You can change the systemvm.iso. Some configurations will not work on
template because the ACS will override them with the iso configurations;
one example is the rsyslog.conf.
When configuring RSyslog in the SystemVM iso you can extract the
cloud-scripts.tgz and find the /etc/rsyslog.conf file. However, configuring
the systemvm.iso is a bit tricky; here are the steps:
1 - find cloud-scripts.tgz in systemvm.iso
2 - Uncompress cloud-scripts:
"gunzip cloud-scripts.tgz"
"tar -xvf <file>"
3 - edit /etc/rsyslog.conf
4 - Compress cloud-scripts:
"cd cloud-scripts"
"tar -cvf - * | gzip > /tmp/cloud-scripts.tgz"
5 - create the new systemvm.iso:
"mkisofs -J -o /tmp/systemvm-new.iso /tmp/systemvm-new"
6 - update the new iso as documented in
https://cwiki.apache.org/confluence/display/CLOUDSTACK/SystemVm.iso#SystemVm.iso-Xen
Just be careful. I would first test the new iso in a lab environment and
then use it in production ;)
2017-10-09 10:52 GMT-03:00 Rafael Weingärtner <raf...@autonomiccs.com.br>:
> Well, quite easy my dear Watson... ;)
>
> First, download the current system VM template that you are using. Then,
> you can execute this template in a player such as VMware player or
> Virtualbox. You have to access the VM, log into it (roor/password).
> Afterward, you can install and configure whatever you want. Save it, stop
> the vm and upload the altered template to ACS. Do not forget to mark the
> type of the template as “routing”. Then, there is a parameter (I forgot the
> name now), that you can configure the name of the template you want to use
> to create VRs from.
>
> And that is all. Was it helpful?!
>
>
> On 10/9/2017 10:42 AM, Alessandro Caviglione wrote:
>
>> Yes, this is what we need! :)
>> But... how can i do it?? :DDD
>>
>> On Mon, Oct 9, 2017 at 3:32 PM, Rafael Weingärtner <
>> raf...@autonomiccs.com.br> wrote:
>>
>> Yes it is possible.
>>>
>>> We already did that, we direct all the logs to a remote log repository,
>>> and then using Graylog we present the information that is aggregated.
>>>
>>>
>>> On 10/9/2017 10:30 AM, Alessandro Caviglione wrote:
>>>
>>> Hi,
>>>> I'm replying because I'm already interested in this topic.
>>>> In fact, we'd like to monitor VR and collect logs with rsyslog.
>>>> So, is it possible to modify the template image to configure an rsyslog
>>>> and
>>>> snmp to allow monitoring of all new deployed VR?
>>>>
>>>> Thank you.
>>>>
>>>> On Wed, Oct 4, 2017 at 5:10 PM, Dag Sonstebo <
>>>> dag.sonst...@shapeblue.com>
>>>> wrote:
>>>>
>>>> Hi Alexander,
>>>>
>>>>> As you point out the attack surface of the VRs have been minimised and
>>>>> the
>>>>> system VMs overall hardened.
>>>>> You have two issues with updating the software on the VRs – an update
>>>>> has
>>>>> the potential to break VR services (or agent services on SSVM/CPVM) as
>>>>> you
>>>>> already mentioned, in addition any updates will obviously be lost the
>>>>> next
>>>>> time you restart a network with cleanup. You would also need to somehow
>>>>> automate the updates on new VRs.
>>>>>
>>>>> In general I would think most CloudStack users will wait for new system
>>>>> VM
>>>>> templates to be released – but interested in hearing other thoughts on
>>>>> this.
>>>>>
>>>>> Regards,
>>>>> Dag Sonstebo
>>>>> Cloud Architect
>>>>> ShapeBlue
>>>>>
>>>>> On 04/10/2017, 15:35, "Stock, Alexander" <alexander.st...@bitgroup.de>
>>>>> wrote:
>>>>>
>>>>> Hi all,
>>>>>
>>>>> at the moment we try to improve our monitoring of the virtual
>>>>> routers
>>>>> in our environment.
>>>>> For this we also monitor the update status of the machines and
>>>>> could
>>>>> see that there are some updates pending (OS Updates not Template
>>>>> Updates) .
>>>>>
>>>>> So what would like to know is if you have some experience in
>>>>> pathing
>>>>> the virtual routers and if you have an update strategy for this
>>>>> (redundant
>>>>> router,etc..).
>>>>> I am in worry that some updates could crash the services which
>>>>> are
>>>>> responsible for communication with the cloudstack controller.
>>>>> I am also not sure if the attack surface is too small to don't
>>>>> worry
>>>>> about patching.
>>>>>
>>>>> Any ideas or comments are welcome.
>>>>> Thank you.
>>>>> Alexander
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> dag.sonst...@shapeblue.com
>>>>> www.shapeblue.com
>>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK
>>>>> @shapeblue
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>> Rafael Weingärtner
>>>
>>>
>>>
> --
> Rafael Weingärtner
>
>
