VOSS Automate verification

Important

One or more verification steps require root access to VOSS Automate. These steps must be carried out by VOSS Support.

If working with a cluster

  • Verify Primary and Secondary Nodes

    database config

  • Verify cluster connectivity

    cluster status

  • Verify network connectivity, disk status and NTP

    cluster check

  • As root user verify port 27020 is open to NBI on TCP/27020 on all Unified Nodes by reading the current firewall rules

    /opt/platform/apps/cluster/cluster.py run application "config.py get /apps/mongodb/firewall/mongodb/all"

  • If not, as root user open TCP/27020 on all Unified Nodes to NBI by creating the firewall rule replacing <NBI IP> with the IP address of the NBI instance

    /opt/platform/apps/cluster/cluster.py run application "config.py put /apps/mongodb/firewall/mongodb/all all:tcp.27020.0#<NBI IP>"

To check access to the database, use netcat to test the connection to the VOSS database from the NBI machine, replacing <VOSS IP> with the IP address of the VOSS instance:

diag test_connection <VOSS IP> 27020

A system message confirms whether the connection is successful.

You can then recheck the firewall rules again on the VOSS instance:

config.py get /apps/mongodb/firewall/mongodb/all all:tcp.27020.0#all

  • Copy the DB Password (root)

    /usr/bin/rest --get --path=/apps/voss-deviceapi/config/seed --value

If the server is a single node:

  • Check all services are up:

    app status

  • Copy the DB Password (root)

    /usr/bin/rest --get --path=/apps/voss-deviceapi/config/seed --value

  • As root user verify port 27020 is open to NBI on TCP/27020 by reading the current firewall rules

    config.py get /apps/mongodb/firewall/mongodb/all all:tcp.27020.0#all

  • If not, as root user open TCP/27020 to NBI by creating the firewall rule replacing <NBI IP> with the IP address of the NBI instance

    config.py put /apps/mongodb/firewall/mongodb/all all:tcp.27020.0#<NBI IP>"

To check access to the database use netcat to test the connection to the VOSS database from the NBI machine, replacing <VOSS IP> with the IP address of the VOSS instance:

diag test_connection <VOSS IP> 27020

A system message confirms whether the connection is successful.

You can then recheck the firewall rules again:

config.py get /apps/mongodb/firewall/mongodb/all all:tcp.27020.0#all

Ensure the database model files (schemas) for a new install only are added via he GUI - these are the files in the Download section above and are added under the Administration - Import section.

Add an NBI user to the VOSS Automate GUI:

Note: NBI uses this user for internal communication with VOSS Automate.

  • Create an administrator account on VOSS Automate, with a credential policy and password that doesn’t expire.

  • Log in as a utility admin and add an NBI user with the following minimum permissions:

    • relation/HcsHierarchyNodeREL

      • read

    • relation/Subscriber

      • read

    • tool/Macro

      • execute (with read access on subscribers)

For VOSS Automate Provider administrators wishing to log in to the NBI GUI, the following permissions are required in the access profile:

  • data/Reports

    • read

  • tool/DataExtract

    • nbi_subscriber