starlingx/docs
Code Issues Proposed changes
docs/doc/source/fault-mgmt/adding-an-snmp-community-string-using-the-cli.rst
Stone 037c99f0b7 Fault Management doc 
Added Data Networks toctree

Changed case on doc title in top level index - changed doc directory to
fault-mgmt.

Added Distributed Cloud section.

Broke out "OpenStack Fault Management Overview" statement about remote log
collection to conditionally included file.

Incorporated patch 6 review comments. Also implemented rST :abbr:
for first instance of SNMP in each file.

Changed port number and community string in two SNMP walk examples.

Change-Id: I1afd71265e752c4c9a54bf2dc9a173b3e17332a7
Signed-off-by: Stone <ronald.stone@windriver.com>
2020-11-27 14:13:00 -05:00

3.8 KiB
Raw Blame History

Add an SNMP Community String Using the CLI

To enable SNMP (Simple Network Management Protocol) services you need to define one or more SNMP community strings using the command line interface.

No default community strings are defined on after the initial commissioning of the cluster. This means that no SNMP operations are enabled by default.

The following exercise illustrates the system commands available to manage and query SNMP community strings. It uses the string commstr1 as an example.

Caution

For security, do not use the string public, or other community strings that could easily be guessed.

All commands must be executed on the active controller's console, which can be accessed using the OAM floating IP address. You must acquire Keystone admin credentials in order to execute the commands.

  1. Add the SNMP community string commstr1 to the system.

    ~(keystone_admin)$ system snmp-comm-add -c commstr1
+-----------+--------------------------------------+
| Property  | Value                                |
+-----------+--------------------------------------+
| access    | ro                                   |
| uuid      | eccf5729-e400-4305-82e2-bdf344eb868d |
| community | commstr1                             |
| view      | .1                                   |
+-----------+--------------------------------------+

    The following are attributes associated with the new community string:

    access

    The SNMP access type. In all community strings provide read-only access.

    uuid

    The UUID associated with the community string.

    community

    The community string value.

    view

    The is always the full MIB tree.

  2. List available community strings.

    ~(keystone_admin)$ system snmp-comm-list
+----------------+--------------------+--------+
| SNMP community | View               | Access |
+----------------+--------------------+--------+
| commstr1       | .1                 | ro     |
+----------------+--------------------+--------+

  3. Query details of a specific community string.

    ~(keystone_admin)$ system snmp-comm-show commstr1
+------------+--------------------------------------+
| Property   | Value                                |
+------------+--------------------------------------+
| access     | ro                                   |
| created_at | 2014-08-14T21:12:10.037637+00:00     |
| uuid       | eccf5729-e400-4305-82e2-bdf344eb868d |
| community  | commstr1                             |
| view       | .1                                   |
+------------+--------------------------------------+

  4. Delete a community string.

    ~(keystone_admin)$ system snmp-comm-delete commstr1
Deleted community commstr1

Community strings in provide query access to any SNMP monitor workstation that can reach the controller's OAM address on UDP port 161.

You can verify SNMP access using any monitor tool. For example, the freely available command snmpwalk can be issued from any host to list the state of all SNMP Object Identifiers (OID):

$ snmpwalk -v 2c -c commstr1 10.10.10.100 > oids.txt

In this example, 10.10.10.100 is the OAM floating IP address. The output, which is a large file, is redirected to the file oids.txt.