vSTREAM Agent on Linux: Difference between revisions

From wiki.comcert.com
Jump to navigation Jump to search
(Created page with " == Introduction == This is a simplified installation procedure that has been thoroughly tested by our engineers on virtual as well as physical host. A complete and detailed...")
 
No edit summary
 
(64 intermediate revisions by the same user not shown)
Line 9: Line 9:


== Solution ==
== Solution ==
 
{{#invoke:Message box|ambox |type=speedy|text=Starting with release 6.2.1, vStream Agent is an entirely new product and must be installed as a fresh release. Legacy vScout and vStream Embedded agents cannot be upgraded to vStream Agent and MUST be removed. vStream Agent requires a different type of license than vScout and vSTREAM Embedded.}}
 
{{#invoke:Message box|ambox |type=content|text=This article applies to vSTREAM Agent versions 6.2.1 and above. For vSTREAM Embedded version 6.2.0 and below, read the article [[vSTREAM_Embedded_on_Linux|vSTREAM Embedded on Linux]].}}
 


=== Before you install ===
=== Before you install ===
Line 14: Line 24:
Some considerations before we start:
Some considerations before we start:


*We don't want to use Netscout's default communication ports as they are reltively common and could be in use on the host, now or in the future.  
*You don't want to use NetScout's default communication ports as they are relatively common and could be in use on the host, now or in the future.  
*We prefer using the hostname to identify the vSTREAM Agent in Device Configuration.  
*You want to see the name of the agent in Device Configuration to reflect the host's name.  
*We know the IP address of the nGeniusONE Server.  
*You know the IP address of the nGeniusONE Server (NGS). 
*You are familiar with nGeniusONE
*You are familiar with Linux CLI
 
 
 
=== Dependensies ===
 
The installation requires tar to be installed on the target host.  If this is not the case, install it by running:
<pre>yum -y install tar</pre>


&nbsp;
&nbsp;
Line 22: Line 41:
=== Firewall ===
=== Firewall ===


Before you start, make sure these ports are open between the host, nGenius Server (NGS) and InfiniStreamNG (IS-NG or vSTREAM-STL).&nbsp; The host is the server you install vSTREAM-EMB on.
These communication are required.&nbsp; Make sure they are allowed by every firewall in the path between the host running vStream Agent and NGS:


From NGS to host:
From NGS to vStream Agent (basic communication = <u>required</u>):


*tcp/7080  
*tcp/7080  
Line 30: Line 49:
*tcp/7501  
*tcp/7501  


From host to NGS:
From vStream Agent to NGS


*udp/395&nbsp;  
*udp/395&nbsp;  


Between host and InfiniStreamNG:
From vStream Agent to any Next Generation InfiniStream <u>NG</u>
 
*GRE (IP protocol number 47) or&nbsp;udp/50100
 
&nbsp;
 
=== Pre-configuration considerations ===
 
*vSTREAM Agent offers the posibility to store application session detailed records (ASR) and data packets on the host itself.&nbsp; The amount of disk space used for this purpose is restricted; it must be at least 1GB/10GB respectively.&nbsp; Any value configured below this value will effecitvely&nbsp;disable that functionality.&nbsp; We recommend to start with 1GB and 10GB for the XDR store and packet store respectivily.&nbsp;&nbsp;
*vSTREAM&nbsp;Agent can monitor more than one interface and those interfaces can be different from the interface used to communicate with NGS and NGIS.
 
In the example below:
 
*vStream Agent will be&nbsp;configured with a 1GB ASR store (<u>smaller sizes will effectively disable the local ASR store</u>)
*vStream Agent will be&nbsp;configured with a 10GB Packet store&nbsp;(<u>smaller sizes will effectively disable the local packet store</u>)
*Interface eth0 is used as&nbsp;both management (MAN) and monitor (MON) interface
*vStream Agent is allowed to use 2vCPU and 2GB of memory on&nbsp;the host  
 
&nbsp;
 
From 1 to 16 vCPU can be assigned to vStream Agent to spread the load workload among each processor but at the cost of additional licenses. Valid ranges for allocated memory are 1024, 2048, 4096, 8192, 10240, 12288, 14336 and 16384).
 
&nbsp;
 
{{#invoke:Message box|ambox |type=content|text=Keep in mind that VSTA uses up to the equivalent of 100% of the number of vCPUs assigned to it. VSTA processes may appear on more than the number of vCPUs assigned, but the total usage will never exceed 100% of the total vCPUs assigned.}}
 
&nbsp;
 
=== Create storage path for packet and XDR ===
 
The path where to store XDR records and packets must be created upfront.&nbsp; In our example, we decided to use /opt/nsagentstrore for that matter:
<pre>mkdir /opt/nsagentstore
</pre>


*GRE (IP protocol number 47) or udp/50100
&nbsp;


&nbsp;
&nbsp;


=== Pre-configuration files ===
&nbsp;


Login as root or sudo to root.
&nbsp;


Create a file /tmp/nsagent_config.cfg with the following content. Replace A.B.C.D with the IP address of the nGeniusONE (Local) Server.
=== Create configuration files ===
<pre># vi /tmp/nsagent_config.cfg


export NSCOMM_PORT=395
Create the&nbsp;file <code>/tmp/nsagent_config.cfg</code>&nbsp;with the follwing content.&nbsp; Replace <IP_NGS> with the IP address of NGS:
<pre>export NSCOMM_PORT=395
export NSCONSOLE_PORT=7501
export NSCONSOLE_PORT=7501
export HTTP_PORT=7080
export HTTP_PORT=7080
export HTTPS_PORT=7443
export HTTPS_PORT=7443
export NSCONFIG_SERVER_IP=A.B.C.D
export MON_INF=eth2,eth3
export MGMT_INF=eth0
export NUM_CPUS=2
export MEM_SIZE=4096
export PROMISC_MODE=on
export PERF_ACCL=on
export STORAGE_PATH=/opt/nsagentstore
export XDRSTORE_SIZE=1000
export PKTSTORE_SIZE=10000
export NUM_FWD_CPUS=1
</pre>
 
Create the file <code>/tmp/nsprobeid</code> with the following content. Replace HOSTNAME with the actual hostname or any string value you need to proper identify this vSTREAM Enbedden in nGeniusONE. The name can be up to 127 characters long.&nbsp; It can only contain alphanumerical characters, period (.) and hyphen (-). NO SPACES, NO UNDERSCORE (_), NO SPECIAL CHARACTERS:
<pre>nmcli general hostname > /tmp/nsprobeid
</pre>


(save and exit with ":wq")</pre>
&nbsp;


<span style="background-color:#FFFF00">You MUST specify all four communication ports in this file.&nbsp; Respect the syntax.&nbsp; Failure to do so will make the installation return to its default values.&nbsp;</span>
&nbsp;


Create the file /tmp/nsprobeid with the following content. Replace HOSTNAME with the actual hostname or any string value you need to proper identify this vSTREAM Enbedden in nGeniusONE. The name can be up to 127 characters long.&nbsp; It can only contain alphanumerical characters, period (.) and hyphen (-), NO SPACES, NO UNDERSCORE (_), NO SPECIAL CHARACTERS&nbsp;!
&nbsp;
<pre># vi /tmp/nsprobeid


HOSTNAME
=== Installation ===


(save and exit with ":wq")</pre>
Place the most recent version and build of the <code>*.rpm</code> in the <code>/tmp</code> directory on the host. We recommend&nbsp;to keep the original file name for future reference.
<pre># cd /opt
# wget https://comcert.box.com/shared/static/something.rpm
# mv something.rpm is-6210-xxx-vSTREAM_agent.x86_64.rpm
# md5sum is-62xx-xxx-vSTREAM_agent.x86_64.rpm
</pre>


<span style="background-color:#FFFF00">Both files MUST have "0644" rights and be owned by "root:root".&nbsp; This should already be the case.</span>
Run the rpm. There are no dependencies to be installed. If you omit the <code>--prefix</code> argument, the installation directory will be <code>/usr/lib/NetScout/</code>.&nbsp; If you specify for example <code>--prefix=/opt</code>&nbsp;vSTREAM Embedded will be installed in <code>/opt/NetScout/</code>
<pre>rpm -ivh is-62xx-xxx-vSTREAM_agent.x86_64.rpm --prefix=/opt
</pre>


&nbsp;
&nbsp;


=== Installation ===
=== Post install tasks/issues ===
 
Modify datastore ownership
<pre>chown -R ngenius:ngenius /opt/nsagentstore
</pre>


Copy the most recent version of the rpm to the /tmp directory on the target host. It is recommended to keep the original file name for reference.
Vstream may not be running (6.3.3-835)
<pre># cd /tmp
<pre>systemctl start vstream
# wget https://comcert.box.com/shared/static/something.rpm
# mv something.rpm is-6110-668-vSTREAM_EMB.x86_64.rpm
# md5sum is-6110-668-vSTREAM_EMB.x86_64.rpm
</pre>
</pre>


Run the rpm. There are no dependencies to be installed. If you omit the --prefix argument, the installation directory will be /usr/lib/NetScout/.&nbsp; If you specify for example "--prefix=/opt" vSTREAM Embedded will be installed in /opt/NetScout/
<span style="background-color:#FFFF00;">Do not enable the vstream service on NSE.&nbsp; Start vstream manually after reboot.</span>
<pre># yum localinstall is-6110-668-vSTREAM_EMB.x86_64.rpm --nogpgcheck --prefix=<target directory></pre>
 
&nbsp;
 
=== Test ===
 
Check if the vSTREAM&nbsp;Agent service is running:
<pre># systemctl status vstream</pre>
 
Stop/Start/Restart the service:
<pre># systemctl stop vstream
# systemctl start vstream
 
[or]
 
# systemctl restart vstream</pre>


&nbsp;
&nbsp;
Line 84: Line 170:
=== Clean-up ===
=== Clean-up ===


<span style="background-color:#FFFF00">Remove all installation and configuration files from the /tmp directory immediately after verifying if the vSTREAM Embedded is working properly.</span>
We recommend removing all the temporary configuration files from the /tmp direcotory after verification.&nbsp; These files cannot be used to reconfigure the agent.
 
&nbsp;
 
=== Modifying the configuration ===
 
To modify the configuration, edit this file and restart the agent:
<pre># vi /usr/lib/NetScout/rtm/config/nsagent_config.cfg
</pre>
 
&nbsp;
 
=== Uninstall ===
 
If for any reason the agent needs to be uninstalled, run the following command:
<pre># cd /usr/lib/NetScout/rtm/bin
# ./vstream_uninstall.sh
</pre>


&nbsp;
&nbsp;


=== Service ===
&nbsp;


Check if the vSCOUT-Emb service is running:
== Co-Resident vStream&nbsp;on NG1 ==
<pre># systemctl status vstream-emb</pre>


Stop/Start/Restart the service with the following commands:
Starting from version 6.3.5 a co-resident vStream Agent is included in the installation. The vStream Agent will be automatically installed when&nbsp;the server is equipped with more than 64GB of memory.
<pre># systemctl stop vstream-emb
# systemctl start vstream-emb
or
# systemctl restart vstream-emb</pre>


&nbsp;
&nbsp;


=== Clean-up ===
=== Uninstall ===
 
It is not possible to deselect the installation of vStream Agent during the initial setup of NG1. However, when the installation concludes successfully, it is possible to remove the vStream Agent.
<pre># cd /usr/lib/NetScout/rtm/bin
# ./vstream_uninstall.sh
</pre>
 
{{#invoke:Message box|ambox |type=content|text=Once it has been removed from the server, it can't be re-installed!}}


We recommend removing all the files from the /tmp direcotory immediately after verification.
&nbsp;


&nbsp;
&nbsp;


=== Modifying the configuration ===


If for any reason the configuration needs to be modified, edit this file and restart the agent.
=== Configure ===
<pre># vi <target directory>/NetScout/rtm/config/nsagent_config.cfg
 
On the VPMA appliances the co-resident vStream Agent appears in the Device Manager, but it won't run. This can be fixed by editing the nsagent_config.cfg file.
<pre># cd /usr/lib/NetScout/rtm/configdata
# vi nsagent_config.cfg
</pre>
 
Now, alter the MON_INF and MGMT_INF directives and reboot the server. Modify "eth0" into "ens192"
<pre># pmbin
# ./PS
# ./stop
# systemctl reboot
</pre>
 
Once the server is powered up, manually delete the nGenius Probe from Device Manager. Now, add it back using the IP address of the NIC. (Don't use 127.0.0.1) Please note that this vStream Agent communicates through port HTTPS/9443.
 
&nbsp;
 
=== Limitations ===


(save and exit with ":wq")</pre>
This ME can't be used in conjunction with the module Packet Analysis

Latest revision as of 15:12, 23 February 2024

Introduction

This is a simplified installation procedure that has been thoroughly tested by our engineers on virtual as well as physical host.

A complete and detailed installation guide is available on MyNetscout.

 

Solution

 

 

 

Before you install

Some considerations before we start:

  • You don't want to use NetScout's default communication ports as they are relatively common and could be in use on the host, now or in the future.
  • You want to see the name of the agent in Device Configuration to reflect the host's name.
  • You know the IP address of the nGeniusONE Server (NGS). 
  • You are familiar with nGeniusONE
  • You are familiar with Linux CLI

 

Dependensies

The installation requires tar to be installed on the target host.  If this is not the case, install it by running:

yum -y install tar

 

Firewall

These communication are required.  Make sure they are allowed by every firewall in the path between the host running vStream Agent and NGS:

From NGS to vStream Agent (basic communication = required):

  • tcp/7080
  • tcp/7443
  • tcp/7501

From vStream Agent to NGS

  • udp/395 

From vStream Agent to any Next Generation InfiniStream NG

  • GRE (IP protocol number 47) or udp/50100

 

Pre-configuration considerations

  • vSTREAM Agent offers the posibility to store application session detailed records (ASR) and data packets on the host itself.  The amount of disk space used for this purpose is restricted; it must be at least 1GB/10GB respectively.  Any value configured below this value will effecitvely disable that functionality.  We recommend to start with 1GB and 10GB for the XDR store and packet store respectivily.  
  • vSTREAM Agent can monitor more than one interface and those interfaces can be different from the interface used to communicate with NGS and NGIS.

In the example below:

  • vStream Agent will be configured with a 1GB ASR store (smaller sizes will effectively disable the local ASR store)
  • vStream Agent will be configured with a 10GB Packet store (smaller sizes will effectively disable the local packet store)
  • Interface eth0 is used as both management (MAN) and monitor (MON) interface
  • vStream Agent is allowed to use 2vCPU and 2GB of memory on the host

 

From 1 to 16 vCPU can be assigned to vStream Agent to spread the load workload among each processor but at the cost of additional licenses. Valid ranges for allocated memory are 1024, 2048, 4096, 8192, 10240, 12288, 14336 and 16384).

 

 

Create storage path for packet and XDR

The path where to store XDR records and packets must be created upfront.  In our example, we decided to use /opt/nsagentstrore for that matter:

mkdir /opt/nsagentstore

 

 

 

 

Create configuration files

Create the file /tmp/nsagent_config.cfg with the follwing content.  Replace <IP_NGS> with the IP address of NGS:

export NSCOMM_PORT=395
export NSCONSOLE_PORT=7501
export HTTP_PORT=7080
export HTTPS_PORT=7443
export MON_INF=eth2,eth3
export MGMT_INF=eth0
export NUM_CPUS=2
export MEM_SIZE=4096
export PROMISC_MODE=on
export PERF_ACCL=on
export STORAGE_PATH=/opt/nsagentstore
export XDRSTORE_SIZE=1000
export PKTSTORE_SIZE=10000
export NUM_FWD_CPUS=1

Create the file /tmp/nsprobeid with the following content. Replace HOSTNAME with the actual hostname or any string value you need to proper identify this vSTREAM Enbedden in nGeniusONE. The name can be up to 127 characters long.  It can only contain alphanumerical characters, period (.) and hyphen (-). NO SPACES, NO UNDERSCORE (_), NO SPECIAL CHARACTERS:

nmcli general hostname > /tmp/nsprobeid

 

 

 

Installation

Place the most recent version and build of the *.rpm in the /tmp directory on the host. We recommend to keep the original file name for future reference.

# cd /opt
# wget https://comcert.box.com/shared/static/something.rpm
# mv something.rpm is-6210-xxx-vSTREAM_agent.x86_64.rpm
# md5sum is-62xx-xxx-vSTREAM_agent.x86_64.rpm

Run the rpm. There are no dependencies to be installed. If you omit the --prefix argument, the installation directory will be /usr/lib/NetScout/.  If you specify for example --prefix=/opt vSTREAM Embedded will be installed in /opt/NetScout/

rpm -ivh is-62xx-xxx-vSTREAM_agent.x86_64.rpm --prefix=/opt 

 

Post install tasks/issues

Modify datastore ownership

chown -R ngenius:ngenius /opt/nsagentstore

Vstream may not be running (6.3.3-835)

systemctl start vstream

Do not enable the vstream service on NSE.  Start vstream manually after reboot.

 

Test

Check if the vSTREAM Agent service is running:

# systemctl status vstream

Stop/Start/Restart the service:

# systemctl stop vstream
# systemctl start vstream

[or]

# systemctl restart vstream

 

Clean-up

We recommend removing all the temporary configuration files from the /tmp direcotory after verification.  These files cannot be used to reconfigure the agent.

 

Modifying the configuration

To modify the configuration, edit this file and restart the agent:

# vi /usr/lib/NetScout/rtm/config/nsagent_config.cfg

 

Uninstall

If for any reason the agent needs to be uninstalled, run the following command:

# cd /usr/lib/NetScout/rtm/bin
# ./vstream_uninstall.sh

 

 

Co-Resident vStream on NG1

Starting from version 6.3.5 a co-resident vStream Agent is included in the installation. The vStream Agent will be automatically installed when the server is equipped with more than 64GB of memory.

 

Uninstall

It is not possible to deselect the installation of vStream Agent during the initial setup of NG1. However, when the installation concludes successfully, it is possible to remove the vStream Agent.

# cd /usr/lib/NetScout/rtm/bin
# ./vstream_uninstall.sh

 

 


Configure

On the VPMA appliances the co-resident vStream Agent appears in the Device Manager, but it won't run. This can be fixed by editing the nsagent_config.cfg file.

# cd /usr/lib/NetScout/rtm/configdata
# vi nsagent_config.cfg

Now, alter the MON_INF and MGMT_INF directives and reboot the server. Modify "eth0" into "ens192"

# pmbin
# ./PS
# ./stop
# systemctl reboot

Once the server is powered up, manually delete the nGenius Probe from Device Manager. Now, add it back using the IP address of the NIC. (Don't use 127.0.0.1) Please note that this vStream Agent communicates through port HTTPS/9443.

 

Limitations

This ME can't be used in conjunction with the module Packet Analysis