No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

eSight V300R010C00SPC200, 300, and 500 Self-Service Integration Guide 10

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the Interconnection with the third-party system (pull)

Configuring the Interconnection with the third-party system (pull)

In the nbi.xml file, configure the interconnection between the eSight and the third-party system in pull mode to enable the third-party system to log in to the eSight FTP server using an FTP client to download topology resource files.

  • Configuring the interconnection with the third-party system (pull) is a process for registering FTP NBI users with the FTP server of the eSight.
  • The eSight can interconnect with a maximum of 20 third-party systems. Each UserInfo node indicates a third-party system.
  • The FTP server of the eSight supports public key authentication and password authentication. The authentication mode is selected by a client. In both modes, an FTP user must be registered. This section describe how to register a user. After the configuration is complete, the user can access in password or public key authentication mode. If the public key mode is used, configure a public key by following section How Do I Configure a Public Key in Pull Mode
  • After registering FTP users, the passwords for these users in the nbi_ftp_config_eSight.xml file are deleted.

Context

  • Changing passwords periodically prevents theft of the passwords and unauthorized access.
  • It is allow to configure the admin user in the Northbound.
  • It supports 20 users most to connect to the FTP or SFTP server.
  • The FTP or SFTP user is automatically logged out if it is idle for more than 5 minutes.
  • When FTP or the SFTP user tries 5 connection defeats continuously, this user will be locked for 5 minutes.
  • The information for interconnecting with the third-party system can be configured on the GUI and in the configuration file. The configuration using the configuration file takes effect after the eSight is restarted. The GUI mode is recommended.

Prerequisites

In the configuration file nbi_ftp.xml, you have configured the SFTP NBI service certificate by following Certificate Deployment Guide.

Procedure

  • Configure the interconnection information on the GUI.
    1. Choose System > System Settings > Northbound Integration from the main menu.
    2. Choose Local System Settings from the navigation tree. Configure FTP interface parameters and click Apply.
      • The FTP protocol is risky. SFTP is recommended.
      • The IP address of the system is set to a reachable address for the server using the SNMP.
      • The port number cannot conflict with other ports of the server. Otherwise, the related FTP server fails to start.
      • When Multiplex southbound FTP server is selected, the southbound FTP service is used. The port number on the GUI is not configurable. Instead, the southbound SFTP or FTP port number is automatically obtained.
      • In the southbound and northbound isolation scenario, the southbound FTP service cannot be reused when the third-party system interconnects with the northbound FTP service. In this case, you need to enable the northbound FTP server and set Service port to the actual port number used by the northbound FTP service.
      • If the user (only one user) registered with the southbound FTP server is deleted or modified, the Home directory of the northbound storage will be deleted, and the northbound data in a period will be lost.
    3. Choose Third-party System Settings from the navigation tree and click Create.
    4. Configure the IP address of the third-party system by setting the connection protocol to SFTP/FTP and setting the SFTP/FTP user name and password.

      Set the SFTP/FTP user name and password, and the eSight creates the user on the server.

    5. Click OK.
  • In the configuration file, configure interconnection information.
    1. Configure the pull mode for transferring topology resource files.
      Table 5-7 Configuring the mode for transferring topology resource files

      Configuration Item

      Description

      Value

      UserInfo > UserFtpInfo > CommonFTPInfo > IsPush

      Sets the mode for obtaining topology resource files.

      0

    2. Configure the name of the third-party system.
      Table 5-8 Configuring the name of the third-party system

      Configuration Item

      Description

      Value

      UserInfo > NmsinfoName

      Configures the IP address of the third-party system.

      • An IP address is configured.
      NOTE:

      When configures multiple third-party system, it's required to set different IP address.

    3. Configure FTP information of the third-party system.
      Table 5-9 Configuring FTP information of the third-party system

      Configuration Item

      Description

      UserInfo > UserFtpInfo > CommonFTPInfo > Username

      Indicates the FTP user name.

      NOTE:
      • In a single-node scenario, configure different user names for different third-party systems. If user names are the same, the password configured later will replace the password configured before.
      • In the remote HA scenario, if you set a user name the same as that of a third-party system, you must also set the password.

      UserInfo > UserFtpInfo > CommonFTPInfo > AuthInfo

      Indicates the FTP user password.

      NOTE:
      • To use encrypt.sh to encrypt data on Linux, run the following commands:

        1>cd eSight installation directory/AppBase/tools/bmetool/encrypt

        2>./encrypt.sh 0

        3>Enter the new password as prompted.

        Encrypt password result: 

        After the command is successfully executed, the ciphertext for the new password is displayed.

      • To use encrypt.bat to encrypt data on Windows, run the following commands:

        1>cd /d eSight installation directory/AppBase/tools/bmetool/encrypt

        2>encrypt.bat 0

        3>Enter the new password as prompted.

        Encrypt password result: 

        After the command is successfully executed, the ciphertext for the new password is displayed.

    4. Restart the eSight service for the configurations to take effect.
Translation
Download
Updated: 2019-10-30

Document ID: EDOC1100044386

Views: 17138

Downloads: 84

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next