Installation as a Virtual Machine - BlueCat Infrastructure Assurance

We strongly recommend that you check and ensure that you meet the minimum system requirements outlined below, and understand the requirements. If you are already familiar with the Installation process, you can skip ahead to Getting Started.

Note: You can launch LiveAssurance Virtual Appliances (v9.0.0 and greater) by using Amazon Machine Images (AMIs). For details, see Launch LiveAssurance Virtual Appliances in AWS.

Installation

The LiveAssurance OVA is used for deploying the system in virtualization environments as a virtual appliance.

You can access the Download page to download the LiveAssurance OVA. You can then supply the downloaded OVA to your virtualization environment’s administrator for deployment.

For VMware, install the OVA using vCenter.

The LiveAssurance .OVA file is preconfigured to launch with 8 GB of RAM, 6 Cores and 200 GB of hard drive space. A new install of the LiveAssurance Virtual Lab will use ~3.19 GB. For a live production environment, we recommend the use of a minimum of 8GB of RAM for up to 20 devices.

Note: As you continue to use the LiveAssurance server memory on the volume will start to increase, so it is best to monitor memory usage as you go. If you run a virtualized LiveAssurance environment and max out your system resources, you may encounter severe performance issues.

Installing LiveAssurance on a Virtual Instance

When you launch the LiveAssurance Server, you should see the following services start:
- indeni-backup
- indeni-cognito
- indeni-collector
- indeni-ds
- indeni
- indeni-vigile
- indeni-walt
Once the instance launches, log in with User: indeni and Password: indeni4it:

Note: In production environments, it is highly recommended that users change the default password after logging in, using the passwd command. But do not forget it because BlueCat Customer Care cannot reset or recover your password after it has been changed.
Once you have logged in, a prompt appears, asking you to confirm whether you want to proceed with the Configuration Wizard, as shown in the following image. Type y to proceed. This wizard will enable you to configure various network and system settings.
Once the Configuration Wizard continues, you can configure the following:
```
1) Configure Network Interface
2) Configure NTP servers
3) Configure Proxy
4) Change Timezone
5) Change HostName
0) Quit
```
Type the number corresponding to the option you want to proceed with:

(1) Network Interface: Configure the static IP network settings by providing the following values: address, netmask, gateway, dns-nameservers

(2) NTP: Change the server’s NTP server.
(3) Proxy: If you manage your own network, then input the appropriate settings for Proxy, if necessary. On all firewalls that are currently running:
- Open port 443 to enable the web UI to be served over HTTPS.
- Depending on your use case, open port 8443 to enable the LiveAssurance server to ingest metrics sent directly to it.
- Depending on your use case, open port 8989 to enable the configuration dashboard to be served for verifying ingress-related configurations.
(4) Timezone: Change the server’s timezone and make sure the virtual machine clock is correct.

(5) Host Name is optional.

(0) Quit: Once you have your preferred settings, type 0 to exit the setup.
Note: It is best practice to also check the system time on Debian since issues may occur if times are not in sync.
- To check the system time, type date +'%:z %Z'
- To reset the timezone, type sudo dpkg-reconfigure tzdata
Note: To access the configuration after initial setup, type isetup.
After you exit the Configuration Wizard, you should see the currently installed versions. It is okay if the versions differ on your system, the process is still the same.

The following image shows an example of the currently installed packages and their versions that are displayed:

Note: LiveAssurance will not work properly if the collector and server versions do not match.
Typing imanage [enter] will take you to LiveAssurance tools, where you can perform the following functions:

(1) Display installed Indeni packages

(2) Upgrade all installed Indeni packages

(3) Restart Indeni services

(4) Change Indeni source packages

(5) Enable/DisabIe watchdog

(6) Send logs to Indeni technical support

(7) Backup & Restore

(8) Set Cold Standby Server

(9) Setup DataDog integration

(0) Quit

The most common option will be (6) to send logs to BlueCat Customer Care. It is not recommended to Restart LiveAssurance services without being directed to; doing so can disrupt device interrogation.
Next, in the command line, type ip a to find the IP address that was assigned to the virtual machine. It should be assigned to either eth0, or the equivalent network interface on the client machine (if eth0 does not exist). Once you have the IP address, make sure to take note of it.
Launch a browser and enter the following into the address bar ([YOUR-IP] is the IP address assigned to your virtual machine, as obtained in Step 7):

https://[YOUR-IP]/

The following image shows an example:
If you’re using Chrome, click Advanced and Proceed.

You should be presented with the login page, as shown in the following image. The default login credentials are Username: admin and Password: admin123!

Congratulations! You have now successfully set up your LiveAssurance Virtual Lab!

The GUI displays a message indicating that you are now ready to add devices to monitor, as shown in the following image.

The Add Devices button which can be clicked to add devices for monitoring.

Launch LiveAssurance Virtual Appliances in AWS

You can launch LiveAssurance Virtual Appliances (v9.0.0 and greater) by using Amazon Machine Images (AMIs).

Procedure:

Restore the compressed image from S3 as an AMI:
Run the following command by using either AWS CloudShell or AWS CLI:
Note: The following is a sample command. You must use the correct LiveAssurance version in the filename of the image and a name you want to assign to the restored image.
```
aws ec2 create-restore-image-task \
    --object-key amis/bcia-server-<version>.bin \
    --bucket indeni-public \
    --name "New AMI Name"
```
For example:
```
aws ec2 create-restore-image-task \
    --object-key amis/bcia-server-25.1.2.3.bin \
    --bucket indeni-public \
    --name "BCIA Server 25.1.2.3"
```
AWS fetches the compressed image from the S3 bucket and restores it as an AMI in the us-east-1 region. To use the AMI in a different region, you must copy it from the source region (us-east-1) to the target region.
Once the AMI is available, launch an EC2 instance from the restored AMI:
For successfully launching an EC2 instance, ensure that you do the following from the launch instance wizard in the AWS Console:
- You must select the correct LiveAssurance AMI that corresponds to the image name ("New AMI Name" in step 1).
- BlueCat recommends a minimum EC2 instance type and disk space of t3.2xlarge and 200 GB, respectively.
- In the Key pair (login) section, you must set an SSH key. You will use this key when you first connect to the LiveAssurance EC2 instance via SSH.
- By default, this SSH key will be set for the admin user. After you first login as the admin user, switch to the indeni user and set an SSH key for the indeni user; indeni is the recommended user for managing the LiveAssurance services in the LiveAssurance EC2 instance. Use the following procedure:
1. When you first log in: Log in to the EC2 instance as the admin user via SSH by using the SSH key that you set previously.
2. Use the following commands to switch to the indeni user and to assign ownership of the .ssh directory to the indeni user:
```
sudo su indeni
sudo cp -r /home/admin/.ssh /home/indeni
sudo chown -R indeni:indeni .ssh
```
3. Exit the SSH session.
4. Log back in as the indeni user by using the SSH key with which you launch the EC2 instance.

Installation as a Virtual Machine - BlueCat Infrastructure Assurance - 26.1.0

BlueCat LiveAssurance User Guide

Installation

Installing LiveAssurance on a Virtual Instance

Launch LiveAssurance Virtual Appliances in AWS