Airgap Directory 100% full causing problem with downloading TKG cluster images from Airgap.
Article ID: 345743
Updated On:
Products
VMware
VMware Telco Cloud Automation
Issue/Introduction
Provide a method to mitigate /var/log/nginx/access.log filling the disk due to excessive invalid login attempts using invalid credentials.
Environment
VMware Telco Cloud Automation 2.1
VMware Telco Cloud Automation 2.0
VMware Telco Cloud Automation 2.0.1
VMware Telco Cloud Automation 2.3
VMware Telco Cloud Automation 2.2
VMware Telco Cloud Automation 1.x
VMware Telco Cloud Automation 2.0
VMware Telco Cloud Automation 2.0.1
VMware Telco Cloud Automation 2.3
VMware Telco Cloud Automation 2.2
VMware Telco Cloud Automation 1.x
Cause
Excessive invalid login attempts using invalid credentials.
Resolution
Address the source of the excessive invalid login attempts which are using invalid credentials within your environment and install and configure logrotate.
NOTE: All the commands must be executed as root user
Step 1: Disable Airgap Internet Repositories
Step3: Install logrotate and cronie
Step4: Start and Enable crond service
Step 5: Create config files in logrotate.d folder
Step 7: Execute testing:
Workaround:
Address the source of the excessive invalid login attempts which are using invalid credentials within your environment and truncate the /var/log/nginx/access.log
NOTE: All the commands must be executed as root user
Step 1: Disable Airgap Internet Repositories
root# tdnf clean all sed -i 's/^enabled=1/enabled=0/' /etc/yum.repos.d/*.repoStep 2: Enable Airgap Local Repositories
root# echo "[airgapphoton] name=VMware Airgap Photon Release Repo baseurl=https://$HOSTNAME/release/photon gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY gpgcheck=1 enabled=1 skip_if_unavailable=True" > /etc/yum.repos.d/airgapphoton.repo root# echo "[airgappu] name=VMware Airgap Photon Updates Repo baseurl=https://$HOSTNAME/updates/photon-updates gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY gpgcheck=1 enabled=1 skip_if_unavailable=True" > /etc/yum.repos.d/airgappu.repo root# echo "[airgap-telco-debuginfo] name=VMware Airgap Photon Telco Debuginfo baseurl=https://$HOSTNAME/updates/photon-telco-debuginfo gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY gpgcheck=1 enabled=1 skip_if_unavailable=True" > /etc/yum.repos.d/airgap-telco-debuginfo.repo root# echo "[airgap-telco-updates] name=VMware Airgap Photon Telco Updates baseurl=https://$HOSTNAME/updates/photon-telco-updates gpgkey=file:///etc/pki/rpm-gpg/VMWARE-RPM-GPG-KEY gpgcheck=1 enabled=1 skip_if_unavailable=True" > /etc/yum.repos.d/airgap-telco-updates.repo
Step3: Install logrotate and cronie
root# tdnf intall -y logrotate cronie
Step4: Start and Enable crond service
root# systemctl enable --now crond.service root# systemctl status crond.service
Step 5: Create config files in logrotate.d folder
root# echo "/var/log/nginx/*.log {
rotate 10
size 200M
copytruncate
compress
missingok
nodateext
}" > /etc/logrotate.d/nginx
root# echo "/var/log/messages {
prerotate
/usr/bin/chattr -a /var/log/messages
endscript
compress
size 200M
weekly
rotate 8
copytruncate
missingok
postrotate
/usr/bin/kill -HUP rsyslogd
endscript
}" > /etc/logrotate.d/messages
Step 6: Update permissions:chmod +x /etc/cron.daily/logrotate
Step 7: Execute testing:
root # logrotate -f /etc/logrotate.d/nginx root # logrotate -f /etc/logrotate.d/messages4. Validate files have been rotated
root# ls -l /var/log/nginx/ root# ls -l /var/log/
Workaround:
Address the source of the excessive invalid login attempts which are using invalid credentials within your environment and truncate the /var/log/nginx/access.log
Additional Information
Impact/Risks:
N/A
N/A
Attachments
Feedback
Yes
No
Powered by
