vSTREAM Agent on Linux: Difference between revisions
No edit summary |
No edit summary |
||
(59 intermediate revisions by the same user not shown) | |||
Line 9: | Line 9: | ||
== Solution == | == Solution == | ||
| |||
{{#invoke:Message box|ambox |type=speedy|text=Starting with release 6.2.1, vStream Agent is an entirely new product and must be installed as a fresh release. Legacy vScout and vStream Embedded agents cannot be upgraded to vStream Agent and MUST be removed. vStream Agent requires a different type of license than vScout and vSTREAM Embedded.}} | |||
| |||
{{#invoke:Message box|ambox |type=content|text=This article applies to vSTREAM Agent versions 6.2.1 and above. For vSTREAM Embedded version 6.2.0 and below, read the article [[vSTREAM_Embedded_on_Linux|vSTREAM Embedded on Linux]].}} | |||
| |||
=== Before you install === | === Before you install === | ||
Line 14: | Line 24: | ||
Some considerations before we start: | Some considerations before we start: | ||
* | *You don't want to use NetScout's default communication ports as they are relatively common and could be in use on the host, now or in the future. | ||
* | *You want to see the name of the agent in Device Configuration to reflect the host's name. | ||
* | *You know the IP address of the nGeniusONE Server (NGS). | ||
*You are familiar with nGeniusONE | *You are familiar with nGeniusONE | ||
*You are familiar with Linux CLI | *You are familiar with Linux CLI | ||
| |||
=== Dependensies === | |||
The installation requires tar to be installed on the target host. If this is not the case, install it by running: | |||
<pre>yum -y install tar</pre> | |||
| | ||
Line 24: | Line 41: | ||
=== Firewall === | === Firewall === | ||
These communication are required. Make sure they are allowed by every firewall in the path between the host running | These communication are required. Make sure they are allowed by every firewall in the path between the host running vStream Agent and NGS: | ||
From NGS to | From NGS to vStream Agent (basic communication = <u>required</u>): | ||
*tcp/7080 | *tcp/7080 | ||
Line 32: | Line 49: | ||
*tcp/7501 | *tcp/7501 | ||
From | From vStream Agent to NGS | ||
*udp/395 | *udp/395 | ||
From | From vStream Agent to any Next Generation InfiniStream <u>NG</u> | ||
*GRE (IP protocol number 47) or udp/50100 | *GRE (IP protocol number 47) or udp/50100 | ||
Line 44: | Line 61: | ||
=== Pre-configuration considerations === | === Pre-configuration considerations === | ||
*vSTREAM Agent offers the posibility to store detailed records ( | *vSTREAM Agent offers the posibility to store application session detailed records (ASR) and data packets on the host itself. The amount of disk space used for this purpose is restricted; it must be at least 1GB/10GB respectively. Any value configured below this value will effecitvely disable that functionality. We recommend to start with 1GB and 10GB for the XDR store and packet store respectivily. | ||
*vSTREAM Agent can monitor more than one interface and those interfaces can be different from the interface used to communicate with NGS and NGIS. | *vSTREAM Agent can monitor more than one interface and those interfaces can be different from the interface used to communicate with NGS and NGIS. | ||
In | In the example below: | ||
*vStream Agent will be configured with a 1GB ASR store (<u>smaller sizes will effectively disable the local ASR store</u>) | |||
*vStream Agent will be configured with a 10GB Packet store (<u>smaller sizes will effectively disable the local packet store</u>) | |||
*Interface eth0 is used as both management (MAN) and monitor (MON) interface | |||
*vStream Agent is allowed to use 2vCPU and 2GB of memory on the host | |||
| |||
From 1 to 16 vCPU can be assigned to vStream Agent to spread the load workload among each processor but at the cost of additional licenses. Valid ranges for allocated memory are 1024, 2048, 4096, 8192, 10240, 12288, 14336 and 16384). | |||
| |||
{{#invoke:Message box|ambox |type=content|text=Keep in mind that VSTA uses up to the equivalent of 100% of the number of vCPUs assigned to it. VSTA processes may appear on more than the number of vCPUs assigned, but the total usage will never exceed 100% of the total vCPUs assigned.}} | |||
| |||
=== Create storage path for packet and XDR === | |||
The path where to store XDR records and packets must be created upfront. In our example, we decided to use /opt/nsagentstrore for that matter: | |||
<pre>mkdir /opt/nsagentstore | |||
</pre> | |||
| | ||
| |||
| |||
| | ||
Line 60: | Line 97: | ||
=== Create configuration files === | === Create configuration files === | ||
Create | Create the file <code>/tmp/nsagent_config.cfg</code> with the follwing content. Replace <IP_NGS> with the IP address of NGS: | ||
<pre>export NSCOMM_PORT=395 | <pre>export NSCOMM_PORT=395 | ||
export NSCONSOLE_PORT=7501 | export NSCONSOLE_PORT=7501 | ||
export HTTP_PORT=7080 | export HTTP_PORT=7080 | ||
export HTTPS_PORT=7443 | export HTTPS_PORT=7443 | ||
export MON_INF=eth2,eth3 | |||
export MON_INF= | |||
export MGMT_INF=eth0 | export MGMT_INF=eth0 | ||
export NUM_CPUS= | export NUM_CPUS=2 | ||
export MEM_SIZE= | export MEM_SIZE=4096 | ||
export PROMISC_MODE=on | |||
export PERF_ACCL=on | |||
export STORAGE_PATH=/opt/nsagentstore | export STORAGE_PATH=/opt/nsagentstore | ||
export XDRSTORE_SIZE=1000 | export XDRSTORE_SIZE=1000 | ||
export PKTSTORE_SIZE=10000 | export PKTSTORE_SIZE=10000 | ||
export NUM_FWD_CPUS=1</pre> | export NUM_FWD_CPUS=1 | ||
</pre> | |||
Create the <code> | Create the file <code>/tmp/nsprobeid</code> with the following content. Replace HOSTNAME with the actual hostname or any string value you need to proper identify this vSTREAM Enbedden in nGeniusONE. The name can be up to 127 characters long. It can only contain alphanumerical characters, period (.) and hyphen (-). NO SPACES, NO UNDERSCORE (_), NO SPECIAL CHARACTERS: | ||
<pre> | <pre>nmcli general hostname > /tmp/nsprobeid | ||
</pre> | |||
| |||
| |||
| | ||
Line 82: | Line 126: | ||
=== Installation === | === Installation === | ||
Place the most recent version and build of the <code>*.rpm</code> in the <code>/tmp</code> directory on the host. We recommend to keep the original file name for future reference. | |||
<pre># cd / | <pre># cd /opt | ||
# wget https://comcert.box.com/shared/static/ | # wget https://comcert.box.com/shared/static/something.rpm | ||
# mv something.rpm is- | # mv something.rpm is-6210-xxx-vSTREAM_agent.x86_64.rpm | ||
# md5sum is- | # md5sum is-62xx-xxx-vSTREAM_agent.x86_64.rpm | ||
</pre> | </pre> | ||
Run the rpm. There are no dependencies to be installed. If you omit the --prefix argument, the installation directory will be /usr/lib/NetScout/. If you specify for example | Run the rpm. There are no dependencies to be installed. If you omit the <code>--prefix</code> argument, the installation directory will be <code>/usr/lib/NetScout/</code>. If you specify for example <code>--prefix=/opt</code> vSTREAM Embedded will be installed in <code>/opt/NetScout/</code> | ||
<pre> | <pre>rpm -ivh is-62xx-xxx-vSTREAM_agent.x86_64.rpm --prefix=/opt | ||
</pre> | |||
| |||
=== Post install tasks/issues === | |||
Modify datastore ownership | |||
<pre>chown -R ngenius:ngenius /opt/nsagentstore | |||
</pre> | |||
Vstream may not be running (6.3.3-835) | |||
<pre>systemctl start vstream | |||
</pre> | |||
<span style="background-color:#FFFF00;">Do not enable the vstream service on NSE. Start vstream manually after reboot.</span> | |||
| | ||
Line 96: | Line 155: | ||
=== Test === | === Test === | ||
Check if the | Check if the vSTREAM Agent service is running: | ||
<pre># systemctl status vstream</pre> | <pre># systemctl status vstream</pre> | ||
Stop/Start/Restart the service | Stop/Start/Restart the service: | ||
<pre># systemctl stop vstream | <pre># systemctl stop vstream | ||
# systemctl start vstream | # systemctl start vstream | ||
or | |||
[or] | |||
# systemctl restart vstream</pre> | # systemctl restart vstream</pre> | ||
Line 118: | Line 179: | ||
<pre># vi /usr/lib/NetScout/rtm/config/nsagent_config.cfg | <pre># vi /usr/lib/NetScout/rtm/config/nsagent_config.cfg | ||
</pre> | </pre> | ||
| |||
=== Uninstall === | |||
If for any reason the agent needs to be uninstalled, run the following command: | |||
<pre># cd /usr/lib/NetScout/rtm/bin | |||
# ./vstream_uninstall.sh | |||
</pre> | |||
| |||
| |||
== Co-Resident vStream on NG1 == | |||
Starting from version 6.3.5 a co-resident vStream Agent is included in the installation. The vStream Agent will be automatically installed when the server is equipped with more than 64GB of memory. | |||
| |||
=== Uninstall === | |||
It is not possible to deselect the installation of vStream Agent during the initial setup of NG1. However, when the installation concludes successfully, it is possible to remove the vStream Agent. | |||
<pre># cd /usr/lib/NetScout/rtm/bin | |||
# ./vstream_uninstall.sh | |||
</pre> | |||
{{#invoke:Message box|ambox |type=content|text=Once it has been removed from the server, it can't be re-installed!}} | |||
| |||
| |||
=== Configure === | |||
On the VPMA appliances the co-resident vStream Agent appears in the Device Manager, but it won't run. This can be fixed by editing the nsagent_config.cfg file. | |||
<pre># cd /usr/lib/NetScout/rtm/configdata | |||
# vi nsagent_config.cfg | |||
</pre> | |||
Now, alter the MON_INF and MGMT_INF directives and reboot the server. Modify "eth0" into "ens192" | |||
<pre># pmbin | |||
# ./PS | |||
# ./stop | |||
# systemctl reboot | |||
</pre> | |||
Once the server is powered up, manually delete the nGenius Probe from Device Manager. Now, add it back using the IP address of the NIC. (Don't use 127.0.0.1) Please note that this vStream Agent communicates through port HTTPS/9443. | |||
| |||
=== Limitations === | |||
This ME can't be used in conjunction with the module Packet Analysis |
Latest revision as of 15:12, 23 February 2024
Introduction
This is a simplified installation procedure that has been thoroughly tested by our engineers on virtual as well as physical host.
A complete and detailed installation guide is available on MyNetscout.
Solution
Starting with release 6.2.1, vStream Agent is an entirely new product and must be installed as a fresh release. Legacy vScout and vStream Embedded agents cannot be upgraded to vStream Agent and MUST be removed. vStream Agent requires a different type of license than vScout and vSTREAM Embedded. |
This article applies to vSTREAM Agent versions 6.2.1 and above. For vSTREAM Embedded version 6.2.0 and below, read the article vSTREAM Embedded on Linux. |
Before you install
Some considerations before we start:
- You don't want to use NetScout's default communication ports as they are relatively common and could be in use on the host, now or in the future.
- You want to see the name of the agent in Device Configuration to reflect the host's name.
- You know the IP address of the nGeniusONE Server (NGS).
- You are familiar with nGeniusONE
- You are familiar with Linux CLI
Dependensies
The installation requires tar to be installed on the target host. If this is not the case, install it by running:
yum -y install tar
Firewall
These communication are required. Make sure they are allowed by every firewall in the path between the host running vStream Agent and NGS:
From NGS to vStream Agent (basic communication = required):
- tcp/7080
- tcp/7443
- tcp/7501
From vStream Agent to NGS
- udp/395
From vStream Agent to any Next Generation InfiniStream NG
- GRE (IP protocol number 47) or udp/50100
Pre-configuration considerations
- vSTREAM Agent offers the posibility to store application session detailed records (ASR) and data packets on the host itself. The amount of disk space used for this purpose is restricted; it must be at least 1GB/10GB respectively. Any value configured below this value will effecitvely disable that functionality. We recommend to start with 1GB and 10GB for the XDR store and packet store respectivily.
- vSTREAM Agent can monitor more than one interface and those interfaces can be different from the interface used to communicate with NGS and NGIS.
In the example below:
- vStream Agent will be configured with a 1GB ASR store (smaller sizes will effectively disable the local ASR store)
- vStream Agent will be configured with a 10GB Packet store (smaller sizes will effectively disable the local packet store)
- Interface eth0 is used as both management (MAN) and monitor (MON) interface
- vStream Agent is allowed to use 2vCPU and 2GB of memory on the host
From 1 to 16 vCPU can be assigned to vStream Agent to spread the load workload among each processor but at the cost of additional licenses. Valid ranges for allocated memory are 1024, 2048, 4096, 8192, 10240, 12288, 14336 and 16384).
Keep in mind that VSTA uses up to the equivalent of 100% of the number of vCPUs assigned to it. VSTA processes may appear on more than the number of vCPUs assigned, but the total usage will never exceed 100% of the total vCPUs assigned. |
Create storage path for packet and XDR
The path where to store XDR records and packets must be created upfront. In our example, we decided to use /opt/nsagentstrore for that matter:
mkdir /opt/nsagentstore
Create configuration files
Create the file /tmp/nsagent_config.cfg
with the follwing content. Replace <IP_NGS> with the IP address of NGS:
export NSCOMM_PORT=395 export NSCONSOLE_PORT=7501 export HTTP_PORT=7080 export HTTPS_PORT=7443 export MON_INF=eth2,eth3 export MGMT_INF=eth0 export NUM_CPUS=2 export MEM_SIZE=4096 export PROMISC_MODE=on export PERF_ACCL=on export STORAGE_PATH=/opt/nsagentstore export XDRSTORE_SIZE=1000 export PKTSTORE_SIZE=10000 export NUM_FWD_CPUS=1
Create the file /tmp/nsprobeid
with the following content. Replace HOSTNAME with the actual hostname or any string value you need to proper identify this vSTREAM Enbedden in nGeniusONE. The name can be up to 127 characters long. It can only contain alphanumerical characters, period (.) and hyphen (-). NO SPACES, NO UNDERSCORE (_), NO SPECIAL CHARACTERS:
nmcli general hostname > /tmp/nsprobeid
Installation
Place the most recent version and build of the *.rpm
in the /tmp
directory on the host. We recommend to keep the original file name for future reference.
# cd /opt # wget https://comcert.box.com/shared/static/something.rpm # mv something.rpm is-6210-xxx-vSTREAM_agent.x86_64.rpm # md5sum is-62xx-xxx-vSTREAM_agent.x86_64.rpm
Run the rpm. There are no dependencies to be installed. If you omit the --prefix
argument, the installation directory will be /usr/lib/NetScout/
. If you specify for example --prefix=/opt
vSTREAM Embedded will be installed in /opt/NetScout/
rpm -ivh is-62xx-xxx-vSTREAM_agent.x86_64.rpm --prefix=/opt
Post install tasks/issues
Modify datastore ownership
chown -R ngenius:ngenius /opt/nsagentstore
Vstream may not be running (6.3.3-835)
systemctl start vstream
Do not enable the vstream service on NSE. Start vstream manually after reboot.
Test
Check if the vSTREAM Agent service is running:
# systemctl status vstream
Stop/Start/Restart the service:
# systemctl stop vstream # systemctl start vstream [or] # systemctl restart vstream
Clean-up
We recommend removing all the temporary configuration files from the /tmp direcotory after verification. These files cannot be used to reconfigure the agent.
Modifying the configuration
To modify the configuration, edit this file and restart the agent:
# vi /usr/lib/NetScout/rtm/config/nsagent_config.cfg
Uninstall
If for any reason the agent needs to be uninstalled, run the following command:
# cd /usr/lib/NetScout/rtm/bin # ./vstream_uninstall.sh
Co-Resident vStream on NG1
Starting from version 6.3.5 a co-resident vStream Agent is included in the installation. The vStream Agent will be automatically installed when the server is equipped with more than 64GB of memory.
Uninstall
It is not possible to deselect the installation of vStream Agent during the initial setup of NG1. However, when the installation concludes successfully, it is possible to remove the vStream Agent.
# cd /usr/lib/NetScout/rtm/bin # ./vstream_uninstall.sh
Once it has been removed from the server, it can't be re-installed! |
Configure
On the VPMA appliances the co-resident vStream Agent appears in the Device Manager, but it won't run. This can be fixed by editing the nsagent_config.cfg file.
# cd /usr/lib/NetScout/rtm/configdata # vi nsagent_config.cfg
Now, alter the MON_INF and MGMT_INF directives and reboot the server. Modify "eth0" into "ens192"
# pmbin # ./PS # ./stop # systemctl reboot
Once the server is powered up, manually delete the nGenius Probe from Device Manager. Now, add it back using the IP address of the NIC. (Don't use 127.0.0.1) Please note that this vStream Agent communicates through port HTTPS/9443.
Limitations
This ME can't be used in conjunction with the module Packet Analysis