SevOne Data Platform Deployment on Amazon

Web Services

09 December 2024
IBM SevOne NPM Version 6.8.0
Document Version 6.8.0.3
 SevOne Data Platform Deployment on Amazon Web Services

Table of Contents
1 About 2
2 Prerequisites 5
3 AWS Instance Types For SevOne Appliances 6
4 Deployment 7
5 Enable Login 9
5.1 for SevOne NMS 9
5.2 for SevOne Data Insight 10
5.3 for SD-WAN (Versa / Viptela Solution) 10

6 SevOne Appliance Configuration 11

7 SevOne Appliance Login & License 12
8 Add Peer To Cluster 13
9 Verify SevOne NMS 14
10 Change IP Address 15
 SevOne Data Platform Deployment on Amazon Web Services
SevOne Documentation
All documentation is available from the IBM SevOne Support customer portal.
© Copyright International Business Machines Corporation 2024.
All right, title, and interest in and to the software and documentation are and shall remain the exclusive property of IBM and its
respective licensors. No part of this document may be reproduced by any means nor modified, decompiled, disassembled, published
or distributed, in whole or in part, or translated to any electronic medium or other means without the written consent of IBM.
IN NO EVENT SHALL IBM, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT,
CONTRACT OR ANY OTHER LEGAL THEORY EVEN IF IBM HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, AND IBM
DISCLAIMS ALL WARRANTIES, CONDITIONS OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON SOFTWARE
AND DOCUMENTATION FURNISHED HEREUNDER INCLUDING WITHOUT LIMITATION THE WARRANTIES OF DESIGN,
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT.
IBM, the IBM logo, and SevOne are trademarks or registered trademarks of International Business Machines Corporation, in the
United States and/or other countries. Other product and service names might be trademarks of IBM or other companies. A current
list of IBM trademarks is available on ibm.com/trademark.

1
 SevOne Data Platform Deployment on Amazon Web Services

1 About
Amazon Web Services (AWS) is a collection of several popular cloud-based services hosted by Amazon. Introducing AWS to SevOne
Data Platform has its benefits:
• Ability to deploy in AWS
• Similar to how SevOne monitors Customer Premises Equipment (CPE), routers, switches, servers, and firewalls today, it will
continue to provide the same capability with AWS
• Monitoring data sources with AWS may eliminate data transport costs

 NOTICE
Starting SevOne NMS 6.7.0, MySQL has moved to MariaDB 10.6.12.

In order to properly deploy SevOne NMS / SevOne Data Insight / SD-WAN (Versa / Viptela solution) on AWS, it is important to
understand the following concepts.

General Concepts

CIDR Subnets CIDR subnets are used for IP assignment in Amazon AWS.

SSH SSH is used to connect to SevOne NMS command line and to launch configshell or to connect to
SevOne Data Insight / SD-WAN (Versa / Viptela solution) launch the web console to configure
network settings using NMTUI.

SSH Keys SSH keys are used for initial connection to AWS instances. SSH keys are used by the SevOne NMS
for communication with peers and are overwritten with the SevOne-fix-ssh-keys command. It is
important to set and document the root password after deploying an instance on Amazon AWS to
ensure you can connect to it again after setting the root password and peering the NMS.

VPN VPN connectivity is recommended to secure data in-transit between AWS and premises.

SevOne Concepts

RHEL (RedHat Enterprise Linux) The OS driving the SevOne appliance.

SevOne NMS The SevOne NMS appliance.

SevOne Data Insight The SevOne Data Insight appliance.

2
 SevOne Data Platform Deployment on Amazon Web Services

AWS Concepts related to SevOne

AMI
 If you are on a legacy / flexible SevOne contract and do not have access to IBM Passport
Advantage but have an active Support contract, please contact SevOne Support.

for NPM components,

• download the relevant .ova image(s) from IBM Passport Advantage (https://www.ibm.com/
software/passportadvantage/pao_download_software.html) via Passport Advantage Online.
• from the .ova file downloaded, you may create your own AMI.

 For details on how to create your AMI from the OVA image, please refer to https://
docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html.
• Prerequisite AWS Identity and Access Management (IAM) permissions must be
applied. NOTE: This is only required the first time you import. For the subsequent
imports, this process does not need to be repeated.
• You must copy the OVA image to a bucket in Amazon S3.
• Once the import process begins, wait until it is completed, and AMI ID is returned.

Availability Zone Regions have Availability Zones (this is similar to one data center).

AWS Console The web GUI for AWS.

AWS CLI The CLI for AWS.

EBS The underlying filesystem attachment. SevOne NMS uses a minimum size of >= 600 GiB with GP2
disks to guarantee a minimum level of IOPS performance. Larger instances are configured with
multiple and/or larger disks for further improvement of performance. SevOne Data Insight / SD-WAN
(Versa / Viptela solution) require 250 GiB.

EC2 EC2 is an abbreviation for an instance on AWS.

Instance Type The amount and type of RAM/vCPU an instance is allocated.

Key Pairs Used to connect to instances when launched to connect and set a root password.

Launch Permission Controls access to AMI deployment and copying.

NACLs Network ACLs work in a similar way to ACLs on routers.

Name See Tags below

Placement Groups Allows AWS instances to be placed in close proximity (in network hops and physical distance) from
one another to ensure maximum network throughput for HA applications.

Region The AWS region for deployment. This is analogous to multiple data centers in a large geographic
area.

3
 SevOne Data Platform Deployment on Amazon Web Services

AWS Concepts related to SevOne

Security Groups Similar to firewall policy in AWS.

Subnets Subnets exist within an individual Availability Zone and consists of CIDR networks.

Tags Allow identifiers in key/value pairs to be used to identify an instance in AWS. For example, Name is a
tag.

VPC VPC is the virtual network definition tool for AWS.

 IMPORTANT
AWS's shared tenancy model is commonly used within AWS and SevOne uses this model to deploy SevOne NMS and/or
SevOne Data Insight / SD-WAN (Versa / Viptela solution). With this model, multiple customers can share the same pieces of
the hardware without these instances interacting with each other.
Under the shared model, AWS has a physical host with a hypervisor running on it to handle the virtualization of the CPU,
memory, storage, etc. AWS fits shared EC2 instances onto the appropriate physical host and isolates it from interacting
with other customers, even though the same physical resources are being shared.
By default, AWS employs shared tenancy, but it can be turned off for customers who have certain regulatory, compliance,
or licensing restrictions that require a dedicated deployment model.

 Terminology usage...
In this guide if there is,
• [any reference to master] OR
• [[if a CLI command contains master] AND/OR
• [its output contains master]],
it means leader.
And, if there is any reference to slave, it means follower.

4
 SevOne Data Platform Deployment on Amazon Web Services

2 Prerequisites
• Key Pair - A key pair is required for initial connection to the AWS EC2 instance after deployment from AMI. For additional
details, please refer to https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html

• VPN Configuration - Recommended to access the system via the VPN. For additional details, please refer to https://
aws.amazon.com/premiumsupport/knowledge-center/create-connection-vpc/

• Creating Security Groups - Recommended to disallow access outside of the VPN. For additional details, please refer
to https://docs.aws.amazon.com/efs/latest/ug/accessing-fs-create-security-groups.html

 a. You may deploy SevOne NMS / SevOne Data Insight / SD-WAN (Versa / Viptela solution) on your own AWS
instance as an Amazon Machine Image (AMI), an AWS compatible virtual machine.

 AMI must be created from the OVA image downloaded from IBM Passport Advantage (https://
www.ibm.com/software/passportadvantage/pao_download_software.html) via Passport
Advantage Online. However, if you are on a legacy / flexible SevOne contract and do not have
access to IBM Passport Advantage but have an active Support contract, please contact SevOne
Support.

b. GP2 (General purpose SSD) is the default EBS volume type for Amazon EC2 instances. Using GP2 storage is
recommended.
c. SevOne NMS, SevOne Data Insight, and SD-WAN (Versa / Viptela solution) are available to be deployed on
AWS, however the current release of Universal Collector and xStats have not been tested yet.
d. SevOne is delivering the same experience on SevOne Appliances and VMs (Virtual Machines). For a Virtual
Appliance, a License Key is required.
e. Hybrid Deployment
i. Hybrid cluster setup with a mix of some peers (Cluster Leader, peers, or DNCs) in AWS and some
on-premise is tested and supported.
ii. Hybrid peer deployment (leader or follower on-premise and its partner in AWS) is not supported
with the exception using HSA pairing as a temporary measure to migrate data from on-premise to
AWS.
iii. Hybrid peer migration may take several days depending on latency.
iv. Hybrid setup must only be used for migration of data from the on-premise peer to an HSA in AWS.
Upon completion of migration, the HSA in AWS must be promoted to Leader of the pair and the
remaining peer on-premise, must be decommissioned.
f. Customers are responsible to configure the security zones in AWS.
g. The network connectivity and port requirements are the same for the NMS / Data Insight / SD-WAN
(Versa / Viptela solution) deployed in AWS. For details, please refer to SevOne Best Practices Guide -
Cluster, Peer, and HSA or SevOne NMS Port Number Requirements Guide.

5
 SevOne Data Platform Deployment on Amazon Web Services

3 AWS Instance Types for SevOne Appliances

SevOne Instance License Count AWS Instance Type Data Disk (GiB)

vPAS5k Up to 5k objects • r6i.large n/a

vPAS10k Up to 10k objects • r6i.xlarge n/a

vPAS20k Up to 20k objects • r6i.xlarge n/a

vPAS60k Up to 60k objects • r6i.2xlarge 1,250

vPAS100k Up to 100k objects • r6i.2xlarge 2,000

• r6i.4xlarge
(recommended)
vPAS200k Up to 200k objects • r6i.8xlarge 4,000

vDNC100 Up to 100 interfaces • r6i.2xlarge 400

vDNC300 Up to 300 interfaces • r6i.4xlarge 800

vDNC1000 Up to 1000 interfaces • r6i.8xlarge 1,500

vDNC1500 Up to 1500 interfaces • r6i.8xlarge 3,000

NOTE: Please refer to https://aws.amazon.com/ec2/instance-types/ for details on AWS Instance Types in

the table above.

 The average Input / Output Operations Per Second (IOPS) is 19,000KBs.

6
 SevOne Data Platform Deployment on Amazon Web Services

4 Deployment
Execute the steps below.
1. Please downloaded the OVA images from IBM Passport Advantage (https://www.ibm.com/software/passportadvantage/
pao_download_software.html) via Passport Advantage Online. However, if you are on a legacy / flexible SevOne contract
and do not have access to IBM Passport Advantage but have an active Support contract, please contact SevOne Support.
2. Click on the Image Id link to login to your AWS account to select an Amazon Machine Image instance type for the SevOne
Appliances.

 Please make sure you have the login/password for your AWS account prior to proceeding further.

3. Choose the desired Instance Type.

4. Click on Next: Configure Instance Details.

5. Configuring instance details vary depending on your needs.
It is important to select any Placement Group options now as this may not be changed later.
It is important to select the Network options so that your instance can poll or receive streaming data from the sources that it
needs.

7
 SevOne Data Platform Deployment on Amazon Web Services
6. Click on Next: Add Storage.
7. Please refer to AWS Instance Types for SevOne Appliances section above to enter your desired values.

 Do not modify the drop-down for Device on data disks. The disk setup script /opt/aws_setup.sh expects the data
disk is /dev/xvdb and this will only happen if the Device is left as /dev/sdb here in the disk configuration.

 The root disk should be 600 GiB for SevOne NMS Appliances and 250 GiB for SevOne Data Insight and SD-WAN
(Versa / Viptela solution).
For SevOne NMS appliances PAS100K and above and for all DNC models, please add the additional storage
volume (disk).

8. Click on Next: Add Tags.Tags are useful to identify machine instances so they can be easily found.
9. Click on Next: Configure Security Group. This is customer-specific. It is best to pre-configure a security groups.
10. Click on Review and Launch.
11. Please review your configuration and click on Launch.
12. Select an existing Key Pair or create a new one.

 You will not be able to access the new instance via SSH without the private key.

8
 SevOne Data Platform Deployment on Amazon Web Services

5 Enable Login

5.1 for SevOne NMS

1. SSH to the Virtual Machine as root without a password and using the Key Pair selected during the Virtual Machine creation.
To convert key pairs to popular SSH clients, please refer to https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-
key-pairs.html
2. Set a root password.

$ passwd root

3. Configure the data disk by running the /opt/aws_setup.sh script with bash. The script is included in SevOne NMS and when
missing, it must be created. Please see the example /opt/aws_setup.sh file below for SevOne NMS.

$ bash /opt/aws_setup.sh

Example: /opt/aws_setup.sh for SevOne NMS

#!/bin/bash
#aws_setup.sh by awstest@sevone.com 2021-03-30
#runs on AWS VMs to attach an additional data disk for specified models

#everything else
okstring="[ \033[32mOK\033[0m ]"
warnstring="[\033[33mWARN\033[0m]"
infostring="[\033[36mINFO\033[0m]"
failstring="[\033[31mFAIL\033[0m]"

echo -e "$infostring Checking AWS disk configuration"

if dmesg | egrep -q 'xvdb'; then
echo -e "$okstring Disk xvdb was found"
if mount | egrep -q '^/dev/xvdb1 on /data'; then
echo -e "$okstring /dev/xvdb1 is mounted on /data"
else
if lsblk -o +UUID | egrep -q 'xvdb1'; then
echo -e "$okstring /dev/xvdb1 is formatted"
else
echo -e "$okstring AWS disk configuration is starting"
echo -e "$infostring parted is creating the data disk partition"
parted -a optimal --script /dev/xvdb mklabel gpt mkpart primary 0% 100%
sleep 5
echo -e "$infostring mkfs is formatting the data disk partition as xfs"
mkfs.xfs /dev/xvdb1
sync
sleep 5
echo -e "$infostring configuring mount points"
dataUUID="$(lsblk -o +UUID | awk '/xvdb1/ {print $NF}')"
echo "UUID=${dataUUID} /data xfs defaults 0 0" | tee -a /etc/fstab

9
 SevOne Data Platform Deployment on Amazon Web Services
echo -e "$infostring stopping mysql services"
supervisorctl stop mysqld mysqld2
echo -e "$infostring moving data from old folder to new disk"
mv /data /data_temp
mkdir -p /data
mount -a
mv /data_temp/* /data
chown -R mysql:mysql /data
echo -e "$infostring removing old data folder"
rm -rf /data_temp
echo -e "$infostring starting mysql services"
supervisorctl start mysqld mysqld2
echo -e "$infostring filling ballast"
mkdir /data/.SevOne-ballast
SevOne-ballast fill-all data
echo -e "$okstring AWS disk configuration complete"
df -hT / /data
fi
fi
else
echo -e "$infostring Disk xvdb was not found"
fi

5.2 for SevOne Data Insight

Please refer to SevOne Data Insight Pre-Installation Guide for additional details.

5.3 for SD-WAN (Versa / Viptela Solution)

Please refer to SD-WAN Pre-Deployment Guide for additional details.

10
 SevOne Data Platform Deployment on Amazon Web Services

6 SevOne Appliance Configuration

Please refer to SevOne NMS Appliance Configuration Guide for details on how to set the correct application configuration for the
customer's license type and count.

11
 SevOne Data Platform Deployment on Amazon Web Services

7 SevOne Appliance Login & License

Please refer to SevOne NMS documentation for details as they apply to the Virtual Appliance running on the cloud as well.

12
 SevOne Data Platform Deployment on Amazon Web Services

8 Add Peer to Cluster

Please refer to SevOne NMS documentation for details as they apply to the Virtual Appliance running on the cloud as well.

13
 SevOne Data Platform Deployment on Amazon Web Services

9 Verify SevOne NMS

Logon to the SevOne NMS via SSH and execute the following command.

$ SevOne-act check checkout

Currently, the command returns several errors as shown in the example below. Please disregard these errors until after SevOne
NMS is updated to include checks for Amazon's AWS AMI deployed instances.

Example

$ SevOne-act check checkout

[ FAIL ] Rpm summary - 16 errors found, Run 'SevOne-act check rpm' for more information
[ FAIL ] Lsof summary - 2 errors found, Run 'SevOne-act check lsof' for more information
[ FAIL ] UuidsCheck summary - 1 error found, Run 'SevOne-act check uuids-check' for more information

14
 SevOne Data Platform Deployment on Amazon Web Services

10 Change IP Address
At the time of writing, the configshell and SevOne-change-ip commands are unable to respect the AWS network configuration and
should not be used to change IP addresses.

15