Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Image Removed

Overview

The remote collector deployment should assist in 2 scenarios: 

  • Data should be collected across several deployments but a consolidate single view is required (only one Local nodes is required).
  • When a Local Node is reaching a CPU limit and an offload of work is required (can offload up to 20% CPU in high load).

In order to setup a new Remote Collector server you will need to install another new DPOD server based on the prerequisites below. The Node that will contain the Data and the console will be called "Local Node" and the second installation (contains only the Syslog and WS-M agent) will be called "remote collector".

Prerequisites

...

Overview

Federated architecture best fits customers that execute high load (thousands of transactions per seconds) in their gateways, where the vast majority of the transactions is executed on-premise. 

The cell environment implements the federated architecture by distributing DPOD's Store and DPOD's processing (using DPOD's agents) across different federated servers.

The cell environment has two main components:

  • Cell Manager - a DPOD server (virtual or physical) that manages all Federated Cell Members (FCMs) as well as provides central DPOD services such as the Web Console, reports, alerts, etc.
  • Federated Cell Member (FCM) - a DPOD server (usually physical with local high speed storage) that includes Store data nodes and agents (Syslog and WS-M) for collecting, parsing and storing data. There could be one or more federated cell members per cell.

See the following diagram:

Image Added

The following procedure describes the process of establishing a DPOD cell environment.

Prerequisites

  1. DPOD cell manager and federated cell members must be with the same version (minimum version is v1.0.8.7 5).
  2. The remote collector DPOD installations should be configured with the "medium" architecture type DPOD cell manager can be installed in both Appliance Mode or Non-Appliance Mode with Medium Load architecture type, as detailed in the Hardware and Software Requirements
  3. Each installation will requires some different ports to be opened in the firewall - see table 1
  4. There are no requirements regarding the Environment name of each DPOD installation
  5. The two DPODs need to be able to communicate with each other and with the monitored DataPower devices

Setup steps

In order to configure the local node and remote collector(s), run the following script in the local node once per remote collector .

Code Block
configure_local_node.sh -a <IP address of the remote collector>
For example: configure_local_node.sh -a 192.168.0.5

The script will configure both the local node and remote collector.
Run this script once for each remote collector that you want to add - e.g. if you want to add two remote collectors, run the script twice (in the local node), first time with the IP address of the first remote collector, and second time with the IP of the second remote collector.

Optional parameters:

Code Block
configure_local_node.sh -a <IP address of the remote collector> -s <initial syslog agents port> -w <initial WSM agents port>
For example: configure_local_node.sh -a 192.168.0.5 -s 70000 -w 70050

The defaults are port 60000 for the initial syslog agents port and 60020 for the initial WSM agents port

Output

Example for a successful execution - note that the script writes two log file, one in the local node and one in the remote collector, the log file names are mentioned in the script's output.

Image Removed

Example for a failed execution, you will need to check the log file for further information.
in case of a failure, the script will try to rollback the configuration changes it made, so you can try to fix the problem and run it again.

Image Removed

...

Image Removed

Also, the new agents will be shown in the agents in the Manage → Internal Health → Agents page.
For example, we have one local node with two agents and two remote collectors with two agents each, the page will show six agents:

Image Removed

Configure The Monitored Device to Remote Collector's Agents

It is possible to configure entire monitored device to remote collector's agent or just a specific domain.

To configure monitored device / specific domain please follow instructions on Adding Monitored Devices

...

Warning

We recommend using the script described in the previous section.
There is no need to take any manual steps if you already run the script.

  1. The following communication and ports are used in a remote collector deployment scenario (table 1). Perform the following commands to accomplish this task on each DPOD local firewall:

    Run in Local Node -
    Change the XXXX to the IP of the Remote Collector

    Code Block
    iptables -I INPUT -p tcp -s XXXX/24 --dport 9300:9309 -j ACCEPT
    service iptables save
    service iptables restart
    

    After running the commands, run the following command and search the output for two entries showing port 9300 (shown in red in the below screenshot)

    Code Block
    iptables -L -n
    Image Removed
    Anchortable1table1table 1

    From

    To

    Ports (Defaults)

    Protocol

    Usage

    Local Node DPOD Appliance  

    Each Monitored Device

    5550 (TCP)

    HTTP/S

    Monitored Device administration management interface

    Local Node DPOD Appliance 

    . The manager server can be both virtual or physical.
  2. DPOD federated cell member (FCM) should be installed in Non-appliance Mode with High_20dv architecture type, as detailed in the Hardware and Software Requirements.
  3. Each cell component (manager / FCM) should have two network interfaces:
    1. External interface - for DPOD users to access the Web Console and for communication between DPOD and Monitored Gateways.
    2. Internal interface - for internal DPOD components inter-communication (should be a 10Gb Ethernet interface).
  4. Network ports should be opened in the network firewall as detailed below:

Anchor
Network Ports
Network Ports

From

To

Ports (Defaults)

Protocol

Usage

DPOD Cell Manager

Each Monitored Device

5550 (TCP)

HTTP/S

Monitored device administration management interface

DPOD Cell Manager

DNS Server

TCP and UDP 53

DNS

DNS services. Static IP address may be used.

DPOD Cell Manager

NTP Server

123 (UDP)

NTP

Time synchronization

DPOD Cell Manager

Organizational mail server

25 (TCP)

SMTP

Send reports by email

DPOD Cell Manager

LDAP

TCP 389 / 636 (SSL).

TCP 3268 / 3269 (SSL)

LDAP

Authentication & authorization. Can be over SSL.

DPOD Cell ManagerEach DPOD Federated Cell Member9300-9305 (TCP)ElasticSearchElasticSearch Communication (data + management)

NTP Server

DPOD Cell Manager

123 (UDP)

NTP

Time synchronization

Each Monitored Device

DPOD Cell Manager

60000-60003 (TCP)

TCP

SYSLOG Data

Each Monitored Device

DPOD Cell Manager

60020-60023 (TCP)

HTTP/S

WS-M Payloads

Users IPs         

DPOD Cell Manager

443 (TCP)

HTTP/S

IBM DataPower Operations Dashboard Web Console

Admins IPs         

DPOD Cell Manager

22 (TCP)

TCP

SSH

Each DPOD Federated Cell MemberDPOD Cell Manager9200, 9300-9400ElasticSearchElasticSearch Communication (data + management)

Each DPOD Federated Cell Member

DNS Server

TCP and UDP 53

DNS

DNS services

...

NTP Server

...

Local Node DPOD Appliance  

Each DPOD Federated Cell Member

NTP Server

123 (UDP)

NTP

Time synchronization

...

Local Node DPOD Appliance  

...

Organizational mail server

...

25 (TCP)

...

SMTP

...

Send reports by email

...

Local Node DPOD Appliance  

...

LDAP

...

TCP 389 / 636 (SSL).

TCP 3268 / 3269 (SSL)

...

LDAP

...

Authentication & authorization. Can be over SSL

NTP Server

Each DPOD Federated Cell Member

123 (UDP)

NTP

Time synchronization

Each Monitored Device

...

Each DPOD Federated Cell Member

60000-

...

60003 (TCP)

TCP

SYSLOG Data

Each Monitored Device

...

Each DPOD Federated Cell Member

60020-

...

60023 (TCP)

HTTP/S

WS-M Payloads

...

...

Local Node DPOD Appliance  

...

443 (TCP)

...

HTTP/S

...

Access to with IBM DataPower Operations Dashboard Console

Admins IPs         

...

Each DPOD Federated Cell Member

22 (TCP)

TCP

SSH

...

Remote Collector DPOD Appliance  

...

Each Monitored Device

...

5550 (TCP)

...

HTTP/S

...

Monitored Device administration management interface

...

Remote Collector DPOD Appliance 

...

TCP and UDP 53

...

DNS services

...

Remote Collector DPOD Appliance  

...

NTP Server

...

123 (UDP)

...

NTP

...

Time synchronization

...

Remote Collector DPOD Appliance  

...

Organizational mail server

...

25 (TCP)

...

SMTP

...

Send reports by email

...

Remote Collector DPOD Appliance  

...

LDAP

...

TCP 389 / 636 (SSL).

TCP 3268 / 3269 (SSL)

...

LDAP

...

Authentication & authorization. Can be over SSL

...

NTP Server

...

Remote Collector DPOD Appliance  

...

123 (UDP)

...

NTP

...

Time synchronization

...

Each Monitored Device

...

Remote Collector DPOD Appliance  

...

60000-60009 (TCP)

...

TCP

...

SYSLOG Data

...

Each Monitored Device

...

Remote Collector DPOD Appliance  

...

60020-60029 (TCP)

...

HTTP/S

...

WS-M Payloads

...

FROM Users IPs         

...

Remote Collector DPOD Appliance  

...

443 (TCP)

...

HTTP/S

...

Access to with IBM DataPower Operations Dashboard Console

...

FROM Admins IPs         

...

Remote Collector DPOD Appliance  

...

22 (TCP)

...

TCP

...

SSH

...

In the Local Node
Using putty or any other ssh client, issue the following command: 

Code Block
sed -i -e "s/^SERVICES_SIXTH_GROUP=\".*MonTier-SyslogAgent-1 MonTier-HK-WdpServiceResources MonTier-HK-WdpDeviceResources/SERVICES_SIXTH_GROUP=\"MonTier-HK-WdpServiceResources MonTier-HK-WdpDeviceResources/g" /etc/sysconfig/MonTier

In the Local Node
Using putty or any other ssh client, issue the following command: 

Code Block
mv /etc/init.d/MonTier-SyslogAgent-1 /etc/init.d/Disabled-MonTier-SyslogAgent-1
mv /etc/init.d/MonTier-SyslogAgent-2 /etc/init.d/Disabled-MonTier-SyslogAgent-2
mv /etc/init.d/MonTier-SyslogAgent-3 /etc/init.d/Disabled-MonTier-SyslogAgent-3
mv /etc/init.d/MonTier-SyslogAgent-4 /etc/init.d/Disabled-MonTier-SyslogAgent-4
mv /etc/init.d/MonTier-SyslogAgent-5 /etc/init.d/Disabled-MonTier-SyslogAgent-5
mv /etc/init.d/MonTier-SyslogAgent-6 /etc/init.d/Disabled-MonTier-SyslogAgent-6
mv /etc/init.d/MonTier-SyslogAgent-7 /etc/init.d/Disabled-MonTier-SyslogAgent-7
mv /etc/init.d/MonTier-SyslogAgent-8 /etc/init.d/Disabled-MonTier-SyslogAgent-8
mv /etc/init.d/MonTier-SyslogAgent-9 /etc/init.d/Disabled-MonTier-SyslogAgent-9
mv /etc/init.d/MonTier-SyslogAgent-10 /etc/init.d/Disabled-MonTier-SyslogAgent-10


mv /etc/init.d/MonTier-WsmAgent-1 /etc/init.d/Disabled-MonTier-WsmAgent-1
mv /etc/init.d/MonTier-WsmAgent-2 /etc/init.d/Disabled-MonTier-WsmAgent-2
mv /etc/init.d/MonTier-WsmAgent-3 /etc/init.d/Disabled-MonTier-WsmAgent-3
mv /etc/init.d/MonTier-WsmAgent-4 /etc/init.d/Disabled-MonTier-WsmAgent-4
mv /etc/init.d/MonTier-WsmAgent-5 /etc/init.d/Disabled-MonTier-WsmAgent-5

...

In the Remote Collector
Using putty or any other ssh client, issue the following commands:

Code Block
mv /etc/init.d/MonTier-es-raw-trans-Node-1 /etc/init.d/Disabled-MonTier-es-raw-trans-Node-1
mv /etc/init.d/MonTier-es-raw-trans-Node-2 /etc/init.d/Disabled-MonTier-es-raw-trans-Node-2
mv /etc/init.d/MonTier-es-raw-trans-Node-3 /etc/init.d/Disabled-MonTier-es-raw-trans-Node-3
mv /etc/init.d/MonTier-es-raw-trans-Node-4 /etc/init.d/Disabled-MonTier-es-raw-trans-Node-4

mv /etc/init.d/MonTier-Derby /etc/init.d/Disabled-MonTier-Derby

mv /etc/init.d/MonTier-HK-ESRetention /etc/init.d/Disabled-MonTier-HK-ESRetention

mv /etc/init.d/MonTier-HK-SyslogKeepalive /etc/init.d/Disabled-MonTier-HK-SyslogKeepalive
mv /etc/init.d/MonTier-HK-WsmKeepalive /etc/init.d/Disabled-MonTier-HK-WsmKeepalive

mv /etc/init.d/MonTier-HK-WdpDeviceResources /etc/init.d/Disabled-MonTier-HK-WdpDeviceResources
mv /etc/init.d/MonTier-HK-WdpServiceResources /etc/init.d/Disabled-MonTier-HK-WdpServiceResources

mv /etc/init.d/MonTier-Reports /etc/init.d/Disabled-MonTier-Reports

mv /etc/init.d/MonTier-UI /etc/init.d/Disabled-MonTier-UI

sed -i -e "s/^SERVICES_FIRST_GROUP=\".*/SERVICES_FIRST_GROUP=\"\"/g" /etc/sysconfig/MonTier
sed -i -e "s/^SERVICES_SECOND_GROUP=\".*/SERVICES_SECOND_GROUP=\"\"/g" /etc/sysconfig/MonTier
sed -i -e "s/^SERVICES_THIRD_GROUP=\".*/SERVICES_THIRD_GROUP=\"\"/g" /etc/sysconfig/MonTier
sed -i -e "s/\MonTier-HK-WdpServiceResources MonTier-HK-WdpDeviceResources//g" /etc/sysconfig/MonTier
sed -i -e "s/^SERVICES_SEVENTH_GROUP=\".*/SERVICES_SEVENTH_GROUP=\"\"/g" /etc/sysconfig/MonTier

...

Cell Manager Installation

Prerequisites

  • DPOD cell manager  should be installed in Non-Appliance Mode with Medium Load architecture type, as detailed in the Hardware and Software Requirements. The manager server can be both virtual or physical.


Installation

Install DPOD as described in one of the following installation procedures:

Note
Important !!  During the Cell Manager installation the user will be asked to choose the data disk type (SSD / non SSD) - choose the cell members disk type (should be SSD)


Note

As described in the prerequisites section, the cell manager should have two network interfaces.

When installing DPOD, the user is prompted to choose the IP address for the Web Console - this should be the IP address of the external network interface.

Federated Cell Member Installation

The following section describes the installation process of a single Federated Cell Member (FCM). User should repeat the procedure for every FCM installation.

Prerequisites

  • DPOD federated cell member (FCM) should be installed in Non-appliance Mode with High_20dv architecture type, as detailed in the Hardware and Software Requirements.
  • The following software packages (RPMs) are recommended for system maintenance and troubleshooting, but are not required: telnet client, net-tools, iftop, tcpdump, bc, pciutils

Installation

DPOD Installation

Note

As described in the prerequisites section, the federated cell member should have two network interfaces.

When installing DPOD, the user is prompted to choose the IP address for the Web Console - this should be the IP address of the external network interface (although the FCM does not run the Web Console service).


  • After DPOD installation is complete, the user should execute the following operating system performance optimization script:
Code Block
themeRDark
/app/scripts/tune-os-parameters.sh


Note

User should reboot the server for the new performance optimization to take effect.

Preparing Cell Member for Federation

Preparing Mount Points

The cell member is usually a "bare metal" server with NVMe disks for maximizing server throughput.

Each of the Store's logical node (service) will be bound to a specific physical processor, disks and memory using NUMA (Non-Uniform Memory Access) technology.

The default cell member configuration assumes 6 NVMe disks which will serve 3 Store logical nodes (2 disks per node).

The following OS mount points should be configured by the user before federating the DPOD cell member to the cell environment.

Note

We highly recommend the use of LVM (Logical Volume Manager) to allow flexible storage for future storage needs.


Empty cells in the following table should be completed by the user, based on their specific hardware:

Store NodeMount Point PathDisk BayPCI Slot NumberDisk SerialDisk OS PathNUMA node (CPU #)
2/data2




2/data22




3/data3




3/data33




4/data4




4/data44




How to Identify Disk OS Path and Disk Serial
  1. To identify which of the server's NVMe disk bays is bound to which of the CPUs, use the hardware manufacture documentation.
    Also, write down the disk's serial number by visually observing the disk.

  2. In order to identify the disk OS path (e.g.: /dev/nvme01n),  disk serial and disk NUMA node use the following command :

    1. Identify all NVMe Disks installed on the server

      Code Block
      themeRDark
      lspci -nn | grep NVM
      
      expected output :
      
      5d:00.0 Non-Volatile memory controller [0108]: Intel Corporation Express Flash NVMe P4500 [8086:0a54]
      5e:00.0 Non-Volatile memory controller [0108]: Intel Corporation Express Flash NVMe P4500 [8086:0a54]
      ad:00.0 Non-Volatile memory controller [0108]: Intel Corporation Express Flash NVMe P4500 [8086:0a54]
      ae:00.0 Non-Volatile memory controller [0108]: Intel Corporation Express Flash NVMe P4500 [8086:0a54]
      c5:00.0 Non-Volatile memory controller [0108]: Intel Corporation Express Flash NVMe P4500 [8086:0a54]
      c6:00.0 Non-Volatile memory controller [0108]: Intel Corporation Express Flash NVMe P4500 [8086:0a54]


    2. Locate disk's NUMA node
      Use the disk PCI slot  listed in previous command  to identify the NUMA node (the first disk PCI slot is :  5d:00.0 )

      Code Block
      themeRDark
      linenumberstrue
      lspci  -s 5d:00.0 -v
      
      expected output :
      
      5d:00.0 Non-Volatile memory controller: Intel Corporation Express Flash NVMe P4500 (prog-if 02 [NVM Express])
              Subsystem: Lenovo Device 4712
              Physical Slot: 70
              Flags: bus master, fast devsel, latency 0, IRQ 93, NUMA node 1
              Memory at e1310000 (64-bit, non-prefetchable) [size=16K]
              Expansion ROM at e1300000 [disabled] [size=64K]
              Capabilities: [40] Power Management version 3
              Capabilities: [50] MSI-X: Enable+ Count=129 Masked-
              Capabilities: [60] Express Endpoint, MSI 00
              Capabilities: [a0] MSI: Enable- Count=1/1 Maskable- 64bit+
              Capabilities: [100] Advanced Error Reporting
              Capabilities: [150] Virtual Channel
              Capabilities: [180] Power Budgeting <?>
              Capabilities: [190] Alternative Routing-ID Interpretation (ARI)
              Capabilities: [270] Device Serial Number 55-cd-2e-41-4f-89-0f-43
              Capabilities: [2a0] #19
              Capabilities: [2d0] Latency Tolerance Reporting
              Capabilities: [310] L1 PM Substates
              Kernel driver in use: nvme
              Kernel modules: nvme

      From the command output (line number 8) we can identify the NUMA node ( Flags: bus master, fast devsel, latency 0, IRQ 93, NUMA node 1 )

    3. Identify NVMe Disks path
      Use the disk PCI slot  listed in previous command  to identify the disk's block device path

      Code Block
      themeRDark
      ls -la /sys/dev/block |grep  5d:00.0
      
      expected output :
      lrwxrwxrwx. 1 root root 0 Nov  5 08:06 259:4 -> ../../devices/pci0000:58/0000:58:00.0/0000:59:00.0/0000:5a:02.0/0000:5d:00.0/nvme/nvme0/nvme0n1


      Use the last part of the device path (nvme0n1) as input for the following command :

      Code Block
      themeRDark
      nvme -list |grep nvme0n1
      
      expected output :
      
      /dev/nvme0n1     PHLE822101AN3P2EGN   SSDPE2KE032T7L                           1           3.20  TB /   3.20  TB    512   B +  0 B   QDV1LV45


      The disk's path is  /dev/nvme0n1


  1. Use the disk bay number and the disk serial number (visually identified) and correlate them with the output of the disk tool to identify the disk OS path.
Example for Mount Points and Disk Configurations
Store NodeMount Point PathDisk BayPCI Slot NumberDisk SerialDisk OS PathNUMA node (CPU #)
2/data212PHLE822101AN3PXXXX/dev/nvme0n11
2/data222

/dev/nvme1n11
3/data34

/dev/nvme2n12
3/data335

/dev/nvme3n12
4/data412

/dev/nvme4n13
4/data4413

/dev/nvme5n13
Example for LVM Configuration
Code Block
themeRDark
pvcreate -ff /dev/nvme0n1
vgcreate vg_data2 /dev/nvme0n1
lvcreate -l 100%FREE -n lv_data vg_data2
mkfs.xfs -f /dev/vg_data2/lv_data

pvcreate -ff /dev/nvme1n1
vgcreate vg_data22 /dev/nvme1n1
lvcreate -l 100%FREE -n lv_data vg_data22
mkfs.xfs /dev/vg_data22/lv_data


/etc/fstab file:

Code Block
themeRDark
/dev/vg_data2/lv_data    /data2                   xfs     defaults        0 0
/dev/vg_data22/lv_data   /data22                   xfs     defaults        0 0
/dev/vg_data3/lv_data    /data3                   xfs     defaults        0 0
/dev/vg_data33/lv_data   /data33                   xfs     defaults        0 0
/dev/vg_data4/lv_data    /data4                   xfs     defaults        0 0
/dev/vg_data44/lv_data   /data44                   xfs     defaults        0 0
Example for the Final Configuration for 3 Store's nodes
Note

This example does not include other mount points needed, as describe in Hardware and Software Requirements.


Code Block
themeRDark
# lsblk

NAME                MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
nvme0n1             259:0    0   2.9T  0 disk
└─vg_data2-lv_data  253:6    0   2.9T  0 lvm  /data2
nvme1n1             259:5    0   2.9T  0 disk
└─vg_data22-lv_data 253:3    0   2.9T  0 lvm  /data22
nvme2n1             259:1    0   2.9T  0 disk
└─vg_data3-lv_data  253:2    0   2.9T  0 lvm  /data3
nvme3n1             259:2    0   2.9T  0 disk
└─vg_data33-lv_data 253:5    0   2.9T  0 lvm  /data33
nvme4n1             259:4    0   2.9T  0 disk
└─vg_data44-lv_data 253:7    0   2.9T  0 lvm  /data44
nvme5n1             259:3    0   2.9T  0 disk
└─vg_data4-lv_data  253:8    0   2.9T  0 lvm  /data4

Install NUMA Software

Code Block
themeRDark
yum install numactl

Preparing Local OS Based Firewall

Most Linux-based OS uses a local firewall service (e.g.: iptables / firewalld).

Since the OS of the Non-Appliance Mode DPOD installation is provided by the user, it is under the user's responsibility to allow needed connectivity to and from the server.

User should make sure needed connectivity detailed in Network Ports Table is allowed on the OS local firewall service.

Note

When using DPOD Appliance mode installation for the cell manager, local OS based firewall service is handled by the cell member federation script.

Cell Member Federation

In order to federate and configure the cell member, run the following script in the cell manager once per cell member.

For instance, to federate two cell members, the script should be run twice (in the cell manager) - first time with the IP address of the first cell member, and second time with the IP address of the second cell member.


Important: The script should be executed using the OS root user.

Code Block
themeRDark
/app/scripts/configure_cell_manager.sh -a <internal IP address of the cell member> -g <external IP address of the cell member>
For example: /app/scripts/configure_cell_manager.sh -a 172.18.100.34 -g 172.17.100.33
Example for a Successful Execution
Code Block
themeRDark
 /app/scripts/configure_cell_manager.sh -a 172.18.100.36 -g 172.17.100.35

2018-10-22_16-13-16 INFO Cell Configuration
2018-10-22_16-13-16 INFO ===============================
2018-10-22_16-13-18 INFO 
2018-10-22_16-13-18 INFO Log file is : /installs/logs/cell_manager_configuration-2018-10-22_16-13-16.log
2018-10-22_16-13-18 INFO 
2018-10-22_16-13-18 INFO Adding new cell member with the following configuration :
2018-10-22_16-13-18 INFO Cell member internal address 172.18.100.36
2018-10-22_16-13-18 INFO Cell member external address 172.17.100.35
2018-10-22_16-13-18 INFO Syslog agents using TCP ports starting with 60000
2018-10-22_16-13-18 INFO Wsm agents using TCP ports starting with 60020 
2018-10-22_16-13-18 INFO 
2018-10-22_16-13-18 INFO During the configuration process the system will be shut down, which means that new data will not be collected and the Web Console will be unavailable for users.
2018-10-22_16-13-18 INFO Please make sure the required network connectivity (e.g. firewall rules) is available between all cell components (manager and members) according to the documentation.
2018-10-22_16-13-18 INFO 
2018-10-22_16-13-20 INFO Please choose the IP address for the cell manager server internal address followed by [ENTER]:
2018-10-22_16-13-20 INFO 1.) 172.18.100.32
2018-10-22_16-13-20 INFO 2.) 172.17.100.31
1
2018-10-22_16-14-30 INFO Stopping application ...
2018-10-22_16-15-16 INFO Application stopped successfully. 
root@172.18.100.36's password: 
2018-10-22_16-21-41 INFO Cell member configuration ended successfully.
2018-10-22_16-21-45 INFO Stopping application ...
2018-10-22_16-22-31 INFO Application stopped successfully. 
2018-10-22_16-22-31 INFO Starting application ...

Note that the script writes two log file, one in the cell manager and one in the cell member. The log file names are mentioned in the script's output.

Example for a Failed Execution
Code Block
themeRDark
 /app/scripts/configure_cell_manager.sh -a 172.18.100.36 -g 172.17.100.35

2018-10-22_16-05-03 INFO Cell Configuration
2018-10-22_16-05-03 INFO ===============================
2018-10-22_16-05-05 INFO 
2018-10-22_16-05-05 INFO Log file is : /installs/logs/cell_manager_configuration-2018-10-22_16-05-03.log
2018-10-22_16-05-05 INFO 
2018-10-22_16-05-05 INFO Adding new cell member with the following configuration :
2018-10-22_16-05-05 INFO Cell member internal address 172.18.100.36
2018-10-22_16-05-05 INFO Cell member external address 172.17.100.35
2018-10-22_16-05-05 INFO Syslog agents using TCP ports starting with 60000
2018-10-22_16-05-05 INFO Wsm agents using TCP ports starting with 60020 
2018-10-22_16-05-05 INFO 
2018-10-22_16-05-05 INFO During the configuration process the system will be shut down, which means that new data will not be collected and the Web Console will be unavailable for users.
2018-10-22_16-05-05 INFO Please make sure the required network connectivity (e.g. firewall rules) is available between all cell components (manager and members) according to the documentation.
2018-10-22_16-05-05 INFO 
2018-10-22_16-05-06 INFO Please choose the IP address for the cell manager server internal address followed by [ENTER]:
2018-10-22_16-05-06 INFO 1.) 172.18.100.32
2018-10-22_16-05-06 INFO 2.) 172.17.100.31
1
2018-10-22_16-05-09 INFO Stopping application ...
2018-10-22_16-05-58 INFO Application stopped successfully. 
root@172.18.100.36's password: 
2018-10-22_16-06-46 ERROR Starting rollback
2018-10-22_16-06-49 WARN Issues found that may need attention !!
2018-10-22_16-06-49 INFO Stopping application ...
2018-10-22_16-07-36 INFO Application stopped successfully. 
2018-10-22_16-07-36 INFO Starting application ...

In case of a failure, the script will try to rollback the configuration changes it made, so the problem can be fixed before rerunning it again.

Cell Member Federation Post Steps

NUMA configuration

DPOD cell member is using NUMA (Non-Uniform Memory Access) technology. The default cell member configuration binds DPOD's agent to CPU 0 and the Store's nodes to CPU 1.
If the server has 4 CPUs, the user should edit the service files of nodes 2 and 3 and change the bind CPU to 2 and 3 respectively.

Identifying NUMA Configuration

To identify the amount of CPUs installed on the server, use the NUMA utility:

Code Block
themeRDark
numactl -s

Example output for 4 CPU server :

policy: default
preferred node: current
physcpubind: 0 1 2 3 4 5 6 7 8 9 10 11 12 
cpubind: 0 1 2 3
nodebind: 0 1 2 3
membind: 0 1 2 3
Alter Syslog agents

The services files are located on the directory /etc/init.d/ with name prefix MonTier-SyslogAgent- (should be 4 service files)

Look in the service file the string "numa" and make sure the numa variable definition is as follows :

Code Block
themeRDark
numa="/usr/bin/numactl --membind=0 --cpunodebind=0"

/bin/su -s /bin/bash -c "/bin/bash -c 'echo \$\$ >${FLUME_PID_FILE} && exec ${numa} ${exec}......


Alter Store's Node 2 and 3 (OPTIONAL - only if the server has 4 CPUs)

The services files are located on the directory /etc/init.d/ with the name MonTier-es-raw-trans-Node-2 and MonTier-es-raw-trans-Node-3.

Code Block
themeRDark
For node MonTier-es-raw-trans-Node-2
OLD VALUE : numa="/usr/bin/numactl --membind=1 --cpunodebind=1"
NEW VALUE : numa="/usr/bin/numactl --membind=2 --cpunodebind=2"

For node MonTier-es-raw-trans-Node-3
OLD VALUE : numa="/usr/bin/numactl --membind=1 --cpunodebind=1"
NEW VALUE : numa="/usr/bin/numactl --membind=3 --cpunodebind=3"

Cell Member Federation Verification

After a successful execution, you will be able to see the new federated cell member in the Manage → System → Nodes page.
For example, after federating cell member the page should look as follows:

Image Added

Also, the new agents will be shown in the agents list in the Manage → Internal Health → Agents page.
For example, if the cell manager has two agents and there is a federated cell member with additional four agents, the page will show six agents:

Image Added

Configure the Monitored Device to the Federated Cell Member Agents

It is possible to configure entire monitored device or just a specific domain to the federated cell member's agents.

To configure monitored device / specific domain please follow instructions on Adding Monitored Devices.