Add alarm 250.004 for IPsec certs renewal

This change added alarm 250.004, "IPsec certificates renewal failed". This alarm will be raised by the ipsec-cert-renew cron job when the renewal failed, and will be cleared when cron job script is re-run, either manually or by cron, after the error is fixed. Test Plan: PASS: Simulate a failure condition (eg, ipsec-client return non zero), run the cron job script, verify the IPsec renewal fails, and alarm 250.004 is raised. PASS: Run the script with IPsec cert not being about to expire, verify the script finish successfully and alarm 250.004 is cleared. Story: 2010940 Task: 49706 Change-Id: Ie4d3970ca32173939c1df55a2e59241ac214b2ae Signed-off-by: Andy Ning <andy.ning@windriver.com>
2024-03-12 11:56:08 -04:00 · 2024-03-12 11:56:08 -04:00 · e0c1825635
parent a2fadb04dc
commit e0c1825635
1 changed files with 16 additions and 0 deletions
--- a/fm-doc/fm_doc/events.yaml
+++ b/fm-doc/fm_doc/events.yaml
@ -997,6 +997,22 @@
    Degrade_Affecting_Severity: none
    Context: starlingx

+250.004:
+    Type: Alarm
+    Description: "IPsec certificates renewal failed on host[, reason = <reason_text>]"
+    Entity_Instance_ID: host=<hostname>
+    Severity: major
+    Proposed_Repair_Action: Check cron.log and ipsec-auth.log, fix the issue and rerun the renewal cron job.
+    Maintenance_Action:
+    Inhibit_Alarms:
+    Alarm_Type: operational-violation
+    Probable_Cause: unspecified-reason
+    Service_Affecting: False
+    Suppression: False
+    Management_Affecting_Severity: warning
+    Degrade_Affecting_Severity: none
+    Context: starlingx
+
 #---------------------------------------------------------------------------
 #   DEPLOYMENT
 #---------------------------------------------------------------------------