A deployment strategy is the most comprehensive approach before introducing a network monitoring service to your environment. The deployment strategy for SolarWinds Server & Application Monitor (SAM) should identify what should be monitored, then prepare servers, devices, and applications (nodes) to be imported into SolarWinds SAM.
Procedures in this chapter are not required pre-deployment, as it is possible after deployment to populate SolarWinds SAM with nodes; however, it is recommended. Even after deployment, you should still enable and configure advanced monitoring services on your vital nodes.
SolarWinds SAM uses three types of protocols to poll management data:
Simple Network Management Protocol (SNMP): This is the most common network management service protocol. To utilize it, SNMP must be enabled and an SNMP community string must be assigned on the server, device, or application. The community string is essentially a password that is sent between a node and SolarWinds SAM. Once the community string is set and assigned, the node is permitted to expose management data to SolarWinds SAM, in the form of variables. Currently, there are three versions of SNMP: v1, v2c, and v3.
Windows Management Instrumentation (WMI): This has added functionality by incorporating Windows specific communications and security features. WMI comes preinstalled on Windows by default but is not automatically enabled and configured. WMI is not exclusive to Windows server platforms; it comes installed on all modern Microsoft operating systems, and can also be used to poll desktop operating systems, such as Windows 7.
Internet Control Message Protocol (ICMP): This is the most basic of the three; it simply sends echo requests (pings) to a server or device for status, response time, and packet loss. SolarWinds SAM uses ICMP in conjunction with SNMP and WMI. Nodes can be configured to poll with ICMP exclusively, but you miss out on CPU, memory, and volume data. Some devices can only be polled with ICMP, although in most instances you will rarely use ICMP exclusively.
This chapter will explain how to prepare for SolarWinds SAM deployment, by enabling and configuring network management services and protocols on:
Windows servers
VMware hosts
Common network devices
Procedures listed in this section will explain how to enable SNMP and then assign a community string, on Windows Server 2008 R2.
Note
All Windows server-related procedures in this book are performed on Windows Server 2008 R2. Procedures vary slightly in other supported versions.
This procedure explains how to install the SNMP service on Windows Server 2008 R2.
Log in to a Windows server.
Navigate to Start Menu | Control Panel | Administrative Tools | Server Manager.
Select Features and click on Add Features.
Check SNMP Services, then click on Next and Install.
Click on Close.
This procedure explains how to assign a community string on Windows 2008 R2, and ensure that the SNMP service is configured to run automatically on start up.
Log in to a Windows server.
Navigate to Start Menu | Control Panel | Administrative Tools | Services.
Double-click on SNMP Service.
On the General tab, select Automatic under Startup type.
Select the Agent tab and ensure Physical, Applications, Internet, and End-to-end are all checked under the Service area.
Optionally, enter a Contact person and system Location.
Select the Security tab and click on the Add button under Accepted community names.
Enter a Community Name and click on the Add button. For example, we used
S4MS3rv3r
. We recommend using something secure, as this is a password.Tip
READ ONLY community rights will normally suffice. A detailed explanation of community rights can be found on the author's blog: http://justinmbrant.blogspot.com/
Next, tick the Accept SNMP packets from these hosts radio button.
Click on the Add button underneath the radio buttons and add the IP of the server you have designated as the SolarWinds SAM host.
Once you complete these steps, the SNMP Service Properties Security tab should look something like the following screenshot. Notice that we used 192.168.1.3, as that is the IP of the server where we plan to deploy SolarWinds SAM.
Procedures in this section will ensure accessibility to WMI information by first enabling the service, followed by an outline of the creation process for a WMI service account.
The following steps will ensure that the WMI service is always running:
Log in to a Windows server or desktop.
Navigate to Start Menu | Control Panel | Administrative Tools | Services.
Check to see if the Windows Management Instrumentation service is running.
If it is not running, right-click on the Windows Management Instrumentation service and select Properties.
On the General tab, select Automatic under Startup type.
If necessary, click on the Start button, to start the service.
Click on OK.
This procedure explains how to create an Active Directory (AD) user account, to act as a service account; used for SolarWinds SAM to poll your devices via WMI. These credentials will be used during and after SolarWinds SAM deployment.
Log in to a Domain Controller (DC) and launch AD.
Navigate to Start Menu | Control Panel | Administrative Tools | Active Directory Users and Computers.
Click on the Users container, or a container of your choice.
Navigate to Actions | New | User.
Choose a User logon name. For example, we used
SAMWMI
.Click on Next.
Choose a secure password.
It is convenient to select Password never expires.
Tip
It can be troublesome if a service account's password expires. If you choose for the password to expire, then we recommend setting up a calendar reminder to notify you when the service account password is nearing expiration, and then make the necessary adjustments to the account and to SolarWinds SAM.
This service account will have domain administrator privileges; make sure the password is very secure.
Click on Finish.
Double-click on the new user.
Select the Member Of tab.
Click on the Add button.
Type
Domain Admins
and click on the Check Names button. As shown in the following screenshot, if successful, Domain Admins will now be underlined.Click on OK to save and close the Select Groups window.
Click on OK to save and close the Properties window.
Tip
We do not recommend using your own domain admin account, or any user account, for WMI authentication. Security is the primary reason. Your account may also become locked out due to failed password attempts, or your password may need to be changed, consequently breaking the SolarWinds WMI polling functionality.
This procedure is the easiest approach to quickly begin utilizing WMI for polling purposes.
Once you have worked your way through this book, and have SolarWinds SAM configured to your liking, we recommend that you research and implement one of the more complex (secure) methods.
Note
Procedures for creating an unprivileged WMI service account are referenced on the author's blog: http://justinmbrant.blogspot.com/
This section discusses configuring your Virtual Machine Hosts (VMHost) for SolarWinds SAM integration. Procedures will outline how to enable Secure Shell (SSH) and SNMP on a VMHost, and then walk through the creation process of a VMware service account.
Tip
Ideally, you should also monitor each virtual server within a VMHost via SNMP or WMI. VMware Tools should be installed on all virtual servers. Note that the free version of VMware ESXi does not support SNMP.
There are a variety of ways to enable and configure SNMP on a VMHost. We will explain two methods, which should cover most VMHost types and versions. The first method only applies to VMware ESXi 5.1 and explains how to remotely enable SNMP via SSH. The second method involves logging in to the VMHost console itself, and should translate well to most versions.
There are two parts to this method; first we will enable SSH on the VMHost, and then use PuTTY to connect to the host and edit its snmp.xml
file.
Note
PuTTY is a free open source terminal emulator that supports network protocols, such as SSH, SCP, Telnet, and rlogin. We will be using SSH in this procedure. Download PuTTY from the following URL: http://www.putty.org/
The following steps explain how to enable SSH and open the firewall to allow SSH connections.
Launch the vSphere Client and log in with administrator credentials, such as
root
.Click on the Inventory icon in the Inventory panel.
In the left panel, select the host.
Click on the Configuration tab.
Click on Security Profile in the Software panel.
Click on Properties in the Services section.
Select SSH in the Service Properties window.
Click on the Options button and select one of the following:
Start and stop manually: This enables temporary SSH access.
Start and stop with host: This enables SSH indefinitely. There are security implications to consider when enabling this feature.
Click on OK at the SSH Options window and the Service Properties window.
While still on the Configuration tab, select Properties in the Firewall section.
Check the box under Required Services | Secure Shell | SSH Server.
With SSH Server still selected, click on the Firewall button.
Select Allow connections from any IP address radio button and click on OK.
Click on OK at the Firewall Properties window.
The following steps explains how to use PuTTY to connect to the host and edit its snmp.xml
file.
Run
putty.exe
.Note
The author assumes that the reader is familiar with PuTTY. A detailed tutorial for its use is beyond the scope of this book. For a PuTTY tutorial, visit the author's blog at http://justinmbrant.blogspot.com/.
Connect to your VMHost. A command line window will appear.
Enter your
root
login credentials.Click on Yes if you see a PuTTY Security Alert.
Navigate to the VMware folder:
~ # cd /etc/vmware /etc/vmware #
List folder contents to ensure
snmp.xml
is available:/etc/VMware/ # ls
Edit
snmp.xml
using vi editor:/etc/VMware # vi snmp.xml
You will see a single line; press I to enter the edit mode and use the arrow keys to navigate.
Enable SNMP by changing
false
totrue
between<enable>
and</enable>
.Assign the community string by entering one between
<communities>
and</communities>
. For example, we used S4MVMH0st!Press Esc and type
:wq
to save and quit. If you made a mistake, type:q!
to quit without saving, and repeat steps 6 through 12.Restart the host daemon:
/etc /VMware/ # cd ~ # /etc/init.d/hostd restart watchdog-hostd: Terminating watchdog process with PID 201623 hostd stopped. hostd started.
This method explains how to enable SNMP via the VMware ESXi console, by directly logging in to the VMHost server.
Go to the ESXi console on the server itself, that is, not remote.
Press Alt + F1 to access the hidden console.
If using ESXi 5.1, then skip to step 6.
If using versions prior to ESXi 5.1 then type
unsupported
in the hidden console and press Enter.You will see Tech Support Mode warning.
Type the
root
Login Credentials.Now follow steps 6 to 12 outlined in the Part 2 of 2 – enabling and configuring SNMP using PuTTY section.
Before SolarWinds SAM can start polling a VMHost, a service account should be created for it to use, opposed to using the root credentials. The following procedure will explain how to create a VMware service account, to pass along to SolarWinds SAM.
Launch the vSphere Client and log in with administrator credentials, such as
root
.Click on Ignore if you are prompted with an untrusted SSL certificate warning.
In the left panel select the host.
Select the Local Users & Groups tab in the right panel
On the Add New User window:
Enter both a Login and a User Name. For example, we used
SAMVMHOST
.Enter and confirm a Password.
Click on OK.
Select the Permissions tab.
Right-click within the right panel, and then select Add Permission.
On the Assign Permissions window, click on Add.
Click on the Add button.
Select the user you just created and click on Add, then click on OK on the Select Users and Groups window.
Under the Assigned Role area, select Read-only and then click on OK on the Assign Permissions window.
Switches, routers, and firewalls should also be monitored, as they are crucial to the uptime of a network. This section covers command line procedures to enable and configure SNMP on some common Cisco devices.
Due to a wide range of manufactures and models, with varying configurations, your organization may use devices that are not listed in procedures referenced in this section. If that is the case, you should consult the manufacturer's website or user's manual.
Tip
Most vendors (including Cisco) ship equipment with these default SNMP community strings:
public
for read-onlyprivate
for read-writesecret
for read-write-all
It is important to change these defaults due to security implications.
This procedure explains how to enable and configure SNMP on a Cisco 3550 switch running IOS version 12.1(20)EA1a.
Telnet to the switch (replace
192.168.1.230
with your switch IP):C:\>telnet 192.168.1.230
The Password field will appear. Enter the switch administrator password.
Type
enable
at the prompt and enter the enable password:3550>enable Password: 3550#
Enter the configuration terminal:
3550#configure terminal Enter configuration commands, one per line. End with CTRL/Z. 3550(config)#
Enable the read-only community string:
3550(config)#snmp-server community S4MCisco3550SW1 RO
In this example, S4MCisco3550SW1 is the SNMP community string. You should choose your own community string.
To assign read-write rights, simply change
RO
toRW
.
Designate SolarWinds SAM as the host network monitoring service:
3550(config)#snmp-server host 192.168.1.3 version 2c S4MCisco3550SW1
Exit the configuration terminal to save, and then verify the new SNMP community string:
3550(config)#exit 3550#show running-configuration
This procedure explains how to enable and configure SNMP on Cisco router; it is also applicable to a Cisco IOS software-based XL Catalyst Switch.
Telnet to the router (replace
192.168.1.1
with your router IP):prompt#telnet 192.168.1.1
Type
enable
at the prompt and enter the router administrator password:Router>enable Password: Router#
Display the running configuration to review the current SNMP information:
Router#show running-config Building configuration... .... ....
Enable the configuration mode:
Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#
Enable the read-only community string:
Router(config)#snmp-server community public RO
In this example,
public
is the SNMP community string. You should change it to something more secure.In this example,
RO
specifies read-only rights. To assign read-write rights, simply replaceRO
withRW
.
Type
exit
to return to the main prompt:Router(config)#exit Router#
Type
write memory
, to save the settings:Router#write memory Building configuration... [OK] Router#
You have prepared your environment for a network monitoring service. Next, we will utilize these services and protocols by deploying and configuring SolarWinds SAM.
In this chapter, we successfully:
Enabled and configured SNMP and WMI on Windows Servers
Created a WMI service account
Enabled and configured SNMP and credentials on VMware ESXi
Created a VMware service account
Enabled and configured SNMP on common Cisco devices