• LPAR2RRD can be hosted on any Unix or Linux Operating system
• Perl: arbitrary version coming with the OS with some additional modules, more below
• Apache or any other Web server

Skip it in case of configuring Virtual Appliance
HW sizing

User creation

• create lpar2rrd user under root:

  # useradd -c "LPAR2RRD user" -m lpar2rrd
  # chmod 755 /home/lpar2rrd
  

• Increase limits for user lpar2rrd and the WEB server user (under root)
  • Linux

    # vi /etc/security/limits.conf
    
    lpar2rrd        hard    stack           -1
    lpar2rrd        soft    stack           -1
    lpar2rrd        hard    data            -1
    lpar2rrd        soft    data            -1
    lpar2rrd        hard    nofile          32768 
    lpar2rrd        soft    nofile          32768 
    lpar2rrd        hard    nproc           5000
    lpar2rrd        soft    nproc           5000
    
    apache          hard    stack           -1
    apache          soft    stack           -1
    apache          hard    data            -1
    apache          soft    data            -1
    

If you have already running STOR2RRD on the same host then skip to Web tab.

Linux RedHat, CentOS

• RHEL 8: enable the codeready-builder-for-rhel-8-*-rpms repository

  # ARCH=$( /bin/arch )
  # subscription-manager repos --enable "codeready-builder-for-rhel-8-${ARCH}-rpms"
  

• CentOS 8: enable the PowerTools repository

  # yum config-manager --set-enabled PowerTools
  or
  # dnf config-manager --set-enabled powertools
  

  You can also just open /etc/yum.repos.d/CentOS-Linux-PowerTools.repo with a text editor and set enabled= to 1 instead of 0
  
  
• RedHat, CentOS: all versions

  # umask 0022 
  # yum install perl rrdtool rrdtool-perl httpd mod_ssl
  # yum install epel-release
  # yum install perl-TimeDate perl-HTTP-Date perl-Env perl-CGI perl-Data-Dumper perl-LWP-Protocol-https perl-libwww-perl perl-Time-HiRes perl-IO-Tty
  # yum install perl-PDF-API2 perl-JSON-XS perl-XML-Simple perl-XML-NamespaceSupport perl-URI perl-XML-SAX-Base perl-XML-SAX perl-XML-LibXML
  # yum install ed bc libxml2 sharutil
  

  Follow this for installing perl-PDF-API2 on RHEL/CentOS 8
  Note that rrdtool-perl and epel-release (this is necessary only for PDF reporting) might not be in your RedHat base repository especially for RHEL 6.x and olders.
  Install CentOS package instead rrdtool-perl-1.4.8-9.el7.x86_64.rpm and epel-release-7-11.noarch.rpm
  
  

Linux Debian, Ubuntu

# umask 0022 
# apt-get install apache2 perl rrdtool ed bc
# apt-get install librrdp-perl libxml-sax-perl libxml-simple-perl libtimedate-perl libenv-sanctify-perl libcgi-pm-perl libdata-dumper-simple-perl libpdf-api2-perl libxml2-utils
# apt-get install liblwp-protocol-https-perl libcrypt-ssleay-perl libio-socket-ssl-perl libmozilla-ldap-perl libxml-parser-perl libjson-xs-perl

SuSE

# zypper install rrdtool perl-rrdtool apache2
# zypper install perl-TimeDate perl-XML-Simple perl-XML-SAX perl-XML-LibXML perl-CGI perl-LWP-Protocol-https perl-libwww-perl perl-IO-Tty
# zypper install perl-PDF-API2 perl-JSON-XS
# zypper install ed bc libxml2-2 sharutils

AIX

AIX is not supported by AWS SDK, use Linux for hosting of LPAR2RRD AWS monitoring

Solaris

# /opt/csw/bin/pkgutil -y -i pm_xml_simple pm_libxml_perl pm_xml_sax rrdtool

Troubleshooting

If you get error durring device connection test or in error log like:
• Missing LWP::Protocol::https
• Connection reset by peer
• SSL negotiation failed
then follow this docu to fix it

Skip it in case of configuring Virtual Appliance
Optional configuration of authorization in Apache. You can proceed it after Apache access works without authorization prompt as per below cfg.

Apache download

• Linux CentOS, RedHat

  # yum install httpd
  

• Linux Debian, Ubuntu

  # apt-get install httpd
  

Apache configuration

• Linux CentOS, RedHat
• Linux Debian, Ubuntu
• SuSE
• Apache 2.4+
• Apache 1.3 - 2.3
• SELinux disable
• Apache authorization (optional)

Apache start / restart

Command depends on Apache version, one of these should work:

# apachectl restart
# /opt/freeware/apache/sbin/apachectl restart
# /etc/init.d/httpd restart
# service apache2 restart

If you have firewall enabled then enable LPAR2RRD communication by:

# firewall-cmd --add-service=http --permanent
# firewall-cmd --add-service=https --permanent
# firewall-cmd --add-port=8162/tcp --permanent

# firewall-cmd --reload

Test web pages

Point your web browser to http://<your lpar2rrd host>/lpar2rrd/ as soon as you configure LPAR2RRD
Do not forget to ensure that Apache starts after the OS reboot (there must be a starting script in /etc/rc.... )

Apache configuration per platform and version

• Linux CentOS, RedHat

  
  Append at the end of /etc/httpd/conf/httpd.conf following

  # vi /etc/httpd/conf/httpd.conf
  
  AddHandler cgi-script .sh
  # DocumentRoot  "/home/lpar2rrd/lpar2rrd/www/"
  Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
  <Directory "/home/lpar2rrd/lpar2rrd/www/">
      AllowOverride 
      Options Indexes FollowSymLinks
      Require all granted
  </Directory>
  # CGI-BIN
  ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
  <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
      AllowOverride 
      SetHandler cgi-script
      Options ExecCGI FollowSymLinks
      Require all granted
  </Directory>
  

• Linux Debian, Ubuntu : Apache2 (2.4+)

  
  Enable CGI-BIN and optionally even SSL if it is required

  # a2enmod cgi
  # a2enmod ssl
  

  Append this at the end of /etc/apache2/apache2.conf

  # vi /etc/apache2/apache2.conf
  
  AddHandler cgi-script .sh
  Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
  <Directory "/home/lpar2rrd/lpar2rrd/www/">
      Options Indexes FollowSymLinks 
      Require all granted
  </Directory>
  # CGI-BIN
  ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
  <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
      AllowOverride None
      Options +ExecCGI +SymLinksIfOwnerMatch
      Require all granted
      SetHandler cgi-script
  </Directory>
  

• SuSE

  Append at the end of /etc/apache2/httpd.conf following

  # vi /etc/apache2/httpd.conf
  
  AddHandler cgi-script .sh
  Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
  <Directory "/home/lpar2rrd/lpar2rrd/www/">
      Options Indexes FollowSymLinks
      Require all granted
  </Directory>
  # CGI-BIN
  ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
  <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
      AllowOverride None
      Options +ExecCGI +SymLinksIfOwnerMatch
      Require all granted
      SetHandler cgi-script
  </Directory>
  

• Apache 2.4+ generally

  
  Configure httpd.conf, it might be in different locations (depends of distribution)
  • /etc/httpd/httpd.conf
  • /etc/httpd/conf/httpd.conf
  • /etc/opt/freeware/apache/httpd.conf (AIX)
  • /opt/freeware/etc/httpd/httpd.conf (AIX)
  • /opt/freeware/etc/httpd/conf/httpd.conf (AIX)
  • /etc/apache2/apache2.conf
  
  
  1. Verify alias_module and cgi_module is loaded (uncommented it, the path can be different)

     LoadModule alias_module /opt/freeware/lib/httpd/modules/mod_alias.so
     LoadModule cgi_module /opt/freeware/lib/httpd/modules/mod_cgi.so
     

  2. cgi_module could depend on mpm_prefork_module like here.
     Allow it as well (uncomment it) and disable mpm_worker_module, mpm_event_module

     LoadModule mpm_prefork_module /opt/freeware/lib/httpd/modules/mod_mpm_prefork.so
     # LoadModule mpm_worker_module /opt/freeware/lib/httpd/modules/mod_mpm_worker.so
     # LoadModule mpm_event_module modules/mod_mpm_event.so
     <IfModule mpm_prefork_module>
          LoadModule cgi_module /opt/freeware/lib/httpd/modules/mod_cgi.so
     </IfModule>
     

  3. Append this at the end of httpd.conf

     AddHandler cgi-script .sh
     Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
     <Directory "/home/lpar2rrd/lpar2rrd/www/">
         Options Indexes FollowSymLinks 
         Require all granted
     </Directory>
     # CGI-BIN
     ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
     <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
         AllowOverride None
         SetHandler cgi-script
         Options ExecCGI FollowSymLinks
         Require all granted
     </Directory>
     

     Sometimes appears necessary to remove "Require all granted" lines in both directives.
     
     

• Apache 1.3 - 2.3

  
  Configure httpd.conf, it might be in different locations (depends of distribution)
  • /etc/httpd/httpd.conf
  • /etc/httpd/conf/httpd.conf
  
  

  # vi /etc/opt/freeware/apache/httpd.conf
  
  Alias /lpar2rrd  "/home/lpar2rrd/lpar2rrd/www/"
  <Directory "/home/lpar2rrd/lpar2rrd/www/">
      Options Indexes FollowSymLinks 
      Order allow,deny
      Allow from all
  </Directory>
  # CGI-BIN
  ScriptAlias /lpar2rrd-cgi/ "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi/"
  <Directory "/home/lpar2rrd/lpar2rrd/lpar2rrd-cgi">
      AllowOverride None
      Options ExecCGI FollowSymLinks
      Order allow,deny
      Allow from all
  </Directory>
  

• SELinux changes

  
  You need to disable the SELinux service protection to be able to utilize basic web services.
  You must do it in case you get "(13)Permission denied:" in Apache error_log.
  You have 2 options:
  
  
  • Disable SELinux only for Apache

    Step 1. Query for the Boolean value you need to change:
    # getsebool -a | grep httpd_dis
      httpd_disable_trans --> off
    
    Step 2. Disable the SELinux protection:
    # setsebool -P httpd_disable_trans=1
    
    Step 3. Verify that the Boolean has changed:
    # getsebool -a | grep httpd_dis
      httpd_disable_trans --> on
    

  • Globally disable SELinux

    # setenforce Permissive
    # vi /etc/sysconfig/selinux
      SELINUX=disabled
    

  Follow SELinux configuration in case you want to enable SELinux with our tools
  
  

Skip it in case of configuring Virtual Appliance

Install LPAR2RRD server

• Download the latest LPAR2RRD server
  Upgrade your already running LPAR2RRD instance.
  
  
• Install it:

  # su - lpar2rrd
  $ tar xvf lpar2rrd-7.XX.tar
  $ cd lpar2rrd-7.XX
  $ ./install.sh
  $ cd /home/lpar2rrd/lpar2rrd
  

• Schedule to run it from lpar2rrd crontab (it might already exist there)
  

  $ crontab -l | grep load.sh
  $
  

  Add if it does not exist as above

  $ crontab -e
  
  # LPAR2RRD UI
  0,30 * * * * /home/lpar2rrd/lpar2rrd/load.sh > /home/lpar2rrd/lpar2rrd/load.out 2>&1 
  

  Assure there is just one such entry in crontab.
  
  
• You might need to add lpar2rrd user into /var/adm/cron/cron.allow (/etc/cron.allow on CentOS 8) if crontab command fails
  Allow it for lpar2rrd user as root user.

  # echo "lpar2rrd" >> /var/adm/cron/cron.allow
  

• Assure you have a cron job for Kubernetes is in place (upgrade script might do it automatically) Skip it on the Virtual Appliance, it is already there.

  $ crontab -l | grep "load_openshift.sh"
  $
  

  Add it if it does not exist like above

  $ crontab -e
  
  # RedHat OpenShift support
  0,20,40 * * * *  /home/lpar2rrd/lpar2rrd/load_openshift.sh > /home/lpar2rrd/lpar2rrd/load_openshift.out 2>&1 
  

• Initial start from cmd line:

  $ cd /home/lpar2rrd/lpar2rrd
  $ ./load.sh
  

• Go to the web UI: http://<your web server>/lpar2rrd/
  Use Ctrl-F5 to refresh the web browser cache.

Troubleshooting

• If you have any problems with the UI then check:
  (note that the path to Apache logs might be different, search apache logs in /var)

  tail /var/log/httpd/error_log             # Apache error log
  tail /var/log/httpd/access_log            # Apache access log
  tail /var/tmp/lpar2rrd-realt-error.log    # STOR2RRD CGI-BIN log
  tail /var/tmp/systemd-private*/tmp/lpar2rrd-realt-error.log # STOR2RRD CGI-BIN log when Linux has enabled private temp
  

• Test of CGI-BIN setup

  umask 022
  cd /home/lpar2rrd/lpar2rrd/
  cp bin/test-healthcheck-cgi.sh lpar2rrd-cgi/
  

  go to the web browser: http://<your web server>/lpar2rrd/test.html
  You should see your Apache, LPAR2RRD, and Operating System variables, if not, then check Apache logs for connected errors

OpenShift console install

The instructions below are for installation via OpenShift console, as an option you can use Kubectl command line installation.

Create a lpar2rrd service account

You can choice whatever else account name than lpar2rrd.

Insert content below:

    apiVersion: v1
    kind: ServiceAccount
    metadata:
      name: lpar2rrd
      namespace: default
  

Click on "lpar2rrd-token-xxxxx" under to "Secrets"
Copy lpar2rrd token

Create a lpar2rrd role

Insert content below:

    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRole
    metadata:
      name: lpar2rrd
    rules:
    - apiGroups: ["","metrics.k8s.io","apps","config.openshift.io","machine.openshift.io","machineconfiguration.openshift.io","monitoring.coreos.com","project.openshift.io","route.openshift.io","storage.k8s.io"]
      resources: ["*"]
      verbs: ["get", "watch", "list"]
    - nonResourceURLs: ["/metrics"]
      verbs: ["get"]
  

Create a lpar2rrd role binding

Select Binding type "Cluster-wide Role Binding", type the role binding name to "lpar2rrd" and select Role Name "lpar2rrd" Select Subject "Service Account" and type "lpar2rrd" as Subject Name

Configure RedHat OpenShift in LPAR2RRD

• Open network connection to the RedHat OpenShift from LPAR2RRd server.
  If it is in Google Cloud then port 443, if it is in Kubernetes then port 6443.
  
  
• LPAR2RRD UI ➡ Settings icon ➡ RedHat OpenShift ➡ New
  
  
• Make sure cron job for OpenShift is in place (upgrade script might do it for you automatically)
  Skip this step if you install the Virtual Appliance - it is already taken care of.

    $ crontab -l | grep "load_openshift.sh"
    $
    

  Add following lines to crontab if necessary

    $ crontab -e
  
    # Openshift support
    0,20,40 * * * *  /home/lpar2rrd/lpar2rrd/load_openshift.sh > /home/lpar2rrd/lpar2rrd/load_openshift.out 2>&1
    

• Wait 30 minutes and then go to the web UI: http://<your web server>/lpar2rrd/
  Use Ctrl-F5 to refresh the web browser cache.

There were some major enhancements recently, ideally upgrade to LPAR2RRD v7.31-13 (in case there is not yet released v7.40).

Kubectl install

The instructions below are for installation via the kubectl command line as an option to OpenShift console installation

Create a lpar2rrd service account

You can choice whatever else account name than lpar2rrd.

  $ kubectl create serviceaccount lpar2rrd
  

Create a clusterrole

Create file ClusterRole with this content:

  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRole
  metadata:
    name: lpar2rrd
  rules:
  - apiGroups: ["","metrics.k8s.io","apps","config.openshift.io","machine.openshift.io","machineconfiguration.openshift.io","monitoring.coreos.com","project.openshift.io","route.openshift.io","storage.k8s.io"]
    resources: ["*"]
    verbs: ["get", "watch", "list"]
  - nonResourceURLs: ["/metrics"]
    verbs: ["get"]
  

Apply it by:

  $ kubectl apply -f ClusterRole.yml
  

Create a clusterrolebinding

Create file ClusterRoleBinding.yml with this content:

  apiVersion: rbac.authorization.k8s.io/v1
  kind: ClusterRoleBinding
  metadata:
    name: lpar2rrd
  subjects:
  - kind: ServiceAccount
    name: lpar2rrd
    namespace: default
  roleRef:
    apiGroup: rbac.authorization.k8s.io
    kind: ClusterRole
    name: lpar2rrd
  

Apply it by:

  $ kubectl apply -f ClusterRoleBinding.yml
  

Get lpar2rrd token

  $ kubectl get serviceaccounts lpar2rrd -o yaml
  

  $ kubectl describe secret lpar2rrd-token-fkkxp   
  

Get cluster endpoint

  $ kubectl config view
  

Configure RedHat OpenShift in LPAR2RRD

• LPAR2RRD UI ➡ Settings icon ➡ RedHat OpenShift ➡ New
  
  
• Make sure cron job for OpenShift is in place (upgrade script might do it for you automatically)
  Skip this step if you install the Virtual Appliance - it is already taken care of.

    $ crontab -l | grep "load_openshift.sh"
    $
    

  Add following lines to crontab if necessary

    $ crontab -e
  
    # Openshift support
    0,20,40 * * * *  /home/lpar2rrd/lpar2rrd/load_openshift.sh > /home/lpar2rrd/lpar2rrd/load_openshift.out 2>&1
    

• Wait 30 minutes and then go to the web UI: http://<your web server>/lpar2rrd/
  Use Ctrl-F5 to refresh the web browser cache.