VOSS Automate verification#
Important
One or more verification steps require root access to VOSS Automate. These steps must be carried out by VOSS Support.
If working with a cluster
Verify Primary and Secondary Nodes
database config
Verify cluster connectivity
cluster status
Verify network connectivity, disk status and NTP
cluster check
As root user verify port 27020 is open to NBI on TCP/27020 on all Unified Nodes by reading the current firewall rules
/opt/platform/apps/cluster/cluster.py run application "config.py get /apps/mongodb/firewall/mongodb/all"
If not, as root user open TCP/27020 on all Unified Nodes to NBI by creating the firewall rule replacing <NBI IP> with the IP address of the NBI instance
/opt/platform/apps/cluster/cluster.py run application "config.py put /apps/mongodb/firewall/mongodb/all all:tcp.27020.0#<NBI IP>"
To check access to the database, use netcat to test the connection to the VOSS database from the NBI machine, replacing <VOSS IP> with the IP address of the VOSS instance:
diag test_connection <VOSS IP> 27020
A system message confirms whether the connection is successful.
You can then recheck the firewall rules again on the VOSS instance:
config.py get /apps/mongodb/firewall/mongodb/all all:tcp.27020.0#all
Copy the DB Password (root)
/usr/bin/rest --get --path=/apps/voss-deviceapi/config/seed --value
If the server is a single node:
Check all services are up:
app status
Copy the DB Password (root)
/usr/bin/rest --get --path=/apps/voss-deviceapi/config/seed --value
As root user verify port 27020 is open to NBI on TCP/27020 by reading the current firewall rules
config.py get /apps/mongodb/firewall/mongodb/all all:tcp.27020.0#all
If not, as root user open TCP/27020 to NBI by creating the firewall rule replacing <NBI IP> with the IP address of the NBI instance
config.py put /apps/mongodb/firewall/mongodb/all all:tcp.27020.0#<NBI IP>"
To check access to the database use netcat to test the connection to the VOSS database from the NBI machine, replacing <VOSS IP> with the IP address of the VOSS instance:
diag test_connection <VOSS IP> 27020
A system message confirms whether the connection is successful.
You can then recheck the firewall rules again:
config.py get /apps/mongodb/firewall/mongodb/all all:tcp.27020.0#all
Ensure the database model files (schemas) for a new install only are added via he GUI - these are the files in the Download section above and are added under the Administration - Import section.
Add an NBI user to the VOSS Automate GUI:
Note: NBI uses this user for internal communication with VOSS Automate.
Create an administrator account on VOSS Automate, with a credential policy and password that doesn’t expire.
Log in as a utility admin and add an NBI user with the following minimum permissions:
relation/HcsHierarchyNodeREL
read
relation/Subscriber
read
tool/Macro
execute (with read access on subscribers)
For VOSS Automate Provider administrators wishing to log in to the NBI GUI, the following permissions are required in the access profile:
data/Reports
read
tool/DataExtract
nbi_subscriber