summaryrefslogtreecommitdiffstats
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/release/userguide/feature.userguide.rst74
1 files changed, 57 insertions, 17 deletions
diff --git a/docs/release/userguide/feature.userguide.rst b/docs/release/userguide/feature.userguide.rst
index 30e34b99..cd4051f4 100644
--- a/docs/release/userguide/feature.userguide.rst
+++ b/docs/release/userguide/feature.userguide.rst
@@ -471,7 +471,7 @@ https://github.com/collectd/collectd/blob/master/src/collectd.conf.pod
IPMI Plugin
^^^^^^^^^^^^
-Repo: https://github.com/maryamtahhan/collectd
+Repo: https://github.com/collectd/collectd
Branch: feat_ipmi_events, feat_ipmi_analog
@@ -543,16 +543,13 @@ Clone and install the collectd IPMI plugin:
.. code:: bash
- $ git clone https://github.com/maryamtahhan/collectd
+ $ git clone https://github.com/collectd/collectd
$ cd collectd
- $ git checkout $BRANCH
$ ./build.sh
$ ./configure --enable-syslog --enable-logfile --enable-debug
$ make
$ sudo make install
-Where $BRANCH is feat_ipmi_events or feat_ipmi_analog.
-
This will install collectd to default folder ``/opt/collectd``. The collectd
configuration file (``collectd.conf``) can be found at ``/opt/collectd/etc``.
To configure the IPMI plugin you need to modify the file to include:
@@ -561,7 +558,9 @@ To configure the IPMI plugin you need to modify the file to include:
LoadPlugin ipmi
<Plugin ipmi>
- SELEnabled true # only feat_ipmi_events branch supports this
+ <Instance "local">
+ SELEnabled true # only feat_ipmi_events branch supports this
+ </Instance>
</Plugin>
.. note::
@@ -569,8 +568,7 @@ To configure the IPMI plugin you need to modify the file to include:
dispatch the values to collectd and send SEL notifications.
For more information on the IPMI plugin parameters and SEL feature configuration,
-please see:
-https://github.com/maryamtahhan/collectd/blob/feat_ipmi_events/src/collectd.conf.pod
+please see: https://github.com/collectd/collectd/blob/master/src/collectd.conf.pod
Extended analog sensors support doesn't require additional configuration. The usual
collectd IPMI documentation can be used:
@@ -660,7 +658,7 @@ Clone and install the collectd mcelog plugin:
.. code:: bash
- $ git clone https://github.com/maryamtahhan/collectd
+ $ git clone https://github.com/collectd/collectd
$ cd collectd
$ ./build.sh
$ ./configure --enable-syslog --enable-logfile --enable-debug
@@ -678,11 +676,15 @@ include:
Interval 1
</LoadPlugin>
<Plugin mcelog>
- McelogClientSocket "/var/run/mcelog-client"
+ <Memory>
+ McelogClientSocket "/var/run/mcelog-client"
+ PersistentNotification false
+ </Memory>
+ #McelogLogfile "/var/log/mcelog"
</Plugin>
For more information on the plugin parameters, please see:
-https://github.com/maryamtahhan/collectd/blob/feat_ras/src/collectd.conf.pod
+https://github.com/collectd/collectd/blob/master/src/collectd.conf.pod
Simulating a Machine Check Exception can be done in one of 3 ways:
@@ -891,7 +893,7 @@ ovs_pmd_stat.sh calls the script for OVS PMD stats application with its argument
SNMP Agent Plugin
^^^^^^^^^^^^^^^^^
-Repo: https://github.com/maryamtahhan/collectd/
+Repo: https://github.com/collectd/collectd
Branch: master
@@ -986,9 +988,8 @@ Clone and install the collectd snmp_agent plugin:
.. code:: bash
$ cd ~
- $ git clone https://github.com/maryamtahhan/collectd
+ $ git clone https://github.com/collectd/collectd
$ cd collectd
- $ git checkout feat_snmp
$ ./build.sh
$ ./configure --enable-syslog --enable-logfile --enable-debug --enable-snmp --with-libnetsnmp
$ make
@@ -1032,7 +1033,7 @@ The ``snmpwalk`` command can be used to validate the collectd configuration:
retreived using standard IF-MIB tables.
For more information on the plugin parameters, please see:
-https://github.com/maryamtahhan/collectd/blob/feat_snmp/src/collectd.conf.pod
+https://github.com/collectd/collectd/blob/master/src/collectd.conf.pod
For more details on AgentX subagent, please see:
http://www.net-snmp.org/tutorial/tutorial-5/toolkit/demon/
@@ -1041,7 +1042,7 @@ http://www.net-snmp.org/tutorial/tutorial-5/toolkit/demon/
virt plugin
^^^^^^^^^^^^
-Repo: https://github.com/maryamtahhan/collectd
+Repo: https://github.com/collectd/collectd
Branch: master
@@ -1172,7 +1173,7 @@ statistics are disabled. They can be enabled with ``ExtraStats`` option.
</Plugin>
For more information on the plugin parameters, please see:
-https://github.com/maryamtahhan/collectd/blob/feat_libvirt_upstream/src/collectd.conf.pod
+https://github.com/collectd/collectd/blob/master/src/collectd.conf.pod
.. _install-collectd-as-a-service:
@@ -1282,6 +1283,41 @@ To see this demo in action please checkout: `Barometer OPNFV Summit demo`_
For more information on configuring and installing OpenStack plugins for
collectd, check out the `collectd-ceilometer-plugin GSG`_.
+Security
+^^^^^^^^^
+* AAA – on top of collectd there secure agents like SNMP V3, Openstack agents
+ etc. with their own AAA methods.
+
+* Collectd runs as a daemon with root permissions.
+
+* The `Exec plugin`_ allows the execution of external programs but counters the security
+ concerns by:
+
+ * Ensuring that only one instance of the program is executed by collectd at any time
+ * Forcing the plugin to check that custom programs are never executed with superuser
+ privileges.
+
+* Protection of Data in flight:
+
+ * It's recommend to use a minimum version of 4.7 of the Network plugin which provides
+ the possibility to cryptographically sign or encrypt the network traffic.
+ * Write Redis plugin or the Write MongoDB plugin are recommended to store the data.
+ * For more information, please see: https://collectd.org/wiki/index.php?title=Networking_introduction
+
+* Known vulnerabilities include:
+
+ * https://www.cvedetails.com/vulnerability-list/vendor_id-11242/Collectd.html
+
+ * `CVE-2017-7401`_ fixed https://github.com/collectd/collectd/issues/2174 in Version 5.7.2.
+ * `CVE-2016-6254`_ fixed https://mailman.verplant.org/pipermail/collectd/2016-July/006838.html
+ in Version 5.4.3.
+ * `CVE-2010-4336`_ fixed https://mailman.verplant.org/pipermail/collectd/2010-November/004277.html
+ in Version 4.10.2.
+
+ * http://www.cvedetails.com/product/20310/Collectd-Collectd.html?vendor_id=11242
+
+* It's recommended to only use collectd plugins from signed packages.
+
References
^^^^^^^^^^^
.. [1] https://collectd.org/wiki/index.php/Naming_schema
@@ -1297,3 +1333,7 @@ References
.. _aodh plugin: https://github.com/openstack/collectd-ceilometer-plugin/tree/stable/ocata/
.. _collectd-ceilometer-plugin GSG: https://github.com/openstack/collectd-ceilometer-plugin/blob/master/doc/source/GSG.rst
.. _grafana guide: https://wiki.opnfv.org/display/fastpath/Installing+and+configuring+InfluxDB+and+Grafana+to+display+metrics+with+collectd
+.. _CVE-2017-7401: https://www.cvedetails.com/cve/CVE-2017-7401/
+.. _CVE-2016-6254: https://www.cvedetails.com/cve/CVE-2016-6254/
+.. _CVE-2010-4336: https://www.cvedetails.com/cve/CVE-2010-4336/
+.. _Exec plugin: https://collectd.org/wiki/index.php/Plugin:Exec \ No newline at end of file