This section provides information about using the CDF Management Portal to deploy ESM for Fusion.
Open a new tab in a supported web browser.
Specify the URL for the CDF Management Portal:
https://<ESM_for_Fusion-server>:3000
NOTE:Use port 3000 when you are setting up the CDF for the first time. After the initial setup, use port 5443 to access the CDF Management Portal.
Use the fully qualified domain name of the host that you specified in the Connection step during the CDF configuration. Usually, this is the master node’s FQDN.
Log in to the CDF Management Portal with the credentials of the administrative user that you provided during installation.
Select the metadata file version in version, and then click Next.
Read the license agreement, and then select I agree.
Click Next.
On the Capabilities page, select the following options:
Fusion
ArcSight Command Center
(Optional) ArcSight Layered Analytics
NOTE:To use this capability, you must deploy both ArcSight Interset and ESM for Fusion in the same cluster.
Click Next.
On the Database page, retain the default values, and then click Next.
On the Deployment Size page, select the required cluster, and then click Next.
(Conditional) For worker node configuration, select Medium Cluster.
On the Connection page, an external host name is automatically populated. This is resolved from the virtual IP (VIP) specified during the CDF installation (--ha-virtual-ip parameter). Confirm that the VIP is correct and then click Next.
(Conditional) To set up high availability, complete the following steps:
IMPORTANT:You must configure high availability at this point in the process. You cannot add master nodes and configure high availability after installation.
Select Make master highly available.
On the Master High Availability page, add at least two additional master nodes.
On the Add Master Node page, specify the following details:
Specifies the fully qualified domain name (FQDN) of the node that you are adding.
Specifies whether you want the CDF Management Portal to ignore any warnings that occur during the pre-checks on the server.
If deselected, the add node process will stop and a window will display any warning messages. We recommend that you start with Ignore Warnings deselected in order to view any warnings displayed. You may then evaluate whether to ignore or rectify any warnings, clear the warning dialog, and then click Save again with the box selected to avoid stopping.
Specifies the user credential for logging in to the node.
Specifies whether the verification mode should be Password or Key-based.
For Password, you must also specify the your password.
For Key-based, you must first specify a user name and then upload a private key file when connecting the node with a private key file.
Applies only if you configured a Thinpool for the master node
Specifies the Thinpool Device path that you configured for the master node.
For example: /dev/mapper/docker-thinpool
You must have already set up the Docker thin pool for all cluster nodes that need to use thinpools, as described in the CDF Planning Guide.
Applies only if the master node has more than one network adapter
Specifies the flannel IFace value for Docker inter-host communication.
The value must be a single IPv4 address or name of the existing interface.
Click Save.
Repeat these steps for other master nodes.
Click Next.
(Conditional) For multi-node deployment, complete the following steps:
Select the Add Worker Node page.
To add additional worker nodes, click + (Add).
Specify the required configuration information.
Click Save.
Repeat these steps for each of the worker nodes you want to add.
Click Next.
(Conditional) To run the worker node on the master node , select Allow suite workload to be deployed on the master node, and then click Next.
NOTE:Before selecting this option, ensure that the master node meets the system requirements specified for the worker node.
To configure each NFS volume, complete the following steps:
Navigate to the File Storage page.
For File System Type, select Self-Hosted NFS.
Self-hosted NFS refers to the external NFS that you created while preparing the environment for CDF installation.
For File Server, specify the IP address or FQDN of the NFS server.
For Exported Path, specify the following paths for the NFS volumes:
|
NFS Volume |
File Path |
|---|---|
|
arcsight-volume |
<NFS_VOLUME_FOLDER>/arcsight-vol |
|
itom-vol-claim |
<NFS_VOLUME_FOLDER>/itom-vol |
|
db-single-vol |
<NFS_VOLUME_FOLDER>/db-single-vol |
|
itom-logging-vol |
<NFS_VOLUME_FOLDER>/itom-logging-vol |
|
db-backup-vol |
<NFS_VOLUME_FOLDER>/db-backup-vol |
Click Validate.
Ensure that you have validated all NFS volumes successfully before continuing with the next step.
Click Next.
To start deploying master and worker nodes, click Yes in the Confirmation dialog box.
Continue with Uploading Images to the Local Registry.
For the docker registry to deploy ESM for Fusion, it needs the following images associated with the deployment:
fusion-x.x.x.x
esm-x.x.x.x
(Optional) layered-analytics-x.x.x.x
You must upload these images to the local registry as follows:
Launch a terminal session, then log in to the master node as root or a sudo user.
Change to the following directory:
cd /<cdf_installer_directory>/scripts/
For example:
cd /opt/esm-cmd-center-installer-for-fusion-x.x.x.x/installers/cdf-x.x.x-x.x.x.x/scripts/
Upload required images to the local registry. When prompted for a password, use the admin user password for the CDF Management Portal:
./uploadimages.sh -d <downloaded_suite_images_folder_path>
For example:
./uploadimages.sh -d /<download_directory>/esm-cmd-center-installer-for-fusion-x.x.x.x/suite_images
Continue with Deploying ESM for Fusion.
After you upload the images to the local directory, the CDF uses these images to deploy the respective software in the cluster.
Log in to the CDF Management Portal.
On the Download Images page, click Next because all the required packages are already downloaded and uncompressed.
After the Check Image Availability page displays All images are available in the registry, click Next.
If the page displays any missing image error, upload the missing image.
(Optional) To monitor the progress of service deployment, complete the following steps:
Launch a terminal session.
Log in to the master node as root.
Execute the command:
watch 'kubectl get pods --all-namespaces'
After the Deployment of Infrastructure Nodes page displays the status of the node in green, click Next.
The deployment process can take up to 15 minutes to complete.
(Conditional) If any of the nodes show a red icon on the Deployment of Infrastructure Nodes page, click the retry icon.
IMPORTANT:CDF might display the red icon if the process times out for a node. Because the retry operation executes the script again on that node, ensure that you click retry only once.
After the Deployment of Infrastructure Services page indicates that all the services are deployed and the status indicates green, click Next.
The deployment process can take up to 15 minutes to complete.
Click Next.
Configure the pre-deployment settings in the CDF Management Portal, by making the following changes under ANALYTICS:
In the Cluster Configuration section, select 0 from the Hercules Search Engine Replicas drop-down list.
NOTE:By default, the value for Hercules Search Engine Replicas is 1.
In the Database Configuration section, disable Database.
In the Single Sign-on Configuration section, specify the values for Client ID and Client Secret.
To finish the deployment, click Next.
Copy the Management Portal link displayed on the Configuration Complete page.
Some of the pods on the Configuration Complete page might remain in a pending status until the product labels are applied on worker nodes.
(Conditional) For high availability and multi-master deployment, after the deployment has been completed, complete the following steps to manually restart the keepalive process:
Log in to the master node.
Change to the following directory:
cd /<k8S_HOME>/bin/
For example:
cd /opt/arcsight/kubernetes/bin/
Run the following script:
./start_lb.sh
Continue to the post-installation steps.