cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ivan Kudryavtsev <kudryavtsev...@bw-sw.com>
Subject Re: Virtual Router Monitoring/Patching
Date Mon, 09 Oct 2017 14:51:48 GMT
Hi. We customized template for VR in the past and use it. But we use big
basic zone, so our VR is a singleton.

>From the other hand you can do ansible-based scenario since VR is
ssh-accesible from the host where it runs with the key.

9 окт. 2017 г. 3:46 ПП пользователь "Remi Bergsma" <
RBergsma@schubergphilis.com> написал:

> Hi,
>
> For your information: This how we implemented the VPC syslog server
> feature:
> https://github.com/MissionCriticalCloud/cosmic/pull/418
>
> You don’t need to alter the template, it can be handled in the python code
> on the router itself.
>
> However, I’m quite sure the patch doesn’t apply to CloudStack as-is. But
> maybe you could get some inspiration from it and ask your devs to implement
> it.
>
> Regards,
> Remi
>
>
> On 09/10/2017, 15:42, "Alessandro Caviglione" <c.alessandro@gmail.com>
> wrote:
>
>     Yes, this is what we need! :)
>     But... how can i do it?? :DDD
>
>     On Mon, Oct 9, 2017 at 3:32 PM, Rafael Weingärtner <
>     rafael@autonomiccs.com.br> wrote:
>
>     > Yes it is possible.
>     >
>     > We already did that, we direct all the logs to a remote log
> repository,
>     > and then using Graylog we present the information that is aggregated.
>     >
>     >
>     > On 10/9/2017 10:30 AM, Alessandro Caviglione wrote:
>     >
>     >> Hi,
>     >> I'm replying because I'm already interested in this topic.
>     >> In fact, we'd like to monitor VR and collect logs with rsyslog.
>     >> So, is it possible to modify the template image to configure an
> rsyslog
>     >> and
>     >> snmp to allow monitoring of all new deployed VR?
>     >>
>     >> Thank you.
>     >>
>     >> On Wed, Oct 4, 2017 at 5:10 PM, Dag Sonstebo <
> Dag.Sonstebo@shapeblue.com>
>     >> wrote:
>     >>
>     >> Hi Alexander,
>     >>>
>     >>> As you point out the attack surface of the VRs have been minimised
> and
>     >>> the
>     >>> system VMs overall hardened.
>     >>> You have two issues with updating the software on the VRs – an
> update has
>     >>> the potential to break VR services (or agent services on
> SSVM/CPVM) as
>     >>> you
>     >>> already mentioned,  in addition any updates will obviously be lost
> the
>     >>> next
>     >>> time you restart a network with cleanup. You would also need to
> somehow
>     >>> automate the updates on new VRs.
>     >>>
>     >>> In general I would think most CloudStack users will wait for new
> system
>     >>> VM
>     >>> templates to be released – but interested in hearing other
> thoughts on
>     >>> this.
>     >>>
>     >>> Regards,
>     >>> Dag Sonstebo
>     >>> Cloud Architect
>     >>> ShapeBlue
>     >>>
>     >>> On 04/10/2017, 15:35, "Stock, Alexander" <
> Alexander.Stock@bitgroup.de>
>     >>> wrote:
>     >>>
>     >>>      Hi all,
>     >>>
>     >>>      at the moment we try to improve our monitoring of the virtual
>     >>> routers
>     >>> in our environment.
>     >>>      For this we also monitor the update status of the machines
> and could
>     >>> see that there are some updates pending (OS Updates not Template
>     >>> Updates) .
>     >>>
>     >>>      So what would like to know is if you have some experience in
> pathing
>     >>> the virtual routers and if you have an update strategy for this
>     >>> (redundant
>     >>> router,etc..).
>     >>>      I am in worry that some updates could crash the services
> which are
>     >>> responsible for communication with the cloudstack controller.
>     >>>      I am also not sure if the attack surface is too small to
> don't worry
>     >>> about patching.
>     >>>
>     >>>      Any ideas or comments are welcome.
>     >>>      Thank you.
>     >>>      Alexander
>     >>>
>     >>>
>     >>>
>     >>>
>     >>> Dag.Sonstebo@shapeblue.com
>     >>> www.shapeblue.com
>     >>> 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
>     >>> @shapeblue
>     >>>
>     >>>
>     >>>
>     >>>
>     >>>
>     > --
>     > Rafael Weingärtner
>     >
>     >
>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message