NSX 6.2 Centralized CLI, Edge Services Gateway

As discussed in a previous post, we have developed a centralized set of commands that can be run from the NSX manager instead of having to get a session into each NSX component. In this post I will focus on the Edge Services Gateway centralized commands; we have pushed out more than 60 total commands and I will list them here and go through what I feel are the most useful subsets. It’s important to remember that these commands are only going to provide you with information, rather than allow you to make changes. I know this is a limitation, but I feel it’s still very useful, especially if you just need to grab specific IDs of devices to run API calls, or confirm services are running with proper configuration without having to SSH into each component.
While the list below is not all exclusive, it gives you an idea of what can be run. There are multiple subsets of each of the commands below; for example, ‘show edge edge-id service‘ has subsets for loadbalancer, monitor, ipset, highavailability, dhcp, and dns.

show edge 
  version        Show version
  eventmgr       Show event manager statistics
  log            Show system logs
  ipset          Show ipset information
  nat            Show nat packet counters
  arp            Show arp cache
  firewall       Show firewall packet counters
  flowtable      Show flow table
  process        Edge Process Commands
  system         Edge System Commands
  messagebus     Edge Messagebus Commands
  configuration  Edge Configuration Commands
  interface      Edge Interface Command
  ip             Edge IP Commands
  service        Edge Service Commands

The first thing you will want to do, is list out all of the edge devices in your NSX environment. This will provide you will all of the edge ID’s which will be used to run commands against a specific edge, as well as it provides the name, size, version, and status.

nsxmgr-01a> show edge all
Edge Size: Compact - C, Large - L, X-Large - X, Quad-Large - Q
Edge ID                                    Name                     Size Version Status
edge-2                                     Local-Distributed-Router C    6.2.0   GREEN
edge-3                                     Perimeter-Gateway-01     C    6.2.0   GREEN
edge-4                                     OneArm-LoadBalancer-01   C    6.2.0   GREEN
edge-5                                     Perimeter-Gateway-02     C    6.2.0   GREEN
edge-6                                     OneArm-LoadBalancer-02   C    6.2.0   GREEN

One of the best commands to utilize, is the ‘show edge edge-id log‘ command. You can view the logs on each individual edge services gateway to troubleshoot through any issues you may be experiencing.

nsxmgr-01a> show edge edge-2 log
2015-11-05T15:53:38+00:00 Local-Distributed-Router-0 syslog-ng[676]: [default]:  [syslog.info] Log statistics; processed='src.internal(src#1)=937', stamp='src.internal(src#1)=1446737621', processed='source(s_udp)=0', processed='global(payload_reallocs)=2685', processed='destination(df_all)=2388', processed='global(msg_clones)=16096', processed='center(queued)=0', processed='global(sdata_updates)=0', processed='destination(loghost)=3336', processed='destination(df_console)=32', processed='center(received)=0', processed='source(src)=1107', processed='source(ksrc)=1281'
2015-11-05T16:13:38+00:00 Local-Distributed-Router-0  [syslog.info] -- MARK --
2015-11-05T16:33:38+00:00 Local-Distributed-Router-0  [syslog.info] -- MARK --
2015-11-05T16:53:38+00:00 Local-Distributed-Router-0  [syslog.info] -- MARK --
2015-11-05T17:04:18+00:00 Local-Distributed-Router-0 MsgMgr:  [daemon.debug] Info: initialized regex for command
2015-11-05T17:04:18+00:00 Local-Distributed-Router-0 MsgMgr:  [daemon.debug] Info: initialized regex for command ID

It’s also possible to see the edge arp cache which can come in handy.

nsxmgr-01a> show edge edge-2 arp
haIndex:              0
vShield Edge ARP Cache:
nsxmgr-01a> show edge edge-3 arp
haIndex:              0
vShield Edge ARP Cache:
IP Address                              Interface  MAC Address        State                           vNic_0     00:50:56:01:20:a5  REACHABLE

If you would like to review the edge for performance issues surrounding CPU, memory, disk space, or net-work stats, you will use the ‘show edge edge-id system‘ commands. Furthermore, you can view the processes running and the CPU/Memory they are consuming with the ‘show edge edge-id process‘ command.

nsxmgr-01a> show edge edge-2 system storage
haIndex:              0
Filesystem      Size  Used Avail Use% Mounted on
/dev/sda1       372M  321M   33M  91% /
/dev/sda2        47M  5.0M   40M  12% /var/db
/dev/sda3        31M  4.5M   25M  15% /var/dumpfiles
/dev/sda4        34M  6.5M   26M  21% /var/log
nsxmgr-01a> show edge edge-2 system memory
haIndex:              0
MemTotal:         505212 kB
MemFree:          341236 kB
nsxmgr-01a> show edge edge-2 process list
haIndex:              0
 0.0  0.1   3956   696 Ss     Oct 23 00:00:21 init [3]
 0.0  0.0      0     0 S      Oct 23 00:00:00 [kthreadd]
 0.0  0.0      0     0 S      Oct 23 00:00:08 [ksoftirqd/0]

To view the running configuration you will use the ‘show edge edge-id configuration‘ command. You will be able to see the configuration of all of the services shown below.

  application-set   Show application-set configuration
  dns               Show dns configuration
  highavailability  Show highavailability configuration
  ipset             Show ipset configuration
  nat               Show NAT configuration
  sslvpn-plus       Show sslvpn-plus configuration
  bgp               Show bgp configuration
  firewall          Show firewall configuration
  interface         Show interface configuration
  isis              Show ISIS configuration
  ospf              Show OSPF configuration
  static-routing    Show static-routing configuration
  certificatestore  Show certificatestore configuration
  global            Show global configuration
  interface-set     Show interface-set configuration
  l2vpn             Show L2VPN configuration
  routing-global    Show routing-global configuration
  syslog            Show SYSLOG configuration
  dhcp              Show DHCP configuration
  gslb              Show gslb configuration
  ipsec             Show IPSEC configuration
  loadbalancer      Show loadbalancer configuration
  snmp              Show SNMP configuration
  provider-ipset    Show provider's ipset configuration
  provider-appset   Show provider's application-set configuration

The last command I will go through that I find useful is the ‘ip-route‘ command. This will help when troubleshooting routing issues, dynamic routes learned, static routes, and more. To view this information, run the command below.

nsxmgr-01a> show edge edge-3 ip route
haIndex:              0

Codes: O - OSPF derived, i - IS-IS derived, B - BGP derived,
C - connected, S - static, L1 - IS-IS level-1, L2 - IS-IS level-2,
IA - OSPF inter area, E1 - OSPF external type 1, E2 - OSPF external type 2,
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

Total number of routes: 6

B            [20/0]        via
O   E2       [110/1]       via
O   E2       [110/1]       via
O   E2       [110/1]       via
C       [0/0]         via
C     [0/0]         via

There are still several commands I didn’t go through but I wanted to provide a good foundation of the centralized edge commands to get everyone started. As always, feel free to post any questions or comments below!

Posted by:

Sean Whitney

Leave A Comment

Your email address will not be published. Required fields are marked (required):

Back to Top