SevOne NMS Installation Guide - Virtual Appliance
About
This document describes the installation of a SevOne virtual appliance. A virtual appliance can be a SevOne Performance Appliance Solution (vPAS) or a SevOne Dedicated NetFlow Collector (vDNC), each of which runs the SevOne Network Management Solution (NMS) software.
In this guide if there is,
- [any reference to master] OR
- [[if a CLI command contains master] AND/OR
- [its output contains master]],
it means leader.
And, if there is any reference to slave, it means follower.
Create Support Account
To create a user account to enable SevOne Support engineers to provide support services, go to https://www.ibm.com/mysupport/. Or, contact SevOne Support via phone.
- In the address field on your web browser enter https://www.ibm.com/mysupport/ and press Enter.
- Click Login to display the IBM SevOne Support Login page.
- In the Create New Account section, enter the following information.
- Your Full Name
- Email Address
- Phone Number
- Company
- Click Create Account.
- Your account is created instantly and SevOne Support reviews the account validity within the next business day.
Multi Peer and Hot Standby Implementations
The SevOne NMS Cluster Manager provides an Integration tab to enable you to build your cluster and to add a new PAS appliance and/or a new vPAS as a peer into an existing cluster.
When your new virtual appliance is a Hot Standby Appliance, perform the steps in chapters 3 and 4 to install the SevOne software and to integrate the computer into your network then contact SevOne Support via phone or go to IBM SevOne Support customer portal to ensure that the Hot Standby Appliance is appropriately implemented into the cluster.
Prerequisites
The virtual appliance image file can be downloaded from IBM Passport Advantage (https://www.ibm.com/software/passportadvantage/pao_download_software.html) via Passport Advantage Online. However, if you are on a legacy / flexible SevOne contract and do not have access to IBM Passport Advantage but have an active Support contract, please contact SevOne Support Team for the image file. Download can take ~30 minutes.
Once you have downloaded the package, unpack the fix / upgrade packs to obtain the required files.
For VMware, you need the .ova file. For KVM / IBM Cloud, .qcow2 file is required. For Microsoft Azure, you will need the .vhd file.
While performing the installation, you can select the hardware component model. For hardware requirements, please refer to Hardware Requirements for details.
Hardware Requirements
In a cluster that contains mixed sized appliances, the largest hardware capacity appliance should be the Cluster Leader. There is RAM overhead exerted on the Cluster Leader based on its additional responsibilities. Due to this, SevOne strongly advises you to implement this recommendation.
| Hardware Component | vCPU Cores | RAM (GB) | / Disk (GB) | /data (secondary) Disk (GB) | Flow Limit (FPS) | Interface Limit | Max Indicators per Second (IPS) |
|---|---|---|---|---|---|---|---|
| vPAS5k | 2 | 8 | 150 | n/a | 4,500 | 15 | 333 |
| vPAS20k | 8 | 24 | 150 | 450 | 20,000 | 60 | 1,333 |
| vPAS60k | 8 | 44 | 150 | 1300 | 60,000 | 180 | 4,000 |
| vPAS100k | 8 |
96 Higher demands (for example, xStats) may require more memory. |
150 | 2350 | 80,000 | 300 | 6,666 |
| vPAS200k | 16 | 220 | 150 | 4450 | 80,000 | 600 | 13,333 |
| vDNC100 | 8 | 16 | 150 | 400 | 30,000 | 100 | - |
| vDNC300 | 16 | 48 | 150 | 800 | 80,000 | 300 | - |
| vDNC1000 | 24 | 96 | 150 | 1500 | 80,000 | 1,000 | - |
| vDNC1500 | 24 | 128 | 150 | 3000 | 80,000 | 1,500 | - |
Used hard drive space vs. provisioned capacity - virtual machines are thin-provisioned and used space is based on polling the maximum number of licensed objects for 1 year at 5 minute intervals.
Any SAN with SSDs and supporting thin-provisioned LUNs is considered modern.
SevOne PAS Scalability
- Devices
- Objects
- Indicators
- Poll Frequency
Let's assume you want to monitor...
- a device, San Jose Router, with 2 objects. Object Ethernet Port with indicators In
Octets and Out Octets and Object Power Supply with indicator
Voltage.Note: A device can have one or more objects. And, each object can have one or more indicators.
Formula to calculate maximum Indicators per Second (IPS),
IPS = (#Objects * #Indicators per Object) / (Poll Frequency in seconds)Example: Maximum Indicators per Second for vPAS60k,
where,
- Objects = 60,000
- Indicators = 20
- Poll Frequency = 300 seconds
IPS = (60,000 * 20) / 300 = 4,000Example: Maximum Indicators per Second for vPAS200k,
where,
- Objects = 200,000
- Indicators = 20
- Poll Frequency = 300 seconds
IPS = (200,000 * 20) / 300 = 13,333VMware Considerations
A vPAS/vDNC installation using VMware has the following host system requirements
- Intel-VT or AMD-V CPU extensions
- VMware ESXi v5.0 (minimum requirement). Tested with ESXi 6.7 and later (VM version 14)
- Installation using VMware is supported on any premise or VMware Cloud Infrastructure as long as it is compatible with the ESXi and VM versions listed above.
- Does not run on VMware Workstation / VMware Player
The following are the VMware initial setup best practices.
- The SevOne .ova image file contains a VMware-tools package to provide emulation for what vCenter and the ESX need to get from the VM. This package provides a set of utilities and drivers to help you improve the performance and management of virtual machines.
- VMware Tools include the VMXNET3 network driver. The VMXNET3 adapter is a virtualized Network Interface Card that offers better performance and should be used for the vPAS100k.
- Turn on Storage I/O Monitoring in vCenter for all data stores used by the appliance to diagnose performance issues.
- Ensure that hyperthreading is enabled by default in the virtual data center. Hyperthreading is enabled or disabled in the BIOS when the system is booted.
- Ensure adequate CPU and memory allocation as described earlier in this document. Do not inadvertently limit CPU or memory and ensure that the Unlimited check box is selected.
For a physical system, the concept of a CPU is easy term to understand. However, in the virtualized space it is difficult to determine how many cores a CPU has and whether hyperthreading is turned on. One way to normalize the values you should use to plan your virtual environment is to use the SPECint benchmark published by SPEC. SPEC breaks out CPU performance metrics for:
- CPU Speed (cint)
- CPU Throughput (rint)
The cint performance runs a single instance of the benchmark test to measure the speed of the system to perform a single task. rint runs the same number of instances of the benchmark test as there are threads in the machine to measure parallelization. Although a system may have a faster processor, other factors can reduce the number of parallel tasks, so rint is as important a measurement as cint. SevOne software provides good parallelization that benefits from more effective CPUs rather than from a smaller number of faster CPUs.
A machine with two CPUs and four cores per CPU, with one thread per core, may have a speed rating of 10 and a throughput rating of 40, rather than 80, which would be the expected value if all cores and threads were completely independent so this machine has 4 effective CPUs. To expand further, consider a PAS10K which runs on Dell R620 hardware. There are 2 physical CPUs with 8 cores and hyperthreading is enabled. This should result in 32 effective CPUs, but the cint and rint values of 54.7 and 585 determine an effective CPU rating of almost 11, not 32. Similar results exist for the PAS200K (R720xd) which should have 40 effective CPUs but actually rates about 14.
Virtualization can provide better efficiency of the underlying hardware through a fundamental model of over subscription. When set up properly, VMs can freely move about within the cluster of hypervisors to resolve temporary resource constraints without administrator intervention. It is important to note the following:
- Since the system may attempt to resolve resource contention issues autonomously, performance related postmortem analysis can be difficult via the VM alone.
- From the VM, it is difficult to determine if you actually have the resources you think you have without an attempt to continuously allocate them, which degrades performance.
- Some things that constrain the performance of VMs are not things that trigger a VM to move within the cluster.
- Data points that describe the level of resource contention and over subscription are intentionally not revealed to the VMs and access to vCenter in those scenarios is not universal.
Migration
SevOne NPM supports migration from one host to a compatible-versioned host using vMotion, provided they are on the same vSphere installation.
VMware Hybrid migration with vMotion has not been tested and is not a supported migration.
Using VMware Snapshot functions to move SevOne NPM between VMware Instances has not been tested and is not a supported migration.
Troubleshooting System Performance
- Ensure that CPU utilization is in the range of 50-70%. For VMs above this range, vCPUs must be
added to the SevOne VM.
Note that adding more vCPUs than necessary may adversely affect performance. - Ensure adequate reserve of CPU and memory for the VM. Through testing and experience, analyzing esxtop data, the appropriate level of reservation can be determined. Reservations only take effect when there are insufficient resources to meet the needs of all the VMs on a particular ESX server.
VMware Implementation
The appliance-based installation is very similar to the installation based on deploying an .ova to your own Linux machine. The following is an overview of each approach as well as the upgrade process.
Deploy Appliance
For appliance-based installation, please follow the instructions in SevOne NMS Appliance Insert guide to deploy each NMS appliance.
Deploy OVA
The SevOne NMS .ova file can be downloaded from IBM Passport Advantage (https://www.ibm.com/software/passportadvantage/pao_download_software.html) via Passport Advantage Online. However, if you are on a legacy / flexible SevOne contract and do not have access to IBM Passport Advantage but have an active Support contract, please contact SevOne Support Team for the file. Save the .ova to a folder on your server.
To deploy SevOne NMS .ova, deploy it on each Linux machine you plan to install NMS on. For details, please refer to Deploy an OVF or OVA Template (docs.vmware.com).
After deploying an appliance from vCenter using .ova file, you must select your desired model.
- SSH into your SevOne NMS appliance and log in as support.
$ ssh support@<NMS appliance> - Connect to the NMS container.
$ podman --url=unix:/run/podman_sevone/podman.sock exec -it nms-nms-nms /bin/bash - Once logged into the container, execute the following command and enter your desired PAS / DNC
appliance model.
$ SevOne-select -m all appliance <enter your desired PAS / DNC appliance model>
Network Configuration for VMware, KVM, and Azure Implementations
For advanced network configuration, use nmtui. Please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/networking_guide/sec-configuring_ip_networking_with_nmtui
for details.
Time and Date can be configured using timedatectl command. For
details, please refer to https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/chap-configuring_the_date_and_time.
To configure NTP/Chrony, please refer to
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-configuring_ntp_using_the_chrony_suite/
for NTP/Chrony details.
SNMP Settings can be performed manually but updating
/config/snmp/snmpd.d/90-custom.conf file.
OS-level User Names and Passwords
You will need to change the default password for the support user account. This is important for security reasons.
Failure to change the default password presents a significant security risk. This publication includes the default password and is available to the public.
Change Support Password
The support password should be changed on all peers. Perform the following steps to change the password for support.
- SSH into your SevOne NMS appliance and log in as support.
- At the Password prompt, enter
supportuser.
$ ssh support@10.128.9.4 (support@10.128.9.4) Password: <enter 'supportuser'> (support@10.128.9.4) You are required to change your password immediately (administrator enforced) Current password: <enter 'supportuser'> (support@10.128.9.4) New password: <enter new password> (support@10.128.9.4) Retype new password: <re-enter new password>Example
$ ssh support@10.128.9.4 (support@10.128.9.4) Password: supportuser (support@10.128.9.4) You are required to change your password immediately (administrator enforced) Current password: supportuser (support@10.128.9.4) New password: te5ting123 (support@10.128.9.4) Retype new password: te5ting123 - You will be prompted and required to change the support user password. Enter a new password when prompted.
- Exit the session when you are done.
For details on how to change the IP address on a SevOne appliance or how to configure networking bonding, please refer to the respective sections in SevOne NMS Advanced Network Configuration Guide.
Shut Down and Reboot SevOne NMS
SevOne NMS can run for extended periods of time. Occasionally it is necessary to shut down or reboot an appliance. SevOne NMS stores data in cache and writes to the disk on a regular basis.
The following shell commands back up the memory ring tables to the database on the disk to ensure that you do not lose data.
Shutdown SevOne NMS
To shutdown SevOne NMS, you must run the command from the NMS container and not
the host.
$ podman exec -it nms-nms-nms /bin/bash
$ SevOne-shutdown shutdownReboot SevOne NMS
To reboot SevOne NMS, you must run the command from
the NMS container and not the host.
$ podman exec -it nms-nms-nms /bin/bash
$ SevOne-shutdown reboot