Enabling the Error/access log for TKGI managed Load balancer/Virtual servers.
search cancel

Enabling the Error/access log for TKGI managed Load balancer/Virtual servers.

book

Article ID: 379899

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

By default the TKGI provisioned LB  has error_log_level  as "INFO" and Virtual-server has access_log_enabled as "false"

In order to debug more granular traces sometime we need enabling the logs level.

If the LB is Provision using TKGI, the edit operation from the NSX-T UI would be greyed out. However, we can enable the logging using API call.

Environment

VMware NSX

Resolution

1. Enabling ERROR log level for the Load balancer.

GET call to collect the lb-config for the concern LB UUID as .json file.

curl -X GET -H Content-Type:application/json -H X-Allow-Overwrite:True -ku admin https://localhost/api/v1/loadbalancer/services/96308305-###-####-####-575167ee1571 > lb-config.json

{
  "enabled" : true,
  "relax_scale_validation" : true,
  "size" : "SMALL",
  "error_log_level" : "INFO",
  "virtual_server_ids" : [ "9d43f629-####-###-b9ec-0ba9ea44ca7b", "4ec57241-a360-####-####-26f126e15cfe", "ff359d38-ea14-####-####-00659077a415" ],
  "attachment" : {
    "target_id" : "feb9606c-e262-####-####-219ff062fc47",
    "target_display_name" : "t1-domain-c12068:ce0ee018-####-####-8e9b-9b4cffd24ff5-foo-rtr",
    "target_type" : "LogicalRouter",
    "is_valid" : true
  },
  "resource_type" : "LbService",
  "id" : "96308305-###-####-####-575167ee1571",
  "display_name" : "domain-c12068:ce0ee018-####-####-8e9b-9b4cffd24ff5-foo",
  "tags" : [ {
    "scope" : "policyPath",
    "tag" : "/infra/lb-services/domain-c12068:ce0ee018-####-####-8e9b-9b4cffd24ff5_45e4c6da-022d-4a1d-b18b-c0320f0a0bda"
  } ],
  "_system_owned" : false,
  "_create_time" : 1717430254057,
  "_create_user" : "nsx_policy",
  "_last_modified_time" : 1717549696095,
  "_last_modified_user" : "nsx_policy",
  "_protection" : "REQUIRE_OVERRIDE",
  "_revision" : 0
}

Change the "error_log_level"  as "ERROR" in the body from GET Output and save the lb-config.json file, finally Push the changes using PUT API call.

# curl -X PUT -H Content-Type:application/json -H X-Allow-Overwrite:True -ku admin https://localhost/api/v1/loadbalancer/services/96308305-###-####-####-575167ee1571 -d @lb-config.json

PUT Body:

{
  "enabled" : true,
  "relax_scale_validation" : true,
  "size" : "SMALL",
  "error_log_level" : "ERROR",
  "virtual_server_ids" : [ "9d43f629-####-###-b9ec-0ba9ea44ca7b", "4ec57241-a360-####-####-26f126e15cfe", "ff359d38-ea14-####-####-00659077a415" ],
  "attachment" : {
    "target_id" : "feb9606c-e262-####-####-219ff062fc47",
    "target_display_name" : "t1-domain-c12068:ce0ee018-####-####-8e9b-9b4cffd24ff5-foo-rtr",
    "target_type" : "LogicalRouter",
    "is_valid" : true
  },
  "resource_type" : "LbService",
  "id" : "96308305-###-####-####-575167ee1571",
  "display_name" : "domain-c12068:ce0ee018-####-####-8e9b-9b4cffd24ff5-foo",
  "tags" : [ {
    "scope" : "policyPath",
    "tag" : "/infra/lb-services/domain-c12068:ce0ee018-####-####-8e9b-9b4cffd24ff5_45e4c6da-022d-4a1d-b18b-c0320f0a0bda"
  } ],
  "_system_owned" : false,
  "_create_time" : 1717430254057,
  "_create_user" : "nsx_policy",
  "_last_modified_time" : 1726890196496,
  "_last_modified_user" : "admin",
  "_protection" : "REQUIRE_OVERRIDE",
  "_revision" : 1
}  

 

2. Enabling access logs for the virtual server 

GET call to collect the VS-config for the concern virtual server as .json file.
  
#curl -X GET -H Content-Type:application/json -H X-Allow-Overwrite:True -ku admin https://localhost/api/v1/loadbalancer/virtual-servers/9d43f629-####-###-b9ec-0ba9ea44ca7b >vs-config.json

{
  "enabled" : true,
  "access_log_enabled" : false,
  "ip_address" : "10.#.#.3",
  "port" : "6443",
  "ports" : [ "6443" ],
  "ip_protocol" : "TCP",
  "pool_id" : "5630c19d-db17-####-####-d616c245b150",
  "application_profile_id" : "75fc052c-8ebf-####-####-ffabb93da79e",
  "log_significant_event_only" : false,
  "resource_type" : "LbVirtualServer",
  "id" : "9d43f629-####-###-b9ec-0ba9ea44ca7b",
  "display_name" : "domain-c12068:ce0ee018-####-####-8e9b-9b4cffd2--6443",
  "tags" : [ {
    "scope" : "policyPath",
    "tag" : "/infra/lb-virtual-servers/7349cf5c-1953-####-####-96fd35ccec6b_6443"
  } ],
  "_system_owned" : false,
  "_create_time" : 1717432787041,
  "_create_user" : "nsx_policy",
  "_last_modified_time" : 1717432787041,
  "_last_modified_user" : "nsx_policy",
  "_protection" : "REQUIRE_OVERRIDE",
  "_revision" : 0
}

Change the "access_log_enabled" as true in the body from GET Output and save the vs-config.json file, finally Push the changes using PUT API call.

curl -X PUT -H Content-Type:application/json -H X-Allow-Overwrite:True -ku admin https://localhost/api/v1/loadbalancer/virtual-servers/9d43f629-####-###-b9ec-0ba9ea44ca7b -d @vs-config.json

PUT body

{
  "enabled" : true,
  "access_log_enabled" : true, 
  "ip_address" : "10.#.#.3",
  "port" : "6443",
  "ports" : [ "6443" ],
  "ip_protocol" : "TCP",
  "pool_id" : "5630c19d-db17-####-####-d616c245b150",
  "application_profile_id" : "75fc052c-8ebf-####-####-ffabb93da79e",
  "log_significant_event_only" : false,
  "resource_type" : "LbVirtualServer",
  "id" : "9d43f629-####-###-b9ec-0ba9ea44ca7b",
  "display_name" : "domain-c12068:ce0ee018-####-####-8e9b-9b4cffd2--6443",
  "tags" : [ {
    "scope" : "policyPath",
    "tag" : "/infra/lb-virtual-servers/7349cf5c-1953-####-####-96fd35ccec6b_6443"
  } ],
  "_system_owned" : false,
  "_create_time" : 1717432787041,
  "_create_user" : "nsx_policy",
  "_last_modified_time" : 1726889357117,
  "_last_modified_user" : "admin",
  "_protection" : "REQUIRE_OVERRIDE",
  "_revision" : 1
}

Additional Information

Note: Kindly revert the changes back to original setting once scoping is done.

Log location-

Error log -
/var/log/lb/<lb-uuid>/logs/error.log
Access log -
/var/log/lb/<lb-uuid>/logs/access.log