Installation and Upgrade Guide

Fidelia NetVigil is a distributed application that has three basic software components:

BVE ObjectStore (configuration database)

BVE WebApp (User Interface)

DGE (Data Gathering Engines)

Depending on the size of your network, you can install all of these components on a single server, or you can install components on independent servers. On Unix systems, each component can be installed separately. On Windows systems, the BVE WebApp and the BVE ObjectStore are always on the same server, but the DGE can be on a separate server.

New DGEs can be added easily at a later date as your IT infrastructure expands. The plugin actions and the plugin monitors allow extending the functionality of the DGEs very easily.

2.2 Supported Platforms

RedHat Enterprise 3 and other Linux distributions with equivalent kernel level (2.4.21) on Intel x86 platforms (includes SUSE 9, Fedora 3).

Solaris 7 and above on UltraSparc platforms.

Windows 2003, Windows 2000 and XP Professional

You can use uname -s -r to determine the kernel version on Unix & Linux platforms.

2.3 Recommended Hardware

For a small setup (about 100 devices), the entire application can be installed and run from a single server.

For better performance, adding memory is the most critical factor. SCSI drives are strongly recommended in large environments.

2.3.1 Disk Space Requirements

The software installation (all platforms) requires 500M of disk space. If you distribute NetVigil components (provisioning database, Web server, and DGEs) across several hosts, each host must have 500M of available disk space.

The following directories, which are created when NetVigil is installed, have variable size requirements:

NETVIGIL_HOME/database, provisioning data

NETVIGIL_HOME/database, DGE historical data

NETVIGIL_HOME/logs

2.3.2 Sizing Considerations for Large Sites

For large installations with several thousand devices, it is recommended that an additional DGE (for monitoring) is added for every 800-1200 devices (approximately every 20k tests). The actual capacity depends on the number of tests on each device, since a server might only have 4-5 tests but a large switch with 500 ports can have 5000 tests (bytes, packets, errors). If a DGE cannot handle a large number of tests, the internal queues start backing up and a message is automatically logged to the error log.

Pentium 4 Xeon or Sparc Ultra III (1GHz) processors with 1GB memory, 2x18G SCSI/IDE drives (or RAID-5/RAID-10)

The provisioning and webapp servers are not disk intensive, but do use the CPU intensively for processing and generating reports.

2.4 Additional Software Requirements

Perl version 5.005 and above programming language/interpreter (available from www.perl.com) should be installed on Linux/Solaris platforms. A Perl interpreter is bundled with the Windows version and need not be pre-installed.

2.5 System Performance Tuning

You can increase performance by running a caching nameserver on the servers that run the DGE component.

On Linux systems, the file descriptors should be increased to 8192 by editing the following files:

Edit /etc/security/limits.conf, and add the lines:

Increase the system-wide file descriptor limit by adding the following three lines to the /etc/rc.d/rc.local startup script:

On Linux systems, if you are using IDE drives, you can increase I/O performance by turning on 32bit io, direct memory access and multi block reads using:

Make sure to replace /dev/hda with the proper device name appropriate for your system. This command should be added to /etc/rc.local.

On Solaris systems, the following patch should be installed:

Table 2.1 Solaris patches for NetVigil installation
Solaris Version	Patch Id	Note	Description
Solaris 7 (5.7)	106327-06	required	Shared library patch for C++
Solaris 2.6 (5.6)	105591-07	required	Shared library patch for C++

In addition, make sure the patches appropriate for your Solaris version listed at http://java.sun.com/j2se/1.3/install-solaris-patches.html have been installed.

2.5.1 Increasing Java Memory (JVM) Size

If you add additional physical memory on your DGE or other servers, you should increase the memory size of the Java Virtual Memory used by NetVigil. The DGE, BVE ObjectStore and the WebApp all run as separate processes and have their own JVM size setting. In most situations, you will probably increase the DGE and the WebApp memory sizes. The following steps are for increasing the JVM size for the DGE- the steps for the web application are similar.

Shut down the DGE (or web application) using the Control Panel on Windows or using the corresponding init script on Unix.

Start > Control Panel > Admin Tools > Services
$NETVIGIL_HOME/etc/monitor.init stop # on Unix

On Windows, edit the following file using Notepad (turn off the word wrap feature)

and add/edit the following line at the end of the file to add an additional 512M of memory to the DGE process:

On Unix, edit $NETVIGIL_HOME/etc/monitor.init and search for Xmx256. Replace this with Xmx768 to add an additional 512M of JVM.

Remember that you should always dedicate physical memory to the java process, not swap. i.e. if you have 2GB of swap space, but only 512M of physical memory, you should set the JVM size to less than 512M and NOT 2GB.

2.5.2 System Security Issues

It is strongly recommended that all daemons or server processes not required on the servers running NetVigil be shutdown and disabled on startup (this includes telnet, ftp, etc.). All logins and file transfers should be done using 'ssh' or 'scp' into your servers. For advanced firewall rules, please see the Section 3.6, "Operating NetVigil Behind Firewalls" on page 41.

2.6 First-time Installation

The NetVigil distribution for Linux/Solaris consists of two compressed archives (tar.gz) provided either on a CDROM or downloadable via HTTP/FTP:

netvigil-base-OS.tar.gz

netvigil-x.y.z-OS.tar.gz

Where x represents major, y is the minor version of the software, z is the maintenance release number and OS is the operating system. Example, netvigil-3.6.1-linux.tar.gz.

In addition to the installation files, you need a license key. This can be either a limited-time trial key, or a permanent key based on the terms of your purchase.

2.6.1 Planning Checklist

Prior to your install, you should ensure that you have complete information about your IT environment where NetVigil is being installed.

Table 2.2 NetVigil Installation Checklist
Item	Notes
Number of geographical locations with significant concentration of devices:	Instead of geographical locations, can consider network topology instead. Put a DGE in each location with a concentration of devices, and for small remote locations, use a single centralized DGE
Number of devices to be monitored in each location:	This is for sizing the DGE at each location. Each DGE can handle 500-1500 devices on an average.
Any large switches, routers or servers in each location?	A large switch with 500 ports will have close to 3000 tests (6 tests per port) which is the same as the number of tests on 100 devices.
Number of departments accessing system:	You need to decide on the permissions each department will have- view only or full control. Will they own their device configuration and management in NetVigil or will a central department do it for them?
Any existing custom monitors that need to be migrated to NetVigil?	Use the various APIs to interface any custom monitoring scripts to NetVigil (see Advanced Development Guide).
Do you need to interface with any existing provisioning system?	When you add new devices on the network, do you have an existing inventory system which can be tied into NetVigil directly.
Any other web server or MySQL running on the Netvigil Server?	Netvigil comes with its own web server.You should disable IIS or any other web server or else setup Netvigil to run on an alternate port as discussed in Section 3.4.11, "Web server TCP/IP port" on page 37.Also ensure that no firewall is running on the host.See "Problem: Cannot access Web Application" on page 362

2.6.2 Linux & Solaris Installations

The table that follows lists the tasks that you must perform in order to install NetVigil on a Unix system, and the shell command corresponding to each task.

Table 2.3 NetVigil Unix Installation Tasks
Installation Task	Shell Command
Change to a temporary location with at least 100 MB disk space	cd /var/tmp
Copy the downloaded archives to the temporary directory	cp /download/dir/netvigil-x.y.z- OS.tar.gz . cp /download/dir/netvigil-base-OS.tar.gz .
Extract the OS software package. Do not uncompress/extract the files within the base package `netvigil-base-OS.tar.gz`	gunzip -c netvigil-x.y.z-OS.tar.gz \| tar xvf -
Change into the directory with newly extracted files. The package will be extracted into a directory named `netvigil-x.y.z`	cd netvigil-x.y.z
If you need to make any changes to the software license key, you should make them before running the installation script. If the terms of your license have changed (e.g. change in expiration date, number of devices, etc.), a new license file would be provided to you by Fidelia customer support. The new key should be saved into `netvigil-x.y.z/etc/licenseKey.xml` file, replacing any existing file.
Run the installation script (as root)	su root sh ./install.sh
The installation script will ask a series of questions to determine your requirements. When asked for the location of the base package, specify `/var/tmp/netvigil-base.tar.gz`. Once all necessary information has been collected, the software package will be installed under the specified directory and you are ready to start using NetVigil. This directory will have the following general layout:

NETVIGIL_HOME

apps/ : supporting applications required for NetVigil

bin/ :Utility software for NetVigil components

database/ : NetVigil runtime database for tests & provisioning

etc/ : NetVigil configuration files and startup scripts

lib/ : NetVigil component libraries

logs/ : NetVigil error and debug log files

plugin/ : User custom actions and monitors

transforms/ : XSL files for report transformation

utils/ : Useful utility tools

webapp/ : The web application

2.6.3 Windows Installation

netvigil-x.y.z-windows.exe

To begin installation:

Double-click on netvigil-x.y.z-windows.exe.

Provide answers to the requested information.

After the files have been copied and the installer has quit, reboot the machine (Start | Shutdown | Reboot).

2.7 Upgrading From Previous Versions

Before beginning the upgrade process from a previous version of NetVigil, you must ensure that you have a current and verified backup of your existing NetVigil installation available, so that you can recover from a failed upgrade. To accomplish this, you can simply make a copy of the

directories to a safe location. Once it has been verified that a backup exists, follow the method outlined in Section 2.6, "First-time Installation" on page 18 to install the new package. Make sure to specify the same locations as your existing NetVigil installation as the destination path, and answer y (or yes) when asked if you wish to preserve the existing database.

It is highly recommended that you contact Fidelia Support before upgrading your NetVigil installation in case there are any updated procedures that you need to be aware of.

2.8 Adding an Additional DGE

2.9 Quick Start (Running NetVigil)

The following quick start steps will enable you to start using the NetVigil system immediately if all components are installed on a single server, and you don't have any other conflicting applications running on the host (such as another web server or SQL database). For a distributed installation (e.g. the DGE on a different physical server), please see Chapter 3, "Configuration and Operations" for proper configuration since this requires editing several configuration files.

The installation process creates default configuration files suitable to run all the NetVigil components on the same server. The default database configuration will contain one DGE location named Default Location, one DGE component named localhost and a User-Class named Default User Group. It creates a default end-user called netvigil with the password netvigil and a superuser login with password netvigil.

Make sure that your NetVigil license key is not expired (NETVIGIL_HOME/etc/licenseKey.xml), and you are not running any other web server on the NetVigil host which might prevent NetVigil's web service from starting up (on TCP port 80).

Start NetVigil components. On Linux/Solaris platform execute the commands
cd NETVIGIL_HOME

; 
etc/netvigil.init start

On Windows platforms select
Start | Programs | Fidelia NetVigil | Start Fidelia NetVigil.

Check for proper operation of different components using the netvigil.init status command on Unix or looking at the output of net start | more on Windows platforms. (For additional information, see Section 3.3.3, "Verifying proper operation" on page 30.) The most common reasons for not starting up are:

either the license is expired (you can get new evaluation license by sending email to support@fidelia.com)

or else some other web server is running and using the httpd port.

or you did not reboot your machine after installing on a Windows platform.

If the components did not start, you will have to fix the cause and then restart NetVigil using netvigil.init restart

Use your web browser to connect to http://your_host/ where your_host is the fully qualified name or ip address of the server that the NetVigil web application component is running on.

Log into the website using end-user name localuser and the password localpassword

Add a few sample devices to verify that the system is functioning properly. Go to Manage > Devices > CreateNew and try adding `localhost' or any other test device.

Log out, and log back in as superuser with password netvigil. If you want to create additional departments and admin-groups, you should do so now as described in Chapter 8, "Users and Departments"

Populate the system with devices- go to SuperUser -> Discover and run a new discovery on your network. For more information, see Chapter 5, "Network & Topology Discovery".

2.10 What Next

Setup actions and notifications (email, pager)

Configure the Message Handler for monitoring traps and logs.

Change the password for the default user and superuser (after logging into the Web application, go to Manage->Prefs)

Set your timezone (also under Manage->Prefs)

Change the DGE controller password (see Section 3.4.8, "DGE controller port/password" on page 35)

Update device dependencies if needed (setup parent/child relationships) to prevent alarm floods.

After running the system for a few days, either update the thresholds manually if you are getting too many alerts, else use the "baseline" feature to automatically reset the thresholds.

Setup Service Containers as required to model your services.

Scheduled tasks (cron jobs)

There is a sample crontab file NETVIGIL_HOME/etc/crontab.netvigil that should be installed into all your servers. The file contains periodic maintenance tasks and ensure a smooth and trouble free operation of the NetVigil system. Depending on which components you are running on a particular host, you will need to uncomment (remove '#') appropriate sections of the file after you import it into root's crontab.