Local CLI syslog settings on a VMware NSX edge node are deleted after a short period while central-config is disabled.
search cancel

Local CLI syslog settings on a VMware NSX edge node are deleted after a short period while central-config is disabled.

book

Article ID: 322540

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • Running VMware NSX 3.2.1.x
  • On the VMware NSX Edge Node, the central config was disabled using :
set node central-config disable
  • On the VMware NSX Edge Node, the following command was used to configure the logging server :
set logging-server <syslog-server-ip-address:port> proto udp level info
  • The config was then verified using :
get logging-servers
  • You see the central config disable on the node in the log file: /var/log/nvpapi/api_access.log
INFO admin 'PUT /api/v1/node/central-config --- New value: {"local_override": true}' 200 337 "" "" 0.415945
  • In the NSX manager log /var/log/proton/nsxapi.log you see:
INFO ActivityWorkerPool-1-0 EdgeNodeConfigUtils 4690 FABRIC [nsx@6876 comp="nsx-manager" level="INFO" subcomp="manager"] [entId=EdgeTransportNode//infra/sites/default/enforcement-points/default/edge-transport-node/########-5d1b-4578-be6a-############] External config vs EdgeNode, The following settings are different
SYSLOG : null 
INFO ActivityWorkerPool-1-0 EdgeTransportNodeFabricUtils 4690 FABRIC [nsx@6876 comp="nsx-manager" level="INFO" subcomp="manager"] Edge ########-5d1b-4578-be6a-############. Apply config {"log_servers_config": {}}.
INFO ActivityWorkerPool-1-0 EdgeTNConfigServiceImpl 4690 FABRIC [nsx@6876 comp="nsx-manager" level="INFO" subcomp="manager"] Send/recieve config request log_servers_config {
}
INFO ActivityWorkerPool-1-0 EdgeTNMessagingServiceImpl 4690 FABRIC [nsx@6876 comp="nsx-manager" level="INFO" subcomp="manager"] Edge.sendRpcRequest: sent message (id:[########-ea37-4b3e-b229-############:1] in [301] msec):
log_servers_config {
}



Environment

VMware NSX-T Data Center
VMware NSX

Resolution

This issue is resolved in VMware NSX 4.2.0

Workaround:

If the effective syslog config on edge matches the user desired state, use either of the below options:

  • Option 1. You can reconcile the edge's current state on the Manager using the API :
POST https://{{mp}}/api/v1/transport-nodes/{{edge-id}}?action=refresh_node_configuration&resource_type=EdgeNode
  • Option 2. If the VMware NSX-T manager has an open alarm for the syslog mismatch on the edge node, resolve the alarm in the UI, accepting the Edge Appliance values.

If syslog config on Edge needs editing, not matching user desired state:

1. First disable central-config on each edge node that requires editing, using the following PUT API call :
PUT https://{{mp}}/api/v1/transport-nodes/<edge-id>/node/central-config
{
"local_override": true
}
2. Then use the following GET API call to get the current configuration for each edge node which requires editing :
GET https://{{mp}}/api/v1/transport-nodes/{{edge-id}}
3. Then using the details from the GET, add an extra field under 'node_settings' for the syslog servers and use the PUT API to send the edited configuration back to the edge node:
PUT https://{{mp}}/api/v1/transport-nodes/{{edge-id}} 

Note: Please review the following YAML guide on formatting for syslog server configuration: Refer to YAML documentation 

Powered by Wolken Software