Deploying the SNMP gateway

Edit online

You can deploy the simple network management protocol (SNMP) gateway using either SNMPV2c or SNMPV3.

There are two methods to deploy the SNMP gateway:

  1. By creating a credentials file.

  2. By creating one service configuration yaml file with all the details.

You can use the following parameters to deploy the SNMP gateway based on the versions:

  • The service_type is the snmp-gateway.

  • The service_name is any user-defined string.

  • The count is the number of SNMP gateways to be deployed in a storage cluster.

  • The snmp_destination parameter must be of the format hostname:port.

  • The engine-id is a unique identifier for the device, in hex, and required for SNMPV3 gateway. IBM recommends to use 8000C53F_CLUSTER_FSID_WITHOUT_DASHES_for this parameter.

  • The snmp_community parameter is public for SNMPV2c gateway.

  • The auth-protocol is mandatory for SNMPV3 gateway and is SHA by default.

  • The privacy-protocol is mandatory for SNMPV3 gateway with authentication and encryption.

  • The port is 9464 by default.

  • You must provide a -i _FILENAME_ to pass the secrets and passwords to the orchestrator.

Once the SNMP gateway service is deployed or updated, the Prometheus Alertmanager configuration is automatically updated to forward any alert that has an objectidentifier to the SNMP gateway daemon for further processing.

Prerequisites

Edit online

  • A running IBM Storage Ceph cluster.

  • Root-level access to the nodes.

  • Configuring snmptrapd on the destination host, which is the SNMP management host.

Procedure

Edit online

  1. Log into the Cephadm shell:

    Example 

    [root@host01 ~]# cephadm shell

  2. Create a label for the host on which SNMP gateway needs to be deployed:

    Syntax 

    ceph orch host label add HOSTNAME snmp-gateway

    Example 

    [ceph: root@host01 /]# ceph orch host label add host02 snmp-gateway

  3. Create a credentials file or a service configuration file based on the SNMP version:

    • For SNMPV2c, create the file as follows:

      Example 

      [ceph: root@host01 /]# cat snmp_creds.yml

snmp_community: public

      OR

      Example 

      [ceph: root@host01 /]# cat snmp-gateway.yml

service_type: snmp-gateway
service_name: snmp-gateway
placement:
  count: 1
spec:
  credentials:
    snmp_community: public
  port: 9464
  snmp_destination: 192.168.122.73:162
  snmp_version: V2c

    • For SNMPV3 with authentication only, create the file as follows:

      Example 

      [ceph: root@host01 /]# cat snmp_creds.yml

snmp_v3_auth_username: myuser
snmp_v3_auth_password: mypassword

      OR

      Example 

      [ceph: root@host01 /]# cat snmp-gateway.yml

service_type: snmp-gateway
service_name: snmp-gateway
placement:
  count: 1
spec:
  credentials:
    snmp_v3_auth_password: mypassword
    snmp_v3_auth_username: myuser
  engine_id: 8000C53Ff64f341c655d11eb8778fa163e914bcc
  port: 9464
  snmp_destination: 192.168.122.1:162
  snmp_version: V3

    • For SNMPV3 with authentication and encryption, create the file.

      Example 

      [ceph: root@host01 /]# cat snmp_creds.yml

snmp_v3_auth_username: myuser
snmp_v3_auth_password: mypassword
snmp_v3_priv_password: mysecret

      OR

      Example 

      [ceph: root@host01 /]# cat snmp-gateway.yml

service_type: snmp-gateway
service_name: snmp-gateway
placement:
  count: 1
spec:
  credentials:
    snmp_v3_auth_password: mypassword
    snmp_v3_auth_username: myuser
    snmp_v3_priv_password: mysecret
  engine_id: 8000C53Ff64f341c655d11eb8778fa163e914bcc
  port: 9464
  snmp_destination: 192.168.122.1:162
  snmp_version: V3

  4. Run the ceph orch command:

    Syntax 

    ceph orch apply snmp-gateway --snmp_version=V2c_OR_V3 --destination=SNMP_DESTINATION [--port=PORT_NUMBER]\
[--engine-id=8000C53FCLUSTER_FSID_WITHOUT_DASHES] [--auth-protocol=MDS_OR_SHA] [--privacy_protocol=DES_OR_AES] -i FILENAME

    OR

    Syntax 

    ceph orch apply -i FILENAME.yml

  • For SNMPV2c, with the snmp_creds file, run the ceph orch command with the snmp-version as V2c:

    Example 

    [ceph: root@host01 /]# ceph orch apply snmp-gateway --snmp-version=V2c --destination=192.168.122.73:162 --port=9464 -i snmp_creds.yml

  • For SNMPV3 with authentication only, with the snmp_creds file, run the ceph orch command with the snmp-version as V3 and engine-id:

    Example 

    [ceph: root@host01 /]# ceph orch apply snmp-gateway --snmp-version=V3 --engine-id=8000C53Ff64f341c655d11eb8778fa163e914bcc--destination=192.168.122.73:162 -i snmp_creds.yml

  • For SNMPV3 with authentication and encryption, with the snmp_creds file, run the ceph orch command with the snmp-version as V3, privacy-protocol, and engine-id:

    Example 

    [ceph: root@host01 /]# ceph orch apply snmp-gateway --snmp-version=V3 --engine-id=8000C53Ff64f341c655d11eb8778fa163e914bcc--destination=192.168.122.73:162 --privacy-protocol=AES -i snmp_creds.yml

    OR

  • For all the SNMP versions, with the snmp-gateway file, run the following command:

    Example 

    [ceph: root@host01 /]# ceph orch apply -i snmp-gateway.yml