[openstack-dev] [ceilometer] Exposing Ceilometer alarms as SNMP traps

Florian Haas florian at hastexo.com
Fri Apr 25 08:01:23 UTC 2014


Hi Eric,

On Thu, Apr 24, 2014 at 7:02 PM, Eric Brown <browne at vmware.com> wrote:
> I'm pretty familiar with SNMP as I have worked with it for a number years.
> I know Telcos like it, but I feel its a protocol that is near end of life.
> It hasn't
> kept up on security guidelines.  SNMPv1 and v2c are totally insecure and
> SNMPv3 is barely usable.  But even SNMPv3 still uses MD5 and SHA1.

I agree, but at least with my limited SNMP experience I've seen quite
a few v2c deployments out there, so forgoing that altogether doesn't
seem like a good idea to me.

> That being said, the Alarm MIB would be my choice of MIB.  A custom MIB
> would be a mess and a nightmare to maintain.

Thanks for confirming. :)

> Can pysnmp do v3 notifications?  You might want to also consider informs
> rather than traps since they are acknowledged.

Yes, pysnmp can do INFORMs:
http://pysnmp.sourceforge.net/examples/current/v3arch/oneliner/agent/ntforg/inform-v3.html

However, speaking of acknowledgments, is the concept of an alert being
acknowledged even present in Ceilometer?

I'm afraid I've opened a can of worms here. :)

Cheers,
Florian



More information about the OpenStack-dev mailing list