文档中心API Explorer
ZHEN
文档中心ZVFZStack ZSphere用户手册ZVF

System Settings

AccessKey Management

AccessKey is the security credential for authorizing third-party users to call the ZStack ZSphere API to access virtualization resources. It includes the AccessKey ID and the AccessKey Secret, which must be kept strictly confidential.

Relationship Between AccessKey Administrator and User Permissions

  • Administrators can create multiple AccessKeys, while regular users can create up to two AccessKeys.
  • Administrators can delete AccessKeys created by regular users.
  • An AccessKey has full permissions of its creator.

Generating an AccessKey

You can follow these steps to generate an AccessKey:

  1. Navigate to Menu > System Management > AccessKey Management.
  2. Click Create AccessKey.

Using AccessKey with Third-Party Platform SDK to Call APIs

SDK Method

To create a virtual machine using an AccessKey, you need to provide the accessKeyId and accessKeySecret when making the API call.
  • Java SDK
    CreateVmInstanceAction action = new CreateVmInstanceAction();
action.name = "vm1";
action.instanceOfferingUuid = "ae97ced44efc3314b8f7798972b4ba1a";
action.imageUuid = "da119f7906513eccabf271991c35a65e";
action.l3NetworkUuids = asList("cc0e4c5e77df3af68e59668e7f9e06c5");
action.dataDiskOfferingUuids = asList("19d22d051b063d379a2816daaf431838
","905d94a6abb5398fa1995f6398e3f6fc");
action.clusterUuid = "a0468dc645223f67bd0f2ab95276bbae";
action.description = "this is a vm";
action.strategy = "InstantStart";
action.accessKeyId = "Fnxc7KIQAdGTvXfx8OjC";
action.accessKeySecret = "Do0AJUGVPrT9iJZlc1QOtk7kzEusYidyqJxSmKOb";
CreateVmInstanceAction.Result res = action.call();
  • Python SDK
    CreateVmInstanceAction action = CreateVmInstanceAction()
action.name = "vm1"
action.instanceOfferingUuid = "ae97ced44efc3314b8f7798972b4ba1a"
action.imageUuid = "da119f7906513eccabf271991c35a65e"
action.l3NetworkUuids = [cc0e4c5e77df3af68e59668e7f9e06c5]
action.dataDiskOfferingUuids = [19d22d051b063d379a2816daaf431838, 905d94a
6abb5398fa1995f6398e3f6fc]
action.clusterUuid = "a0468dc645223f67bd0f2ab95276bbae"
action.description = "this is a vm"
action.strategy = "InstantStart"
action.accessKeyId = "Fnxc7KIQAdGTvXfx8OjC"
action.accessKeySecret = "Do0AJUGVPrT9iJZlc1QOtk7kzEusYidyqJxSmKOb"
CreateVmInstanceAction.Result res = action.call()

Calling RESTful APIs

  1. Create an AccessKey
    CreateAccessKey accountUuid=dff4fb9bbff14e97a67ab894c7b8c528 userUuid=dff4fb9
bbff14e97a67ab894c7b8c528
{
 "inventory": {
 "AccessKeyID": "N3Tf05yXZUmSjCf6mYIB",
 "AccessKeySecret": "XAlrsYvswmnEV3X1KWNs1WfZHD6aBIIphmI0rX9S",
 "accountUuid": "dff4fb9bbff14e97a67ab894c7b8c528",
 "createDate": "Sep 7, 2023 1:50:06 PM",
 "lastOpDate": "Sep 7, 2023 1:50:06 PM",
 "userUuid": "dff4fb9bbff14e97a67ab894c7b8c528",
 "uuid": "ae353717ca7b4182bb87fb5d010235e8"
 },
 "success": true
}
  2. Generate date
    python get_time.py
Thu, 07 Sep 2023 13:54:10 PRC
    import datetime
import time
date = time.time()
#EEE, dd MMM yyyy HH:mm:ss z
str = datetime.datetime.fromtimestamp(date).strftime('%a, %d %b %Y %H:%M:%S PRC')
print str
  3. Generate digest
    # python get_accesskey.py "vvSZpmj4cnB53qUDmm6E" "8heumeFTvIeZxkTGfEYvV
i9qVVPd9ffQNDALSPPb" \
"GET" "Fri, 08 Sep 2023 17:58:34 PRC" "/v1/vm-instances"
args: Namespace(acesskey_id='vvSZpmj4cnB53qUDmm6E', acesskey_secret
='8heumeFTvIeZxkTGfEYvVi9qVVPd9ffQNDALSPPb', \
date='Fri, 08 Sep 2023 17:58:34 PRC', method='GET', uri='/v1/vm-instances')
Signature: hPToRHeHdV49D4u20G8OlE0yJho=
Authoration ZStack vvSZpmj4cnB53qUDmm6E:hPToRHeHdV49D4u20G8OlE0yJho=
    #/usr/bin/python
import base64
import hmac
import sha
import argparse
from hashlib import sha1
parser = argparse.ArgumentParser(description='calculate zstack access key digit.')
parser.add_argument('acesskey_id')
parser.add_argument('acesskey_secret')
parser.add_argument('method')
parser.add_argument('date')
parser.add_argument('uri')
args = parser.parse_args()
print "args: %s" % args
h = hmac.new(args.acesskey_secret, args.method + "\n"
 + args.date + "\n"
 + args.uri, sha1)
Signature = base64.b64encode(h.digest())
print "Signature: %s" % Signature
print "Authoration %s" % ("ZStack " + args.acesskey_id + ":" + Signature)
  4. Send a request
    curl -H "Authorization:ZStack N3Tf05yXZUmSjCf6mYIB:S3vm7u7/+n
+sIQe72lgia08I30U=" \
-H "Content-Type:application/x-www-form-urlencoded" \
-H "Date:Fri, 08 Sep 2023 18:54:10 PRC" \
-X GET http://172.20.11.134:8080/zstack/v1/vm-instances

Manage AccessKey

You can manage generated AccessKeys, including enabling, disabling, and deleting them.
  1. Navigate to Menu > System Management > AccessKey Management.
  2. Select the AccessKey.
    • To enable or disable an AccessKey, click Disable or Enable.
    • If you no longer need to access virtual resources via API, you can delete the AccessKey by clicking Delete.

Console Proxy Management

The console proxy enables logging into the virtual machine console through a proxy address. You can view, reconnect, and modify the console proxy address in ZStack ZSphere.

View Proxy Address

Procedure
  1. Navigate to Menu > System Management > Console Proxy.
  2. View the console proxy address. The default proxy address is the IP address of the management node.

Reconnect Proxy Address

If the virtual machine console fails to open, you need to perform a reconnect operation. After reconnecting, when the status displays as Connected, you can normally open the console. On the Console Proxy page, you can click Reconnect to perform the reconnect operation.

Modify Proxy Address

If you need to set the console proxy address, you can do so on the Console Proxy page by clicking Modify Proxy Address. This allows you to modify the address and port as needed. For the console proxy address, you can enter the public IP address of the management node, a NAT address, or a domain name. The changes take effect immediately after modification, without requiring a restart of the management node.

SNMP Management

Overview

You can monitor ZStack ZSphere resource data and receive alert messages pushed by ZStack ZSphere through the Simple Network Management Protocol (SNMP) on a third-party platform.

Key Concepts

  • SNMP Protocol: A protocol used for managing devices on a network.
  • Network Management System: A system that monitors and manages network devices via SNMP. This system sends requests to the agent process on managed devices to query parameter values or receives Trap information sent proactively by the agent. In this feature, the network management system corresponds to the third-party monitoring platform.
  • SNMP Agent: An agent process in managed objects that responds to requests from the network management system or sends Trap information proactively. In this feature, the ZStack ZSphere management node undertakes the role of the SNMP Agent.
  • Managed Object: In this feature, it refers to resources on ZStack ZSphere.
  • MIB Library: A database maintained by the SNMP Agent that defines a set of attributes for managed objects, including object names, statuses, access permissions, and data types. The third-party platform collects required resource monitoring data based on instructions in the MIB library or parses received alert messages. ZStack ZSphere provides a dedicated MIB library that supports downloading and viewing.
  • SNMP Trap Receiver: A third-party server that receives alarm messages from ZStack ZSphere. It can be added as an endpoint and attached to an alarm to push specified alarm messages.

Notes

The SNMP components has been updated at ZStack ZSphere 4.10.25 version. If you have upgraded from a previous version and integrated with an external monitoring platform, you must:
  1. Download the new MIB file.
  2. Update the new MIB file to your external monitoring platform.
Note: Failure to update may result in missing or abnormal monitoring data, affecting business monitoring continuity.

Enable SNMP Management

Procedure

  1. In the navigation pane, choose System Management > SNMP Management.
  2. On the SNMP Management page, click Enable SNMP Management.
  3. In the Enable SNMP Management dialog, set the following parameters:
    Basic Configuration
    • SNMP Agent Port: Specify a port for receiving and responding to requests from the third-party monitoring platform. Default: 1160. Valid range: from 1024 to 65535.
    • Protocol Version: Support v2c and v3 types.
      • If you select the v2c type, set the Community String for connection authentication between the third-party monitoring platform and the virtualization platform.
      • If you select the v3 type, set the following parameters:
        • Username: Set a username.
        • User Authentication: For secure authentication between the third-party monitoring platform and the platform, enable this option and set an authentication protocol and password.
        • Data Encryption: To encrypt communication messages between the virtualization platform and the third-party platform, enable this option and set an encryption protocol and password.
    Receiver Configuration
    • SNMP Trap Receiver: Enter the name, IP address, and port of the third-party server to receive pushed alert messages.
  4. Review the configuration and click OK.

Modify SNMP Configuration

Procedure

  1. In the navigation pane, choose System Management > SNMP Management > SNMP Configurations.
  2. On the SNMP Configurations page, click Modify Configuration.
  3. Make changes to the configuration as needed.

Download MIB File

Download the MIB file provided by the ZStack ZSphere for data collection and alert message parsing on third-party platforms.

Procedure

  1. In the navigation pane, choose System Management > SNMP Management > SNMP Configurations.
  2. On the SNMP Configurations page, click Download MIB.

Manage SNMP Trap Receiver

Procedure

  1. In the navigation pane, choose System Management > SNMP Management > SNMP Trap Receiver.
  2. On the SNMP Trap Receiver page, follow these steps:
    • If you need to add a new receiver, click Add SNMP Trap Receiver.
    • If you need to modify the configuration information of an existing receiver, select the target object and then click Actions > Modify Configuration.
    • If you need to delete a receiver, select the target object and then click Actions > Delete.
      Note: If the selected SNMP Trap receiver has been added as an alert notification target, this notification target will also be deleted synchronously.

Disable SNMP Management

Procedure

  1. In the navigation pane, choose System Management > SNMP Management > SNMP Configurations.
  2. On the SNMP Configurations page, click Disable.

Results

  • After disabling, the third-party platform will no longer actively obtain resource monitoring data from the platform.
  • After disabling, the platform will continue to push alert messages to SNMP Trap receivers that have been added as notification targets.
  • The platform will retain the current SNMP configuration for direct use the next time it is enabled.

Time Configuration

Overview

Manage platform time and configure time servers. After a time server is added, all host on the platform will synchronize time with the specified time server.

Definitions

The time configuration service involves the following concepts:
  • Internal time server: Uses a management node or host as the time server for platform system time to synchronize time with other nodes on the platform.
  • External time server: Uses an external node as the external time server to synchronize time with all nodes on the platform directly or via the internal time server.
  • Time synchronization: The process in which the time of a node on the platform is synchronized with a time server.

Fundamentals

The local time is synchronized with the time server via network time protocol and certain algorithms. The following list shows the basic time synchronization process:
  1. Select time source: Configure either internal or external time server as reference clocks.
  2. Obtain timestamps: Each node on the platform communicates with the time server to acquire timestamps.
  3. Calculate time difference: Based on the acquired timestamps, each node calculates the time difference between itself and the time server.
  4. Adjust local clock: Each node synchronizes its local clock according to the time difference.
  5. Periodic synchronization: Each node periodically communicates with the time server to prevent clock skew and maintains continuous time synchronization.

Benefits

The time configuration service has the following benefits:
  • Precision: Uses accurate clock adjustment algorithms to achieve more precise time synchronization.
  • Automation: Features an automatic time mechanism that periodically calibrates time without manual intervention.
  • Reliability: Supports adding multiple time servers to enhance the reliability and stability of time synchronization.
  • Intuitive: Displays the relationship between time servers and platform time configuration in a digram and shows the current platform time and timezone.

Scenarios

The time configuration service is primarily used in the following scenarios:
  • Network management: Provides precise time synchronization for analyzing log information collected from different network devices to facilitate fault localization.
  • Billing system: Maintains uniform timekeeping to ensure accurate billing records.
  • Collaborative processing: Ensures proper execution order when multiple systems process complex events simultaneously.

Modify Time Server Configuration

About this task

The following NTP modes are supported:
  • Internal: Uses a management node or host as the time server for the platform system time to synchronize time with other nodes on the platform. You can add a maximum of two internal time servers.
  • External: Uses an external node as the external time server to synchronize time with all nodes on the platform. You can add a maximum of two external time servers.
  • Internal and external: Uses an external node as the external time server and a management node or host as the internal time sever. After the external time server synchronizes with the internal time server, the internal time server then synchronizes time with other nodes on the platform. You can add a maximum of two internal time servers and two external time servers.

Procedure

  1. In the navigation pane, choose System Management > Time Configuration.
  2. On the Time Configuration page, click Modify Configuration.
  3. On the Time Configuration dialog, set the following parameters:
    • NTP Mode: Modify the NTP mode. Options include internal, external, and internal and external.
    • Time Server: add time servers based on the selected NTP mode. You can add a maximum of two internal time servers and two external time servers. External time servers can be added via IP or domain name.
    Note:
    • To modify a time server, make sure the management node is in connected status.
    • Modifying the time server may cause platform node time inconsistencies, monitoring data deviations or errors, and impact running tasks. Carefully evaluate before making changes.
  4. Confirm the configuration and click OK.

Synchronize Time

If the system time deviates significantly from the NTP time server, you can forcefully synchronize the time, avoiding the long duration of gradual adjustment.

Procedure

  1. In the navigation pane, choose System Management > Time Configuration.
  2. On the Time Configuration page, click Sync Time.

Log Server

Add Log Server

A log server can be used to collect management node logs, enabling quick issue identification and improving the operational efficiency of the platform.

Before you begin

  • You must have admin permissions to configure the log server.
  • Make sure the communication between the management node and the log server is properly established.
  • Make sure the log server has syslog server installed.

Procedure

  1. In the navigation pane, choose System Management > Log Server.
  2. On the Log Server page, click Add Log Server.
  3. In the Add Log Server dialog, set the following parameters:
    • Name: Set the name of the log server.
    • Description: Optionally fill in a description for the log server.
    • IP Address: Enter the IP address of the log server.
    • UDP Port: Enter the port number that provides service for the UDP protocol.
    • Log Identifier: Select the log device category to match the log server, supporting LOCAL0~LOCAL7.
      Note: The level must be consistent with the setting in the log server's rsyslog.conf file to properly receive log information.
  4. (Optional) Click Test Connection to check the IP address connectivity.
  5. Review the configuration and click OK.

Email Server

Add Email Server

Procedure

  1. In the navigation pane, choose System Management > Email Server.
  2. On the Email Server page, click Add Email Server.
  3. In the Add Email Server dialog, set the following parameters:
    • Name: Set the name of the email server.
    • Description: Optionally fill in a description for the email server.
    • Username: Enter the username for the email server.
    • Password: Enter the password corresponding to the username.
    • Email Server Type: The default is SMTP protocol.
    • SMTP Server: Enter the address of the email server.
    • Encryption Type: Choose whether to set up an encrypted connection for the email server port, including STARTTLS, SSL/TLS, or unencrypted.
    • SMTP Port: Set the port number for the email server.
  4. Review the configuration and click OK.

Manage Email Server

Procedure

  1. In the navigation pane, choose System Management > Email Server.
  2. On the Email Server page, follow these steps:
    • If you need to modify the name and description of the email server, click Actions > Edit Name and Description.
    • If you need to enable or disable the email server, click Actions then Enable/Disable.
    • If you need to delete the email server, click Actions > Delete.

Theme Appearance

Customize Theme and Appearance

Procedure

  1. In the navigation pane, choose System Management > Theme and Appearance.
  2. On the Theme and Appearance page, click the edit button to modify the theme appearance as needed.
  3. For Theme, select the interface theme color. There are eight theme colors available for selection.
  4. For Browser Title, set the following parameters:
    • Favicon: The browser icon only supports .ico format, with a file size not exceeding 2 MB.
    • Chinese Title: The Chinese title length for the browser should be within 25 characters.
    • English Title: The English title length for the browser should be within 25 characters.
  5. For Login Interface Title, set the following parameters:
    • Logo: The login page logo image supports .jpg, .jpeg, .png, and .svg formats. The ogo should be within 250×70 pixels, with a file size not exceeding 2 MB.
    • Chinese Title: The Chinese title length for the login page should be within 25 characters.
    • English Title: The English title length for the login page should be within 25 characters.
  6. For Platform Interface Title, set the following parameters:
    • Logo: The platform interface logo image supports .jpg, .jpeg, .png, and .svg formats. The logo should be within 110×40 pixels, with a file size not exceeding 2 MB.
      Note: On dark backgrounds, it is recommended to use white or light-colored logos.
    • Chinese Title: The Chinese title length for the platform interface should be within 25 characters.
    • English Title: The English title length for the platform interface should be within 25 characters.
    • Font Size: Select the text size for the platform interface title, including large, medium, and small. The default setting is medium.

Restore to Default Theme and Appearance

Restore the default theme appearance by clearing all current customizations with a single click.

Procedure

  1. In the navigation pane, choose System Management > Theme and Appearance.
  2. On the Theme and Appearance page, click Restore Default Settings.
    Note: After restoring the default settings, any customized logo images and release information stored in the /var/lib/zstack/static directory will be deleted.

System Parameters

ZStack ZSphere provides system parameter functionality to globally control the default behavior of platform settings.

Overview

The system parameters provided by the ZStack ZSphere cover various aspects of platform configuration:

  • Platform Policy: Offers system parameter settings at the platform level, including timeout policies, management node policies, deletion policies, cleanup policies, concurrency policies, reconnection policies, and progress bars.
  • O&M Management: Provides system parameter settings related to monitoring alerts and task events.
  • Host and VM: Offers system parameter settings related to hosts and virtual machines.
  • Image Storage: Provides system parameter settings related to image storage and images.
  • Data Storage: Offers system parameter settings related to data storage and disks.
  • Network Resources: Provides system parameter settings related to distributed switches and security groups.

Modify System Parameters

To modify system parameters, follow these steps:

  1. Navigate to Menu > System Management > System Parameters.
  2. Set the system parameters as needed.

Restore Default System Parameters

To restore system parameters to their default state, follow these steps:

  1. Navigate to Menu > System Management > System Parameters.
  2. Click Restore to Default Settings.
Note: Restoring default parameters will reset all system parameters, security settings, and advanced settings in high-availability policies to their initial default values. Proceed with caution.
上一篇Security Access Settings下一篇Backup Management