通常は vCenter Server から設定を行うのだと思いますが、検証利用などで ESXi を単体で利用している状況でSNMPトラップの設定を行いました。
簡単にメモを残しておきます。
SNMP関連の設定
ESXi のコンソールに SSH でログインして、esxcli コマンドを使ってSNMP関連の設定を行うことができます。
設定した内容は即時反映されるようです。特にSNMPサービスの再起動などは必要ありません。
もしSNMPサービスを再起動したい場合は、以下のようなコマンドで行うことができます。
[root@localhost:~] /etc/init.d/snmpd stop [root@localhost:~] /etc/init.d/snmpd stop root: snmpd Running from interactive shell, running command: esxcli system snmp set -e false. [root@localhost:~] /etc/init.d/snmpd start root: snmpd, administrative restart detected, enabling agent. root: snmpd setting up resource reservations. root: snmpd opening firewall port(s) for notifications. root: snmpd watchdog for snmpd started.root: snmpd Running from interactive shell, running command: esxcli system snmp set -e false.
初期状態
ESXi 6.0 をインストールした直後の SNMP 関連の設定は以下の通りです。
ここに設定を入れていきます。
[root@localhost:~] esxcli system snmp get Authentication: Communities: Enable: false Engineid: 00000063000000a100000000 Hwsrc: indications Largestorage: true Loglevel: info Notraps: Port: 161 Privacy: Remoteusers: Syscontact: Syslocation: Targets: Users: V3targets:
Community名の設定
[root@localhost:~] esxcli system snmp set -c public [root@localhost:~] esxcli system snmp get Authentication: Communities: public Enable: false Engineid: 00000063000000a100000000 Hwsrc: indications Largestorage: true Loglevel: info Notraps: Port: 161 Privacy: Remoteusers: Syscontact: Syslocation: Targets: Users: V3targets:
Targets(SNMPトラップの送信先)の設定
Targets(SNMPトラップの送信先)を設定する場合は、「-t」オプションを使用します。
[root@localhost:~] esxcli system snmp set -t 192.168.10.100@162/public [root@localhost:~] esxcli system snmp get Authentication: Communities: public Enable: false Engineid: 00000063000000a100000000 Hwsrc: indications Largestorage: true Loglevel: info Notraps: Port: 161 Privacy: Remoteusers: Syscontact: Syslocation: Targets: 192.168.10.100@162 public Users: V3targets:
「@162」はポート番号を指定しますが、省略したら自動的に「162」にセットされます。
また、カンマ(,)区切りで、3つまで送信先を指定することができます。
この設定は上書きになりますので、一部だけ変更したい場合でも、変更ない部分を含めてすべてを指定した形でコマンドを実行する必要がありますので、注意が必要です。
例えば、上記のサンプル結果に対して「192.168.10.101」を追加したい場合は、以下のようなコマンドになります。
[root@localhost:~] esxcli system snmp set -t 192.168.10.100@162/public,192.168.10.101@162/public [root@localhost:~] esxcli system snmp get Authentication: Communities: public Enable: true Engineid: 00000063000000a100000000 Hwsrc: indications Largestorage: true Loglevel: info Notraps: Port: 161 Privacy: Remoteusers: Syscontact: Syslocation: Targets: 192.168.10.100@162 public, 192.168.10.101@162 public Users: V3targets:
SNMPの有効化(Enable)
[root@localhost:~] esxcli system snmp set -e yes [root@localhost:~] esxcli system snmp get Authentication: Communities: public Enable: true Engineid: 00000063000000a100000000 Hwsrc: indications Largestorage: true Loglevel: info Notraps: Port: 161 Privacy: Remoteusers: Syscontact: Syslocation: Targets: 192.168.10.7@162 public Users: V3targets:
参考
esxcli コマンドのヘルプは以下の通りです。
Usage: esxcli system snmp set [cmd options] Description: set This command allows the user to set up ESX SNMP agent. Cmd options: -a|--authentication=<str> Set default authentication protocol. Values: none, MD5, SHA1 -c|--communities=<str> Set up to ten communities each no more than 64 characters. Format is: community1[,community2,...] (this overwrites previous settings) -e|--enable Start or stop SNMP service. Values: [yes|no, true|false, 0|1] -E|--engineid=<str> Set SNMPv3 engine id. Must be at least 10 to 32 hexadecimal characters. 0x or 0X is stripped if found as well as colons (:) -y|--hwsrc=<str> Where to source hardware events from IPMI sensors or CIM Indications. One of: indications|sensors -s|--largestorage Support large storage for hrStorageAllocationUnits * hrStorageSize. Values: [yes|no, true|false, 0|1]. Control how the agent reports hrStorageAllocationUnits, hrStorageSize and hrStorageUsed in hrStorageTable. Setting this directive to 1 to support large storage with small allocation units, the agent re-calculates these values so they all fit Integer32 and hrStorageAllocationUnits * hrStorageSize gives real size of the storage ( Note: hrStorageAllocationUnits will not be real allocation units if real hrStorageSize won't fit into Integer32 ). Setting this directive to 0 turns off this calculation and the agent reports real hrStorageAllocationUnits, but it might report wrong hrStorageSize for large storage because the value won't fit into Integer32. -l|--loglevel=<str> System Agent syslog logging level: debug|info|warning|error -n|--notraps=<str> Comma separated list of trap oids for traps not to be sent by agent. Use value 'reset' to clear setting -p|--port=<long> Set UDP port to poll snmp agent on. The default is udp/161 -x|--privacy=<str> Set default privacy protocol. Values: none, AES128 -R|--remote-users=<str> Set up to five inform user ids. Format is: user/auth-proto/-|auth-hash/priv-proto/-|priv-hash/engine-id[,...] Where user is 32 chars max. auth-proto is none|MD5|SHA1, priv-proto is none|AES. '-' indicates no hash. engine-id is hex string '0x0-9a-f' up to 32 chars max. -r|--reset Return agent configuration to factory defaults -C|--syscontact=<str> System contact string as presented in sysContact.0. Up to 255 characters -L|--syslocation=<str> System location string as presented in sysLocation.0. Up to 255 characters. -t|--targets=<str> Set up to three targets to send SNMPv1 traps to. Format is: ip-or-hostname[@port]/community[,...] The default port is udp/162. (this overwrites previous settings) -u|--users=<str> Set up to five local users. Format is: user/-|auth-hash/-|priv-hash/model[,...] Where user is 32 chars max. '-' indicates no hash. Model is one of (none|auth|priv). -i|--v3targets=<str> Set up to three SNMPv3 notification targets. Format is: ip-or-hostname[@port]/remote-user/security-level/trap|inform[,...].