'fp.monitoring' fixed and expanded (Issue623)

[jmiguelhp]

Current Fabric Monitoring Data Model only accept the configuration of name. Support for destination_group was added and sopport of user-defined fabric monitoring policies.

These are non-breaking changes.

Data tested:

---
apic:
  fabric_policies:
    monitoring:
      snmp_traps:
        - name: trap1
          destination_group: mon_snmp1_dst_grp
        - name: trap2
      syslogs:
        - name: syslog1
          description: desc1
          session: true
          minimum_severity: debugging
          admin_state: false
          format: nxos
          show_millisecond: false
          show_timezone: false
          local_admin_state: false
          local_severity: emergencies
          console_admin_state: false
          console_severity: alerts
          destination_group: mon_syslog1_dst_grp
        - name: syslog2
      policies:
        - name: Custom_Policy1
          description: This is a custom policy for policy monitoring.
          fault_severity_policies:
            - class: snmpClient
              faults:
                - fault_id: F1368
                  description: "Fault 1368 nice description"
                  initial_severity: critical
                  target_severity: inherit
            - class: snmpConfIssues
            - class: snmpTrapDest
              faults:
                - fault_id: F1450
                  description: "Fault 1450 cool description"
                - fault_id: F1449
                  description: "Fault 1449 superb description"
                  initial_severity: minor
                  target_severity: critical
          snmp_traps:
            - name: policy_trap1
              destination_group: pol_snmp_dst_grp
            - name: policy_trap2
          syslogs:
            - name: policy_syslog1
              description: desc1
              session: true
              minimum_severity: debugging
              admin_state: false
              format: nxos
              show_millisecond: false
              show_timezone: false
              local_admin_state: false
              local_severity: emergencies
              console_admin_state: false
              console_severity: alerts
              destination_group: pol_syslog_dst_grp
            - name: policy_syslog2
        - name: Custom_Policy2

[ogorczow]

I guess this example data is vague?

          syslogs:
            - name: policy_syslog1
              description: desc1
              session: true
              minimum_severity: debugging
              admin_state: false
              format: nxos
              show_millisecond: false
              show_timezone: false
              local_admin_state: false
              local_severity: emergencies
              console_admin_state: false
              console_severity: alerts
              destination_group: pol_syslog_dst_grp

[ogorczow]

maybe lets call it aci_monitoring_policy_common and 2nd module just aci_monitoring_policy?

[ogorczow]

and lets add there fault severity policies (for common object), to keep all modules supporting the same

[ogorczow]

by the way, i guess there is not an option to configure new syslog destination or snmp destination without adding it to common object?

[jmiguelhp]

maybe lets call it aci_monitoring_policy_common and 2nd module just aci_monitoring_policy?

We can check this with Justyna. I tried to keep it the way it is in order to ensure backwards compatibility.

and lets add there fault severity policies (for common object), to keep all modules supporting the same

As per my tests, common policy does not allow changes in Fault severities.

by the way, i guess there is not an option to configure new syslog destination or snmp destination without adding it to common object?

Not sure about this one. Hope you can elaborate it

[ogorczow]

If we analyze common policy, i guess that there was 1 more broken thing:

---
apic:
  fabric_policies:
    monitoring:
      snmp_traps:
        - name: trap1
          destination_group: mon_snmp1_dst_grp

If we consider that we create an SNMP destination named "trap1" and also it automatically creates under monitoring common policy reference, in our case it will generate reference to 'mon_snmp1_dst_group` which doesn't exists.

Wouldn't it be there that we need to keep destination_group and name always the same to make it working? I guess maybe we should force users to keep it the same?

destination_group would have to include name_suffix as well

[jmiguelhp]

If we analyze common policy, i guess that there was 1 more broken thing:

---
apic:
  fabric_policies:
    monitoring:
      snmp_traps:
        - name: trap1
          destination_group: mon_snmp1_dst_grp

If we consider that we create an SNMP destination named "trap1" and also it automatically creates under monitoring common policy reference, in our case it will generate reference to 'mon_snmp1_dst_group` which doesn't exists.

Wouldn't it be there that we need to keep destination_group and name always the same to make it working? I guess maybe we should force users to keep it the same?

destination_group would have to include name_suffix as well

User should be in charge of make sure references are pointing to valid objects (e.g. when you define a BD under EPG, tool does not validate if the BD exists and no error is popped up). Also, an internal issue was raised where the engineers are not using the same name for both objetcs, instead, they create the SNMP destinations independently.

Let's meet and discuss this further.

Thanks!

[ogorczow]

this should read from:

---
defaults:
  apic:
    fabric_policies:
      monitoring:
        syslogs:
          name_suffix: ""

[ogorczow]

this should read from:

---
defaults:
  apic:
    fabric_policies:
      monitoring:
        snmp_traps:
          name_suffix: ""

[ogorczow]

there is no need to create new destination_group_suffix