Wednesday, January 26, 2011

Proxmox


Proxmox VE is an open source, bare metal, virtualization platform supporting KVM and OpenVZ.

This article describes how to install and configure sFlow monitoring on a Proxmox VE server using the open source Host sFlow agent.

First install the development tools needed to compile the Host sFlow agent

apt-get update
apt-get install gcc make

Next, download the Host sFlow agent sources and compile and install the agent using the following commands:

tar -xvzf hsflowd-X.XX.tar.gz
cd hsflowd-X.XX
make
make install

The next steps involve configuring sFlow monitoring on the server. In this example, we will configure the sFlow agent to sample packets at 1-in-400, poll counters every 20 seconds and send sFlow to an analyzer (10.0.0.50) over UDP using the default sFlow port (6343).

The following commands configure ULOG monitoring of traffic:

iptables -A INPUT -m statistic --mode random --probability 0.0025 -j ULOG --ulog-nlgroup 5
iptables -A FORWARD -m statistic --mode random --probability 0.0025 -j ULOG --ulog-nlgroup 5
iptables -A OUTPUT -m statistic --mode random --probability 0.0025 -j ULOG --ulog-nlgroup 5

Note: These commands assume that there are no other firewall rules. For a more detailed description of configuring ULOG monitoring, see ULOG. Instrumenting the FORWARD rule set is important since Proxmox VE uses routing to connect venet interfaces on OpenVZ appliances and the FORWARD rule set is used to monitor the routed traffic.

Now edit the Host sFlow configuration file, /etc/hsflowd.conf:

sflow{
  DNSSD = off
  polling = 20
  sampling = 400
  collector{
    ip = 10.0.0.50
    udpport = 6343
  }
  ulogGroup = 5
  ulogProbability = 0.0025
}

Note: It is essential that the Host sFlow ulogGroup setting and the iptables --ulog-nlgroup settings match (in this case they are all set to 5). It is also essential that the Host sFlow ulogProbability and the iptables --probability settings match (in this case they are all 0.0025, i.e. 1-in-400).

In this case, we are using manual configuration of the Host sFlow agent. In a case where large numbers of servers need to be configured, automatic DNS-SD configuration should be considered.

Finally, start the sFlow agent:

/etc/init.d/hsflowd start

An sFlow analyzer is needed to receive the sFlow data and report on performance (see Choosing an sFlow analyzer). The free sFlowTrend analyzer is a great way to get started, see sFlowTrend adds server performance monitoring to see examples.

Note: There are currently some limitations with sFlow on Proxmox VE. Proxmox VE does not currently support libvirt, so the Host sFlow agent is unable to report on virtual machine statistics. In addition, the default virtual switch does not include sFlow support, so detailed visibility into per virtual interface counters and traffic flows is not available. However, the Open vSwitch replaces the default Linux bridge and provides sFlow support along with other advanced features. Open vSwitch is now included on Xen Cloud Platform and XenServer and could be an option for Proxmox VE in the future.

No comments:

Post a Comment