Official NetApp documentation is here: Configuring Acquisition Units (netapp.com)
In order to add a new Cloud Insights Acquisition Unit, you will need to have the following:
- A login to the NetApp Cloud Insights tenant (via invite)
- Monitor & Optimize Role: Administrator permission
And will have to have completed all your proxy/firewall requests as necessary.
1) Log into your NetApp Cloud Insights tenant:
https://YOURTENANT.cloudinsights.netapp.com/
2) In the right-hand panel click:
ADMIN > Data Collectors
3) Choose the option at the top for Acquisition Units and click + Acquisition Unit
4) Choose the Operating System of the Acquisition Unit server (here we are using Linux), and follow the Installation instructions as in the example below:
Troubleshooting Acquisition Unit Installation Problems on Linux
NetApp Documentation: Troubleshooting Acquisition Unit Problems on Linux (netapp.com)
Installation fails on SELinux
When the AU is installed on SELinux, SELinux should be either disabled or set to permissive mode. Once the installation is complete, enforcing mode can be enabled.
... but - potentially - when you reboot the CI AU, it may then fail to start (with SELinux enabled) and enterprises will not let you permanently disable SELinux (and nor should they.) Read on for what you should do in this case...
Installation of NetApp Cloud Insights AU on RHEL v8.4 (Without needing to permanently disable SELinux so the CI AU can survive a server reboot)
1) Check if noexec is set on tmpfs and set it to exec:
# mount |grep /tmp
# mount -o remount,exec /tmp
# getenforce
# setenforce 0
3) Export proxy configuration (if required):
# export https_proxy='PROXY-SERVER:PORT' proxy_auth_scheme=''
4) Run the installer snippet from NetApp Cloud Insights WebUI to install the aquisition unit.
5) Reactivate noexec on tmpfs:
# mount -o remount,noexec /tmp
# setenforce 1
7) After installation change context for the symbolic link otherwise the CI AU service will not start after reboot because of active SELinux enforcing:
# chcon -h -u system_u -t usr_t /opt/netapp/cloudinsights/acq
# chcon -h -u system_u -t usr_t /opt/netapp/cloudinsights/acq/scripts/acquisition.server
After change the context should look like the following:
# ls -lZ /opt/netapp/cloudinsights/acq
- Before: lrwxrwxrwx. 1 cisys cisys unconfined_u:object_r:unlabeled_t:s0
- After: lrwxrwxrwx. 1 cisys cisys system_u:object_r:usr_t:s0
# cloudinsights-service.sh status
# cloudinsights-service.sh status
Additional Notes
A restorecon command tries to restore the “original” context, and this usually only changes something when there was a previously defined context (which there is not in /opt/netapp). But we could have run these two commands instead of the commands in step 7:
# semanage fcontext -a -t usr_t "/opt/netapp/cloudinsights(/.*)?"
# restorecon –R /opt/netapp/cloudinsights
After a future upgrade of the NetApp CI software, it may be required to run the restorecon command again due to new files being copied to the system without the proper SELinux context.
Comments
Post a Comment