Review Installation Requirements and Considerations

Review the following information before you install the product:
capm370
Review the following information before you install the product:
Operating System Requirements
DX NetOps Performance Management
supports the latest version of Red Hat 7.x unless otherwise specified.
The following operating systems were verified:
  • SUSE Linux Enterprise Server (SLES) 12 SP2
  • Oracle Linux (OL) 7.3 (Red Hat compatible kernel only)
The following Red Hat Enterprise Linux (RHEL), SLES, and OL versions were verified:
A RHEL installation offers packages and add-ons.
DX NetOps Performance Management
supports a Minimal Install environment for RHEL.
Release
Kernel
SLES 12.2
4.4.103
OL 7.3
3.10.0-514
RHEL 7.5
3.10.0-862
RHEL 7.4
3.10.0-693
RHEL 7.3
3.10.0-514
RHEL 6.9
2.6.32-696
RHEL 6.8
2.6.32-642
RHEL 6.7
2.6.32-573
RHEL 6.6
2.6.32-504
RHEL 6.8, 6.9, 7.3, or 7.4 are recommended for all
DX NetOps Performance Management
components.
DX NetOps Performance Management
does not support the following RHEL versions:
  • RHEL 5.x
  • RHEL 6.5 and lower
  • RHEL 7.0 - 7.2
  • RHEL kernel versions before 2.6.32.504
Root or Sudo User Access
Administrative privileges are required to install the software. Typically, the root users installs the software. In some environments, unrestricted root user access is not available.
If root user access is not available, configure a sudo user with access to a limited set of commands.
If you install the components with a sudo user account, add the
sudo
prefix to commands that require the same user as the service owner, such as restart commands and SSL set up.
User Interface Access Requirements
Supported Browsers
The following browsers are supported:
  • Microsoft Internet Explorer version 11
  • Microsoft Edge 42.x and later
  • Google Chrome 70.x and later
  • Mozilla Firefox 60.x and later
Other Requirements
  • The minimum supported screen resolution is 1280x1024.
Virtual and SAN Environment Requirements
Review the CA Support Statement for Running CA Infrastructure Management Products in Virtualization and SAN Environments document. This document discusses the policies for installing and operating Infrastructure Management products on virtualized servers or Storage Array Networks (SAN).
You must be logged in as a registered user to view documentation on CA Support Online.
Package Requirements
The installer for each component requires the following packages:
Components
Packages
All (SLES)
  • dialog
  • mcelog
  • zip
  • unzip
All (RHEL 7.x, OL)
  • dialog
  • mcelog
  • zip
  • unzip
  • chrony
All (RHEL 6.x)
  • dialog
  • mcelog
  • zip
  • unzip
  • glibc
Performance Center
(SLES)
  • fontconfig
  • libaio1
  • libnuma1
  • wget
Performance Center
(RHEL 6.x)
  • fontconfig
  • libaio
  • libaio-devel
  • numactl
  • wget
Performance Center
(RHEL 7.x, OL)
  • fontconfig
  • libaio
  • libaio-devel
  • numactl-libs
  • wget
Data Repository (RHEL 6.x, RHEL 7.x, SLES, OL)
  • bc
  • pstack
  • gstack
For RHEL 7.x, the
pstack
and
gstack
packages are included in the
gdb
package.
Data Collectors (RHEL 6.x, RHEL 7.x, SLES, OL)
  • at
Common Considerations
  • Install each component on a separate system.
  • Verify that all your servers meet the minimum requirements and sizing guidelines.
    You can provide high availability for your data, future scalability, and best end-user experience, by deploying your Data Repository as a cluster.
    For information about the sizing requirements, see the
    DX NetOps Performance Management
    Sizing Tool
    .
    If the sizing tool recommends a low-scale deployment, see Install a Low-Scale System.
  • If you plan to stand up
    DX NetOps Performance Management
    in the cloud, see Review Cloud Sizing Guidelines.
  • Time synchronization using NTP is required. Start the NTP daemon on Linux if it is not running. All machines must use the same NTP server.
Except for anti-virus, system management, and time-synchronization software, do not install third-party software, especially third-party network monitoring software, on the same server as
DX NetOps Performance Management
components. Third-party software can interfere with the monitoring abilities of the CA system, and could void the warranty.
If you install third-party software on a CA system, CA Support might ask you to uninstall this software before troubleshooting an issue on the server.
Multi-tenant Deployment Considerations
In a multi-tenant deployment, note the following information:
  • The data aggregator is shared between tenants. The information for each tenant is secure and other tenants cannot view this information.
  • In a standard tenant deployment, each tenant has a dedicated data collector. A tenant can have more than one data collector. For multiple tenants that reside in the same IP routing space,
    DX NetOps Performance Management
    can be configured to use fewer data collectors.
    For more information, see Tenant-Agnostic Data Collectors.
  • Where a managed service provider is monitoring devices for multiple tenants, you can install Data Collector at the MSP site.
    This setup requires the Data Collector to gain access through a tenant firewall to poll the devices that are being managed.
Firewall and Connectivity Considerations
For
DX NetOps Performance Management
to work properly in a firewall-protected environment, certain ports must be open.
The following diagram shows the required ports for a hardened environment with a single Data Aggregator:
Port_Diagram
Port_Diagram
Open the following ports to allow
DX NetOps Performance Management
communications to function properly. For more information, see Prepare to Install Performance Center.
Throughout the documentation 8182, 8382, 8582, 61617, 61619, 61621, and 61623 appear as suggested port numbers for secured communications. In the instances where these ports appear, you are free to use any value you want as long as no other processes are using it.
For more information about individual data sources, see the appropriate product documentation.
From
To
Port [Function]
Performance Center
services
Performance Center
  • TCP 3306
    Enables communications to the MySQL database (inbound) from the
    Performance Center
    services.
  • TCP/HTTP 8481
    Enables communications between the Device Manager and Console services.
  • TCP/HTTPS 8182
    This port is the default port for
    Performance Center
    if configured using the HTTPS documentation.
    For more information, see Configure the Port and Website for HTTPS.
User client computers
Performance Center
If you put the application behind a firewall, and you want customers to access only the user interface, open the following ports to the world:
  • TCP/HTTP 8181
    Enables communications between client computers and the
    Performance Center
    server.
  • TCP/HTTP 8381
    Enables communications between client computers and the
    Performance Center
    server. Also enables login using the single sign-on authentication component.
For secured communications, use the following ports instead of 8181 and 8381:
User client computers
Data Aggregator
  • TCP/HTTP 8581
    Allows for OpenAPI access.
    Opening this port exposes the rest of the Data Aggregator services.
  • TCP/HTTPS 8582
    Allows for secure OpenAPI access.
    Opening this port exposes the Data Aggregator REST services. Open only for clients that require direct access to the Data Aggregator services for administrative and automation purposes.
User client computers
Proxy Server
  • TCP/HTTP 8581
    Allows for OpenAPI access in a fault tolerant environment.
    Opening this port exposes the Data Aggregator REST services. Open only for clients that require direct access to the Data Aggregator services for administrative and automation purposes.
  • TCP/HTTP 8581
    Allows for secure OpenAPI access in a fault tolerant environment.
    Opening this port exposes the Data Aggregator REST services. Open only for clients that require direct access to the Data Aggregator services for administrative and automation purposes.
Proxy Server
Data Aggregator
  • TCP/HTTP 8581
    Allows for OpenAPI access in a fault tolerant environment.
    Opening this port exposes the Data Aggregator REST services. Open only for clients that require direct access to the Data Aggregator services for administrative and automation purposes.
  • TCP/HTTP 8581
    Allows for secure OpenAPI access in a fault tolerant environment.
    Opening this port exposes the Data Aggregator REST services. Open only for clients that require direct access to the Data Aggregator services for administrative and automation purposes.
Data Aggregator
Performance Center
  • TCP/HTTP 8281
    Enables communications between the Event Manager, which is installed automatically with the
    Performance Center
    software, and the Data Aggregator. The Data Aggregator initiates communication and pushes data through this port.
  • TCP/HTTP 8381
    Enables communication between the Data Aggregator and
    Performance Center
    for direct authentication of OpenAPI queries.
For secured communications, use the following ports:
  • TCP/HTTPS 8382
    If
    Performance Center
    is configured to use HTTPS, this port enables secured communication between the Data Aggregator and
    Performance Center
    for direct authentication of OpenAPI queries.
    For more information, see Configure the Port and Website for HTTPS.
Performance Center
Data Aggregator
  • TCP/HTTP 8581
    Enables synchronization with
    DX NetOps Performance Management
    for the Data Aggregator.
    Performance Center
    initiates communication and pulls data through this port.
For secured communications, use the following ports:
  • TCP/HTTPS 8582
    If the Data Aggregator is configured to use HTTPS, this port enables secured synchronization with
    DX NetOps Performance Management
    for the Data Aggregator.
    Performance Center
    initiates communication and pulls data through this port. For more information, see Configure the Port and Website for HTTPS.
Performance Center
Proxy Server
  • TCP/HTTP 8581
    In a fault tolerant environment, enables synchronization with
    DX NetOps Performance Management
    for the Data Aggregator.
    Performance Center
    initiates communication and pulls data through this port.
For secured communications, use the following ports:
  • TCP/HTTPS 8582
    If the Data Aggregator is configured to use HTTPS, this port enables secured synchronization with
    DX NetOps Performance Management
    for the Data Aggregator in a fault tolerant environment.
    Performance Center
    initiates communication and pulls data through this port.
    For more information, see Configure the Port and Website for HTTPS.
Performance Center
Network Flow Analysis
  • TCP/HTTP 80
    Enables synchronization with
    Network Flow Analysis
    to retrieve configuration data.
  • TCP/HTTP 8681
    Enables synchronization with
    Network Flow Analysis
    to retrieve device data.
Performance Center
CA Application Delivery Analysis
  • TCP/HTTP 80
    Enables synchronization with
    CA Application Delivery Analysis
    to retrieve configuration data.
  • TCP/HTTP 8681
    Enables synchronization with
    CA Application Delivery Analysis
    to retrieve device data.
CA Business Intelligence
Performance Center
  • TCP/HTTP 8181
    Enables communications between
    CA Business Intelligence
    and the
    Performance Center
    server.
For secured communications, use the following port instead of 8181:
Data Collector
Data Aggregator
  • TCP 8581
    Enables the simplified upgrade for Data Collectors.
    For more information, see Upgrade the Data Collectors.
  • TCP/AMQ 61616
    Enables only ActiveMQ traffic between the Data Collector and Data Aggregator.
  • TCP/AMQ 61618
    Enables poll response delivery traffic between the Data Collector and Data Aggregator.
  • TCP/AMQ 61620
    Enables distributed IREP traffic between the Data Collector and Data Aggregator.
  • TCP/AMQ 61622
    Enables large data transfers between the Data Collector and Data Aggregator.
    This port also enables the simplified upgrade for Data Collectors. For more information, see Upgrade the Data Collectors.
For secured communications, use the following ports instead of 61616, 61618, 61620, 61622:
The following ports are the default ports for Secure ActiveMQ communication if configured using the AMQ SSL documentation.
For more information, see Authenticate and Encrypt ActiveMQ Communication.
  • TCP/AMQ SSL 61617
    Enables only ActiveMQ secured communications between the Data Collector and Data Aggregator.
  • TCP/AMQ SSL 61619
    Enables poll response delivery secured communications between the Data Collector and Data Aggregator.
  • TCP/AMQ SSL 61621
    Enables distributed IREP secured communications between the Data Collector and Data Aggregator.
  • TCP/AMQ SSL 61623
    Enables secured large data transfers between the Data Collector and Data Aggregator.
Data Collectors
Devices
  • UDP 161
    Enables SNMP and ICMP connections to devices.
To enable ping during discovery and reachability checks, ICMP must be enabled on the devices and the network.
Data Aggregator
Data Repository
  • TCP/UDP 5433
    Enables communication between the Data Aggregator and the Data Repository for Java Database Connectivity.
Data Repository
Data Repository
  • TCP/SSH 22
    Enables Vertica administration tools and backup to run between nodes.
  • TCP/UDP 4803
    Enables spread communication between nodes.
  • TCP/UDP 5433
    Enables communication between the Data Aggregator and the Data Repository for Java Database Connectivity.
Open the following ports for the Vertica database:
  • UDP 4804
  • TCP 5434
  • UDP 6543
Data Repository
Backup Hosts
  • TCP 50000
    Enables the Data Repository host to access the custom rsync/ssh on the backup hosts.
Data Repository
Disaster Recovery Hosts
  • TCP 50000
    Enables the Data Repository host to access the custom rsync/ssh on the disaster recovery hosts.
Performance Center
  • TCP 8281
    For event integration, enables the
    OneClick server to communicate to the
    Performance Center
    host.
  • TCP 8481
    Enables the
    OneClick server to communicate to the Device Manager.
Performance Center
LDAP
  • TCP 389
    Enables Clear Text communication from the client to the LDAP server.
  • TCP 3268
    If you are using the global catalog for searches, enables communication from the client to the LDAP server.
Performance Center
LDAPS
  • TCP 636
    Enables encrypted and secure communication from the client to the Secure LDAP server.
  • TCP 3269
    If you are using the global catalog for searches, enables communication from the client to the Secure LDAP server.
Consul Servers (the proxy server, active data aggregator, inactive data aggregator)
Consul Servers (the proxy server, active data aggregator, inactive data aggregator)
  • TCP 8300
    In a fault tolerant environment, enables communication between the proxy server and the Data Aggregators.
  • TCP/UDP 8301
    In a fault tolerant environment, enables LAN communication between the proxy server and the Data Aggregators.
  • TCP 8500
    In a fault tolerant environment, enables communication between the proxy server and the Data Aggregators to the HTTP API.