Linux UCT-V Installation

You can install UCT-V on various Linux distributions using Debian or RPM packages.

Refer to the following sections:

Single Network Interface Configuration

A single network interface card (NIC) serves as both the source and destination interface. UCT-V, with a single network interface configuration, enables you to monitor both ingress and egress traffic from the same NIC. The system uses the same interface to send monitored traffic.

Example

Consider a single interface eth0 in the monitoring instance. In the UCT-V configuration, you can configure eth0 as both source and destination, and also specify monitoring for both ingress and egress traffic. The monitored traffic from eth0 is mirrored and sent using the same eth0 interface.

Note:  Using a single NIC as the source and destination can lead to increased latency when sending traffic.

Sample Configuration

Example of the UCT-V configuration file for a single NIC configuration:

Grant permission to monitor ingress and egress traffic at iface 

            # eth0 mirror-src-ingress mirror-src-egress mirror-dst

Multiple Network Interface Configuration

In a multiple NIC configuration, UCT-Venables you to configure two NICs, one for the source and another for the destination.

Example

Consider two NICs, eth0 and eth1, in the monitoring instance.

In the UCT-V configuration, you can configure:

  • eth0 as the source interface, and specify to monitor egress traffic.

  • eth1 as the destination interface.

    Then, the mirrored traffic from eth0 is sent to eth1. From eth1, the traffic is sent to the GigaVUE V Series Node.

Sample: Example of the UCT-V configuration file for a dual NIC configuration:

Grant permission to monitor ingress and egress traffic at iface 

# 'eth0' to monitor and 'eth1' to transmit the mirrored packets 
# eth0 mirror-src-ingress mirror-src-egress  
# eth1 mirror-dst

Loopback Network Interface Configuration

UCT-V supports the ability to tap and mirror the loopback interface. You can tap the loopback interfaces on the workload that carries application-level traffic inside the Virtual Machine. The loopback interface is always configured as bidirectional traffic, regardless of the configurations provided in the configuration file.

Example—Configuration example to monitor ingress and egress traffic at interface lo and use the same interface to send out the mirrored packets.

# lo mirror-src-ingress mirror-src-egress mirror-dst

Linux Network Firewall Requirements

If Network Firewall requirements or security groups are configured in your environment, you must open the following ports for the virtual machine. For details, refer to Network Firewall Requirement for GigaVUE Cloud Suite.

Direction

Port

Protocol

CIDR

Purpose

Inbound

9902

TCP

UCT-V Controller IP

 Allows UCT-V to receive control and management plane traffic from UCT-V Controller

You can use the following commands to add the Network Firewall rule.

sudo firewall-cmd --add-port=9902/tcp

sudo firewall-cmd --runtime-to-permanent

Install Linux UCT-Vs

You must have sudo/root access to edit the UCT-V configuration file. Establish an SSH connection to the virtual machine and ensure you have permission to execute the sudo command.

You may need to modify the network configuration files for dual or multiple network interface configurations to ensure that the extra NIC/Network interface initializes at boot time.

Prerequisites

  • UCT-V is a standalone service. By default, most modern Linux operating systems come pre-installed with all the necessary packages for the UCT-V to function without additional configuration.

  • Before registering Linux UCT-V, you should generate token and place it in the /etc/gigamon-cloud.conf configuration file. For more information, refer to Configure Tokens.

You can install the UCT-Vs either from Debian or RPM packages using one of the following options:.

■   Install Linux UCT-Vs using Installation Script
■   Install Linux UCT-Vs using Manual Configuration

Refer to the following sections for more detailed information and step-by-step instructions.

Install Linux UCT-Vs using Installation Script

Using installation script, you can complete installation.

Perform the following steps:

  1. To install UCT-V from Ubuntu/Debian:
    a. Download the UCT-V6.11.00 Debian (.deb) package from the Gigamon Customer Portal. For assistance, contact Contact Technical Support.
    b. Copy this package to your instance and Install the package with root privileges. For example,

    $ ls gigamon-gigavue-uctv-6.11.00-amd64.deb

    $ sudo dpkg -i gigamon-gigavue-uctv-6.11.00-amd64.deb

  2. To install UCT-V from RPM, Red Hat Enterprise Linux, and CentOS:
    a. Download the UCT-V6.11.00 RPM (.rpm) package from the Gigamon Customer Portal. For assistance, contact Contact Technical Support.
    b. Copy this package to your instance and install the package with root privileges. For example,

    $ ls gigamon-gigavue-uctv-6.11.00-x86_64.rpm

    $ sudo rpm -i gigamon-gigavue-uctv-6.11.00-x86_64.rpm

  1. Use the command given below to perform pre-check, installation, and configuration functionalities.

    sudo uctv-wizard

    Note:  The installation script is not provided with the Debian or RPM packages. You can use the script (installation_wizard.sh/uctv-wizard) only after the UCT-V is installed.

    Refer to the table below to know more about uctv-wizard command usage options and functionalities:

    Options

    Use Command

    Description

    pre-check

    sudo uctv-wizard pre-check

    Checks the status of the required packages and firewall requirements.

    • If any package is missing, it displays an appropriate message with the missing package details.

    • If installation includes all the packages, it displays a success message indicating that UCT-V is ready for configuration.

    pkg-install

    sudo uctv-wizard pkg-install

    Note:  The uctv-wizard install command requires access to a repository, either public (internet-based) or local, that hosts prerequisite packages for installation. If no repository is accessible, you must manually install the required packages. Refer to Linux UCT-V Installation.

    Displays the missing package and version details. To proceed with the installation, you can choose between the following:

    If you wish to skip the prompts and proceed with the system update, enter your option as y. The console interface installs the missing packages and restarts the UCT-V service.

    Enter N if you wish to install it manually. For details, refer to Linux UCT-V Installation.

    configure

    sudo uctv-wizard configure

    First, it checks for any existing configured file in the tmp directory (file named gigamon-cloud.conf in the C:\Users\<username>\AppData\Local location). If available, UCT-V uses that configuration.

    If unavailable, UCT-V automatically adds the interface configuration in uctv.conf file, excluding the loopback (lo) interface, with all permissions enabled (source ingress, source egress, and destination).

    You can add the required policy for the available port if a firewall is installed.

    If you wish to skip the prompts to add the required firewall policy, enter your option as y. The console interface adds the firewall rules automatically.

    Enter N if you wish to configure manually. For details, refer to Linux UCT-V Installation section.

    uninstall

    sudo uctv-wizard uninstall

    Automatically stops the UCT-V service, removes the firewall rules, and uninstalls the UCT-V.

Notes:
■  Use the command below to view all the log messages generated from uctv-wizard. These log messages are stored at /var/log/uctv-installation.log

sudo vi /var/log/uctv-installation.log

■  Use the command below to know the usage descriptions for the individual operations.

sudo uctv-wizard help

Linux UCT-V Installation Scenarios

  1. Zero Touch Installation - When using a cloud-integrated script to deploy UCT-V in a virtual machine, no interference is required as the script installs and configures everything automatically.
  2. One Touch Installation - When using .deb or .rpm packages with all prerequisite packages in place, UCT-V determines that all dependencies are met. It performs auto-configuration and restarts the service.
  3. Two Touch Installation - When using .deb or .rpm packages with missing prerequisite packages, the platform displays a warning message about the missing packages. You need to install the missing packages using the sudo uctv-wizard pkg-install command.

Install Linux UCT-Vs using Manual Configuration

To install from a Debian package:

  1. Download the UCT-V6.11.00 Debian (.deb) package from the Gigamon Customer Portal. For assistance contact Contact Technical Support.
  2. Copy this package to your instance.
  3. Install the package with root privileges. For example,

    $ ls gigamon-gigavue-uctv-6.11.00-amd64.deb

    $ sudo dpkg -i gigamon-gigavue-uctv-6.11.00-amd64.deb

  4. Modify the file /etc/uctv/uctv.conf to configure and register the source and destination interfaces.
    The following examples registers eth0 as the mirror source for both ingress and egress traffic and eth1 as the destination for this traffic:

    Note:  When you have an active, successful monitoring session deployed, any modification to the UCT-V config file made after the initial setup requires a UCT-V restart and an inventory refresh or sync from GigaVUE‑FM to pick up the new changes and re-initiate the traffic mirroring. GigaVUE‑FM does a periodic sync on its own every 15 minutes.

    Example 1—Configuration example to monitor ingress and egress traffic at interface eth0 and use the same interface to send out the mirrored packets

    # eth0   mirror-src-ingress mirror-src-egress mirror-dst

    Example 2—Configuration example to monitor ingress and egress traffic at interface eth0 and use the interface eth1 to send out the mirrored packets

    # eth0   mirror-src-ingress mirror-src-egress

    # eth1   mirror-dst

    Example 3—Configuration example to monitor ingress and egress traffic at interface eth0 and eth 1; use the interface eth1 to send out the mirrored packets

    # eth0   mirror-src-ingress mirror-src-egress

    # eth1   mirror-src-ingress mirror-src-egress mirror-dst

    Example 4—Configuration example to monitor ingress traffic at iface 'eth0' and egress traffic at iface 'eth1' and use iface 'eth2' to transmit the mirrored packets.

    # eth0   mirror-src-ingress

    # eth1   mirror-src-egress

    # eth2 mirror-dst

    Example 5—Configuration example to monitor traffic at iface 'lo' that is always registered as bidirectional traffic regardless of the config and use iface 'eth0' to transmit the mirrored packets.

    # lo mirror-src-ingress mirror-src-egress

    # eth0 mirror-dst

    Note:  Ensure that the configuration for a single interface is provided on a single line.

  5. Save the file.
  6. Restart the UCT-V service.

$ systemctl restart uctv.service

The UCT-V status is displayed as running. Verify the status using the following command:

$ systemctl status uctv.service

To install from an RPM (.rpm) package on a RedHat, CentOS, or other RPM-based system:

  1. Download the UCT-V6.11.00 RPM (.rpm) package from the Gigamon Customer Portal.
    For assistance contact Contact Technical Support.
  2. Copy this package to your instance.
  3. Install the package with root privileges. For example,

    $ ls gigamon-gigavue-uctv-6.11.00-x86_64.rpm

    $ sudo rpm -i gigamon-gigavue-uctv-6.11.00-x86_64.rpm

  4. Modify the /etc/uctv/uctv.conf file to configure and register the source and destination interfaces.
    The following example registers the eth0 as the mirror source for both ingress and egress traffic and registers eth1 as the destination for this traffic as follows:

    Note:  When you have an active, successful monitoring session deployed, any changes to the UCT-V config file made after the initial setup require an UCT-V restart and an inventory refresh or sync from GigaVUE-FM to pick up the new changes and re-initiate the traffic mirroring. GigaVUE-FM does a periodic sync on its own every 15 minutes.

    Example 1—Configuration example to monitor ingress and egress traffic at interface eth0 and use the same interface to send out the mirrored packets

    # eth0   mirror-src-ingress mirror-src-egress mirror-dst

    Example 2—Configuration example to monitor ingress and egress traffic at interface eth0 and use the interface eth1 to send out the mirrored packets

    # eth0   mirror-src-ingress mirror-src-egress

    # eth1   mirror-dst

    Example 3—Configuration example to monitor ingress and egress traffic at interface eth0 and eth 1; use the interface eth1 to send out the mirrored packets

    # eth0   mirror-src-ingress mirror-src-egress

    # eth1   mirror-src-ingress mirror-src-egress mirror-dst

    Example 4—Configuration example to monitor ingress traffic at iface 'eth0' and egress traffic at iface 'eth1' and use iface 'eth2' to transmit the mirrored packets.

    # eth0   mirror-src-ingress

    # eth1   mirror-src-egress

    # eth2 mirror-dst

    Example 5—Configuration example to monitor traffic at iface 'lo' that is always registered as bidirectional traffic regardless of the config and use iface 'eth0' to transmit the mirrored packets.

    # lo mirror-src-ingress mirror-src-egress

    # eth0 mirror-dst

    Note:  Ensure that the configuration for a single interface is provided on a single line.

  5. Save the file.
  6. Restart the UCT-V service.
    $ sudo service uctv restart

The UCT-V status is displayed as running. Verify the status with the following command:

$ sudo service uctv status

Notes:
■   When UCT-V fails to start due to a “start-limit-hit” (caused by repeated restarts within 10 minutes), you should correct the underlying issue first. To clear the failure and allow UCT-V to restart, run the following command:

sudo systemctl reset-failed uctv.service

■   After installing UCT-V, refer to Deploy Fabric Components using Generic Mode for platform specific information to configure UCT-V using Third Party Orchestration.

Post Deployment Check:

After installing UCT-V, you can perform the following to verify the version of UCT-V:

  1. Enter the command:

     sudo uctvl uctv-show

  2. Manually execute the following command:

    export LD_LIBRARY_PATH=/usr/lib/uctv/ssl-lib64/

Register Linux UCT-V

It is mandatory to create a cloud configuration file and add the token to authenticate the UCT-V package with GigaVUE‑FM. The token is required only for initial registration before generating the certificate.You can use the token only once and do not need to maintain.

You can register UCT-V in your virtual machine in two ways:

  1. GigaVUE-FM Orchestration: Perform the following steps:

    1. Log in to the UCT-V.

    2. Create a local configuration file and enter the following user data:

      /etc/gigamon-cloud.conf is the local configuration file in the Linux platform.

      Registration:
      token: <Enter the token created in GigaVUE-FM>

    3. Restart the UCT-V service.

      Linux platform: 
      $ sudo service uctv restart

    For more details on how to create tokens, refer to .

  2. Third Party Orchestration: The third-party orchestration feature allows you to deploy UCT-V using your own orchestration system. UCT-V uses the information of the user to register with GigaVUE‑FM. You can register UCT-V toGigaVUE‑FM using Third Party Orchestration with the following two modes:

For more information, refer to Modes of Deployments

Note:  If you have already configured gigamon-cloud.conf file in the /tmp directory, you can directly use the uctv-wizard configure command (sudo uctv-wizard configure). This action automatically fetches the configuration file and completes the registration process.