Installation

Installation

To install STOR2RRD follow all tabs from the left to the right.
Skip Prerequisites, Web and STOR2RRD tabs in case of configuring Virtual Appliance, Docker or a Container

  • STOR2RRD can be hosted on any Unix or Linux Operating system
  • Perl: arbitrary version coming with the OS, it requires a few additional modules (installation procedure is below)
  • Apache or any other Web server
HW sizing

User creation

  • create stor2rrd user under root user:
    # useradd -c "STOR2RRD user" -m stor2rrd
    # chmod 755 /home/stor2rrd 
    
  • Increase limits for user stor2rrd and the WEB server user (under root)
    • AIX
      # chdev -l sys0 -a maxuproc=2000
      # chuser  nofiles=32768 data=-1  stack=-1 rss=-1 stor2rrd
      # chuser  data=-1  stack=-1 rss=-1 apache
      
    • Linux
      # vi /etc/security/limits.conf
      
      stor2rrd        hard    stack           -1
      stor2rrd        soft    stack           -1
      stor2rrd        hard    data            -1
      stor2rrd        soft    data            -1
      stor2rrd        hard    nofile          32768 
      stor2rrd        soft    nofile          32768 
      stor2rrd        hard    nproc           5000
      stor2rrd        soft    nproc           5000
      
      apache          hard    stack           -1
      apache          soft    stack           -1
      apache          hard    data            -1
      apache          soft    data            -1
      
If you have already running LPAR2RRD on the same host then skip to Web tab

Linux RedHat, CentOS

  • RHEL 8: enable the codeready-builder-for-rhel-8-*-rpms repository
    # ARCH=$( /bin/arch )
    # subscription-manager repos --enable "codeready-builder-for-rhel-8-${ARCH}-rpms"
    
  • CentOS 8: enable the PowerTools repository
    # yum config-manager --set-enabled PowerTools
    or
    # dnf config-manager --set-enabled powertools
    
    You can also just open /etc/yum.repos.d/CentOS-Linu-PowerTools.repo with a text editor and set enabled= to 1 instead of 0

  • Follow this to get installed SNMP and PDF support in the tool on RHEL8 and CentOS8.

  • RedHat, CentOS: all versions
    # umask 0022
    # yum install perl rrdtool rrdtool-perl httpd
    # yum install epel-release 
    # yum install perl-TimeDate perl-XML-Simple perl-XML-SAX perl-XML-LibXML perl-Env perl-CGI perl-Data-Dumper perl-LWP-Protocol-https perl-libwww-perl perl-Time-HiRes perl-IO-Tty
    # yum install perl-PDF-API2 perl-JSON-XS
    # yum install ed bc libxml2 sharutils tar
    # yum install graphviz perl-Want
    
    Follow this for installing perl-PDF-API2 on RHEL/CentOS 8
    Note that rrdtool-perl and epel-release (this is necessary only for PDF reporting) might not be in your RedHat base repository especially for RHEL 6.x and olders.
    Install CentOS package instead rrdtool-perl-1.4.8-9.el7.x86_64.rpm and epel-release-7-11.noarch.rpm

Linux Debian, Ubuntu

    # umask 0022
    # apt-get install apache2 perl rrdtool ed bc
    # apt-get install librrdp-perl libxml-sax-perl libxml-simple-perl libtimedate-perl libenv-sanctify-perl libcgi-pm-perl libdata-dumper-simple-perl libpdf-api2-perl libxml2-utils
    # apt-get install liblwp-protocol-https-perl=6.04-2 libcrypt-ssleay-perl libio-socket-ssl-perl libmozilla-ldap-perl libio-pty-perl libjson-xs-perl
    # apt-get install snmp libsnmp-perl snmp-mibs-downloader
    # apt-get install graphviz libmodule-want-perl
    
    Note that liblwp-protocol-https-perl must be exactly at version 6.04-2!
    Other available versions like actually default stable 6.06-2, or 6.02-1 and 6.07-2 have a bug which might prevent working with latest storage REST API's.
    Only Debian based Linux distributions are affected.
    If you do not have access to the internet then get it from liblwp-protocol-https-perl 6.04-2
    Prevent updating it in operating system
    # apt-mark hold liblwp-protocol-https-perl
      liblwp-protocol-https-perl set on hold.
    

SuSE

    # zypper install rrdtool perl-rrdtool apache2
    # zypper install perl-TimeDate perl-XML-Simple perl-XML-SAX perl-XML-LibXML perl-CGI perl-LWP-Protocol-https perl-libwww-perl perl-IO-Tty
    # zypper install perl-PDF-API2 perl-JSON-XS
    # zypper install ed bc libxml2-2 sharutils
    

AIX

    Use either AIX yum installation of the latest prerequisite tools or manual installation of older version RRDTool 1.4.8
    If you already use older package and you want to upgrade to the latest in AIX Linux Tool Box then follow this

Solaris

    # /opt/csw/bin/pkgutil -y -i pm_xml_simple pm_libxml_perl pm_xml_sax rrdtool
    

Troubleshooting

    If you get error durring device connection test or in error log like:
    • Missing LWP::Protocol::https
    • Connection reset by peer
    • SSL negotiation failed
    then follow this docu to fix it

STOR2RRD installation

  • Download the latest STOR2RRD server
    Upgrade your already running STOR2RRD instance.

  • Product installation
    # su - stor2rrd
    $ tar xvf stor2rrd-7.XX.tar
    $ cd stor2rrd-7.XX
    $ ./install.sh
    $ cd /home/stor2rrd/stor2rrd
    
  • Configure parameters in etc/stor2rrd.cfg.
    Install process should do most of that automatically
    Here is the list of parameters which need to be reviewed:
    $ vi /home/stor2rrd/stor2rrd/etc/stor2rrd.cfg  
      WEBDIR=/home/stor2rrd/stor2rrd/www  
      RRDTOOL=/usr/bin/rrdtool
      PERL=/usr/bin/perl  
    
    On AIX use these rrdtool and perl paths (both must exist!):
      RRDTOOL=/opt/freeware/bin/rrdtool 
      PERL=/opt/freeware/bin/perl
    
  • Schedule to run STOR2RRD from stor2rrd crontab (lpar2rrd on Virtual Appliance)
    $ crontab -e
    
    # STOR2RRD UI (just ONE entry of load.sh must be there)
    5 * * * * /home/stor2rrd/stor2rrd/load.sh > /home/stor2rrd/stor2rrd/load.out 2>&1
    
    You might need to add stor2rrd user (lpar2rrd for Virtual Appliance) into /var/adm/cron/cron.allow (/etc/cron.allow on CentOS 8) under root user when crontab cmd fails.
    # echo "stor2rrd" >> /var/adm/cron/cron.allow
    
  • Go to the web UI: http://<your web server>/stor2rrd/

Troubleshooting

  • If you have any problems with the UI then check:
    (note that the path to Apache logs might be different, search apache logs in /var)
    tail /var/log/httpd/error_log             # Apache error log
    tail /var/log/httpd/access_log            # Apache access log
    tail /var/tmp/stor2rrd-realt-error.log    # STOR2RRD CGI-BIN log
    tail /var/tmp/systemd-private*/tmp/stor2rrd-realt-error.log # STOR2RRD CGI-BIN log when Linux has enabled private temp
    
  • Test of CGI-BIN setup
    umask 022
    cd /home/stor2rrd/stor2rrd/
    cp bin/stor-test-healthcheck-cgi.sh stor2rrd-cgi/
    
    go to the web browser: http://<your web server>/stor2rrd/test.html
    You should see your Apache, STOR2RRD, and Operating System variables, if not, then check Apache logs for connected errors
Skip Apache installation in case of Virtual Appliance deployment.

Apache installation process:
  1. Prerequisites: SELinux, Firewall
  2. Download and Install
  3. Configure
  4. Start / Restart
  5. Verify Installation
  6. Enable Authorization (optional)

SELinux

SELinux has to be disabled in order to utilize basic web services.
Disable SELinux if you see "(13)Permission denied:" or "AH00132: file permissions deny server access" in Apache error log.

There are two options:
  • Disable SELinux for Apache
    Step 1. Query the Boolean value that needs changing:
    # getsebool -a | grep httpd_dis
      httpd_disable_trans --> off
    
    Step 2. Disable SELinux for Apache:
    # setsebool -P httpd_disable_trans=1
    
    Step 3. Verify:
    # getsebool -a | grep httpd_dis
      httpd_disable_trans --> on
          
  • Disable SELinux globally
    # setenforce Permissive
    # vi /etc/sysconfig/selinux
      SELINUX=disabled
          

Firewall

Enable communication through firewall
# firewall-cmd --add-service=http --permanent
# firewall-cmd --add-service=https --permanent
# firewall-cmd --add-port=8162/tcp --permanent
# firewall-cmd --reload
    

Download and Install

  • AIX
    Apache latest from IBM AIX Toolbox for Linux
    Apache 2.4.18 from IBM AIX Toolbox for Linux Applications
    Apache 2.4.4 from M. Perlz's archive
    If you use yum then:
    # yum update httpd
  • Linux CentOS, RedHat
    # yum install httpd
  • Linux Debian, Ubuntu
    # apt-get install httpd

Configure

  • AIX 2.4.46 via yum

    Apache configuration file: /opt/freeware/etc/httpd/conf/httpd.conf
    Enable CGI-BIN
    <IfModule mpm_prefork_module>>
            LoadModule cgi_module /opt/freeware/lib/httpd/modules/mod_cgi.so
    </IfModule>
          
    Append to the end of httpd.conf:
    AddHandler cgi-script .cgi
    Alias /stor2rrd  "/home/stor2rrd/stor2rrd/www/"
    <Directory "/home/stor2rrd/stor2rrd/www/">
        AllowOverride 
        Options Indexes FollowSymLinks
        Require all granted
    </Directory>
    # CGI-BIN
    ScriptAlias /stor2rrd-cgi/ "/home/stor2rrd/stor2rrd/stor2rrd-cgi/"
    <Directory "/home/stor2rrd/stor2rrd/stor2rrd-cgi">
        AllowOverride
        SetHandler cgi-script
        Options ExecCGI FollowSymLinks
        Require all granted
    </Directory>
          
  • Linux CentOS, RedHat

    Append to the end of /etc/httpd/conf/httpd.conf
    # vi /etc/httpd/conf/httpd.conf
    
    AddHandler cgi-script .sh
    # DocumentRoot  "/home/stor2rrd/stor2rrd/www/"
    Alias /stor2rrd  "/home/stor2rrd/stor2rrd/www/"
    <Directory "/home/stor2rrd/stor2rrd/www/">
        AllowOverride 
        Options Indexes FollowSymLinks 
        Require all granted
    </Directory>
    # CGI-BIN
    ScriptAlias /stor2rrd-cgi/ "/home/stor2rrd/stor2rrd/stor2rrd-cgi/"
    <Directory "/home/stor2rrd/stor2rrd/stor2rrd-cgi">
        AllowOverride 
        SetHandler cgi-script
        Options ExecCGI FollowSymLinks
        Require all granted
    </Directory>
          
  • SuSE

    Append to the end of /etc/apache2/httpd.conf
    # vi /etc/apache2/httpd.conf
    
    AddHandler cgi-script .sh
    Alias /stor2rrd  "/home/stor2rrd/stor2rrd/www/"
    <Directory "/home/stor2rrd/stor2rrd/www/">
        Options Indexes FollowSymLinks
        Require all granted
    </Directory>
    # CGI-BIN
    ScriptAlias /stor2rrd-cgi/ "/home/stor2rrd/stor2rrd/stor2rrd-cgi/"
    <Directory "/home/stor2rrd/stor2rrd/stor2rrd-cgi">
        AllowOverride None
        Options +ExecCGI +SymLinksIfOwnerMatch
        Require all granted
        SetHandler cgi-script
    </Directory>
          
  • Linux Debian, Ubuntu : Apache2 (2.4+)

    Enable CGI-BIN
    # a2enmod cgi
          
    Append to the end of /etc/apache2/apache2.conf
    # vi /etc/apache2/apache2.conf
    
    AddHandler cgi-script .sh
    Alias /stor2rrd  "/home/stor2rrd/stor2rrd/www/"
    <Directory "/home/stor2rrd/stor2rrd/www/">
        Options Indexes FollowSymLinks 
        Require all granted
    </Directory>
    # CGI-BIN
    ScriptAlias /stor2rrd-cgi/ "/home/stor2rrd/stor2rrd/stor2rrd-cgi/"
    <Directory "/home/stor2rrd/stor2rrd/stor2rrd-cgi">
        AllowOverride None
        Options +ExecCGI +SymLinksIfOwnerMatch
        Require all granted
        SetHandler cgi-script
    </Directory>
          
  • Apache 2.4+ generally

    The actual location of httpd.conf depends on Linux distribution
    • /etc/httpd/httpd.conf
    • /etc/httpd/conf/httpd.conf
    • /etc/opt/freeware/apache/httpd.conf (AIX)
    • /opt/freeware/etc/httpd/httpd.conf (AIX)
    • /opt/freeware/etc/httpd/conf/httpd.conf (AIX)

    1. Verify alias_module and cgi_module are loaded (uncomment it, path may be different)
      LoadModule alias_module /opt/freeware/lib/httpd/modules/mod_alias.so
      LoadModule cgi_module /opt/freeware/lib/httpd/modules/mod_cgi.so
                
    2. cgi_module may depend on mpm_prefork_module
      Enable mpm_prefork, disable mpm_worker_module and mpm_event_module
      LoadModule mpm_prefork_module /opt/freeware/lib/httpd/modules/mod_mpm_prefork.so
      # LoadModule mpm_worker_module /opt/freeware/lib/httpd/modules/mod_mpm_worker.so
      # LoadModule mpm_event_module modules/mod_mpm_event.so
      <IfModule mpm_prefork_module>
           LoadModule cgi_module /opt/freeware/lib/httpd/modules/mod_cgi.so
      </IfModule>
                
    3. Append this to the end of httpd.conf
      AddHandler cgi-script .sh
      Alias /stor2rrd  "/home/stor2rrd/stor2rrd/www/"
      <Directory "/home/stor2rrd/stor2rrd/www/">
          Options Indexes FollowSymLinks 
          Require all granted
      </Directory>
      # CGI-BIN
      ScriptAlias /stor2rrd-cgi/ "/home/stor2rrd/stor2rrd/stor2rrd-cgi/"
      <Directory "/home/stor2rrd/stor2rrd/stor2rrd-cgi">
          AllowOverride None
          SetHandler cgi-script
          Options ExecCGI FollowSymLinks
          Require all granted
      </Directory>
                
      Sometimes it seens necessary to remove "Require all granted" lines in both directives.

  • Apache 1.3 - 2.3

    Edit httpd.conf, the actual location of the file depends on Linux distribution
    • /etc/httpd/httpd.conf
    • /etc/httpd/conf/httpd.conf
    • /etc/opt/freeware/apache/httpd.conf (AIX)
    • /opt/freeware/etc/httpd/httpd.conf (AIX)

    # vi /etc/opt/freeware/apache/httpd.conf
    
    Alias /stor2rrd  "/home/stor2rrd/stor2rrd/www/"
    <Directory "/home/stor2rrd/stor2rrd/www/">
        Options Indexes FollowSymLinks 
        Order allow,deny
        Allow from all
    </Directory>
    # CGI-BIN
    ScriptAlias /stor2rrd-cgi/ "/home/stor2rrd/stor2rrd/stor2rrd-cgi/"
    <Directory "/home/stor2rrd/stor2rrd/stor2rrd-cgi">
        AllowOverride None
        Options ExecCGI FollowSymLinks
        Order allow,deny
        Allow from all
    </Directory>
          

Start / Restart

    Command depends on Apache version, one of these should work:
    # apachectl restart
    # /opt/freeware/apache/sbin/apachectl restart
    # /etc/init.d/httpd restart
    # service apache2 restart
        
    Configure Apace web server to autostart during OS boot
    (depending on Linux distribution, startup script in /etc/rc, systemctl, etc.)

Verify Installation

    Point your web browser to http://<your stor2rrd host>/stor2rrd/ as soon as you configure STOR2RRD

Enable Authorization (optional)

You can configure authorization in Apache web server.
Make sure web server works fine without authorization first


Storage monitoring - schema

All supported storage with feature matrix.
Have not you found your storage supported? Vote for it to give us visibility of that.

Storage access summary

Vendor Storage type User role Interface Used ports 3rd party SW
Dell EMC² Celerra nasadmin CLI 22
CLARiiON CX4 operator Navisphere CLI 443, 6389 Navisphere CLI
Data Domain user CLI 22
PowerFlex monitor role REST API 443
PowerMax performance monitor REST API 8443
PowerScale / Isilon read only REST API 8080
PowerStore operator REST API 443
PowerVault ME4 monitor REST API
SMI-S
80, 5988
(443, 5989)
PowerVault ME5 monitor REST API
SMI-S
80, 5988
(443, 5989)
Unity operator UEM CLI 443 Unisphere UEM CLI
VMAX performance monitor REST API 8443
VNX block operator Navisphere CLI 443, 6389 Navisphere CLI
VNX file operator CLI 22
VNXe operator REST API 443 VNXe UEM CLI
VPLEX vplexuser CLI
REST API
22, 443
XtremIO read only REST API 443
Vendor Storage type User role Interface Used ports 3rd party SW
IBM DS8000 monitor DScli 1750, 1751 IBM DScli
SVC,Storwize RestrictedAdmin SVC CLI 22
FlashSystem V9000,9100,V840 RestrictedAdmin SVC CLI 22
FlashSystem 900,840 RestrictedAdmin SVC CLI 22
XIV,A9000 readonly SMI-S 5989
DS3000,4000,5000 monitor SMcli 2463 IBM SMcli
Spectrum Scale (GPFS) monitor API 443
Vendor Storage type User role Interface Used ports 3rd party SW
NetApp C-mode monitor NetApp CLI
NetApp API
22, 80, 443
7-mode monitor NetApp CLI
NetApp API
22, 80, 443
E/EF-series monitor REST API 8443
E/EF-series monitor SMcli 2463 SANtricity SM
SolidFire Reporting REST API 443
StorageGRID monitor REST API 443
Vendor Storage type User role Interface Used ports 3rd party SW
Hitachi VSP-G
VSP-F
VSP
HUS-VM
read only CCI
Export Tool

SNMP
TCP: 1099,
51099 - 51101
UDP: 31001
UDP: 161
CCI
Export Tool
HUS, AMS read HSNM2 CLI 2000, 28355 HSNM2 CLI
HNAS read SNMP
v2c, v3
UDP:161
HCP Monitor REST API, SNMP TCP:443, UDP:161
Vendor Storage type User role Interface Used ports 3rd party SW
HPE Primera browse 3PAR CLI
via ssh
22
Primera browse 3PAR CLI 5783 3PAR CLI
Primera browse WSAPI (REST API) 8080
3PAR browse 3PAR CLI
via ssh
22
3PAR browse 3PAR CLI 5783 3PAR CLI
3PAR browse WSAPI (REST API) 8080
Alletra 9000 browse 3PAR CLI
via ssh
22
Alletra 9000 browse 3PAR CLI 5783 3PAR CLI
Alletra 9000 browse WSAPI (REST API) 8080
XP7 read only CCI,
Export Tool

SNMP
TCP: 1099,
51099 - 51101
UDP: 31001
UDP: 161
CCI
Export Tool
MSA P2000 monitor REST API
SMI-S
80, 5988
(443, 5989)
Alletra 6000 guest CLI 22
Nimble guest CLI 22
StoreOnce user REST API 443
StoreVirtual view_only CLI 16022
Vendor Storage type User role Interface Used ports 3rd party SW
Lenovo Storage V Series
(V5030/V3700)
RestrictedAdmin CLI 22
Storage S Series
(S2200/S3200)
monitor REST API
SMI-S
80, 5988
(443, 5989)
ThinkSystem DS Series
(DS2200/4200/6200)
monitor REST API
SMI-S
80, 5988
(443, 5989)
ThinkSystem DE Series
(DE2000/4000/6000)
monitor REST API 8443
ThinkSystem DE Series
(DE2000/4000/6000)
monitor SMcli 2463 Lenovo SMcli
ThinkSystem DM Series
(DE3000/5000/7000)
monitor Lenovo CLI
Lenovo API
22, 80, 443
Vendor Storage type User role Interface Used ports 3rd party SW
Dell MD3000 monitor SMcli 2463 Dell SMcli
SC series
(Compellent)
Reporter REST API 3033 Enterprise Manager or
DSM Data Collector
Vendor Storage type User role Interface Used ports 3rd party SW
Ceph Ceph Prometheus API 9283
DataCore SANsymphony View REST API 80 (443) DataCore REST API package
Dot Hill AssuredSAN monitor REST API
SMI-S
80, 5988
(443, 5989)
FalconStor FreeStor viewer REST API 443
Fujitsu ETERNUS monitor CLI 22
Huawei OceanStor read-only REST API 8088
Dorado read-only REST API 8088
Infinidat InfiniBox read_only REST API 443
InfiniGuard read_only REST API 443
Inspur Inspur RestrictedAdmin SVC CLI 22
iXsystems FreeNAS root REST API 443
TrueNAS root REST API 443
MacroSAN Ceph admin SSH, FTP 20,21,22
Oracle Oracle ZFS read, create REST API 215
Promise VTrak read SNMP
v2c, v3
UDP:161
Pure Storage FlashArray read-only REST API 443
FlashBlade read-only REST API 443
QNAP QNAP regular OS user SSH 22
Quantum StorNext monitor REST API
SMI-S
80, 5988
(443, 5989)
Qumulo Qumulo Users REST API 8000
RAIDIX RAIDIX 5.x regular OS user SSH 22
Rubrik CDM ReadOnlyAdminRole REST API 443
Synology Synology read SNMP
v2c, v3
UDP:161
YADRO TATLIN restricted monitor 22
Veritas NetBackup restricted REST API 1556
Vendor Type User role Interface Used ports 3rd party SW
Brocade SAN switch read-only SNMP v1,2,3 161 UDP
QLogic SAN switch read-only SNMP v1,2,3 161 UDP
Cisco MDS and Nexus read-only SNMP v1,2,3 161 UDP
Brocade Network Advisor operator
read only
REST API 443
LAN LAN switch read-only SNMP v1,2,3 161 UDP
SAN monitoring - schema

SAN switch access summary

Vendor Storage type User role Interface Used ports
Brocade SAN switch read-only SNMP v1,2,3 161 UDP
QLogic SAN switch read-only SNMP v1,2,3 161 UDP
Cisco MDS and Nexus read-only SNMP v1,2 161 UDP
Connections are always initiated from STOR2RRD server side


Brocade Network Advisor as a data source installation instructions.

In case of usage of Virtual Appliance
  • Use local account lpar2rrd for hosting of STOR2RRD on the virtual appliance
  • Use /home/stor2rrd/stor2rrd as the product home
Installation procedure is same for Cisco, Brocade and QLogic switches.
Only in case of usage Brocade/QLogic Virtual Fabric you have to do special access configuration.
Cisco VSAN support works automatically.
SAN monitoring features

Install Prerequisites (skip that in case of Virtual Appliance)

  • AIX
    Download Net-SNMP packages and install them.
    Do not use the latest packages on AIX, it does not work, use net-snmp-5.6.2.1-1!
    # umask 0022
    # rpm -Uvh net-snmp-5.6.2.1-1 net-snmp-utils-5.6.2.1-1 net-snmp-perl-5.6.2.1-1
    
    Make sure
    • you use PERL=/opt/freeware/bin/perl in etc/stor2rrd.cfg
    • PERL5LIB in etc/stor2rrd.cfg contains /opt/freeware/lib/perl5/vendor_perl/5.8.8/ppc-thread-multi path

  • Linux
    Follow this to get installed SNMP support in the tool on RHEL8 and CentOS8.
    # umask 0022
    # yum install net-snmp
    # yum install net-snmp-utils
    # yum install net-snmp-perl
    
    Note you might need to allow optional repositories on RHEL to yum can find it
    # subscription-manager repos --list
    ...
    # subscription-manager repos --enable rhel-7-server-optional-rpms
    
    Use rhel-7-for-power-le-optional-rpms for Linux on Power etc ...

  • Linux Debian/Ubuntu
    % umask 0022
    % apt-get install snmp libsnmp-perl snmp-mibs-downloader
    
    Assure that this line is commented out in /etc/snmp/snmp.conf
    #mibs :
    
    If apt-get does not find snmp-mibs-downloader package then enable contrib and non-free repositories.

Configure access to switches

  • Assure you have enough of disk space, count about 16MB per each physical port in your switches

  • Allow SNMP communication from STOR2RRD server to all SAN switches on port 161, UDP
    $ perl /home/stor2rrd/stor2rrd/bin/conntest_udp.pl 192.168.1.1 161
      UDP connection to "192.168.1.1" on port "161" is ok
    
  • Brocade note: SNMPv2 is not supported in FOS v9.0.1a but is not blocked. SNMPv2 will be blocked beginning with FOS v9.1.0.

Test SNMP communication

    replace switch_IP for your one in below examples
    # export PATH=$PATH:/opt/freeware/bin
    # snmpwalk -v 2c -c public  <Switch_IP> 1.3.6.1.2.1.1.5
      SNMPv2-MIB::sysName.0 = STRING: SAN_switch_name
    
    This must work exactly as above!
    When the command fails, times out or return whatever like this:
      Timeout: No Response from <Switch_IP>
    
    Then follow this:
    • Make sure there is SNMP allowed on the SAN switch with public read only role (Community 4)
      • Brocade/QLogic:
        # ssh <Switch_IP> -l admin
        SAN:admin> snmpconfig --show snmpv1 
          ...
          Community 4: public (ro)
          ...
        
        Change community string to whatever you need via "snmpConfig --set snmpv1"

      • Cisco:
        # ssh <Switch_IP> -l admin
        switch# show snmp community
          Community Access
          --------- ------
          private rw
          public ro
        
        When there is other community string than public then use it in test snmpwalk cmds above
        and use that community string in switch cfg.

    • Make sure that Access Host list contains STOR2RRD host:
      SAN:admin> snmpconfig --show accessControl
      
      SAN switch cfg

    • Make sure you have enabled all listed MIBs below:
      SAN:admin> snmpconfig --show mibCapability
        FE-MIB: YES
        SW-MIB: YES
        FA-MIB: YES
        FICON-MIB: YES
        HA-MIB: YES
        FCIP-MIB: YES
        ISCSI-MIB: YES
        IF-MIB: YES
        BD-MIB: YES
        BROCADE-MAPS-MIB: YES
      
      Enable all missing MIBs each by each::
      SAN:admin> snmpconfig --enable mibCapability -mib_name FICON-MIB
      
    • set SNMP GET security level to 0
      SAN:admin> snmpconfig --show seclevel
      SAN:admin> snmpconfig --set seclevel
        Select SNMP GET Security Level
        (0 = No security, 1 = Authentication only, 2 = Authentication and Privacy, 3 = No Access): (0..3) [3] 0
      
    • Do you have some other switch which works fine, is there any configuration difference?

Brocade/QLogic Virtual Fabric support

  • you have to use SNMP v3 with proper security user

  • Activate SNMP v3 mode in switch properties as per above example

  • Configure security user on the switch (under admin account):
    userconfig --add snmpuser1 -r user -l 1,128
    userconfig --change snmpuser1 -r user -l 1,128 -h 128 -e no
    
    Parameter -l 1,128 defines virtual fabrics visible for this user.
    Parameter -h 128 defines home virtual fabrics.
    Parameter -e no disables user expiration
    Example above allows virtual fabrics 1 and 128 for user snmpuser1.

  • test access, you should see ports configured for your specific VF (Virtual Fabric).
    $ snmpwalk -v 3 -u snmpuser1 -n VF:<your_virtual_fabric_ID> <Switch_IP> 1.3.6.1.2.1.1.5
      SNMPv2-MIB::sysName.0 = STRING: SAN_switch_name
    
    If you get one of below errors then user is not configured properly:
    Error in packet.
    Reason: noAccess
    snmpwalk: Unknown user name
    
  • Note a potential CPU issue on switches when you use vFabric support.

STOR2RRD configuration

  • Add switches into configuration from the UI:
    Settings icon ➡ SAN switches ➡ New ➡ Vendor:device ...
    Storage management

  • SNMP v3 support with enhanced authorization parameters

  • Check switch connectivity either from the UI via Connection Test or from the cmd line:
    $ cd /home/stor2rrd/stor2rrd
    $ ./bin/config_check.sh <Switch IP/hostname>
      =========================
      SWITCH: Switch_IP1
      =========================
      Type         : BRCD
      DestHost     : Switch_host
      Version SNMP : 1
      Community    : public
      Switch name  : Switch_host
      STATE        : CONNECTED!
    
    QLogic note: use this fix for STOR2RRD 2.0x to get config_check.sh working properly for QLogic.

  • Schedule to run SAN agent from stor2rrd crontab (lpar2rrd on Virtual Appliance, it might already exist there)
    $ crontab -l | grep load_sanperf.sh
    $
    
    Add if it does not exist as above
    $ crontab -e
    
    # SAN agent
    0,5,10,15,20,25,30,35,40,45,50,55 * * * * /home/stor2rrd/stor2rrd/load_sanperf.sh >/home/stor2rrd/stor2rrd/logs/load_sanperf.out 2>&1
    
    Assure there is already an entry with the UI creation running once an hour in crontab
    $ crontab -e
    
    # STOR2RRD UI (just ONE entry of load.sh must be there)
    5 * * * * /home/stor2rrd/stor2rrd/load.sh > /home/stor2rrd/stor2rrd/load.out 2>&1
    
  • Let it run for 15 - 20 minutes, then re-build the UI by:
    $ cd /home/stor2rrd/stor2rrd
    $ ./load.sh html
    
  • Go to the web UI: http://<your web server>/stor2rrd/
    Use Ctrl-F5 to refresh the web browser cache.

SAN troubleshooting
Storage monitoring - schema

Brocade Network Advisor is supported as data source for your Brocade switches.
It replaces SNMP monitoring (it might even run simultaneously with older SNMP implementation).
In compare to SNMP monitoring when must be queried every SAN switch independenly.
BNA acts as single data source for all data.
It provides all data like through SNMP with further enhancements about:
  • CPU, memory and response time of switches (if BNA is licensed for collection of that)
  • Zone configuration

Access summary

User role Interface Used ports
operator read only REST API 443 TCP


In case of usage of Virtual Appliance
  • Use local account lpar2rrd for hosting of STOR2RRD on the virtual appliance
  • Use /home/stor2rrd/stor2rrd as the product home
Note that BNA v12 and older is not supported.

Configure access to BNA

  • Allow access though the network from the STOR2RRD host to the BNA on ports 443 (HTTPS).
    Connection test:
    $ perl /home/stor2rrd/stor2rrd/bin/conntest.pl 192.168.1.1 443
      Connection to "192.168.1.1" on port "443" is ok
    
  • Create user stor2rrd on all your BNA's under operator_ro role.
    If read only operator role does not exist, it can be easily created by removing rw roles from default operator role

  • Define All Fabrics, All Hosts in Responsibility Area for user stor2rrd in BNA.

BNA configuration

  • Add BNA into configuration from the UI:
    Settings icon ➡ SAN switches ➡ New ➡ Vendor:device ➡ BNA
    Storage management
    Note: do not use "!" character in password string

  • Check BNA connectivity either from the UI via "Connection Test" or from cmd line like here:
    $ cd /home/stor2rrd/stor2rrd
    $ ./bin/config_check.sh <BNA IP/hostname>
      =========================
      BNA: 10.22.11.53
      =========================
      Connection to "192.168.1.1" on port "443" is ok API connection:
       LOGIN             : ok
       API request       : ok
       LOGOUT            : ok
       Switches found    : 2
    
       SAN switch        : brocade01
       operationalStatus : HEALTHY
       state             : ONLINE
       statusReason      : Switch Status is HEALTHY.
    
       SAN switch        : brocade02
       operationalStatus : HEALTHY
       state             : ONLINE
       statusReason      : Switch Status is HEALTHY.
    
       API connection OK
    
  • Schedule BNA agent to run from stor2rrd crontab (lpar2rrd on Virtual Appliance) to collect data every 10 minutes
    $ crontab -e
    
    # BNA agent
    0,10,20,30,40,50 * * * * /home/stor2rrd/stor2rrd/load_bnaperf.sh >/home/stor2rrd/stor2rrd/logs/load_bnaperf.out 2>&1
    
    Assure there is already an entry with the UI creation running once an hour in crontab
    $ crontab -e
    
    # STOR2RRD UI (just ONE entry of load.sh must be there)
    5 * * * * /home/stor2rrd/stor2rrd/load.sh > /home/stor2rrd/stor2rrd/load.out 2>&1
    
  • Let it run for 15 - 20 minutes, then re-build the UI by:
    $ cd /home/stor2rrd/stor2rrd
    $ ./load.sh html
    
  • Go to the web UI: http://<your web server>/stor2rrd/
    Use Ctrl-F5 to refresh the web browser cache.

Troubleshooting

  • Assure you use BNA 14.x+, BNA v12.x are not supported.

  • Assure you use STOR2RRD version 2.20 at least.

  • On AIX you get error during config_check.sh
    $ ./bin/config_check.sh
      ===============
      BNA: 10.22.11.53
      ===============
      Connection to "10.22.11.53" on port "4433" is ok
      API connection:
      Tue Oct 31 17:08:20 2017: Request error: 500 SSL negotiation failed:
      Tue Oct 31 17:08:20 2017: POST url     : https://10.22.11.53:4433/rest/login
      Tue Oct 31 17:08:20 2017:                LOGIN failed!
    
    Upgrade to STOR2RRD v2.20.

  • When connection to BNA is ok, but not any switches or data is visible
    • Assure you have defined All Fabrics,All Hosts in Responsibility Area for user stor2rrd in BNA
    • Can you log on to the BNA UI as stor2rrd? Do you see all switches?
    • Follow this to see examples

  • CPU and memory data is not presented.
    • Assure that your BNA is licensed for collection of CPU and Memory
    • Assure that your BNA sees CPU and Memory data in its dashboard: BNA CPU

  • BNA stops providing performance statistics for ports
LAN monitoring - schema

Feature matrix
Product uses SNMP v1,2, read-only access (port 161 UDP) to get data from LAN switches.
Only Cisco and Huawei switches are tested so far.
Generally all network devices having SNMP MIBs compatible with Cisco should work.

Prerequisites

Skip that in case you are on our Virtual Appliance
  • AIX
    Download Net-SNMP packages and install them.
    Do not use the latest packages on AIX, it does not work, use net-snmp-5.6.2.1-1!
    # umask 0022
    # rpm -Uvh net-snmp-5.6.2.1-1 net-snmp-utils-5.6.2.1-1 net-snmp-perl-5.6.2.1-1
    
    Make sure
    • you use PERL=/opt/freeware/bin/perl in etc/stor2rrd.cfg
    • PERL5LIB in etc/stor2rrd.cfg contains /opt/freeware/lib/perl5/vendor_perl/5.8.8/ppc-thread-multi path

  • Linux
    # umask 0022
    # yum install net-snmp
    # yum install net-snmp-utils
    # yum install net-snmp-perl
    
    Note you might need to allow optional repositories on RHEL to yum can find it
    # subscription-manager repos --list
    ...
    # subscription-manager repos --enable rhel-7-server-optional-rpms
    
    Use rhel-7-for-power-le-optional-rpms for Linux on Power etc ...

  • Linux Debian/Ubuntu
    % umask 0022
    % apt-get install snmp libsnmp-perl snmp-mibs-downloader
    
    Assure that this line is commented out in /etc/snmp/snmp.conf
    #mibs :
    
    If apt-get does not find snmp-mibs-downloader package then enable contrib and non-free repositories.

Configure access to switches

Since now use stor2rrd user only (not root). In case of Virtual Appliance use lpar2rrd user account
  • Enable SNMP communication from STOR2RRD server to all LAN switches on port 161, UDP
    $ perl /home/stor2rrd/stor2rrd/bin/conntest_udp.pl 192.168.1.1 161
      UDP connection to "192.168.1.1" on port "161" is ok
    
  • Test SNMP communication (replace 192.168.1.1 by your one)
    $ export PATH=$PATH:/opt/freeware/bin
    $ snmpwalk -v 2c -c public 192.168.1.1 1.3.6.1.2.1.1.5
      SNMPv2-MIB::sysName.0 = STRING: cisco01
    
  • To monitor VLAN must be enabled on the switch this:
    $ interface vlan { vlan-id | vlan-range}
    
  • Assure you have enough of disk space, count about 2MB per each physical port in your switches

Configure LAN switches

  • Add switches into configuration from the UI:
    Settings icon ➡ LAN switches ➡ New ➡ Vendor:device ...
    Storage management

  • SNMP v3 support with enhanced authorization parameters

  • Check switch connectivity
    $ cd /home/stor2rrd/stor2rrd
    $ ./bin/config_check.sh 192.168.1.1
      =========================
      SWITCH: 192.168.1.1
      =========================
      Type         : Cisco
      DestHost     : 192.168.1.1
      Version SNMP : 2c
      Community    : public
      SNMP port    : not defined! Used SNMP default port "161"!
      Switch name  : cisco01
      STATE        : CONNECTED!
    
    If you run above script without any parameter then it checks all configured switches.

  • Schedule to run LAN agent from stor2rrd crontab (lpar2rrd on Virtual Appliance, it might already exist there)
    $ crontab -l | grep load_lanperf.sh
    $
    
    Add if it does not exist as above
    $ crontab -e
    
    # LAN agent
    0,5,10,15,20,25,30,35,40,45,50,55 * * * * /home/stor2rrd/stor2rrd/load_lanperf.sh >/home/stor2rrd/stor2rrd/logs/load_lanperf.out 2>&1
    
    Assure there is already an entry with the UI creation running once an hour in crontab
    $ crontab -e
    
    # STOR2RRD UI (just ONE entry of load.sh must be there)
    5 * * * * /home/stor2rrd/stor2rrd/load.sh > /home/stor2rrd/stor2rrd/load.out 2>&1
    
  • Let it run for 15 - 20 minutes, then re-build the UI by:
    $ cd /home/stor2rrd/stor2rrd
    $ ./load.sh html
    
  • Go to the web UI: http://<your web server>/stor2rrd/
    Use Ctrl-F5 to refresh the web browser cache.

It being beta tested, expected release end of July 2022.
Anyone willing to beta test it? Contact us at support@stor2rrd.com.

SANnav install docu