Sunday, 31 October 2021

Adding a New Cloud Insights (CI) Acquisition Unit (AU)

 Official NetApp documentation is here: Configuring Acquisition Units (netapp.com)

In order to add a new Cloud Insights Acquisition Unit, you will need to have the following:

  1. A login to the NetApp Cloud Insights tenant (via invite)
  2. Monitor & Optimize Role: Administrator permission

And will have to have completed all your proxy/firewall requests as necessary.

1) Log into your NetApp Cloud Insights tenant:

https://YOURTENANT.cloudinsights.netapp.com/

2) In the right-hand panel click:

ADMIN > Data Collectors


3) Choose the option at the top for Acquisition Units and click + Acquisition Unit

4) Choose the Operating System of the Acquisition Unit server (here we are using Linux), and follow the Installation instructions as in the example below:




Troubleshooting Acquisition Unit Installation Problems on Linux

NetApp Documentation: Troubleshooting Acquisition Unit Problems on Linux (netapp.com)

Installation fails on SELinux

When the AU is installed on SELinux, SELinux should be either disabled or set to permissive mode. Once the installation is complete, enforcing mode can be enabled.


... but - potentially - when you reboot the CI AU, it may then fail to start (with SELinux enabled) and enterprises will not let you permanently disable SELinux (and nor should they.) Read on for what you should do in this case...


Note: I take no credit for the following section. This useful information comes from a Linux guru. Sharing here under the principle that good technical knowledge deserves to be disseminated for the benefit of seekers of help.


Installation of NetApp Cloud Insights AU on RHEL v8.4 (Without needing to permanently disable SELinux so the CI AU can survive a server reboot)

1) Check if noexec is set on tmpfs and set it to exec:

# mount |grep /tmp
# mount -o remount,exec /tmp

2) Check if enforcing is active and deactivate it:

# getenforce
# setenforce 0

3) Export proxy configuration (if required):

# export https_proxy='PROXY-SERVER:PORT' proxy_auth_scheme=''

4) Run the installer snippet from NetApp Cloud Insights WebUI to install the aquisition unit.

5) Reactivate noexec on tmpfs:

# mount -o remount,noexec /tmp

6) Reactivate Enforcing:

# setenforce 1

7) After installation change context for the symbolic link otherwise the CI AU service will not start after reboot because of active SELinux enforcing:

# chcon -h -u system_u -t usr_t /opt/netapp/cloudinsights/acq
# chcon -h -u system_u -t usr_t /opt/netapp/cloudinsights/acq/scripts/acquisition.server

After change the context should look like the following:

# ls -lZ /opt/netapp/cloudinsights/acq

  • Before: lrwxrwxrwx. 1 cisys cisys unconfined_u:object_r:unlabeled_t:s0
  • After: lrwxrwxrwx. 1 cisys cisys system_u:object_r:usr_t:s0

8) Check CI AU service status on server:

# cloudinsights-service.sh status

9) Reboot CI AU server and verify the service came up after the restart:

# cloudinsights-service.sh status


Additional Notes

restorecon command tries to restore the “original” context, and this usually only changes something when there was a previously defined context (which there is not in /opt/netapp). But we could have run these two commands instead of the commands in step 7:

# semanage fcontext -a -t usr_t "/opt/netapp/cloudinsights(/.*)?"
# restorecon –R /opt/netapp/cloudinsights

After a future upgrade of the NetApp CI software, it may be required to run the restorecon command again due to new files being copied to the system without the proper SELinux context.

Saturday, 30 October 2021

Updating a MySQL Table That's Missing FQDN DNS Information

I had to add a new column to a MySQL table for FQDN DNS data. We already have the IP addresses in the table. This table has nearly 10000 rows, so we need a relatively quick way to do a one off bulk update. This is the method I used, which didn't take long.

1) Acquire id and IP address from the table:

select id,trim(ip) from YOUR_TABLE where ip != '' order by id;

2) Export that to a CSV format.

If you're using MySQL workbench or something similar, it is very straightforward to do this.

3) We then turn to PowerShell and load the CSV:

[System.Array]$IPs = Import-CSV 'IPs.csv'

4) Run this one liner to acquire FQDNs for your IPs:

$IPs | Foreach{ $DNS = Resolve-DnsName $_.ip; IF($DNS){ ($_.id + "," + $_.ip + "," + $DNS.namehost) >> DNSs.csv} }

5) Load this CSV into Excel, and add the following formula into the 4th column:

="UPDATE YOUR_TABLE SET dns = '" &C1& "' WHERE id = "&A1&";"

6) Run the UPDATE commands and job done!