Saucepan

User Tools

Site Tools

Trace: management useful_nios nios_x_xaas exclusive_networks nios_x_troubleshooting proxmox licence licenses abbreviations discovery_vdiscovery
infoblox_nios:discovery_vdiscovery

This is an old revision of the document!

Table of Contents

Network Discovery

For NIOS vDiscovery to work with ESXi and to add DNS names to discovered objects, we need the Cloud Network Automation licence and the NIOS Grid must have the DNS zones added (even if the zones are not assigned to any appliance and even if Infoblox is not actually used for DNS). Otherwise, we just detect if the IP addresses are in use or not. We also need to create the networks in advanced. If we don't, the data doesn't get added.

The current vDiscovery feature supports tenants, networks, and compute VMs only. It does not support data that is retrieved from load balancer networks, load balancer VMs, Kubernetes platform VMs, application gateways, service VMs, SQL VMs, or any other VMs that are created using cloud services such as Kubernetes service or analytics service, where the IPAM is handled by the respective orchestration engines of the cloud provider. Note that if the vDiscovery job retrieves unsupported data from AWS, Azure, or GCP, then it impacts the performance of the vDiscovery process.

Discovery in Azure

Troubleshooting

NTP Issues

The following error messages were seen when the NIOS system was 15+ minutes out of date.

  • Facility: user
  • Level: Error
  • Server: aws_r53_task_executor_ctl[]
AWSR53: SignatureDoesNotMatch, Signature not yet current: 20230712T103536Z is still later than 20230712T094129Z (20230712T093629Z + 5 min.)
  • Facility: user
  • Level: Warning
  • Server: aws_r53_task_executor_ctl[]
AWSR53:Error Non successful AWS API request, code: 403, response: {u'error_response': {u'request_id': u'27779245-74fd-4343-a681-dadaf853a0b1', u'error': {u'message': u'Signature not yet current: 20230712T103536Z is still later than 20230712T094129Z (20230712T093629Z + 5 min.)', u'code': u'SignatureDoesNotMatch', u'type': u'Sender'}}}
Line parsing error: Invalid month value. Original line: DriverOtherError: [Error while trying to collect cloud data]: AWSIAMDataCollector: Action GetUser failed: http_status_code=403 aws_err_code=SignatureDoesNotMatch aws_err_message=Signature not yet current: 20230712T103405Z is still later than 20230712T094958Z (20230712T093458Z + 15 min.)

Error SSL Cert

  • Facility: user
  • Level: Info
  • Server: cdiscovery_executor[]
  • Message: 
    Complete discovering for task name: ESXi, result: [SSL failure]: SSL Certificate verification failed

Start vDiscovery

  • Facility: user
  • Level: Info
  • Server: cdiscovery_executor[]
  • Message: 
    Start discovering for task name: ESXi; driver type: VMWARE; FQDN or IP: esxi.staffordnet.uk; port: 443; protocol: HTTPS; member: ns1.example.uk

vDiscovery Job Finished with Warning

  • Facility: user
  • Level: Warning
  • Server: cdiscovery_executor[]
  • Message: 
    Processing discovered data completed with warnings for task name: AWS-London; driver type: AWS; FQDN or IP: ec2.eu-west-2.amazonaws.com; port: 443; protocol: HTTPS; member: ns1.example.uk

User Started vDiscovery Job

  • Facility: daemon
  • Level: Notice
  • Server: httpd[]
  • Message: 
    2023-07-12 09:49:23.686Z [bstafford]: Called - VDiscoveryControl: Args action="START",task=VDiscoveryTask:ESXi

Overview of AWS Discovery Log Flow

  • Facility: User
  • Level: Info
  • Server: cdiscovery_executor[]
  • Message: 
    Start discovering for task name: AWS-London; driver type: AWS; FQDN or IP: ec2.eu-west-2.amazonaws.com; port: 443; protocol: HTTPS; member: ns1.example.uk
  • Message: </code>Complete discovering for task name: AWS-London, result: DISCOVERY_COMPLETE</code>
  • Facility: User
  • Level: Info
  • Server: cdiscovery_aggregator[]
  • Message: 
    Start processing discovered data for task name: AWS-London; driver type: AWS; FQDN or IP: ec2.eu-west-2.amazonaws.com; port: 443; protocol: HTTPS; member: ns1.example.uk
  • Message: 
    Network: 10.10.10.0/24 (network view: default) has been updated
  • Message: 
    Number of NETWORK has been processed : Created: 0; Updated: 10; Deleted: 0; Ignored: 2; Tags skipped due to missed EAs: [u'Name']
  • Message: 
    Number of IP has been processed : Created: 0; Updated: 0; Deleted: 0; Ignored: 0
  • Message: 
    Number of VM has been processed : Created: 0; Updated: 0; Deleted: 0; Ignored: 0
  • Message: 
    No tags. return.
  • Message: 
    Number of TENANT has been processed : Created: 0; Updated: 1; Deleted: 0; Ignored: 0
  • Message: 
    Finish synchronize DNS for events: Created: 0; Updated if needed: 0; Deleted: 0; Ignored: 0
  • Level: Warning
  • Message: </code>Ignoring object Network: 10.11.11.0/25 (network view: default) : The network 10.11.11.0/24 must not have any active IP address outside the network you are creating.</code>
  • Message: </code>Processing discovered data completed with warnings for task name: AWS-London; driver type: AWS; FQDN or IP: ec2.eu-west-2.amazonaws.com; port: 443; protocol: HTTPS; member: ns1.example.uk</code>

Troubleshooting

When you see an error message, the GUI may not say what has gone wrong. Get the support bundle

Extract infoblox.log 

tar xvzf <supportbundlename> active_node_supportBundle.tar.gz
tar xvzf active_node_supportBundle.tar.gz infoblox.log

Discovery jobs data processed on the GM (may be zero if not GM bundle) 

egrep -ai "cdiscovery_aggregator.*Start processing discovered data" infoblox.log | awk '{print $(NF-13)}' | sort | uniq | wc -l

VPCs Overlapping within discovered dataset 

egrep -aic "cdiscovery_aggregator.*Overlapped VPCs encountered.* entire discovered dataset discarded.*within discovered dataset" infoblox.log

VNETs Overlapping with existing NIOS objects 

egrep -aic "cdiscovery_aggregator.*Overlapped VNETs encountered.*entire discovered dataset discarded.*with existing NIOS objects" infoblox.log

VPCs Overlapping with existing NIOS objects 

egrep -aic "cdiscovery_aggregator.*Overlapped VPCs encountered.*entire discovered dataset discarded.*with existing NIOS objects" infoblox.log

Subnets with CIDR equal to the Virtual Network CIDR are not supported errors 

egrep -aic "cdiscovery_aggregator.*Subnets with CIDR equal to the Virtual Network CIDR are not supported" infoblox.log

Network view cannot be created log messages as there is no associated project/tenant) 

egrep -aic "cdiscovery_aggregator.*some network views can't been created as they dont have a project/tenant id associated with it" infoblox.log

Network view unavailable log messages 

egrep -aic "cdiscovery_data_event.*Skip process network Network.*network view unavailable" infoblox.log

Network view id missing log messages 

egrep -aic "cdiscovery_data_aggregation.*A required network_view_id is missing" infoblox.log

Error while processing IP address log messages 

egrep -aic "cdiscovery_data_event.*Error while processing" infoblox.log

Parent Network missing log messages 

egrep -aic "cdiscovery_aggregator.*Cannot find the parent network for the fixed address" infoblox.log

Bad Syntax errors (likely due to network_component_port_id string being too long) 

egrep -aic "cdiscovery_aggregator.*Bad Syntax" infoblox.log

Duplicate Object errors 

egrep -aic "cdiscovery_aggregator.*ERROR: Duplicate object" infoblox.log
infoblox_nios/discovery_vdiscovery.1689156283.txt.gz · Last modified: by bstafford