /var/log/esc/escmanager.log -rw-rw-rw-. 1 esc-user esc-user 12671993 Sep 12 23:32 /var/log/esc/escmanager.log
-
Change the file permissions for the mona.log file.
ls -al /var/log/esc/mona/mona.log -rw-r--r--. 1 esc-user esc-user 3937424 Sep 13 01:10 /var/log/esc/mona/mona.log sudo chmod 666 /var/log/esc/mona/mona.log ls -al /var/log/esc/mona/mona.log -rw-rw-rw-. 1 esc-user esc-user 3940388 Sep 13 01:11 /var/log/esc/mona/mona.log
-
Restart the syslog service.
sudo service rsyslog restart