Release Notes SevOne NMS 7.0.0

Below please find the Release Notes for SevOne NMS 7.0.0. Please contact your Technical Account Manager (if applicable) or Systems Engineering Team or Support Team to discuss and plan the installation. Thank you for being a customer.
Important: Please refer to section Deprecated / Removed Features & Functions for the list of deprecated features / functions.

Browser Requirements

Minimum Resolution: 1200x768 Browsers:

  • Modern, standards-compliant browser
  • JavaScript enabled
  • Pop-up blocker disabled for hostname/IP

The following browsers are supported in the current versions of SevOne. SevOne recommends use of the latest version of your preferred (supported) browser.

Vendor Family SevOne NMS 7.0
Google Chrome Tested & Supported
Mozilla Firefox Tested & Supported
Microsoft Edge Tested & Supported (with limited testing performed)
Apple Safari Supported

Tested = Complete UI regression testing completed prior to release of updates.
Supported = Developer-led testing and resolution of any customer reported defects. No complete UI regression test is performed.

NOTE: Please use the latest browser version of Chrome, Firefox, Edge, and Safari.

Compatibility Matrix

SevOne NMS REST API SevOne Data Insight xStats Adapter
7.0.0 (RHEL) 2.1.48
  • 6.8.x
  • 7.0.x
2.1.11
Note: For details on SevOne Data Insight, please refer to its guides and Release Notes.

Containers

Important: Containerization
As of SevOne NMS 7.0.0, SevOne is distributed using container technology, allowing a more confident deployment of the software. To run administrative commands on a SevOne appliance, the administrator must now execute commands in the context of the intended container.

By default, the container deployment of SevOne is set to be read-only.
CAUTION:
stopIcon DO NOT proceed to SevOne NMS 7.0 if you have Expert Labs customizations. Please contact Expert Labs first. If you have deployed any of your own custom scripting, you may also require amendment(s) to these custom scripts if writing to directory structures that are now in the read-only pod.
  • The host and the container each has its own ssh config; both for the server and the client.
  • To ssh as root, you must use the sudo command.
For details on how to connect IBM SevOne NMS appliance to the Command Line Interface where SevOne NMS software runs in podman containers, please refer to SevOne NMS Connect Appliance using Command Line Interface.

For additional details, please refer to SevOne NMS System Administration Guide and / or SevOne NMS User Guide.

Other Notices

Note: Prior to SevOne NMS 7.0, if you had /etc/sysctl.d/99-sysctl.conf file and had modified net.ipv4.ip_forward, then after the upgrade to SevOne NMS 7.0, you will need to instead create /etc/sysctl.d/90-custom.conf file and add net.ipv4.ip_forward = 0 to it.
Note: SOA version
Please ensure that SevOne NMS cluster is on the same SOA version.
Note: Starting SevOne NMS 6.1, SevOne stores backups of installed hot-patch bundles in /opt/patches.
/opt/patches is a reserved directory; please refrain from making any modifications.
Note: Applies to SevOne NMS 6.8 and prior releases only

During the initial deployment, when you execute SevOne-fix-ssh-keys, it produces /root/.ssh/authorized_keys file which contains your cluster's public keys.

If you have custom keys, the keys must be added to /root/.ssh/custom_keys.pub file.

  • if /root/.ssh/custom_keys.pub file does not exist, using a text editor of your choice, add the new custom key(s) to it.
  • if /root/.ssh/custom_keys.pub file already exists, concatenate the new custom key(s) after the existing custom keys in the file.

To persist the custom keys added in /root/.ssh/custom_keys.pub file, run SevOne-fix-ssh-keys script for the keys in /root/.ssh/custom_keys.pub file to be automatically added in /root/.ssh/authorized_keys file. The /root/.ssh/authorized_keys file will now contain your cluster's public keys along with a set of custom keys stored locally in /root/.ssh/custom_keys.pub file.

Retains 'all' keys - cluster's public keys & custom keys

$ SevOne-fix-ssh-keys

Third-party Packages

The following are third-party packages updated to address security.

  Package Version

General

Java 17.0.10+7 (IBM Semeru Certified)
Kafka For SevOne Data Bus 7.0.0,
  • Internal Kafka Client (for SDP): sarama 1.41.0
  • NMS Kafka Server : 3.6.0-2.13.2.el8
Kernel

4.18.0-553.el8_10

NOTE: The kernel will automatically get installed as part of the upgrade and will be loaded after the reboot of the appliance.

KVM

9.9.0-1.el9

(libvirt-libs)

MySQL 10.6.12-MariaDB
Nginx 1.25.2-0.el8
PHP

8.3.7-1.el8

NOTE: To consume PHP 8, please contact Expert Labs if assistance is needed.

Signature Tools
  • signature-tools-<latest version>-build.<###>.tgz
  • signature-tools-<latest version>-build.<###>.tgz.sha256.txt

For example,

  • signature-tools-2.0.3-build.1.tgz
  • signature-tools-2.0.3-build.1.tgz.sha256.txt
Important: The latest files can be downloaded from IBM Passport Advantage (https://www.ibm.com/software/passportadvantage/pao_download_software.html) via Passport Advantage Online. However, if you are on a legacy / flexible SevOne contract and do not have access to IBM Passport Advantage but have an active Support contract, please contact SevOne Support Team for the file.
Artifacts For new installs / upgrades,
the latest TAR and CHECKSUM files can be downloaded from IBM Passport Advantage (https://www.ibm.com/software/passportadvantage/pao_download_software.html) via Passport Advantage Online. However, if you are on a legacy / flexible SevOne contract and do not have access to IBM Passport Advantage but have an active Support contract, please contact SevOne Support Team for the file.
Fabric Azure Windows 2008 (modified)
Hypervisor OpenStack >= 10.a
VMware
  • Intel-VT or AMD-V CPU extensions
  • ESXi 5.0 and later (VM version 8) - minimum requirement
  • Tested with vSphere Client version 7.0 (ESXi 7.0 and later; VM version 8)

Planning & Preparation

  • Prior to applying the patch, system creates a backup of the files and puts them into an archived file to be reverted.
  • Total Upgrade Time and Polling Outage: On a 20 Peer 200K cluster, upgrade takes approximately 1 hours 30 minutes. The polling outage on this cluster ranged from 3 minutes to 7 minutes. Polling outages can be slightly higher when a MySQL restart is required and it does not include the time it takes for the reboot of a new kernel. Depending on the cluster and load per appliance, times will vary. The total Netflow outage for this cluster ranged from 10 minutes to 15 minutes. Netflow outage can be up to 2 hours since the Netflow shortterm tables which hold 2 hours of data, do not get backed up when MySQL is restarted.

    Important: When a new flow interface is setup with a DNC at capacity, the system collects all existing allowed flows and denies any new flows.
  • The number of peers in a cluster must not exceed 200 peers; this includes the HSAs. This limit is due to MySQL replication maintainer.
  • On large deployments, Object Groups may take 15 minutes to update.

Forward / Reverse Migrations

Please refer to SevOne NMS Upgrade Process Guide published with this release for details on forward / reverse (upgrade / downgrade) migrations. The latest tarball files can be downloaded from IBM Passport Advantage via Passport Advantage Online. However, if you are on a legacy / flexible SevOne contract and do not have access to IBM Passport Advantage but have an active Support contract, please contact SevOne Support Team for the forward / reverse migration files.

Deprecated / Removed Features & Functions

As of SevOne NMS 7.0, the following features/functions have been deprecated / removed.
Feature / Function Reason Deprecated / Removed Next Steps
ReiserFS in Linux Kernel Do not upgrade to SevOne NMS 7.0 or higher if running ReiserFS.

ReiserFS has reached end of support and will be removed from Linux Kernel in 2025. Some customers might have migrated from ReiserFS to XFS type 0 during a past SevOne NPM upgrade, or are still running instances on ReiserFS and must move to XFS Type 1.
If you are not using XFS type 1 for a file system, you must migrate before upgrading to IBM SevOne NPM 7.0.0.

There are two available options to migrate file systems.
  1. Migrate data and configurations from the existing cluster to a new virtual SevOne cluster (P2V migration) using the Device Mover feature. Please refer to the Technical Notice for details or contact IBM Technology Expert Labs for assistance.
  2. Rebuild the existing SevOne appliances. This approach requires that the cluster has hot standby appliances for all affected peers. Please contact IBM Technology Expert Labs for assistance.

If you use physical appliances, the recommendation is to move to virtual appliances. If you need assistance, IBM is ready to help you migrate any peers to the supported file system. For assistance, please reach out to your IBM Technical Account Team, IBM SevOne Support, or IBM Expert Labs.

ftype Restriction: All appliances built as Gentoo have ftype=0 filesystem and are incompatible with SevOne NMS 7.0 unless rebuilt. To check, execute the following command.

$ xfs_info / | grep ftype | awk '{print $6}'
JMX plugin Limited use by clients. Clients using this plugin should look for alternative solutions.
Nokia-Nuage SD-WAN Support Nokia has announced that it plans to significantly reduce development efforts on Nuage SD-WAN and move to a stop sell in the upcoming years. Last Nokia-Nuage features and enhancements were delivered in IBM SevOne NPM 6.7.0. Clients using the solution should upgrade to and remain on IBM SevOne NPM 6.8 until they end their use of Nokia Nuage SD-WAN. SevOne NPM 6.8 will provide 2 years of base support starting February 29, 2024.
Oracle DB Monitoring in DB plugin DB plugin is not widely used to monitor Oracle databases. Clients using the plugin to monitor Oracle database should look for alternative solutions. Clients using the DB plugin to monitor MySQL are not impacted.
TACACS and RADIUS Authentication SevOne NPM is investing in more modern and secure authentication methods following industry best practices. Plan to transition to Active Directory.
Data Miner More modern data export techniques have adopted publish and subscribe data sharing for metrics. SevOne delivered SevOne Data Publisher as a replacement. Replace Data Miner with SevOne Data Publisher to publish real time and historical data.
WebKit PDF Generator This feature was developed as a beta program that has been replaced. SevOne NPM has delivered an integrated, modern, and proven ability to create PDF reports using IBM SevOne Data Insight.
ioDrive ioDrives have reached end of warranty and should be replaced with modern storage. Clients should refresh their physical servers or move to virtual infrastructure.
Config Shell / Cluster Firewall Manager With the move to containers in SevOne NPM 7.0 and RHEL OS in SevOne NPM 6.8, IBM is deprecating Config Shell and Cluster Firewall Manager. Upon upgrading to 7.0.0, use Red Hat Network Manager to configure network connections and Red Hat Firewall Manager to configure firewalls. Both tools are built into Red Hat RHEL OS.
AS enrichment via direct BGP peering As part of continuous product improvement, SevOne is depreciating a legacy method of enriching flow data with AS information via direct BGP peering. SevOne currently ships a regularly updated AS database which automatically enriches flow with AS information. Therefore, the peering method is no longer required.

New Features / Enhancements

  • Containerization: As of SevOne NMS 7.0.0, SevOne is distributed using the container technology, allowing a more confident deployment of the software with improved security as the containers cannot be changed. It enables future product upgrades to be completed more quickly and reliably. The upgraded containers can be installed and initialized in a fraction of the time of RPM-based delivery on Linux.

    Deploying SevOne as containers reduces reliance on initial state, meaning unexpected customer changes to the host are less likely to trigger pre-check errors or interrupt the upgrades.

    By default, the container deployment of SevOne is set to be read-only which improves the pass rate for the security scans.

  • Platform: SevOne NMS clustering functions have been redesigned so that the initial cluster builds are more intuitive and faster to complete. Adding capacity to existing clusters takes less time and effort, especially for larger clusters. In an event when something goes wrong, clusters no longer require recovery and peers failed to add can return to initial state within seconds.

  • Expanded Azure metric collection, including:
    • Azure Virtual Machine Scale Sets Instances
    • Azure ExpressRoute Circuits
    • Azure ExpressRoute Direct
    • Azure ExpressRoute Gateway
    • Azure VPN Gateway
    • Azure Load Balancer
    • Azure Storage

  • New Cisco SDN plugin added to reduce install and setup time.

  • Extended support for Velocloud SD-WAN to collect quality of experience scores and object metadata using APIs.
Important: IMPORTANT
If you want to upgrade SevOne NMS to SevOne NMS 6.8 or higher and you are currently on SevOne NMS version below SevOne NMS 6.1, you must:
  • upgrade from SevOne NMS version below SevOne NMS 6.1 to SevOne NMS 6.7
  • then, upgrade from SevOne NMS 6.7 to SevOne NMS 6.8 or higher

Important: FYI - for FlowFalcon Reports
When SevOne NMS is upgraded from 6.x to 7.0, you many see double entries in flow reports spanning the time frame for when you were running 6.x and 7.0. The reason is that the SaaS data has been normalized for SevOne NMS 7.0 so that going forward, the data will remain constant from one release to the next. This normalization means that older data (stamped with older SaaS ids) may appear as double entries on the reports. This does not affect the accuracy of the reports. From SevOne NMS, Applications > FlowFalcon Reports > under Resolution Settings, fields App Profile and App Category can be set to Display Number or Display Both to view the underlying SaaS ids.

Resolved Issues

Component/s Key Resolved Issues
SDN S1NPM-78003 Device Manager: SDN Plugin can now be configured on devices.
Analytic Threshold S1NPM-78057 Alerts: Count over threshold triggers at N events.
Flow S1NPM-78067 FlowFalcon: The system now recognizes certain IBM enterprise fields related to Kubernetes (pods, nodes, and namespaces).
Platform S1NPM-91975 Platform: Jaeger is updated to v1.50.0.
Platform Operations S1NPM-92014 Device Discovery: $snmpHost is now a member function in DeviceDiscovery.inc.
Platform S1NPM-97485 Platform: The following daemons can now be run with reduced privileges.
  • SevOne-polld
  • SevOne-highpolld
  • SevOne-device-scand
Reporting Other S1NPM-97047 Platform: mailSurfReports can correctly handle reports with invalid / incorrect email ids.
Reporting Flow S1NPM-97268 Flow:
  • Administration > Flow Configuration
    • Protocols and Services renamed to Apps and Protocols
    • Service Mapping renamed to App Mapping
    • Service Profiles renamed to App Profiles
    • Service Categories renamed to App Categories
  • Cluster Manager > Cluster Settings > FlowFalcon
    • Enable Service Enrichment renamed to Enable App Enrichment
  • Flow alerts, service alert, renamed to app alert when the aggregated view selected is Top Applications with Protocol.
  • FlowFalcon Resolution settings
    • Display Service Profile renamed to Display App Profile
    • Display Service Category renamed to Display App Category
  • Webhook Definition Manager > Add/Edit
    • Flow policy variable $flowServiceProfileList renamed to $flowAppProfileList
Reporting Flow S1NPM-97285 REST API: The following endpoints have been renamed from service_profiles to app_profiles.
GET /api/v3/flow/service_profiles > GET /api/v3/flow/app_profiles
POST /api/v3/flow/service_profiles > POST /api/v3/flow/app_profiles
PUT /api/v3/flow/service_profile_mapping > PUT /api/v3/flow/app_profile_mapping

For FlowFalcon resolution settings, the endpoint is POST /api/v3/flow/flowreport.
Reporting Flow S1NPM-97286 REST API: The following endpoints have been renamed from service_categories to app_categories.
GET /api/v3/flow/service_categories > GET /api/v3/flow/app_categories
POST /api/v3/flow/service_categories > POST /api/v3/flow/app_categories
PUT /api/v3/flow/service_categories/{id} > PUT /api/v3/flow/app_categories/{id}
DELETE /api/v3/flow/service_categories/{id} > DELETE /api/v3/flow/app_categories/{id}
POST /api/v3/flow/service_categories/create > POST /api/v3/flow/app_categories/create

Platform Operations S1NPM-97321 Metadata Schema: Deprecated / removed Cisco ACI SevOne metadata attributes removed.
Platform Operations S1NPM-97329 Platform: TACACS support removed from SevOne NMS.
Integration S1NPM-97354 Platform: Failed webhook requests are now logged in messageswitch.log file.
Platform Updates S1NPM-97365 REST API: com.ullink.slack support removed.
Platform Operations S1NPM-97450 Platform: RADIUS support removed from SevOne NMS.
Platform S1NPM-108661 REST API: /api/v3/data/performance_metrics prints the value as numIndicators.
Platform Clustering S1NPM-108715 Cluster Manager: Peers tab >
  • Add Peer renamed to Join Cluster - allows peer to join a cluster. Must enter peer name, cluster IP address, IP address of the peer joining the cluster, and token. Token can be copied from Integration tab.
  • Remove Peer renamed to Leave Cluster.
  • Cluster Manager: Integration tab > Allows user to get and copy the token required when a peer is joining a cluster.
Platform S1NPM-108907 Cluster Manager: SevOne NMS is tuned to store 365 days of data at 300s granularity when operating at full capacity. Modifying data retention or polling frequency from their default values can cause the indicators-per-second load to exceed rated capacity, which may result in service disruption or data loss.
For the following 2 scenarios, if field Data Retention is set to >365 days, you must contact Expert Labs for sizing guidance before modifying data retention settings.
  • Cluster Settings tab > subtab Storage
  • select a peer > Peer Settings tab > subtab Storage

In the warning message, if you answer Yes without obtaining the guidance from Expert Labs, you are proceeding at your own risk.
Platform S1NPM-108976 Platform: Kernel upgraded to 4.18.0-553.el8_10.
Platform S1NPM-109416 Platform: Post-upgrade,
  • /SevOne.info has moved to /config/SevOne.info
  • The following files have been removed from /etc/sevone/ (host).
    - gen-nms-secrets.sh
    - import_data_disk.sh
    - nms-collectors.yaml
    - nms-prometheus.yaml
    - nms-secrets-done
    - nms.yaml
Platform S1NPM-109492 Platform: Custom pages load as expected when SevOne NMS is upgraded to version 6.5.0 or higher using the Graphical User Interface..
Platform S1NPM-109553 Platform: Removed support for JMX and Oracle DB.
Platform Clustering S1NPM-109665 Cluster Manager: Allows a new single peer to Join a cluster and Remove the peer from the cluster.
Platform S1NPM-109929 Platform: All configurations are now placed in /config folder.
Platform S1NPM-109956 Cluster Manager: Cluster Settings tab > Security subtab > in SevOne NMS 7.0.0, field Require Strong Passwords for mysql users is not supported.
Platform S1NPM-109065 SDP: For both Gauge and Counter types, if data is polled as null, SDP sends NaN instead of 0.
Platform S1NPM-109651 SDP: In /config/sdp/config.yml, can set bootstrap.servers with multiple ip:port pairs separated by commas.
Platform S1NPM-110061 Platform:
  • /etc/cron.d/ moved to /config/cron.d/
  • /etc/logrotate.sevone.d/ moved to /config/logrotate.sevone.d/
Platform S1NPM-110121 SDP: When using Kerberos with Active Directory, SDP failed to create a Kafka producer. In /config/sdp/config.yml, enable DisablePAFXFAST to set FAST negotiation for SDP to successfully create the Kafka producer.
Platform S1NPM-110123 SDP: In /config/sdp/config.yml file, allows SDP with the principal to include the realm part. For example,

sasl.gssapi.principal: sdp@EXAMPLE.COM
sasl.gssapi.realm: EXAMPLE.COM
SDP no longer requires the realm part to be removed from the principal before it talks to Kerberos server.

30 issues

CVEs / CWEs / CESAs

CVEs CVEs (continued) CWEs / CESAs
CVE-2007-4559 CVE-2023-28879 CWE-121
CVE-2022-2127 CVE-2023-31486 CESA-2023:6943
CVE-2022-36944 CVE-2023-33285 CESA-2023:6967
CVE--2022-42003 CVE-2023-33460 CESA-2023:7010
CVE-2022-42004 CVE-2023-34055 CESA-2023:7015
CVE-2022-48560 CVE-2023-34410 CESA-2023:7029
CVE-2022-48564 CVE-2023-34453 CESA-2023:7053
CVE-2023-1786 CVE-2023-34454 CESA-2023:7055
CVE-2023-1981 CVE-2023-34455 CESA-2023:7057
CVE-2023-3138 CVE-2023-34966 CESA-2023:7112
CVE-2023-3446 CVE-2023-34967 CESA-2023:7139
CVE-2023-3817 CVE-2023-34968 CESA-2023:7166
CVE-2023-4016 CVE-2023-37369 CESA-2023:7174
CVE-2023-4641 CVE-2023-38197 CESA-2023:7176
CVE-2023-5072 CVE-2023-38546 CESA-2023:7187
CVE-2023-5678 CVE-2023-39325 CESA-2023:7190
CVE-2023-6378 CVE-2023-44981 CESA-2023:7877
CVE-2023-22745 CVE-2023-46218 CESA-2024:0114
CVE-2023-28322 CVE-2024-22243  

Known Issues

This section lists issues that SevOne is aware of in the 7.0.0 release. Most of these issues were discovered during quality assurance testing and are published here to provide you with information that may be relevant when you plan your update. This list does not include feature requests or low impact issues that do not affect functionality. If you have questions, comments, or concerns, please contact us.

  • If you have a scenario where adding HSA has failed during the masterslave console, format slave step, you may execute the following steps as a workaround.
    • Using a text editor of your choice, edit /config/cron.d/mode file.
    • Search for the line containing discover-netflow.
    • Comment this line by adding a # at the start of this line.
    • Save /config/cron.d/mode file.
    • Add the HSA.
    • Using a text editor of your choice, edit /config/cron.d/mode file again.
    • Search for the line containing discover-netflow.
    • Uncomment this line by removing the # that is at the start of this line.
    • Save /config/cron.d/mode file.
  • REST API docs are unavailable when the domain name has an underscore. For example, http://sevone_test1/api/docs/ or http://sevone_test1.sevone.com/api/docs/.
Component/s Key Known Issues
Collection xStats + Deferred S1NPM-77884 Platform: Evaluation of Synthetic Indicator does not happen when the data point goes into backfill task of process SevOne-ingestion-resolved.
Platform Operations S1NPM-77927 Platform: SevOne import/export does not work with the AWS plugin device.
Platform S1NPM-109155 REST API: The following endpoints are not working as expected.
  • POST /api/v2/devicegroups/rules/apply
  • POST /api/v2/devicegroups/{id}/rules/apply
  • POST /api/v1/objectgroups/{id}/rules/apply
  • POST /api/v2/objectgroups/{id}/rules/apply
  • POST /api/v2/devices/{id}/rules/apply
Platform S1NPM-109240 REST API: Endpoints POST /api/v2/discovery/{id}/run and POST /api/v2/discovery/run are not working as expected.
Platform S1NPM-109725 Platform: Does not allow removal of peer or HSA to be initiated from any peer.
Platform S1NPM-109920 Platform: snmpd does not listen over IPv6 preventing the ability to self-monitor remotely over an IPv6 network.
Platform S1NPM-110046 Platform: SevOne NMS container upgrades may require some features to be re-configured for them to work properly.
Platform S1NPM-110201 SevOne Data Publisher: When configuring the kerberos config krb5.conf file, SDP will not work if variable dns_canonicalize_hostname is set.
Platform S1NPM-110280 Platform:
  • The NAT deployment scripts do not work; modifications to the peers' NAT setup must be executed manually.
  • In SevOne NMS 7.0, peer IP address is checked against the local machine's interfaces. This can be limiting to some customers and flexibility available in SevOne NMS 6.x is required. In SevOne NMS 6.x, peer could be added using an IP address that did not match any of the peer's interface IP addresses as long as the IP address was able to successfully route to the intended machine.
Platform S1NPM-110549 xStats: In SevOne NMS 7.0 and above, the configuration of the xStats adapters based on ADK is not migrated properly after the upgrade from a prior release.

Workaround: The following steps must be executed manually post-upgrade.
  • You must be in the NMS container. To enter the NMS container, execute the following command.
    
    $ sudo podman exec -it nms-nms-nms /bin/bash
    
  • Execute the following command to identify the log rotations and cron.d files for your adapter.
    
    $ echo "adapterName,cronDfile,logDir,logRotateFile";\
    find /opt/sevone-xstats/ -type f -name install.config.json | \
    grep -v backup | \
    while read INSTALLCONFIGFILE;do adapterName=$(cat ${INSTALLCONFIGFILE} | \
    jq -r '.adapterName');LOGDIR=$(cat ${INSTALLCONFIGFILE} | jq -r '.logDir');LOGROTATEDIR=$(cat ${INSTALLCONFIGFILE} | \
    jq -r '.components.Logrotate.logrotateDir');LOGROTATEFILE=$(cat ${INSTALLCONFIGFILE} | \
    jq -r '.components.Logrotate.logrotateFile');CRONDIR=$(cat ${INSTALLCONFIGFILE} | \
    jq -r '.components.Cron.cronDir');CRONDFILE=$(cat ${INSTALLCONFIGFILE} | \
    jq -r '.components.Cron.cronFile');echo "${adapterName},${CRONDIR}/$(eval echo \"$CRONDFILE\"),$(eval echo \"$LOGDIR\"),${LOGROTATEDIR}/$(eval echo \"$LOGROTATEFILE\")";done
    
    where the output is,
    
    adapterName,cronDfile,logDir,logRotate
    GenericCSVTransform,/etc/cron.d/xstats-GenericCSVTransform,/var/log/xstats/GenericCSVTransform,/etc/logrotate.sevone.d/adapter-xstats-GenericCSVTransform
    AccedianCSVTransform,/etc/cron.d/xstats-AccedianCSVTransform,/var/log/xstats/AccedianCSVTransform,/etc/logrotate.sevone.d/xstats-AccedianCSVTransform
    AccedianNidXmlTransform,/etc/cron.d/xstats-AccedianNidXmlTransform,/var/log/xstats/AccedianNidXmlTransform,/etc/logrotate.sevone.d/xstats-AccedianNidXmlTransform
    
  • Move the following files to the correct folder.
    
    $ mv /etc/cron.d/<your xStats adapter name> /config/cron.d/<your xStats adapter name>
    
    $ mv /etc/logrotate.sevone.d/adapter-xstats* /config/logrotate.sevone.d/
    
    $ mv /etc/logrotate.sevone.d/xstats* /config/logrotate.sevone.d/ 
    
Platform S1NPM-112275 Platform: After deploying an appliance from vCenter using .ova file, you must select your desired model.
  • SSH into your SevOne NMS appliance and log in as support.
    
    $ ssh support@<NMS appliance>
    
  • Connect to the NMS container.
    
    $ podman --url=unix:/run/podman_sevone/podman.sock exec -it nms-nms-nms /bin/bash
    
  • Once logged into the container, execute the following command and enter your desired PAS / DNC appliance model.
    
    $ SevOne-select -m all appliance <enter your desired PAS / DNC appliance model>
    
Note: You may refer to Known Issue DT396315 for details.
Platform S1NPM-112463 Platform: Peering does not properly distribute ssh keys in Hub-and-Spoke setup.

NMS supports a Hub-and-Spoke setup, where some peers cannot reach each other across the network, as long as the cluster master / cluster leader is fully reachable by all peers. The objective is to make a best-effort attempt to support functions that do not strictly require connectivity to other peers. One case where this standard is not reached is during peering. If a new peer is being added to the cluster which lacks connectivity to just one other peer (not even the cluster master / cluster leader) then, while peering will succeed, the distribution of ssh keys will fail, and no keys will be distributed.

2024-09-23T21:38:49+00:00 SevOne soa: {"error":"rpc error: code = FailedPrecondition desc = problem encountered executing command",\
"fatal":false,"level":"warning","method":"AddNewNodeStage2","module":"clusterOrchestrator",\
"msg":"failed to fix ssh keys, user should manually fix them from the cluster leader","time":"2024-09-23T21:38:49Z"}

This prevents ssh communication even between peers that are connected across the network, including the cluster master / cluster leader. Running SevOne-fix-ssh-keys manually from the new peer also fails.

$ SevOne-fix-ssh-keys

time=2024-09-23T22:37:30.503Z level=ERROR msg="error getting public keys" error=<nil> failureIds="[PeerId: 2 | Peer State: Active]"
The reason is simply that the operation bails entirely if keys are failed to be obtained from even a single peer.

Workaround: Run SevOne-fix-ssh-keys manually on the Cluster Master / Cluster Leader after peering.

12 issues