Administer and maintain the vSwitch Controller

Use the Settings pages to perform administration and maintenance functions on the vSwitch Controller. To access the Settings pages, select the Settings icon in the top panel of the vSwitch Controller window.

Configure IP address settings

Use the IP Configuration page to verify and configure the IP address of the vSwitch Controller. When the vSwitch Controller is started for the first time, it obtains an IP address through DHCP. However, we recommend that you assign a static IP address. If DHCP is configured, resource pools cannot be set to Fail-Safe mode.

To view and configure the controller IP address:

  1. Under Settings, choose IP Configuration to display the current configuration.
  2. To modify the configuration, click Modify Configuration.
  3. Select Manual Configuration to assign a static IP address.
  4. Enter the following information:
    • New IP address
    • Netmask
    • Gateway IP address
    • (Optional) One or two DNS server IP addresses

      Note:

      At least one DNS server IP address must be specified to enable name resolution on the Controller.

  5. Click Make Changes to implement the changes.

Warning:

After changing the IP address of the vSwitch Controller, you might see an error message: Pool Managed By old_ip_address. This error message appears in the Status column of the pools that the vSwitch Controller manages. If you see this message, you must instruct the Controller to begin managing the pools again.

In the All Resource Pools tab, click the gear icon next to the Status column of the resource pools. Select Steal Pool.

By default, the vSwitch Controller virtual appliance uses a self-signed SSL certificate for connections with the vSwitch running on each XenServer. You can get a certificate authority to provide you with a signed certificate for your vSwitch connections. Follow the instructions of the certificate authority you plan to use when generating the public/private key pair to be signed. Submit the key to the authority. After you obtain the signed certificate from the authority, follow the steps in this section.

Under Settings, click Server and Certificate Maintenance.

Click Update OVS Certificate.

Browse to select the SSL/TLS certificate file.

After uploading the file, click Update Certificate.

To view information about the vSwitch SSL security certificate:

  1. Under Settings, click Server and Certificate Maintenance.
  2. Click View OVS Certificate.

This information also includes when the certificate expires.

After updating the vSwitch SSL certificate, as you add new pools for management, the vSwitch of each server in the pool automatically downloads the new certificate. However, for vSwitches running on existing pools under management you must manually update their SSL certificates.

On the XenServer host, copy the SSL certificate to /etc/openvswitch/vswitchd.cacert

Restart the XenServer host.

Configure the controller hostname

To verify and configure the Controller hostname and DNS domain, use the IP Configuration page. By default, the controller hostname is dvsc, and the DNS domain name is unassigned.

Under Settings, choose IP Configuration to display the current configuration.

Click Modify Host Settings.

Enter the desired hostname and domain name into the appropriate fields.

The value of the domain name is used for both the domain name of the host and the domain to search for unqualified host names.

Click Make Changes to save changes, or choose Cancel.

Collect information for trouble reports

To collect information to supply for trouble reports:

  1. Click Server and Certificate Maintenance under Settings.
  2. Click Collect & Zip All Logs to add all relevant vSwitch Controller logs to a zip file for download.
  3. When the zip operation is complete, click the here link in the pop-up window to download the dump.tar.gz file.
  4. After downloading, click Close to close the pop-up window.

Restart the vSwitch Controller software

To restart the vSwitch Controller software, click Server and Certificate Maintenance under Settings, and then click Restart Network Controller. When the restart is complete, the login page opens.

Manage administrative accounts

Multiple user accounts can be used to provide certain users with limited privileges when accessing the GUI. Entries in the Administrative Events log contain the name of the user who performed the action. Having multiple users can help determine who made a recent configuration change.

To add user accounts for access to the vSwitch Controller and to change user passwords:

  1. Under Settings, choose Administrative Accounts.
  2. Click Create Account.
  3. Enter a user name and password, and reenter the password to confirm. Specify any of the following user privilege levels:
    • Superuser: All privileges.
    • Read-write: All privileges, except for the ability to modify other user accounts and restore snapshots.
    • Read-Only: Can see most information in the GUI but cannot modify anything in the vSwitch Controller except the user’s own password.
  4. Click Add User.

To change a user password, click the Password link for the user. Enter and confirm a new password, and click Change Password.

To remove a user, click the Remove link for the user. You cannot remove the admin user.

Manage configuration snapshots

Snapshots provide a mechanism to save the current vSwitch Controller configuration so that you can restore to that exact configuration at a later point. It might be useful to snapshot the system before making major configuration changes. By default, the system automatically creates an automatic snapshot every 12 hours.

Click Configuration Snapshots under Settings to view the list of configuration backups and restore from backup. The page lists all recent backups, with the most recent listed first. Automatic backups are taken twice per day and each time the vSwitch Controller is restarted. When restoring from a backup, the current IP configuration of the vSwitch Controller is not updated. To change the vSwitch Controller IP address, see Configure IP address settings.

To restore the configuration from a backup, click the gear icon for the snapshot and choose Restore to Snapshot. When asked if you want to continue, click Yes, Restore.

To create a backup on demand, click Create New Snapshot. You can enter an optional description to identify the snapshot. Click Create Snapshot. The new backup is added to the top of the list.

To download a snapshot to store on another system, click the gear icon for the snapshot and choose Download. Follow the instructions in the popup windows to save the snapshot file.

To upload a previously saved snapshot to the controller, click Upload Snapshot. Browse to select the snapshot file, and click Upload Snapshot. The uploaded snapshot is added to the list on the Configuration Snapshots page.

To delete a snapshot, click the gear icon for the snapshot and choose Delete Snapshot. When asked if you want to continue, click Delete Snapshot.

The snapshot table also includes information on the software version and compatibility. Compatibility indicates whether the data in the snapshot is compatible with the current software version. It displays a green indicator if it is compatible and a red indicator if it is not. To revert to an incompatible snapshot, you must first change the software to a compatible version, as listed in the Software Version column.

By default, the system creates a configuration snapshot every 12 hours. These snapshots are listed with a description label of Automatic periodic snapshot. In addition, configuration snapshots are created each time the vSwitch Controller is restarted. These snapshots are listed with a description label of Startup snapshot. System initiated snapshots are automatically deleted when they are more than 30 days old. When manually creating a snapshot, enter a unique description label so it is not mistaken as a system initiated snapshot and deleted after 30 days. If a system initiated snapshot must be preserved beyond 30 days, download it and then reupload it by using a unique description label.

Add Network Time Protocol (NTP) servers

The vSwitch Controller virtual appliance uses a connection to external Network Time Protocol (NTP) servers to manage its time settings. The controller comes with default servers already configured. Because these NTP servers might not be optimal for your environment, you can replace them with a local NTP server according to the following instructions.

To add an NTP server:

  1. Under Settings, choose Time & NTP.

  2. Click Add Server.

  3. Enter the IP address of the server, and click Add.

  4. Add more servers as needed.

To remove an NTP server, click the Remove link.

Export Syslog files

Use the Syslog page to add servers to receive remote syslog messages, which consist of administrative and network event messages generated by the system. The most recent syslog entries are also displayed on the dashboard.

To add syslog servers:

  1. Under Settings, choose Syslog.

  2. Click Add Server Address.

  3. Enter the IP address of the server, and click Add.

  4. Add more servers as needed.

To remove a server, click the Remove link.