오늘은 VMware 에서 제공하는 MIB(Management Information Base)를 다운로드 받아, SNMP를 이용하여 외부에서 ESXi Host의 정보를 획득하는 방법에 대해서 소개합니다.
테스트 환경인 만큼 방화벽 해제 등의 절차가 포함되어 있습니다.
[구성 환경]
ESXi 7.0 // SNMP Agent
CentOS 7.9 // SNMP Manager
[구성 절차]
ESXi Host
1. SNMP Agent 설정
| # esxcli system snmp set -c public -e true # esxcli system snmp get Authentication: Communities: public Enable: true Engineid: 80001ADC0518090950711671618336 Hwsrc: indications Largestorage: true Loglevel: warning Notraps: Port: 161 Privacy: Remoteusers: Syscontact: Syslocation: Targets: Users: V3targets: |
2. ESXi 방화벽 해제
| # localcli network firewall set -e false # localcli network firewall unload # localcli network firewall get Firewall: DefaultAction: PASS Enabled: false Loaded: false |
CentOS
1. Local YUM Repository 설정
https://haewon83.tistory.com/32 를 참고하여, Offline 환경에서 YUM Repository를 설정합니다.
2. Linux 방화벽 해제
| # systemctl stop firewalld # systemctl disable firewalld |
3. SNMP Package 설치
| # yum -y install net-snmp net-snmp-util |
4. VMware MIB 다운로드
https://kb.vmware.com/s/article/1013445 를 참고하시어 VMware VIB 압축 파일을 다운로드 합니다.
5. VMware MIB 업로드 및 압축 해제
다운로드 받은 VMware-mibs-7.0.0-15924762.zip 파일을 CentOS로 업로드 한 후 /usr/share/snmp/mibs/ 경로로 복사합니다. 복사 후 압축 해제하여 /usr/share/snmp/mibs/ 폴더 하위에 다음과 같이 MIB 파일들이 정상적으로 위치하는지 확인합니다.
| [root@localhost vmw]# ls BRIDGE-MIB.mib notifications.txt VMWARE-NSX-MANAGER-AGENTCAP-MIB.mib ENTITY-MIB.mib P-BRIDGE-MIB.mib VMWARE-NSX-MANAGER-MIB.mib HOST-RESOURCES-MIB.mib Q-BRIDGE-MIB.mib VMWARE-OBSOLETE-MIB.mib HOST-RESOURCES-TYPES.mib README VMWARE-PRODUCTS-MIB.mib IANA-ADDRESS-FAMILY-NUMBERS-MIB.mib RMON2-MIB.mib VMWARE-RESOURCES-MIB.mib IANA-ENTITY-MIB.mib RMON-MIB.mib VMWARE-ROOT-MIB.mib IANAifType-MIB.mib SNMP-FRAMEWORK-MIB.mib VMWARE-SRM-EVENT-MIB.mib IANA-RTPROTO-MIB.mib SNMP-MPD-MIB.mib VMWARE-SYSTEM-MIB.mib IEEE8021-BRIDGE-MIB.mib SNMPv2-CONF.mib VMWARE-TC-MIB.mib IEEE8021-Q-BRIDGE-MIB.mib SNMPv2-MIB.mib VMWARE-TUNNEL-SERVER-AGENTCAP-MIB.mib IEEE8021-TC-MIB.mib SNMPv2-SMI.mib VMWARE-TUNNEL-SERVER-MIB.mib IEEE8023-LAG-MIB.mib SNMPv2-TC.mib VMWARE-VA-AGENTCAP-MIB.mib IF-MIB.mib TCP-MIB.mib VMWARE-VC-EVENT-MIB.mib incompatible TOKEN-RING-RMON-MIB.mib VMWARE-VCHA-MIB.mib INET-ADDRESS-MIB.mib UDP-MIB.mib VMWARE-VCOPS-EVENT-MIB.mib IP-FORWARD-MIB.mib UUID-TC-MIB.mib VMWARE-VMINFO-MIB.mib IP-MIB.mib vc-alarms-65.csv VMWARE-VRNI-AGENTCAP-MIB.mib IPV6-FLOW-LABEL-MIB.mib VMWARE-CIMOM-MIB.mib VMWARE-VRNI-MIB.mib list-ids-diagnostics.txt VMWARE-ENV-MIB.mib VMWARE-VROPS-AGENTCAP-MIB.mib LLDP-V2-MIB.mib VMWARE-ESX-AGENTCAP-MIB.mib VMWARE-VROPS-MIB.mib LLDP-V2-TC-MIB.mib VMWARE-HEARTBEAT-MIB.mib [root@localhost vmw]# mv * ../ [root@localhost vmw]# ls [root@localhost vmw]# cd .. [root@localhost mibs]# ls AGENTX-MIB.txt LLDP-V2-MIB.mib SNMPv2-TC.txt BRIDGE-MIB.mib LLDP-V2-TC-MIB.mib SNMPv2-TM.txt BRIDGE-MIB.txt LM-SENSORS-MIB.txt SNMP-VIEW-BASED-ACM-MIB.txt DISMAN-EVENT-MIB.txt MTA-MIB.txt TCP-MIB.mib DISMAN-SCHEDULE-MIB.txt NET-SNMP-AGENT-MIB.txt TCP-MIB.txt DISMAN-SCRIPT-MIB.txt NET-SNMP-EXAMPLES-MIB.txt TOKEN-RING-RMON-MIB.mib ENTITY-MIB.mib NET-SNMP-EXTEND-MIB.txt TRANSPORT-ADDRESS-MIB.txt EtherLike-MIB.txt NET-SNMP-MIB.txt TUNNEL-MIB.txt HCNUM-TC.txt NET-SNMP-PASS-MIB.txt UCD-DEMO-MIB.txt HOST-RESOURCES-MIB.mib NET-SNMP-TC.txt UCD-DISKIO-MIB.txt HOST-RESOURCES-MIB.txt NET-SNMP-VACM-MIB.txt UCD-DLMOD-MIB.txt HOST-RESOURCES-TYPES.mib NETWORK-SERVICES-MIB.txt UCD-IPFWACC-MIB.txt HOST-RESOURCES-TYPES.txt NOTIFICATION-LOG-MIB.txt UCD-SNMP-MIB.txt IANA-ADDRESS-FAMILY-NUMBERS-MIB.mib notifications.txt UDP-MIB.mib IANA-ADDRESS-FAMILY-NUMBERS-MIB.txt P-BRIDGE-MIB.mib UDP-MIB.txt IANA-ENTITY-MIB.mib Q-BRIDGE-MIB.mib UUID-TC-MIB.mib IANAifType-MIB.mib README vc-alarms-65.csv IANAifType-MIB.txt RFC1155-SMI.txt vmw IANA-LANGUAGE-MIB.txt RFC1213-MIB.txt VMWARE-CIMOM-MIB.mib IANA-RTPROTO-MIB.mib RFC-1215.txt VMWARE-ENV-MIB.mib IANA-RTPROTO-MIB.txt RMON2-MIB.mib VMWARE-ESX-AGENTCAP-MIB.mib IEEE8021-BRIDGE-MIB.mib RMON-MIB.mib VMWARE-HEARTBEAT-MIB.mib IEEE8021-Q-BRIDGE-MIB.mib RMON-MIB.txt VMware-mibs-7.0.0-15924762.zip IEEE8021-TC-MIB.mib SCTP-MIB.txt VMWARE-NSX-MANAGER-AGENTCAP-MIB.mib IEEE8023-LAG-MIB.mib SMUX-MIB.txt VMWARE-NSX-MANAGER-MIB.mib IF-INVERTED-STACK-MIB.txt SNMP-COMMUNITY-MIB.txt VMWARE-OBSOLETE-MIB.mib IF-MIB.mib SNMP-FRAMEWORK-MIB.mib VMWARE-PRODUCTS-MIB.mib IF-MIB.txt SNMP-FRAMEWORK-MIB.txt VMWARE-RESOURCES-MIB.mib incompatible SNMP-MPD-MIB.mib VMWARE-ROOT-MIB.mib INET-ADDRESS-MIB.mib SNMP-MPD-MIB.txt VMWARE-SRM-EVENT-MIB.mib INET-ADDRESS-MIB.txt SNMP-NOTIFICATION-MIB.txt VMWARE-SYSTEM-MIB.mib IP-FORWARD-MIB.mib SNMP-PROXY-MIB.txt VMWARE-TC-MIB.mib IP-FORWARD-MIB.txt SNMP-TARGET-MIB.txt VMWARE-TUNNEL-SERVER-AGENTCAP-MIB.mib IP-MIB.mib SNMP-USER-BASED-SM-MIB.txt VMWARE-TUNNEL-SERVER-MIB.mib IP-MIB.txt SNMP-USM-AES-MIB.txt VMWARE-VA-AGENTCAP-MIB.mib IPV6-FLOW-LABEL-MIB.mib SNMP-USM-DH-OBJECTS-MIB.txt VMWARE-VC-EVENT-MIB.mib IPV6-FLOW-LABEL-MIB.txt SNMPv2-CONF.mib VMWARE-VCHA-MIB.mib IPV6-ICMP-MIB.txt SNMPv2-CONF.txt VMWARE-VCOPS-EVENT-MIB.mib IPV6-MIB.txt SNMPv2-MIB.mib VMWARE-VMINFO-MIB.mib IPV6-TCP-MIB.txt SNMPv2-MIB.txt VMWARE-VRNI-AGENTCAP-MIB.mib IPV6-TC.txt SNMPv2-SMI.mib VMWARE-VRNI-MIB.mib IPV6-UDP-MIB.txt SNMPv2-SMI.txt VMWARE-VROPS-AGENTCAP-MIB.mib list-ids-diagnostics.txt SNMPv2-TC.mib VMWARE-VROPS-MIB.mib |
[정보 조회]
1. 최상위 조회
아래 결과 값은 약 2000 라인 이상의 정보를 반환해줍니다.
OID는 Hierarchy 구조이기 때문에 아래 명령어로 전체 내용을 조회할 수 있습니다.
참고로 아래 명령어에서 192.168.1.100은 ESXi Host의 IP Address 입니다.
| [root@localhost mibs]# snmpwalk -m ALL -c public -v 2c 192.168.1.100 SNMPv2-MIB::sysDescr.0 = STRING: VMware ESXi 7.0.2 build-17630552 VMware, Inc. x86_64 SNMPv2-MIB::sysObjectID.0 = OID: VMWARE-PRODUCTS-MIB::vmwESX DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (148800) 0:24:48.00 SNMPv2-MIB::sysContact.0 = STRING: SNMPv2-MIB::sysName.0 = STRING: w2-tse-d14.wsl.vmware.com SNMPv2-MIB::sysLocation.0 = STRING: SNMPv2-MIB::sysServices.0 = INTEGER: 72 SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00 SNMPv2-MIB::sysORID.1 = OID: SNMPv2-MIB::snmpMIB SNMPv2-MIB::sysORID.2 = OID: IF-MIB::ifMIB SNMPv2-MIB::sysORID.3 = OID: IP-MIB::ip SNMPv2-MIB::sysORID.4 = OID: IP-FORWARD-MIB::ipForward SNMPv2-MIB::sysORID.5 = OID: UDP-MIB::udp SNMPv2-MIB::sysORID.6 = OID: TCP-MIB::tcp SNMPv2-MIB::sysORID.7 = OID: ENTITY-MIB::entityMIB … |
2. 개별 조회
Hierarchy 중 Network Interface에 대해서 조회하는 예제입니다.
| [root@localhost mibs]# snmpwalk -m ALL -c public -v 2c 192.168.1.100 IF-MIB::ifDescr IF-MIB::ifDescr.1 = STRING: Device vmnic0 at 25:00.0 ixgben IF-MIB::ifDescr.2 = STRING: Device vmnic1 at 25:00.1 ixgben IF-MIB::ifDescr.3 = STRING: Device vmnic2 at 26:00.0 ixgben IF-MIB::ifDescr.4 = STRING: Device vmnic3 at 26:00.1 ixgben IF-MIB::ifDescr.5 = STRING: Device vusb0 at 00:00.0 cdce IF-MIB::ifDescr.6 = STRING: Traditional Virtual VMware switch: vSwitch0 IF-MIB::ifDescr.7 = STRING: Traditional Virtual VMware switch: vSwitch1 IF-MIB::ifDescr.8 = STRING: Virtual interface: vmk0 on vswitch vSwitch0 portgroup: Management Network IF-MIB::ifDescr.9 = STRING: Virtual interface: vmk1 on vswitch vSwitch1 portgroup: Mgmt2 |
3. 개별 조회(OID 값 이용)
동일한 작업에 대해서 OID 값으로 문자열 대신 숫자 값으로 조회도 가능합니다.
이를 위해서는 우선, 2번에서 사용했던 문자열에 Mapping되는 숫자값을 구해야 합니다.
| [root@localhost mibs]# snmptranslate -O fn IF-MIB::ifDescr .1.3.6.1.2.1.2.2.1.2 [root@localhost mibs]# snmpwalk -m ALL -c public -v 2c 192.168.1.100 .1.3.6.1.2.1.2.2.1.2 IF-MIB::ifDescr.1 = STRING: Device vmnic0 at 25:00.0 ixgben IF-MIB::ifDescr.2 = STRING: Device vmnic1 at 25:00.1 ixgben IF-MIB::ifDescr.3 = STRING: Device vmnic2 at 26:00.0 ixgben IF-MIB::ifDescr.4 = STRING: Device vmnic3 at 26:00.1 ixgben IF-MIB::ifDescr.5 = STRING: Device vusb0 at 00:00.0 cdce IF-MIB::ifDescr.6 = STRING: Traditional Virtual VMware switch: vSwitch0 IF-MIB::ifDescr.7 = STRING: Traditional Virtual VMware switch: vSwitch1 IF-MIB::ifDescr.8 = STRING: Virtual interface: vmk0 on vswitch vSwitch0 portgroup: Management Network IF-MIB::ifDescr.9 = STRING: Virtual interface: vmk1 on vswitch vSwitch1 portgroup: Mgmt2 [root@localhost mibs]# snmpwalk -m ALL -c public -v 2c 192.168.1.100 -O fn .1.3.6.1.2.1.2.2.1.2 .1.3.6.1.2.1.2.2.1.2.1 = STRING: Device vmnic0 at 25:00.0 ixgben .1.3.6.1.2.1.2.2.1.2.2 = STRING: Device vmnic1 at 25:00.1 ixgben .1.3.6.1.2.1.2.2.1.2.3 = STRING: Device vmnic2 at 26:00.0 ixgben .1.3.6.1.2.1.2.2.1.2.4 = STRING: Device vmnic3 at 26:00.1 ixgben .1.3.6.1.2.1.2.2.1.2.5 = STRING: Device vusb0 at 00:00.0 cdce .1.3.6.1.2.1.2.2.1.2.6 = STRING: Traditional Virtual VMware switch: vSwitch0 .1.3.6.1.2.1.2.2.1.2.7 = STRING: Traditional Virtual VMware switch: vSwitch1 .1.3.6.1.2.1.2.2.1.2.8 = STRING: Virtual interface: vmk0 on vswitch vSwitch0 portgroup: Management Network .1.3.6.1.2.1.2.2.1.2.9 = STRING: Virtual interface: vmk1 on vswitch vSwitch1 portgroup: Mgmt2 |
간단하게 SNMP 프로토콜을 이용하여, ESXi로부터 정보를 획득하는 과정에 대해서 살펴보았습니다.
운영 환경에서 SNMP를 이용한 모니터링을 고려하실 때, 참고가 되었으면 합니다.
'Compute' 카테고리의 다른 글
| How ballooning driver works (1) (2) | 2022.12.23 |
|---|---|
| Overview of SNMP (0) | 2022.12.22 |
| Certificate Problem (2) - How to Replace certificates (0) | 2022.12.14 |
| Certificate Problem (1) - Verification (0) | 2022.12.13 |
| logger command doesn't calculate facility and severity level correctly (0) | 2022.12.05 |
