Additional Configuration Options¶
Advanced morpheus.rb Settings¶
Morpheus allows for additional advanced customizations for system managed services within the morpheus.rb file located in /etc/morpheus/morpheus.rb
. Below is a list of the supported items available in the morpheus.rb
file.
Note
Service configuration settings are not applicable for externalized services such as external mysql/percona, elasticsearch or rabbitmq clusters. Only connection settings are applicable for external services. Additionally, to configure Morpheus to utilize alternate ports for SSL, you may have to take additional configuration steps. If simply appending a port to your appliance_url
value doesn’t work, consult the related article in our KnowledgeBase.
app['encryption_key_suffix'] = '$suffix'
# Replace $suffix with the suffix string of your choice. See `https://docs.morpheusdata.com/en/latest/getting_started/additional/encryption.html` for important details and warnings.
appliance_url 'https://morpheus.appliance-url.com'
# Appending alternate port to appliance_url is supported. ie 'https://morpheus.appliance-url.com:8443'
# The appliance_url cannot exceed 64 characters
# The appliance_url must not contain a trailing `/`.
bitcan['backup_directory'] = '/var/opt/morpheus/bitcan/backups'
bitcan['working_directory'] = '/var/opt/morpheus/bitcan/working'
elasticsearch['auth_password'] = 'xxxxxxxxxxxxxxxx'
elasticsearch['auth_user'] = 'morpheus-es-user'
elasticsearch['enable'] = true
elasticsearch['es_hosts'] = {'127.0.0.1' => 9200}
elasticsearch['host'] = "127.0.0.1"
elasticsearch['port'] = "9200"
elasticsearch['tmp_dir'] = '/var/tmp/elasticsearch'
elasticsearch['use_tls'] = false
↓ The following elasticsearch settings are only valid for Internal/Embedded elasticsearch services
elasticsearch['log_dir'] = '/var/log/morpheus/elasticsearch'
elasticsearch['memory_alloc_arena_max'] = 2
elasticsearch['memory_map_max'] = 65536
elasticsearch['memory_map_threshold'] = 131072
elasticsearch['memory_top_pad'] = 131072
elasticsearch['memory_trim_threshold'] = 131072
elasticsearch['open_files'] = 204800
elasticsearch['secure_mode'] = false
elasticsearch['xms'] = 0.25 #### Configurable for customers running into high memory issues, values are the percentage of total RAM. Both ui and es xms/xmx config only apply if Elasticsearch is enabled.
elasticsearch['xmx'] = 0.25
guacd['guacamole_enabled'] = false
guacd['host'] = localhost #### The host guacd is listening on, if not configured 'localhost' is the default value
logging['svlogd_num'] = 30 #### keep 30 rotated log files
logging['svlogd_size'] = 209715200 #### 200 MB in bytes
logging['svlogd_timeout'] = 86400 #### rotate after 24 hours in seconds
mysql['enable'] = true
mysql['host'] = {'127.0.0.1' => 3306}
mysql['use_tls'] = false
mysql['morpheus_db_user'] = 'morpheus-db-user'
mysql['morpheus_password'] = 'morpheus-db-password'
mysql['morpheus_db'] = 'xxxxxxxxxxxxxxxx'
mysql['mysql_url_overide'] = 'jdbc:mysql://10.30.20.10:3306,10.30.20.11:3306,10.30.20.12:3306/morpheusdb?autoReconnect=true&useUnicode=true&characterEncoding=utf8&failOverReadOnly=false&useSSL=false'
↓ The following mysql settings are only valid for Internal/Embedded mysql services
mysql['tmp_dir'] = '/tmp/mysql'
mysql['log_dir'] = '/var/log/morpheus/mysql'
mysql['max_active'] = 150 # The combined value off all app node max_active values must be lower than max_connections setting in mysql
mysql['max_connections'] = 151
mysql['max_allowed_packet'] = 67108864
mysql['mysql_connect_timeout'] = 60000
mysql['mysql_max_reconnects'] = 2
mysql['mysql_queries_before_retry_source'] = 0
mysql['mysql_seconds_before_retry_source'] = 300
nginx['cache_max_size'] = '5000m'
nginx['enable'] = true
nginx['loading_pages']['failure_page_h1'] = 'Morpheus Server Error'
nginx['loading_pages']['failure_page_h2'] = 'Please contact your system administrator for assistance.'
nginx['loading_pages']['failure_page_title'] = 'Morpheus Server Error'
nginx['loading_pages']['iteration_time'] = 10000 # milliseconds
nginx['loading_pages']['loading_page_h1'] = 'Morpheus is Loading...'
nginx['loading_pages']['loading_page_h2'] = 'please wait'
nginx['loading_pages']['loading_page_title'] = 'Morpheus Loading'
nginx['loading_pages']['max_loops'] = 60 # seconds
nginx['loading_pages']['timeout_page'] = '/timeout.html'
nginx['loading_pages']['timout_page_h1'] = 'Timeout waiting for Morpheus to load, click below to try again.'
nginx['loading_pages']['timout_page_title'] = 'Morpheus timeout, please try again...'
nginx['log_format_name'] = 'custom'
nginx['log_format'] = '\'$remote_addr - $remote_user [$time_local] "$request" \' \'$status $body_bytes_sent "$http_referer" \' \'"$http_user_agent" "$http_x_forwarded_for" \' \'rt=$request_time uct="$upstream_connect_time" uht="$upstream_header_time" urt="$upstream_response_time"\';'
nginx['listen_ipv6'] = true #### IPv6 will be added to ``morpheus.conf`` and ``morpheus-ssl.conf`` listeners if any value is set in morpheus.rb other than ``nil``, including "off" or false
nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"
nginx['ssl_company_name'] = "Morpheus, LLC"
nginx['ssl_country_name'] = "US"
nginx['ssl_email_address'] = "[email protected]"
nginx['ssl_locality_name'] = "San Mateo"
nginx['ssl_organizational_unit_name'] = "DevOps"
nginx['ssl_protocols'] = "TLSv1 TLSv1.1 TLSv1.2"
nginx['ssl_session_cache'] = "builtin:1000 shared:SSL:10m"
nginx['ssl_session_timeout'] = "5m"
nginx['ssl_state_name'] = "CA"
nginx['ssl_access_ping_log'] = false # Enables or disables nginx logging of /ping requests
nginx['access_ping_log'] = false # Enables or disables nginx logging of /ping requests
nginx['worker_connections'] = 10240
nginx['workers'] = integer calculated from number of cpus
rabbitmq['enable'] = true
rabbitmq['host'] = '127.0.0.1'
rabbitmq['port'] = '5672'
rabbitmq['queue_user_password'] = 'xxxxxxxxxxxxxxxx'
rabbitmq['queue_user'] = 'morpheus-rmq-user'
rabbitmq['vhost'] = 'morpheus'
↓ The following rabbitmq settings are only valid for Internal/Embedded rabbitmq services
rabbitmq['heartbeat'] = nil
rabbitmq['log_dir'] = '/var/log/morpheus/rabbitmq'
rabbitmq['nodename'] = 'rabbit@localhost'
rabbitmq['port'] = '5672'
rabbitmq['use_tls'] = false
repo['repo_host_url'] = 'https://downloads.morpheusdata.com'
ui['http_client_connect_timeout'] = 10000 #### milliseconds
ui['jobs_enabled'] = true #### This option disables the appliance jobs service on the appliance node when set to false. This should be disabled only when configuring jobs to run on specific app nodes in HA environments.
ui['kerberos_config'] = nil
ui['kerberos_login_config'] = nil
ui['log_dir'] = '/var/log/morpheus/morpheus-ui'
ui['max_memory_mb'] = nil
ui['memory_alloc_arena_max'] = 2
ui['memory_map_max'] = 65536
ui['memory_map_threshold'] = 131072
ui['memory_top_pad'] = 131072
ui['memory_trim_threshold'] = 131072
ui['pxe_boot_enabled'] = false #### This option disables the PXE service within the app
ui['vm_images_cdn_url'] = 'https://morpheus-images.morpheusdata.com'
ui['xms'] = 0.25 #### Configurable for customers running into high memory issues, values are the percentage of total RAM. Both ui and es xms/xmx config only apply if Elasticsearch is enabled.
ui['xmx'] = 0.25
Load Balancer Configuration¶
For configurations with 2 or more Applications Nodes, a load balancer is recommended to ensure high availability (HA) from disruptions and upgrades. Below are the guidelines to configuring a load balancer for Morpheus but each configuration may differ based on the organization’s requirements.
Requirements¶
WebSockets enabled
Load Balance 443 (optionally redirect 80 to 443)
SSL Termination (Offload), Bridging, and Passthrough are supported
Round-Robin or least connection distribution
HTTPS monitor
https://ip_address/ping
body forMORPHEUS PING
or status of 200, for node operational health
Example configurations¶
Below are a few examples of configuring load balancers to meet the needs of a HA configuration. The examples assume SSL bridging will be used, which means an SSL (TLS) certificate is presented by the load balancer to clients and the load balancer will communicate with the backend nodes via a different (possibly same) certificate. This configuration is recommended because the Morpheus application nodes will create self-signed certificates and the load balancer will present a valid certificate to end users. Additionally, all communication will be encrypted. This reduces the overhead of maintaining the certificates on the Morpheus application nodes, as the load balancer can ignore invaild certs on the application nodes. However, the certificates on the Morpheus application nodes are not required to be self-signed, they can be replaced with other trusted certificates following the SSL Certificates documentation.
Tip
The list below is not meant to be a complete list for all load balancers. The provided examples are common deployments that can be used for reference. The settings mentioned in the examples list the primary settings that may need to be configured, other settings are based on the organization’s needs requirements and own configuration.
F5 BIG-IP
Monitor
Type: HTTPS
Send String: GET /ping
Receive String: MORPHEUS PING
Pool
Health Monitor: Select monitor created in the Monitor section
Load Balancing Method: Least Connections (member) is recommended (alternatively Round Robin)
Node Service Port: 443/HTTPS
Virtual Server
Type: Standard
Service Port: 443/HTTPS
Protocol: TCP
Protocol Profile (Client): tcp
Protocol Profile (Server): tcp
HTTP Profile (Client): http
HTTP Profile (Server): http
SSL Profile (Client): clientssl (or preferred profile with a trusted certificate)
SSL Profile (Server): serverssl
Source Address Translation: Auto Map
AWS Application Load Balancer (ALB)
Target Group
Target Type: Instances
Protocol/Port: HTTPS/443
Health Check Protocol: HTTPS
Health check path: /ping
Load balancing algorithm: Least Outstanding Requests is recommended (alternatively Round Robin)
Load Balancer
Security Group: Allow HTTPS/443 Inbound and Outbound
Listener: HTTPS:443 to the target group created in the Target Group section
Security Policy: ELBSecurityPolicy-2016-08
HAProxy
Example /etc/haproxy/haproxy.cfg
configuration file
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# https://www.haproxy.org/download/1.8/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
log 127.0.0.1:514 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
# utilize system-wide crypto-policies
ssl-default-bind-ciphers PROFILE=SYSTEM
ssl-default-server-ciphers PROFILE=SYSTEM
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend main
mode http
bind *:443 ssl crt /etc/haproxy/ssl/combined_crt_key.pem
default_backend mybackend
backend mybackend
mode http
option httpchk
http-check send meth GET uri /ping
http-check expect string MORPHEUS\ PING
balance leastconn
server app1 192.168.101.1:443 check ssl verify none
server app2 192.168.101.2:443 check ssl verify none
server app3 192.168.101.3:443 check ssl verify none
Azure Application Gateway
In this example, it is assumed End-To-End TLS Encryption is being used, which means the Application Gateway will present a certificate to the clients and the backend nodes will present the same certificate.
If a setting is not mentioned, it is assumed that the default can be maintained.
General Settings
Tier: Standard V2
Capacity type: Autoscale or Manual are both supported
HTTPS2: Disabled
Frontend Configuration
Type: Set Public if Morpheus should be accessilbe externally, otherwise choose Private
Public IP Address: Associate a previously create public IP or create a new one
Listener
Frontend IP: Choose the IP created from the Frontend Configuration above
Protocol: HTTPS
Port: 443
Certificate:
Upload the public certificate in PFX format
This certificate should match the one presented by the backend nodes
The certificate should include the entire chain, including the private key
Listener type: Basic
Error page URL: No
Backend Settings
Backend protocol: HTTPS
Backend port: 443
Use well known CA certificate:
If set to Yes, the certificate does not need to be uploaded in the settings. This must be a well known certificate provided by a well known certificate authority, not an internally generated certificate
If set to No, ensure the certificate that is present on the backend nodes is uploaded to the Application Gateway. Note that the certificate should include the entire chain (CA, Intermediates, Certificate)
Cookie-based affinity: Disable
Connection draining: Enable
Override with new host name: No
Use Custom probe: No (one will be created next and will be assoicated during that configuration)
Health Probe
Protocol: HTTPS
Host: Enter the host that is configured on the Morpheus application nodes. This same host that will be used on the Application Gateway Example: morpheus.mydomain.com
Pick host name from backend settings: No
Pick port from backend settings: Yes
Path: /ping
Use probe matching conditions: Yes
HTTP response status code match: 200-399
Backend settings: Choose the backend settings created above
Backend Pool
The Target Type can either be Virtual Machine or IP address or FQDN
If Morpheus is hosted in Azure, Virtual Machine will likely be the choice. The load balancer will need to able to communicate with the target
If Morpheus is hosted on-premise, or outside of Azure, the IP address or FQDN can be used but the load balancer will need to able to communicate with the target
Important Items
Ensure the backend virtual machines allow port 443 from the load balancer, otherwise a 502 error may be seen
If using a wildcard certificate, you must use a custom health probe, as mentioned above, otherwise you may see the following error message:
The Common Name (CN) of the backend server certificate does not match the host header entered in the health probe configuration (v2 SKU) or the FQDN in the backend pool (v1 SKU). Verify if the hostname matches with the CN of the backend server certificate.
As mentioned above, ensure the complete chain for the certificate is presented by Morpheus, otherwise you may see the following error message:
The root certificate of the server certificate used by the backend does not match the trusted root certificate added to the application gateway. Ensure that you add the correct root certificate to whitelist the backend
Configuring the certificate on the Morpheus nodes
Additional reading:
Offline Installations and Upgrades¶
For customers that have an appliance behind a firewall/proxy that does not allow downloads from our Amazon download site, you can add the supplemental package to add the needed packages the standard Morpheus installer would have downloaded.
Offline Installation Requirements¶
NTP should be correctly configured and the server is able to connect to the NTP server in the ntp.conf file
The OS package repositories should be configured to use local LAN repository servers or the server should be able to receive packages from the configured repositories
The standard Morpheus and supplemental packages must be downloaded from another system and transferred to the Morpheus Appliance server
The supplemental package is additive, the full installer is also required
Note
The supplemental package is linked 1-to-1 to the appliance release. For example the supplemental package for 4.2.1-1 should be used with the appliance package 4.2.1-1
Offline Install¶
Ubuntu/Debian¶
Download both the regular Morpheus Appliance package and the Supplemental packages on to the appliance server:
wget http://example_url/morpheus-appliance_version_amd64.deb wget http://example_url/morpheus-appliance-supplemental_version_all.deb
Install the both the Appliance package AND the Supplemental package.
sudo dpkg -i morpheus-appliance_version_amd64.deb sudo dpkg -i morpheus-appliance-supplemental_version_all.deb
Set the Morpheus UI appliance url (if needed, hostname will be automatically set).
# edit appliance_url to resolvable url (if not configured correctly by default) sudo vi /etc/morpheus/morpheus.rb
Reconfigure the appliance to install required packages
sudo morpheus-ctl reconfigure
The Chef run should complete successfully. There is a small pause when Chef runs the resource remote_file[package_name] action create while Chef verifies the checksum. After the reconfigure is complete, the morpheus-ui will start and be up in a few minutes.
Note
Tail the morpheus log file located at /var/log/morpheus/morpheus-ui/current with the command morpheus-ctl tail morpheus-ui
and look for the Morpheus ascii logo to know when the morpheus-ui is up.
CentOS/RHEL¶
Download both the regular Morpheus Appliance package and the matching Supplemental package on to the Appliance server:
wget http://example_url/morpheus-appliance_package_url.noarch.rpm wget http://example_url/morpheus-appliance_package_supplemental_url.noarch.rpm
Install the both the Appliance package AND the Supplemental package.
sudo rpm -i morpheus-appliance_package_url.noarch.rpm sudo rpm -i morpheus-appliance_package_supplemental_url.noarch.rpm
Set the Morpheus UI appliance url (if needed, hostname will be automatically set).
#Edit appliance_url to resolvable url (if not configured correctly by default) sudo vi /etc/morpheus/morpheus.rb
Reconfigure the appliance to install required packages
sudo morpheus-ctl reconfigure
The Chef run should complete successfully. There is a small pause when Chef runs the resource remote_file[package_name] action create while Chef verifies the checksum. After the reconfigure is complete, the morpheus-ui will start and be up in a few minutes.
Note
Tail the morpheus-ui log file with morpheus-ctl tail morpheus-ui
and look for the Morpheus ascii logo to know when the morpheus-ui is up.
Proxies¶
Overview¶
In many situations,companies deploy virtual machines in proxy restricted environments for things such as PCI Compliance, or just general security. As a result of this Morpheus provides out of the box support for proxy connectivity. Proxy authentication support is also provided with both Basic Authentication capabilities as well as NTLM for Windows Proxy environments. Morpheus is even able to configure virtual machines it provisions to utilize these proxies by setting up the operating systems proxy settings directly (restricted to cloud-init based Linux platforms for now, but can also be done on windows based platforms in a different manner).
To get started with Proxies, it may first be important to configure the Morpheus appliance itself to have access to proxy communication for downloading service catalog images. To configure this, visit the Administration > Settings page where a section labeled “Proxy Settings” is located. Fill in the relevant connection info needed to utilize the proxy. It may also be advised to ensure that the Linux environment’s http_proxy
, https_proxy
, and no_proxy
are set appropriately.
Defining Proxies¶
Proxies can be used in a few different contexts and optionally scoped to specific networks with which one may be provisioning into or on a cloud integration as a whole. To configure a Proxy for use by the provisioning engines within Morpheus we must go to Infrastructure > Networks > Proxies
. Here we can create records representing connection information for various proxies. This includes the host ip address, proxy port, and any credentials (if necessary) needed to utilize the proxy. Now that these proxies are defined we can use them in various contexts.
Cloud Communication¶
When morpheus needs to connect to various cloud APIs to issue provisioning commands or to sync in existing environments, we need to ensure that those api endpoints are accessible by the appliance. In some cases the appliance may be behind a proxy when it comes to public cloud access like Azure and AWS. To configure the cloud integration to utilize a proxy, when adding or editing a cloud there is a setting called “API Proxy” under “Advanced Options”. This is where the proxy of choice can be selected to instruct the Provisioning engine how to communicate with the public cloud. Simply adjust this setting and the cloud should start being able to receive/issue instructions.
Provisioning with Proxies¶
Proxy configurations can vary from operating system to operating system and in some cases it is necessary for these to be configured in the blueprints as a prerequisite. In other cases it can also be configured automatically. Mostly with the use of cloud-init (which all of our out of the box service catalog utilizes on all clouds). When editing/creating a cloud there is a setting for “Provisioning Proxy” in “Provisioning Options”. If this proxy is set, Morpheus will automatically apply these proxy settings to the guest operating system.
Overriding proxy settings can also be done on the Network record. Networks (or subnets) can be configured in Infrastructure > Networks
or on the Networks tab of the relevant Cloud detail page. Here, a proxy can also be assigned as well as additional options like the No Proxy
rules for proxy exceptions.
Docker¶
When provisioning Docker based hosts within a Proxy environment it is up to the user to configure the docker host proxy configuration manually. There are workflows that can be configured via the Automation engine to make this automatic when creating docker based hosts. Please see documentation on Docker and proxies for specific information.
Proxy setups can vary widely from company to company, and it may be advised to contact support for help configuring morpheus to work in the proxy environment.
SSL Certificates¶
By default Morpheus generates a Self-Signed SSL Certificate. The Self-Signed SSL Certificate can be replaced with a Trusted CA Signed SSL Certificate.
Trusted CA Signed SSL Certificate Implementation¶
If you don’t already have your certificate, run an OpenSSL command to generate an SSL certificate request (.csr) and private key (.key). If you need help formatting the command, DigiCert provides a helpful tool
Submit your certificate request (.csr) and await approval of the request and return of the certificate (.crt)
Copy the private key and certificate to
/etc/morpheus/ssl/your_fqdn_name.key
and/etc/morpheus/ssl/your_fqdn_name.crt
respectivelyExtracting Certificates in PFX Format
# Extract the private key openssl pkcs12 -in example.pfx -nocerts -nodes -out priv.key # Extract the public key openssl pkcs12 -in example.pfx -clcerts -nokeys -out pub.crt # Extract the CA cert chain openssl pkcs12 -in example.pfx -cacerts -nokeys -chain -out ca.crt
Extracting Certificates in PEM Format
# Extract the private key openssl x509 -outform der -in your-cert.pem -out your-cert.key # Extract the public key openssl x509 -outform der -in your-cert.pem -out your-cert.key
Edit the configuration file
/etc/morpheus/morpheus.rb
and add the following entries:nginx['ssl_certificate'] = 'path to the certificate file' nginx['ssl_server_key'] = 'path to the server key file'
Note
Both files should be owned by root and only readable by root, also if the server certificate is signed by an intermediate then you should include the signing chain inside the certificate file. The key file needs to be decrypted for Morpheus to install it properly.
Next simply reconfigure the appliance and restart nginx:
sudo morpheus-ctl reconfigure sudo morpheus-ctl restart nginx
Self-Signed SSL Certificate Regeneration¶
When Morpheus is deployed it generates a 10 year Self-Signed SSL Certificate. Below details the process to regenerate the Certificate and Key files.
Regenerate both the Certificate and Key¶
Delete the certificate and key files in
/etc/morpheus/ssl/
.Run Reconfigure
morpheus-ctl reconfigure
.Restart NGINX
morpheus-ctl restart nginx
.
Regenerate only the Certificate¶
Delete the certificate file in
/etc/morpheus/ssl/
.Run Reconfigure
morpheus-ctl reconfigure
.Restart NGINX
morpheus-ctl restart nginx
.
Import Trusted Certificates¶
Important
The following applies to upgrades after modifying the java keystore.
Steps to import trusted certificates to Morpheus after an upgrade.
Obtain the full SSL certificate chain in PEM format.
Copy them to each appliance and place them in the
/etc/morpheus/ssl/trusted_certs
directory.Run morpheus-ctl reconfigure on each appliance, note you don’t need to stop Morpheus before you run this.
Run the following command as root:
export PATH=/opt/morpheus/sbin:/opt/morpheus/sbin:/opt/morpheus/embedded/sbin:/opt/morpheus/embedded/bin:$PATH
Run the following command for each certificate in the chain, adjusting the file and alias name as needed. Answer yes for the root certificate when asked it you want to trust it.
/opt/morpheus/embedded/java/jre/bin/keytool -import -keystore /opt/morpheus/embedded/java/jre/lib/security/cacerts -trustcacerts -file /etc/morpheus/ssl/trusted_certs/root_ca.pem -alias some_alias -storepass changeit
Verify by running:
openssl s_client -connect host:port -showcerts -tls1_2
You should get an output similar to:
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: 5D9E820E4FF2A73A9977BA663E6029AA5415FEE85F49D8B1E541F5997C8E1FB2 Session-ID-ctx: Master-Key: 29EEC2E7750C659AECB9942902D9A87B824E571522812B718420FC08F8D2ACE68CB16EC812A7D90B12A86D1970FFD81C Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1547219217 Timeout : 7200 (sec) Verify return code: 0 (ok) #<----------------
If the certificates are installed correctly you should see
Verify return code: 0 (ok)
. If they were not installed correctly then you will see a return similar to:Verify return code: 21 (unable to verify the first certificate)
Repeat for all App Nodes
Data Encryption¶
By default, Morpheus encrypts sensitive data in the Database using AES encryption mode with GCM. Passwords and other strings in Morpheus Appliance configuration files such as morpheus-secrets.json
and morpheus.rb
are in plain text as they are only accessible by root.
Passwords and other strings in Morpheus Appliance configuration files can be set to an encrypted string using the Morpheus crypto utility to generate ENC strings and then using ENC(string)
as the value in the configuration file.
Additionally a custom Encryption Key Suffix can be set in the morpheus.rb configuration file. This suffix will be combined with a system string to generate a SHA-256 hash, which is used to generate the AES encryption key.
Generate ENC Strings for morpheus-secrets.json¶
System generated passwords are set in /etc/morpheus/morpheus-secrets.json
. These entries can be updated to ENC strings with the following steps:
On the Morpheus appliance, run
morpheus-ctl get-crypto-string migrate
which will output ENC() strings for the passwords in morpheus-secrets.jsonUpdate the desired password strings in the
morpheus-secrets.json
config file with the matching ENC() string.Save
morpheus-secrets.json
Run
morpheus-ctl reconfigure
Generate ENC Strings for custom morpheus.rb entries¶
ENC() strings can be generated for sensitive data set in morpheus.rb, such as the password to an external service.
To generate ENC(0) strings for morpheus.rb entries:
On the Morpheus appliance, run
morpheus-ctl get-crypto-string string $clear_text '$suffix'
which will output strings for the passwords in morpheus-secrets.jsonReplace
$clear_text
with the string to be encryptedIf a suffix is defined in morpheus.rb (as described in the next section), replace
$suffix
with your suffix.
Note
It is advisable to disable bash history logging by running
unset HISTFILE
before running the morphesu-ctl get-crypto-string command and thenset HISTFILE=$HOME/.bash_history
to reenable.Update the desired password strings in the
morpheus.rb
config file with the matching string output, usingENC($output)
formatExample:
mysql['morpheus_password'] = 'ENC($ZI5DnaO0quhxKe$kDFD+U2ZeJUuYiNC$F1+czPNyo+3lAdq7V0gcrWwHnkINYqr13cUGrDVyog==)'
Save
morpheus.rb
Run
morpheus-ctl reconfigure
Encrypted Key Suffix¶
A custom Encryption Key Suffix can be set in the morpheus.rb configuration file. This suffix will be combined with a system string to generate a SHA-256 Hash, which is used in the generation of the system AES encryption key.
Danger
Setting a custom Encryption Key Suffix affects all data encrypted by Morpheus, including database and cypher data. Encryption Key Suffix is required in the event data needs to be migrated or recovered. Once the Encryption Key Suffix is set, data cannot be recovered without it. Store any Encryption Key Suffix externally where it can be referenced for future scenarios.
Important
The Encryption Key Suffix cannot be changed or removed after being set. Changing or removing an existing Encryption Key Suffix will prevent data access. If an existing suffix is altered in the morpheus.rb file, it must be restore to its original value.
Add
app['encryption_key_suffix'] = '$suffix'
to/etc/morpheus/morpheus.rb
, replacing$suffix
with your suffix.Danger
Once an Encryption Key Suffix is set and applied via reconfigure, it cannot be altered or removed and data cannot be migrated or recovered without it.
Run
morpheus-ctl reconfigure
Reconfigure will generate a new encryption key using the suffix and set (ENC) values for the service password in application.yml
logback config¶
Note
This doc is for 5.4.4+ versions that use logback.xml
. 5.4.3 and earlier versions use logback.groovy
with a different syntax that is not compatible with this doc. Please refer to 5.4.3 and earlier documentation for logback.groovy
configuration details.
The log output for the morpheus-ui service is configured in the logback.xml file. Log output levels can be updated when more or less log output is desired.
Setting Log Levels¶
To change a log level, edit the logback configuration file in /opt/morpheus/conf/logback.xml and save. The changes will be reflected within the configured scanPeriod
, 30 seconds by default.
- Levels:
OFF (no log output)
ERROR (includes error logs)
WARN (includes warn and error logs)
INFO (includes info, warn and error logs)
DEBUG (includes info, warn, error and debug logs)
TRACE (includes info, warn, error, debug and trace logs)
Warning
Use DEBUG and/or TRACE levels with caution. DEBUG & TRACE levels can produce many logs that can consume disk space quickly. Only use DEBUG and/or TRACE levels when needed and target them for specific services.
Example Logback Settings¶
Below are sample log configuration settings. This is not a complete list. Additional log names/paths can typically be determined from the standard INFO, WARN and ERROR logs.
- ACI
<logger name="com.morpheus.integration.NetworkServersController" level="DEBUG"/> <logger name="com.morpheus.network.AciNetworkService" level="DEBUG"/> <logger name="com.morpheus.network.AciUtility" level="DEBUG"/> <logger name="com.morpheus.network.NetworkService " level="DEBUG"/>
- Amazon
<logger name="com.morpheus.compute.amazon.AmazonComputeService" level="DEBUG"/> <logger name="com.morpheus.compute.AmazonComputeUtility" level="DEBUG"/> <logger name="com.morpheus.costing.AmazonCostingService" level="DEBUG"/> <logger name="com.morpheus.provision.AmazonProvisionService" level="DEBUG"/>
- Azure
<logger name="com.morpheus.Azure.ServersController" level="DEBUG"/> <logger name="com.morpheus.AzureSqlServerProvisionService" level="DEBUG"/> <logger name="com.morpheus.compute.azure.AzureComputeService" level="DEBUG"/> <logger name="com.morpheus.compute.AzureComputeUtility" level="DEBUG"/> <logger name="com.morpheus.compute.AzureCostingService" level="DEBUG"/>
- Chef
<logger name="com.morpheus.automation.ChefClientService" level="DEBUG"/> <logger name="com.morpheus.automation.ChefService" level="DEBUG"/> <logger name="com.morpheus.automation.ChefTaskService" level="DEBUG"/>
- DNS
<logger name="com.morpheus.dns.MicrosoftDnsService" level="DEBUG"/>
- General
<logger name="com.morpheus.InstanceService" level="DEBUG"/> <logger name="com.morpheus.util.ApiUtility" level="DEBUG"/> <logger name="com.morpheus.AppService" level="DEBUG"/> <logger name="com.morpheus.MorpheusComputeService" level="DEBUG"/> <logger name="com.morpheus.RpcService" level="DEBUG"/> <logger name="com.morpheus.network.NetworkService " level="DEBUG"/> <logger name="com.morpheus.provision.AbstractProvisionService" level="DEBUG"/> <logger name="com.morpheus.provision.AbstractBoxProvisionService" level="DEBUG"/> <logger name="com.morpheus.compute.ProgressUpdater" level="DEBUG"/>
<logger name="com.morpheus.compute.google.GoogleComputeService" level="DEBUG"/> <logger name="com.morpheus.compute.GoogleComputeUtility" level="DEBUG"/> <logger name="com.morpheus.provision.GoogleProvisionService" level="DEBUG"/>
- Hyper-V
<logger name="com.morpheus.compute.hyperv.HypervComputeService" level="DEBUG" /> <logger name="com.morpheus.compute.HypervComputeUtility" level="DEBUG" />
- IBM Cloud
<logger name="com.morpheus.compute.softlayer.SoftlayerComputeService" level="DEBUG"/> <logger name="com.morpheus.compute.SoftlayerComputeUtility" level="DEBUG"/>
- Kubernetes
<logger name="com.morpheus.app.KubernetesAppTemplateService" level="DEBUG"/> <logger name="com.morpheus.app.KubernetesResourceMappingService" level="DEBUG"/> <logger name="com.morpheus.compute.KubernetesComputeService" level="DEBUG"/> <logger name="com.morpheus.host.KubernetesHostService" level="DEBUG"/> <logger name="com.morpheus.provision.KubernetesProvisionService" level="DEBUG"/> <logger name="com.morpheus.storage.KubernetesStorageService" level="DEBUG"/>
- Monitoring
<logger name="com.morpheus.monitoring.MonitorCheckService" level="DEBUG"/>
- Network
<logger name="com.morpheusdata.infoblox.InfobloxProvider" level="DEBUG"/> <logger name="com.morpheus.network.InfobloxNetworkPoolService" level="DEBUG"/> <logger name="com.morpheus.network.NetworkService " level="DEBUG"/> <logger name="com.morpheus.network.PluginNetworkPoolService" level="DEBUG"/>
- Nutanix
<logger name="com.morpheus.compute.nutanix.NutanixComputeService" level="DEBUG"/> <logger name="com.morpheus.compute.NutanixComputeUtility" level="DEBUG"/> <logger name="com.morpheus.provision.NutanixProvisionService" level="DEBUG"/>
- Openstack
<logger name="com.morpheus.compute.AbstractOpenStackComputeService" level="DEBUG"/> <logger name="com.morpheus.compute.AbstractOpenStackComputeUtility" level="DEBUG"/> <logger name="com.morpheus.provision.OpenStackProvisionService" level="DEBUG"/> <logger name="com.morpheus.storage.OpenStackSFSStorageService" level="DEBUG"/>
- Option Types
<logger name="com.morpheus.OptionSourceService" level="DEBUG"/> <logger name="com.morpheus.OptionTypeListService" level="DEBUG"/> <logger name="com.morpheus.OptionTypeService" level="DEBUG"/>
- Remote Console
<logger name="com.morpheus.remote.MorpheusGuacamoleWebsocketHandler" level="DEBUG"/>
- SCVMM
<logger name="com.morpheus.compute.scvmm.ScvmmComputeService" level="DEBUG"/> <logger name="com.morpheus.compute.ScvmmComputeUtility" level="DEBUG"/> <logger name="com.morpheus.provision.ScvmmProvisionService" level="DEBUG"/>
- ServiceNow
<logger name="com.morpheus.cmdb.ServiceNowCmdbService" level="DEBUG"/> <logger name="com.morpheus.integrations.ServiceNowUtility" level="DEBUG"/>
- Tasks
<logger name="com.morpheus.task.AnsibleTowerTaskService" level="DEBUG"/> <logger name="com.morpheus.task.TaskService" level="DEBUG"/> <logger name="com.morpheus.task.WinrmTaskService" level="DEBUG"/>
- Terraform
<logger name="com.morpheus.app.AbstractResourceMappingService" level="DEBUG"/> <logger name="com.morpheus.app.TerraformAppTemplateService" level="DEBUG"/> <logger name="com.morpheus.app.TerraformAwsResourceMappingService" level="DEBUG"/> <logger name="com.morpheus.app.TerraformResourceMappingService" level="DEBUG"/> <logger name="com.morpheus.provision.TerraformProvisionService" level="DEBUG"/>
- Usage
<logger name="com.morpheus.AccountPriceService" level="DEBUG"/>
- vCloud
<logger name="com.morpheus.compute.vmware.VcloudDirectorComputeService" level="DEBUG"/> <logger name="com.morpheus.provision.VcloudDirectorProvisionService" level="DEBUG"/> <logger name="com.morpheus.compute.VcdComputeUtility" level="DEBUG"/>
- Veeam
<logger name="com.morpheus.backup.VeeamBackupService" level="DEBUG"/>
- Vmware
<logger name="com.morpheus.compute.VmwareComputeUtility" level="DEBUG"/> <logger name="com.morpheus.compute.vmware.VmwareComputeService" level="DEBUG"/> <logger name="com.morpheus.provision.VmwareProvisionService" level="DEBUG"/>
- vRO
<logger name="com.morpheus.automation.VroService" level="DEBUG"/>
All core logger paths¶
Expand below to see all core Morpheus logger paths set to INFO level.
All core logger paths Click to Expand/Hide
<logger name="com.bertramlabs.plugins.AccountsAuthService" level="INFO"/> <logger name="com.bertramlabs.plugins.AccountsService" level="INFO"/> <logger name="com.bertramlabs.plugins.ActiveDirectoryUserService" level="INFO"/> <logger name="com.bertramlabs.plugins.AzureSamlUserService" level="INFO"/> <logger name="com.bertramlabs.plugins.CustomApiUserService" level="INFO"/> <logger name="com.bertramlabs.plugins.CustomExternalUserService" level="INFO"/> <logger name="com.bertramlabs.plugins.DefaultUserService" level="INFO"/> <logger name="com.bertramlabs.plugins.JumpCloudUserService" level="INFO"/> <logger name="com.bertramlabs.plugins.LdapUserService" level="INFO"/> <logger name="com.bertramlabs.plugins.OktaUserService" level="INFO"/> <logger name="com.bertramlabs.plugins.OneLoginUserService" level="INFO"/> <logger name="com.bertramlabs.plugins.PingUserService" level="INFO"/> <logger name="com.bertramlabs.plugins.SamlUserService" level="INFO"/> <logger name="com.bertramlabs.plugins.UserSourceAuthenticationProvider" level="INFO"/> <logger name="com.morpheus.AbstractComputeService" level="INFO"/> <logger name="com.morpheus.AbstractPriceManagerService" level="INFO"/> <logger name="com.morpheus.AccountBudgetService" level="INFO"/> <logger name="com.morpheus.AccountIntegrationObjectService" level="INFO"/> <logger name="com.morpheus.AccountIntegrationService" level="INFO"/> <logger name="com.morpheus.AccountInvoiceService" level="INFO"/> <logger name="com.morpheus.AccountPriceService" level="INFO"/> <logger name="com.morpheus.AccountResourceService" level="INFO"/> <logger name="com.morpheus.AccountUsageService" level="INFO"/> <logger name="com.morpheus.ActivityService" level="INFO"/> <logger name="com.morpheus.analytics.AbstractAnalyticsService" level="INFO"/> <logger name="com.morpheus.analytics.AmazonConvertibleRiAnalyticsService" level="INFO"/> <logger name="com.morpheus.analytics.CostAnalyticsService" level="INFO"/> <logger name="com.morpheus.analytics.UtilizationAnalyticsService" level="INFO"/> <logger name="com.morpheus.analytics.WorkloadAnalyticsService" level="INFO"/> <logger name="com.morpheus.AnalyticsService" level="INFO"/> <logger name="com.morpheus.api.AbstractApiService" level="INFO"/> <logger name="com.morpheus.api.agent.CommandService" level="INFO"/> <logger name="com.morpheus.api.agent.DownloadService" level="INFO"/> <logger name="com.morpheus.api.agent.UploadService" level="INFO"/> <logger name="com.morpheus.app.AbstractAppTemplateService" level="INFO"/> <logger name="com.morpheus.app.AbstractResourceMappingService" level="INFO"/> <logger name="com.morpheus.app.AppTemplateService" level="INFO"/> <logger name="com.morpheus.app.HelmAppTemplateService" level="INFO"/> <logger name="com.morpheus.app.KubernetesAppTemplateService" level="INFO"/> <logger name="com.morpheus.app.KubernetesResourceMappingService" level="INFO"/> <logger name="com.morpheus.app.MorpheusAppTemplateService" level="INFO"/> <logger name="com.morpheus.app.ScribeResourceMappingService" level="INFO"/> <logger name="com.morpheus.app.TerraformAppTemplateService" level="INFO"/> <logger name="com.morpheus.app.TerraformAwsResourceMappingService" level="INFO"/> <logger name="com.morpheus.app.TerraformAzurermResourceMappingService" level="INFO"/> <logger name="com.morpheus.app.TerraformGoogleResourceMappingService" level="INFO"/> <logger name="com.morpheus.app.TerraformResourceMappingService" level="INFO"/> <logger name="com.morpheus.app.TerraformVsphereResourceMappingService" level="INFO"/> <logger name="com.morpheus.ApplianceClientService" level="INFO"/> <logger name="com.morpheus.ApplianceDelayedJobService" level="INFO"/> <logger name="com.morpheus.ApplianceHealthService" level="INFO"/> <logger name="com.morpheus.ApplianceJobService" level="INFO"/> <logger name="com.morpheus.ApplianceLicenseService" level="INFO"/> <logger name="com.morpheus.ApplianceService" level="INFO"/> <logger name="com.morpheus.ApplianceStorageService" level="INFO"/> <logger name="com.morpheus.approval.ApprovalService" level="INFO"/> <logger name="com.morpheus.approval.RemedyApprovalService" level="INFO"/> <logger name="com.morpheus.approval.ServiceNowApprovalService" level="INFO"/> <logger name="com.morpheus.AppService" level="INFO"/> <logger name="com.morpheus.ArchiveService" level="INFO"/> <logger name="com.morpheus.AsyncService" level="INFO"/> <logger name="com.morpheus.AuditLogService" level="INFO"/> <logger name="com.morpheus.automation.AbstractConfigManagementService" level="INFO"/> <logger name="com.morpheus.automation.AnsibleService" level="INFO"/> <logger name="com.morpheus.automation.AnsibleTowerService" level="INFO"/> <logger name="com.morpheus.automation.ChefService" level="INFO"/> <logger name="com.morpheus.automation.ConfigManagementService" level="INFO"/> <logger name="com.morpheus.automation.HelmService" level="INFO"/> <logger name="com.morpheus.automation.PuppetService" level="INFO"/> <logger name="com.morpheus.automation.SaltStackService" level="INFO"/> <logger name="com.morpheus.automation.VroService" level="INFO"/> <logger name="com.morpheus.backup.AbstractBackupExecutionService" level="INFO"/> <logger name="com.morpheus.backup.AbstractBackupJobService" level="INFO"/> <logger name="com.morpheus.backup.AbstractBackupProviderService" level="INFO"/> <logger name="com.morpheus.backup.AbstractBackupRestoreService" level="INFO"/> <logger name="com.morpheus.backup.AbstractBackupService" level="INFO"/> <logger name="com.morpheus.backup.AbstractReplicationService" level="INFO"/> <logger name="com.morpheus.backup.BackupExecutionInterface" level="INFO"/> <logger name="com.morpheus.backup.BackupInterface" level="INFO"/> <logger name="com.morpheus.backup.BackupJobInterface" level="INFO"/> <logger name="com.morpheus.backup.BackupJobService" level="INFO"/> <logger name="com.morpheus.backup.BackupProviderInterface" level="INFO"/> <logger name="com.morpheus.backup.BackupProviderService" level="INFO"/> <logger name="com.morpheus.backup.BackupRestoreInterface" level="INFO"/> <logger name="com.morpheus.backup.BackupRestoreService" level="INFO"/> <logger name="com.morpheus.backup.BackupService" level="INFO"/> <logger name="com.morpheus.backup.BackupStatus" level="INFO"/> <logger name="com.morpheus.backup.BackupStorageService" level="INFO"/> <logger name="com.morpheus.backup.DirectoryBackupService" level="INFO"/> <logger name="com.morpheus.backup.FileBackupService" level="INFO"/> <logger name="com.morpheus.backup.KarmanStorageProviderBackupService" level="INFO"/> <logger name="com.morpheus.backup.LvmImageBackupService" level="INFO"/> <logger name="com.morpheus.backup.LvmSnapshotBackupService" level="INFO"/> <logger name="com.morpheus.backup.MorpheusApplianceBackupService" level="INFO"/> <logger name="com.morpheus.backup.MorpheusBackupService" level="INFO"/> <logger name="com.morpheus.backup.MorpheusContainerBackupService" level="INFO"/> <logger name="com.morpheus.backup.MysqlBackupService" level="INFO"/> <logger name="com.morpheus.backup.PluginBackupExecutionService" level="INFO"/> <logger name="com.morpheus.backup.PluginBackupJobService" level="INFO"/> <logger name="com.morpheus.backup.PluginBackupProviderService" level="INFO"/> <logger name="com.morpheus.backup.PluginBackupRestoreService" level="INFO"/> <logger name="com.morpheus.backup.PluginReplicationService" level="INFO"/> <logger name="com.morpheus.backup.ReplicationInterface" level="INFO"/> <logger name="com.morpheus.backup.ReplicationService" level="INFO"/> <logger name="com.morpheus.backup.SqlserverBackupService" level="INFO"/> <logger name="com.morpheus.backup.TarDirectoryBackupService" level="INFO"/> <logger name="com.morpheus.BootMacService" level="INFO"/> <logger name="com.morpheus.builds.AbstractBuildsService" level="INFO"/> <logger name="com.morpheus.builds.BuildsService" level="INFO"/> <logger name="com.morpheus.builds.JenkinsBuildsService" level="INFO"/> <logger name="com.morpheus.CapacityService" level="INFO"/> <logger name="com.morpheus.CatalogCartService" level="INFO"/> <logger name="com.morpheus.CatalogItemService" level="INFO"/> <logger name="com.morpheus.CatalogItemTypeService" level="INFO"/> <logger name="com.morpheus.certificate.AbstractCertificateService" level="INFO"/> <logger name="com.morpheus.certificate.MorpheusCertificateService" level="INFO"/> <logger name="com.morpheus.CertificateService" level="INFO"/> <logger name="com.morpheus.ChefClientService" level="INFO"/> <logger name="com.morpheus.cm.ChangeManagementService" level="INFO"/> <logger name="com.morpheus.cm.CherwellCmService" level="INFO"/> <logger name="com.morpheus.cmdb.AbstractCmdbService" level="INFO"/> <logger name="com.morpheus.cmdb.CmdbService" level="INFO"/> <logger name="com.morpheus.cmdb.RemedyCmdbService" level="INFO"/> <logger name="com.morpheus.cmdb.ServiceNowCmdbService" level="INFO"/> <logger name="com.morpheus.code.AbstractCodeService" level="INFO"/> <logger name="com.morpheus.code.CodeService" level="INFO"/> <logger name="com.morpheus.code.GitCodeService" level="INFO"/> <logger name="com.morpheus.code.GithubCodeService" level="INFO"/> <logger name="com.morpheus.compliance.NVDSyncService" level="INFO"/> <logger name="com.morpheus.compliance.PackageManagementService" level="INFO"/> <logger name="com.morpheus.compute.cisco.UcsComputeService" level="INFO"/> <logger name="com.morpheus.compute.CloudPluginComputeService" level="INFO"/> <logger name="com.morpheus.compute.ComputeApiService" level="INFO"/> <logger name="com.morpheus.compute.ComputeServiceInterface" level="INFO"/> <logger name="com.morpheus.compute.IpmiService" level="INFO"/> <logger name="com.morpheus.compute.KubernetesComputeService" level="INFO"/> <logger name="com.morpheus.compute.MaasComputeService" level="INFO"/> <logger name="com.morpheus.compute.ManualComputeService" level="INFO"/> <logger name="com.morpheus.compute.OneviewComputeService" level="INFO"/> <logger name="com.morpheus.compute.SelfManagedComputeService" level="INFO"/> <logger name="com.morpheus.compute.standard.StandardComputeService" level="INFO"/> <logger name="com.morpheus.compute.unmanaged.UnmanagedComputeService" level="INFO"/> <logger name="com.morpheus.compute.vmware.VcloudDirectorComputeService" level="INFO"/> <logger name="com.morpheus.compute.vmware.VmwareComputeService" level="INFO"/> <logger name="com.morpheus.ComputeService" level="INFO"/> <logger name="com.morpheus.container.ActivemqContainerService" level="INFO"/> <logger name="com.morpheus.container.DockerContainerService" level="INFO"/> <logger name="com.morpheus.container.DockerContainerUpgradeService" level="INFO"/> <logger name="com.morpheus.container.ElasticsearchContainerService" level="INFO"/> <logger name="com.morpheus.container.JavaContainerService" level="INFO"/> <logger name="com.morpheus.container.MysqlContainerService" level="INFO"/> <logger name="com.morpheus.container.NodeContainerService" level="INFO"/> <logger name="com.morpheus.container.PostgresContainerService" level="INFO"/> <logger name="com.morpheus.container.RedisContainerService" level="INFO"/> <logger name="com.morpheus.container.SqlserverContainerService" level="INFO"/> <logger name="com.morpheus.ContainerScriptService" level="INFO"/> <logger name="com.morpheus.ContainerService" level="INFO"/> <logger name="com.morpheus.costing.AbstractCostingService" level="INFO"/> <logger name="com.morpheus.costing.CostingInterface" level="INFO"/> <logger name="com.morpheus.costing.CostingService" level="INFO"/> <logger name="com.morpheus.costing.StandardCostingService" level="INFO"/> <logger name="com.morpheus.CurrencyConversionService" level="INFO"/> <logger name="com.morpheus.cypher.CypherGORMDatastoreService" level="INFO"/> <logger name="com.morpheus.cypher.CypherService" level="INFO"/> <logger name="com.morpheus.DashboardService" level="INFO"/> <logger name="com.morpheus.DatastoreService" level="INFO"/> <logger name="com.morpheus.DataViewService" level="INFO"/> <logger name="com.morpheus.DbSchedulerService" level="INFO"/> <logger name="com.morpheus.deploy.AbstractDeployService" level="INFO"/> <logger name="com.morpheus.deploy.AbstractDeployTargetService" level="INFO"/> <logger name="com.morpheus.deploy.CloudFoundryAppDeployService" level="INFO"/> <logger name="com.morpheus.deploy.DefaultDeployService" level="INFO"/> <logger name="com.morpheus.deploy.DockerDeployTargetService" level="INFO"/> <logger name="com.morpheus.deploy.GrailsDeployService" level="INFO"/> <logger name="com.morpheus.deploy.IisDeployService" level="INFO"/> <logger name="com.morpheus.deploy.JbossDeployService" level="INFO"/> <logger name="com.morpheus.deploy.KubernetesDeployTargetService" level="INFO"/> <logger name="com.morpheus.deploy.NodeDeployService" level="INFO"/> <logger name="com.morpheus.deploy.ServerDeployTargetService" level="INFO"/> <logger name="com.morpheus.deploy.VmDeployTargetService" level="INFO"/> <logger name="com.morpheus.DeploymentService" level="INFO"/> <logger name="com.morpheus.discovery.AbstractDiscoveryService" level="INFO"/> <logger name="com.morpheus.discovery.DatastoreCapacityDiscoveryService" level="INFO"/> <logger name="com.morpheus.discovery.DiscoveryService" level="INFO"/> <logger name="com.morpheus.discovery.HostBalancingDiscoveryService" level="INFO"/> <logger name="com.morpheus.discovery.HostCapacityDiscoveryService" level="INFO"/> <logger name="com.morpheus.discovery.ReservationRecommendationDiscoveryService" level="INFO"/> <logger name="com.morpheus.discovery.ShutdownDiscoveryService" level="INFO"/> <logger name="com.morpheus.discovery.SizeDiscoveryService" level="INFO"/> <logger name="com.morpheus.dns.AbstractDnsService" level="INFO"/> <logger name="com.morpheus.dns.BindDnsService" level="INFO"/> <logger name="com.morpheus.dns.ConsulDnsService" level="INFO"/> <logger name="com.morpheus.dns.DNSProvider" level="INFO"/> <logger name="com.morpheus.dns.DnsService" level="INFO"/> <logger name="com.morpheus.dns.MicrosoftDnsService" level="INFO"/> <logger name="com.morpheus.dns.PluginDnsService" level="INFO"/> <logger name="com.morpheus.dns.PowerDnsService" level="INFO"/> <logger name="com.morpheus.ElasticCleanupService" level="INFO"/> <logger name="com.morpheus.EnvironmentService" level="INFO"/> <logger name="com.morpheus.EnvironmentVariableService" level="INFO"/> <logger name="com.morpheus.ExecuteScheduleTypeService" level="INFO"/> <logger name="com.morpheus.ExecutionRequestService" level="INFO"/> <logger name="com.morpheus.export.AccountInvoiceExportService" level="INFO"/> <logger name="com.morpheus.export.CodeRepositoryExportService" level="INFO"/> <logger name="com.morpheus.export.DeploymentExportService" level="INFO"/> <logger name="com.morpheus.export.ExecuteScheduleTypeExportService" level="INFO"/> <logger name="com.morpheus.export.ExportService" level="INFO"/> <logger name="com.morpheus.export.InstanceExportService" level="INFO"/> <logger name="com.morpheus.export.integrations.AdminIntegrationExportService" level="INFO"/> <logger name="com.morpheus.export.integrations.AutomationIntegrationExportService" level="INFO"/> <logger name="com.morpheus.export.integrations.BackupIntegrationExportService" level="INFO"/> <logger name="com.morpheus.export.integrations.CertificateIntegrationExportService" level="INFO"/> <logger name="com.morpheus.export.integrations.DeployIntegrationExportService" level="INFO"/> <logger name="com.morpheus.export.integrations.NetworkIntegrationExportService" level="INFO"/> <logger name="com.morpheus.export.LoadBalancerExpertService" level="INFO"/> <logger name="com.morpheus.export.LoadBalancerInstancesExportService" level="INFO"/> <logger name="com.morpheus.export.NetworkDomainExportService" level="INFO"/> <logger name="com.morpheus.export.NetworkExportService" level="INFO"/> <logger name="com.morpheus.export.NetworkGroupExportService" level="INFO"/> <logger name="com.morpheus.export.NetworkPoolExportService" level="INFO"/> <logger name="com.morpheus.export.NetworkRouterExportService" level="INFO"/> <logger name="com.morpheus.export.NetworkSecurityGroupExportService" level="INFO"/> <logger name="com.morpheus.export.PowerScheduleTypeExportService" level="INFO"/> <logger name="com.morpheus.export.ServerExportService" level="INFO"/> <logger name="com.morpheus.export.ServerGroupExportService" level="INFO"/> <logger name="com.morpheus.export.ServicePlanExportService" level="INFO"/> <logger name="com.morpheus.export.TaskExportService" level="INFO"/> <logger name="com.morpheus.export.ThresholdExportService" level="INFO"/> <logger name="com.morpheus.export.UserExportService" level="INFO"/> <logger name="com.morpheus.export.UserGroupExportService" level="INFO"/> <logger name="com.morpheus.export.WorkflowExportService" level="INFO"/> <logger name="com.morpheus.FileCopyRequestService" level="INFO"/> <logger name="com.morpheus.GlobalSearchService" level="INFO"/> <logger name="com.morpheus.host.AbstractHostService" level="INFO"/> <logger name="com.morpheus.host.DockerHostService" level="INFO"/> <logger name="com.morpheus.host.ExternalKubernetesHostService" level="INFO"/> <logger name="com.morpheus.host.KubernetesHostService" level="INFO"/> <logger name="com.morpheus.host.SwarmHostService" level="INFO"/> <logger name="com.morpheus.HttpClientService" level="INFO"/> <logger name="com.morpheus.hub.MorpheusHubQueueService" level="INFO"/> <logger name="com.morpheus.hub.MorpheusHubService" level="INFO"/> <logger name="com.morpheus.hub.MorpheusHubSyncService" level="INFO"/> <logger name="com.morpheus.imagebuild.ImageBuildService" level="INFO"/> <logger name="com.morpheus.ImageCacheService" level="INFO"/> <logger name="com.morpheus.instance.InstanceUpgradeService" level="INFO"/> <logger name="com.morpheus.InstanceService" level="INFO"/> <logger name="com.morpheus.InstanceTypeService" level="INFO"/> <logger name="com.morpheus.integration.AbstractIntegrationService" level="INFO"/> <logger name="com.morpheus.integration.CherwellIntegrationService" level="INFO"/> <logger name="com.morpheus.integration.GitRepoService" level="INFO"/> <logger name="com.morpheus.integration.RemedyIntegrationService" level="INFO"/> <logger name="com.morpheus.integration.RunDeckIntegrationService" level="INFO"/> <logger name="com.morpheus.integration.SalesForceIntegrationService" level="INFO"/> <logger name="com.morpheus.integration.ScribeService" level="INFO"/> <logger name="com.morpheus.integration.ServiceNowIntegrationService" level="INFO"/> <logger name="com.morpheus.integration.TerraformService" level="INFO"/> <logger name="com.morpheus.jobs.AbstractJobExecutorService" level="INFO"/> <logger name="com.morpheus.jobs.JobExecutor" level="INFO"/> <logger name="com.morpheus.jobs.KubernetesJobExecutorService" level="INFO"/> <logger name="com.morpheus.jobs.SecurityScanExecutorService" level="INFO"/> <logger name="com.morpheus.jobs.TaskJobExecutorService" level="INFO"/> <logger name="com.morpheus.jobs.WorkflowJobExecutorService" level="INFO"/> <logger name="com.morpheus.JobService" level="INFO"/> <logger name="com.morpheus.KeyPairService" level="INFO"/> <logger name="com.morpheus.library.LayoutService" level="INFO"/> <logger name="com.morpheus.LicenseService" level="INFO"/> <logger name="com.morpheus.LoadBalancerPriceManagerService" level="INFO"/> <logger name="com.morpheus.LocalizationService" level="INFO"/> <logger name="com.morpheus.LocalRepoService" level="INFO"/> <logger name="com.morpheus.log.AbstractLogService" level="INFO"/> <logger name="com.morpheus.log.LogRhythmLogService" level="INFO"/> <logger name="com.morpheus.log.SplunkLogService" level="INFO"/> <logger name="com.morpheus.log.SyslogLogService" level="INFO"/> <logger name="com.morpheus.LogService" level="INFO"/> <logger name="com.morpheus.maint.UpdateService" level="INFO"/> <logger name="com.morpheus.MarketplaceClientService" level="INFO"/> <logger name="com.morpheus.MarshallService" level="INFO"/> <logger name="com.morpheus.MetadataTagService" level="INFO"/> <logger name="com.morpheus.migration.AbstractMigrationService" level="INFO"/> <logger name="com.morpheus.migration.HypervisorMigrationService" level="INFO"/> <logger name="com.morpheus.migration.LvmMigrationService" level="INFO"/> <logger name="com.morpheus.migration.MigrationService" level="INFO"/> <logger name="com.morpheus.migration.WindowsMigrationService" level="INFO"/> <logger name="com.morpheus.monitoring.AlerterService" level="INFO"/> <logger name="com.morpheus.monitoring.AlertRuleService" level="INFO"/> <logger name="com.morpheus.monitoring.AvailabilityService" level="INFO"/> <logger name="com.morpheus.monitoring.CheckAgentService" level="INFO"/> <logger name="com.morpheus.monitoring.IncidentService" level="INFO"/> <logger name="com.morpheus.monitoring.MonitorAppService" level="INFO"/> <logger name="com.morpheus.monitoring.MonitorChartingService" level="INFO"/> <logger name="com.morpheus.monitoring.MonitorCheckManagementService" level="INFO"/> <logger name="com.morpheus.monitoring.MonitorCheckService" level="INFO"/> <logger name="com.morpheus.monitoring.MonitoringService" level="INFO"/> <logger name="com.morpheus.monitoring.MonitorService" level="INFO"/> <logger name="com.morpheus.monitoring.MorpheusMonitorService" level="INFO"/> <logger name="com.morpheus.monitoring.NewRelicService" level="INFO"/> <logger name="com.morpheus.monitoring.ServiceNowService" level="INFO"/> <logger name="com.morpheus.MorpheusComputeService" level="INFO"/> <logger name="com.morpheus.MorpheusPackageService" level="INFO"/> <logger name="com.morpheus.MorpheusSecurityService" level="INFO"/> <logger name="com.morpheus.MotdService" level="INFO"/> <logger name="com.morpheus.network.AbstractLoadBalancerService" level="INFO"/> <logger name="com.morpheus.network.AbstractNetworkPoolService" level="INFO"/> <logger name="com.morpheus.network.AbstractNetworkRegistryService" level="INFO"/> <logger name="com.morpheus.network.AbstractNetworkSecurityService" level="INFO"/> <logger name="com.morpheus.network.AbstractNetworkService" level="INFO"/> <logger name="com.morpheus.network.AciNetworkSecurityService" level="INFO"/> <logger name="com.morpheus.network.AciNetworkService" level="INFO"/> <logger name="com.morpheus.network.AviLoadBalancerService" level="INFO"/> <logger name="com.morpheus.network.BluecatNetworkPoolService" level="INFO"/> <logger name="com.morpheus.network.BootService" level="INFO"/> <logger name="com.morpheus.network.CitrixNetScalerLoadBalancerService" level="INFO"/> <logger name="com.morpheus.network.CloudPluginNetworkService" level="INFO"/> <logger name="com.morpheus.network.ConsulRegistryService" level="INFO"/> <logger name="com.morpheus.network.ConsulService" level="INFO"/> <logger name="com.morpheus.network.F5BigIpLoadBalancerService" level="INFO"/> <logger name="com.morpheus.network.F5LineRateLoadBalancerService" level="INFO"/> <logger name="com.morpheus.network.FirewallService" level="INFO"/> <logger name="com.morpheus.network.FortiADCLoadBalancerService" level="INFO"/> <logger name="com.morpheus.network.HaproxyLoadBalancerService" level="INFO"/> <logger name="com.morpheus.network.InfobloxNetworkPoolService" level="INFO"/> <logger name="com.morpheus.network.InternalLoadBalancerService" level="INFO"/> <logger name="com.morpheus.network.InternalNetworkSecurityService" level="INFO"/> <logger name="com.morpheus.network.InternalNetworkService" level="INFO"/> <logger name="com.morpheus.network.IPAMProvider" level="INFO"/> <logger name="com.morpheus.network.KubernetesRegistryService" level="INFO"/> <logger name="com.morpheus.network.LoadBalancerService" level="INFO"/> <logger name="com.morpheus.network.LocalFirewallService" level="INFO"/> <logger name="com.morpheus.network.MorpheusNetworkPoolService" level="INFO"/> <logger name="com.morpheus.network.MorpheusRegistryService" level="INFO"/> <logger name="com.morpheus.network.NetScalerLoadBalancerService" level="INFO"/> <logger name="com.morpheus.network.NetworkConfigService" level="INFO"/> <logger name="com.morpheus.network.NetworkPoolService" level="INFO"/> <logger name="com.morpheus.network.NetworkRegistryService" level="INFO"/> <logger name="com.morpheus.network.NetworkSecurityService" level="INFO"/> <logger name="com.morpheus.network.NetworkService" level="INFO"/> <logger name="com.morpheus.network.NetworkServicesService" level="INFO"/> <logger name="com.morpheus.network.NutanixNetworkPoolService" level="INFO"/> <logger name="com.morpheus.network.PaloAltoNetworkService" level="INFO"/> <logger name="com.morpheus.network.PhpipamNetworkPoolService" level="INFO"/> <logger name="com.morpheus.network.PluginNetworkPoolService" level="INFO"/> <logger name="com.morpheus.network.PxeService" level="INFO"/> <logger name="com.morpheus.network.SolarWindsNetworkPoolService" level="INFO"/> <logger name="com.morpheus.network.StealthNetworkSecurityService" level="INFO"/> <logger name="com.morpheus.NetworkDomainService" level="INFO"/> <logger name="com.morpheus.OauthProviderService" level="INFO"/> <logger name="com.morpheus.OperationEventService" level="INFO"/> <logger name="com.morpheus.OptionSourcePluginService" level="INFO"/> <logger name="com.morpheus.OptionSourceService" level="INFO"/> <logger name="com.morpheus.OptionTypeListService" level="INFO"/> <logger name="com.morpheus.OptionTypeService" level="INFO"/> <logger name="com.morpheus.os.LinuxOsService" level="INFO"/> <logger name="com.morpheus.os.WindowsOsService" level="INFO"/> <logger name="com.morpheus.PermissionService" level="INFO"/> <logger name="com.morpheus.plugin.AbstractPluginProviderManagerService" level="INFO"/> <logger name="com.morpheus.plugin.backup.BackupProviderPluginManagerService" level="INFO"/> <logger name="com.morpheus.plugin.backup.MorpheusBackupImplService" level="INFO"/> <logger name="com.morpheus.plugin.backup.MorpheusBackupJobImplService" level="INFO"/> <logger name="com.morpheus.plugin.backup.MorpheusBackupRestoreImplService" level="INFO"/> <logger name="com.morpheus.plugin.backup.MorpheusBackupResultImplService" level="INFO"/> <logger name="com.morpheus.plugin.backup.MorpheusBackupTypeImplService" level="INFO"/> <logger name="com.morpheus.plugin.backup.MorpheusReplicationGroupImplService" level="INFO"/> <logger name="com.morpheus.plugin.backup.MorpheusReplicationImplService" level="INFO"/> <logger name="com.morpheus.plugin.backup.MorpheusReplicationSiteImplService" level="INFO"/> <logger name="com.morpheus.plugin.backup.MorpheusReplicationTypeImplService" level="INFO"/> <logger name="com.morpheus.plugin.compute.MorpheusComputeServerInterfaceImplService" level="INFO"/> <logger name="com.morpheus.plugin.compute.MorpheusComputeZoneFolderImplService" level="INFO"/> <logger name="com.morpheus.plugin.compute.MorpheusDatastoreImplService" level="INFO"/> <logger name="com.morpheus.plugin.costing.MorpheusAccountInvoiceImplService" level="INFO"/> <logger name="com.morpheus.plugin.costing.MorpheusCostingImplService" level="INFO"/> <logger name="com.morpheus.plugin.cypher.MorpheusCypherImplService" level="INFO"/> <logger name="com.morpheus.plugin.integration.MorpheusAccountInventoryImplService" level="INFO"/> <logger name="com.morpheus.plugin.integration.MorpheusIntegrationImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusAccountCredentialImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusAccountCredentialTypeImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusCloudImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusComputePortImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusComputeServerImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusComputeTypeLayoutFactoryImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusComputeTypeSetImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusComputeZonePoolImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusContainerTypeImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusContextImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusInstanceImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusMetadataTagImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusMetadataTagTypeImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusOperationNotificationImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusOsTypeImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusPermissionImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusProcessImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusReportImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusServicePlanImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusSnapshotImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusStatsImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusStorageControllerImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusStorageControllerTypeImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusStorageVolumeImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusStorageVolumeTypeImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusTaskImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusUsageImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusVirtualImageImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusVirtualImageLocationImplService" level="INFO"/> <logger name="com.morpheus.plugin.MorpheusWikiPageImplService" level="INFO"/> <logger name="com.morpheus.plugin.network.MorpheusNetworkDomainImplService" level="INFO"/> <logger name="com.morpheus.plugin.network.MorpheusNetworkDomainRecordImplService" level="INFO"/> <logger name="com.morpheus.plugin.network.MorpheusNetworkImplService" level="INFO"/> <logger name="com.morpheus.plugin.network.MorpheusNetworkPoolImplService" level="INFO"/> <logger name="com.morpheus.plugin.network.MorpheusNetworkPoolIpImplService" level="INFO"/> <logger name="com.morpheus.plugin.network.MorpheusNetworkPoolRangeImplService" level="INFO"/> <logger name="com.morpheus.plugin.network.MorpheusNetworkSubnetImplService" level="INFO"/> <logger name="com.morpheus.plugin.network.MorpheusNetworkTypeImplService" level="INFO"/> <logger name="com.morpheus.plugin.PluginManagerService" level="INFO"/> <logger name="com.morpheus.plugin.PluginProviderManagerService" level="INFO"/> <logger name="com.morpheus.plugin.policy.MorpheusPolicyImplService" level="INFO"/> <logger name="com.morpheus.plugin.policy.MorpheusPolicyTypeImplService" level="INFO"/> <logger name="com.morpheus.plugin.provisioning.MorpheusProvisionImplService" level="INFO"/> <logger name="com.morpheus.plugin.web.MorpheusWebRequestImplService" level="INFO"/> <logger name="com.morpheus.policy.AbstractPolicyService" level="INFO"/> <logger name="com.morpheus.policy.BackupStoragePolicyService" level="INFO"/> <logger name="com.morpheus.policy.MotdPolicyService" level="INFO"/> <logger name="com.morpheus.policy.NetworkPolicyService" level="INFO"/> <logger name="com.morpheus.policy.PolicyServiceInterface" level="INFO"/> <logger name="com.morpheus.policy.StorageBucketQuotaPolicyService" level="INFO"/> <logger name="com.morpheus.policy.StorageServerQuotaPolicyService" level="INFO"/> <logger name="com.morpheus.policy.StorageShareQuotaPolicyService" level="INFO"/> <logger name="com.morpheus.policy.TagCompliancePolicyService" level="INFO"/> <logger name="com.morpheus.policy.WorkflowPolicyService" level="INFO"/> <logger name="com.morpheus.PolicyService" level="INFO"/> <logger name="com.morpheus.PowerScheduleService" level="INFO"/> <logger name="com.morpheus.PowerScheduleTypeService" level="INFO"/> <logger name="com.morpheus.PriceManagerService" level="INFO"/> <logger name="com.morpheus.PricePlanService" level="INFO"/> <logger name="com.morpheus.ProcessService" level="INFO"/> <logger name="com.morpheus.ProfileService" level="INFO"/> <logger name="com.morpheus.project.ProjectService" level="INFO"/> <logger name="com.morpheus.provision.AbstractBoxProvisionService" level="INFO"/> <logger name="com.morpheus.provision.AbstractProvisionService" level="INFO"/> <logger name="com.morpheus.provision.CloudPluginProvisioningService" level="INFO"/> <logger name="com.morpheus.provision.DockerEngineProvisionService" level="INFO"/> <logger name="com.morpheus.provision.DockerProvisionService" level="INFO"/> <logger name="com.morpheus.provision.ExternalProvisionService" level="INFO"/> <logger name="com.morpheus.provision.HelmProvisionService" level="INFO"/> <logger name="com.morpheus.provision.IProvisionService" level="INFO"/> <logger name="com.morpheus.provision.KubernetesProvisionService" level="INFO"/> <logger name="com.morpheus.provision.MaasProvisionService" level="INFO"/> <logger name="com.morpheus.provision.ManualProvisionService" level="INFO"/> <logger name="com.morpheus.provision.OneviewProvisionService" level="INFO"/> <logger name="com.morpheus.provision.ScribeProvisionService" level="INFO"/> <logger name="com.morpheus.provision.SelfManagedProvisionService" level="INFO"/> <logger name="com.morpheus.provision.StandardProvisionService" level="INFO"/> <logger name="com.morpheus.provision.SwarmProvisionService" level="INFO"/> <logger name="com.morpheus.provision.TerraformProvisionService" level="INFO"/> <logger name="com.morpheus.provision.UcsProvisionService" level="INFO"/> <logger name="com.morpheus.provision.UnmanagedProvisionService" level="INFO"/> <logger name="com.morpheus.provision.WorkflowProvisionService" level="INFO"/> <logger name="com.morpheus.ProvisioningService" level="INFO"/> <logger name="com.morpheus.ProxyService" level="INFO"/> <logger name="com.morpheus.ReferenceService" level="INFO"/> <logger name="com.morpheus.report.AbstractReportService" level="INFO"/> <logger name="com.morpheus.report.AmazonCoverageReportService" level="INFO"/> <logger name="com.morpheus.report.AmazonSavingsReportService" level="INFO"/> <logger name="com.morpheus.report.AmazonUtilizationReportService" level="INFO"/> <logger name="com.morpheus.report.CloudAppCapacityReportService" level="INFO"/> <logger name="com.morpheus.report.CloudAppUsageReportService" level="INFO"/> <logger name="com.morpheus.report.CloudCapacityReportService" level="INFO"/> <logger name="com.morpheus.report.CloudInstanceTypeCapacityReportService" level="INFO"/> <logger name="com.morpheus.report.CloudInstanceTypeUsageReportService" level="INFO"/> <logger name="com.morpheus.report.CloudInventoryReportService" level="INFO"/> <logger name="com.morpheus.report.CloudUsageReportService" level="INFO"/> <logger name="com.morpheus.report.CostReportService" level="INFO"/> <logger name="com.morpheus.report.InventoryReportService" level="INFO"/> <logger name="com.morpheus.report.InvoiceReportService" level="INFO"/> <logger name="com.morpheus.report.MigrationReportService" level="INFO"/> <logger name="com.morpheus.report.PluginReportService" level="INFO"/> <logger name="com.morpheus.report.ReportService" level="INFO"/> <logger name="com.morpheus.report.TenantUsageReportService" level="INFO"/> <logger name="com.morpheus.report.TimeSeriesCostReportService" level="INFO"/> <logger name="com.morpheus.RoleService" level="INFO"/> <logger name="com.morpheus.RpcService" level="INFO"/> <logger name="com.morpheus.scale.AbstractScaleService" level="INFO"/> <logger name="com.morpheus.scale.MorpheusScaleService" level="INFO"/> <logger name="com.morpheus.ScaleService" level="INFO"/> <logger name="com.morpheus.scribe.ScribeLibraryService" level="INFO"/> <logger name="com.morpheus.ScriptConfigService" level="INFO"/> <logger name="com.morpheus.sdn.AbstractSdnService" level="INFO"/> <logger name="com.morpheus.sdn.MorpheusSdnService" level="INFO"/> <logger name="com.morpheus.sdn.OvsService" level="INFO"/> <logger name="com.morpheus.sdn.VethSdnService" level="INFO"/> <logger name="com.morpheus.security.AbstractSecurityScanService" level="INFO"/> <logger name="com.morpheus.security.ScapScanService" level="INFO"/> <logger name="com.morpheus.security.SecurityScanService" level="INFO"/> <logger name="com.morpheus.SecurityGroupService" level="INFO"/> <logger name="com.morpheus.SequenceService" level="INFO"/> <logger name="com.morpheus.ServerScriptService" level="INFO"/> <logger name="com.morpheus.ServerService" level="INFO"/> <logger name="com.morpheus.ServicePlanService" level="INFO"/> <logger name="com.morpheus.SettingsService" level="INFO"/> <logger name="com.morpheus.SetupService" level="INFO"/> <logger name="com.morpheus.SiteService" level="INFO"/> <logger name="com.morpheus.SnapshotPriceManagerService" level="INFO"/> <logger name="com.morpheus.SnapshotService" level="INFO"/> <logger name="com.morpheus.StatsService" level="INFO"/> <logger name="com.morpheus.StatusService" level="INFO"/> <logger name="com.morpheus.storage.AbstractStorageServerService" level="INFO"/> <logger name="com.morpheus.storage.AbstractStorageService" level="INFO"/> <logger name="com.morpheus.storage.BasicStorageService" level="INFO"/> <logger name="com.morpheus.storage.CephStorageService" level="INFO"/> <logger name="com.morpheus.storage.EcsStorageService" level="INFO"/> <logger name="com.morpheus.storage.IsilonStorageService" level="INFO"/> <logger name="com.morpheus.storage.KubernetesStorageService" level="INFO"/> <logger name="com.morpheus.storage.NfsStorageService" level="INFO"/> <logger name="com.morpheus.storage.QnapFileStationService" level="INFO"/> <logger name="com.morpheus.storage.StorageServerService" level="INFO"/> <logger name="com.morpheus.storage.StorageVolumeService" level="INFO"/> <logger name="com.morpheus.storage.ThreeParStorageService" level="INFO"/> <logger name="com.morpheus.StorageProviderService" level="INFO"/> <logger name="com.morpheus.SubAccountService" level="INFO"/> <logger name="com.morpheus.task.AbstractTaskService" level="INFO"/> <logger name="com.morpheus.task.AnsibleTaskService" level="INFO"/> <logger name="com.morpheus.task.AnsibleTowerTaskService" level="INFO"/> <logger name="com.morpheus.task.ChefTaskService" level="INFO"/> <logger name="com.morpheus.task.ContainerScriptTaskService" level="INFO"/> <logger name="com.morpheus.task.ContainerTemplateTaskService" level="INFO"/> <logger name="com.morpheus.task.EmailTaskService" level="INFO"/> <logger name="com.morpheus.task.ExecutableTaskInterface" level="INFO"/> <logger name="com.morpheus.task.GroovyTaskService" level="INFO"/> <logger name="com.morpheus.task.HttpTaskService" level="INFO"/> <logger name="com.morpheus.task.JavascriptTaskService" level="INFO"/> <logger name="com.morpheus.task.JRubyTaskService" level="INFO"/> <logger name="com.morpheus.task.LocalScriptTaskService" level="INFO"/> <logger name="com.morpheus.task.PuppetTaskService" level="INFO"/> <logger name="com.morpheus.task.PythonTaskService" level="INFO"/> <logger name="com.morpheus.task.RestartTaskService" level="INFO"/> <logger name="com.morpheus.task.ShellTaskService" level="INFO"/> <logger name="com.morpheus.task.TaskConfigService" level="INFO"/> <logger name="com.morpheus.task.TaskService" level="INFO"/> <logger name="com.morpheus.task.VroTaskService" level="INFO"/> <logger name="com.morpheus.task.WinrmTaskService" level="INFO"/> <logger name="com.morpheus.task.WriteAttributesTaskService" level="INFO"/> <logger name="com.morpheus.trust.AbstractCredentialService" level="INFO"/> <logger name="com.morpheus.trust.CredentialProvider" level="INFO"/> <logger name="com.morpheus.trust.CredentialService" level="INFO"/> <logger name="com.morpheus.trust.CypherCredentialService" level="INFO"/> <logger name="com.morpheus.trust.InternalCredentialService" level="INFO"/> <logger name="com.morpheus.trust.PluginCredentialService" level="INFO"/> <logger name="com.morpheus.UsageLimitService" level="INFO"/> <logger name="com.morpheus.UserGroupService" level="INFO"/> <logger name="com.morpheus.UserManagementService" level="INFO"/> <logger name="com.morpheus.vdi.VdiAppService" level="INFO"/> <logger name="com.morpheus.vdi.VdiGatewayService" level="INFO"/> <logger name="com.morpheus.vdi.VdiPoolService" level="INFO"/> <logger name="com.morpheus.VirtualImagePriceManagerService" level="INFO"/> <logger name="com.morpheus.VirtualImageService" level="INFO"/> <logger name="com.morpheus.WikiPageService" level="INFO"/> <logger name="com.morpheus.worker.DistributedWorkerService" level="INFO"/> <logger name="com.morpheus.ZoneFolderService" level="INFO"/> <logger name="com.morpheus.ZoneMarketplaceService" level="INFO"/> <logger name="com.morpheus.ZonePoolService" level="INFO"/> <logger name="com.morpheus.ZoneRegionService" level="INFO"/> <logger name="com.morpheus.ZoneService" level="INFO"/>
Audit logs¶
To set up CEF/SIEM auditing export, add the below appender above or below the other appenders in the logback.xml configuration file:
<appender name="AUDIT" class="ch.qos.logback.core.rolling.RollingFileAppender"> <file>/var/log/morpheus/morpheus-ui/audit.log</file> <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy"> <fileNamePattern>audit.%d{yyyy-MM-dd}.%i.log</fileNamePattern> <maxFileSize>50MB</maxFileSize> <maxHistory>30</maxHistory> </rollingPolicy> <encoder> <pattern>[%d] [%thread] %-5level %logger{15} - %maskedMsg %n</pattern> </encoder> </appender> .. note:: ``maxFileSize`` and ``maxHistory`` values can be updated as needed.
Add the below logger above or below the other loggers in the logback.xml configuration file (make sure it is below, not above, the appender from the previous step or an error will occur):
<logger name="com.morpheus.AuditLogService" level="INFO" additivity="false"> <appender-ref ref="AUDIT" /> </logger>
Once you have done this, you need to restart the Morpheus Application server:
morpheus-ctl stop morpheus-ui
Note
Please be aware this will stop the web interface for Morpheus.
Once the service has stopped enter the following at the xml prompt to restart (if the service does not stop, replace stop with graceful-kill and retry)
morpheus-ctl start morpheus-ui
To know when the UI is up and running you can run the following command
morpheus-ctl tail morpheus-ui
Once you see the ASCI art show up you will be able to log back into the User Interface. A new audit file will have been created called audit.log and will found in the default Morpheus log path which is
/var/log/morpheus/morpheus-ui/
This is only an example and other configurations are possible, such as creating an appender definition for your SIEM audit database product.
IPv6¶
Overview¶
There may be situations where instances only have IPv6 routing available. Morpheus fully supports IPv6 for the appliance and agent comms.
To enable IPv6 listener on the Morpheus appliance, you must modify the NGINX listeners.
Configuring NGINX Listeners¶
Confirm IPv6 is enabled and IP address is applied within the Morpheus underlying OS.
Modify the
/opt/morpheus/embedded/nginx/conf/sites-available/morpheus.conf
file, and add the following listerning under the server block at the top:listen [::]:80;
Modify the
/opt/morpheus/embedded/nginx/conf/sites-available/morpheus-ssl.conf
file, and add the following listerning under the server block at the top:listen [::]:443 ssl;
Restart the NGINX service:
morpheus-ctl restart nginx ok: run: nginx: (pid 47868) 0s
The site should now be resolvable via IPv6. To test you should be able to do the following:
curl -k -6 https://[<IPv6 Address>]/ping MORPHEUS PING