Using Cloud Eye to Automatically Detect Server Environments and Provide Event Notifications
Description
In routine system O&M, administrators must frequently inspect machine environments to ensure system stability and security. However, traditional inspection methods often rely on manual operations, which are time-consuming, labor-intensive, and prone to overlooking latent issues. To address these challenges, Cloud Eye Agent now features automated machine environment inspection. With this capability, the Cloud Eye Agent automatically detects vulnerabilities and configuration issues within the environment. It then reports these findings to the Lite Server, where they are displayed as event notifications on the console. You are also provided with direct links to the corresponding repair tasks. This ensures that you can identify system issues in real time and take immediate corrective action, significantly enhancing both the security and stability of the system.
Constraints
Only Snt9b nodes and Snt9b23 supernodes are supported.
New events and recovery events can only be reported after Cloud Eye Agent of the latest version is installed.
Prerequisites
Cloud Eye Agent has been installed on the Lite Server by default. If it is not installed, install it by referring to Installing or Upgrading the Cloud Eye Agent Plugin on a Lite Server.
Viewing Events
- New console: In the navigation pane, choose Resource Management > Lite Compute Resources > Lite Servers.
- Old console: In the navigation pane, choose Resource Management > Lite Servers.
In the upper left corner of the page, you can view the number of event notifications. Click the number to go to the event notification details page and view the details.
On the displayed page, view the event details and handling suggestions. Click Repair in the Operation column to rectify the fault.
| No. | Check Item | Description | Solution |
|---|---|---|---|
| 1 | System software OpenSSH vulnerability | This event is reported when the system software version is earlier than 8.8p1-2.r34. | Call the Ascend system configuration task in the Lite Server task center to upgrade the system software. |
| 2 | System software ipvs-fnat vulnerability | This event is reported when the system software version is earlier than 1.0.1-161.r5. | Call the Ascend system configuration task in the Lite Server task center to upgrade the system software. |
| 3 | Abnormal MCU upgrade process in the firmware_check.sh script | This event is reported when firmware_check.sh or upgrade_mcu.sh does not exist in the /opt/huawei/firmware_check directory, or firmware_check.sh does not contain any identifier (the version is considered as an earlier version). | Call the Ascend system configuration task in the Lite Server task center to replace the script with the latest one. |
| 4 | No UDP hash configured for old HCE images (exist for images earlier than RC3.3) | This event is reported when uplink_hash_config.py or uplink_hash_config.sh does not exist in the /opt/huawei/port_config directory. | Call the Ascend system configuration task in the Lite Server task center to replace the script with the latest one. |
| 5 | New configuration for crash_kernel | This event is reported when the kernel.printk, crashkernel, and kernel.softlockup_panic configurations are not optimal. | Call the Ascend system configuration task in the Lite Server task center to modify the configuration to the latest specified one. |
| 6 | Cloud Eye Agent incompatible with HDK | This event is reported when the Cloud Eye Agent version is earlier than 2.8.2.2 and the HDK version is earlier than 25.x. | Call the Ascend software upgrade task in the Lite Server task center to upgrade Cloud Eye Agent to the specified version. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
