Additional Configuration Options

Advanced morpheus.rb Settings

Morpheus allows for additional advanced customizations for system managed services within the morpheus.rb file located in /etc/morpheus/morpheus.rb. Below is a list of the supported items available in the morpheus.rb file.

Note

Service configuration settings are not applicable for externalized services such as external mysql/percona, elasticsearch or rabbitmq clusters. Only connection settings are applicable for external services. Additionally, to configure Morpheus to utilize alternate ports for SSL, you may have to take additional configuration steps. If simply appending a port to your appliance_url value doesn’t work, consult the related article in our KnowledgeBase.

app['encryption_key_suffix'] = '$suffix'
  # Replace $suffix with the suffix string of your choice. See `https://docs.morpheusdata.com/en/latest/getting_started/additional/encryption.html` for important details and warnings.
appliance_url 'https://morpheus.appliance-url.com'
  # Appending alternate port to appliance_url is supported. ie 'https://morpheus.appliance-url.com:8443'
  # The appliance_url cannot exceed 64 characters
  # The appliance_url must not contain a trailing `/`.

bitcan['backup_directory'] = '/var/opt/morpheus/bitcan/backups'
bitcan['working_directory'] = '/var/opt/morpheus/bitcan/working'

elasticsearch['auth_password'] = 'xxxxxxxxxxxxxxxx'
elasticsearch['auth_user'] = 'morpheus-es-user'
elasticsearch['enable'] = true
elasticsearch['es_hosts'] = {'127.0.0.1' => 9200}
elasticsearch['host'] = "127.0.0.1"
elasticsearch['port'] = "9200"
elasticsearch['tmp_dir'] = '/var/tmp/elasticsearch'
elasticsearch['use_tls'] = false
↓ The following elasticsearch settings are only valid for Internal/Embedded elasticsearch services
elasticsearch['log_dir'] = '/var/log/morpheus/elasticsearch'
elasticsearch['memory_alloc_arena_max'] = 2
elasticsearch['memory_map_max'] = 65536
elasticsearch['memory_map_threshold'] = 131072
elasticsearch['memory_top_pad'] = 131072
elasticsearch['memory_trim_threshold'] = 131072
elasticsearch['open_files'] = 204800
elasticsearch['secure_mode'] = false
elasticsearch['xms'] = 0.25 #### Configurable for customers running into high memory issues, values are the percentage of total RAM. Both ui and es xms/xmx config only apply if Elasticsearch is enabled.
elasticsearch['xmx'] = 0.25

guacd['guacamole_enabled'] = false
guacd['host'] = localhost #### The host guacd is listening on, if not configured 'localhost' is the default value

logging['svlogd_num'] = 30 #### keep 30 rotated log files
logging['svlogd_size'] = 209715200 #### 200 MB in bytes
logging['svlogd_timeout'] = 86400 #### rotate after 24 hours in seconds

mysql['enable'] = true
mysql['host'] = {'127.0.0.1' => 3306}
mysql['use_tls'] = false
mysql['morpheus_db_user'] = 'morpheus-db-user'
mysql['morpheus_password'] = 'morpheus-db-password'
mysql['morpheus_db'] = 'xxxxxxxxxxxxxxxx'
mysql['mysql_url_overide'] = 'jdbc:mysql://10.30.20.10:3306,10.30.20.11:3306,10.30.20.12:3306/morpheusdb?autoReconnect=true&useUnicode=true&characterEncoding=utf8&failOverReadOnly=false&useSSL=false'
↓ The following mysql settings are only valid for Internal/Embedded mysql services
mysql['tmp_dir'] = '/tmp/mysql'
mysql['log_dir'] = '/var/log/morpheus/mysql'
mysql['max_active'] = 150 # The combined value off all app node max_active values must be lower than max_connections setting in mysql
mysql['max_connections'] = 151
mysql['max_allowed_packet'] = 67108864
mysql['mysql_connect_timeout'] = 60000
mysql['mysql_max_reconnects'] = 2
mysql['mysql_queries_before_retry_source'] = 0
mysql['mysql_seconds_before_retry_source'] = 300


nginx['cache_max_size'] = '5000m'
nginx['enable'] = true
nginx['loading_pages']['failure_page_h1'] = 'Morpheus Server Error'
nginx['loading_pages']['failure_page_h2'] = 'Please contact your system administrator for assistance.'
nginx['loading_pages']['failure_page_title'] = 'Morpheus Server Error'
nginx['loading_pages']['iteration_time'] = 10000 # milliseconds
nginx['loading_pages']['loading_page_h1'] = 'Morpheus is Loading...'
nginx['loading_pages']['loading_page_h2'] = 'please wait'
nginx['loading_pages']['loading_page_title'] = 'Morpheus Loading'
nginx['loading_pages']['max_loops'] = 60 # seconds
nginx['loading_pages']['timeout_page'] = '/timeout.html'
nginx['loading_pages']['timout_page_h1'] = 'Timeout waiting for Morpheus to load, click below to try again.'
nginx['loading_pages']['timout_page_title'] = 'Morpheus timeout, please try again...'
nginx['log_format_name'] = 'custom'
nginx['log_format'] = '\'$remote_addr - $remote_user [$time_local] "$request" \' \'$status $body_bytes_sent "$http_referer" \' \'"$http_user_agent" "$http_x_forwarded_for" \' \'rt=$request_time uct="$upstream_connect_time" uht="$upstream_header_time" urt="$upstream_response_time"\';'
nginx['listen_ipv6'] = nil #### IPv6 will be added to ``morpheus.conf`` and ``morpheus-ssl.conf`` listeners if any value is set in morpheus.rb other than ``nil``, including "off" or false
nginx['ssl_ciphers'] = "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"
nginx['ssl_company_name'] = "Morpheus, LLC"
nginx['ssl_country_name'] = "US"
nginx['ssl_email_address'] = "[email protected]"
nginx['ssl_locality_name'] = "San Mateo"
nginx['ssl_organizational_unit_name'] = "DevOps"
nginx['ssl_protocols'] = "TLSv1 TLSv1.1 TLSv1.2"
nginx['ssl_session_cache'] = "builtin:1000  shared:SSL:10m"
nginx['ssl_session_timeout'] = "5m"
nginx['ssl_state_name'] = "CA"
nginx['worker_connections'] = 10240
nginx['workers'] = integer calculated from number of cpus
nginx['ssl_access_ping_log'] = false #### false by default, when true GET requests to the ``/ping`` endpoint are logged in the ``/var/log/morpheus/nginx/morpheus-ssl-access.log`` file on the appliance
nginx['access_ping_log'] = false #### false by default, when true GET requests to the ``/ping`` endpoint are logged in the ``/var/log/morpheus/nginx/morpheus-ssl-access.log`` file on the appliance

rabbitmq['enable'] = true
rabbitmq['host'] = '127.0.0.1'
rabbitmq['port'] = '5672'
rabbitmq['queue_user_password'] = 'xxxxxxxxxxxxxxxx'
rabbitmq['queue_user'] = 'morpheus-rmq-user'
rabbitmq['vhost'] = 'morpheus'
↓ The following rabbitmq settings are only valid for Internal/Embedded rabbitmq services
rabbitmq['heartbeat'] = nil
rabbitmq['log_dir'] = '/var/log/morpheus/rabbitmq'
rabbitmq['nodename'] = 'rabbit@localhost'
rabbitmq['port'] = '5672'
rabbitmq['use_tls'] = false

repo['repo_host_url'] = 'https://downloads.morpheusdata.com'

ui['http_client_connect_timeout'] = 10000  #### milliseconds
ui['jobs_enabled'] = true #### This option disables the appliance jobs service on the appliance node when set to false. This should be disabled only when configuring jobs to run on specific app nodes in HA environments.
ui['kerberos_config'] = nil
ui['kerberos_login_config'] = nil
ui['log_dir'] = '/var/log/morpheus/morpheus-ui'
ui['max_memory_mb'] = nil
ui['memory_alloc_arena_max'] = 2
ui['memory_map_max'] = 65536
ui['memory_map_threshold'] = 131072
ui['memory_top_pad'] = 131072
ui['memory_trim_threshold'] = 131072
ui['pxe_boot_enabled'] = false #### This option disables the PXE service within the app
ui['vm_images_cdn_url'] = 'https://morpheus-images.morpheusdata.com'
ui['xms'] = 0.25 #### Configurable for customers running into high memory issues, values are the percentage of total RAM. Both ui and es xms/xmx config only apply if Elasticsearch is enabled.
ui['xmx'] = 0.25

Load Balancer Configuration

For configurations with 2 or more Applications Nodes, a load balancer is recommended to ensure high availability (HA) from disruptions and upgrades. Below are the guidelines to configuring a load balancer for Morpheus but each configuration may differ based on the organization’s requirements.

Requirements

  • WebSockets enabled

  • Load Balance 443 (optionally redirect 80 to 443)

    • SSL Termination (Offload), Bridging, and Passthrough are supported

  • Round-Robin or least connection distribution

  • HTTPS monitor https://ip_address/ping body for MORPHEUS PING or status of 200, for node operational health

Example configurations

Below are a few examples of configuring load balancers to meet the needs of a HA configuration. The examples assume SSL bridging will be used, which means an SSL (TLS) certificate is presented by the load balancer to clients and the load balancer will communicate with the backend nodes via a different (possibly same) certificate. This configuration is recommended because the Morpheus application nodes will create self-signed certificates and the load balancer will present a valid certificate to end users. Additionally, all communication will be encrypted. This reduces the overhead of maintaining the certificates on the Morpheus application nodes, as the load balancer can ignore invaild certs on the application nodes. However, the certificates on the Morpheus application nodes are not required to be self-signed, they can be replaced with other trusted certificates following the SSL Certificates documentation.

Tip

The list below is not meant to be a complete list for all load balancers. The provided examples are common deployments that can be used for reference. The settings mentioned in the examples list the primary settings that may need to be configured, other settings are based on the organization’s needs requirements and own configuration.

F5 BIG-IP

Monitor

  • Type: HTTPS

  • Send String: GET /ping

  • Receive String: MORPHEUS PING

Pool

  • Health Monitor: Select monitor created in the Monitor section

  • Load Balancing Method: Least Connections (member) is recommended (alternatively Round Robin)

  • Node Service Port: 443/HTTPS

Virtual Server

  • Type: Standard

  • Service Port: 443/HTTPS

  • Protocol: TCP

  • Protocol Profile (Client): tcp

  • Protocol Profile (Server): tcp

  • HTTP Profile (Client): http

  • HTTP Profile (Server): http

  • SSL Profile (Client): clientssl (or preferred profile with a trusted certificate)

  • SSL Profile (Server): serverssl

  • Source Address Translation: Auto Map

AWS Application Load Balancer (ALB)

Target Group

  • Target Type: Instances

  • Protocol/Port: HTTPS/443

  • Health Check Protocol: HTTPS

  • Health check path: /ping

  • Load balancing algorithm: Least Outstanding Requests is recommended (alternatively Round Robin)

Load Balancer

  • Security Group: Allow HTTPS/443 Inbound and Outbound

  • Listener: HTTPS:443 to the target group created in the Target Group section

  • Security Policy: ELBSecurityPolicy-2016-08

HAProxy

Example /etc/haproxy/haproxy.cfg configuration file

#---------------------------------------------------------------------
# Example configuration for a possible web application.  See the
# full configuration options online.
#
#   https://www.haproxy.org/download/1.8/doc/configuration.txt
#
#---------------------------------------------------------------------

#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
    log         127.0.0.1:514 local2
    chroot      /var/lib/haproxy
    pidfile     /var/run/haproxy.pid
    maxconn     4000
    user        haproxy
    group       haproxy
    daemon

    # turn on stats unix socket
    stats socket /var/lib/haproxy/stats

    # utilize system-wide crypto-policies
    ssl-default-bind-ciphers PROFILE=SYSTEM
    ssl-default-server-ciphers PROFILE=SYSTEM

defaults
    mode                    http
    log                     global
    option                  httplog
    option                  dontlognull
    option http-server-close
    option forwardfor       except 127.0.0.0/8
    option                  redispatch
    retries                 3
    timeout http-request    10s
    timeout queue           1m
    timeout connect         10s
    timeout client          1m
    timeout server          1m
    timeout http-keep-alive 10s
    timeout check           10s
    maxconn                 3000

frontend main
    mode http
    bind *:443 ssl crt /etc/haproxy/ssl/combined_crt_key.pem
    default_backend             mybackend

backend mybackend
    mode http
    option      httpchk
    http-check  send meth GET uri /ping
    http-check  expect string MORPHEUS\ PING
    balance     leastconn
    server      app1 192.168.101.1:443 check ssl verify none
    server      app2 192.168.101.2:443 check ssl verify none
    server      app3 192.168.101.3:443 check ssl verify none

Azure Application Gateway

In this example, it is assumed End-To-End TLS Encryption is being used, which means the Application Gateway will present a certificate to the clients and the backend nodes will present the same certificate.

If a setting is not mentioned, it is assumed that the default can be maintained.

General Settings

  • Tier: Standard V2

  • Capacity type: Autoscale or Manual are both supported

  • HTTPS2: Disabled

Frontend Configuration

  • Type: Set Public if Morpheus should be accessilbe externally, otherwise choose Private

  • Public IP Address: Associate a previously create public IP or create a new one

Listener

  • Frontend IP: Choose the IP created from the Frontend Configuration above

  • Protocol: HTTPS

  • Port: 443

  • Certificate:

    • Upload the public certificate in PFX format

    • This certificate should match the one presented by the backend nodes

    • The certificate should include the entire chain, including the private key

  • Listener type: Basic

  • Error page URL: No

Backend Settings

  • Backend protocol: HTTPS

  • Backend port: 443

  • Use well known CA certificate:

    • If set to Yes, the certificate does not need to be uploaded in the settings. This must be a well known certificate provided by a well known certificate authority, not an internally generated certificate

    • If set to No, ensure the certificate that is present on the backend nodes is uploaded to the Application Gateway. Note that the certificate should include the entire chain (CA, Intermediates, Certificate)

  • Cookie-based affinity: Disable

  • Connection draining: Enable

  • Override with new host name: No

  • Use Custom probe: No (one will be created next and will be assoicated during that configuration)

Health Probe

  • Protocol: HTTPS

  • Host: Enter the host that is configured on the Morpheus application nodes. This same host that will be used on the Application Gateway Example: morpheus.mydomain.com

  • Pick host name from backend settings: No

  • Pick port from backend settings: Yes

  • Path: /ping

  • Use probe matching conditions: Yes

  • HTTP response status code match: 200-399

  • Backend settings: Choose the backend settings created above

Backend Pool

  • The Target Type can either be Virtual Machine or IP address or FQDN

    • If Morpheus is hosted in Azure, Virtual Machine will likely be the choice. The load balancer will need to able to communicate with the target

    • If Morpheus is hosted on-premise, or outside of Azure, the IP address or FQDN can be used but the load balancer will need to able to communicate with the target

Important Items


Offline Installations and Upgrades

For customers that have an appliance behind a firewall/proxy that does not allow downloads from our Amazon download site, you can add the supplemental package to add the needed packages the standard Morpheus installer would have downloaded.

Offline Installation Requirements

  • NTP should be correctly configured and the server is able to connect to the NTP server in the ntp.conf file

  • The OS package repositories should be configured to use local LAN repository servers or the server should be able to receive packages from the configured repositories

  • The standard Morpheus and supplemental packages must be downloaded from another system and transferred to the Morpheus Appliance server

  • The supplemental package is additive, the full installer is also required

Note

The supplemental package is linked 1-to-1 to the appliance release. For example the supplemental package for 4.2.1-1 should be used with the appliance package 4.2.1-1

Offline Install

Ubuntu/Debian

  1. Download both the regular Morpheus Appliance package and the Supplemental packages on to the appliance server:

    wget http://example_url/morpheus-appliance_version_amd64.deb
    wget http://example_url/morpheus-appliance-supplemental_version_all.deb
    
  2. Install the both the Appliance package AND the Supplemental package.

    sudo dpkg -i morpheus-appliance_version_amd64.deb
    sudo dpkg -i morpheus-appliance-supplemental_version_all.deb
    
  3. Set the Morpheus UI appliance url (if needed, hostname will be automatically set).

    # edit appliance_url to resolvable url (if not configured correctly by default)
    
    sudo vi /etc/morpheus/morpheus.rb
    
  4. Reconfigure the appliance to install required packages

    sudo morpheus-ctl reconfigure
    

The Chef run should complete successfully. There is a small pause when Chef runs the resource remote_file[package_name] action create while Chef verifies the checksum. After the reconfigure is complete, the morpheus-ui will start and be up in a few minutes.

Note

Tail the morpheus log file located at /var/log/morpheus/morpheus-ui/current with the command morpheus-ctl tail morpheus-ui and look for the Morpheus ascii logo to know when the morpheus-ui is up.

CentOS/RHEL

  1. Download both the regular Morpheus Appliance package and the matching Supplemental package on to the Appliance server:

    wget http://example_url/morpheus-appliance_package_url.noarch.rpm
    wget http://example_url/morpheus-appliance_package_supplemental_url.noarch.rpm
    
  2. Install the both the Appliance package AND the Supplemental package.

    sudo rpm -i morpheus-appliance_package_url.noarch.rpm
    sudo rpm -i morpheus-appliance_package_supplemental_url.noarch.rpm
    
  3. Set the Morpheus UI appliance url (if needed, hostname will be automatically set).

    #Edit appliance_url to resolvable url (if not configured correctly by default)
    
    sudo vi /etc/morpheus/morpheus.rb
    
  4. Reconfigure the appliance to install required packages

    sudo morpheus-ctl reconfigure
    

The Chef run should complete successfully. There is a small pause when Chef runs the resource remote_file[package_name] action create while Chef verifies the checksum. After the reconfigure is complete, the morpheus-ui will start and be up in a few minutes.

Note

Tail the morpheus-ui log file with morpheus-ctl tail morpheus-ui and look for the Morpheus ascii logo to know when the morpheus-ui is up.

Proxies

Overview

In many situations,companies deploy virtual machines in proxy restricted environments for things such as PCI Compliance, or just general security. As a result of this Morpheus provides out of the box support for proxy connectivity. Proxy authentication support is also provided with both Basic Authentication capabilities as well as NTLM for Windows Proxy environments. Morpheus is even able to configure virtual machines it provisions to utilize these proxies by setting up the operating systems proxy settings directly (restricted to cloud-init based Linux platforms for now, but can also be done on windows based platforms in a different manner).

To get started with Proxies, it may first be important to configure the Morpheus appliance itself to have access to proxy communication for downloading service catalog images. To configure this, visit the Administration > Settings page where a section labeled “Proxy Settings” is located. Fill in the relevant connection info needed to utilize the proxy. It may also be advised to ensure that the Linux environment’s http_proxy, https_proxy, and no_proxy are set appropriately.

Defining Proxies

Proxies can be used in a few different contexts and optionally scoped to specific networks with which one may be provisioning into or on a cloud integration as a whole. To configure a Proxy for use by the provisioning engines within Morpheus we must go to Infrastructure > Networks > Proxies. Here we can create records representing connection information for various proxies. This includes the host ip address, proxy port, and any credentials (if necessary) needed to utilize the proxy. Now that these proxies are defined we can use them in various contexts.

Cloud Communication

When morpheus needs to connect to various cloud APIs to issue provisioning commands or to sync in existing environments, we need to ensure that those api endpoints are accessible by the appliance. In some cases the appliance may be behind a proxy when it comes to public cloud access like Azure and AWS. To configure the cloud integration to utilize a proxy, when adding or editing a cloud there is a setting called “API Proxy” under “Advanced Options”. This is where the proxy of choice can be selected to instruct the Provisioning engine how to communicate with the public cloud. Simply adjust this setting and the cloud should start being able to receive/issue instructions.

Provisioning with Proxies

Proxy configurations can vary from operating system to operating system and in some cases it is necessary for these to be configured in the blueprints as a prerequisite. In other cases it can also be configured automatically. Mostly with the use of cloud-init (which all of our out of the box service catalog utilizes on all clouds). When editing/creating a cloud there is a setting for “Provisioning Proxy” in “Provisioning Options”. If this proxy is set, Morpheus will automatically apply these proxy settings to the guest operating system.

Overriding proxy settings can also be done on the Network record. Networks (or subnets) can be configured in Infrastructure > Networks or on the Networks tab of the relevant Cloud detail page. Here, a proxy can also be assigned as well as additional options like the No Proxy rules for proxy exceptions.

Docker

When provisioning Docker based hosts within a Proxy environment it is up to the user to configure the docker host proxy configuration manually. There are workflows that can be configured via the Automation engine to make this automatic when creating docker based hosts. Please see documentation on Docker and proxies for specific information.

Proxy setups can vary widely from company to company, and it may be advised to contact support for help configuring morpheus to work in the proxy environment.

SSL Certificates

By default Morpheus generates a Self-Signed SSL Certificate. The Self-Signed SSL Certificate can be replaced with a Trusted CA Signed SSL Certificate.

Trusted CA Signed SSL Certificate Implementation

  1. If you don’t already have your certificate, run an OpenSSL command to generate an SSL certificate request (.csr) and private key (.key). If you need help formatting the command, DigiCert provides a helpful tool

  2. Submit your certificate request (.csr) and await approval of the request and return of the certificate (.crt)

  3. Copy the private key and certificate to /etc/morpheus/ssl/your_fqdn_name.key and /etc/morpheus/ssl/your_fqdn_name.crt respectively

    • Extracting Certificates in PFX Format

      # Extract the private key
      openssl pkcs12 -in example.pfx -nocerts -nodes -out priv.key
      # Extract the public key
      openssl pkcs12 -in example.pfx -clcerts -nokeys -out pub.crt
      # Extract the CA cert chain
      openssl pkcs12 -in example.pfx -cacerts -nokeys -chain -out ca.crt
      
    • Extracting Certificates in PEM Format

      # Extract the private key
      openssl x509 -outform der -in your-cert.pem -out your-cert.key
      # Extract the public key
      openssl x509 -outform der -in your-cert.pem -out your-cert.key
      
  4. Edit the configuration file /etc/morpheus/morpheus.rb and add the following entries:

    nginx['ssl_certificate'] = 'path to the certificate file'
    nginx['ssl_server_key'] = 'path to the server key file'
    

    Note

    Both files should be owned by root and only readable by root, also if the server certificate is signed by an intermediate then you should include the signing chain inside the certificate file. The key file needs to be decrypted for Morpheus to install it properly.

  5. Next simply reconfigure the appliance and restart nginx:

    sudo morpheus-ctl reconfigure
    sudo morpheus-ctl restart nginx
    

Self-Signed SSL Certificate Regeneration

When Morpheus is deployed it generates a 10 year Self-Signed SSL Certificate. Below details the process to regenerate the Certificate and Key files.

Regenerate both the Certificate and Key

  1. Delete the certificate and key files in /etc/morpheus/ssl/.

  2. Run Reconfigure morpheus-ctl reconfigure.

  3. Restart NGINX morpheus-ctl restart nginx.

Regenerate only the Certificate

  1. Delete the certificate file in /etc/morpheus/ssl/.

  2. Run Reconfigure morpheus-ctl reconfigure.

  3. Restart NGINX morpheus-ctl restart nginx.

Import Trusted Certificates

Important

The following applies to upgrades after modifying the java keystore.

Steps to import trusted certificates to Morpheus after an upgrade.

  1. Obtain the full SSL certificate chain in PEM format.

  2. Copy them to each appliance and place them in the /etc/morpheus/ssl/trusted_certs directory.

  3. Run morpheus-ctl reconfigure on each appliance, note you don’t need to stop Morpheus before you run this.

  4. Run the following command as root:

    export PATH=/opt/morpheus/sbin:/opt/morpheus/sbin:/opt/morpheus/embedded/sbin:/opt/morpheus/embedded/bin:$PATH
    
  5. Run the following command for each certificate in the chain, adjusting the file and alias name as needed. Answer yes for the root certificate when asked it you want to trust it.

    /opt/morpheus/embedded/java/jre/bin/keytool -import -keystore /opt/morpheus/embedded/java/jre/lib/security/cacerts -trustcacerts -file /etc/morpheus/ssl/trusted_certs/root_ca.pem -alias some_alias -storepass changeit
    
  6. Verify by running:

    openssl s_client -connect host:port -showcerts -tls1_2
    
  7. You should get an output similar to:

    New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
    Server public key is 2048 bit
    Secure Renegotiation IS supported
    No ALPN negotiated
    SSL-Session:
    Protocol : TLSv1.2
    Cipher  : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 5D9E820E4FF2A73A9977BA663E6029AA5415FEE85F49D8B1E541F5997C8E1FB2
    Session-ID-ctx:
    Master-Key: 29EEC2E7750C659AECB9942902D9A87B824E571522812B718420FC08F8D2ACE68CB16EC812A7D90B12A86D1970FFD81C
    Key-Arg  : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1547219217
    Timeout  : 7200 (sec)
    Verify return code: 0 (ok) #<----------------
    
  8. If the certificates are installed correctly you should see Verify return code: 0 (ok). If they were not installed correctly then you will see a return similar to: Verify return code: 21 (unable to verify the first certificate)

  9. Repeat for all App Nodes

Data Encryption

By default, Morpheus encrypts sensitive data in the Database using AES encryption mode with GCM. Passwords and other strings in Morpheus Appliance configuration files such as morpheus-secrets.json and morpheus.rb are in plain text as they are only accessible by root.

Passwords and other strings in Morpheus Appliance configuration files can be set to an encrypted string using the Morpheus crypto utility to generate ENC strings and then using ENC(string) as the value in the configuration file.

Additionally a custom Encryption Key Suffix can be set in the morpheus.rb configuration file. This suffix will be combined with a system string to generate a SHA-256 hash, which is used to generate the AES encryption key.

Generate ENC Strings for morpheus-secrets.json

System generated passwords are set in /etc/morpheus/morpheus-secrets.json. These entries can be updated to ENC strings with the following steps:

  1. On the Morpheus appliance, run morpheus-ctl get-crypto-string migrate which will output ENC() strings for the passwords in morpheus-secrets.json

  2. Update the desired password strings in the morpheus-secrets.json config file with the matching ENC() string.

  3. Save morpheus-secrets.json

  4. Run morpheus-ctl reconfigure

Generate ENC Strings for custom morpheus.rb entries

ENC() strings can be generated for sensitive data set in morpheus.rb, such as the password to an external service.

To generate ENC(0) strings for morpheus.rb entries:

  1. On the Morpheus appliance, run morpheus-ctl get-crypto-string string $clear_text '$suffix' which will output strings for the passwords in morpheus-secrets.json

    • Replace $clear_text with the string to be encrypted

    • If a suffix is defined in morpheus.rb (as described in the next section), replace $suffix with your suffix.

    Note

    It is advisable to disable bash history logging by running unset HISTFILE before running the morphesu-ctl get-crypto-string command and then set HISTFILE=$HOME/.bash_history to reenable.

  2. Update the desired password strings in the morpheus.rb config file with the matching string output, using ENC($output) format

    • Example: mysql['morpheus_password'] = 'ENC($ZI5DnaO0quhxKe$kDFD+U2ZeJUuYiNC$F1+czPNyo+3lAdq7V0gcrWwHnkINYqr13cUGrDVyog==)'

  3. Save morpheus.rb

  4. Run morpheus-ctl reconfigure

Encrypted Key Suffix

A custom Encryption Key Suffix can be set in the morpheus.rb configuration file. This suffix will be combined with a system string to generate a SHA-256 Hash, which is used in the generation of the system AES encryption key.

Danger

Setting a custom Encryption Key Suffix affects all data encrypted by Morpheus, including database and cypher data. Encryption Key Suffix is required in the event data needs to be migrated or recovered. Once the Encryption Key Suffix is set, data cannot be recovered without it. Store any Encryption Key Suffix externally where it can be referenced for future scenarios.

Important

The Encryption Key Suffix cannot be changed or removed after being set. Changing or removing an existing Encryption Key Suffix will prevent data access. If an existing suffix is altered in the morpheus.rb file, it must be restore to its original value.

  1. Add app['encryption_key_suffix'] = '$suffix' to /etc/morpheus/morpheus.rb, replacing $suffix with your suffix.

    Danger

    Once an Encryption Key Suffix is set and applied via reconfigure, it cannot be altered or removed and data cannot be migrated or recovered without it.

  2. Run morpheus-ctl reconfigure

    • Reconfigure will generate a new encryption key using the suffix and set (ENC) values for the service password in application.yml

logback config

Note

This doc is for 5.4.4+ versions that use logback.xml. 5.4.3 and earlier versions use logback.groovy with a different syntax that is not compatible with this doc. Please refer to 5.4.3 and earlier documentation for logback.groovy configuration details.

The log output for the morpheus-ui service is configured in the logback.xml file. Log output levels can be updated when more or less log output is desired.

Setting Log Levels

To change a log level, edit the logback configuration file in /opt/morpheus/conf/logback.xml and save. The changes will be reflected within the configured scanPeriod, 30 seconds by default.

Levels:
  • OFF (no log output)

  • ERROR (includes error logs)

  • WARN (includes warn and error logs)

  • INFO (includes info, warn and error logs)

  • DEBUG (includes info, warn, error and debug logs)

  • TRACE (includes info, warn, error, debug and trace logs)

Warning

Use DEBUG and/or TRACE levels with caution. DEBUG & TRACE levels can produce many logs that can consume disk space quickly. Only use DEBUG and/or TRACE levels when needed and target them for specific services.

Example Logback Settings

Below are sample log configuration settings. This is not a complete list. Additional log names/paths can typically be determined from the standard INFO, WARN and ERROR logs.

ACI
<logger name="com.morpheus.integration.NetworkServersController" level="DEBUG"/>
<logger name="com.morpheus.network.AciNetworkService" level="DEBUG"/>
<logger name="com.morpheus.network.AciUtility" level="DEBUG"/>
<logger name="com.morpheus.network.NetworkService " level="DEBUG"/>
Amazon
<logger name="com.morpheus.compute.amazon.AmazonComputeService" level="DEBUG"/>
<logger name="com.morpheus.compute.AmazonComputeUtility" level="DEBUG"/>
<logger name="com.morpheus.costing.AmazonCostingService" level="DEBUG"/>
<logger name="com.morpheus.provision.AmazonProvisionService" level="DEBUG"/>
Azure
<logger name="com.morpheus.Azure.ServersController" level="DEBUG"/>
<logger name="com.morpheus.AzureSqlServerProvisionService" level="DEBUG"/>
<logger name="com.morpheus.compute.azure.AzureComputeService" level="DEBUG"/>
<logger name="com.morpheus.compute.AzureComputeUtility" level="DEBUG"/>
<logger name="com.morpheus.compute.AzureCostingService" level="DEBUG"/>
Chef
<logger name="com.morpheus.automation.ChefClientService" level="DEBUG"/>
<logger name="com.morpheus.automation.ChefService" level="DEBUG"/>
<logger name="com.morpheus.automation.ChefTaskService" level="DEBUG"/>
DNS
<logger name="com.morpheus.dns.MicrosoftDnsService" level="DEBUG"/>
General
<logger name="com.morpheus.InstanceService" level="DEBUG"/>
<logger name="com.morpheus.util.ApiUtility" level="DEBUG"/>
<logger name="com.morpheus.AppService" level="DEBUG"/>
<logger name="com.morpheus.MorpheusComputeService" level="DEBUG"/>
<logger name="com.morpheus.RpcService" level="DEBUG"/>
<logger name="com.morpheus.network.NetworkService " level="DEBUG"/>
<logger name="com.morpheus.provision.AbstractProvisionService" level="DEBUG"/>
<logger name="com.morpheus.provision.AbstractBoxProvisionService" level="DEBUG"/>
<logger name="com.morpheus.compute.ProgressUpdater" level="DEBUG"/>
Google
<logger name="com.morpheus.compute.google.GoogleComputeService" level="DEBUG"/>
<logger name="com.morpheus.compute.GoogleComputeUtility" level="DEBUG"/>
<logger name="com.morpheus.provision.GoogleProvisionService" level="DEBUG"/>
Hyper-V
<logger name="com.morpheus.compute.hyperv.HypervComputeService" level="DEBUG" />
<logger name="com.morpheus.compute.HypervComputeUtility" level="DEBUG" />
IBM Cloud
<logger name="com.morpheus.compute.softlayer.SoftlayerComputeService" level="DEBUG"/>
<logger name="com.morpheus.compute.SoftlayerComputeUtility" level="DEBUG"/>
Kubernetes
<logger name="com.morpheus.app.KubernetesAppTemplateService" level="DEBUG"/>
<logger name="com.morpheus.app.KubernetesResourceMappingService" level="DEBUG"/>
<logger name="com.morpheus.compute.KubernetesComputeService" level="DEBUG"/>
<logger name="com.morpheus.host.KubernetesHostService" level="DEBUG"/>
<logger name="com.morpheus.provision.KubernetesProvisionService" level="DEBUG"/>
<logger name="com.morpheus.storage.KubernetesStorageService" level="DEBUG"/>
Monitoring
<logger name="com.morpheus.monitoring.MonitorCheckService" level="DEBUG"/>
Network
<logger name="com.morpheusdata.infoblox.InfobloxProvider" level="DEBUG"/>
<logger name="com.morpheus.network.InfobloxNetworkPoolService" level="DEBUG"/>
<logger name="com.morpheus.network.NetworkService " level="DEBUG"/>
<logger name="com.morpheus.network.PluginNetworkPoolService" level="DEBUG"/>
Nutanix
<logger name="com.morpheus.compute.nutanix.NutanixComputeService" level="DEBUG"/>
<logger name="com.morpheus.compute.NutanixComputeUtility" level="DEBUG"/>
<logger name="com.morpheus.provision.NutanixProvisionService" level="DEBUG"/>
Openstack
<logger name="com.morpheus.compute.AbstractOpenStackComputeService" level="DEBUG"/>
<logger name="com.morpheus.compute.AbstractOpenStackComputeUtility" level="DEBUG"/>
<logger name="com.morpheus.provision.OpenStackProvisionService" level="DEBUG"/>
<logger name="com.morpheus.storage.OpenStackSFSStorageService" level="DEBUG"/>
Option Types
<logger name="com.morpheus.OptionSourceService" level="DEBUG"/>
<logger name="com.morpheus.OptionTypeListService" level="DEBUG"/>
<logger name="com.morpheus.OptionTypeService" level="DEBUG"/>
Remote Console
<logger name="com.morpheus.remote.MorpheusGuacamoleWebsocketHandler" level="DEBUG"/>
SCVMM
<logger name="com.morpheus.compute.scvmm.ScvmmComputeService" level="DEBUG"/>
<logger name="com.morpheus.compute.ScvmmComputeUtility" level="DEBUG"/>
<logger name="com.morpheus.provision.ScvmmProvisionService" level="DEBUG"/>
ServiceNow
<logger name="com.morpheus.cmdb.ServiceNowCmdbService" level="DEBUG"/>
<logger name="com.morpheus.integrations.ServiceNowUtility" level="DEBUG"/>
Tasks
<logger name="com.morpheus.task.AnsibleTowerTaskService" level="DEBUG"/>
<logger name="com.morpheus.task.TaskService" level="DEBUG"/>
<logger name="com.morpheus.task.WinrmTaskService" level="DEBUG"/>
Terraform
<logger name="com.morpheus.app.AbstractResourceMappingService" level="DEBUG"/>
<logger name="com.morpheus.app.TerraformAppTemplateService" level="DEBUG"/>
<logger name="com.morpheus.app.TerraformAwsResourceMappingService" level="DEBUG"/>
<logger name="com.morpheus.app.TerraformResourceMappingService" level="DEBUG"/>
<logger name="com.morpheus.provision.TerraformProvisionService" level="DEBUG"/>
Usage
<logger name="com.morpheus.AccountPriceService" level="DEBUG"/>
vCloud
<logger name="com.morpheus.compute.vmware.VcloudDirectorComputeService" level="DEBUG"/>
<logger name="com.morpheus.provision.VcloudDirectorProvisionService" level="DEBUG"/>
<logger name="com.morpheus.compute.VcdComputeUtility" level="DEBUG"/>
Veeam
<logger name="com.morpheus.backup.VeeamBackupService" level="DEBUG"/>
Vmware
<logger name="com.morpheus.compute.VmwareComputeUtility" level="DEBUG"/>
<logger name="com.morpheus.compute.vmware.VmwareComputeService" level="DEBUG"/>
<logger name="com.morpheus.provision.VmwareProvisionService" level="DEBUG"/>
vRO
<logger name="com.morpheus.automation.VroService" level="DEBUG"/>

All core logger paths

Expand below to see all core Morpheus logger paths set to INFO level.

All core logger paths Click to Expand/Hide

<logger name="com.bertramlabs.plugins.AccountsAuthService" level="INFO"/>
<logger name="com.bertramlabs.plugins.AccountsService" level="INFO"/>
<logger name="com.bertramlabs.plugins.ActiveDirectoryUserService" level="INFO"/>
<logger name="com.bertramlabs.plugins.AzureSamlUserService" level="INFO"/>
<logger name="com.bertramlabs.plugins.CustomApiUserService" level="INFO"/>
<logger name="com.bertramlabs.plugins.CustomExternalUserService" level="INFO"/>
<logger name="com.bertramlabs.plugins.DefaultUserService" level="INFO"/>
<logger name="com.bertramlabs.plugins.JumpCloudUserService" level="INFO"/>
<logger name="com.bertramlabs.plugins.LdapUserService" level="INFO"/>
<logger name="com.bertramlabs.plugins.OktaUserService" level="INFO"/>
<logger name="com.bertramlabs.plugins.OneLoginUserService" level="INFO"/>
<logger name="com.bertramlabs.plugins.PingUserService" level="INFO"/>
<logger name="com.bertramlabs.plugins.SamlUserService" level="INFO"/>
<logger name="com.bertramlabs.plugins.UserSourceAuthenticationProvider" level="INFO"/>
<logger name="com.morpheus.AbstractComputeService" level="INFO"/>
<logger name="com.morpheus.AbstractPriceManagerService" level="INFO"/>
<logger name="com.morpheus.AccountBudgetService" level="INFO"/>
<logger name="com.morpheus.AccountIntegrationObjectService" level="INFO"/>
<logger name="com.morpheus.AccountIntegrationService" level="INFO"/>
<logger name="com.morpheus.AccountInvoiceService" level="INFO"/>
<logger name="com.morpheus.AccountPriceService" level="INFO"/>
<logger name="com.morpheus.AccountResourceService" level="INFO"/>
<logger name="com.morpheus.AccountUsageService" level="INFO"/>
<logger name="com.morpheus.ActivityService" level="INFO"/>
<logger name="com.morpheus.analytics.AbstractAnalyticsService" level="INFO"/>
<logger name="com.morpheus.analytics.AmazonConvertibleRiAnalyticsService" level="INFO"/>
<logger name="com.morpheus.analytics.CostAnalyticsService" level="INFO"/>
<logger name="com.morpheus.analytics.UtilizationAnalyticsService" level="INFO"/>
<logger name="com.morpheus.analytics.WorkloadAnalyticsService" level="INFO"/>
<logger name="com.morpheus.AnalyticsService" level="INFO"/>
<logger name="com.morpheus.api.AbstractApiService" level="INFO"/>
<logger name="com.morpheus.api.agent.CommandService" level="INFO"/>
<logger name="com.morpheus.api.agent.DownloadService" level="INFO"/>
<logger name="com.morpheus.api.agent.UploadService" level="INFO"/>
<logger name="com.morpheus.app.AbstractAppTemplateService" level="INFO"/>
<logger name="com.morpheus.app.AbstractResourceMappingService" level="INFO"/>
<logger name="com.morpheus.app.AppTemplateService" level="INFO"/>
<logger name="com.morpheus.app.HelmAppTemplateService" level="INFO"/>
<logger name="com.morpheus.app.KubernetesAppTemplateService" level="INFO"/>
<logger name="com.morpheus.app.KubernetesResourceMappingService" level="INFO"/>
<logger name="com.morpheus.app.MorpheusAppTemplateService" level="INFO"/>
<logger name="com.morpheus.app.ScribeResourceMappingService" level="INFO"/>
<logger name="com.morpheus.app.TerraformAppTemplateService" level="INFO"/>
<logger name="com.morpheus.app.TerraformAwsResourceMappingService" level="INFO"/>
<logger name="com.morpheus.app.TerraformAzurermResourceMappingService" level="INFO"/>
<logger name="com.morpheus.app.TerraformGoogleResourceMappingService" level="INFO"/>
<logger name="com.morpheus.app.TerraformResourceMappingService" level="INFO"/>
<logger name="com.morpheus.app.TerraformVsphereResourceMappingService" level="INFO"/>
<logger name="com.morpheus.ApplianceClientService" level="INFO"/>
<logger name="com.morpheus.ApplianceDelayedJobService" level="INFO"/>
<logger name="com.morpheus.ApplianceHealthService" level="INFO"/>
<logger name="com.morpheus.ApplianceJobService" level="INFO"/>
<logger name="com.morpheus.ApplianceLicenseService" level="INFO"/>
<logger name="com.morpheus.ApplianceService" level="INFO"/>
<logger name="com.morpheus.ApplianceStorageService" level="INFO"/>
<logger name="com.morpheus.approval.ApprovalService" level="INFO"/>
<logger name="com.morpheus.approval.RemedyApprovalService" level="INFO"/>
<logger name="com.morpheus.approval.ServiceNowApprovalService" level="INFO"/>
<logger name="com.morpheus.AppService" level="INFO"/>
<logger name="com.morpheus.ArchiveService" level="INFO"/>
<logger name="com.morpheus.AsyncService" level="INFO"/>
<logger name="com.morpheus.AuditLogService" level="INFO"/>
<logger name="com.morpheus.automation.AbstractConfigManagementService" level="INFO"/>
<logger name="com.morpheus.automation.AnsibleService" level="INFO"/>
<logger name="com.morpheus.automation.AnsibleTowerService" level="INFO"/>
<logger name="com.morpheus.automation.ChefService" level="INFO"/>
<logger name="com.morpheus.automation.ConfigManagementService" level="INFO"/>
<logger name="com.morpheus.automation.HelmService" level="INFO"/>
<logger name="com.morpheus.automation.PuppetService" level="INFO"/>
<logger name="com.morpheus.automation.SaltStackService" level="INFO"/>
<logger name="com.morpheus.automation.VroService" level="INFO"/>
<logger name="com.morpheus.backup.AbstractBackupExecutionService" level="INFO"/>
<logger name="com.morpheus.backup.AbstractBackupJobService" level="INFO"/>
<logger name="com.morpheus.backup.AbstractBackupProviderService" level="INFO"/>
<logger name="com.morpheus.backup.AbstractBackupRestoreService" level="INFO"/>
<logger name="com.morpheus.backup.AbstractBackupService" level="INFO"/>
<logger name="com.morpheus.backup.AbstractReplicationService" level="INFO"/>
<logger name="com.morpheus.backup.BackupExecutionInterface" level="INFO"/>
<logger name="com.morpheus.backup.BackupInterface" level="INFO"/>
<logger name="com.morpheus.backup.BackupJobInterface" level="INFO"/>
<logger name="com.morpheus.backup.BackupJobService" level="INFO"/>
<logger name="com.morpheus.backup.BackupProviderInterface" level="INFO"/>
<logger name="com.morpheus.backup.BackupProviderService" level="INFO"/>
<logger name="com.morpheus.backup.BackupRestoreInterface" level="INFO"/>
<logger name="com.morpheus.backup.BackupRestoreService" level="INFO"/>
<logger name="com.morpheus.backup.BackupService" level="INFO"/>
<logger name="com.morpheus.backup.BackupStatus" level="INFO"/>
<logger name="com.morpheus.backup.BackupStorageService" level="INFO"/>
<logger name="com.morpheus.backup.DirectoryBackupService" level="INFO"/>
<logger name="com.morpheus.backup.FileBackupService" level="INFO"/>
<logger name="com.morpheus.backup.KarmanStorageProviderBackupService" level="INFO"/>
<logger name="com.morpheus.backup.LvmImageBackupService" level="INFO"/>
<logger name="com.morpheus.backup.LvmSnapshotBackupService" level="INFO"/>
<logger name="com.morpheus.backup.MorpheusApplianceBackupService" level="INFO"/>
<logger name="com.morpheus.backup.MorpheusBackupService" level="INFO"/>
<logger name="com.morpheus.backup.MorpheusContainerBackupService" level="INFO"/>
<logger name="com.morpheus.backup.MysqlBackupService" level="INFO"/>
<logger name="com.morpheus.backup.PluginBackupExecutionService" level="INFO"/>
<logger name="com.morpheus.backup.PluginBackupJobService" level="INFO"/>
<logger name="com.morpheus.backup.PluginBackupProviderService" level="INFO"/>
<logger name="com.morpheus.backup.PluginBackupRestoreService" level="INFO"/>
<logger name="com.morpheus.backup.PluginReplicationService" level="INFO"/>
<logger name="com.morpheus.backup.ReplicationInterface" level="INFO"/>
<logger name="com.morpheus.backup.ReplicationService" level="INFO"/>
<logger name="com.morpheus.backup.SqlserverBackupService" level="INFO"/>
<logger name="com.morpheus.backup.TarDirectoryBackupService" level="INFO"/>
<logger name="com.morpheus.BootMacService" level="INFO"/>
<logger name="com.morpheus.builds.AbstractBuildsService" level="INFO"/>
<logger name="com.morpheus.builds.BuildsService" level="INFO"/>
<logger name="com.morpheus.builds.JenkinsBuildsService" level="INFO"/>
<logger name="com.morpheus.CapacityService" level="INFO"/>
<logger name="com.morpheus.CatalogCartService" level="INFO"/>
<logger name="com.morpheus.CatalogItemService" level="INFO"/>
<logger name="com.morpheus.CatalogItemTypeService" level="INFO"/>
<logger name="com.morpheus.certificate.AbstractCertificateService" level="INFO"/>
<logger name="com.morpheus.certificate.MorpheusCertificateService" level="INFO"/>
<logger name="com.morpheus.CertificateService" level="INFO"/>
<logger name="com.morpheus.ChefClientService" level="INFO"/>
<logger name="com.morpheus.cm.ChangeManagementService" level="INFO"/>
<logger name="com.morpheus.cm.CherwellCmService" level="INFO"/>
<logger name="com.morpheus.cmdb.AbstractCmdbService" level="INFO"/>
<logger name="com.morpheus.cmdb.CmdbService" level="INFO"/>
<logger name="com.morpheus.cmdb.RemedyCmdbService" level="INFO"/>
<logger name="com.morpheus.cmdb.ServiceNowCmdbService" level="INFO"/>
<logger name="com.morpheus.code.AbstractCodeService" level="INFO"/>
<logger name="com.morpheus.code.CodeService" level="INFO"/>
<logger name="com.morpheus.code.GitCodeService" level="INFO"/>
<logger name="com.morpheus.code.GithubCodeService" level="INFO"/>
<logger name="com.morpheus.compliance.NVDSyncService" level="INFO"/>
<logger name="com.morpheus.compliance.PackageManagementService" level="INFO"/>
<logger name="com.morpheus.compute.cisco.UcsComputeService" level="INFO"/>
<logger name="com.morpheus.compute.CloudPluginComputeService" level="INFO"/>
<logger name="com.morpheus.compute.ComputeApiService" level="INFO"/>
<logger name="com.morpheus.compute.ComputeServiceInterface" level="INFO"/>
<logger name="com.morpheus.compute.IpmiService" level="INFO"/>
<logger name="com.morpheus.compute.KubernetesComputeService" level="INFO"/>
<logger name="com.morpheus.compute.MaasComputeService" level="INFO"/>
<logger name="com.morpheus.compute.ManualComputeService" level="INFO"/>
<logger name="com.morpheus.compute.OneviewComputeService" level="INFO"/>
<logger name="com.morpheus.compute.SelfManagedComputeService" level="INFO"/>
<logger name="com.morpheus.compute.standard.StandardComputeService" level="INFO"/>
<logger name="com.morpheus.compute.unmanaged.UnmanagedComputeService" level="INFO"/>
<logger name="com.morpheus.compute.vmware.VcloudDirectorComputeService" level="INFO"/>
<logger name="com.morpheus.compute.vmware.VmwareComputeService" level="INFO"/>
<logger name="com.morpheus.ComputeService" level="INFO"/>
<logger name="com.morpheus.container.ActivemqContainerService" level="INFO"/>
<logger name="com.morpheus.container.DockerContainerService" level="INFO"/>
<logger name="com.morpheus.container.DockerContainerUpgradeService" level="INFO"/>
<logger name="com.morpheus.container.ElasticsearchContainerService" level="INFO"/>
<logger name="com.morpheus.container.JavaContainerService" level="INFO"/>
<logger name="com.morpheus.container.MysqlContainerService" level="INFO"/>
<logger name="com.morpheus.container.NodeContainerService" level="INFO"/>
<logger name="com.morpheus.container.PostgresContainerService" level="INFO"/>
<logger name="com.morpheus.container.RedisContainerService" level="INFO"/>
<logger name="com.morpheus.container.SqlserverContainerService" level="INFO"/>
<logger name="com.morpheus.ContainerScriptService" level="INFO"/>
<logger name="com.morpheus.ContainerService" level="INFO"/>
<logger name="com.morpheus.costing.AbstractCostingService" level="INFO"/>
<logger name="com.morpheus.costing.CostingInterface" level="INFO"/>
<logger name="com.morpheus.costing.CostingService" level="INFO"/>
<logger name="com.morpheus.costing.StandardCostingService" level="INFO"/>
<logger name="com.morpheus.CurrencyConversionService" level="INFO"/>
<logger name="com.morpheus.cypher.CypherGORMDatastoreService" level="INFO"/>
<logger name="com.morpheus.cypher.CypherService" level="INFO"/>
<logger name="com.morpheus.DashboardService" level="INFO"/>
<logger name="com.morpheus.DatastoreService" level="INFO"/>
<logger name="com.morpheus.DataViewService" level="INFO"/>
<logger name="com.morpheus.DbSchedulerService" level="INFO"/>
<logger name="com.morpheus.deploy.AbstractDeployService" level="INFO"/>
<logger name="com.morpheus.deploy.AbstractDeployTargetService" level="INFO"/>
<logger name="com.morpheus.deploy.CloudFoundryAppDeployService" level="INFO"/>
<logger name="com.morpheus.deploy.DefaultDeployService" level="INFO"/>
<logger name="com.morpheus.deploy.DockerDeployTargetService" level="INFO"/>
<logger name="com.morpheus.deploy.GrailsDeployService" level="INFO"/>
<logger name="com.morpheus.deploy.IisDeployService" level="INFO"/>
<logger name="com.morpheus.deploy.JbossDeployService" level="INFO"/>
<logger name="com.morpheus.deploy.KubernetesDeployTargetService" level="INFO"/>
<logger name="com.morpheus.deploy.NodeDeployService" level="INFO"/>
<logger name="com.morpheus.deploy.ServerDeployTargetService" level="INFO"/>
<logger name="com.morpheus.deploy.VmDeployTargetService" level="INFO"/>
<logger name="com.morpheus.DeploymentService" level="INFO"/>
<logger name="com.morpheus.discovery.AbstractDiscoveryService" level="INFO"/>
<logger name="com.morpheus.discovery.DatastoreCapacityDiscoveryService" level="INFO"/>
<logger name="com.morpheus.discovery.DiscoveryService" level="INFO"/>
<logger name="com.morpheus.discovery.HostBalancingDiscoveryService" level="INFO"/>
<logger name="com.morpheus.discovery.HostCapacityDiscoveryService" level="INFO"/>
<logger name="com.morpheus.discovery.ReservationRecommendationDiscoveryService" level="INFO"/>
<logger name="com.morpheus.discovery.ShutdownDiscoveryService" level="INFO"/>
<logger name="com.morpheus.discovery.SizeDiscoveryService" level="INFO"/>
<logger name="com.morpheus.dns.AbstractDnsService" level="INFO"/>
<logger name="com.morpheus.dns.BindDnsService" level="INFO"/>
<logger name="com.morpheus.dns.ConsulDnsService" level="INFO"/>
<logger name="com.morpheus.dns.DNSProvider" level="INFO"/>
<logger name="com.morpheus.dns.DnsService" level="INFO"/>
<logger name="com.morpheus.dns.MicrosoftDnsService" level="INFO"/>
<logger name="com.morpheus.dns.PluginDnsService" level="INFO"/>
<logger name="com.morpheus.dns.PowerDnsService" level="INFO"/>
<logger name="com.morpheus.ElasticCleanupService" level="INFO"/>
<logger name="com.morpheus.EnvironmentService" level="INFO"/>
<logger name="com.morpheus.EnvironmentVariableService" level="INFO"/>
<logger name="com.morpheus.ExecuteScheduleTypeService" level="INFO"/>
<logger name="com.morpheus.ExecutionRequestService" level="INFO"/>
<logger name="com.morpheus.export.AccountInvoiceExportService" level="INFO"/>
<logger name="com.morpheus.export.CodeRepositoryExportService" level="INFO"/>
<logger name="com.morpheus.export.DeploymentExportService" level="INFO"/>
<logger name="com.morpheus.export.ExecuteScheduleTypeExportService" level="INFO"/>
<logger name="com.morpheus.export.ExportService" level="INFO"/>
<logger name="com.morpheus.export.InstanceExportService" level="INFO"/>
<logger name="com.morpheus.export.integrations.AdminIntegrationExportService" level="INFO"/>
<logger name="com.morpheus.export.integrations.AutomationIntegrationExportService" level="INFO"/>
<logger name="com.morpheus.export.integrations.BackupIntegrationExportService" level="INFO"/>
<logger name="com.morpheus.export.integrations.CertificateIntegrationExportService" level="INFO"/>
<logger name="com.morpheus.export.integrations.DeployIntegrationExportService" level="INFO"/>
<logger name="com.morpheus.export.integrations.NetworkIntegrationExportService" level="INFO"/>
<logger name="com.morpheus.export.LoadBalancerExpertService" level="INFO"/>
<logger name="com.morpheus.export.LoadBalancerInstancesExportService" level="INFO"/>
<logger name="com.morpheus.export.NetworkDomainExportService" level="INFO"/>
<logger name="com.morpheus.export.NetworkExportService" level="INFO"/>
<logger name="com.morpheus.export.NetworkGroupExportService" level="INFO"/>
<logger name="com.morpheus.export.NetworkPoolExportService" level="INFO"/>
<logger name="com.morpheus.export.NetworkRouterExportService" level="INFO"/>
<logger name="com.morpheus.export.NetworkSecurityGroupExportService" level="INFO"/>
<logger name="com.morpheus.export.PowerScheduleTypeExportService" level="INFO"/>
<logger name="com.morpheus.export.ServerExportService" level="INFO"/>
<logger name="com.morpheus.export.ServerGroupExportService" level="INFO"/>
<logger name="com.morpheus.export.ServicePlanExportService" level="INFO"/>
<logger name="com.morpheus.export.TaskExportService" level="INFO"/>
<logger name="com.morpheus.export.ThresholdExportService" level="INFO"/>
<logger name="com.morpheus.export.UserExportService" level="INFO"/>
<logger name="com.morpheus.export.UserGroupExportService" level="INFO"/>
<logger name="com.morpheus.export.WorkflowExportService" level="INFO"/>
<logger name="com.morpheus.FileCopyRequestService" level="INFO"/>
<logger name="com.morpheus.GlobalSearchService" level="INFO"/>
<logger name="com.morpheus.host.AbstractHostService" level="INFO"/>
<logger name="com.morpheus.host.DockerHostService" level="INFO"/>
<logger name="com.morpheus.host.ExternalKubernetesHostService" level="INFO"/>
<logger name="com.morpheus.host.KubernetesHostService" level="INFO"/>
<logger name="com.morpheus.host.SwarmHostService" level="INFO"/>
<logger name="com.morpheus.HttpClientService" level="INFO"/>
<logger name="com.morpheus.hub.MorpheusHubQueueService" level="INFO"/>
<logger name="com.morpheus.hub.MorpheusHubService" level="INFO"/>
<logger name="com.morpheus.hub.MorpheusHubSyncService" level="INFO"/>
<logger name="com.morpheus.imagebuild.ImageBuildService" level="INFO"/>
<logger name="com.morpheus.ImageCacheService" level="INFO"/>
<logger name="com.morpheus.instance.InstanceUpgradeService" level="INFO"/>
<logger name="com.morpheus.InstanceService" level="INFO"/>
<logger name="com.morpheus.InstanceTypeService" level="INFO"/>
<logger name="com.morpheus.integration.AbstractIntegrationService" level="INFO"/>
<logger name="com.morpheus.integration.CherwellIntegrationService" level="INFO"/>
<logger name="com.morpheus.integration.GitRepoService" level="INFO"/>
<logger name="com.morpheus.integration.RemedyIntegrationService" level="INFO"/>
<logger name="com.morpheus.integration.RunDeckIntegrationService" level="INFO"/>
<logger name="com.morpheus.integration.SalesForceIntegrationService" level="INFO"/>
<logger name="com.morpheus.integration.ScribeService" level="INFO"/>
<logger name="com.morpheus.integration.ServiceNowIntegrationService" level="INFO"/>
<logger name="com.morpheus.integration.TerraformService" level="INFO"/>
<logger name="com.morpheus.jobs.AbstractJobExecutorService" level="INFO"/>
<logger name="com.morpheus.jobs.JobExecutor" level="INFO"/>
<logger name="com.morpheus.jobs.KubernetesJobExecutorService" level="INFO"/>
<logger name="com.morpheus.jobs.SecurityScanExecutorService" level="INFO"/>
<logger name="com.morpheus.jobs.TaskJobExecutorService" level="INFO"/>
<logger name="com.morpheus.jobs.WorkflowJobExecutorService" level="INFO"/>
<logger name="com.morpheus.JobService" level="INFO"/>
<logger name="com.morpheus.KeyPairService" level="INFO"/>
<logger name="com.morpheus.library.LayoutService" level="INFO"/>
<logger name="com.morpheus.LicenseService" level="INFO"/>
<logger name="com.morpheus.LoadBalancerPriceManagerService" level="INFO"/>
<logger name="com.morpheus.LocalizationService" level="INFO"/>
<logger name="com.morpheus.LocalRepoService" level="INFO"/>
<logger name="com.morpheus.log.AbstractLogService" level="INFO"/>
<logger name="com.morpheus.log.LogRhythmLogService" level="INFO"/>
<logger name="com.morpheus.log.SplunkLogService" level="INFO"/>
<logger name="com.morpheus.log.SyslogLogService" level="INFO"/>
<logger name="com.morpheus.LogService" level="INFO"/>
<logger name="com.morpheus.maint.UpdateService" level="INFO"/>
<logger name="com.morpheus.MarketplaceClientService" level="INFO"/>
<logger name="com.morpheus.MarshallService" level="INFO"/>
<logger name="com.morpheus.MetadataTagService" level="INFO"/>
<logger name="com.morpheus.migration.AbstractMigrationService" level="INFO"/>
<logger name="com.morpheus.migration.HypervisorMigrationService" level="INFO"/>
<logger name="com.morpheus.migration.LvmMigrationService" level="INFO"/>
<logger name="com.morpheus.migration.MigrationService" level="INFO"/>
<logger name="com.morpheus.migration.WindowsMigrationService" level="INFO"/>
<logger name="com.morpheus.monitoring.AlerterService" level="INFO"/>
<logger name="com.morpheus.monitoring.AlertRuleService" level="INFO"/>
<logger name="com.morpheus.monitoring.AvailabilityService" level="INFO"/>
<logger name="com.morpheus.monitoring.CheckAgentService" level="INFO"/>
<logger name="com.morpheus.monitoring.IncidentService" level="INFO"/>
<logger name="com.morpheus.monitoring.MonitorAppService" level="INFO"/>
<logger name="com.morpheus.monitoring.MonitorChartingService" level="INFO"/>
<logger name="com.morpheus.monitoring.MonitorCheckManagementService" level="INFO"/>
<logger name="com.morpheus.monitoring.MonitorCheckService" level="INFO"/>
<logger name="com.morpheus.monitoring.MonitoringService" level="INFO"/>
<logger name="com.morpheus.monitoring.MonitorService" level="INFO"/>
<logger name="com.morpheus.monitoring.MorpheusMonitorService" level="INFO"/>
<logger name="com.morpheus.monitoring.NewRelicService" level="INFO"/>
<logger name="com.morpheus.monitoring.ServiceNowService" level="INFO"/>
<logger name="com.morpheus.MorpheusComputeService" level="INFO"/>
<logger name="com.morpheus.MorpheusPackageService" level="INFO"/>
<logger name="com.morpheus.MorpheusSecurityService" level="INFO"/>
<logger name="com.morpheus.MotdService" level="INFO"/>
<logger name="com.morpheus.network.A10LoadBalancerService" level="INFO"/>
<logger name="com.morpheus.network.AbstractLoadBalancerService" level="INFO"/>
<logger name="com.morpheus.network.AbstractNetworkPoolService" level="INFO"/>
<logger name="com.morpheus.network.AbstractNetworkRegistryService" level="INFO"/>
<logger name="com.morpheus.network.AbstractNetworkSecurityService" level="INFO"/>
<logger name="com.morpheus.network.AbstractNetworkService" level="INFO"/>
<logger name="com.morpheus.network.AciNetworkSecurityService" level="INFO"/>
<logger name="com.morpheus.network.AciNetworkService" level="INFO"/>
<logger name="com.morpheus.network.AviLoadBalancerService" level="INFO"/>
<logger name="com.morpheus.network.BluecatNetworkPoolService" level="INFO"/>
<logger name="com.morpheus.network.BootService" level="INFO"/>
<logger name="com.morpheus.network.CitrixNetScalerLoadBalancerService" level="INFO"/>
<logger name="com.morpheus.network.CloudPluginNetworkService" level="INFO"/>
<logger name="com.morpheus.network.ConsulRegistryService" level="INFO"/>
<logger name="com.morpheus.network.ConsulService" level="INFO"/>
<logger name="com.morpheus.network.F5BigIpLoadBalancerService" level="INFO"/>
<logger name="com.morpheus.network.F5LineRateLoadBalancerService" level="INFO"/>
<logger name="com.morpheus.network.FirewallService" level="INFO"/>
<logger name="com.morpheus.network.FortiADCLoadBalancerService" level="INFO"/>
<logger name="com.morpheus.network.HaproxyLoadBalancerService" level="INFO"/>
<logger name="com.morpheus.network.InfobloxNetworkPoolService" level="INFO"/>
<logger name="com.morpheus.network.InternalLoadBalancerService" level="INFO"/>
<logger name="com.morpheus.network.InternalNetworkSecurityService" level="INFO"/>
<logger name="com.morpheus.network.InternalNetworkService" level="INFO"/>
<logger name="com.morpheus.network.IPAMProvider" level="INFO"/>
<logger name="com.morpheus.network.KubernetesRegistryService" level="INFO"/>
<logger name="com.morpheus.network.LoadBalancerService" level="INFO"/>
<logger name="com.morpheus.network.LocalFirewallService" level="INFO"/>
<logger name="com.morpheus.network.MorpheusNetworkPoolService" level="INFO"/>
<logger name="com.morpheus.network.MorpheusRegistryService" level="INFO"/>
<logger name="com.morpheus.network.NetScalerLoadBalancerService" level="INFO"/>
<logger name="com.morpheus.network.NetworkConfigService" level="INFO"/>
<logger name="com.morpheus.network.NetworkPoolService" level="INFO"/>
<logger name="com.morpheus.network.NetworkRegistryService" level="INFO"/>
<logger name="com.morpheus.network.NetworkSecurityService" level="INFO"/>
<logger name="com.morpheus.network.NetworkService" level="INFO"/>
<logger name="com.morpheus.network.NetworkServicesService" level="INFO"/>
<logger name="com.morpheus.network.NutanixNetworkPoolService" level="INFO"/>
<logger name="com.morpheus.network.PaloAltoNetworkService" level="INFO"/>
<logger name="com.morpheus.network.PhpipamNetworkPoolService" level="INFO"/>
<logger name="com.morpheus.network.PluginNetworkPoolService" level="INFO"/>
<logger name="com.morpheus.network.PxeService" level="INFO"/>
<logger name="com.morpheus.network.SolarWindsNetworkPoolService" level="INFO"/>
<logger name="com.morpheus.network.StealthNetworkSecurityService" level="INFO"/>
<logger name="com.morpheus.NetworkDomainService" level="INFO"/>
<logger name="com.morpheus.OauthProviderService" level="INFO"/>
<logger name="com.morpheus.OperationEventService" level="INFO"/>
<logger name="com.morpheus.OptionSourcePluginService" level="INFO"/>
<logger name="com.morpheus.OptionSourceService" level="INFO"/>
<logger name="com.morpheus.OptionTypeListService" level="INFO"/>
<logger name="com.morpheus.OptionTypeService" level="INFO"/>
<logger name="com.morpheus.os.LinuxOsService" level="INFO"/>
<logger name="com.morpheus.os.WindowsOsService" level="INFO"/>
<logger name="com.morpheus.PermissionService" level="INFO"/>
<logger name="com.morpheus.plugin.AbstractPluginProviderManagerService" level="INFO"/>
<logger name="com.morpheus.plugin.backup.BackupProviderPluginManagerService" level="INFO"/>
<logger name="com.morpheus.plugin.backup.MorpheusBackupImplService" level="INFO"/>
<logger name="com.morpheus.plugin.backup.MorpheusBackupJobImplService" level="INFO"/>
<logger name="com.morpheus.plugin.backup.MorpheusBackupRestoreImplService" level="INFO"/>
<logger name="com.morpheus.plugin.backup.MorpheusBackupResultImplService" level="INFO"/>
<logger name="com.morpheus.plugin.backup.MorpheusBackupTypeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.backup.MorpheusReplicationGroupImplService" level="INFO"/>
<logger name="com.morpheus.plugin.backup.MorpheusReplicationImplService" level="INFO"/>
<logger name="com.morpheus.plugin.backup.MorpheusReplicationSiteImplService" level="INFO"/>
<logger name="com.morpheus.plugin.backup.MorpheusReplicationTypeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.compute.MorpheusComputeServerInterfaceImplService" level="INFO"/>
<logger name="com.morpheus.plugin.compute.MorpheusComputeZoneFolderImplService" level="INFO"/>
<logger name="com.morpheus.plugin.compute.MorpheusDatastoreImplService" level="INFO"/>
<logger name="com.morpheus.plugin.costing.MorpheusAccountInvoiceImplService" level="INFO"/>
<logger name="com.morpheus.plugin.costing.MorpheusCostingImplService" level="INFO"/>
<logger name="com.morpheus.plugin.cypher.MorpheusCypherImplService" level="INFO"/>
<logger name="com.morpheus.plugin.integration.MorpheusAccountInventoryImplService" level="INFO"/>
<logger name="com.morpheus.plugin.integration.MorpheusIntegrationImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusAccountCredentialImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusAccountCredentialTypeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusCloudImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusComputePortImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusComputeServerImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusComputeTypeLayoutFactoryImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusComputeTypeSetImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusComputeZonePoolImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusContainerTypeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusContextImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusInstanceImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusMetadataTagImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusMetadataTagTypeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusOperationNotificationImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusOsTypeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusPermissionImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusProcessImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusReportImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusServicePlanImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusSnapshotImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusStatsImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusStorageControllerImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusStorageControllerTypeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusStorageVolumeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusStorageVolumeTypeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusTaskImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusUsageImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusVirtualImageImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusVirtualImageLocationImplService" level="INFO"/>
<logger name="com.morpheus.plugin.MorpheusWikiPageImplService" level="INFO"/>
<logger name="com.morpheus.plugin.network.MorpheusNetworkDomainImplService" level="INFO"/>
<logger name="com.morpheus.plugin.network.MorpheusNetworkDomainRecordImplService" level="INFO"/>
<logger name="com.morpheus.plugin.network.MorpheusNetworkImplService" level="INFO"/>
<logger name="com.morpheus.plugin.network.MorpheusNetworkPoolImplService" level="INFO"/>
<logger name="com.morpheus.plugin.network.MorpheusNetworkPoolIpImplService" level="INFO"/>
<logger name="com.morpheus.plugin.network.MorpheusNetworkPoolRangeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.network.MorpheusNetworkSubnetImplService" level="INFO"/>
<logger name="com.morpheus.plugin.network.MorpheusNetworkTypeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.PluginManagerService" level="INFO"/>
<logger name="com.morpheus.plugin.PluginProviderManagerService" level="INFO"/>
<logger name="com.morpheus.plugin.policy.MorpheusPolicyImplService" level="INFO"/>
<logger name="com.morpheus.plugin.policy.MorpheusPolicyTypeImplService" level="INFO"/>
<logger name="com.morpheus.plugin.provisioning.MorpheusProvisionImplService" level="INFO"/>
<logger name="com.morpheus.plugin.web.MorpheusWebRequestImplService" level="INFO"/>
<logger name="com.morpheus.policy.AbstractPolicyService" level="INFO"/>
<logger name="com.morpheus.policy.BackupStoragePolicyService" level="INFO"/>
<logger name="com.morpheus.policy.MotdPolicyService" level="INFO"/>
<logger name="com.morpheus.policy.NetworkPolicyService" level="INFO"/>
<logger name="com.morpheus.policy.PolicyServiceInterface" level="INFO"/>
<logger name="com.morpheus.policy.StorageBucketQuotaPolicyService" level="INFO"/>
<logger name="com.morpheus.policy.StorageServerQuotaPolicyService" level="INFO"/>
<logger name="com.morpheus.policy.StorageShareQuotaPolicyService" level="INFO"/>
<logger name="com.morpheus.policy.TagCompliancePolicyService" level="INFO"/>
<logger name="com.morpheus.policy.WorkflowPolicyService" level="INFO"/>
<logger name="com.morpheus.PolicyService" level="INFO"/>
<logger name="com.morpheus.PowerScheduleService" level="INFO"/>
<logger name="com.morpheus.PowerScheduleTypeService" level="INFO"/>
<logger name="com.morpheus.PriceManagerService" level="INFO"/>
<logger name="com.morpheus.PricePlanService" level="INFO"/>
<logger name="com.morpheus.ProcessService" level="INFO"/>
<logger name="com.morpheus.ProfileService" level="INFO"/>
<logger name="com.morpheus.project.ProjectService" level="INFO"/>
<logger name="com.morpheus.provision.AbstractBoxProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.AbstractProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.CloudPluginProvisioningService" level="INFO"/>
<logger name="com.morpheus.provision.DockerEngineProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.DockerProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.ExternalProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.HelmProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.IProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.KubernetesProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.MaasProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.ManualProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.OneviewProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.ScribeProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.SelfManagedProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.StandardProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.SwarmProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.TerraformProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.UcsProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.UnmanagedProvisionService" level="INFO"/>
<logger name="com.morpheus.provision.WorkflowProvisionService" level="INFO"/>
<logger name="com.morpheus.ProvisioningService" level="INFO"/>
<logger name="com.morpheus.ProxyService" level="INFO"/>
<logger name="com.morpheus.ReferenceService" level="INFO"/>
<logger name="com.morpheus.report.AbstractReportService" level="INFO"/>
<logger name="com.morpheus.report.AmazonCoverageReportService" level="INFO"/>
<logger name="com.morpheus.report.AmazonSavingsReportService" level="INFO"/>
<logger name="com.morpheus.report.AmazonUtilizationReportService" level="INFO"/>
<logger name="com.morpheus.report.CloudAppCapacityReportService" level="INFO"/>
<logger name="com.morpheus.report.CloudAppUsageReportService" level="INFO"/>
<logger name="com.morpheus.report.CloudCapacityReportService" level="INFO"/>
<logger name="com.morpheus.report.CloudInstanceTypeCapacityReportService" level="INFO"/>
<logger name="com.morpheus.report.CloudInstanceTypeUsageReportService" level="INFO"/>
<logger name="com.morpheus.report.CloudInventoryReportService" level="INFO"/>
<logger name="com.morpheus.report.CloudUsageReportService" level="INFO"/>
<logger name="com.morpheus.report.CostReportService" level="INFO"/>
<logger name="com.morpheus.report.InventoryReportService" level="INFO"/>
<logger name="com.morpheus.report.InvoiceReportService" level="INFO"/>
<logger name="com.morpheus.report.MigrationReportService" level="INFO"/>
<logger name="com.morpheus.report.PluginReportService" level="INFO"/>
<logger name="com.morpheus.report.ReportService" level="INFO"/>
<logger name="com.morpheus.report.TenantUsageReportService" level="INFO"/>
<logger name="com.morpheus.report.TimeSeriesCostReportService" level="INFO"/>
<logger name="com.morpheus.RoleService" level="INFO"/>
<logger name="com.morpheus.RpcService" level="INFO"/>
<logger name="com.morpheus.scale.AbstractScaleService" level="INFO"/>
<logger name="com.morpheus.scale.MorpheusScaleService" level="INFO"/>
<logger name="com.morpheus.ScaleService" level="INFO"/>
<logger name="com.morpheus.scribe.ScribeLibraryService" level="INFO"/>
<logger name="com.morpheus.ScriptConfigService" level="INFO"/>
<logger name="com.morpheus.sdn.AbstractSdnService" level="INFO"/>
<logger name="com.morpheus.sdn.MorpheusSdnService" level="INFO"/>
<logger name="com.morpheus.sdn.OvsService" level="INFO"/>
<logger name="com.morpheus.sdn.VethSdnService" level="INFO"/>
<logger name="com.morpheus.security.AbstractSecurityScanService" level="INFO"/>
<logger name="com.morpheus.security.ScapScanService" level="INFO"/>
<logger name="com.morpheus.security.SecurityScanService" level="INFO"/>
<logger name="com.morpheus.SecurityGroupService" level="INFO"/>
<logger name="com.morpheus.SequenceService" level="INFO"/>
<logger name="com.morpheus.ServerScriptService" level="INFO"/>
<logger name="com.morpheus.ServerService" level="INFO"/>
<logger name="com.morpheus.ServicePlanService" level="INFO"/>
<logger name="com.morpheus.SettingsService" level="INFO"/>
<logger name="com.morpheus.SetupService" level="INFO"/>
<logger name="com.morpheus.SiteService" level="INFO"/>
<logger name="com.morpheus.SnapshotPriceManagerService" level="INFO"/>
<logger name="com.morpheus.SnapshotService" level="INFO"/>
<logger name="com.morpheus.StatsService" level="INFO"/>
<logger name="com.morpheus.StatusService" level="INFO"/>
<logger name="com.morpheus.storage.AbstractStorageServerService" level="INFO"/>
<logger name="com.morpheus.storage.AbstractStorageService" level="INFO"/>
<logger name="com.morpheus.storage.BasicStorageService" level="INFO"/>
<logger name="com.morpheus.storage.CephStorageService" level="INFO"/>
<logger name="com.morpheus.storage.EcsStorageService" level="INFO"/>
<logger name="com.morpheus.storage.IsilonStorageService" level="INFO"/>
<logger name="com.morpheus.storage.KubernetesStorageService" level="INFO"/>
<logger name="com.morpheus.storage.NfsStorageService" level="INFO"/>
<logger name="com.morpheus.storage.QnapFileStationService" level="INFO"/>
<logger name="com.morpheus.storage.StorageServerService" level="INFO"/>
<logger name="com.morpheus.storage.StorageVolumeService" level="INFO"/>
<logger name="com.morpheus.storage.ThreeParStorageService" level="INFO"/>
<logger name="com.morpheus.StorageProviderService" level="INFO"/>
<logger name="com.morpheus.SubAccountService" level="INFO"/>
<logger name="com.morpheus.task.AbstractTaskService" level="INFO"/>
<logger name="com.morpheus.task.AnsibleTaskService" level="INFO"/>
<logger name="com.morpheus.task.AnsibleTowerTaskService" level="INFO"/>
<logger name="com.morpheus.task.ChefTaskService" level="INFO"/>
<logger name="com.morpheus.task.ContainerScriptTaskService" level="INFO"/>
<logger name="com.morpheus.task.ContainerTemplateTaskService" level="INFO"/>
<logger name="com.morpheus.task.EmailTaskService" level="INFO"/>
<logger name="com.morpheus.task.ExecutableTaskInterface" level="INFO"/>
<logger name="com.morpheus.task.GroovyTaskService" level="INFO"/>
<logger name="com.morpheus.task.HttpTaskService" level="INFO"/>
<logger name="com.morpheus.task.JavascriptTaskService" level="INFO"/>
<logger name="com.morpheus.task.JRubyTaskService" level="INFO"/>
<logger name="com.morpheus.task.LocalScriptTaskService" level="INFO"/>
<logger name="com.morpheus.task.PuppetTaskService" level="INFO"/>
<logger name="com.morpheus.task.PythonTaskService" level="INFO"/>
<logger name="com.morpheus.task.RestartTaskService" level="INFO"/>
<logger name="com.morpheus.task.ShellTaskService" level="INFO"/>
<logger name="com.morpheus.task.TaskConfigService" level="INFO"/>
<logger name="com.morpheus.task.TaskService" level="INFO"/>
<logger name="com.morpheus.task.VroTaskService" level="INFO"/>
<logger name="com.morpheus.task.WinrmTaskService" level="INFO"/>
<logger name="com.morpheus.task.WriteAttributesTaskService" level="INFO"/>
<logger name="com.morpheus.trust.AbstractCredentialService" level="INFO"/>
<logger name="com.morpheus.trust.CredentialProvider" level="INFO"/>
<logger name="com.morpheus.trust.CredentialService" level="INFO"/>
<logger name="com.morpheus.trust.CypherCredentialService" level="INFO"/>
<logger name="com.morpheus.trust.InternalCredentialService" level="INFO"/>
<logger name="com.morpheus.trust.PluginCredentialService" level="INFO"/>
<logger name="com.morpheus.UsageLimitService" level="INFO"/>
<logger name="com.morpheus.UserGroupService" level="INFO"/>
<logger name="com.morpheus.UserManagementService" level="INFO"/>
<logger name="com.morpheus.vdi.VdiAppService" level="INFO"/>
<logger name="com.morpheus.vdi.VdiGatewayService" level="INFO"/>
<logger name="com.morpheus.vdi.VdiPoolService" level="INFO"/>
<logger name="com.morpheus.VirtualImagePriceManagerService" level="INFO"/>
<logger name="com.morpheus.VirtualImageService" level="INFO"/>
<logger name="com.morpheus.WikiPageService" level="INFO"/>
<logger name="com.morpheus.worker.DistributedWorkerService" level="INFO"/>
<logger name="com.morpheus.ZoneFolderService" level="INFO"/>
<logger name="com.morpheus.ZoneMarketplaceService" level="INFO"/>
<logger name="com.morpheus.ZonePoolService" level="INFO"/>
<logger name="com.morpheus.ZoneRegionService" level="INFO"/>
<logger name="com.morpheus.ZoneService" level="INFO"/>

Audit logs

  1. To set up CEF/SIEM auditing export, add the below appender above or below the other appenders in the logback.xml configuration file:

      <appender name="AUDIT" class="ch.qos.logback.core.rolling.RollingFileAppender">
          <file>/var/log/morpheus/morpheus-ui/audit.log</file>
          <rollingPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedRollingPolicy">
              <fileNamePattern>audit.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
                <maxFileSize>50MB</maxFileSize>
                <maxHistory>30</maxHistory>
          </rollingPolicy>
          <encoder>
              <pattern>[%d] [%thread] %-5level %logger{15} - %maskedMsg %n</pattern>
          </encoder>
      </appender>
    
    
    .. note:: ``maxFileSize`` and ``maxHistory`` values can be updated as needed.
    
  2. Add the below logger above or below the other loggers in the logback.xml configuration file (make sure it is below, not above, the appender from the previous step or an error will occur):

    <logger name="com.morpheus.AuditLogService" level="INFO" additivity="false">
        <appender-ref ref="AUDIT" />
    </logger>
    
  3. Once you have done this, you need to restart the Morpheus Application server:

    morpheus-ctl stop morpheus-ui
    

    Note

    Please be aware this will stop the web interface for Morpheus.

  4. Once the service has stopped enter the following at the xml prompt to restart (if the service does not stop, replace stop with graceful-kill and retry)

    morpheus-ctl start morpheus-ui
    
  5. To know when the UI is up and running you can run the following command

    morpheus-ctl tail morpheus-ui
    

    Once you see the ASCI art show up you will be able to log back into the User Interface. A new audit file will have been created called audit.log and will found in the default Morpheus log path which is /var/log/morpheus/morpheus-ui/

This is only an example and other configurations are possible, such as creating an appender definition for your SIEM audit database product.

IPv6

Overview

There may be situations where instances only have IPv6 routing available. Morpheus fully supports IPv6 for the appliance and agent comms.

To enable IPv6 listener on the Morpheus appliance, you must modify the NGINX listeners.

Configuring NGINX Listeners

  1. Confirm IPv6 is enabled and IP address is applied within the Morpheus underlying OS.

  2. Modify the /opt/morpheus/embedded/nginx/conf/sites-available/morpheus.conf file, and add the following listerning under the server block at the top:

    listen [::]:80;
    
  3. Modify the /opt/morpheus/embedded/nginx/conf/sites-available/morpheus-ssl.conf file, and add the following listerning under the server block at the top:

    listen [::]:443 ssl;
    
  4. Restart the NGINX service:

    morpheus-ctl restart nginx
    
    ok: run: nginx: (pid 47868) 0s
    
  5. The site should now be resolvable via IPv6. To test you should be able to do the following:

    curl -k -6 https://[<IPv6 Address>]/ping
    
    MORPHEUS PING