No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

HUAWEI CLOUD Stack 6.5.0 Alarm and Event Reference 04

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ALM-1320019 Certificate exception Alarm

ALM-1320019 Certificate exception Alarm

Description

This is a customized monitoring item. The system checks whether all certificates used by CCS expire every 5 minutes. An alarm is generated when the certificates expire.

Attribute

Alarm ID

Alarm Severity

Auto Clear

1320019

Critical

Yes

Parameters

Parameter

Description

Location Info

Resource name

Name of the device for which the alarm is generated

Resource type

MONITOR

Monitor type

Service monitoring

Host IP address

IP address of the VM for which the alarm is generated

Details

Data in recent periods

Impact on the System

The system is unavailable after certificates expire. The issue must be handled promptly.

Possible Causes

  • If the threshold is 1, the certificate is about to expire.
  • If the threshold is 2, the certificate has expired.
  • If the threshold is 3, the certificate is invalid or does not exist.

Procedure

  1. Log in to ManageOne Maintenance Portal using a browser.

    • URL: https://Address for accessing the homepage of ManageOne Maintenance Portal:31943, for example, https://oc.type.com:31943
    • Default username: admin; default password: Huawei12#$

  2. On the menu bar in the upper part of the page, choose Alarms > Current Alarms.
  3. In the alarm list, locate the alarm to be handled, and click on the left of the alarm. The Details page is displayed.
  4. Choose Location Info, obtain the host IP address, that is, the IP address of the node where the alarm is generated.
  1. Use PuTTY to log in to the CCS node whose certificate is to be replaced.

    • Username: ccs
    • Password: IaaS@OS-CLOUD9!
      NOTE:

      The default password is IaaS@OS-CLOUD9!. If the system displays a message indicating that the password is incorrect, obtain the new password as required.

  2. Run the following command and enter the password of user root to switch to user root:

    sudo su - root

  3. Run the following command to disable user logout upon system timeout:

    TMOUT=0

  4. Run the following commands to switch to the directory that contains certificate:

    cd /etc/ccs/server-cert

    ll

  5. Run the following command to stop the CCS process:

    sh /etc/ccs/init-script/start_ccs_service.sh -A STOP -M VM

  6. In the /etc/ccs/server-cert directory, run the following commands to modify the original certificates:

    mv ccs_ca.crt ccs_ca.crt.bak

    mv ccs_server.crt ccs_server.crt.bak

    mv ccs_server.key ccs_server.key.bak

  7. Use a file transfer tool (such as WinSCP) to copy the new certificate to the /etc/ccs/server-cert directory on the current node. The certificate name must be the same as the original one.
  8. Run the following command to change the owner of the certificate files to docker:

    chown docker:docker /etc/ccs/server-cert/*

    NOTE:

    New certificate files must be stored in the same directory as the existing ones.

  9. Run the following command to restart CCS:

    sh /etc/ccs/init-script/start_ccs_service.sh -M VM

    View log file /var/log/ccs/ccs-init/ccs_server_check.log and check whether the certificates have taken effect or there is valid log information output.

    If the following information is displayed, the certificates have taken effect.

  10. Repeat 5 to 13 on other CCS nodes.
  1. If the alarm persists after the certificate is replaced, contact technical support for assistance.

Reference

None

Translation
Download
Updated: 2019-08-30

Document ID: EDOC1100062365

Views: 47712

Downloads: 33

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next