No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

HUAWEI CLOUD Stack 6.5.0 Alarm and Event Reference 04

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Alarm Reference

Alarm Reference

ALM-MOMaintenanceService_100100 OS Account Password About to Expire

Alarm Description

System Maintenance periodically checks whether the OS account is about to expire. A major alarm is generated if the period between the time when the OS account expires and the current time is less than or equal to 30 days. A critical alarm is generated if the period between the time when the OS account expires and the current time is less than or equal to seven days.

Alarm Attribute

Alarm ID

Alarm Severity

Alarm Type

MOMaintenanceService_100100

Critical/Major

Environment alarm

Alarm Parameters

Parameter

Description

Node IP Address

Indicates the IP address of the node whose OS account is checked.

Account Name

Indicates the OS account to be checked.

Account Password Will Expire In (days)

Indicates the number of days before the password of the account to be checked expires.

Impact on System

The OS account expires, which may affect the normal running of service functions.

Possible Causes

The password of the OS account is about to expire.

Handling Procedure

  1. Check whether the period between the time when the OS account expires and the current time is less than or equal to 30 days or seven days.

    1. Use PuTTY to log in to the node where the alarm is generated.

      Default account: sopuser; default password: D4I$awOD7k

    2. Run the following command to switch to the root user:

      sudo su root

      The default password is Changeme_123.

    3. Switch to the root user and run the chage command to check the account expiration time. For example, to view the expiration time of the ossuser user, run the following command:

      chage -l ossuser

      The following information is displayed, in which Password expires indicates the password expiration time.

      Last password change                                    : Jun 15, 2018
      Password expires                                        : Dec 12, 2018
      Password inactive                                       : Jan 16, 2019
      Account expires                                         : never
      Minimum number of days between password change          : 7
      Maximum number of days between password change          : 180
      Number of days of warning before password expires       : 15
    4. Check whether the period between the time when the OS account expires and the current time is less than or equal to 30 days or seven days.
      • If yes, go to 2.
      • If no, go to 4.

  2. Change the password.

    • For the root, ossuser, dbuser, ossadm, and sopuser users, run the passwd command to change the password that is about to expire. For example, to change the password of the ossuser user, run the following command:

      passwd ossuser

      When the following information is displayed, enter the new password as prompted and confirm the new password:

      Changing password for user ossuser.
      New password:
      Retype new password:

      If you want to change the password to the default password, perform the following operations:

      1. Run the following command to log in to the VM:

        ssh username@IP

        username indicates the account whose password is to be changed. IP indicates the IP address of the node where the account is located.

      2. Run the following command to switch to the root user:

        sudo su - root

        The default password is Changeme_123.

      3. Run the following command to clear the old passwords:

        true>/etc/security/opasswd

      4. Run the following command to change the password to the default password:

        passwd username

    • For the meteradmin, taskfileadmin, autoopsadmin, and logctadm users, change the password validity period to prevent service unavailability due to password expiration. Changing the passwords of these users will affect services because these users are involved in interactions with other service components. You are advised to set the password to be permanently valid.

      For example, run the following command to change the password of the meteradmin user to be permanently valid:

      chage -M 180 meteradmin

      180 indicates that the current validity period is 180 days. 99999 indicates that the password is permanently valid.

  3. Check whether the alarm is cleared after the system automatically checks whether the password of the OS account expires at 01: 00.

    • If yes, no further action is required.
    • If no, go to 4.

  4. Collect information generated during alarm handling and contact technical support for assistance.
  5. Run the following command to log out of the root user:

    exit

Alarm Clearance

After the fault is rectified, the alarm is automatically cleared.

Related Information

None

ALM-MOMaintenanceService_100103 Certificate Is About to Expire

Alarm Description

System Maintenance periodically checks whether the IR certificate is about to expire. A major alarm is generated if the period between the time when the IR certificate expires and the current time is less than or equal to 30 days. A critical alarm is generated if the period between the time when the IR certificate expires and the current time is less than or equal to seven days.

Alarm Attribute

Alarm ID

Alarm Severity

Alarm Type

MOMaintenanceService_100103

Critical/Major

Environment alarm

Alarm Parameters

Parameter

Description

Node IP Address

Indicates the IP address of the node where the detected certificate is located.

Certificate Service Name

Indicates the service name of the detected certificate.

Certificate Will Expire In (days)

Indicates the number of days before the detected certificate expires.

Impact on System

After the IR certificate expires, the normal running of service functions is affected.

Possible Causes

The IR certificate is about to expire.

Handling Procedure

  1. Check whether the period between the time when the IR certificate expires and the current time is less than or equal to 30 days or seven days.

    1. Use PuTTY to log in to the node where the alarm is generated.

      Default account: sopuser; default password: D4I$awOD7k

    2. Run the following command to switch to the ossadm user:

      su - ossadm

      The default password is Changeme_123.

    3. Run the openssl command to check the expiration time of the IR identity certificate and trust certificate. For example, to view the expiration time of the server.cer certificate, run the following command:

      openssl x509 -enddate -noout -in /opt/oss/manager/etc/ssl/internal/server.cer

      If the following information is displayed, the certificate expires at 00: 00:00 on June 10, 2028.

      notAfter=Jun 10 00:00:00 2028 GMT
    4. Calculate whether the period between the time when the IR certificate expires and the current time is less than or equal to 30 days or seven days.
      • If yes, go to 2.
      • If no, go to 4.

  2. Replace the IR certificate. For details, see .
  3. Check whether the alarm is cleared after the system automatically checks whether the certificate expires at 01:00.

    • If yes, no further action is required.
    • If no, go to 4.

  4. Collect information generated during alarm handling and contact technical support for assistance.

Alarm Clearance

After the fault is rectified, the alarm is automatically cleared.

Related Information

None

ALM-MOMaintenanceService_100106 Certificate Is About to Expire

Alarm Description

System Maintenance periodically checks whether the CA certificate is about to expire. A major alarm is generated if the period between the time when the CA certificate expires and the current time is less than or equal to 30 days. A critical alarm is generated if the period between the time when the CA certificate expires and the current time is less than or equal to seven days.

Alarm Attribute

Alarm ID

Alarm Severity

Alarm Type

MOMaintenanceService_100106

Critical/Major

Environment alarm

Alarm Parameters

Parameter

Description

Node IP Address

Indicates the IP address of the node where the detected certificate is located.

Certificate Service Name

Indicates the service name of the detected certificate.

Certificate Will Expire In (days)

Indicates the number of days before the detected certificate expires.

Impact on System

After the CA certificate expires, the normal running of service functions is affected.

Possible Causes

The CA certificate is about to expire.

Handling Procedure

  1. Check whether the period between the time when the CA certificate expires and the current time is less than or equal to 30 days or seven days.

    1. Use PuTTY to log in to the node where the alarm is generated.

      Default account: sopuser; default password: D4I$awOD7k

    2. Run the following command to switch to the ossadm user:

      su - ossadm

      The default password is Changeme_123.

    3. Run the openssl command to check the expiration time of the CA identity certificate and trust certificate. For example, to view the expiration time of the ca.cer certificate, run the following command:

      openssl x509 -enddate -noout -in /opt/oss/manager/var/ca/ca.cer

      If the following information is displayed, the certificate expires at 00: 00:00 on June 10, 2032.

      notAfter=Jun 10 00:00:00 2032 GMT
    4. Calculate whether the period between the time when the CA certificate expires and the current time is less than or equal to 30 days or seven days.
      • If yes, go to 2.
      • If no, go to 4.

  2. Replace the CA certificate. For details, see .
  3. Check whether the alarm is cleared after the system automatically checks whether the certificate expires at 01: 00.

    • If yes, no further action is required.
    • If no, go to 4.

  4. Collect information generated during alarm handling and contact technical support for assistance.

Alarm Clearance

After the fault is rectified, the alarm is automatically cleared.

Related Information

None

Translation
Download
Updated: 2019-08-30

Document ID: EDOC1100062365

Views: 37751

Downloads: 31

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next