Using Simple Networking Management Protocol (SNMP) to monitor server performance and send notifications (called
traps) is an important skill that all VMware administrators will eventually need to master. In this article I'll explain the different types of SNMP agents available for VMware ESX and ESXi, how to configure SNMP with ESX and give an example of how it could be monitored using SNMP. Finally, you'll learn how to configure the alternative ESX SNMP agent and the ESXi agent to send SNMP traps to a network management station (NMS).
Why would I want to configure SNMP for VMware ESX Server?
SNMP is used to gather statistics from network devices such PCs, servers, network devices and more. SNMP can also be used to send traps to SNMP management stations (such as Dell OpenManage). While I will briefly mention how to configure traps, I am going to focus on how to configure ESX so that statistics can be gathered from it.
So why would you want to use SNMP? For example, if you were to download a new ESX Server monitoring tool SolarWinds VM Monitor, you'd have to first enable SNMP on your ESX server because SolarWinds's VM Monitor uses SNMP to gather its data. The bottom line is that more and more applications are being released that monitor VMware ESX Server, and many use SNMP to do it. We're also starting to hear that existing monitoring applications can monitor VMware ESX – if you enable SNMP.
VMware ESX Server (not ESXi) comes with two SNMP agents. One agent is based on net-snmp (a well-known Linux SNMP agent with excellent documentation on the Internet). The other SNMP agent is very simple and only supports traps. This is the same agent that ESXi offers. In this article, I will be configuring the more advanced SNMP agent – net-snmp. (For documentation on how to configure the slimmed down ESX agent and ESXi agent see VMware's article on using SNMP with ESXi. Still, keep in mind that with that agent you won't be able to monitor your server using an application like I demonstrate below. You will only be able to configure ESX or ESXi to send traps to your NMS.)
Unfortunately, you can not enable SNMP using a graphical interface (such as the VMware Infrastracture Client). That said, it isn't hard to do with the command line. Let me show you how by using secure shell (SSH) command line and simple network management protocol (SNMP) commands.
How to enable SNMP in ESX Server via SSH
Other than going to the server's console, configuring SNMP via SSH is the only way to do it.
Once connected to the ESX Server using SSH you can use standard Linux commands to configure SNMP. While you can get very complex in the configuration of SNMP (using version 3 with encryption and such), I will just cover the standard SNMP configuration.
The SNMP daemon is NOT running by default so until you follow these instructions, your SNMP monitoring application won't be able to talk to your ESX Server.
First, I would edit the /etc/snmp/snmpd.conf file using nano or vi. For example:
At minimum, enter the read-only community string (ROcommunity). I entered the system contact, the system location, read only community string, and trap community string.
At this point, the SNMP daemon is configured but not yet started. You could start the SNMP daemon manually by simply typing:
service snmpd start
However, you actually want the SNMP daemon to start automatically every time the server boots. To do this, type:
chkconfig snmpd on
At this point, SNMP reads are configured (we didn't configure traps) and the SNMP daemon will start when the server boots.
You could reboot the server if it isn't yet in production or you could use the snmpd start command above. Either way, to make sure it is running, you can do a ps –ef | grep snmp and see your SNMPd running, like this:
[root@ESX2 snmp]# ps -ef | grep snmp root 1058 1 0 Oct15 ? 00:00:05 /usr/sbin/snmpd -s -l /dev/null -P /var/run/snmpd -a root 2223 2116 0 01:18 pts/0 00:00:00 grep snmp [root@ESX2 snmp]#
Or, you could run:
[root@ESX2 snmp]# service snmpd status snmpd (pid 1058) is running...
There are also lots of SNMP commands in ESX. In /usr/bin you will find commands like snmpstatus, snmptest, and snmpwalk. Here is the full list:
Actually, these aren't ESX specific; these are Red Hat Enterprise Linux commands. That means that you can reference the net-snmp documentation for complete instructions on how all of these commands work.
If you wanted to configure ESX to send traps to your NMS, you would edit the trapcommunity and the trapsink in the /etc/snmp/snmpd.conf file. The trapsink is the hostname of the NMS. To enable or disable traps completely in ESX server, you can edit /etc/vmware/hostd/config.xml. For more information on this, see the VMware's Using SNMP with ESX Server 3 documentation.
How to monitor VMware ESX Server using SolarWinds VM Monitor
You could use just about any SNMP monitoring tool to monitor VMware ESX Server- WhatsUP, Solarwinds Orion, Nagios and others. I chose to use a simple free tool that I recently learned about. This tool is from Solarwinds and it is called SolarWinds VM Monitor. You can download it free and the limitation is that it only monitors a single VMware ESX Server at a time. I like the simple slick interface of VM Monitor. It reminds me of a Windows sidebar gadget or Mac OS widget.
Once SNMP is configured and you run VM Monitor, all it asks for is the hostname and SNMP read community of the ESX Server. Here is what it looks like:
Upon connecting, it gathered data using SNMP and showed me basic performance stats of my ESX Server and Guest VMs, like this:
Again, this is just a sample of using a free, basic, SNMP performance tool to monitor ESX Server.
How to enable VMware ESX / ESXi SNMP traps using the Remote CLI
To configure the basic SNMP agent to send traps, you can use the free VMware remote command line interface (Remote CLI). After running RCLI and typing DIR, I can see the command vicfg-snmp.pl.
As you can see in the graphic below, I use the command to check the status of my SNMP agent.
Basic configuration for traps is done with-
vicfg-snmp.pl --server <ESX_IP_Address> --username root --password <password> -c <community_name> -t <NMS-Server>@162/<community_name>
For all the options, run vicfg-snmp.pl –help.
That's it. Enabling your system tools to monitor and report on your ESX servers via SNMP can make your life as a VMware administrator much easier. If you have any questions, write to me via firstname.lastname@example.org. Your questions will be forwarded to me by one of the site editors, and I'll respond as soon as I can.
ABOUT THE AUTHOR: David Davis (CCIE #9369, VCP, CWNA, MCSE, CISSP, Linux+, CEH) is the Director of Infrastructure at Train Signal, Inc. He has written hundreds of articles and six video training courses – including the Train Signal VMware ESX Server video training series. His websites are Happy Router.com and VMwareVideos.com.