VMware Networking Community
AshRobKP
Contributor
Contributor
‎02-09-2021 08:52 PM
Jump to solution

NSX Edge var+log

We have had rolling issues across our datacenters due to NSX-T management nodes and edge nodes getting to 100% in var+log. We have resolved the issue by setting the root/admin/audit passwords to never expire, and by clearing our syslog and auth.log files. 

However, we have one NSX Edge Node that is being problematic. The passwords we had set for root and admin are not working. We attempted to use the password reset feature through GRUB, but that password isn't sticking after a reboot -f. The theory is that because var log is full, the changes aren't being applied. SO...

logged in as root@(none) I am trying to clear out the syslog and auth.log files to get some free space in var+log. I have been able to start the LVM2 services, and see the var log LV with lvscan as inactive. However, when I use lvchange -a y on that volume, it just sits there forever. the cursor blinks, and I can type but I can't break out of the command unless I reboot the node. Because the LV is inactive, I can't mount it.

Is there a way to clear out var log using this (or any other) method without having NSX root/admin rights, and just the root@(none) user?

Preview file
199 KB
0 Kudos
1 Solution

Accepted Solutions
AshRobKP
Contributor
Contributor
‎02-09-2021 10:09 PM
Jump to solution

I had to boot into single user mode after the password reset from the GRUB menu. https://devconnected.com/single-user-mode-secure-boot-on-ubuntu-debian/

after i booted into single user mode, I was able to use the reset password, then echo " " > /var/log/syslog.1

then I was able to log in

 

View solution in original post

0 Kudos
4 Replies
Sreec
VMware Employee
VMware Employee
‎02-09-2021 09:08 PM
Jump to solution

Have you tried following  VMware KB 

https://kb.vmware.com/s/article/76114?lang=en_US 

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
AshRobKP
Contributor
Contributor
‎02-09-2021 09:32 PM
Jump to solution

any advice on how to restart these services in 2.5.0?

 

Once the above has been completed, restart the RMQ and Proton services by running these commands(these cli do not fit 2.5.0 release):

     /etc/rc.d/init.d/rabbitmqserver restart
     /etc/rc.d/init.d/proton-mgmt restart

0 Kudos
Sreec
VMware Employee
VMware Employee
‎02-09-2021 10:05 PM
Jump to solution

I'm unsure about the command syntax in 2.5, if feasible can you reboot the appliance and confirm it? 

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered
0 Kudos
AshRobKP
Contributor
Contributor
‎02-09-2021 10:09 PM
Jump to solution

I had to boot into single user mode after the password reset from the GRUB menu. https://devconnected.com/single-user-mode-secure-boot-on-ubuntu-debian/

after i booted into single user mode, I was able to use the reset password, then echo " " > /var/log/syslog.1

then I was able to log in

 

0 Kudos