Configure GigaVUE Fabric Components in OpenStack
You can use your own OpenStack orchestration system to deploy GigaVUE fabric nodes and use GigaVUE-FM to configure the advanced features supported by these nodes. These nodes register themselves with GigaVUE-FM using the information provided by your OpenStack orchestration system. Once the nodes are registered with GigaVUE-FM, you can configure monitoring sessions and related services in GigaVUE-FM. Health status of the registered nodes are determined by the heartbeat messages sent from the respective nodes.
Keep in mind the following when deploying the fabric components using third party orchestration in integrated mode:
- In the above mentioned case, the Traffic Acquisition Tunnel MTU is set to the default value 1500. To edit the Traffic Acquisition Tunnel MTU, select the monitoring domain and click on the Edit Monitoring Domain option. Enter the Traffic Acquisition Tunnel MTU and click Save.
- When you deploy the fabric components using 3rd party orchestration, you cannot delete the monitoring domain without unregistering the registered fabric components.
- You can use OpenStack Orchestrator for GigaVUE fabric node configuration only using V Series 2 nodes.
- GigaVUE V Series Node must have a minimum of two Networks Interfaces (NIC) attached to it, a management NIC and a data NIC. You can add both these interfaces when deploying the GigaVUE V Series Node in OpenStack.
In your OpenStack dashboard, you can configure the following GigaVUE fabric components:
- Configure V Series Nodes and Proxy in OpenStack
- Configure G-vTAP Controller in OpenStack
- Configure G-vTAP Agent in OpenStack
Configure V Series Nodes and Proxy in OpenStack
To configure V Series Nodes and V Series Proxy in OpenStack platform:
-
Before configuring GigaVUE fabric components through OpenStack, you must create a monitoring domain in GigaVUE-FM. Refer to Create Monitoring Domain for detailed instructions.
- In the Monitoring Domain Configuration page, select No for the Use FM to Launch Fabric field as you are going to configure the fabric components in OpenStack Orchestrator.
- In your OpenStack environment, you can deploy V Series nodes or V Series proxy using the following methods:
Register V Series Nodes or V Series Proxy using OpenStack GUI
To register V Series nodes or proxy using the user data in OpenStack GUI:
- On the Instance page of OpenStack dashboard, click Launch instance. The Launch Instance wizard appears. For detailed information, refer to Launch and Manage Instances topic in OpenStack Documentation.
- On the Configuration tab, enter the Customization Script as text in the following format and deploy the instance. The V Series nodes or V Series proxy uses this customization script to generate config file (/etc/gigamon-cloud.conf) used to register with GigaVUE-FM.
Field
User Data User data without custom certificate
Copy#cloud-config
write_files:
- path: /etc/gigamon-cloud.conf
owner: root:root
permissions: '0644'
content: |
Registration:
groupName: <Monitoring Domain Name>
subGroupName: <Connection Name>
user: <Username>
password: <Password>
remoteIP: <IP address of the GigaVUE-FM> or <IP address of the Proxy>
remotePort: 443User data with custom certificate
Copy#cloud-config
write_files:
- path: /etc/cntlr-cert.conf
owner: root:root
permissions: "0644"
content: |
-----BEGIN CERTIFICATE-----
<certificate content>
-----END CERTIFICATE-----
- path: /etc/cntlr-key.conf
owner: root:root
permissions: "400"
content: |
-----BEGIN PRIVATE KEY-----
<private key content>
-----END PRIVATE KEY-----
- path: /etc/gigamon-cloud.conf
owner: root:root
permissions: '0644'
content: |
Registration:
groupName: <Monitoring Domain Name>
subGroupName: <Connection Name>
user: <Username>
password: <Password>
remoteIP: <IP address of the GigaVUE-FM> or <IP address of the Proxy>
remotePort: 443
- You can register your V Series node directly with GigaVUE‑FM or you can use V Series proxy to register your V Series node with GigaVUE‑FM. If you wish to register V Series node directly, enter the
remotePortvalue as 443 or if you wish to deploy V Series node using V Series proxy then, enter theremotePortvalue as 8891. - User and Password must be configured in the User Management page. Refer to Configure Role-Based Access for Third Party Orchestration for more detailed information. Enter the UserName and Password created in the Add Users Section.
Register V Series Node or V Series Proxy using a configuration file
To register V Series node or proxy using a configuration file:
- Log in to the V Series node or proxy.
- Create a local configuration file (/etc/gigamon-cloud.conf) and enter the following customization script.Copy
Registration:
groupName: <Monitoring Domain Name>
subGroupName: <Connection Name>
user: orchestration
password: orchestration123A!
remoteIP: <IP address of the GigaVUE-FM>
remotePort: 443Note: If you wish to register V Series node using V Series proxy then, enter the
remotePortvalue as 8891. - Restart the V Series node or proxy service.
- V Series node:
$ sudo service vseries-node restart
- V Series proxy:
$ sudo service vps restart
The deployed V Series node or V Series proxy registers with the GigaVUE-FM. After successful registration the V Series node or proxy sends heartbeat messages to GigaVUE-FM every 30 seconds. If one heartbeat is missing ,the fabric node status appears as 'Unhealthy'. If more than five heartbeats fail to reach GigaVUE-FM, GigaVUE‑FM tries to reach the V Series node or proxy and if that fails as well then GigaVUE‑FM unregisters the V Series node or proxy and it will be removed from GigaVUE‑FM.
- V Series node:
Configure G-vTAP Controller in OpenStack
To configure GigaVUE fabric components in OpenStack platform:
- Before configuring GigaVUE fabric components through OpenStack, you must create a monitoring domain in GigaVUE-FM. While creating the monitoring domain, select G-vTAP as the Traffic Acquisition Method. Refer to Create Monitoring Domain for detailed instructions.
- In the Monitoring Domain Configuration page, select No for the Use FM to Launch Fabric field as you are going to configure the fabric components in OpenStack Dashboard.
- In your OpenStack environment, launch the G-vTAP Controller using any of the following methods:
Register G-vTAP Controller using OpenStack GUI
To register G-vTAP Controller using the user data in OpenStack GUI:
- On the Instance page of OpenStack dashboard, click Launch instance. The Launch Instance wizard appears. For detailed information, refer to Launch and Manage Instances topic in OpenStack Documentation.
- On the Configuration tab, enter the Customization Script as text in the following format and deploy the instance. The G-vTAP Controller uses this customization script to generate config file (/etc/gigamon-cloud.conf) used to register with GigaVUE-FM.
Field
User Data User data without custom certificate
Copy#cloud-config
write_files:
- path: /etc/gigamon-cloud.conf
owner: root:root
permissions: '0644'
content: |
Registration:
groupName: <Monitoring Domain Name>
subGroupName: <Connection Name>
user: <Username>
password: <Password>
remoteIP: <IP address of the GigaVUE-FM>
remotePort: 443User data with custom certificate
Copy#cloud-config
write_files:
- path: /etc/cntlr-cert.conf
owner: root:root
permissions: "0644"
content: |
-----BEGIN CERTIFICATE-----
<certificate content>
-----END CERTIFICATE-----
- path: /etc/cntlr-key.conf
owner: root:root
permissions: "400"
content: |
-----BEGIN PRIVATE KEY-----
<private key content>
-----END PRIVATE KEY-----
- path: /etc/gigamon-cloud.conf
owner: root:root
permissions: '0644'
content: |
Registration:
groupName: <Monitoring Domain Name>
subGroupName: <Connection Name>
user: <Username>
password: <Password>
remoteIP: <IP address of the GigaVUE-FM>
remotePort: 443
- User and Password must be configured in the User Management page. Refer to Configure Role-Based Access for Third Party Orchestration for more detailed information. Enter the UserName and Password created in the Add Users Section.
The G-vTAP Controller deployed in OpenStack appears on the Monitoring Domain page of GigaVUE-FM.
Register G-vTAP Controller using a configuration file
To register G-vTAP Controller using a configuration file:
- Log in to the G-vTAP Controller.
- Create a local configuration file (/etc/gigamon-cloud.conf) and enter the following user data.Copy
Registration:
groupName: <Monitoring Domain Name>
subGroupName: <Connection Name>
user: <Username>
password: <Password>
remoteIP: <IP address of the GigaVUE-FM>
remotePort: 443 - Restart the G-vTAP Controller service.
$ sudo service gvtap-cntlr restart
The deployed G-vTAP Controller registers with the GigaVUE-FM. After successful registration the G-vTAP Controller sends heartbeat messages to GigaVUE-FM every 30 seconds. If one heartbeat is missing ,the fabric node status appears as 'Unhealthy'. If more than five heartbeats fail to reach GigaVUE-FM, GigaVUE‑FM tries to reach the G-vTAP Controller and if that fails as well then GigaVUE‑FM unregisters the G-vTAP Controller and it will be removed from GigaVUE‑FM.
- On the Instance page of OpenStack dashboard, click Launch instance. The Launch Instance wizard appears. For detailed information, refer to Launch and Manage Instances topic in OpenStack Documentation.
Configure G-vTAP Agent in OpenStack
G-vTAP Agent should be registered via the registered G-vTAP Controller and communicates through PORT 8891.
Note: Deployment of G-vTAP Agents through a third-party orchestrator is supported on Linux and Windows platforms. Refer to Linux G-vTAP Agent Installation and Windows G-vTAP Agent Installation for detailed information.
To register G-vTAP Agent using a configuration file:
-
Install the G-vTAP Agent in the Linux or Windows platform. For detailed instructions, refer to Linux G-vTAP Agent Installation and Windows G-vTAP Agent Installation.
- Log in to the G-vTAP Agent.
- Create a local configuration file and enter the following user data.
- /etc/gigamon-cloud.conf is the local configuration file in Linux platform.
- C:\ProgramData\gvtap-agent\gigamon-cloud.conf is the local configuration file in Windows platform.
CopyRegistration:
groupName: <Monitoring Domain Name>
subGroupName: <Connection Name>
user: <Username>
password: <Password>
remoteIP: <IP address of the G-vTAP Controller 1>,
<IP address of the G-vTAP Controller 2>
remotePort: 8891Note: User and Password must be configured in the User Management page. Refer to Configure Role-Based Access for Third Party Orchestration for more detailed information. Enter the UserName and Password created in the Add Users Section.
- Restart the G-vTAP Agent service.
- Linux platform:
$ sudo service gvtap-agent restart
- Windows platform: Restart from the Task Manager.
- Linux platform:
Note: You can configure more than one G-vTAP Controller for a G-vTAP Agent, so that if one G-vTAP Controller goes down, the G-vTAP Agent registration will happen through another Controller that is active.
The deployed G-vTAP Agent registers with the GigaVUE-FM through the G-vTAP Controller. After successful registration the G-vTAP Agent sends heartbeat messages to GigaVUE-FM every 30 seconds. If one heartbeat is missing, G-vTAP Agent status appears as 'Unhealthy'. If more than five heartbeats fail to reach GigaVUE-FM, GigaVUE‑FM tries to reach the G-vTAP Agent and if that fails as well then GigaVUE‑FM unregisters the G-vTAP Agent and it will be removed from GigaVUE‑FM.
Keep in mind the following when upgrading the GigaVUE-FM to 6.1.00 (when using third party orchestration to deploy fabric components):
When upgrading GigaVUE-FM to any version higher than 6.0.00 and if the GigaVUE V Series Nodes version deployed in that GigaVUE-FM are lower than or equal to 6.0.00, then for the seamless flow of traffic, GigaVUE-FM automatically creates Users and Roles in GigaVUE-FM with the required permission. The username would be orchestration and the password would be orchestration123A! for the user created in GigaVUE-FM. Ensure that there is no existing user in GigaVUE-FM, with the username orchestration.
It is recommended to change the password in the Users page, once the upgrade is complete. Refer to Configure Role-Based Access for Third Party Orchestration for detailed steps on how to change password in the user page.
