You can change the systemvm.iso. Some configurations will not work on template because the ACS will override them with the iso configurations; one example is the rsyslog.conf.
When configuring RSyslog in the SystemVM iso you can extract the cloud-scripts.tgz and find the /etc/rsyslog.conf file. However, configuring the systemvm.iso is a bit tricky; here are the steps: 1 - find cloud-scripts.tgz in systemvm.iso 2 - Uncompress cloud-scripts: "gunzip cloud-scripts.tgz" "tar -xvf <file>" 3 - edit /etc/rsyslog.conf 4 - Compress cloud-scripts: "cd cloud-scripts" "tar -cvf - * | gzip > /tmp/cloud-scripts.tgz" 5 - create the new systemvm.iso: "mkisofs -J -o /tmp/systemvm-new.iso /tmp/systemvm-new" 6 - update the new iso as documented in https://cwiki.apache.org/confluence/display/CLOUDSTACK/SystemVm.iso#SystemVm.iso-Xen Just be careful. I would first test the new iso in a lab environment and then use it in production ;) 2017-10-09 10:52 GMT-03:00 Rafael Weingärtner <raf...@autonomiccs.com.br>: > Well, quite easy my dear Watson... ;) > > First, download the current system VM template that you are using. Then, > you can execute this template in a player such as VMware player or > Virtualbox. You have to access the VM, log into it (roor/password). > Afterward, you can install and configure whatever you want. Save it, stop > the vm and upload the altered template to ACS. Do not forget to mark the > type of the template as “routing”. Then, there is a parameter (I forgot the > name now), that you can configure the name of the template you want to use > to create VRs from. > > And that is all. Was it helpful?! > > > On 10/9/2017 10:42 AM, Alessandro Caviglione wrote: > >> Yes, this is what we need! :) >> But... how can i do it?? :DDD >> >> On Mon, Oct 9, 2017 at 3:32 PM, Rafael Weingärtner < >> raf...@autonomiccs.com.br> wrote: >> >> Yes it is possible. >>> >>> We already did that, we direct all the logs to a remote log repository, >>> and then using Graylog we present the information that is aggregated. >>> >>> >>> On 10/9/2017 10:30 AM, Alessandro Caviglione wrote: >>> >>> Hi, >>>> I'm replying because I'm already interested in this topic. >>>> In fact, we'd like to monitor VR and collect logs with rsyslog. >>>> So, is it possible to modify the template image to configure an rsyslog >>>> and >>>> snmp to allow monitoring of all new deployed VR? >>>> >>>> Thank you. >>>> >>>> On Wed, Oct 4, 2017 at 5:10 PM, Dag Sonstebo < >>>> dag.sonst...@shapeblue.com> >>>> wrote: >>>> >>>> Hi Alexander, >>>> >>>>> As you point out the attack surface of the VRs have been minimised and >>>>> the >>>>> system VMs overall hardened. >>>>> You have two issues with updating the software on the VRs – an update >>>>> has >>>>> the potential to break VR services (or agent services on SSVM/CPVM) as >>>>> you >>>>> already mentioned, in addition any updates will obviously be lost the >>>>> next >>>>> time you restart a network with cleanup. You would also need to somehow >>>>> automate the updates on new VRs. >>>>> >>>>> In general I would think most CloudStack users will wait for new system >>>>> VM >>>>> templates to be released – but interested in hearing other thoughts on >>>>> this. >>>>> >>>>> Regards, >>>>> Dag Sonstebo >>>>> Cloud Architect >>>>> ShapeBlue >>>>> >>>>> On 04/10/2017, 15:35, "Stock, Alexander" <alexander.st...@bitgroup.de> >>>>> wrote: >>>>> >>>>> Hi all, >>>>> >>>>> at the moment we try to improve our monitoring of the virtual >>>>> routers >>>>> in our environment. >>>>> For this we also monitor the update status of the machines and >>>>> could >>>>> see that there are some updates pending (OS Updates not Template >>>>> Updates) . >>>>> >>>>> So what would like to know is if you have some experience in >>>>> pathing >>>>> the virtual routers and if you have an update strategy for this >>>>> (redundant >>>>> router,etc..). >>>>> I am in worry that some updates could crash the services which >>>>> are >>>>> responsible for communication with the cloudstack controller. >>>>> I am also not sure if the attack surface is too small to don't >>>>> worry >>>>> about patching. >>>>> >>>>> Any ideas or comments are welcome. >>>>> Thank you. >>>>> Alexander >>>>> >>>>> >>>>> >>>>> >>>>> dag.sonst...@shapeblue.com >>>>> www.shapeblue.com >>>>> 53 Chandos Place, Covent Garden, London WC2N 4HSUK >>>>> @shapeblue >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -- >>> Rafael Weingärtner >>> >>> >>> > -- > Rafael Weingärtner > >