Topic
  • 7 replies
  • Latest Post - ‏2013-02-25T23:07:40Z by Trey
SystemAdmin
SystemAdmin
6772 Posts

Pinned topic NFS log target-not logging at all

‏2013-02-21T22:27:33Z |
Hi,

I have created NFS log target.
Following has been created and status is 'UP' for corresponding objects -
1. enabled NFS client settings
2. Created NFS static mount
3. created log target for NFS.

Did a packet capture, I do not see any errors.
I could see traffic flowing from DP to NFS box.

BUT file is NOT getting created.
When I checked the NFS static Mount Status - I see
Files Opened for Read = 0
Files Opened for Write = 0
Files Currently Open = 0

Authorization on NFS is working. Because ealier, I have seen authorization error in packet capture. After providing root access to the DP user, I do not see that error. But file is not getting created.

I followed the instructions at
http://www-01.ibm.com/support/docview.wss?uid=swg21372185

Kindly suggest, what I am missing?
Updated on 2013-02-25T23:07:40Z at 2013-02-25T23:07:40Z by Trey
  • SystemAdmin
    SystemAdmin
    6772 Posts

    Re: NFS log target-not logging at all

    ‏2013-02-21T22:28:51Z  
    No errors in default log, neither on log Target nor on NFS static mount.
  • Trey
    Trey
    225 Posts

    Re: NFS log target-not logging at all

    ‏2013-02-22T02:17:50Z  
    I normally turn on the file system access option in the nfs settings, then via the cli try to copy files into and out of the nfs mount. Just try basic read/write actions to the nfs.

    If you can copy a test file into the nfs mount directory then move it from the nfs directory to say temporary:/// on the device via the devices cli then you can read. Likewise if you can put file there and try use the cli command 'show file' to view the contents of the file then you can write.

    At that point the log target should work. If it does not then you are reduced to starting a packet trace, filter on the nfs server ip, then enable the log target and capture the negotiation.

    Let me know if this does not help or what you find.

    • do not forget to disable the file system access feature when you are done.
  • SystemAdmin
    SystemAdmin
    6772 Posts

    Re: NFS log target-not logging at all

    ‏2013-02-22T17:45:11Z  
    • Trey
    • ‏2013-02-22T02:17:50Z
    I normally turn on the file system access option in the nfs settings, then via the cli try to copy files into and out of the nfs mount. Just try basic read/write actions to the nfs.

    If you can copy a test file into the nfs mount directory then move it from the nfs directory to say temporary:/// on the device via the devices cli then you can read. Likewise if you can put file there and try use the cli command 'show file' to view the contents of the file then you can write.

    At that point the log target should work. If it does not then you are reduced to starting a packet trace, filter on the nfs server ip, then enable the log target and capture the negotiation.

    Let me know if this does not help or what you find.

    • do not forget to disable the file system access feature when you are done.
    THanks for your response.

    well, I tried to logon to NFS dir using CLI.

    Here is the output from cli

    +

    xi50(config)# dir
    Options:
    store:
    temporary:
    image:
    config:
    cert:
    dpcert:
    sharedcert:
    pubcert:
    tasktemplates:
    logtemp:
    logstore:
    audit:
    chkpoints:
    export:
    local:
    nfs-TestNFS:
    xi50(config)# dir TestNFS:

    % TestNFS: - No such file or directory
    xi50(config)# dir nfs-TestNFS:

    % nfs-TestNFS: - No such file or directory
    xi50(config)#
    +++++
    It shows nfs-TestNFS as directory but when I run
    dir nfs-TestNFS - says no such directory.

    I have turned ON Local Filesystem Access on NFS static mount configuration.

    Value in remote NFS Export is this - abc:/vol/apps/ServicebusDataPower01 (host is masked)
    Is there issue with lenght of export. I read somewhere it to be less than 12 characters.

    Trev - Kindly suggest, how can I write/read to NFS using cli.

    FYI - I was going through this (http://www-01.ibm.com/support/docview.wss?uid=swg21398114) to get some clues. And wanted to 'cd' to nfs direcoty and see, if I can put file there?
  • SystemAdmin
    SystemAdmin
    6772 Posts

    Re: NFS log target-not logging at all

    ‏2013-02-22T17:46:31Z  
    THanks for your response.

    well, I tried to logon to NFS dir using CLI.

    Here is the output from cli

    +

    xi50(config)# dir
    Options:
    store:
    temporary:
    image:
    config:
    cert:
    dpcert:
    sharedcert:
    pubcert:
    tasktemplates:
    logtemp:
    logstore:
    audit:
    chkpoints:
    export:
    local:
    nfs-TestNFS:
    xi50(config)# dir TestNFS:

    % TestNFS: - No such file or directory
    xi50(config)# dir nfs-TestNFS:

    % nfs-TestNFS: - No such file or directory
    xi50(config)#
    +++++
    It shows nfs-TestNFS as directory but when I run
    dir nfs-TestNFS - says no such directory.

    I have turned ON Local Filesystem Access on NFS static mount configuration.

    Value in remote NFS Export is this - abc:/vol/apps/ServicebusDataPower01 (host is masked)
    Is there issue with lenght of export. I read somewhere it to be less than 12 characters.

    Trev - Kindly suggest, how can I write/read to NFS using cli.

    FYI - I was going through this (http://www-01.ibm.com/support/docview.wss?uid=swg21398114) to get some clues. And wanted to 'cd' to nfs direcoty and see, if I can put file there?
    Well, I craeted another NFS static mount to eliminate 12 char. condition
    But no gain.

    ++++

    xi50(config)# dir
    Options:
    store:
    temporary:
    image:
    config:
    cert:
    dpcert:
    sharedcert:
    pubcert:
    tasktemplates:
    logtemp:
    logstore:
    audit:
    chkpoints:
    export:
    local:
    nfs-vNFS:
    xi50(config)# dir nfs-vNFS:

    % nfs-vNFS: - No such file or directory
    xi50(config)#
    ++++++
  • Trey
    Trey
    225 Posts

    Re: NFS log target-not logging at all

    ‏2013-02-22T19:21:33Z  
    Well, I craeted another NFS static mount to eliminate 12 char. condition
    But no gain.

    ++++

    xi50(config)# dir
    Options:
    store:
    temporary:
    image:
    config:
    cert:
    dpcert:
    sharedcert:
    pubcert:
    tasktemplates:
    logtemp:
    logstore:
    audit:
    chkpoints:
    export:
    local:
    nfs-vNFS:
    xi50(config)# dir nfs-vNFS:

    % nfs-vNFS: - No such file or directory
    xi50(config)#
    ++++++
    I just ran a quick test on an nfs v3 mount to my 401 and 382 firmware devices and have no problems viewing the contents of the nfs mount.

    I used to see similar one off type problems back on older firmware like 381 and 382. This may not work but try to disable the nfs mount wait a minute then enable, or you can save config and reboot.

    If that does not fix it then maybe we can dig in a little deeper through a pmr and look at your mount settings on the server and device to see what is going on. Once we have this working then we can see about your log target and make sure this is the best option for you.

    I hope this helps.
  • SystemAdmin
    SystemAdmin
    6772 Posts

    Re: NFS log target-not logging at all

    ‏2013-02-22T20:33:49Z  
    • Trey
    • ‏2013-02-22T19:21:33Z
    I just ran a quick test on an nfs v3 mount to my 401 and 382 firmware devices and have no problems viewing the contents of the nfs mount.

    I used to see similar one off type problems back on older firmware like 381 and 382. This may not work but try to disable the nfs mount wait a minute then enable, or you can save config and reboot.

    If that does not fix it then maybe we can dig in a little deeper through a pmr and look at your mount settings on the server and device to see what is going on. Once we have this working then we can see about your log target and make sure this is the best option for you.

    I hope this helps.
    Thanks Trey.

    Well, I had done that - disabling the nfs log target , nfs mount and nfs client setting and then enabling them (reverse order).
    Rebooted the appliance. But no gain.

    I am using XI50.4.0.2.10
    Build:220496

    Btw, when you said, make sure , nfs log target is the best option for you, do you recommend NOT using it( as a best practice ).

    AS of now, we have syslog over UDP. But our audit team suggested against UDP.
    Using syslog over TCP is an option, but syslogs are handled by another (UNIX) group and there is dependency on them to get the logs when in need.

    I mean, what things I should evaluate to decide whether NFS log target is a good option or not.
    I know, connectivity might be an issue and we should have secondary log target, if DP is not able to log on NFS for some reason.
    what else, should be considered?

    Thanks for your responses. They always have been helpful.
  • Trey
    Trey
    225 Posts

    Re: NFS log target-not logging at all

    ‏2013-02-25T23:07:40Z  
    Thanks Trey.

    Well, I had done that - disabling the nfs log target , nfs mount and nfs client setting and then enabling them (reverse order).
    Rebooted the appliance. But no gain.

    I am using XI50.4.0.2.10
    Build:220496

    Btw, when you said, make sure , nfs log target is the best option for you, do you recommend NOT using it( as a best practice ).

    AS of now, we have syslog over UDP. But our audit team suggested against UDP.
    Using syslog over TCP is an option, but syslogs are handled by another (UNIX) group and there is dependency on them to get the logs when in need.

    I mean, what things I should evaluate to decide whether NFS log target is a good option or not.
    I know, connectivity might be an issue and we should have secondary log target, if DP is not able to log on NFS for some reason.
    what else, should be considered?

    Thanks for your responses. They always have been helpful.
    Let me say that this is just a thought to consider based on experiences with other clients I have been lucky enough to work with.
    • DataPowers log targets need to be fast, I personally like a raid log target with something pulling the files off the device
    • If it must be network based then UDP is always faster and less overhead than anything TCP based
    • NFS is a heavy protocol for a log that can generate a lot of traffic
    • the nfs log target is built or resting on top of the nfs mount settings
    (for example if you use a static mount with a 10 second refresh policy and during peak time you are generating say 50 log events per second that is easily 500 lost messages, not to mention the over head of the nfs mount trying to disconnect/reconnect and further log messages lost. I just saw another thread post for a similar log target queue overflow today)

    In the 5.0 firmware TCP and UDP log targets are on equal footing and speed as we start reusing connections over TCP connections now. Prior to 5.0 you would have 1 TCP connection per log event in the case of syslog/tcp.

    I hope this does not scare you away, I have lots of clients using NFS log targets due to business needs and they have seriously high available mount servers and are operating over very nice low loss networks.

    Let me know if you open a pmr and we can try to dig into the mount point not working for you.
    It sounds like permissions on the server side but that is just an educated guess.