cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rafael Weingärtner <raf...@autonomiccs.com.br>
Subject Re: Virtual Router Monitoring/Patching
Date Mon, 09 Oct 2017 13:52:05 GMT
Well, quite easy my dear Watson... ;)

First, download the current system VM template that you are using. Then, 
you can execute this template in a player such as VMware player or 
Virtualbox. You have to access the VM, log into it (roor/password). 
Afterward, you can install and configure whatever you want. Save it, 
stop the vm and upload the altered template to ACS. Do not forget to 
mark the type of the template as “routing”. Then, there is a parameter 
(I forgot the name now), that you can configure the name of the template 
you want to use to create VRs from.

And that is all. Was it helpful?!

On 10/9/2017 10:42 AM, Alessandro Caviglione wrote:
> Yes, this is what we need! :)
> But... how can i do it?? :DDD
>
> On Mon, Oct 9, 2017 at 3:32 PM, Rafael Weingärtner <
> rafael@autonomiccs.com.br> wrote:
>
>> Yes it is possible.
>>
>> We already did that, we direct all the logs to a remote log repository,
>> and then using Graylog we present the information that is aggregated.
>>
>>
>> On 10/9/2017 10:30 AM, Alessandro Caviglione wrote:
>>
>>> Hi,
>>> I'm replying because I'm already interested in this topic.
>>> In fact, we'd like to monitor VR and collect logs with rsyslog.
>>> So, is it possible to modify the template image to configure an rsyslog
>>> and
>>> snmp to allow monitoring of all new deployed VR?
>>>
>>> Thank you.
>>>
>>> On Wed, Oct 4, 2017 at 5:10 PM, Dag Sonstebo <Dag.Sonstebo@shapeblue.com>
>>> wrote:
>>>
>>> Hi Alexander,
>>>> As you point out the attack surface of the VRs have been minimised and
>>>> the
>>>> system VMs overall hardened.
>>>> You have two issues with updating the software on the VRs – an update has
>>>> the potential to break VR services (or agent services on SSVM/CPVM) as
>>>> you
>>>> already mentioned,  in addition any updates will obviously be lost the
>>>> next
>>>> time you restart a network with cleanup. You would also need to somehow
>>>> automate the updates on new VRs.
>>>>
>>>> In general I would think most CloudStack users will wait for new system
>>>> VM
>>>> templates to be released – but interested in hearing other thoughts on
>>>> this.
>>>>
>>>> Regards,
>>>> Dag Sonstebo
>>>> Cloud Architect
>>>> ShapeBlue
>>>>
>>>> On 04/10/2017, 15:35, "Stock, Alexander" <Alexander.Stock@bitgroup.de>
>>>> wrote:
>>>>
>>>>       Hi all,
>>>>
>>>>       at the moment we try to improve our monitoring of the virtual
>>>> routers
>>>> in our environment.
>>>>       For this we also monitor the update status of the machines and could
>>>> see that there are some updates pending (OS Updates not Template
>>>> Updates) .
>>>>
>>>>       So what would like to know is if you have some experience in pathing
>>>> the virtual routers and if you have an update strategy for this
>>>> (redundant
>>>> router,etc..).
>>>>       I am in worry that some updates could crash the services which are
>>>> responsible for communication with the cloudstack controller.
>>>>       I am also not sure if the attack surface is too small to don't worry
>>>> about patching.
>>>>
>>>>       Any ideas or comments are welcome.
>>>>       Thank you.
>>>>       Alexander
>>>>
>>>>
>>>>
>>>>
>>>> Dag.Sonstebo@shapeblue.com
>>>> www.shapeblue.com
>>>> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
>>>> @shapeblue
>>>>
>>>>
>>>>
>>>>
>>>>
>> --
>> Rafael Weingärtner
>>
>>

-- 
Rafael Weingärtner


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message