You can configure settings such as time zone, NTP servers, SNMP, and syslog servers to apply to all NSX Manager and Edge nodes. In addition to NSX Manager and Edge nodes, the SNMP configuration is applied to the VMware SNMP agent on all KVM hypervisors.
Procedure
- From your browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.
- Select .
- Click the Node Profiles tab.
- Click All NSX Nodes in the Name column.
- Click Edit to configure the time zone and NTP servers.
- In the Syslog Servers section, click Add to add a Syslog server.
- Enter the FQDN or IP address of the Syslog server.
- Specify a port number.
- Select a protocol.
The available protocols are TCP, UDP, and LI (Log Insight).
- Select a log level.
The available levels are Emergency, Alert, Critical, Error, Warning, Notice, Information, and Debug.
- In the SNMP Polling section, under v2c, click Add to add an SNMPv2c community.
- Enter a name for the community.
- Enter a Community String value.
This value is used for authentication.
- In the SNMP Polling section, under v3, click Add to add an SNMPv3 user.
- Enter a user name.
- Enter an authentication password.
You can click the icon on the right to show or hide the password.
- Enter a private password.
You can click the icon on the right to show or hide the password.
- In the SNMP Traps section, under v2c, click Add to add an SNMPv2c trap configuration.
- Enter a FQDN or IP address.
- Specify a port number.
- Enter a name for the community.
- Enter a Community String value.
This value is used for authentication.
- In the SNMP Traps section, under v3, click Add to add an SNMPv3 trap configuration.
- Enter a FQDN or IP address.
- Specify a port number.
- Enter a user name.
What to do next
- get clock
- get ntp-server
- get logging-servers
- get snmp v2-targets
- get snmp v3-targets
- get snmp v2-configured
- get snmp v3-configured
- get snmp v3-engine-id
- get snmp v3-protocols
- get snmp v3-users
For more information about these commands including examples, see the NSX-T Data Center Command-Line Interface Reference.
Verify that the profile configurations are applied to the KVM hypervisor nodes. Log in to the KVM nodes with root privileges and run the following command:
/opt/vmware/bin/vicfg-snmp -s
If this command does not work, specify the available Python version on the KVM hypervisor, as shown in the following command:
python3 /opt/vmware/bin/vicfg-snmp -s
- Error situations
-
If the node profile configurations are not applied successfully, then there are two possibilities:
- The central configuration was not synchronized with the remote node due to connectivity issues between NSX Manager and the remote node. In this case, you cannot do anything from the central configuration side.
- The central configuration was synchronized with the remote node, but the command to apply the central configuration failed to run. In this case, you can check syslog on the remote node.
In the logs, search for the subcomp="central_node_config_update" string to look for any errors.
For example, the syslog exporter configuration might fail if the host name specified cannot be resolved to IP addresses, or if a second vRealize Log Insight server is being configured.
The following example logs show the error messages:
Log example 1:
2020-05-18T22:56:06.485Z vmw-svc.nsxmanager-sb-36265022-1-rhel NSX 24904 - [nsx@6876 comp="nsx-manager" subcomp="central_node_config_update" username="root" level="INFO"] No change in timezone 2020-05-18T22:56:07.184Z vmw-svc.nsxmanager-sb-36265022-1-rhel NSX 24904 - [nsx@6876 comp="nsx-manager" subcomp="central_node_config_update" username="root" level="INFO"] No change in NTP configuration 2020-05-18T22:56:07.210Z vmw-svc.nsxmanager-sb-36265022-1-rhel NSX 24904 - [nsx@6876 comp="nsx-manager" subcomp="central_node_config_update" username="root" level="INFO"] Updating Syslog configuration 2020-05-18T22:56:08.826Z vmw-svc.nsxmanager-sb-36265022-1-rhel NSX 24904 - [nsx@6876 comp="nsx-manager" subcomp="central_node_config_update" username="root" level="WARNING"] Failed to add syslog exporter {"port": 514, "exporter_name": "264aa005-dfb0-4942-a1c4-f749bfc1a2c4", "protocol": "TCP", "level": "ERR", "server": "vikas.2020.com"}, response: {#012 "error_code": 36569,#012 "error_message": "Error modifying firewall rule due to invalid hostname.",#012 "module_name": "node-services"#012}, status: 400, err: 400 Client Error: Bad Request for url: http://localhost:7441/api/v1/node/services/syslog/exporters
Log example 2:
2020-05-18T22:56:08.839Z vmw-svc.nsxmanager-sb-36265022-1-rhel NSX 24904 - [nsx@6876 comp="nsx-manager" subcomp="central_node_config_update" username="root" level="WARNING"] Failed to add syslog exporter {"port": 514, "exporter_name": "f4e088d4-4b45-42fe-ba1d-7f98838c7f61", "protocol": "LI", "level": "INFO", "server": "loginsight.vmware.com"}, response: {#012 "error_code": 36400,#012 "error_message": "Maximum number of loginsight servers exceeded",#012 "module_name": "node-services"#012}, status: 400, err: 400 Client Error: Bad Request for url: http://localhost:7441/api/v1/node/services/syslog/exporters
Log example 3:
2020-05-18T22:56:10.639Z vmw-svc.nsxmanager-sb-36265022-1-rhel NSX 24904 - [nsx@6876 comp="nsx-manager" subcomp="central_node_config_update" username="root" level="WARNING"] Failed to add syslog exporter {"port": 514, "exporter_name": "d0dc1797-b5dc-42ba-b07d-fe107dd70111", "protocol": "UDP", "level": "INFO", "server": "logging.vmware.com"}, response: {#012 "error_code": 36569,#012 "error_message": "Error modifying firewall rule due to invalid hostname.",#012 "module_name": "node-services"#012}, status: 400, err: 400 Client Error: Bad Request for url: http://localhost:7441/api/v1/node/services/syslog/exporters