Spill the NSX

NSX

NSX-T 2.5 ESXi Logging Enhancements

Introduction:

There have been some significant enhancements in NSX-T 2.5 to ESXi host logging. The logging level can be changed dynamically, and logs are now consolidated under Syslog offering more powerful and flexible NSX-T troubleshooting options at the ESXi host level.

VMware CLI Reference Guides

These changes are covered in the NSX-T Data Center 2.5.0 CLI Reference Guide: https://code.vmware.com/docs/11109

NSX-T Services

The following table displays the most relevant services in an NSX-T environment.

Daemon Platform Description
nsx-proxy Edge ESX KVM Provides northbound communication with the management plane and the central control plane.
nsx-cfgagent ESX Gets the configuration state from NestDB and programs the data plane kernel modules.
nsx-agent KVM Gets the configuration state from NestDB and programs OVS.
edge-agent Edge Gets the configuration state from NestDB and the programs DPDK modules.
nsx-opsagent Edge ESX KVM Operation agent responsible for TN realization/lldp/traceflow/pktcapture.
hyperbusESX KVM A component of Kubernetes integration.
These can be viewed from an NSX-T prepared ESXi host, in this case for an NSX-T 2.5.1 prepared host:

[root@esxcna01-s1:~] nsxcli

 esxcna01-s1.core.hypervizor.com> get service ?
   hyperbus         HyperBus configuration
   nsx-cfgagent     NSX configuration agent service on ESX
   nsx-context-mux  NSX context multiplexer service
   nsx-opsagent     NSX operation agent service
   nsx-proxy        NSX Proxy

esxcna01-s1.core.hypervizor.com> get service
 % Command not found: get service
 Possible alternatives:
     get service hyperbus lib-metrics logging-level
     get service hyperbus lib-nestdb logging-level
     get service hyperbus lib-net logging-level
     get service hyperbus lib-rpc logging-level
     get service hyperbus logging-level
     get service nsx-cfgagent cache-table [{config | l2 | l3} {local | remote | logical-switch | logical-switch-port | transport-node | bridge-cluster | group-relation | mirror | ipfix | profile | container}]
     get service nsx-cfgagent lib-metrics logging-level
     get service nsx-cfgagent lib-nestdb logging-level
     get service nsx-cfgagent lib-net logging-level
     get service nsx-cfgagent lib-rpc logging-level
     get service nsx-cfgagent logging-level
     get service nsx-context-mux logging-level
     get service nsx-opsagent logging-level
     get service nsx-proxy central logging-level
     get service nsx-proxy lib-metrics logging-level
     get service nsx-proxy lib-nestdb logging-level
     get service nsx-proxy lib-net logging-level
     get service nsx-proxy lib-rpc logging-level
     get service nsx-proxy logging-level

View Logging Level

The default logging level on all services is info.

esxcna01-s1.core.hypervizor.com> get service nsx-proxy logging-level
 Current proxy logging level is: info

Change Logging Level

NSX-T 2.5 ESXi Logging allows users to change the logging levels for all NSX services in the datapath dynamically without restarting them. The configured logging levels persist across service restarts and reboots, but not ESXi reboots. Keep in mind that logging level changes should be made with care, and lab-tested in your environment first.

esxcna01-s1.core.hypervizor.com> set service nsx-proxy logging-level ?
   off       NsxProxy logging level
   fatal     NsxProxy logging level
   error     NsxProxy logging level
   warn      NsxProxy logging level
   info      NsxProxy logging level
   debug     NsxProxy logging level
   trace     NsxProxy logging level

esxcna01-s1.core.hypervizor.com> set service nsx-proxy logging-level debug
 Setting proxy logging level from info to debug successfully

 esxcna01-s1.core.hypervizor.com> get service nsx-proxy logging-level
 Current proxy logging level is: debug

Logging Location

Note that in earlier versions of NSX-T Data Center, each of these daemons logged into a separate file on ESXi hosts. However, from NSX-T version 2.5, all the logs have been consolidated into /var/log/nsx-syslog.log.

Here is the logging location on an NSX-T 2.4.3 Prepared ESXi host, in /var/log/nsx*.log:

[root@esxcna01-s1:/var/log] nsxcli -c get version
 VMware NSX Software, Version 2.4.3.0.0.15008151                    <-- NSX-T 2.4.3 Prepared ESXi host
 Technical Support: http://www.vmware.com/support.html
 Copyright © 2014-2019 VMware, Inc. All rights reserved. This
 product is protected by copyright and intellectual property
 laws in the United States and other countries as well as by
 international treaties. VMware products are covered by one
 or more patents listed at http://www.vmware.com/go/patents.
 VMware is a registered trademark or trademark of VMware, Inc.
 in the United States and other jurisdictions. All other marks
 and names mentioned herein may be trademarks of their respective
 companies.
 [root@esxcna01-s1:/var/log] ls -larth nsx*
 lrwxrwxrwx    1 root     root          16 Feb 13 12:25 nsx -> /scratch/log/nsx
 -rw-r--r--    1 root     root           0 Feb 13 12:25 nsxaVim.err
 lrwxrwxrwx    1 root     root          25 Feb 13 12:25 nsxdavim.log -> /scratch/log/nsxdavim.log
 lrwxrwxrwx    1 root     root          24 Feb 13 12:25 nsxaVim.log -> /scratch/log/nsxaVim.log
 lrwxrwxrwx    1 root     root          26 Feb 13 12:25 nsx-proxy.log -> /scratch/log/nsx-proxy.log
 lrwxrwxrwx    1 root     root          29 Feb 13 12:25 nsx-opsagent.log -> /scratch/log/nsx-opsagent.log
 lrwxrwxrwx    1 root     root          27 Feb 13 12:25 nsx-nestdb.log -> /scratch/log/nsx-nestdb.log
 lrwxrwxrwx    1 root     root          23 Feb 13 13:38 nsxcli.log -> /scratch/log/nsxcli.log


Here is the logging location on an NSX-T 2.5.1 Prepared ESXi host, in /var/log/nsx*.log:

[root@esxcna01-s1:/var/log] nsxcli -c get version
 VMware NSX Software, Version 2.5.1.0.0.15314289                    <-- NSX-T 2.5.1 Prepared ESXi host
 Technical Support: http://www.vmware.com/support.html
 Copyright © 2014-2019 VMware, Inc. All rights reserved. This
 product is protected by copyright and intellectual property
 laws in the United States and other countries as well as by
 international treaties. VMware products are covered by one
 or more patents listed at http://www.vmware.com/go/patents.
 VMware is a registered trademark or trademark of VMware, Inc.
 in the United States and other jurisdictions. All other marks
 and names mentioned herein may be trademarks of their respective
 companies.
 [root@esxcna01-s1:/var/log] ls -larth nsx*
 lrwxrwxrwx    1 root     root          16 Jan 21 13:25 nsx -> /scratch/log/nsx
 lrwxrwxrwx    1 root     root          23 Jan 21 13:25 nsxcli.log -> /scratch/log/nsxcli.log
 lrwxrwxrwx    1 root     root          25 Jan 21 13:27 nsxdavim.log -> /scratch/log/nsxdavim.log
 lrwxrwxrwx    1 root     root          24 Jan 21 13:27 nsxaVim.log -> /scratch/log/nsxaVim.log
 lrwxrwxrwx    1 root     root          27 Jan 21 13:27 nsx-syslog.log -> /scratch/log/nsx-syslog.log
 -rw-r--r--    1 root     root          95 Jan 21 13:27 
In this brief article, we can see that there have been some significant enhancements in NSX-T 2.5 to ESXi host logging, offering more powerful and flexible troubleshooting options at the host level.

I now need to get back to writing for the NSX-T Automation with Ansible series!
NSX-T 2.5 ESXi Logging

Begin typing your search term above and press enter to search. Press ESC to cancel.