NetBackup IT Analytics Data Collector Installation Guide for Fabric Manager

Last Published:
Product(s): NetBackup IT Analytics (11.5)
  1. Fabric Manager Data Collection overview
    1.  
      Introduction
    2.  
      Fabric Manager: Collection of SAN switch data
    3.  
      Switch zone alias collection
  2. Pre-Installation setup for Brocade switch
    1.  
      Pre-Installation setup for Brocade switch
    2.  
      Prerequisites for adding Data Collectors (Brocade switch)
    3.  
      Upgrade troubleshooting: Brocade BNA SMI-S (CIM) server and Java 11
    4.  
      Supported switches
    5.  
      Brocade switches: Default ports and firewall considerations
    6.  
      Installation overview (Brocade switch)
    7.  
      Brocade switch Data Collector policy
  3. Pre-Installation setup for Cisco switch
    1.  
      Pre-Installation setup for Cisco switch
    2.  
      Prerequisites for adding Data Collectors (Cisco switch)
    3.  
      Upgrade troubleshooting: Cisco DCNM SMI-S (CIM) server and Java 11
    4.  
      Cisco switches: Default ports and firewall considerations
    5.  
      Installation overview (Cisco switch)
    6.  
      Cisco switch Data Collection policy
    7.  
      Before you start Cisco switch Data Collection
  4. Pre-Installation setup for Brocade Zone alias
    1.  
      Pre-Installation setup for Brocade zone alias
    2.  
      Prerequisites for adding Data Collectors (Brocade zone alias)
    3.  
      Brocade switches: Default ports and firewall considerations
    4.  
      Installation overview (Brocade zone alias)
    5.  
      Brocade zone alias Data Collector policy
  5. Pre-Installation setup Cisco Zone alias
    1.  
      Pre-Installation setup Cisco zone alias
    2.  
      Prerequisites for adding Data Collectors (Cisco zone alias)
    3.  
      Cisco switches: Default ports and firewall considerations
    4.  
      Installation overview (Cisco Zone Alias)
    5.  
      Cisco zone alias Data Collector policy
  6. Installing the Data Collector software
    1.  
      Introduction
    2.  
      Installing the WMI Proxy service (Windows host resources only)
    3.  
      Testing WMI connectivity
    4.  
      Considerations to install Data Collector on non-English systems
    5.  
      Install Data Collector Software on Windows
    6.  
      Install Data Collector software on Linux
    7.  
      Deploy Data Collector in native Kubernetes environment
    8.  
      Configure Data Collector manually for Veritas NetBackup
    9.  
      Install Data Collector binaries on Windows (without configuration)
    10.  
      Install Data Collector binaries on Linux host (without configuration)
  7. Validating Data Collection
    1.  
      Validation methods
    2.  
      Data Collectors: Vendor-Specific validation methods
    3. Working with on-demand Data Collection
      1.  
        View real-time logging during an on-demand collection
    4.  
      Using the CLI check install utility
    5.  
      List Data Collector configurations
  8. Uninstalling the Data Collector
    1.  
      Uninstall the Data Collector on Linux
    2.  
      Uninstall the Data Collector on Windows
  9. Manually starting the Data Collector
    1.  
      Introduction
  10. Appendix A. Firewall configuration: Default ports
    1.  
      Firewall configuration: Default ports

Prerequisites for adding Data Collectors (Brocade switch)

General prerequisites:

  • 64-bit OS. See the Certified Configurations Guide for supported operating systems.

  • Verify the rpm fontconfig is installed. Fontconfig is a library designed to provide system-wide font configuration, customization and application access. If the rpm fontconfig is not installed, the installer will not be able to load User Interface Mode. This is a prerequisite for a new Data Collector installation.

  • Supports Amazon Corretto 17. Amazon Corretto is a no-cost, multi-platform, production-ready distribution of the Open Java Development Kit (OpenJDK).

  • For performance reasons, do not install Data Collectors on the same server as the NetBackup IT Analytics Portal. However, if you must have both on the same server, verify that the Portal and Data Collector software do not reside in the same directory.

  • Install only one Data Collector on a server (or OS instance).

While the general requirements to configure the policy are listed above, the prerequisites specific to the collection method are categorized below.

Prerequisites for SMI-S

The following are the prerequisites for is SMI-S is selected for Collection method:

  • A single Data Collector can include all supported switches--Brocade, and Cisco. In fact, this single Data Collector can be used for other enterprise objects, such as backup products and storage arrays.

  • The Data Collector accesses the SMI agent server to retrieve data, so the user ID and password for that server is required. This is true only when collection type in policy is SMI-S.

  • A single Data Collector can be installed for multiple backup, storage, and fabric products.

  • Verify that a host-based SMI agent is installed. The SMI agent must be installed on a host that can communicate with the Fabric. See the relevant switch vendor documentation for details.

Prerequisites for REST APIs

The following are the prerequisites if REST API option is selected for Collection method:

  • Same user ID and password should be configured on all the switches in the Fabric. Users with Read-Only access can login.

  • To collect the Simple Network Management Protocol (SNMP) responses, client must be registered on each Brocade switch from which traps are to be collected.

  • In Brocade REST API / Command Line Interface Server Address(es), in Brocade Switch Data Collector policy, configure switch IP address / fully qualified switch name.

    Note:

    For Configured Switch, Collector also collects Switch information from all other Switches in the Fabric. Collector uses the same User ID and Password, as configured in the Policy, to connect to other Switches.

  • Enable session-based connection. The REST API Collection Method uses session-based approach to connect to the switch. If the login session is successful, it utilizes the session to collect the required data and then logs out to release the session.

  • The following URIs should be accessible on Switches:

    • /rest/running/fabric/fabric-switch OR /rest/running/brocade-fabric/fabric-switch

    • /rest/running/switch/fibrechannel-switch OR /rest/running/brocade-fibrechannel-switch/fibrechannel-switch

    • /rest/running/brocade-interface/fibrechannel

    • /rest/running/brocade-chassis/chassis

    • /rest/running/brocade-fru/blade

    • /rest/running/brocade-fibrechannel-trunk/trunk

    • /rest/running/brocade-fru/fan

    • /rest/running/brocade-fru/power-supply

    • /rest/running/brocade-media/media-rdp

    • /rest/running/brocade-name-server/fibrechannel-name-server

    • /rest/running/zoning/defined-configuration OR /rest/running/brocade-zone/defined-configuration

    • /rest/running/zoning/effective-configuration OR /rest/running/brocade-zone/effective-configuration

    • /rest/running/brocade-fibrechannel-configuration/fabric

    • /rest/brocade-fru/sensor

    • /rest/running/brocade-interface/fibrechannel-statistics/

    • /rest/running/brocade-chassis/ha-status

    • /rest/running/logical-switch/fibrechannel-logical-switch OR /rest/running/brocade-fibrechannel-logical-switch/fibrechannel-logical-switch

      Note:

      The Status column of Collection Status page displays warning message if any of the following URLs is not accessible.

Prerequisites for Command Line Interface method

The following are the prerequisites for Command Line Interface option of Collection method. This method is supported for Brocade Switch FOS version 7.4.2 and later.

The following are the prerequisites to collect for Switch Details probe: TCP port 22 (all SAN switches)

  1. Use IP address of the principal switch only - one principal switch per policy while configuring the Brocade policy.

  2. The following list of commands must be accessible:

    fabricshow, lscfg --show -n, switchshow, dnsConfig -show, bannershow, uptime, portshow -i %min-index%-%max-index% -f, ipaddrshow, chassisshow, trunkshow, fanshow, psshow, sfpshow -all, nsshow -t, zoneshow, configure -show, fabricPrincipal --show, sensorshow, haShow, firmwareshow, islshow, errdump, agshow, ag -show, licenseshow, configshow, mapsdb -show, seccertmgmt show -cert https, ldapcfg -show, userconfig --show -a, seccertutil show, license -show

  3. Minimum role required is switchadmin with default permissions for all RBAC classes for the Home LF and Chassis Roles:

     

    Home LF Role

    Chassis Role

    Remarks

    Option-1

    switchadmin (default RBAC)

    switchadmin (default RBAC)

    Works for most deployments, excluding AD and User config data collection (ldapcfg - show & userconfig --show -a will not work and data collection will end with warnings)

        

    Option-2

    switchadmin (default RBAC)

    admin (default RBAC)

    Required for deployments, excluding User config data collection (userconfig --show -a will not work and data collection will end with warnings).

        

    Option-3

    admin (default RBAC)

    admin (default RBAC)

    Covers complete data collection (all commands will be executed, without warnings)

  4. If a physical switch chassis is shared between multiple fabrics, create a single NetBackup IT Analytics Data Collector policy (including single principal switch) to avoid overlap. For example, the usplsansw510 & usplsansw520 are considered "shared" physical chassis.

The following are the prerequisites to collect FC Port Statistics using SNMP: UDP port 161 must be accessible from the Data Collector:

  1. This account must have a home Virtual Fabric and access to a list of Virtual Fabric IDs.

    • The minimum role required is switchadmin with default set of permissions for all RBAC classes.

    • It is possible to leverage the switchadmin or admin user configured for Switch details data collection as long as that user exists on all switches within the fabric (if shared, all fabrics), it has necessary SNMP privileges assigned and the username matches the SNMP v3 account.

  2. This account name must match the SNMP V3 username (= SNMP v3 account mentioned in the below section) and comes in addition to the CLI/SSH account used by Switch details probe.

  3. To retrieve FC Port Statistics from Brocade virtual fabrics / virtual switches:

    • Create a dedicated CLI user account with a role such that it has access to all virtual fabrics.

      • Add the user with the command:

        userconfig --add <snmp_user> -r <role> -l <list_of_virtual_fabric_ids> -h <home_fabric> -c <chassis_role>

      • If the user already exists, use:

        userconfig --addlf <snmp_user> -l <list_of_virtual_fabrics_ids> -r <role>

  4. Configure SNMP (Version 1, 2c or 3) on all the switches:

    • Set the IP address or Subnet in the SNMP access control on all the switches.

    • Configure SNMP v3 account on all the switches.

    • Security Level of v3 (AuthNoPriv, noAuthNoPriv)

  5. The following OIDs must be accessible to the SNMP user:

    OIDs for IF-MIB

    		 

    ifIndex, ifHCOutOctets, ifHCInOctets

       

    OIDs for FCMGMT-MID

    		 

    connUnitPortIndex, connUnitPortStatIndex, connUnitPortNodeWwn, connUnitPortStatCountFBSYFrames, connUnitPortStatCountPBSYFrames, connUnitPortStatCountFRJTFrames, connUnitPortStatCountPRJTFrames, connUnitPortStatCountClass1RxFrames, connUnitPortStatCountClass2RxFrames, connUnitPortStatCountClass3RxFrames, connUnitPortStatCountClass3Discards, connUnitPortStatCountRxMulticastObjects, connUnitPortStatCountTxMulticastObjects, connUnitPortStatCountRxLinkResets, connUnitPortStatCountTxLinkResets, connUnitPortStatCountRxOfflineSequences, connUnitPortStatCountTxOfflineSequences, connUnitPortStatCountLinkFailures, connUnitPortStatCountTxObjects, connUnitPortStatCountInvalidCRC, connUnitPortStatCountInvalidTxWords, connUnitPortStatCountPrimitiveSequenceProtocolErrors, connUnitPortStatCountLossofSignal, connUnitPortStatCountLossofSynchronization, connUnitPortStatCountInvalidOrderedSets, connUnitPortStatCountFramesTooLong, connUnitPortStatCountFramesTruncated, connUnitPortStatCountAddressErrors, connUnitPortStatCountDelimiterErrors, connUnitPortStatCountRxObjects, connUnitPortStatCountEncodingDisparityErrors, connUnitPortStatCountBBCreditZero, connUnitPortStatCountInputBuffersFull

       

    OIDs for SW-MIB

    		 

    swFCPortIndex, swConnUnitBadEOF, swConnUnitLCRX, swFCPortTxWords, swFCPortRxWords, swFCPortTxFrames, swFCPortRxFrames, swFCPortTooManyRdys, swFCPortNoTxCredits, swFCPortRxEncInFrs, swFCPortRxCrcs, swFCPortRxTruncs, swFCPortRxTooLongs, swFCPortRxBadEofs, swFCPortRxEncOutFrs, swFCPortC3Discards, swFCPortMcastTimedOuts

  6. Access to MIBs can be checked using snmpconfig --show mibcapability command as follows:

    • snmpconfig -snmpconfig --show snmpv3 shows the configured user with auth and priv protocol.

    • snmpconfig-show accesscontrol shows access list configuration.

    • snmpconfig --set accesscontrol asks prompts to update accesscontrol list and add collector IP or subnet.

    • snmpconfig -show mibcapability must show sw-mib, if-mib, and fcmgmt-mib as enabled.