vSTREAM Agent on Linux

Introduction

This is a simplified installation procedure that has been thoroughly tested by our engineers on virtual as well as physical host.

A complete and detailed installation guide is available on MyNetscout.

 

Solution

 

Starting with release 6.2.1, vStream Agent is an entirely new product and must be installed as a fresh release. Legacy vScout and vStream Embedded agents cannot be upgraded to vStream Agent and MUST be removed. vStream Agent requires a different type of license than vScout and vSTREAM Embedded.

 

This article applies to vSTREAM Agent versions 6.2.1 and above. For vSTREAM Embedded version 6.2.0 and below, read the article vSTREAM Embedded on Linux.

 

Before you install

Some considerations before we start:

• You don't want to use NetScout's default communication ports as they are relatively common and could be in use on the host, now or in the future.
• You want to see the name of the agent in Device Configuration to reflect the host's name.
• You know the IP address of the nGeniusONE Server (NGS). 
• You are familiar with nGeniusONE
• You are familiar with Linux CLI

 

Dependensies

The installation requires tar to be installed on the target host.  If this is not the case, install it by running:

yum -y install tar

 

Firewall

These communication are required.  Make sure they are allowed by every firewall in the path between the host running vStream Agent and NGS:

From NGS to vStream Agent (basic communication = required):

• tcp/7080
• tcp/7443
• tcp/7501

From vStream Agent to NGS

• udp/395 

From vStream Agent to any Next Generation InfiniStream NG

• GRE (IP protocol number 47) or udp/50100

 

Pre-configuration considerations

• vSTREAM Agent offers the posibility to store application session detailed records (ASR) and data packets on the host itself.  The amount of disk space used for this purpose is restricted; it must be at least 1GB/10GB respectively.  Any value configured below this value will effecitvely disable that functionality.  We recommend to start with 1GB and 10GB for the XDR store and packet store respectivily.  
• vSTREAM Agent can monitor more than one interface and those interfaces can be different from the interface used to communicate with NGS and NGIS.

In the example below:

• vStream Agent will be configured with a 1GB ASR store (smaller sizes will effectively disable the local ASR store)
• vStream Agent will be configured with a 10GB Packet store (smaller sizes will effectively disable the local packet store)
• Interface eth0 is used as both management (MAN) and monitor (MON) interface
• vStream Agent is allowed to use 2vCPU and 2GB of memory on the host

 

From 1 to 16 vCPU can be assigned to vStream Agent to spread the load workload among each processor but at the cost of additional licenses. Valid ranges for allocated memory are 1024, 2048, 4096, 8192, 10240, 12288, 14336 and 16384).

 

Keep in mind that VSTA uses up to the equivalent of 100% of the number of vCPUs assigned to it. VSTA processes may appear on more than the number of vCPUs assigned, but the total usage will never exceed 100% of the total vCPUs assigned.

 

Create storage path for packet and XDR

The path where to store XDR records and packets must be created upfront.  In our example, we decided to use /opt/nsagentstrore for that matter:

mkdir /opt/nsagentstore

 

 

 

 

Create configuration files

Create the file /tmp/nsagent_config.cfg with the follwing content.  Replace <IP_NGS> with the IP address of NGS:

export NSCOMM_PORT=395
export NSCONSOLE_PORT=7501
export HTTP_PORT=7080
export HTTPS_PORT=7443
export MON_INF=eth2,eth3
export MGMT_INF=eth0
export NUM_CPUS=2
export MEM_SIZE=4096
export PROMISC_MODE=on
export PERF_ACCL=on
export STORAGE_PATH=/opt/nsagentstore
export XDRSTORE_SIZE=1000
export PKTSTORE_SIZE=10000
export NUM_FWD_CPUS=1

Create the file /tmp/nsprobeid with the following content. Replace HOSTNAME with the actual hostname or any string value you need to proper identify this vSTREAM Enbedden in nGeniusONE. The name can be up to 127 characters long.  It can only contain alphanumerical characters, period (.) and hyphen (-). NO SPACES, NO UNDERSCORE (_), NO SPECIAL CHARACTERS:

nmcli general hostname > /tmp/nsprobeid

 

 

 

Installation

Place the most recent version and build of the *.rpm in the /tmp directory on the host. We recommend to keep the original file name for future reference.

# cd /opt
# wget https://comcert.box.com/shared/static/something.rpm
# mv something.rpm is-6210-xxx-vSTREAM_agent.x86_64.rpm
# md5sum is-62xx-xxx-vSTREAM_agent.x86_64.rpm

Run the rpm. There are no dependencies to be installed. If you omit the --prefix argument, the installation directory will be /usr/lib/NetScout/.  If you specify for example --prefix=/opt vSTREAM Embedded will be installed in /opt/NetScout/

rpm -ivh is-62xx-xxx-vSTREAM_agent.x86_64.rpm --prefix=/opt 

 

Post install tasks/issues

Modify datastore ownership

chown -R ngenius:ngenius /opt/nsagentstore

Vstream may not be running (6.3.3-835)

systemctl start vstream

Do not enable the vstream service on NSE.  Start vstream manually after reboot.

 

Test

Check if the vSTREAM Agent service is running:

# systemctl status vstream

Stop/Start/Restart the service:

# systemctl stop vstream
# systemctl start vstream

[or]

# systemctl restart vstream

 

Clean-up

We recommend removing all the temporary configuration files from the /tmp direcotory after verification.  These files cannot be used to reconfigure the agent.

 

Modifying the configuration

To modify the configuration, edit this file and restart the agent:

# vi /usr/lib/NetScout/rtm/config/nsagent_config.cfg

 

Uninstall

If for any reason the agent needs to be uninstalled, run the following command:

# cd /usr/lib/NetScout/rtm/bin
# ./vstream_uninstall.sh

 

 

Co-Resident vStream on NG1

Starting from version 6.3.5 a co-resident vStream Agent is included in the installation. The vStream Agent will be automatically installed when the server is equipped with more than 64GB of memory.

 

Uninstall

It is not possible to deselect the installation of vStream Agent during the initial setup of NG1. However, when the installation concludes successfully, it is possible to remove the vStream Agent.

# cd /usr/lib/NetScout/rtm/bin
# ./vstream_uninstall.sh

Once it has been removed from the server, it can't be re-installed!

 

 

Configure

On the VPMA appliances the co-resident vStream Agent appears in the Device Manager, but it won't run. This can be fixed by editing the nsagent_config.cfg file.

# cd /usr/lib/NetScout/rtm/configdata
# vi nsagent_config.cfg

Now, alter the MON_INF and MGMT_INF directives and reboot the server. Modify "eth0" into "ens192"

# pmbin
# ./PS
# ./stop
# systemctl reboot

Once the server is powered up, manually delete the nGenius Probe from Device Manager. Now, add it back using the IP address of the NIC. (Don't use 127.0.0.1) Please note that this vStream Agent communicates through port HTTPS/9443.

 

Limitations

This ME can't be used in conjunction with the module Packet Analysis