You can install Ops Center Administrator in a Linux environment that is running a supported version of a container runtime.
To enable maximum control of the environment, the application installer does not include a container runtime, an operating system, or a VM.
- Do not install multiple container runtimes such as Docker and Podman to the host OS. Always use a single container runtime.
- If you want to register Ops Center Administrator with Ops Center Common Services, do the following:
- Install Python3 before running the installer.
- Make sure that the host name of Ops Center Common Services is resolvable from the Ops Center Administrator server. If you want to use a host name that is not FQDN, set the IP address and the host name in the /etc/hosts file for name resolution.Note: After modifying the /etc/hosts file, run the following command to restart the Ops Center Administrator-related service.
For the Docker environment, run:
# systemctl restart docker
For the Podman environment, run:
# systemctl restart rainier
- Make sure that you have a user account with Ops Center Common Services that has the "Application Administrator" role to run the script.
Verify the following:
- You have root access to the OS where you plan to install Ops Center Administrator.
- IP forwarding and br_netfilter for the IP V4 network is installed on the operating system.
Verify by using the sysctl command (1 means enabled):
# sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 1 # sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-iptables = 1
- The OS running firewalld (for example, RHEL 7 or later) is configured to allow communication between containers as follows:
- Enable communication by adding the following to the trusted zone:
- For Docker, add docker0.
- For Podman add cni-podman0.
- The following example is for Docker:
# firewall-cmd --zone=trusted --change-interface=docker0 --permanent
# firewall-cmd --reload
- Enable IP masquerading for the default zone:
# firewall-cmd --add-masquerade --permanent
# firewall-cmd --reload
- Enable communication by adding the following to the trusted zone:
- A supported version of container runtime is installed in a Linux environment.When using Docker:
- Do not set the following service options to false:
- icc: Enable inter-container communication (default true).
- ip-forward: Enable net.ipv4.ip_forward (default true).
- icc: Enable IP masquerading (default true).
- iptables: Enable addition of iptables rules (default true).
- If the FORWARD chain does not contain the DOCKER chain in the iptables, restart the Docker service by running the following command:
# systemctl restart docker
- The recommended settings for using the application installer are as follows:
- If you use the JSON-file logging driver, set the maximum log size to 50 MiB and the maximum number of files to 3.
--log-opt max-size=50m --log-opt max-file=3
- Set ExecReload.
ExecReload=/bin/kill -s HUP $MAINPID
- Set Delegate to yes.
Delegate=yes
- Set KillMode to process.
KillMode=process
-
Set Restart.
Restart=on-failure
Refer to the example provided for general information about the Docker.service file.
- If you use the JSON-file logging driver, set the maximum log size to 50 MiB and the maximum number of files to 3.
When using Podman:- If the supported version of Podman is not installed in the environment, you must configure Yellowdog Updater, Modified (YUM) settings to install packages over a network. The application installer connects to the configured YUM repository and installs the required version of Podman. The packages related to Podman are located in the latest BaseOS and AppStream repositories.
-
If you want to install or upgrade Podman yourself, you can run the following command:
yum install podman required-version
For example, to install Podman v3.3.x:
yum install podman-3.3.*
The asterisk indicates to obtain and install the latest patch version available in the repository.
- If the upgrade of Podman is suppressed, unlock the suppression temporarily before starting the installation. After completing the installation, suppress the upgrade of Podman again.
- If you cannot use YUM to install Podman because your management server is not connected to the network, you must obtain the Podman software from the OS media (ISO image or CD-ROM).
The supported version of Podman (3.3.x) is available with v8.5 of Red Hat Enterprise Linux and Oracle Linux. Therefore, regardless of the OS version that you are using, download v8.5 of the OS to get the required Podman version.
- Download the Linux ISO image (for example, redhat 8.5 iso).
- Mount the ISO image using the following command:
mount /dev/cdrom /media
For example: mount -o loop rhel-8.5-x86_64-dvd.iso /media
- If the /etc/yum.repos.d directory contains an existing repo file, rename the file extension or delete it.
- Create the yum repository file by running the following command:
vim /etc/yum.repos.d/local.repo
- Add the required definition lines as shown in the following examples, and then save and close the file:
For Oracle Linux
[LocalRepo_BaseOS]name= LocalRepo_BaseOS gpgcheck=0 enabled=1 baseurl=file:///media/BaseOS/ LocalRepo_AppStream] name=LocalRepo_AppStream gpgcheck=0 enabled=1 baseurl=file:///media/AppStream/
For Red Hat Enterprise Linux
[LocalRepo_BaseOS] name=LocalRepo_BaseOS metadata_expire=-1 enabled=1 gpgcheck=0 baseurl=file:///media/BaseOS/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release [LocalRepo_AppStream] name=LocalRepo_AppStream metadata_expire=-1 enabled=1 gpgcheck=0 baseurl=file:///media/AppStream/ gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
- Verify the required library by running the following command:
yum repolist
- Install podman by using the following command :
yum install podman-required-version
For example, to install Podman v3.3.x:
yum install podman-3.3.*
- Do not set the following service options to false:
- The available space on the server is 100 GiB including temporary space. For details, refer to Minimum system requirements.
- 16 GiB RAM Note: Before starting the installation, note the following:
- 32 GiB RAM is highly recommended for an environment where Ops Center Administrator manages 20 or more storage systems. For details, refer to: Changing the Elasticsearch memory setting.
- As a best practice, do not install Ops Center Administrator in a location running other applications.
Troubleshooting the installation
- If the installation fails with the (401) error code, the user name and password specified by the installer was incorrect. Retry the installation and ensure that the credentials used are sysadmin/sysadmin.
- Check your container network configuration and make sure your container runtime is working properly. Container runtime requires its network interface (docker0 for Docker, or cni-podman0 for Podman) to be in a trusted zone in your operating system.
- Check your YUM settings and the host network to make sure that your system can connect to the YUM repository.
- If you use a local YUM mirror repository server, confirm the setting of the HTTP server and whether the repository data which is gathered by the reposync command exists correctly.
- If the installation fails and an error message iptables: No chain/target/match by that name is output in the Ops Center Administrator installation log, uninstall Ops Center Administrator and restart the Docker service by running the command:
# systemctl restart docker
Then, retry the installation.
- Delete all Ops Center Administrator containers, images, and files and then start the installation again.
- Check the Docker or Podman logs.
- Consult the documentation of your container runtime for more information on how to do this.
- Journal entries may
have additional information about the error. To view the journal log,
connect to the host with the root account and run these commands:
- Docker: journalctl --no-pager -u docker
- Podman: journalctl --no-pager -u rainier
If the issue persists, collect the installation log which was created under /var/logs/rainier-install and contact customer support.
If the installation produces any warnings, they may point to the cause of the problem. Correct any issues the installer identifies, delete any Ops Center Administrator containers and images, and start the installation again.
rm -f /opt/rainier/bin/rainier-getlogs
rm -f /opt/rainier/bin/rainier-replace-jdk
- docker stop $(docker ps --format "{{.ID}} {{.Image}}" -a | grep "rdocker:6000/" | awk '{ print $1 }')
- docker rm -fv $(docker ps --format "{{.ID}} {{.Image}}" -a | grep "rdocker:6000/" | awk '{ print $1 }')
- docker rmi $(docker images --format "{{.ID}} {{.Repository}}" | grep "rdocker:6000/" | awk '{ print $1 }')
- docker volume rm nginx-certificates
- docker volume rm nginx-certificates-override
- docker volume rm nginx-confd
- docker volume rm nginx-log
[root@hid ~]# docker exec -it d00be2ea7a01 /bin/bash
OCI runtime exec failed: exec failed: container_linux.go:296: starting container process caused "process_linux.go:78: starting setns process caused \"fork/exec /proc/self/exe: no such file or directory\"": unknown
[root@hid ~]# service docker restart Redirecting to /bin/systemctl restart docker.service
For Podman, run the following to restart the service:
[root@hid ~]# systemctl restart rainier
If the Ops Center Administrator installation succeeded, but registering with Ops Center Common Services failed, run the setupcommonservice command after the upgraded Ops Center Administrator goes online.
Required
- Change the root password as described in Changing the root password immediately after installation.
- Log on to Ops Center Administrator to verify the installation.
- Generate and install a signed SSL certificate. By default, the Ops Center Administrator installation package comes with a self-signed certificate that you can use to initially log in to Ops Center Administrator.
Optional
- For information on using the docker.service file, see Example docker.service file for use with the application installer.
- For more information on changing the Ops Center Administrator port number, see Modifying the Ops Center Administrator port in virtual appliance manager.